LSEC - Leaders in Security

The truth is out there

But how much do you know from it? Do you know how effective your firewall, NAC, UTM, IPS, … and maybe many more devices and applications that prevent security threat incidents are?


Their activities are extremely important, but are you able to manage them thoroughly? During this afternoon seminar, you’ll be able to find out from the experts what they are doing with all of this information.


Part of the Global Security Week, LSEC has organized the following seminar on SIEM (Security Information and Event Management). Many companies have installed a variety of complex security mechanisms that flash on a day by day basis, but most are only reporting basic information coming out of the standard reporting engines of these devices and tools.
In some cases this logged data is not stored at all, and just erased from the perspective of reducing the processing power and disk space. Whilst perimeter security is in most large organizations largely being considered, only in rare occasions it is properly taken care for. In smaller organizations typically, the situation is even worse. On top, no consideration is paid to threats coming from the inside.

SIEM Seminar 2009 in Leuven, Fabian Libeau from ArcSight

SIEM technology can be deployed to support three primary use cases: compliance reporting/log management, threat management, or a SIEM deployment that covers both use cases. Most organizations require a general SIEM deployment that implements capabilities in all three areas, but there is variation in use case priority and capability requirements Companies from a variety of industries (financial institutions & insurances companies, process manufacturing, chemicals, pharmaceuticals, government institutions and others ) are welcome to attend these expert presentations and participate in the discussions on how to to deal with sensitive information coming from and going to business partners and customers.

Final Program

12.00h Registrations & Sandwich Lunch

12.20h Welcome & Introduction by LSEC

12.30h SIEM : a critical component of Information Risk Management
by Stefaan Hinderyckx, Dimension Data

About : Stefaan Hinderyckx heads Dimension Data’s Security business in Europe. He has worked for Dimension Data in European and global positions for nearly 4 years, where he oversaw security sales operations and new business development as well as maintained and created relationships with Dimension Data’s security technology partners.
Prior to working at Dimension Data, Stefaan worked as Sales Director for Symantec, and as Vice President Sales at Verizon Business Security Solutions. Stefaan has 19 years experience in the networking, security and application industry. He fluently speaks four languages, and holds a B.Mathematics, M.Computer Science and M.Business Administration, all from the University of Leuven, Belgium

13.10h SEM SIM SIEM ... just more technology or truly adding value?
by Bart Vansevenant, Cybertrust - Verizon Business

About : prior to his current function, Bart was responsible for the Managed Security Services and Vulnerability Management offerings of Cybertrust worldwide. Prior to acquisition of Verizon Business and the merger of Betrusted/Ubizen and TruSecure, he was Ubizen’s executive vice president of marketing, managing the company’s marketing communications, public relations and analyst relations. Before joining Ubizen in January 2001, Vansevenant led the internet product management department at cable operator Telenet. Previously, Bart had served as account manager and business development manager at Oracle. As one of the founding members of LSEC, Verizon - Cybertrust wanted to contribute to the initiative to gather companies offering security products, services and expertise to increase security awareness in the Belgian market, to internationally promote the security expertise present in Belgium and stimulate collaborations between different security players in the market

13.50h Human Nature or a Few Bad Apples
by Riaz Khan, European Director, WildPackets

Network & Application Performance Analysis, Protocol Analysis, VoIP Monitoring and Troubleshooting Solutions
What are the challenges for Network Forensics, what questions need to be answered and how can you answer them? One of the problems is that there are many things happening on your networks at the same time.
Trying to find the critical packet is like looking for the needle in the haystack. An integrated approach and some forensic analysis tips could help in dark times.

About : Riaz Khan has over 20 years of IT experience gained in mission-critical networking environments such as those of DEC, Compaq, and Cisco Systems. He holds a Certified Business Critical Consultant diploma from the British Computer Society, and has been certified by the Industrial Society in Management in Computing and Management practices. Khan spent 2 years auditing Software, Network and Security Domains advising customers on how to improve business processes which support IT. He specializes in enterprise solutions across diverse market verticals

14.30h VoIP Security Management, threat detection and control
by Peter Cox, CEO UMLabs
About : Peter Cox CEO, has 30 years experience of IT systems and software development including more than 20 years experience of IP networking and security. Peter was a co-founder of Borderware Technologies, a pioneer of IP security and developer of one of the first commercial firewall products.
While at Borderware, Peter focused on application specific security gateways including Email, IM and VoIP products. Peter also navigated Borderware’s products through a total of 3 Common Criteria EAL4+ Security certifications. Common Criteria is a international security certification standard sponsored by over 20 countries.

15.10h Coffee Break, Refreshments & Networking

15.40h SIEM City. A general technological and market perspective of SIM / SEM = SIEM
Luc Dooms, C-Cure

About : Luc Dooms has a Masters degree in Physics (1985) from the University of Antwerp and a Masters degree in Computer
Sciences from the University of Brussels. After doing fundamental research at the KU Leuven in the area of theoretical physics, Luc
finds his way in the IT world: software engineer at Dynamic Engineering and knowledge engineer at Kredietbank. In 1991 he
starts working for BIM, an innovative Belgian IT company, doing UNIX and TCP/IP long before market recognition. At BIM, Luc
progressively gets interested in IT security and is involved in the early internet security projects in Belgium. In 1996, Luc decides to
be active as an independent consultant in the area of internet security.
In 1998, he co-founds C-CURE, a Belgian company specialized in design, implementation and management of corporate
perimeters and internal networks. As CEO he has guided this company from an innovative start up to the trusted security
partner C-CURE is today.

16.20h SIEM evolution, a day in the life of a Security Architect
by Stijn Vande Casteele, Senior Security Architect, Telindus - Belgacom ICT

The business case for a SIEM that was initiated in 2003 has evolved quite significantly. This session will share the different tooling migrations, the different evolutions from an architecture, security operations, services and content evolution perspective. Especially for for Application developers, Architects, SOC employees, Business consultants, Program managers this session highlights the various hands-on experiences from a Security Architect’s perspective.

About : Stijn has spent the last 8 years helping organizations solve information security puzzles. He is currently lead expert for the Security Management offerings within the Telindus Belgacom ICT organization and program responsible for the SIEM multi-tier platforms based on ArcSight ESM and Logger technologies. Stijn received his MSc in Information Security from Royal Hollow, University of London and holds a CISSP certification.

17.00 Beyond IP Addresses. Monitoring Security Risks in Business Processes
by Fabian Libeau, ArcSight

About : Fabian Libeau, EMEA Marketing Director, ArcSight
Fabian has more than 12 years IT security experience and is working in the SIEM space for nine years now. For the last five years Fabian is working for ArcSight in EMEA, first as Principal Architect, now as Marketing Director. Before joining ArcSight, Fabian worked at CA as Principal Architect and VP for SIM solutions in EMEA. Recognized as an expert in the field of IT Security, Fabian is a frequent speaker at security conferences and has worked with global IT companies on major security solution roll-outs. Fabian has a certification as CISSP and ITIL and a master in Physics.

17.30 SIEM Experience and practical implementations in Belgium and Luxemburg
by Dominique Dessy, RSA the Security Division of EMC

About : Dominique (CISSP) has a degree in Computer Science from the Brussels Free University. Worked in various IT positions in companies such as Sun Microsystems, AT&T, SGI, DAD. Started 9 years ago witrh EMC, doing Presales for Enterprise. Moved moved to RSA as BeLux Sales Engineer.

18.10h Experiences from the field and lessons learned. Best Practices in SIEM correlations
By Fabian Libeau, ArcSight

18.30h Panel Discussion & Closing Notes

18.45h Cocktail Reception & Networking

20.00h Close of Event



During this seminar you could learn about some of the following key steps to success : 1. baseline understanding of your security events; 2. “start slowly” tackle perimeter security; 3. deal with alerts. 4. Make sure executives are onboard and have them endorse it. You need all your governance issues clearly laid out before you start deployment.

Next Opportunity

If you like to participate in a future SIEM Seminar, as a speaker or participant, send an email to siem at lsec.be with SIEM interest in the subject line. You will be contacted personally.

Thanks to RSA for supporting this event!