LSEC - Leaders in Security

Security Hardening 2012 - part 2

Sequel to the successful Security Hardening Events of October and February, LSEC and its partners are organizing the next quarterly Security Hardening seminar on June 7th, 2012.

“Security Hardening” means to explore the possibilities of improving the IT and Information Security architectures and systems.
During these seminars, it became obvious that most of the topics were very complementary and gave an interesting viewpoint on how to improve security measures within companies.

Outline

This seminar is mainly intended to companies and government departments already having a security environment, and interested in finding out about new solutions, new approaches and ways to improve their security infrastructure. Security Hardening in this case meant to increase the level of security on different aspects and components of your environment. This would have been be either from a network security perspective, a database and application perspective or increasing the granularity and scope of your data protection technologies. With the hardening was also understood ways and procedures to improve security management as a whole.

All together, we’ve explored how to grow from the typical 80% of managed IT and information security risks to upgrade to 90% or and to understand the complexities, costs and resources necessary to this upgrade path.

9.00h : welcome coffee & registrations

9.30h : Introduction, Security Hardening 2012 part 2 - an overview of hardening by Ulrich Seldeslachts, CEO LSEC

9.45h :  How to overcome “blind spots” created by virtualization, by Bjorn de Jong; Net Optics International Business Development EMEA & LAM

Abstract : Virtualization is delivering many advantages to companies and datacenters. Along with the advantages, virtualization can also become a significant threat. The Phantom Virtual Tap software delivers total visibility of inter-VM traffic passing between virtual servers and reveals previously invisible traffic for superior security, regulatory compliance, and manageability.

About : Bjorn has been active in the IT business since 1998, primarily in network management and security solutions (Network General, NetIQ, Visual, Black Ice/ISS etc). Since 2004 his focus has been on Data Access solutions from Net Optics, Gigamon and Network Critical. Net Optics is the leading provider of Intelligent Access and Monitoring Architecture solutions that deliver real-time IT visibility, monitoring and control. More than 7,000 enterprises, service providers and government organizations—including 85 percent of the Fortune 100—trust Net Optics’ comprehensive solutions to plan, scale and future-proof their networks.

10.20h :  Data Leak, by Bernard Francis, Security Practice Manager, Bull Services and Solutoins

Intellectual property thefts around the world have a cost of around 10 billion €/year to businesses as a whole, without counting the several more billion € /year losses for industrial espionage that businesses suffer. As a matter of fact, “Knowledge” thefts are among the most common attacks on companies from unscrupulous individuals. However, we need also to take into account that the most common data leaks occur from insiders who have no clue about the danger of their behaviour regarding their “art of communication” with the outside world. Organisations are therefore realizing that the risks associated with data leaks must be taken into account at the same security level as the overall enterprise security hardening.

To satisfy this growing business need, Bull has developed a “data leaks” solution whose main pillars are:
- Discover and reference the sensitive documents dynamically, based on rules specific to the organization (keywords, recipients ...)
- Establish a footprint that can be recognized even if they have been altered or camouflaged (copy and paste, capture ...)
- Monitor network flows to detect any improper output.

10.55h: Coffee Break & Networking

11.15h :  GSM network vulnerabilities, by Peter Cox, UM Labs

The need for data security is well understood, most data applications and services have at least some level of security protection.  In contrast, the security problems associated with voice communication is rarely considered. This presentation will examine the security threats relating to voice calls made on GSM networks and will include a demonstration of call interception on a GSM network. The presentation will then outline how these problems can be addressed using VoIP technology and sound data security principles.
An earlier version of this presentation was presented at the Federal Cyber Security Conference in Baltimore, October 2011.

11.50h : 3 generations of access & identity management: technology overview, trends and future evolutions, by Rik Van Bruggen, Regional Sales Director Courion

Abstract : In the past 15 years, our industry has tried and tested multiple strategies to address the “identity problem”. Everyone seems aware of the fact that the “insider threat” is a clear and present vulnerability in our organisations’ IT infrastructure, but our strategies to mitigate the risks associated with this vulnerability have been all over the place. In this presentation, we would like to present an overview of the industry’s evolution, assess strengths, weaknesses and lessons learnt from the different attempts at solving the problem - and suggest a way forward.

About : Rik Van Bruggen has been working in the Identity and Access Management industry since the end of the nineties, at companies like Novell, Imprivata, and now Courion. Having lived through the industry’s different generations of problem solving strategies, he is very well placed at presenting and discussing the latest challenges and solutions with the audience of this session.

12.30h : Lunch Break & Networking

13.30h :  End to end security from data encryption perspective, the case of secure Teleworking by Vincent Vanbiervliet, Sophos

Abstract : when an organization is motivated to allow its employees to work from location, supporting teleworking, the information infrastructure need to be capable of supporting this. Not only IT, but also information security will need to support from virtual private networking, to anti-malware protection on laptops, to secure backup and storage. Full disk encryption and data access can and will be centrally managed for users to be able to access the required data and information coming from the central office. Learn how this holistic approach could also help your organization in supporting teleworking and remote access.

About :

14.05h :  Trusted Computing Platform - using standard encryption technologies embedded in your hardware and software, by Nick Spekkels, Business Development Director EMEA - Wave Systems Corp

Abstract : Trusted Computing is not only a concept of ensuring information technologies that can be trusted, it is also referring to a standardized technology platform which is supported by many hardware and software vendors worldwide to facilitate securing the data on these devices. Hardening your information security, might also mean utilizing your existing TCP (Trusted Computing Platform), which you might not knew you already had. Discover how your may activate your TCP, or how you can include Trusted Computing into your future architecture. Find out how to manage the Trusted platform for disk encryption, network security in combination with two factor authentication mechanisms.

14.40h : Coffee Break & Networking

15.10h :  Security Hardening by Privileged User Access control, tbd, CA Technologies

15.45h : When business fully understands the challenges of security, an end to end security strategy can be considered. An example from laptop to datacenter, by Antonio Mata Gomez, Oracle

Abstract : The simple question was : what is Oracle doing on information security? There was a simple answer : many things. That has resulted in a series of activities for Oracle to demonstrate their security practice, from db hardening to an end to end perspective. Oracle’s identity management solutions, Oracle applications and the whole cloud offering are only a fragment of the security perspectives of Oracle. As a result, with this concept of an end to end approach, as a case study, it becomes clear what the concept of hardening is all about. It starts from the single data digit, but has to be carried throughout the chain of processing, at light speed or faster and secured.

Case:  Transparency, Accountability and Auditability of high privileged users access is mandatory.
Efficient and consistent User Administration of multiple Databases is becoming more and more important, and is a basic requirement in compliance and auditing discussions. Not only making sure that the right users have access to the right databases at any point in time, but also the traceability of the past and a full view of the lifecycle management and auditability of the high privileged users (eg DBAs) is a key basic compliance requirement in any organization Compliance is not only a matter of processes and applications, but also the place where the information is stored, is seen as a serious attention point for auditing the compliance, security and risk exposure. Ensuring that the right people at all times have only access to the information they are entitled to, has never been so important.  The user management across these multiple DB instances is often done individually, with manual interventions or using scripts, which is costly, not error free and not well accepted by auditors.
About : Antonio started his career as an Oracle database consultant. Back then IT was more interested in High Availability and Scalability but enterprises started showing a growing interest in protecting their key Business Assets persisted in database management systems. Antonio’s expertise was formed through many projects where protecting the database was key in order to guarantee the required security level.In his role of Database Security expert Antonio closely followed up on the Identity & Access Management market trends, which has enabled him to approach security projects from multiple angels.

16.20h : Policy Based Networking to cope with BYOD, Ronny Guillaume, Cisco (TBC)

16.40h : BYOD and Device Management, Ulrik Van Schepdael, Mobco (TBC)

17.00h : Closing Remarks & Networking Reception

18.00h : Close of Seminar

Specifically some topics we are aiming for :
- network monitoring, deep packet inspection
- embedded security
- IPv6 & impact on security
- Database security hardening
- Web application security - firewalling
- New developments in hardware security – TPG/CC-based
- Security as a service (in the cloud)
- Virtualization security
- Identity management – access management - authentication
- Vulnerability testing – intrusion detection
- Data Protection technologies & systems
- Critical Infrastructure Protection
- Cybersecurity & Malware protection
- Security Monitoring & Network Monitoring
- Governance & Compliance
- …

Practical Details

LSEC Security Hardening 2012 - part 2
June 7th, Kasteelpark Arenberg, Leuven

Register already now, to ensure your seat at http://securityhardening2012part2.eventbrite.com

Free to participate to LSEC Members, LSEC partners and partner Members, Agoria Members, ECSA Members.
Free to participate to any others when subscribed before March 30th. After that date, subscription fee of 150 €.
Non-Cancellation fee of 150 €, upon no cancellation at least 1 day before the event and non-appearance.

This event was supported by CA Technologies, an LSEC platinum sponsor for our events. We are always open to other, additional interested parties.

About the organizers :
This event is organized by LSEC, a not-for-profit association focused on Information Security in Belgium. LSEC has been organizing over the last couple of years over 100 highly professional information security oriented activities. LSEC is a founding member of the European Security Innovation Network, a project supported by the European Commission through the INTERREG IVb program that supports innovative developments in the North Western European region in Security. With its partners Systematic Paris region in France, SITC in the UK and TeleTrusT in Germany, LSEC welcomes the active participation of companies to participate in the discussion of potential threats, challenges and opportunities for companies in the domain of Security, or to the enterprise market and government institutions.