Christina LekatiNov 2, 2023

I had heard the rumors and I am happy to report that they were true.
Last week I had the pleasure of participating at the Swiss Cyber Storm as a speaker. It was one of THE most mentally stimulating conferences I have been to, a top shelf kind of conference for cybersecurity.

Everything from the speaker lineup to the content of the presentations was top notch...but it was also pretty noticeable that the conference attracted some truly interesting minds. If we met there, thank you for the wonderful discussions!

This is highly recommended cyber security conference, for all the right reasons. If you want to gain fresh perspectives, share & challenge your ideas, and meet some noteworthy industry professionals, make sure to attend.

Hope to see everyone again next year!

#SCS23 #swisscyberstorm #cybersecurity #infosec #conference

Dominee FromhellOct 26, 2023
Behold, @evacide showing the mastery to squeeze a 45min presentation into a 25min slot on the Swiss Cyberstorm conference with some magical lossless compression. Great keynote that woke me up better than coffee 😋 #SCS23
Show threadMarcel WaldvogelOct 25, 2023

Only opened the goodie bag today (thanks, @adfichter for the reminder! 😊).

I really appreciate the guys that included the bugs I can hunt for strength (left) and the blue pills, not only for the blue team! 🖖
#SCS23

Fab Oct 24, 2023

Some top notch speakers at the 10th #SwissCyberStorm conference in Bern. Thanks to all the staff and specially @Folini for that day

#SCS23 #infosec #Infosecconference

Marcel WaldvogelOct 24, 2023

#StefanLüders at #SCS23 explaining that when adding more manageability, scalability, virtualization etc. you continually add abstraction layers, separate networks, ….
Only to reconnect them at the next level again, reintroducing the interdependence and kill isolation anf security.

"So, this is not #KISS, this is #ACDC!"

Marcel WaldvogelOct 24, 2023

#ChristineBejerasco on the challenges of next year in the interview with @Folini :

Managing #ThirdParty risk, namely the potential security problems comes from using #SaaS services, will be the main challenge for the near future. And don't forget the subcontracters.

Christian Folini compared this to the #Xplain leak, without mentioning their name. #SCS23

Fab Oct 24, 2023

« We develop systems with user in mind, but we often do not think how they can be misused Â» - Christine Bejerasco from #WithSecure

#SCS23

Show threadMarcel WaldvogelOct 24, 2023

#SBB specific awareness:

- 1500 interviews with team leass to learn about problems, challenges, situation
- Dashboard with actionable data, interpreted
- Collection of learning nuggets (with timeouts)
- For the unmeasured parts, have risk management
- Security Champions all over the company
- Continuous improvement

#SCS23

Marcel WaldvogelOct 24, 2023

#SBB working on specific #AwarenessTraining, avoiding repetitions.

- Move from compliance-focused to *really* promote awareness/behavior change, long-term sustainment/culture change, and metrics framework
- 150 professions, 50 locations, 4 languages
- "Legacy" means up to 100 years old equipment 😊

#SCS23

winschdiOct 24, 2023
Next presentation at #SwissCyberStorm #SCS23 by @jfslowik about converging behaviours across threat actors: oof, at last a good message: adversaries are lazy too and tend to standardize their toolset. So just look out for Mimikatz and the like, BUT that's still not that easy