Category Archives: Conferences

TUT Cyber ​​Conference 2018

Conference agenda:
10:00-10:30 Registration, cofee and cookies
10:30 Opening words by TUT rector Jaak Aaviksoo;
Kusti Salm, Ministry of Defense and Maarja Kirtsi, Estonian Internet Foundation
10:45-13:00 “Does Estonia needs cyberinsurance?”

Moderator: Anto Veldre

10:45 Cybersecurity Challenges. Lauri Luht, RIA
11:15 In the feature everything will be better? or more horrible? Aare Reintam, NATO CCD COE
11:45 Kalev’s active and professional activities with technological means to preserve health
12:00 Is self-driving cars a real danger to society? Krister Kalda, TUT Mektory
12:20 Cybercrime does not cry on arrival! Karen K Burns, CGI
12:40 To buy cyber insurance or not? Helen Evert, IIZI Kindlustusmaakler AS

13:00-14:00 Lunch
13:10-13:35 CyberSecurity TV-game show at American corner with Ralph Echemendia, Seguru and Marily Hendrikson, Startup Estonia (ENG)
13:40-13:55 MWB LAB Launch@TTÜMektory
14:00-15:10 Parallel sessions on various topics:
• Main hall: Human factors & OSINT by Jenny Radcliffe, Host of The Human Factor Podcast, UK & Lisa Forte, Red Goat Cyber Security, UK (Cyber Security SummerSchool) (ENG)
• How to build a cyber defense plan for your institution? Raido Orumets, BCS Training. Room: 108 Labor Market for Business Models.
• How to learn to think in the way rafter thinks and protect yourself from evil eyes? Peeter “Technocrat” Marvet, Zone Media resident hacker. Room 111 “Learning to Play”.
• Failure of one rafter due to the digital forensics, Toomas Lepik, TUT and How to hack contactless cards? Kadri Lenk, Eesti Energia and Raido Roben, Datanor. Room 125 Logistics.
• Ransomware simulation and MWB LAB launch@TTÜMektory, Malwarebytes (ENG). Room 109 and 209 – MWB Labs.

15:10-15:20 Kalev Kahoot game (ENG) (please be ready! https://kahoot.it/)
15:20-16:00 Main hall: Panel Discussion on Maritime Cyber Security (ENG).
Moderator: Kieren Nicolas Lovell, University of Cambridge, UK. Panelists: Adrian ‘Tel’ Venables, Lancaster University; Jenny Radcliffe, Host of The Human Factor Podcast, UK; Jeff Moulton, Stephenson’s National Center for Security Research and Training and the Transformation Technologies and Cyber Research Center at Louisiana State University, USA; Marina Martinez (TBC), The Spanish Office for Science and Technology (SOST), Spain.

16:00
• CyberSpike Competition Award Ceremony (EST / ENG)
• Cake

Links:
https://ttu.ee/ttu-korraldab-12-juunil-esimest-kuberkonverentsi-eestis
https://sites.google.com/view/kyberolympia/reeglid-2018/konverents-2018

Cyber Security Summer School 2018: “Maritime Cyber Security”

11-15 June 2018, Tallinn, ESTONIA, Estonian Maritime Academy

This year’s Cyber Security Summer School will focus on maritime cyber security. With experts from maritime sector, marine technology industries and cyber security establishments, the Summer School will give an overview of the tools and communications used in shipping industry, discuss their vulnerabilities and also introduce new trends in autonomous shipping and its dangers and risks.

Program
MONDAY, June 11th
8:00-9:00 Registration. Breakfast
09:00 Welcoming words and opening of Summer School by Organizers
10:00 Opening keynotes: TBD
12:00 Lunch
13:00 – 15:30 (room I) Track 1: Traditional maritime communication and navigation methods for Cyber Security Students (including GPS spoofing, Navigation messages, AIS etc).
13:00 – 15:30 (room II) Track 2: Ship Hacking Demo & introduction to cyber security for seafarers.
15:30 Coffee break
16:00 – 16:45 Practical exercises (e.g., HF call interception)
16:45 – 17:00 Feedback and closure for the first day

TUESDAY, June 12th
09:00 Breakfast
09:30 Modern methods – autonomous ship, sat voms, loT by D4V team
12:00 Lunch
13:00 Afternoon at Mektory joint event with Cyber Spike Competition. Tour in Mektory
14:00 Human factors & OSINT by Jenny Radcliffe & Lisa Forte
15:15 Panel Discussion on Maritime Cyber Security by Jeff Moulton and Jenny Radcliffe
16:00 Winners of CyberSpike and cake by Birgy Lorenz

WEDNESDAY, June 13th
09:00 Breakfast
A broader look at other sectors with experience:
09:30 Car hacking & forensics
10:15 Cyber Security in Aviation and joint efforts to secure the transportation industry from a regulator perspective by Gerry NGU EASA & European Centre for Cybersecurity in Aviation (ECCSA).
10:45 Coffee Break
11:00 Real-world malware stories by Anders Carlsson & Alex
12:00 Lunch
13:00 Political and cyber-warfare aspects of maritime cyber security by Joe Burton
14:30 Coffee break
15:00 Fake-GPS and Fake-Nav-chart attacks
15:30 TBD by Jeff Moulton
16:00 Practical exercise: cyber warfare exercise preparation by Mentors
19:00 Gala dinner

THURSDAY, June 14th
09: 00 Breakfast
09:30 Practical exercises in EMERA simulators
12:00 Lunch
13:00 Practical exercises in EMERA simulators
15:00 Coffee break
15:30 Practical exercises in EMERA simulators
16:30 Feedback and discussion by Organizers

FRIDAY, June 15th
09:00 Breakfast
09:30 Friendly student competition in EMERA simulators. Mentors
12:00 Lunch
13:00 – 14:00 Feedback and conclusions of the summer school by organizers

Links:
http://www.studyitin.ee/c3s2018/

ID card “The Lessons We Learned” conference

Estonian Information System Authority (RIA) is organising an international conference on 9th of May in 2018 in Tallinn (Tallinn Creative Hub – Kultuurikatel) to discuss the impact and consequences of the security risk found in the Infineon chips in autumn 2017 by the researchers at Masaryk University in the Czech Republic.

The aim of this conference is to bring together parties affected by the security risk to discuss our lessons, experiences and responsibility, because the security flaw affected many companies and countries in Europe as well as elsewhere in the world. If possible, we aim to agree on a joint plan of follow-up activities or a memorandum to provide input to different authorities who establish regulative rules. Researchers from Masaryk University have announced their participation in the conference – they will make an opening presentation about their research.

The conference is aimed at policymakers as well as specialists in the eID field, opinion leaders, representatives of authorities and companies that are dependent on the functioning of Estonian ID-cards and e-services, developers of e-government and IT systems, and other parties related to the issue from both Estonia and Europe.

Agenda:
09.30-10.00 Delegate registration opens. Welcome coffee
10.00-11.30 Welcome and Opening of the Conference / Session 1
• Welcome by moderator Andres Kütt
• Welcome speech by the Prime Minister Jüri Ratas
• The goal of the research (ROCA vulnerability ) – Petr Svenda, the University of Masaryk
• The influence and the distinctness on Estonian ID-card and its use – Taimar Peterkop, the head of Information System Authority
• The examples of actions of different countries – Ulrich Latzenhofer, Austrian Regulatory Authority for Broadcasting and Telecommunications
11.30-12.00 Coffee break
12.00-13.30 Session 2
• Lessons we learned (Estonia) – Rain Ottis, Associate Professor at Tallinn University of Technology
• The contract of ID-card – who´s responsible of what? – Kaija Kirch, Police and Border Guard Board, ID expert
• Discussion How did we manage and what to do better next time? Expert panel lead by Rain Ottis. Attending: Kaija Kirch, Margus Arm, Ilmar Raag
13.30-14.30 Lunch
14.30-16.30 Session 3
• eIDAS perspective of the ROCA vulnerability – Security Expert and Information Security Officer, Marnix Dekker, ENISA
• Lessons we learned (global view) – Liisa Past, Chief research officer, Information System Authority
• Lessons we learned (Commission view) – Andrea Servida, European Commission
• Discussion What can we do better in the future? Expert panel lead by Liisa Past. Attending: Marnix Dekker, Andrea Servida, Ulrich Latzenhofer, Petr Svenda
• Conference conclusion by moderator Andres Kütt
16.30-17.30 Goodbye coffee and networking

Links:
https://lessonslearned.publicon.ee/conference-agenda/

Let’s speak about cyber security @Elektrilevi

The first meetup will be brought to you in cooperation with Elektrilevi and will focus on cyber security issues in energetics sector. The goal of the first seminar is to map out the interest in cybersecurity topics in the field of energy and finding opportunities for collaborative projects in SmartGrid area. Elektrilevi supplies electricity to almost all households and companies in Estonia. Their role as the largest network operator is to ensure the constant supply of electricity to our customers. Elektrilevi manages a unique SmartGrid network that covers almost the whole country. The technology has brought many new solutions but also some new issues to be resolved in cyber security domain. In the meetup, we will discuss the different cyber security questions and challenges in energetics sector.

SCHEDULE
15:00 – 15:05 Moderator’s welcome to the Let’s speak about cyber security @ meetup series – Marily Hendrikson, Cyber Security project manager at Startup Estonia team
15:05 – 15:15 Introduction to Elektrilevi – Taavi Liivandi, Head of Smart Grid Development Center @Elektrilevi
15:15 – 16:15 Cyber security @Elektrilevi – Indrek Künnapuu, Information security manager @Elektrilevi
PAUSE
16:20 – 17:05 Klaid Mägi, Head of CERT EE @Information System Authority.
Networking until 17.30

Links:
https://www.meetup.com/Lets-speak-about-cyber-security/events/246449690/

Seminar on secure SSL load balancer configuration

Santa Monica Networks and F5 invites you to attend the morning seminar on November 17 at 08:30 – 12:30 at the LIFT99 event center. At the seminar, we will look at how the F5 SSL Orchestrator works, and discuss the typical errors that are being encountered in setting up the load balancer.

Day plan:
08:30 – 09:00 Morning coffee and check-in
09:00 – 10:30 F5 Networks SSL Orchestrator – how does it work, what does it do?
Continuing this year’s Security Day seminars on HTTPS visibility and F5 SSL Orchestrator themes, you can now learn about SSLO setup options and its functionality from a technical demo.
– Tarmo Mamers | Network Security Specialist @ Santa Monica Networks
10:30 – 10:45 Coffee break
10:45 – 11:30 Load balancer to identify a person – what could go wrong there?
Typical errors that occur when setting up the load divider. By living examples, it turns out how criminals can exploit such weaknesses and can be done by each network gatekeeper to prevent such errors.
– Mait Peekma | Pentester, trainer @ Clarified Security
11:30 – 12:30 Lunch @ F-Building
Seminar presentations are in Estonian

Because we remember how misconfiguration of F5 SSL load balancer used by SEB and Swedbank allowed to bypass ID card authentication.

Links:
https://www.eventbrite.com/e/f5-avab-https-liikluse-mis-edasi-saab-hommikuseminar-tickets-39077653313

Women in Cybersecurity Conference

NB! Our event is directed towards both men and women, already in the world of IT and also outside of it.

Speakers :
– Karina Egipt — Identity Impact Manager at Nortal, Estonian Information Technology College
– Sille Laks — CERT Estonia
– Karen K. Burns — Director, Consulting – Cybersecurity, AS CGI Eesti
– Anna-Maria Osula — Legal researcher at the NATO Cooperative Cyber Defence Centre of Excellence
– Jaanika Merilo — Vice Mayor of Dnipro, Advisor to Minister of Infrastructure and Transportation and Mayor of Lviv
– Birgy Lorenz — TTÜ teacher, general promoter of IT in Estonia, CyberOlympics organiser
– Kaie Maennel — Cybersecurity PhD student at TUT, Cyber forensics graduate, Deloitte auditor
– Shaymaa Mamdouh —TUT Cyber Security student, mother

The conference entitled Women in Cybersecurity, which will take place at Tallinn University of Technology on 11th of November 2017, will aim to draw attention to the disproportionately smaller amount of women compared to men in the field.

We will discuss the potential of women taking a leading role in addressing the problem. Panelists are invited to speak about the importance of gender equality in this very field, tell about women leadership, career perspectives in Cyber Security and how the environment supports women. They are also invited to share their fields of interests and research as professionals.

Our team would like to introduce these three branches of cybersecurity:
• Governance and NGO’s;
• Business and Technology;
• Academia.

Women studying Cyber Security in Estonia will be invited also and will be able to present their stories the same way the keynotes will be at the Poster Session. The poster of each woman will tell their story of how they came to cybersecurity, what inspires them the most, the difficulties they’ve met and their field of interest. Women presenting their posters will be granted a certificate and are more than welcome to share theri experience in their CVs in future. Participants will be able to interact with the story-tellers during the time allocated.

We believe that the mission for women in IT and Cyber Security is to help illuminate the path for progress.

Links:
https://www.facebook.com/events/293943887776558/

Liisa Past, Kaur Virunurm: E-State and Proactive Risk Management

The presentation was given in cybersecurity conference “Cyberchess 2017” held on October 5, 2017 in Riga. The presentation touched upon the recent events such as i-voting and the flaw found in the ID card chip.

The last question from the audience was worth a dime:

Is PPA considering any legal action against the vendor, because, as I understand, you have been informed by the researchers, but the vendor has not informed you.
And the second one: in the new procurement, what are are the lessons learned? Are you planing to change or include some clauses on liability?

The question was not answered in full, but the answer would be interesting indeed.

Links:
https://www.youtube.com/watch?v=6N_ZeFDNzvg
https://cert.lv/uploads/pasakumi/liisapastkaurvirunurm.pdf

 

SK Annual Conference 2017

E-identity event SK Annual Conference 2017 will take place on November 2, 2017, Baltic Station old waiting area (Toompuiestee 37, Tallinn).

Agenda:
09:00-09:30 Registration and morning coffee
09:30-10:30 Overview of SK 2017, Kalev Pihl, SK
10:30-11:00 Smart-ID: fast start and future plans, Kaido Irval and Georg Nikolajevski, SK
11:00-11:15 Cofee Break
11:15-11:45 The future of authentication in SEB. When will the code cards disappear? Ragnar Toomla, SEB
11:45-12:15 DeepScan, Lauri Ilison, Nortal
12:15-13:00 Lunch
13:00-14:00 Keynote: The Future of Technology Through the Mind of a Hacker, Pablos Holman
14:00-14:45 Panel discussion, Pablos Holman and Taavi Kotka
14:45-15:00 Cofee Break
15:00-15:30 RSA (implementations) attack history and lessons, Arne Ansper, Cybernetica
15:30-16:00 eID year in retrospect, Anto Veldre, RIA
16:10-16:40 Round of question and answers
16:40-17:00 Summary of the day by digital world enthusiasts
17:00-18:00 Evening snack

Registration till October 20.

Links:
https://www.sk.ee/ettevottest/sk-aastakonverents/aastakonverents-2017

Conference “The Present and Future of Cybersecurity”

Conference “The Present and Future of Cybersecurity”
April 26, 2017, National Library of Estonia

13.00-13.30 – Registration and welcome coffee
13.30-13.40 – Opening words – Urve Palo (Minister of Entrepreneurship and Information Technology)
13.40-14.00 – Keynote – Jaak Aaviksoo (Rector of TUT)
14.00-15.00 – Discussion “Evolution of cyber attacks – what has changed in ten years?” Klaid Mägi (RIA, head of CERT-EE) leader. Debating: Hillar Aarelaid (Police and Border Guard Board), Jaan Priisalu (TUT), Merike Käo (Farsight Security CTO)
15.00-15.30 – Cofee break
15.30-17.00 – Discussion “Discurses, paradigms and form of cyber policy in practice” Taimar Peterkop (Director General of RIA) leader. Debating: Sven Sakkov (Director of NATO CCD CoE), Heli Tiirmaa-Klaar (European Union, Head of Cyber Policy Coordination at European External Action Service), Lauri Lugna (Secretary General at the Ministry of Interior), Lauri Almann (Co-Founder of BHC Laboratory)
17.00-17.30 – Closing words – Toomas Vaks (RIA, Head of Cyber Security Branch)
17.30-19.30 – After conference reception. Appearance of RIA band VaRIA.

Work language of the conference is Estonian.

Links:
http://kyberkonverents.publicon.ee/registreerimine/

International Conference on Cyber Conflict: Junior Scholar Award 2017

The 9th International Conference on Cyber Conflict, focusing on the theme Defending the Core, invites junior scholars to submit Master’s theses for the Junior Scholar Award. The purpose of this CyCon 2017 award is to encourage and reward research on a wide range of topics related to cyber defence.

Candidates who have graduated with a Master degree or equivalent after 01 January 2015, in studies such as law, computer or political science or other relevant academic fields are eligible. The finalists of the CyCon 2017 Junior Scholar Award will be notified no later than 28 April 2017 and granted full free entry to the conference. Accommodation and travel expenses will not be covered.

All finalists will present their Master’s thesis results in a 15-minute presentation in the Junior Scholar conference session. An Award Committee will evaluate the presentations and can grant the following awards:

1st place: 1000 Euro
2nd place: 600 Euro
3rd place: 400 Euro

There are quite a lot MSc thesis tracked by this resource that would definitely qualify for the award. Application deadline 20 March 2017.

Links:
https://ccdcoe.org/cycon/junior-scholar-award-2017.html