Prof. Georges Ataya is Founder and Academc Director of IT Management Education in charge of the executive Master in IT Management, Information security Management, Data Privacy (www.solvay.edu/it) and (solvay.edu/gdpr). Vice President of the Belgian Cybersecurity Coalition. Acted as International Vice President for ISACA and the IT Governance Institute and as President ISACA Belux (www.isaca.be), Founder ISSA BE (www.issa-be.org). Board member at AGORIA DIGITAL Industries, ISACA BE, BECI, and CIONET.
Prof. Georges Ataya manages the theoretical content of the program. He will make use of reputed trainers for each specific topic.
DigiTribe is a fast-growing business & IT consulting company created in 2017 and delivering premium services to large suppliers! They are organized in 3 Tribes: Cybersecurity & Risk, Digital transformation & Cloud, Data Science. DigiTribe is recognized for bringing premium consulting, quality and innovation to our customers. They work in an Agile structure and share our decisions with the key partners, suppliers, Tribe Leaders and Community Managers.
Digitribe will organize an initial cybersecurity self-assessment before the actual program starts, and an in-depth self-assessment after the four core modules combined with presentations, lessons learned and individual feedback. Participants have two weeks from this session onwards to fill in this self-assessment.
Intigriti is a crowdsourced security platform where security researchers meet with companies in a safe way to execute continuous security tests. Based on the defined scope of the projects launched by the participating companies, the researchers will search for vulnerabilities and report them back via intigriti. Once intigriti validates the report, it will be put forward to the company to understand and resolve the identified vulnerability. Researchers are only paid in case of a new and in scope vulnerability, which has not been reported on before. If no vulnerabilities are found, no bounties will be paid.
Intigriti will perform a vulnerability assessment to get a better understanding of the security maturity. This will ensure that the company meets the minimum-security threshold that is expected and ensures that it knows where it still needs to spend more efforts to improve.
Sweepatic is an innovative data driven cybersecurity company based in Leuven, Belgium and operates on a global scale.
Through the Sweepatic cloud platform, you are equipped with an extra pair of eyes on the outside, monitoring your external attack surface and its exposure to risk.
This unique platform -build by security experts- constantly mimics the latest and most refined reconnaissance techniques, discovering and analyzing all internet facing assets in a fast, accurate and complete way. It sheds light on new, odd, unknown and hidden parts of your business before somebody else does.
Sweepatic will provide each participating company the results of a first sweep, explain the risks and elaborate on recommendations how to grow a digital footprint in the most secure way forward.
SECURECODEWARRIOR.COM Secure Code Warrior pioneered an innovative approach to improving secure coding skills and outcomes that is simple, scalable and positive, for both development and security teams. The team is driven by the knowledge that measurable improvements in security compliance, consistency and predictability will be matched by a better quality and speed of code writing. And that creates an environment in which everyone can enjoy spending more time building, and less time fixing!
Febelfin Academy, as part of the Febelfin group, is the competence centre for the financial sector. It provides financial training courses from basic to expert level with a focus on job-specific skills as well as competence development. Febelfin Academy strives to offer impactful blended learning journeys to its students through a combination of several learning formats from practical workshops, coaching to e-learning and assessments.
Risk management plays a crucial role in any sound bank policy. Therefore this keynote will give the participant an outline of the general framework of risk management in a bank. It starts with an overview of the different business lines of a bank and the corresponding risks. Attention will be given to the start of the financial crisis and other aspects that have led to an increasing regulation. Moreover, it will highlight the rising importance of new risk types that are often difficult to quantify.
NVISO is a professional services firm exclusively focusing on information and cyber security. We have a strong track record providing information and cyber security services to financial services, the public and technology sector. NVISO can support you in protecting your business and IT environment but also by detecting and responding to cyber security incidents. Our mission is to safeguard the foundations of European society from cyber attacks.
NVISO will introduce the principles of incident response and digital forensics and explain how this domain fits into an overall cyber security practice. After the introduction, NVISO will facilitate an interactive cyber security crisis simulation where the participants to the session will be presented with a real-life crisis situation and where they will need to take the necessary decisions in teams to contain and eradicate the crisis. The breach simulation will use Kaspersky’s Interactive Protection Simulation that presents a cyber security crisis for a financial institution in the format of an interactive board game.
After building your initial product, you create a small team for DevOps. In this phase, security and compliance are playing an important role as well, because you don’t want to get hacked due to a release that went out in a fast product iteration cycle. Also, your enterprise customers ask questions regarding your policy after breaches. But, building in SecOps requires some specific expertise and tooling, especially when you want to keep the product organization efficient. BitSensor is a company founded by hackers, supported by ML engineers, to solve these problems.
Bitsensor will complement the theory by explaining: How to set up security monitoring for API’s and applications, How to set up alerting for incidents, How to set up Elastic stack with HTTP captures for forensics, An example of a security incident
iGuards is the result of a collaboration between several expert consultancy firms, addressing the urgent need for a multi-tiered approach in information security governance. We focus on the balance between people, processes and technology. We offer information security governance, risk management and compliance services, brought to you by senior information security experts with vast experience and a proven track record in the financial sector. We also prefer our people to have some technical background and experience in order to actually get things moving within your company and to assist those employees who will ultimately implement any security measures. Our approach has been lauded by our clients, who appreciate our very open and heads-on methodology.
iGuards will share the their practical insights and experience in the field of the NIS directive.
Onegini protects customer personal data and enables secure transactions, using any device any time. The company’s award-winning Mobile Security Platform provides organizations with an easy way to deliver mobile apps, with the best end-user experience and high security for external users. The Onegini team consists of security specialists whose job it is to identify new threats in the mobile space and translate them into state-of-the-art mobile app protection. Onegini already protects data for millions of end users in the banking, insurance and transport markets. Onegini has offices in the Netherlands and Poland.
Cranium is specialized in privacy and security solutions and services. Cranium supports and familiarizes your organization with the compliance with General Data Protection Regulation (GDPR) and protection against cyber-attacks and other possible data breaches. By building bridges between IT, legal and business, Cranium provides profound end-to-end solutions on both tactical and operational levels and prepares your company for GDPR.
Cranium will give practical tips and insights into operationalizing GDPR compliance, and explain when you need a DPO, and how organizations can outsource the DPO function to an external company or person.