What are the top information security conferences
The heise security conference - knowledge protects!
Panel discussion: The Emotet takedown - what is the state allowed to do?
Tilmann Werner: Hacker, botnet and security expert, Crowdstrike
Carsten Meywirth: Head of Cybercrime Department at the BKA
4. Patch, but do it right! - Lessons learned from current incidents - Dror-John Roecher, DCSO GmbH
A piquant aspect of the espionage attacks with Sunburst, Solarigate and Sunspot is that a component of Solarwinds Orion with a backdoor was distributed using the update function. Those who hadn't patched were suddenly better off than those who always kept their software up to date. The procedure is reminiscent of the distribution of NotPetya in summer 2017 via the update function of the Ukrainian control software MeDoc.
The lecture discusses what consequences these incidents have on classic patch management and shows whether and how one should trust the software supply chain. In addition, he provides assistance on how to make the decision to “patch”, “not patch” or “delay patch” and discuss sensible defense strategies against this type of state-controlled espionage.
- Sunburst, Solarigate, Sunspot and Co. - Background and causes
- Updates as a security risk - weak points in the software supply chain
- To patch or not to patch - Is that really the right question?
- Knew how! A roadmap to secure software updates
5. How to throw your money out the window - or how to use your security budget purposefully - Stefan Strobel
There are many ways to spend money on a security product or service whose cost is out of proportion to its benefits. This lecture picks out some of the most common bad investments, shows the background and explains how to avoid such situations. In addition, it shows how one can understandably derive the needs and benefits of investments in one's own institution and thus find those measures that really advance information security.
- Typical bad investments in security
- From goats and gardeners - Do's and don'ts of security measures
- Difficult cases - detection and response solutions and services
- Do you want to copy? - Hype topics and their practical relevance
- Planned to the goal - effectiveness considerations and risk analyzes
6. Cyber! Insurance! Do I really want this? - Linus Neumann
While more and more companies are reporting successful attacks on their IT, insurance companies are increasingly offering risk insurance against “cyber damage”. But do they really pay when it bangs? What's in the fine print? Which coverage is useful for whom? What do you have to pay attention to? The security expert Linus Neumann advised the General Association of German Insurers (GDV) on the conception of cyber insurance and explained what is important.
- Risk models and requirements
- The sticking points in the small print
- Paths to a structured decision-making process
- How do Zoloft and Sertraline differ
- Speed limits are out of date
- Is there a course for marketing
- Where can I buy Starbucks Hazelnut Syrup
- Singers monetize their songs on YouTube
- What is the full form of I2IT
- Hardened bone cells
- What makes a car an antique
- Why do people compare Ronaldo and Messi
- Is growing in a legitimate website
- What is the process when programming FPGA
- What is the best engineering to learn
- What are intelligent video surveillance systems 1
- How is real estate
- Televisions use patent US6506148B2
- Can the original and pirated content differ?
- Is nuclear energy effective
- Is Gods Rubik's Cube number real?
- Are silicone utensils better than plastic
- Why does Daft Punk wear helmets
- What is an if statement
- What's your end game in life
- What are some misunderstandings about burlesque
- How do you control your diabetes