The Pre-Conference Deep Dives
Technical Deep Dive
In the technical deep dive attendees were treated to an exploration of various technical and behavioural aspects. The technical deep dive segment looked into two research projects that aimed to shed light on the tactics employed by state-sponsored actors, these actors are known by the name Fancy Bear and Cozy Bear. Through these case studies, engaging discussions arose regarding preventive measures against different stages of an attack.
Additionally, a detailed technical analysis of a prominent ransomware strain created an engaging discussing with the audience. The high level of expertise highlights Northwave's efforts to identify vulnerabilities for data recovery in ransomware attacks. Notably, participants expressed their concerns mostly on preventing ransomware attacks, leading to recommendations such as implementing specific IT-level restrictions and establishing targeted monitoring protocols.
NIS2 Deep Dive:
Because of increasing cyber attacks and increasing reliance of digital infrastructure, NIS (1) was too limited in scope and requirements and cybersecurity in EU required harmonisation. This deep dive, therefore, explained the blueprint of NIS2 and provided a masterplan to comply with this new legislation. We helped the participants find out if they are in scope and should comply with NIS2. Furthermore, basic next steps were provided in helping them to start complying. Most importantly, the message was, that compliance to NIS2 is not rocket science. It requires sufficient attention to ensure meeting the requirements
Behaviour Deep Dive:
During this deep dive we shared on building cyber safe culture. Behaviour and behavioural change are complex because our behaviour is largely determined by the unconscious and emotional processes in our brain. Besides awareness and knowledge, you need role model behaviour and an optimal working environment. Therefore, attention was given to leadership landscape and learning. A report of a Cyber Behaviour Scan was shared, which measures cyber safe culture on three aspects cyber behaviour, knowledge and behavioural determinants. Overall, participants were challenged to see the importance of cyber safe behaviour through other aspects than learning.
Conference
The conference in the afternoon was kicked off by Northwave's CEO Steven Dondorp, welcoming everyone and introducing Nyck de Vries as the Confident Driver we know him to be. Led by Marc de Jong Luneau, a panel of speakers (Pim Takkenberg, Huib Modderkolk, and Matthijs Jaspers) discussed what is next in the realm of cyber crime, cyber espionage and cyber warfare. Their discussion provided the participants with a foundational background on these topics so the other speakers could later elaborate upon the information provided.
Here are the notable speakers and their key takeaways:
-
Rianne Vedder (CFRO Bouwinvest)
Rianne showed the importance of having and maintaining a structured and integral program that ensures the cyber security, using the example of how this is done at Bouwinvest. She mentioned that the ransomware exercise was both fun and educational. It provided actionable next steps to improve handling crises and making Bouwinvest more resilient.
-
Jair Santanna (Cloud Security Lead Northwave)
Jair explained the future of Machine Learning Algorithms, Artificial Intelligence and how this affects cyber security. It allowed listeners to reflect on what is possible now and in the future. His message was not to fear technology, but to prepare for it actively and embrace it.
-
Emily Jacometti and Tim Murck (Founders At HackShield)
Emily and Tim showed how HackShield aims to increase the safety mindset in children (age 8-12) and their environment. Children are trained to become Junior Cyber Agents and then activated to transfer their knowledge to their friends, classmates, brothers, sisters and especially their (grand) parents. They encouraged everyone to participate to help the next generation be more cyber safe!
-
Inge Van Der Beijl (Director Behaviour & Resilience At Northwave)
Through the story of the elephant, the rider and the path, Inge elaborated on the importance of paying attention to leadership, landscape and learning to build a cyber safe culture in the organisation. Her key take away was to not only pay attention to the rational, but also focus on the emotional or unconscious behaviour of employees to effectively create a cyber safe work environment. -
Christiaan Ottow (Director Cyber Security) and Jelle Niemantsverdriet (National Security Officer At Microsoft)
Through the use of a crystal ball they discussed three major topics that require more attention in the future: supply chain security, innovation on the side of cyber criminals, and nation state attackers. Both stresses the importance of implementing controls risk based and intel driven, by working together in the supply chain with partnerships.
-
Dr. Fabian Prüschenk, CFO Serviceplan Group
He elaborated on the journey of Serviceplan in becoming a worldwide digital agency. In this digital transformation, going from media to digital, to providing experiences, cyber security is a prerequisite in doing business. He explained that sufficient attention is required to ensure they provide secure services to their customers.
Overall, it was an engaging day with lots of information sharing and new insights on what is next in the arena of cyber security. We enjoyed this event ourselves and hope that all our guests have received something that they can bring back to their daily business to ensure a more safe digital journey!