Track 1 - Main Track
Time | Details | Info |
---|---|---|
9:45 - 10:00 | Intro | Dr. Grigorios Fragkos |
10:00 - 10:45 | Keynote - Generational Cyber | Campbell Murray |
10:45 - 11:15 | Talk 1 - Talk 1 TBA | Speaker 1 |
11:15 - 11:30 | Coffee Break | |
11:30 - 12:00 | Talk 2 - Talk 2 TBA | Speaker 2 |
12:00 - 12:30 | Talk 3 - Talk 3 TBA | Speaker 3 |
12:30 - 13:00 | Talk 4 - Talk 4 TBA | Speaker 4 |
13:00 - 13:45 | Lunch Break | |
13:45 - 14:15 | Talk 5 - Talk 5 TBA | Speaker 5 |
14:15 - 14:45 | Talk 6 - Talk 6 TBA | Speaker 6 |
14:45 - 15:15 | Talk 7 - Talk 7 TBA | Speaker 7 |
15:15 - 15:45 | Talk 8 - Talk 8 TBA | Speaker 8 |
15:45- 16:00 | Coffee Break | |
16:00 - 16:30 | Talk 9 - Talk 9 TBA | Speaker 9 |
16:30 - 17:00 | Talk 10 - Talk 10 TBA | Speaker 10 |
17:00 - 17:30 | Talk 11 - Talk 11 TBA | Speaker 11 |
17:30 - 17:45 | CTF Announcement | Hack The Box CTF Team |
17:45 - 18:00 | Closing Remarks |
Track 2
Time | Details | Info |
---|---|---|
9:45 - 10:00 | Go to Stream 1 | Stream 1 |
10:00 - 10:45 | Talk 12 - Talk 12 TBA | Speaker 12 |
10:45 - 11:15 | Talk 13 - Talk 13 TBA | Speaker 13 |
11:15 - 11:30 | Coffee Break | |
11:30 - 12:00 | Talk 14 - Talk 14 TBA | Speaker 14 |
12:00 - 12:30 | Talk 15 - Talk 15 TBA | Speaker 15 |
12:30 - 13:00 | Talk 16 - Talk 16 TBA | Speaker 16 |
13:00 - 13:45 | Lunch Break | |
13:45 - 14:15 | Talk 17 - Talk 17 TBA | Speaker 17 |
14:15 - 14:45 | Talk 18 - Talk 18 TBA | Speaker 18 |
14:45 - 15:15 | Talk 19 - Talk 18 TBA | Speaker 19 |
15:15 - 15:45 | Talk 20 - Talk 20 TBA | Speaker 20 |
15:45- 16:00 | Coffee Break | |
16:00 - 16:30 | Talk 21 - Talk 21 TBA | Speaker 21 |
16:30 - 17:00 | Talk 22 - Talk 22 TBA | Speaker 22 |
17:00 - 17:30 | Talk 23 - Talk 23 TBA | Speaker 23 |
17:45 - 18:00 | Go to Stream 1 | Stream 1 |
Workshops
Time | Details | Info |
---|---|---|
9:45 - 10:00 | Go to Stream 1 | Stream 1 |
10:00 - 11:15 | Workshop - Talk 22 TBA | Speaker 22 |
11:15 - 11:30 | Coffee Break | |
11:30- 13:00 | Workshop - Talk 23 TBA | Speaker 23 |
13:00 - 13:45 | Lunch Break | |
13:45 - 15:45 | Workshop - Talk 24 TBA | Speaker 24 |
15:45- 16:00 | Coffee Break | |
16:00 - 17:45 | Workshop - Talk 25 TBA | Speaker 25 |
17:45 - 18:00 | Go to Stream 1 | Stream 1 |
Special Sessions
Time | Details | Info |
---|---|---|
9:45 - 10:00 | Go to Stream 1 | Stream 1 |
10:00 - 11:15 | Go to Stream 1 | Stream 1 |
11:15 - 11:30 | Coffee Break | |
11:30 - 13:00 | Special Session 1 - The Corporate Espionage Case: A Digital Forensics Adventure | D.Georgiou, S.Pitikaris, K.Kiriakos |
13:00 - 13:45 | Lunch Break | |
13:45 - 15:45 | Special Session 2 - Block By Block: Building Your CTI Program | Andreas Sfakianakis |
15:45 - 16:00 | Coffee Break | |
16:00 - 17:00 | Special Session 3 - Rising to the Challenge: Cyber Security in Greece | Konstantinos Papanagnou |
17:00 - 17:45 | Go to Stream 1 | Stream 1 |
17:45 - 18:00 | Closing Remarks |
Speaker: Dr. Grigorios Fragkos, @drgfragkos
Security BSides Athens - Warm welcome & opening remarks
On behalf of the Security BSides Athens 2024 team, we would like to welcome you to the conference and open the conference with the following brief agenda:
- Welcome & opening remarks (meet the team)
Bio: After 20 years in the United Kingdom, Greg moved to the UAE approx. 5 years ago. As a Cyber Defense Director, he was responsible for the Cyber Advisory Services in DarkMatter and later on in Digital14 as part of thought leadership initiative to safeguard the future of a smart-led digital ecosystem. Greg was recently asked to undertake a unique and highly challenging role in the UAE, for which the details will be revealed soon enough.
Greg was also the vCISO for EXPO 2020 in Dubai (https://www.expo2020dubai.com/), which is the world’s largest event (moved from 2020 to 2021) featuring the participation of 192 countries, that opened its doors 1/Oct/2021 for 6 months.
Previously, Greg was based in London as part of the EY Cyber team in OTS/TAS, delivering excellence in a globally market-leading proposition that he helped shape and structure. Cyber in M&A provided decision makers in multi-b/million investments (business transactions) the ability to identify and quantify the cyber risk-exposure in existing and emerging cyber threats.
Throughout his career, Greg has engaged with companies around the world sharing his expertise and ensuring that business entities within different sectors (such as banking, payments, maritime, defense & space) have in place security-in-depth practices against emerging Cyber threats. His background includes thought-leading security research, experience in defending mission-critical systems and leading technical security assessments. In addition, he has exposure and hands-on involvement in the Cyber Defense department of the military and has been actively identifying security gaps in the payments industry (fintech) while protecting high-value assets.
Greg has been invited to present in a number of security conferences, workshops and summits over the years. Among his many responsibilities, he has been accepted by ENISA (part of the approved NIS Experts) where he has designed and reviewed exercises for the pan-European exercises for Cyber Europe. He is responsible for organising Security BSides Athens and Security BSides Amsterdam. He is also an OWASP London Chapter leader and a proud supported of the global information security and application security community.
When he is not too busy traveling for business all over the world, you will most probably have a chance to find him in most of the InfoSec related events and conferences around Europe. Thinking ahead and outside-the-box when dealing with information security and cyber security challenges, is one the key characteristics of his talks. ( @drgfragkos)
Abstract: Having seen the industry grow from a handful of misunderstood misfits to the big money industry it has now become, believe me when I tell you I have seen (and done) some things! As we approach the 30-year mark of what we now recognise as formal penetration testing, let’s take a look back at how the industry and the people within it has changed and the trends we are seeing going into the future. We will look at the changing attitudes and requirements of both customers and consultants and what is good and bad regarding the latest trends as the third generation of newcomers to the field enter the workplace
Bio: Leaving a career as a commercial skipper of charter and sail training yachts crossing the Atlantic multiple times, Murray entered Cyber Security in the mid-1990s with a heavy focus in the offensive attack simulation space. In the decades that have followed, he has pen tested and red teamed everything from large Government and military installations, software and networks to cars, trains, ships and aeroplanes.
One of the founders of the Tiger Scheme examination and standards body in 2007 and a founding director or the Cyber Scheme in 2013, Murray has had a considerable influence on the penetration testing community globally in terms of methodology, standards, and development of the industry.
Currently the technical lead at Sodium Cyber as well as a non-executive director at several other Cyber Security consultancies. Murray was the founding director of Encription Ltd in the UK from 2006 – 2016 and later the Global Head of Cyber Security Delivery for Blackberry Professional Services from 2016 – 2020.
Speaker: D.Georgiou, S.Pitikaris, K.Kiriakos, @Twitter
The Corporate Espionage Case: A Digital Forensics Adventure
Abstract: «The Corporate Espionage Case: A Digital Forensics Adventure» is a fictional synthesis drawn on different experiences which serves as a cohesive narrative delving into the fascinating world of digital forensics through the lens of experienced professionals. In this workshop, we will share our journey across multiple DFIR cases, offering a unique glimpse into the meticulous process of analyzing cyber threats, uncovering digital evidence and ultimately piecing together the true story behind cybercriminal activities caring to be forensically-sound every step of the way! Attendees will be guided through the complexities of digital investigations, from phishing attempts and insider threats to initial breach detection, forensic acquisition, analysis and reporting. By exploring real-world scenarios, we aim to illuminate the challenges and triumphs of digital forensics, providing insights into the tools and techniques essential for navigating the digital crime-scene all the way to the courtroom.
Bio: Short Bio Dimitris Georgiou: Dimitris Georgiou is a senior consultant with more than 20 years of experience in IT and Cybersecurity. He is Chief Security Officer and Partner at Alphabit SA, a cybersecurity firm in Athens, Greece. He has diverse studies in the humanities and Computer Science and holds professional certifications in Information Security, Digital Forensics and Payment Security. He is member of BCS, IEEE, ACM and ISC2. He participates at the ISC2 Europe Advisory Council and volunteers as a Member of the Board of the ISC2 Hellenic Chapter. He consults organisations on how to effectively reduce cyber risk, conducts security audits and digital forensics investigations being a registered forensic court expert. He speaks and writes about cyber hygiene particularly caring for the safety of children online.
Short Bio Spiros Pitikaris: Spiros Pitikaris is a Cyber Security Consultant and has been a part of Alphabit for three years. With a BSc and Msc in Cyber Security he also holds professional certifications in Information Security, Digital Forensics and Penetration Testing. He combines a passion for the offensive side of cybersecurity with a keen interest in the defensive realms of digital forensics and incident response. His expertise and interests span various technologies, including application security, threat hunting and malware analysis.
Short Bio Konstantinos Kiriakos: Konstantinos Kiriakos, a computer science engineering graduate, transitioned from the world of software development to pursue his dream in cybersecurity. Drawn to the intricate challenges and complexities of cybersecurity, he embarked on this journey by earning the CC certification from ISC2. Today, he specializes in diverse areas like digital forensics, penetration testing, and consulting. His focus goes beyond identifying vulnerabilities; he actively contributes to evolving organizational defenses in all aspects by building robust security postures and empowering staff through comprehensive training sessions.
Abstract: «Block By Block: Building Your CTI Program» is a 2-hour workshop designed to demystify the complexities of CTI and provide a clear pathway for participants to build or enhance their threat intelligence programs.
This workshop is created for individuals keen on grasping the fundamental principles of CTI and eager to translate this understanding into a strategic framework for their organizations. We will embark on a journey through the essentials of CTI, starting with an exploration of foundational CTI concepts and the pivotal role it plays in managing cyber threats. Throughout the session, we will delve into the steps necessary for initiating a CTI program, emphasizing the seamless integration of CTI into existing organisational processes. Moreover, the workshop will highlight practical and easy-to-implement approaches that organizations can adopt for quick wins and building foundational CTI capabilities (key practices, common pain points, and effective techniques). Emphasis will be placed on leveraging technology to enable CTI, developing skillset of CTI analysts, and employing a maturity model to gauge and enhance the effectiveness of CTI initiatives.
Whether you're at the early stages of considering a CTI program or looking to refine and expand your existing capabilities, this workshop offers insights, resources, and perspectives on cyber threat intelligence programs.
Bio: Andreas is a Cyber Threat Intelligence professional with over a decade of experience in cyber security. Having tilted at windmills, Andreas focuses on applying threat intelligence and helping organizations manage threats mostly within the Oil & Gas, Technology, and Financial sectors as well as in European Union’s Agencies and Institutions. Andreas has been contributing to the CTI community since 2012 via reports, his blog, newsletter, conferences, trusted communities, and instructing. His passion for teaching led him to become a SANS instructor for FOR578 Cyber Threat Intelligence course. Andreas’ primary goal is to help organizations establish and mature their cyber threat management programs by bringing decade-long insights from applying CTI. His goals also include the embedding of CTI in the EU policymaking through his collaboration with EU institutions on CTI projects and assessments. Andreas’ Twitter handle is @asfakian and his website is www.threatintel.eu ! Feel free to reach out!
Abstract: Join us in a cumulative talk around the Cyber Security Challenge Greece, analyzing how the idea was conceived, some of the challenges encountered, the challenge aftermath, and of course - some walkthroughs of the challenges and a Q&A on potential ideas for next year’s edition.
Bio: Konstantinos is a Senior Penetration Tester at NVISO Security and the Technical Director of the Cyber Security Challenge Greece.
Hack The Box
Capture the Flag Team
We are very excited partnering up with Hack the Box offering trainings and CTF challenges, tailored to the Security BSides Athens community.
Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with other members of similar interests. It contains several challenges that are constantly updated. Some of them simulating real world scenarios and some of them leaning more towards a CTF style of challenge.
Our CTF intention is for everyone to learn and have fun during the CTF. For that reason Security BSides Athens works closely with Hack The Box in the gamification aspect of the CTF. In addition, out CTF scenarios promote the ethical hacking side of things to inspire the younger generation.