GlobalSequr and ALSO are pleased to invite you to a cybersecurity seminar, which will give you a unique insight into advanced cyber-attacks, and gain insight from a large IT organization, that is actively working to reduce its attack surface.
Nuri Fattah, principal consultant at GlobalSequr and specialized in Red Team and Penetration testing. Nuri was contracted 8 years by NCIRC (NATO Computer Incident Response Capability) and is the former Director of operations for Locked Shields. Nuri is also known as a security researcher focused on Open Source Intelligence Gathering (OSINT), vulnerability discovery and is the winner of some of the largest cyber defense exercises around the world.
Anders Reuter is Office Manager in Koncern IT, Copenhagen Municipality with responsibility for Operational IT Security (SOC) and User Management (IGA). The City of Copenhagen is one of the Denmark’s largest workplaces with more than 45,000 employees, 25,000 PCs and almost as many mobile devices, on which one or more of the organization's more than 250 IT solutions are run. Anders Reuter has extensive experience with both security and management from the Danish Military, Municipalities and the last 5 years in the City of Copenhagen.
| 09.00–09.05 | Welcomme |
| 09.05–09.55 | Bypassing security teams and controls Nuri will present a use case recently conducted against a large financial institution and demonstrate how we were able to bypass their internal security teams, the SOC/CIRT, and an external MMSP to fully compromise them without an initial exploit. We will demonstrate how basic security hygiene could have prevented the breach. The latest attacker tools will be demonstrated to show how advanced they are against security teams. |
| 09.55–10.05 | Short break |
| 10.05–10.55 | Daily operational approach to reduce the attack surface The growing cyber threat has been a major focus for the City of Copenhagen's Koncern IT for several years. Since 2015, the IT security area has changed significantly. The change has affected both the organization of the area and the investments in both employees and technology. The presentation is based on the changed cyber threats, and topics such as Vulnerability Management, SIEM and Network Monitoring based on Machine Learning, will be included. |
| 10.55–11.00 | Thank you |
