black hat sessions 2019 - secura...black hat sessions (bhs) is secura’s annual security conference...
TRANSCRIPT
PROGRAMME
BLACK HAT SESSIONS 201913 June 2019 | NBC Congrescentrum Nieuwegein, Netherlands
08:30 Opening & Registration
09:30 Welcome Speech | Chris van ‘t Hof
Capture the Flag
(CTF)
09:45 Opening Keynote | Victor Gevers
10:30 Keynote: A Dangerous Game: Anatomy of a Cyber-Physical Attack | Jos Wetzels
11:00 Coffee Break
11:30 B R E A K O U T S E S S I O N S
S E C T O R C A S E S T U D I E S T E C H N I C A L D E E P D I V E W O R K S H O P S
AutomotiveGeert Pater, RDW
Self-encrypting DeceptionCarlo Meijer
ICS Hands-on HackingPaymentsMax Geerling, Dutch Payment Association
Embedded Control Systems Binary SecurityAli Abbasi
The Hacker MindsetInsurance
Wouter Wissink, Chubb
But How to Actually Do It? Practical Applications of IEC 62443 to Asset SecurityMarina Krotofil
13:00 Lunch
14:00 B R E A K O U T S E S S I O N S
S E C T O R C A S E S T U D I E S T E C H N I C A L D E E P D I V E W O R K S H O P
Chemical IndustryAnderson Domingues,LyondellBasell
Practical Intrusion Detection and Security Monitoring for Utility SCADA systemsRobin Massink
ICS Hands-on Hacking
Connected Paul Wijninga,Agentschap Telecom IPv6 in Critical
Infrastructures: Risks and VulnerabilitiesMarc Heuse
The Hacker MindsetMedical Devices
Ben Kokx, Philips
15:45 Coffee Break
16:15 Closing Keynote | Elsine van Os
17:00 Closing Ceremony & Announcement CTF Winners
17:15 Drinks
Keep an eye out for up-to-date information at www.blackhatsessions.com
Black Hat Sessions (BHS) is Secura’s annual security conference
where you will be informed about the latest trends, threats
and solutions in the world of digital security.
REGISTER NOW: WWW.BLACKHATSESSIONS.COM
Keep an eye out for up-to-date information at www.blackhatsessions.com
ORGANISED BY:
SPONSORS:
PARTNERS:
BLACK HATSESSIONS 2019
13 June 2019
NBC Congrescentrum Nieuwegein, Netherlands
PROTECTING YOUR CRITICAL SYSTEMS
HOST
CHRIS VAN ‘T HOFThe BHS will be hosted by Chris van ‘t Hof, internetsociologist, presentor & author of the book Helpful hackers. Chris van ’t Hof is an independent researcher, writer and presenter in information technology.
Protecting Your Critical SystemsCyber hacks are in the news every day and we all know about the relevance of digital security. But how to protect ourselves?
National and international speakers will bring you up-to-date on security issues in critical sectors, including government, finance, insurance, government, energy, healthcare, chemical industry and high-tech.
All you need to know to protect your critical systems and better secure your organisation’s critical assets. The day-long programme consists of technical sessions, keynotes, lessons learned, workshops, a student Capture the Flag (CTF) and more.
REGISTER NOW: WWW.BLACKHATSESSIONS.COM Price: €320,- | €65,- for studentsEarly bird registration: Until 20 April 2019 you will only pay €280 excl. VAT per person
Upon participation you will receive PE points / ECE credits* anda confirmation of participation if requested. *Check your certificate body’s rules and regulations
BLACK HAT SESSIONS 2019 13 June 2019 | NBC Congrescentrum Nieuwegein, Netherlands
HOST
VICTOR GEVERS | Founder of GDI Foundation & Chairman of Global CERTPlease join the opening keynote by Victor Gevers, founder of GDI Foundation and Chairman of Global CERT. Victor hacked into complex databases, servers, NAS devices and prevented valuable data from getting leaked. During the BHS he will provide more insight into the techniques he uses to identify and alert on such huge data leaks.
JOS WETZELS | Principal Security Specialist at SecuraJos, security researcher in embedded systems, will discuss the cyber-physical attack lifecycle, illustrated by real-world case studies, and how to leverage insights into that lifecycle in order to inform effective critical infrastructure defense strategies.
ELSINE VAN OS | Clinical Psychologist and Intelligence and Security ExpertWorking for years in the Oil and Gas sector, a high risk environment for all forms of (cyber) security threats, Elsine and the industry simultaneously grew up with growing threats in the cyber domain. Get inspired by this keynote on how you can reduce risk and stop insider threats from impacting your business.
KEYNOTE SPEAKERS
How to increase the security maturity level within sectors like finance, automotive, medical devices, telecom or chemical processing? Every sector is challenged in a different way, but we also see a lot of commonalities. In multiple sector case studies various speakers will address how they deal with security and how to increase cyber resilience within their business. The sessions will be closed with a lively panel discussion. Get inspired by our speakers on how they deal with their challenges!
Geert PaterManager Vehicle Standards Development at RDW
Max Geerling Executive Advisor at Dutch Payments Association
Ben Kokx Director Product Security at Philips
Anderson Domingues Information Security Manager at LyondellBasell
Wouter WissinkPrincipal Cyber Risk Engineer & Technology Industry Practitioner at Chubb
Paul Wijninga Advisor at Agentschap Telecom
SECTOR CASE STUDIES
B R E A K O U T S E S S I O N S
Let’s get technical! For the more tech-savvy amongst us, we have various technical sessions lined up. Join our national and international experts from the field as they present their in-depth technical approach and current researches and innovative solutions to the unsolved problems facing the industry.
TECHNICAL DEEP DIVES
SECURA STUDENT CAPTURE THE FLAG
This 17th edition of BHS will see an extensive programme
including a Capture the Flag (CTF) competition aimed at student
teams from University or Higher Education. The best three
teams will win prizes, but the experience itself is already very
interesting and educational for both students and attendees!
First prize € 2,048 Second prize € 1,024 Third prize € 512
HACKER MINDSET - limited seats available!It is very important that developers and general IT staffing understand how hackers think and what techniques and vulnerabilities they use to attack applications, platforms or infrastructures. Join this workshop during the Black Hat Sessions to better understand the approach of an attacker and gain knowledge about technical vulnerabilities.
INDUSTRIAL CONTROL SYSTEMS (ICS) SECURITY WORKSHOP - limited seats available!In this workshop, we will have a setup available that lets you perform several practical attacks such as replaying Modbus commands to a PLC, manipulating a building control system, or hacking an HMI. The workshop consists of an introduction to ICS cyber security followed by an interactive threat modeling session and hands-on hacking of an operational technology (OT) environment with real ICS components.
Carlo MeijerPhD candidate at the Digital security group at the Radboud University Nijmegen
Ali AbbasiPost-Doctoral researcher at the Chair for System Security of Ruhr-University
Marc Heuse Founder of The Hacker’s Choice and author of the thc-ipv6 IPv6 attack suite
Robin MassinkThreat and vulnerability analyst within the IT Security team of Alliander
Marina KrotofilICS/SCADA security professional at BASF with heavy focus on offensive cyber-physical security
WORKSHOPS