GERGELY BIRÓ
President / ISACA Budapest Chapter
He graduated as economist at Corvinus University 2000, as engineer IT specialist at Universityof Veszprém at 2007. He has qualifications such as CISA, CCNA, MCSE, VMware VSP and VTSP-MGMT. As an IT security adviser, he has been involved in construction of the first security lab in Hungary based on the KPMG London office. During the years spent with KPMG, he dealt with security audits, e-commerce and banking solutions (ethical hack). Since 2003 he has been the founding owner of ITSecure Kft. Over the past 10 years, he led IT audits of large companies in Hungary and comprehensive information security vulnerability studies. He has experience in mapping and mitigating security risks in the IT environment of virtualized systems. From 2015, he is the head of ISACA Budapest Chapter and the organizer of the annual ISACA IT security conference in Hungary.
-----
TIBERIU ANGHEL
ISACA Bukarest Chapter
Tiberiu has extensive experience in cyber security in both the public and private sector, managing technology, governance and legislation. He is part of the founding team of CyBourn’s Bucharest-based Security Operations Center, serving clients across the European Union, leading monitoring and incident response. Prior to co-founding CyBourn, he has been part of CERT-RO, Romania’s National Computer Emergency Response team. He has also been part of ENEVO Group an Industrial Internet of Things start-up now active across 3 continents. Tiberiu joined ISACA Romanian Chapter Board in 2019 and holds the Treasurer position. He is certified CISM.
Situational awareness for security managers – lessons learned from the trenches
As security managers, the main mission is to build and operate frameworks to prevent loss of information and to act in case of incidents. However, we must operate in a very volatile digital world where threats and vulnerabilities evolve on an almost daily basis, sometimes faster than the security managers can keep up. Moreover, mistakes happen, and the number one cause of security incidents are human errors.
So going beyond policies and procedures, how do you act in unplanned scenarios? Do you have the right team and right stakeholder involvement? During the session, case studies and real-life scenarios will be presented.
-----
ARTHUR KELETI
IT Securtity Strategist / T-Systems
Arthur Keleti has worked for T-Systems Hungary. since 1999, currently as an IT Security strategist. As author of the book titled “The Imperfect Secret”, he is an active researcher of security of personal and business secrets present in the cyberspace and of the future of this field. As the inventor and organizer of the Information Security Day (ITBN) conference he has a comprehensive picture of the entire Hungarian IT market, and makes his best efforts to actively assist in its development. With respect to his market activities, after some time spent working for the Hungarian Foreign Trade Bank he joined to the EasyCall, then Eurohívó team, from where he switched to KFKI, as division director for ICON security area. Earlier he used to deal also with the development and design of computer games, composed music for games and worked as a journalist.
Outsmarted Cities – The cyber reality and what do we do about it
We have been smarting cities up for many years now, literarily adding the smart adjective to every function from parking to shopping. It is a long process that also needs to evolve the mindset with the technology to achieve the expected outcome. But somewhere along this busy road trip cybersecurity was accidentally left behind in one of the smart restrooms. City cameras and smart displays are being hacked, and many yet unknown vulnerabilities are lurking around the corners of our "safe" cities. It is time to catch up using a method we call Privacy and Security Assessment that includes a wall to wall, processes to technology, subcontractors to management screening of the cybersecurity aspect. It is like that pinch of salt you need to add to the city soup before you put the sparkling smart spice into it.
-----
ZOLTÁN TÉCHY
Senior Solution Architect /Flowmon
Zoltán Téchy has been active in the IT industry since 2005, acting in multiple roles including systems engineering, product management, presales and infrastructure architect positions. He currently works for Flowmon Networks providing sales support in the CEE region.
Application and advantages of NetFlow-based anomaly detection
In my presentation I will popularize anomaly detection (NBA, NBAD) and its application, primarily in the enterprise field. I will illustrate main NBA benefits via simple examples and will touch the subject of rollout/maintenance to underline why it is beneficial to run such solutions on NetFlow/IPFIX statistics. We will look at integration options and outlook will provide insight into overcoming limitations of statistical detail levels with full packet capture.
-----
PÉTER SAJÓ
Business manager of InfoSec industry / Euroone
Péter Sajó has been dealing with IT security issues, problems, questions and solutions for 15 years. He has been leading the InfoSec industry for 12 years in the EURO ONE Informatics company. Peter’s team has now evolved into a cybersecurity expert team, who are listed in Europian professionals from Estonia to South Africa, and developing and build advanced cyber defense systems.
The key of the future defense systems – Modern devices in competent hands
Long time ago, we were waiting for answers from the log analisys. We believed that, the log analisys would solve our problems and would make everything clear. But now, we believe in artificial intelligence, who making decisions and thinking all by itself as fast as it possible, instead of us. Not even now, or not long ago.
-----
BENJAMIN KOVÁCS
IT Security expert / Valkyr Informatikai Kft.
As a member of Valkyr team, Benjamin Kovács works in the IT security field. His focus is on implementing and supporting perimeter, endpoint and content security solutions.
Using cloud resources in a strictly audited environment
The digital transformation currently taking place at companies and involves the introduction of cloud applications. Considering also the fading network perimeters, the increasing value of the data’s and the expanding importance of mobility, the situation requires different security approach. The presentation introduces a tool designed to address these issues: Forcepoint CASB is a solution to make the use of cloud applications and the compliance requirements compatible to each other.
-----
ZSOLT HARGITAI
Business development manager / Micro Focus
Zsolt is an experienced Business Development Manager with a demonstrated history of working in the information technology and services industry. Skilled in Enterprise Software, IT Security and Go-to-market Strategy. He works for Novell Hungary and he is responsible for the Micro Focus security products in Hungary including all the legacy Novell, NetIQ and HPE security solutions. He is a well-known presenter on Hungarian and international IT conferences.
Technologies and processes to improve application security
The presentation will introduce key application security technologies from source code analysis to live application scanning. It will also cover the methods and processes enabling the implementation of various security testing technologies and enhancing the security level of applications in use.
-----
MÁTÉ TÓTHMAJOR
Head of Product Development Competence Center / KÜRT Ltd
With Information Technology Msc graduation, Máté started to work as an IT auditor at a big4 company, then continued as information security expert at KÜRT Ltd. Using many years of diverse experience, he currently developes governance-risk-compliance applications as a head of product development. His field of expertise is information security risk analysis, compliance, and IT service and business continuity planning.
More compliance (yesterday NIS today PSD2) and integrated information security management
As formerly we have mostly referred nice-to-have standards, nowadays we are facing more and more legal requirements regulating information security (GDPR, ePrivacy, NIS, psd2). Beyond the implementation of adequate network security and data protection solutions, increasing legal pressure requires transparent management of information security and up-to-date reporting of compliance. The presentation is about the integrated management of these tasks.
-----
JOAN BLANCH
Senior presales consultant / Helpsystems
Senior expert consultant in Automation (RPA, MFT and Scheduling), Monitoring and Security projects, with 15 years of experience. Has participated on definition, execution and project management on +100 projects in more than 15 countries worldwide.
How an MFT solution helps you to protect your data
Companies need to exchange very valuable and/or sensitive information daily. It is a challenge to do it in a way that guarantees information delivery, accuracy, and security during all the process, and at the same time simplifies management and allows you to be compliant with any security regulation like GDPR, COBIT, PCI-DSS, SOX, or others. What's the impact of losing a file in your business? How many time is your IT team investing on maintaining custom solutions? Are you compliant with any security regulation? At what cost? In this presentation we will go through the main pains that can be addressed by using a MFT solution.
-----
DÁNIEL NEMES
President / Biztributor
Manager in IT, Internet, Media and FinTech, with significant experience in building new businesses andbusiness lines, searching and utilizing emerging technologies. Recognized by the industry and honoredwith several awards. Specialties: Certified Information Security Auditor (CISA)
Enterprise level encryption – challenges and answers
Controlling access to stored sensitive information is a difficult challenge for corporations. Our workforce needs daily access to the data we have, but regulations (and sensible IT systems design) limits the reach of customers. How can we secure this data in a compliant way, while still enabling the digital workforce to do its job?
-----
MIKLÓS KERÉKFY
IT Security Strategist / S&T
IT Security Expert, previously with particular experience as Group Manager and System Engineer/Architect in Enterprise Mobility Management Systems and in the field of Cisco network devices and their implementation. Miklos got his BSc and MSc degrees in Software Engineering at BME, and worked at S&T Hungary since 2011.
Great visibility as the foundation of network security
The truth is for most companies that a lot of things happen on their network without having even basic knowledge about it. What would be a possible gain out of having deep insight into our network traffic? For example to avert having compromised systems leaking information out of our network. What would be the reason that certain companies spend enourmous amounts on IT security, but monitoring and analyzing network traffic is still out of scope for them? The significance of network bypass switches and packet brokers in the foundation of network security cannot be overstated, and this lecture looks through these solutions, looking for answers.
-----
TAMÁS PAULIK
PKI expert / Microsec
In 2011, Tamás joined Microsec with an determined objective of increasing PKI technology penetration in everyday business life. Together with his team they developed the Mobile ID concept in the past few years. Based on the national and Pan-European (eIDAS) regulations, this concept includes PKI mobile solutions built on strong customer authentication and allows those features like transaction authorization and e-signature capability.
The invisible customer
In early 2019, the new MNB regulation has come to effect, which made possibility the customer identification by „selfie way”. After the customer give a personal data, it is enough sending a selfie photo. The customers could start the online process of contracting when they have time. If we have e-identification card which was registered by the customer the electronic signature, the administration will be much easier. Come and listen to a presentation about the technical possibilities of non-real time customer identification!
-----
FERENC VASPÖRI
Head of IT security pre-sales / Invitech
Ferenc Vaspöri’s career started as a System engineer at the only Hungarian established antivirus software developing company called Vírubuster. From 2012 he continued his career at the vendor-neutral NewCo Kft. where as an information security consultant he got acquainted with numerous Hungarian IT security problems and challenges. With all his experience currently he is the IT security expert of Invitech overseeing many projects and still dealing with all the customers’ challenges and queries.
Save the clouds!
Although the volume of adopting cloud based services are more and more significant in a wide range of business and industry the „cloud” concept raises up several IT security questions. During the presentation these perceptions would be highlighted from a cloud service provider point of view.
-----
DÉNES GÖLCZ
CEO / Panda Security
Dénes Gölcz has been working on the Hungarian IT market since 1994. The introduction of several vendor’s product is connected to his name. It has been dealing with IT Security product representation since 1996.
GYULA BARDÓCZ
Head of Sales / Panda Security
Gyula Bardócz: has been dealing with IT Security since 2005 at Panda Security Hungary. He started his career as Key Account Manager. In the last 4 years he is the Head of Sales. He has gained great experience in the IT Security world in the last 14 years.
Beyond security - what are the criteria for choosing EDR solution for a global company? Case study
For an EDR (Endpoint Detection and Response) service, the high security level is a basic requirement. During the presentation we show what are the other aspects, functions and services a multinational telecommunication company took into account during taking decision. Important aspect among others was the easy implementation and easy management of the branch offices in different countries. Featured functions are presented in a live demo
-----
ÁKOS BÓDIS
Product manager / Cybertrap
Ákos Bódis spent over 20 years in cybersecurity. After working at VirusBuster, ESET, Stormshield and Airbus CyberSecurity, Ákos know works a product manager of advanced cyberattack protection at the Yellow Cube distribution company.
When the hackers are on the run: Deceptive cybserecurity
we’ll introduce CyberTrap’s deceptive cybersecurity approach that focuses on deceiving and trapping attackers in preparation for a counter-attack. CyberTrap deploys decoys, trap servers or fake credentials across the network to lure attackers into it’s cyber trap, providing attacker attribution and potential to retaliation
-----
GABRIELLA BIRÓ
Head of Department / Magyar Nemzeti Bank
Ms. Gabriella Biró is the Head of IT Supervision at the Central Bank of Hungary. She has an MSc in computer science and IT security related experience from different banks and advisory companies. She holds CISA, CISSP, CEH and CFE certifications and is the Board member of the (ISC)2 Hungary Chapter and founding board member of WITSEC (Women in IT Security).
Have you beed cybered? – Cyber Security from the Supervisory Point of View
Nowadays one of the first questions that comes up about an IT incident is whether a cyber attack could be in the background. The presentation will explore this new phenonmenon from the perspective of the IT Supervision
-----
GÁBOR TARJÁN
Member of the Board, Certifications director / ISACA Budapest Chapter
Gábor Tarján managing partner of MagiCom Ltd (IT related outsourcing services), information security manager, DPO, CMC, CISA, CISM, CGEIT, Member of the Board in ISACA Budapest Chapter, vice president of Seven Seals Information Security Association, ISO 27001 auditor, information security consultant for 20 years.
"Everything You Always Wanted to Know About ISACA exams, But Were Afraid to Ask"
There were some significant changes in the ISACA Exams, and in the path of preparation for exams (i.e. – Accredited Trainer Program). The presentation gives a short summary on the exam preparation paths provided by ISACA HQ and ISACA Budapest Chapter. Some sample test questions will be also presented and explained supporting your next certification. We also cover some options for maintaining your certified status against the CPE Policy. Meantime we can have a view into the daily life of ISACA and Budapest Chapter (COBIT2019, statistics on certs etc.) The show is not just for ISACA novices but helps our old members also to navigate among new requirements!