Pickup Session

There are many sessions and exhibitions in Japanese as well as the following.

• 

  OK-01、K2-01

  Sep 26th (Tue),9:45-10:25、Sep 28th (Thu),8:40-9:20

  DaysESCIDM Simultaneous interpretation

  Cyber Security and Learning from Big Code

  Eran Yahav
  Professor,Technion,Israel
  CTO,Codota

  more info

  What can you do by learning from all the code in the world?
  In this talk, I will show how we use program analysis, machine learning, and the huge amounts of code available on the web to transform vulnerability detection and reverse engineering.

• 

  K1-01

  Sep 27th (Wed),8:40-9:20

  DaysESCIDM Simultaneous interpretation

  What the Kidnapping & Ransom Economy Teaches Us About Ransomware.

  Jeremiah Grossman
  Professional Hacker

  more info

  Ransomware is center stage, as campaigns are practically guaranteed financial gain. Cyber-criminals profit hundreds of millions of dollars by selling our data back to us. If you look closely, the ransomware economic dynamics closely follow the real-world kidnapping and ransom industry. We’ll explore the eerie similarities, where ransomware is headed, and strategies we can bring to the fight.

  Speaker bio:
  Jeremiah Grossman
  Chief of Security Strategy (SentinelOne), Professional Hacker, Black Belt in Brazilian Jiu-Jitsu, Off-Road Race Car Driver, Founder of WhiteHat Security, and Maui resident.

• 

  K3-01

  Sep 29th (Fri),9:00-9:40

  DaysESCIDM Simultaneous interpretation

  Why Is There Still So Much Spam and Phishing?

  Steven M Jones
  Executive Director of DMARC.org
  LinkedIn Senior Systems Engineer, Email

  more info

  The goals and motivations of spammers and phishers are clear, but the anti-abuse community is still fighting them after more than three decades. Why haven't those efforts been more effective? Why are some governments now calling for the adoption of DMARC to prevent email abuse, while others hesitate? And how do we put the focus back on fighting the spammers and phishers?

• K1-02

  Sep 27th (Wed),9:35-10:15

  Days Simultaneous interpretation

  To mitigate risk, "detection" and "response" should be strengthened with top priority
  Real solution of security operation in cyber environment premised on accident

  Jeff Multz
  SecureWorks Japan K.K.
  General Manager, Global Security Evangelist

  [sponsors] SecureWorks, Inc.

• K1-04

  Sep 27th (Wed),11:25-12:05

  Days Simultaneous interpretation

  Hardware security to boost your success in Industrial IoT

  Steve Hanna
  Infineon Technologies
  Technical Marketing
  Senior Principal

  [sponsors] Infineon Technologies Japan K.K.

  more info

  Industrial IoT connects cloud intelligence to the factory. Changes in market conditions can rapidly trigger changes in manufacturing formulations and products built to individual customer requests. Data gathered from sensors can be used to predict and prevent failures. But connecting the factory exposes it to external attacks. In recent years, successful attacks on Industrial IoT have resulted in massive equipment damage and downtime.

  Only hardware security can provide the solid foundation needed by Industrial IoT, preserving and increasing all the gains promised by Industrial IoT: lower costs, better safety, and higher profits. International standards for industrial security such as IEC/ISA 62443 have recognized this and started to require hardware security. Leading industrial equipment makers are now including hardware security in every Industrial IoT system, using it for critical use cases like device identity, anti-counterfeiting, secure communications, and secured software and firmware update. In this manner, the security risks of Industrial IoT are greatly reduced.

  In this talk, you will learn about the opportunities of Industrial IoT, the security challenges that it brings, and how industry leaders are using hardware security to address those challenges in a sustainable manner.

• K2-02

  Sep 28th (Thu),9:35-10:15

  Days Simultaneous interpretation

  SOC3D-EDR-SCADA, coherent suite of cyber security solution adopted by Israeli Government and others.

  Takeshi Mitsuishi
  Ni CYBERSECURITY INC.
  President & CEO

  [sponsors] Ni CYBERSECURITY INC.

  more info

  Israel is known as a top leading country in cyber security industries in the world. Cyberbit is a Israeli company and a subsidiary of Elbit Systems, one of the top-30 global providers of defense technologies. Cyberbit has been developing products by a team consisting of cyber intelligence researchers from Israeli elite military units, machine learning experts, ICS/SCADA experts, and former CISOs and SOC managers. Cyberbit products have been chosen and used by Israeli Government as well as government facilities and critical infrastructures in other countries.
  In this session, you will learn well-proven Cyberbit EDR/SCADA/SOC3D along with best practices in leading countries.

• K2-04

  Sep 28th (Thu),11:25-12:05

  Days Simultaneous interpretation

  Mitigating DDoS Attacks: On-premises and in the Cloud

  Ian Jones
  F5 Networks, Inc.
  Senior Vice President of F5 Silverline Cloud Services

  [sponsors] F5 Networks Japan GK

• C2-09

  Sep 28th (Thu),16:05-16:45

  Days Simultaneous interpretation

  Protecting the Multi-Cloud – Micro-Segmentation Done the Right Way

  John Parker
  ShieldX Networks,Inc.
  VP of Product Management

  [sponsors] Tokyo Electron Device LTD.

  more info

  Attacks against the multi-cloud are becoming more complex and perimeter-based security alone is no longer enough to adequately protect your organization. This session describes how micro-segmentation, done the right way, can be used to solve this problem.
  

  I. What is the problem?
  II. Why micro-segment?
  III. Why isn’t access control enough?
  IV. What does a proper solution look like?

• C2-10

  Sep 28th (Thu),17:00-17:40

  Days Simultaneous interpretation

  Nation-State capabilities, cybercriminals, and the upcoming threat landscape

  Bobby Kuzma
  Core Security
  Security Researcher and Evangelist

  [sponsors] Core Security SDI Corporation

  more info

  With the recently revealed capabilities, and leaked code from several nation-state actors, our threat landscape has changed dramatically in the last few months. Criminals jumped on the exploits, but we should stand ready for criminal actors, as well as less well funded state actors, to begin incorporating similar capabilities into their arsenals. In this talk, join Core Security’s Security Researcher and Evangelist Bobby Kuzma as he explores what we have to look forward to… and be afraid of.

• K3-03

  Sep 29th (Fri),10:50-11:30

  ESC Simultaneous interpretation

  How to Defend Against Advanced Email Threats.

  Adenike Cosgrove
  Proofpoint
  Cybersecurity Strategy, EMEA
  Cybersecurity Strategist

  [sponsors] Proofpoint Japan K.K.

  more info

  People Make the Best Exploits. Cybercriminals have adapted their techniques by adopting attacks that exploit human flaws rather than system vulnerabilities. They combine sophisticated, targeted lures with convincing email tricks to carry out social engineering at scale, exploiting the one vulnerability that cannot be patched: the human factor.

  Join us as we explore the latest techniques that attackers are using to launch targeted email attacks. Learn the best practices for how your organization can identify, block, and respond to these attacks before they reach user inboxes.

• E1-09

  Sep 27th (Wed),16:05-16:45

  Days Consecutive interpretation

  Keynote Speaker : Jeremiah Grosman is on stage!
  - Importance of end point security and the industry's only warranty against ransomware ?

  Tanaka Katsunori
  SentinelOne
  　
  Jeremiah Grossman
  SentinelOne

  [sponsors] SentinelOne Japan K.K.

  more info

  Malware is multiplying at an increasing rate, within increasingly sophisticated attackers causing damage on a global scale. Traditional AV solutions are helpless to counter the wave, so how can companies protect themselves at the most vulnerable point - the endpoint - where 95% of breaches start?
  A robust defense program has multiple parts. It must include dynamic white and black-listing, provide advanced static protection, and dynamic behavior-detection that is based on highly tuned deep learning technologies.
  Beyond prevention, however, even the best system has to recognize the possibility that malicious code will enter the network. For this, roll-back and response and associated forensic analysis are essential tools.
  With all of these protections, what is the final defensive barrier? A confident provider of security software should stand behind the product with a guarantee. This is the ransomware guarantee that only SentinelOne has the confidence to offer.

Outline