CS3STHLM 2019-2020

This page contains information which is not active and is tied to past events.

Speakers

World Class Content

We will have multiple stages with the best international speakers and trainers, having excellent social activities and provide hard-to-earn knowledge, no matter if it is deeply technical matters, sucessful solutions or policy briefs.

Presentation

Ali Abbasi

Post-Doctoral Researcher at Ruhr-University Bochum

Ali Abbasi

Post-Doctoral Researcher at Ruhr-University Bochum

Germany
Presentation

Biography

Ali Abbasi is a Post-Doctoral researcher at the Chair for System Security of Ruhr-University Bochum, Germany. His research interest involves embedded systems security mostly related to Industrial Control Systems, Critical Infrastructure security, and Real-Time Operating Systems security. Currently, Ali is involved in projects related to software testing for embedded systems, specially in the context of Industrial Control Systems. He received his Msc degree in Computer Science from Tsinghua University, Beijing, China. He was working there on Programmable Logic Controller (PLC) security in Network Security Lab, Microprocessor and SoC Technology R&D center with the National 863 High-tech Program grant from Ministry of Industry and Information Technology of China. Ali received his PhD degree from Eindhoven University of Technology, the Netherlands. In Eindhoven, he was working on code-reuse defences for Programable Logic Controllers (PLC) and other embedded systems.

Close

Partner Session

Andrew Ginter

VP Industrial Security at Waterfall Security

Andrew Ginter

VP Industrial Security at Waterfall Security

Close

Presentation

Andrew Tierney

Security Consultant at Pen Test Partners

Andrew Tierney

Security Consultant at Pen Test Partners

United Kingdom
Presentation

Biography

Andrew leads the hardware team at Pen Test Partners. He covers all systems that aren't general purpose computers: IoT, phones, cars, ships, planes and industrial control. On the offensive side, he has spent many years reverse engineering, researching and finding vulnerabilities in these systems. On the defensive side, he takes the knowledge gained from research and advises companies on how to build secure products. This ranges from the nitty-gritty of securing devices against physical attack, through to developing complete connected platforms that make use of defence-in-depth so that they can stay secure through the entire lifecycle of the product. He trains people how to attack and defend hardware, with customers ranging from medical device manufacturers through to police forensics teams.

Close

Partner Session

Andrew Tsonchev

Director of Technology at Darktrace

Andrew Tsonchev

Director of Technology at Darktrace

Close

Presentation

Colin Cassidy

Senior Security Consul... at IOActive

Colin Cassidy

Senior Security Consultant at IOActive

United Kingdom
Presentation

Biography

I have been a Senior Security Consultant at IOActive for 5 years and have performed many security audits of ICS/SCADA systems including: several assessments at two of the UKs largest Distribution Network Operators, Energy Management Systems in Asia, Smart Meter infrastructure, shipping terminals, HVAC and baggage handling systems at one of Europe’s busiest airports, and several windfarms in Europe. I have presented and Blackhat and Defcon on Industrial Ethernet Switches, like those deployed in windfarms and other ICS environments. Prior to this I was the Security Technical Lead and core product development lead within GE for the PowerOn Fusion product a leading Outage Management System/Distribution Management System (OMS/DMS) used throughout the world. I led the secure testing project of our product that took place at INL (Idaho National Laboratories) in 2010. I produced the secure coding guidelines now used throughout GE as the benchmark for secure coding guidelines within the business. Finally, I worked with a corporate security team to develop the processes and procedures for a GE wide PSIRT to handle reported vulnerabilities and security concerns/questions with any of GE’s product range. Graduated from the University of Glasgow with a B.Sc. in Computing Science where I worked on the Nemesis Operating System (https://en.wikipedia.org/wiki/Nemesis_(operating_system))

Close

Presentation

Daniel Kapellmann Zafra

Technical Analysis Man... at FireEye

Daniel Kapellmann Zafra

Technical Analysis Manager at FireEye

United States
Presentation

Biography

Daniel Kapellmann Zafra is a technical analysis manager for the FireEye Intelligence cyber-physical team. As a former Fulbright scholar, he holds a master’s degree in information management from the University of Washington specialized in information security. His multidisciplinary background includes consulting for ITU and the Competitive Intelligence Unit IT market research firm, to IT planning and architecture for Puget Sound Energy. He is a frequent speaker on operational technology topics at local and international conferences including RSA, VirusBulletin, CyCON, ICSJWG, AFPM Operations & Process Technology and Hack the Capitol. In 2017, he was awarded first place at Kaspersky Academy Talent Lab's competition in Moscow for designing an application to address security beyond anti-virus.

Close

Presentation

Federico Maggi

Senior Researcher at Trend Micro

Federico Maggi

Senior Researcher at Trend Micro

Italy
Presentation

Biography

With more than a decade of research experience in the cybersecurity field, Federico Maggi is specialized in doing threat and security analysis on virtually any system. Federico has analyzed web applications, network protocols and devices, embedded systems, radio-frequency control systems, industrial robots, cars, and mobile devices. Federico has experience on defensive technology and research, through building machine learning-based tools for intrusion and fraud detection. He’s applied data visualization techniques for analyzing botnets, and has gained basic malware analysis and reverse-engineering on Android-based platforms. Currently employed as a Senior Researcher with security giant Trend Micro, Federico was an Assistant Professor at Politecnico di Milano, one of the leading engineering technical universities in Italy. Aside his teaching activities, Federico co-directed the security group and has managed hundreds of graduate students. Federico has given several lectures and talks as an invited speaker at international venues and research schools, and also serves in the review or organizing committees of well-known conferences."

Close

Presentation

Idan Helzer

Cyber Analyst at Otorio

Idan Helzer

Cyber Analyst at Otorio

Israel
Presentation

Biography

Cyber-security researcher with military experience in a cyber security unit.

Close

Partner Session

Ignacio Moreno Canadas

OT Security Consultant at Accenture

Ignacio Moreno Canadas

OT Security Consultant at Accenture

Close

Presentation

Jan Tore Sørensen

Security Expert at mnemonic

Jan Tore Sørensen

Security Expert at mnemonic

Norway
Presentation

Biography

Jan Tore Sørensen wrote his master thesis on Security in Industrial Networks in 2007 and has worked with the technical aspects of ICS security within several different industrial verticals for mnemonic since then. He has lately been involved in projects for securing critical subsystems on offshore installations in the North Sea and building a security monitoring scheme for IACS systems offshore.

Close

Presentation

Jenny Radcliffe

Social Engineer

Jenny Radcliffe

Social Engineer

United Kingdom
Presentation

Biography

Jenny Radcliffe is a world renowned Social Engineer, hired to bypass security systems through a mixture of psychology, con-artistry, cunning and guile. A "burglar" for hire and entertaining educator, she has spent a lifetime talking her way into secure locations, protecting clients from scammers, and leading simulated criminal attacks on organisations of all sizes in order to help secure money, data and information from malicious attacks. Jenny is a sought after keynote speaker at major conferences and corporate events and is a multiple TEDx contributor. A go-to guest expert on the human element of security, scams, cons and hacks, she has appeared on numerous television and radio shows, as well as online media and traditional press outlets. She is also the host of the award winning podcast “The Human Factor” interviewing industry leaders, bloggers, experts, fellow social engineers and con-artists about all elements of security and preventing people from becoming victims of malicious social engineering.

Close

Presentation

Joe Slowik

Adversary Hunter at Dragos

Joe Slowik

Adversary Hunter at Dragos

United States
Presentation

Biography

Joe Slowik currently hunts ICS adversaries for Dragos, pursuing threat activity groups through their malware, their communications, and any other observables available. Prior to his time at Dragos, Joe ran the Incident Response team at Los Alamos National Laboratory, and served as an Information Warfare Officer in the US Navy. Throughout his career in network defense, Joe has consistently worked to ‘take the fight to the adversary’ by applying forward-looking, active defense measures to constantly keep threat actors off balance. When not hunting adversaries or playing with open source security projects, Joe loves playing ice hockey and building Legos.

Close

Presentation

Jonas Edberg

Cyber Security Consultant at Contrast Advisory

Jonas Edberg

Cyber Security Consultant at Contrast Advisory

Sweden
Presentation

Biography

Jonas is a cyber security consultant at Contrast Advisory, which he co-founded in 2017, with experience from a wide set of industries and companies. During the last few years Jonas has been focusing on cyber security within the energy industry. He has prior experience within GRC (Governance, Risk and Compliance), information security, external and internal audit, privacy, risk management and internal control from Transcendent Group and EY Advisory Services. Jonas holds a master’s degree in Industrial Engineering and Management from Chalmers University of Technology and is CISA, CISM, CRISC and CIPP/E certified.

Presentation

How to create a risk-based future-proof zone model with Kristina Blomqvist
Close

Presentation

Kelly Leuschner

Security Researcher at Cisco Talos

Kelly Leuschner

Security Researcher at Cisco Talos

United States
Presentation

Biography

Kelly Leuschner is a security researcher with Cisco Talos. Kelly spends her time looking for vulnerabilities in devices that interact with the physical world including Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), and Internet of Things (IoT). She began her career as a contractor to the US government developing custom firmware for micro-controllers. Her fascination with learning how things work led her to shift focus to vulnerability research at Cisco Talos. Now, she works with vendors to fix problems in their products.

Close

Presentation

Kristina Blomqvist

Group Operational Tech... at Vattenfall

Kristina Blomqvist

Group Operational Technology Security Officer at Vattenfall

Sweden
Presentation

Biography

Kristina Blomqvist is group operational technology security officer at Vattenfall AB. She is responsible for creating, establishing and maintaining the OT Security area and for ensuring that all aspects of OT-security are aligned with relevant stakeholders within the Vattenfall group. Moreover, she drives and coordinates OT security initiatives and monitors regulatory development. Kristina previous engagements includes being program manager for the Swedish National Program for ICS Security at MSB, the civil contingencies agency, working as an analyst and market director at FOI, the Swedish Defence Research Agency, and as an I&C subject area representative and specialist at the Swedish Nuclear Power Inspectorate, SKI. Kristina holds a master in Engineering Physics from KTH, the Royal Institute of Technology. Kristina is also a long-term advisory board member for CS3Sthlm.

Close

Presentation

Krzysztof Swaczyński

Strategic Advisor & Fo... at Seqred

Krzysztof Swaczyński

Strategic Advisor & Founder at Seqred

Poland
Presentation

Biography

Krzysztof is strategic advisor in the field of OT and IT security. He is a founder and board member of Seqred - cyber security shop focused on testing and improving security in ICS field. He gained his experience while working for strategic consultancy companies – EY and BCG. He advised global organizations in government, power & utilities, manufacturing, air transportation and building automation sectors, on the planning and safe implementation of IT and OT solutions as well as company-wide technology driven transformation programs. He worked with the management boards, CIOs, CISOs, whom he advised on fulfilling their potential and eliminating the risks stemming from new technologies. He expanded his managerial qualifications while participating in the Executive Education program at the MIT Sloan School of Management. In his current professional capacity Krzysztof leads team of OT security researches specialized in vulnerabilities assessments, i.e. reverse engineering, fuzzing and penetration testing. He is a holder of GIAC: Global Industrial Cyber Security Professional (GICSP) Certificate – globally recognized industrial cybersecurity certification.

Close

Presentation

Marie Moe

Senior Security Consul... at mnemonic

Marie Moe

Senior Security Consultant at mnemonic

Norway
Presentation

Biography

Dr. Marie Moe cares about public safety and securing systems that may impact human lives. Marie is a senior security consultant at mnemonic, and has a PhD in information security. She is also an Associate Professor at the Norwegian University of Science and Technology, where she teaches the course “Incident Response, Ethical Hacking and Forensics”. She has experience as a team leader at NorCERT, where she did incident handling of cyber attacks against Norway’s critical infrastructure.

Close

Presentation

Matan Dobrushin

Head of OT Research at Otorio

Matan Dobrushin

Head of OT Research at Otorio

Israel
Presentation

Biography

Cyber security researcher with military leadership experience in cyber security unit.

Close

Partner Session

Michael Firstenberg

Director, Industrial S... at Waterfall Security

Michael Firstenberg

Director, Industrial Security at Waterfall Security

Presentation

Future of Ransomware
Close

Partner Session

Michal Paulski

OT Security Architect at Accenture

Michal Paulski

OT Security Architect at Accenture

Close

Partner Session

Nour Fateen

Threat Expert at Recorded Future

Nour Fateen

Threat Expert at Recorded Future

Close

Keynote

Ross Anderson

Professor of Security ... at University of Cambridge Com...

Ross Anderson

Professor of Security Engineering at University of Cambridge Computer Laboratory

United Kingdom
Keynote

Biography

Ross Anderson is Professor of Security Engineering at Cambridge University. He was one of the founders of the discipline of security economics, and is PI of the Cambridge Cybercrime Centre, which collects and analyses data about online wickedness. He has worked on key management for electricity substations; he was also a pioneer of powerline communications, prepayment metering, peer-to-peer systems, hardware tamper-resistance and API security. He is a Fellow of the Royal Society, the Royal Academy of Engineering, and the Institute of Physics, and a winner of the Lovelace Medal. He has just written the third edition of his textbook "Security Engineering – A Guide to Building Dependable Distributed Systems".

Close

Presentation

Simon Hacks

Postdoc at KTH

Simon Hacks

Postdoc at KTH

Sweden
Presentation

Biography

Simon is a postdoc in the Software Systems Architecture and Security group, Computer Science at KTH Royal Institute of Technology. He did his Ph.D. at the RWTH Aachen University, Germany in the field of Enterprise Architecture Models. He supervised several theses related to Enterprise Architecture and supported the teaching of lectures in Software Engineering, Software Quality Assurance, Object Oriented Software Construction, and Software Project Management. He is Co-Chair of the VEnMo workshop, PC member at the TEAR workshop, and reviewer for the EMISA Journal. He received his master degree in applied computer science from the Technical University Dortmund and his bachelor degree in business informatics from the FOM University of Applied Sciences Essen. Additionally, he did an apprenticeship as IT specialist at E.ON IT in Essen and worked as a privacy consultant during his master studies at ISDSG.

Close

Presentation

Stephen Hilt

Senior Threat Researcher at Trend Micro

Stephen Hilt

Senior Threat Researcher at Trend Micro

United States
Presentation

Biography

Stephen Hilt is a Sr. Threat Researcher at Trend Micro. Stephen focuses on General Security Research, Threat Actors, Malware behind attacks, and Industrial Control System Security. Stephen enjoys breaking things and putting them back together with a few extra parts to spare. Stephen is a world-renowned researcher, having spoken at Blackhat US, RSA, HITB and many more. His research has gained him Dark Reading top hacks of the year twice. Working at Digital Bond Stephen became a Nmap Contributor where he wrote some Nmap scripts for ICS and other mainstream protocols. This work took him into becoming an expert on ICS protocols and co-authored the book Hacking Exposed Industrial Control Systems ICS and SCADA Security Secrets & Solutions.

Close

Presentation

Wenjun Xiong

PhD Student at KTH

Wenjun Xiong

PhD Student at KTH

Sweden
Presentation

Biography

Wenjun is a PhD student in Software Systems Architecture and Security group, at the Division of Network and Systems Engineering, KTH Royal Institute of Technology. Her research interests include Threat Modeling, Attack Simulations, and Cyber Security. She is currently working on designing a threat modeling language - enterpriseLang, based on MITRE ATT&CK Matrix. She received her MSc degree in Communication and Information Systems in 2017, from the State Key Laboratory of Information Engineering in Surveying, Mapping and Remote Sensing, Wuhan University, China, with special focus on Information Privacy.

Close

Partner Session

Wissam Al-Nasairi

X.0 and OT Security Lead at Accenture

Wissam Al-Nasairi

X.0 and OT Security Lead at Accenture

Close