Business program PHDays: a frank discussion of complex issues

Is it possible to protect enterprises and transport from the threats of the fourth industrial revolution, known as Industry 4.0? Will the IS market come to the service model? Is it time to throw antivirus and IDS in a landfill? Will SIEM answer all the questions? How to calculate the insider? ..

These and other topics will be included in the business program of the Positive Hack Days VI international forum on practical security, which will be held on May 17 and 18, 2016 in Moscow. In 2016, more than 4,000 participants are expected from more than 700 organizations from 20 countries of the world. Two-thirds of them are top managers of companies, government officials, IT directors and heads of information security departments of major international companies.
')

First day

What are the key problems in ensuring information security business? What are the developers of information security tools ready to offer for their solution? What is the role of government regulation in this process? These and other questions will be discussed by the participants of the plenary session “From whom safety depends. The confrontation "- representatives of government agencies, CISO and CIO customer companies, developers - from 11 to 12 hours in the hall" Amphitheater ".

In the same room, practitioners from Whitehats will come out from 1 to 2 p.m. Within the section “Hackers Truth: Why Break?” They will talk about effectively attracting new researchers (about the development of information security departments, outsourcing, bounty programs) and try to predict what the search process for vulnerabilities will look like in 10 years time. The discussion will be moderated by the Director of Positive Technologies Development Boris Simis.

At the same time, well-known bloggers and journalists who write about information security will gather in Hall A. Is it necessary or not necessary to cover security incidents? And if you cover - how to improve the quality of journalism in this specific and complex field? Are there any independent IB publications? Is it possible in the Russian press not only hot news about hacking, but also longreads? How can the press and experts find a common language so that a public conversation about security becomes a tool for ensuring it? The section “Talks on information security:“ top secret ”or“ urgent in number ”?” Will be led by representatives of Positive Technologies - Deputy Director of the Competence Center Alexey Kachalin and PR Manager Julia Sorokina (13: 00—14: 00).

From 14:00 to 15:00 in the Amphitheater, you can listen to Jason Scherk about the Microsoft Bounty program and the vulnerabilities worth $ 100,000 or move to the Seliger hall, where one of the most anticipated reports will take place - “Target attacks: aim first” Vladimir Ivanov and Sergey Gordeychik. Experts will talk about the effectiveness of existing approaches to protecting against targeted attacks, ways to work around the sandbox, and whether it’s time to abandon IDS and antivirus software.

Later in the evening (from 4:00 pm to 6:00 pm) the section “The next round of confrontation: information services as a response to new threats and challenges” will be held. Representatives of Positive Technologies, Kaspersky Lab and Jet Infosystems will try to understand whether customers are ready to buy information security services, consider the advantages and disadvantages of new services as compared to boxed products, and talk about training specialists providing such services.

Try also to look into the hall "A" from 5 to 6 pm: a series of performances called Lightning Talk are expected there. In five minutes, anyone can share their ideas from the podium, briefly talk about their work, about a new vulnerability or about a problem in security algorithms, about developing a new analysis tool or about large-scale research plans. The main goal of such speeches is to find like-minded people. The blitz reports will be moderated by Andrei Petukhov from VMK MSU and the head of the educational programs department at Positive Technologies Yevgeny Minkovsky.

Second day

A year before the iPhone, half of the mobile phone market was occupied by Nokia and Motorola. Prior to Google, the most popular search engines were MSN, Lycos, Excite and Yahoo. Will there appear in the field of information security technology that can eliminate the old leaders from the scene? On May 18, the business program of the forum will open with the section "Technologies of Defense and Attack - 2016: who will make a breakthrough." Timur Yunusov, Dmitry Kurbatov and other experts will present their forecasts. Hall "Amphitheater", 10: 00—11: 00.

From 11 o'clock you can move to the press room. There will be a two-hour section “Cybersecurity of industrial systems: it's time to solve problems!” (Moderated by Ivan Melekhin). The merging of industrial and IT systems in Industry 4.0 leaves no doubt that technological systems will be subject to ever more violent attacks. Guests representing the leading Russian and international manufacturers of information security systems, automation systems and the largest industrial enterprises will tell about their experience.

A parallel course - from 12 o'clock - in the Amphitheater will be the Director of Microsoft Europe for Cybersecurity Jan Neutze: we advise you to pay close attention to his report on “Control of cyber-weapons: the development of safety standards”.

At 13:00 in the same hall "Amphitheater" starts the section "OkoIT". A serious competition to her will be composed by the report of Mikhail Emelyannikov “Paper Safety and Technical Security: They Can't Live Without Each Other”, which will begin simultaneously in the press room. Very often, technical security, that is, security analysis, pentests, the introduction of protective equipment, is called real security, as opposed to paper security. A speaker on practical examples will show that in reality these two "security" complement each other.

At 14:00, a section devoted to proactive education methods in our industry will begin in the press room. How are IS stars born and is it possible to speed up their appearance? What new specialties will appear in five years? The conversation will be devoted to modern methods of training specialists in cyber defense, technologies for identifying talent - and educational programs that will make anyone who is far from engineering sciences fall in love with information security.

From 15 o'clock we move to the Seliger hall, where Aleksey Lukatsky will be the arbitrator in the two-hour discussion "SIEM or non-SIEM, that is the question." What is the need for a SIEM and what problems does it actually solve? Do SIEM systems have a future? What is the real state of affairs in the SIEM segment in Russia and abroad? What are the main challenges of event management? Come and speak out.

In the hall "A" in the meantime will be two reports. From 3:00 pm to 4:00 pm Sergey Kavun in his presentation “Aspects of insider activity at the enterprise” will present a way to identify internal spies at any enterprise. From 4:00 pm to 5:00 pm Valery Shchepak will take the stage to talk about the problems in ensuring the security of shops, restaurants, offices, banks, cottages in the report “Console protection: attack vector”.

At 17 o'clock before the guests of the forum again will be a difficult choice. In the hall "A" will be the performance of Andrei Masalovich, and in the "Seliger" - Alfonso de Gregorio. Andrei Masalovich will talk about how informational attacks are prepared, how to recognize them in the early stages and counter them. Speech by Alfonso de Gregorio is dedicated to the exploit market, its participants, the activity of the zero-day vulnerability broker - and relevant aspects of business ethics.

The full schedule of the sixth PHDays Forum is on the official website: www.phdays.ru/program/schedule

The main principles of Positive Hack Days are a minimum of advertising and a maximum of useful knowledge in reports and seminars, informal communication of “jackets” and “T-shirts” at a round table, exciting contests and an energetic atmosphere of a research ground. The organizer of the forum is the company Positive Technologies.

The partners of the event are Kaspersky Lab, Axoft, KROK, Cisco, Check Point, InfoTex, IBS, Qlik, ANGARA, MONT, NAG and ICL.