The IBM Security QRadar Suite is a modular threat detection and response solution for enterprise-level open platforms, redefining the job experience for cybersecurity analysts. Leveraging advanced artificial intelligence and automation technologies, it rapidly optimizes the analyst's handling of the cybersecurity incident lifecycle, improving efficiency and enabling cybersecurity teams to integrate operational tasks more effectively. Combining endpoint security (EDR, XDR, and MDR), log management, SIEM, and SOAR functionalities, it presents a unified, intuitive user interface, providing deep insights and event case management workflows.

The IBM Security QRadar Suite reshapes the threat management framework for cybersecurity analysts, featuring AI-enhanced alert classification, automated threat investigations, and accelerated threat search capabilities. This unique experience positions you at the forefront of cybersecurity.

Do you know that leaking personal data can now be fined up to 15 million? In June 2023, the government increased the upper limit of fines for personal data breaches to 15 million yuan, which is 75 times the original penalty! If a data breach incident occurs and the government imposes a high fine, it will increase the operating costs of the enterprise and also lead to a decline in the company's reputation. Therefore, we must prevent data breaches from happening. In this course, we will introduce how to use the DAM+ Next-Generation Database Security Audit solution to address the blind spots of traditional DAM traces, implement monitoring from the application end users to database access, strengthen the protection of enterprise databases and monitoring application systems, prevent data leakage opportunities, and explain how to provide relevant evidence for post-event auditing in case of a data breach, to prove innocence.

Insider risk management is prone to encounter obstacles such as insufficient data, employee privacy, massive and complex records that are difficult to analyze, and other obstacles.

Collect more than 40 kinds of user and system activity records through endpoints, and use AI-powered (ChatGPT) automatically analyze users’ abnormal and potentially risky behaviors, including: using computers to connect to suspicious websites during non-working hours, and suspected of uploading internal files; connecting to non-company network (such as mobile phone hotspots); chatting on IM and emailing files may have confidential data which are suspected of leaking; before employees resign, they copy a large number of files to USB storage drives and then delete them.

Without human observation and bias, AI can be used to quickly analyze and respond to potential risks, protecting company assets while respecting employee privacy and work processes.

Empowering the Future of SOC: Multi layered AI-Powered Cybersecurity: In the midst of mounting pressure on cybersecurity to defend against increasingly sophisticated attacks and navigate a shortage of talent within the industry, our session showcases the challenges and opportunities faced. We draw upon our insights from observing and investigating threats throughout 2023, providing a comprehensive overview while casting our gaze forward to the evolving threat landscape of 2024. Leveraging telemetry data collected from tens of millions of endpoints, we offer valuable perspectives on emerging cyber threats and trends. Central to our discussion is the integration of AI-powered cybersecurity technology into Security Operations Centers (SOCs) as a strategic response to these challenges. By harnessing the capabilities of AI, organisations can bolster their defenses and address the talent shortage by automating key processes within their SOC. We explore how SentinelOne's AI-powered platform simplifies data ingestion, conducts advanced analysis, prioritises incidents, and streamlines workflows, thereby enabling SOC teams to effectively combat cyber threats with agility and precision. Join us as we delve into the practical applications of AI in cybersecurity, providing actionable insights and strategies to fortify your organisation's defenses and navigate the evolving threat landscape with confidence.

Forcepoint takes AI/ML as the core to organize the overall picture of data security management, helping you simplify the information security management process and prevent data loss. No matter when and where you work, you can access data with peace of mind, so that data protection is safe.

Delta Electronics is one of the world's leading electronics manufacturers and attaches great importance to supply chain security. In 2017, Delta established a corporation-level product security center of excellence team to be responsible for product security compliance and assessment services for Delta’s business group, and to develop security tools and security solutions. By implementing product security practices covering industry automation, energy infrastructure, ICT infrastructure, telecommunication, and semiconductor domains, Delta has been gradually building own product security to form a safe and resilient supply chain. 

Over the years, Delta Research Center has been investing significant resources on product security with academic and industrial research institutes, and has implemented product security in most Delta’s product offering. 

In this speech, Delta will share how to move towards the last mile of supply chain security through the best practice of product security. We welcome leading manufacturers and product providers from all industries to work with Delta to enhance your product security to build a resilient and secure supply chain.

Introducing Cato's SSE 360 and how to use SSE 360 to build a flexible, secure and easy-to-manage network access solution to adapt to the increasingly complex network environment and security needs of modern enterprises

Cyber security area of research at CTU in Prague

Brief information about CTU in Prague (teaching and research), followed by a brief list of research topics and specific activities of the fair participants focused on cyber security.

CyberSecurity Hub: Centralizing Efforts for a Secure Future

The presentation begins by spotlighting the CyberSecurity Hub's integral role as the orchestrator of diverse cybersecurity activities, emphasizing its pivotal position in fortifying the digital framework of the Czech Republic based on the collaborative force between three distinguished Czech universities, showcasing this union as a cornerstone in cybersecurity innovation. The narrative unfolds to reveal key activities such as Czechia's sole cybersecurity centre in the framework of European Digital Innovation Hubs (EDIH), dedicated to SMEś and public services in digital transformation, or the CZ-EuroQCI initiative, which promises testing of secure quantum key distribution across Europe's critical infrastructures. Further, the presentation heralds the Taiwan Semiconductor Scholarship for nurturing talent in the semiconductor realm and underscores the partnership with the National Cybersecurity Coordination Centre (NÚKIB) as evidence of the Hub's pivotal helping role in national cybersecurity strategies. Towards the end , presentation accentuates the strategic project of CyberCampus.cz, located in Brno, as a geographical nexus that amalgamates expert knowledge, activities, and infrastructure, thereby symbolizing the Czech Republic's visionary approach to crafting a resilient digital society. The invitation extends to all participants to explore the vast opportunities the CyberSecurity Hub offers, from digital transformation consultancy and office space leases to bespoke cybersecurity training programs, all within the innovative milieu of CyberCampus.cz.

CyberSecurity Research at FIT BUT

The Faculty of Information Technology (FIT), Brno University of Technology (BUT), belongs to the leading IT faculties and research institutes in the Czech Republic. It is involved in contractual research with renowned companies and institutions and various European R&I projects.

Within cybersecurity, FIT BUT offers its expertise ranging from Forensics, Computer networks, Internet security, Security monitoring, AI-powered threat detection and hunting, Deception techniques, Blockchain technologies, incl. Secured logging, Semicentralized cryptocurrency, Consensus protocols in blockchain, Decentralized e-voting, Deepfakes (detection methods and verification), Digital security, Hybrid-/ cloud environment security, Hardware accelerated DDoS mitigation, Self-defending computer networks, Flow-based Encrypted Traffic Analysis, Automated network diagnostics, Analysis of IPFIX network data, up to big data analytics, etc. 

Spin-offs of FIT BUT are successful and gain worldwide attention. And there are opportunities for collaboration as presented on joint R&D projects with organizations in Taiwan.

Digital Security 

Whalebone Aura protects Telco subscribers’ connected devices from threats with a single click, without the need to install anything. But we go further, with 16 different user touchpoints to show the value of this security, and increase customer stickiness. Finally, where other vendors struggle to integrate features like this in less than nine months, Whalebone makes it happen in as little as seven weeks; so you can start monetizing your new security solution and increase customer satisfaction before you know it.

【Initiating the Sales of High－Security Japanese-Made Drones in Japan and the United States】

ACSL, a Japanese drone manufacturer, specializes in compact and highly secure unmanned aerial vehicles (UAVs), with its flagship model named SOTEN. SOTEN is designed for versatility in various missions and features a quick-detach camera system. In late 2023, ACSL signed an exclusive agency memorandum of understanding (MOU) with Xiangqi Technology, marking the official entry of SOTEN into the U.S. market. This strategic partnership aims to achieve significant sales success for high-security drones, further expanding ACSL's presence in the international market.

【Zero Trust Strategy and Comprehensive Security Protection】

The Zero Trust strategy redefines the security model by implementing strict access control based on real-time verification. RAPIXUS comprehensive security protection combines multiple layers of protective measures, including asset inventory and endpoint security. This forms a robust defense network that can achieve stronger protection, guard against various threats, and enhance overall security.

DDoS attacks are predominantly executed by botnets, with the true adversaries remaining anonymous and operating from the shadows. However, from the perspective of ISPs, cloud providers, and large-scale backbone networks, network administrators can gain a comprehensive view of the entire network and perform correlation analysis by monitoring router traffic (NetFlow), thereby identifying anomalous traffic behaviors.

This session will explore the implementation of AI intelligence for enabling comprehensive network traffic monitoring, rapid detection of DDoS attacks, and identification of botnet activities. We will look at how AI intelligence helps establish automated DDoS protection by precisely monitoring and analyzing normal and abnormal traffic.

By sharing the structure and content of NIST SP 800-128, I expect to assist audience in searching the management possibilities for cloud and ground energy compliance in the technological environment where emerging technologies emerge. I woud like to apply the new version of ISO 27001 (ISO 27001:2022) as a starting point to help the audience understand how NIST SP 800-128 can be used to fulfill the change of the standards. The new version of ISO 27001 has put more emphasis on configuration management, but most companies are unable to effectively practice configuration management. Finally, through the sharing of industry cases, the audience can have a concrete understanding of management practices.

With the rise of highly sophisticated cyberattacks, organizations are seeking advanced security solutions that can effectively defend against these evolving threats. The integration of artificial intelligence (AI/ML) and the implementation of a holistic zero trust platform offer a powerful defence mechanism. This session explores the capabilities of an AI-powered holistic zero trust platform in defending against highly sophisticated cyberattacks. By leveraging AI algorithms to analyse vast amounts of data and identify patterns indicative of malicious activity, this platform can proactively detect and mitigate threats effectively. Additionally, the zero trust model ensures that all users and devices are continuously authenticated and authorized, thereby minimizing the risk of unauthorized access. The combination of AI and zero trust architecture provides organizations with a robust and adaptive security framework, enabling them to stay one step ahead of advanced cyber threats.

In this session, we will explore the challenges and corresponding solutions encountered at various stages of incorporating security into the software development life cycle through practical experience, from the perspectives of people, processes, and technology. We aim to provide insights into advancing towards a more mature and stable stage of secure software development.

Ultimately, we hope that the audience will gain an understanding of various practical solutions, allowing cybersecurity to become a collaborative partner in development rather than an adversarial role. Together, we can build a more seamless and unobstructed secure software development life cycle.

The scope of "information security" is not equal to the scope of "trade secret". Thus, it is essential to identify trade secret so as to establish the corresponding control measure. In addition, If an organization faces a trade secret suit, digital data, with its characteristics of being easily tampered and spread, it is necessary to take measures to assist in identifying and proving the source of data in order to clarify responsibilities. In summary, existing information security practices are probably unable to respond to trade secret risks. How to boost the integrated management of information security and trade secret, and future effectiveness of evidence, are the important issues in digital era.

This session will focus on cloud and on-premises hybrid attacks, adopting the perspective of attackers. It will explore the scenario where, after breaching a corporate network, the attacker is unable to obtain valid credentials for lateral movement on-premises. Nevertheless, they can still employ techniques such as Pass the PRT to vertically penetrate into the corporate cloud. Furthermore, by abusing mechanisms like Cloud Kerberos Trust and Hybrid Device Join, especially after gaining cloud admin privileges through privilege escalation tactics, the attacker can inversely breach into the corporate on-premises network.

Active Directory is a mission-critical single point of failure. The importance of AD makes it a highly attractive target for cybercriminals. Credential theft renders endpoint security solutions useless and that is why 90% of cyber breaches involve identity systems such as AD today. 

Without AD, there is no IT recovery. If you lose AD, you lose your business. Full AD forest recovery after a cyber attack is complicated and time-consuming as the process to recover the AD is tedious and long. Traditional backup solutions cannot recover the entire AD forest rapidly, automatically and without malware.

Learn how Semperis can help your organisation protect your AD before, during, and after an attack to stop identity threats and minimise disruption to your business.

2024 is set to be the biggest election year in history, with more than 4 billion people being asked to cast their votes, and AI-driven disinformation campaigns will be pervasive. Threat actors will exploit these events to manipulate public opinion on a global scale, posing significant challenges to election integrity and global stability.

Powered by the speed and scale of the internet, disinformation operations have weaponized social media platforms and fractured the information environment to sow discord and undermine trust. It is no secret that we live in an increasingly fractured and polarised world, where acceptance of the existence of “alternative facts” is now mainstream.

This session will examine the current state of disinformation operations and how their capabilities and reach will be significantly enhanced and accelerated through application of Artificial Intelligence. We will also present strategies for individuals, organisations and governments to begin to combat on this new frontier.

The speaker has two national exam certificates on patent attorney at Taiwan and China. 

He also obtains 4 information security related patents from TPTO and the USPTO.

This topic is about "how to protect your own information security products from copying by your opponents"

This lecture will combine practical experience with vivid examples :

• How to come up with an AI / security related ideas for appling paten t? 
• What is important when applying security patent ? 
• How to protect after obtaining the patent ?
• How to design around opponents' patents ?"

Even if you are only an elementary school student, you still could learn a lot !