CYBERSEC 2021 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

  • 10:00

    • May 4th (Tue)
    • 10:00 - 10:05
    • 7F 701

    Opening Remarks

    Chairman, CYBERSEC 2021

    Editor in Chief, iThome

    Merton Wu

    General
  • 10:05

    • May 4th (Tue)
    • 10:05 - 10:10
    • 7F 701
  • 10:10

    • May 4th (Tue)
    • 10:10 - 10:15
    • 7F 701
  • 10:20

    Keynote
    • May 4th (Tue)
    • 10:20 - 10:45
    • 7F 701

    Information Security on Banking

    CEO, Rakuten International Bank

    Kazuhiko Saiki

    General
  • 10:45

    Keynote
    • May 4th (Tue)
    • 10:45 - 11:15
    • 7F 701

    Cybersecurity in the Digital Transformation Journey

    2020 wasn’t what anybody expected and it made a significant mark in the history books. As human beings, we know how to react and adapt as the struggle continues. The same is true of organizations coming under fire due to rapid global change. Many businesses responded to the evolving digital transformation with a renewed focus on maintaining their competitive edge and supporting remote work, which became crucial overnight. As expected, cybercriminals are very interested in these changes! Few verticals were ready, with manufacturing and healthcare suffering the most under an ever-increasing risk of catastrophe. This keynote will share:

    • How technology is fundamentally changing business operation

    • How the digital transformation blurs the line between IT & OT

    • How the manufacturers can enjoy the benefits of the digital transformation while mitigating fast-increasing risk

    CEO, Trend Micro

    Eva Chen

    Vice President of Trend Micro & CEO of TXOne Networks, Trend Micro

    Terence Liu

    General
    Digital TransformationOT SecurityBusiness Continuity Management
  • 11:15

    Keynote
    Taiwan's Cybersecurity Researchers
    • May 4th (Tue)
    • 11:15 - 11:45
    • 7F 701

    Keynote Speech

    Founder & CTO, CyCraft Technology Corporation

    Birdman

    General
    Blue TeamManaged Detection & ResponseNIST Cybersecurity Framework
  • 11:45

    Keynote
    • May 4th (Tue)
    • 11:45 - 12:15
    • 7F 701

    e-SOFT Corp Session

    General
    Zero Trust ArchitectureSOAR
  • 13:00

    Cyber Talent Forum 資安人才論壇
    • May 4th (Tue)
    • 13:00 - 13:20
    • 4F Cyber Talent 專區

    CEO, DEVCORE

    Allen Own

    General
  • 13:20

    Cyber Talent Forum 資安人才論壇
    • May 4th (Tue)
    • 13:20 - 13:40
    • 4F Cyber Talent 專區

    Albert

    General
  • 13:40

    Cyber Talent Forum 資安人才論壇
    • May 4th (Tue)
    • 13:40 - 14:00
    • 4F Cyber Talent 專區

    Session

    Data Team Lead, Rayark Inc.

    Denny Huang

    General
  • 14:00

    Tech Briefing
    • May 4th (Tue)
    • 14:00 - 14:30
    • 4F 4A 展區會議室

    You need comprehensive protection to face frequently change and progressive threat

    It is very important to keep web service availability and performance in order to maintain business continue and make profit. Because web service is high accessibility and high connectivity with enterprise internal database. Hence it has become the target for competitors and malicious people. The purpose is to paralyze corporate web service and try get the important sensitive data from internal database via web service. For progressive sophisticated attack techniques, Imperva provides flexible protection solution, from outside to inside, from cloud to ground, Imperva is able to help enterprise to build fast, effective and easy to management protecting circle for critical web and data.

    Principal Security Consultant, Imperva

    Holmes Fan

    General
    Data SecurityWeb SecurityDDoS Protection
  • 14:00

    Tech Briefing
    • May 4th (Tue)
    • 14:00 - 14:30
    • 7F 701H

    QNAP Adra NDR solution: Adaptive-screening to advanced threats and targeted ransomware protection

    As leading in storage vendor, QNAP was inquried from thousands of customers who had been attacked by targeted raonsomeware. In this session, we will disclose a new innovative solution ADRA NDR which could effiecently protect customers from these cyber-attack. Together with QNAP's advanced storage functions in NAS, QNAP could help customers on consturcting a completed and reliable data and network proection from cyber-attacks.

    Senior product manager, QNAP Systems, Inc.

    Daniel Hsieh

    General
    RansomwareNetwork Detection & ResponseThreat Hunting
  • 14:00

    Tech Briefing
    • May 4th (Tue)
    • 14:00 - 14:30
    • 7F 702

    cyberview Session

    Intermediate
    Privilege ManagementIdentity ManagementDevSecOps
  • 14:00

    Tech Briefing
    • May 4th (Tue)
    • 14:00 - 14:30
    • 7F 701F

    FineArt Technology Session

    Intermediate
    RansomwareEndpoint Detection & ResponseEndpoint Security
  • 14:00

    Cyber Leadership Forum
    • May 4th (Tue)
    • 14:00 - 14:05
    • 7F 701D
  • 14:00

    Tech Briefing
    • May 4th (Tue)
    • 14:00 - 14:30
    • 7F 701E

    Forcepoint Session

    Intermediate
    Zero Trust ArchitectureRansomwareData Loss Prevention
  • 14:00

    Tech Briefing
    • May 4th (Tue)
    • 14:00 - 14:30
    • 7F 701G

    Ransomware in Focus: How AI Stays One Step Ahead of Attackers

    As the world continues to endure ongoing global disruption, cyber-attackers have been constantly updating their tactics in light of emerging trends. According to MIT Technology Review, 121 million ransomware attacks were recorded in the first half of 2020, each one attempting to encrypt private data and extort payment for its release. The automated elements of these attacks, malware that moves faster than security teams can respond, is one of the most damaging hallmarks of these ransomware campaigns.


    This session unpacks the nuances of some of today’s most costly and advanced ransomware and shares how self-learning AI uniquely empowers organizations across industries to fight back.

    Cyber Security Account Manager, Darktrace

    Joti Lee

    Intermediate
    RansomwareAI SecurityThreat Detection & Response
  • 14:00

    Zero Trust Forum
    • May 4th (Tue)
    • 14:00 - 14:30
    • 7F 701B

    Whitelisting as a zero-trust approach to enterprise security

    Zero-trust security dictates that every access control right be a privilege that is unambiguously granted, and is similar in spirit to whitelisting-based security design, which allows only those actions that are explicitly enumerated and disallows the rest. When applied to enterprise security, this requires the security system designer to exhaustively think through who is allowed to access what under which conditions. Although conceptually straightforward, whitelisting presents many practical implementation barriers in its application to securing real-world enterprise networks and systems, particularly with respect to how to accurately and easily capture the allowed list of resource access actions in a given enterprise system, and to maintain it in the face of constant system updates. In this presentation, I will talk about how to apply whitelisting to achieving zero-trust enterprise security, the main practical implementation challenges associated with whitelisting, and how we are addressing them.

    Vice President and General Director, Industrial Technology Research Institute

    Tzi-Cker Chiueh

    Intermediate
    Zero Trust ArchitecturePrivilege ManagementIntrusion Prevention
  • 14:00

    Brand Day - VMware
    • May 4th (Tue)
    • 14:00 - 14:30
    • 7F 703

    VMware Session

    Intermediate
    Zero Trust NetworkNetwork SecurityNetwork Visibility
  • 14:00

    Brand Day - Fortinet
    • May 4th (Tue)
    • 14:00 - 14:30
    • 7F 701A

    Fortinet Session

    General
    Security ConsultingSecurity Operation
  • 14:00

    Tech Briefing
    • May 4th (Tue)
    • 14:00 - 14:30
    • 7F 701C

    Intermediate
    Hackers & ThreatsNetwork Security
  • 14:00

    Cyber Talent Forum 資安人才論壇
    • May 4th (Tue)
    • 14:00 - 14:20
    • 4F Cyber Talent 專區

    Orange Tsai

    General
  • 14:05

    Cyber Leadership Forum
    • May 4th (Tue)
    • 14:05 - 14:35
    • 7F 701D

    Founder & Managing Partner, Davinci Personal Data and High-Tech Law Firm

    Yeh Chi-Hsing (Simon)

    General
  • 14:35

    Cyber Leadership Forum
    • May 4th (Tue)
    • 14:35 - 15:05
    • 7F 701D

    Security Management in Investment Bank

    Information Security is a top-down concept and should be practiced everywhere across the organization. The idea sounds great, however in practice, is difficult.  The problems could be that not everyone is equipped with security knowledge, not everyone is motivated in achieving security goals and no personal benefits at the job/responsibility level. To solve the aforementioned problems, we have to ask the right questions: How security decisions are being made and by whom? What are the reward system and measurements that drive towards the goals? What are the roles that support the responsibilities?  

    Cybersecurity Consulting, Caresys

    Anthony Lee

    Intermediate
    Security StrategyGovernance Risk & Compliance
  • 14:40

    Cyber Talent Forum 資安人才論壇
    • May 4th (Tue)
    • 14:40 - 15:50
    • 4F Cyber Talent 專區

    General
  • 14:45

    Tech Briefing
    • May 4th (Tue)
    • 14:45 - 15:15
    • 7F 702

    Sprinf Co Session

    Intermediate
    Endpoint SecurityData Loss PreventionData Security
  • 14:45

    Zero Trust Forum
    • May 4th (Tue)
    • 14:45 - 15:15
    • 7F 701B

    Intelligently Guard the Freedom and Security of the Era of Mobility and IoT

    In this session, we will share Aruba's advanced Dynamic Segmentation, automation, and AI-based machine learning and rapid device identification solutions that enable enterprises to:

    • Detect and grasp the information of the full spectrum of devices connected or attempting connect to the network, including IoT devices.
    • Enable access to IT resources and applications by identity and roles.
    • Continuously monitor users and devices on the network and change access privileges at any time based on real-time threat data.

    Aruba Taiwan Technical Vice President, Aruba

    Alex Chen

    Intermediate
    Zero Trust NetworkZero Trust ArchitectureIoT Security
  • 14:45

    Taiwan's Cybersecurity Researchers
    OT Security Forum
    • May 4th (Tue)
    • 14:45 - 15:15
    • 7F 701G

    Common Flaws in Public and Private ICS Network Protocols

    In this research, we analyze 9 ICS protocols (5 public and 4 private) which are widely used in the critical infrastructure sectors of power, water, transportation, petroleum, and manufacturing. In each of these public and private ICS protocols, we found some common flaws which allow attackers to easily sniff unencrypted traffic and perform ICS protocol-centered attacks. These attacks include T833 - Modify Control Logic, T836 - Modify Parameter, T843 - Program Download, T856 - Spoof Reporting Message - Modbus/TCP and T855 - Unauthorized Command Message which map to MITRE ATT&CK for ICS. Attacker can be accomplished without the intruder needing to acquire authentication or authorization. Also, we provide 5 attack demos which across 1 public and 3 private protocols, to show how these common flaws will cause huge impacts such as T832 - Manipulation of View and T831 - Manipulation of Control to ICS. Finally, we demonstrate how to againist ICS network protocols attack.

    Threat Researcher, TXOne Networks

    Mars Cheng

    Senior DPI Engineer, TXOne Networks

    Selmon Yang

    Advanced
    ICS/SCADA SecurityNetwork SecurityCritical Infrastructure Protection
  • 14:45

    Tech Briefing
    • May 4th (Tue)
    • 14:45 - 15:15
    • 7F 701E

    How vulnerable is a company's cybersecurity from hacker’s point of view – you are more vulnerable to be attacked than you think

    Web application services and email services are the easiest ways to be penetrated by hacker. However, most of the enterprises don’t have a visibility to their cyber exposure and period, and are even not aware of being penetrated. In this seminar, OneDegree cybersecurity team will clarify common cyber misunderstandings, explain the popular techniques utilized by hacker, and how to manage the cyber exposure with limited resources.

    Head of Cybersecurity, OneDegree

    Stanley Chou

    General
    Vulnerability AssessmentPenetration TestingSocial Engineering
  • 14:45

    Blue Team Forum
    • May 4th (Tue)
    • 14:45 - 15:15
    • 7F 701H

    10 Facts About Windows Active Directory That Will Blow Your Mind

    Cybercriminals know the Active Directory better than you, didn’t you know? Not anymore. We will discuss how the AD works, why it’s so vulnerable, how cybercriminals penetrate its defenses so often, provide actionable insight on creating effective AD defense practices and policies, and how to best maintain and further expand your knowledge of both active and emerging threats to your Active Directory.

    Cyber Security Researcher, CyCraft

    Shang-De Jiang

    Intermediate
    Incident ResponseHackers & ThreatsThreat Analysis & Protection
  • 14:45

    Brand Day - VMware
    • May 4th (Tue)
    • 14:45 - 15:15
    • 7F 703

    VMware Session

    General
    Zero Trust ArchitectureData Loss PreventionData Security
  • 14:45

    Brand Day - Fortinet
    • May 4th (Tue)
    • 14:45 - 15:15
    • 7F 701A

    Fortinet Brand Day Session

    Intermediate
    AI SecurityThreat Analysis & Protection
  • 14:45

    Tech Briefing
    • May 4th (Tue)
    • 14:45 - 15:15
    • 7F 701F

    An in-depth analysis about information security of telecommuting using privileged access.

    This agenda starts with Gartner's 2018~2021 recommendations on the top ten security projects of the chief security officer and the problems faced by working from home.After explaining the importance of the management of privileged accounts for home office and the management problems, we will propose the best practice solution for home office and privileged account management (Best Practice), and the ANCHOR privileged account management and EP home office security developed by Taiwan. 

    CTO, Global Wisdom Software Technology CO. LTD.

    Edward Lee

    General
    Privilege Management
  • 14:45

    Tech Briefing
    • May 4th (Tue)
    • 14:45 - 15:15
    • 7F 701C

    Kenny Lee

    General
    OT SecurityStandardsIoT Security
  • 14:45

    Tech Briefing
    • May 4th (Tue)
    • 14:45 - 15:15
    • 4F 4A 展區會議室

    Intermediate
    Penetration TestingThreat Intelligence
  • 15:05

    Cyber Leadership Forum
    • May 4th (Tue)
    • 15:05 - 15:30
    • 7F 701D

    【Cyber Leadership Forum】

    Intermediate
    Data SecurityCloud SecurityVulnerability Management
  • 15:30

    Cyber Leadership Forum
    Taiwan's Cybersecurity Researchers
    • May 4th (Tue)
    • 15:30 - 16:00
    • 7F 701D

    Aiming at the core threats! Is your defensive strategy solid enough?

    DEVCORE will reveal the survey result of corporate cybersecurity demand in 2020. Meanwhile, DEVCORE will share the observation on the blind side of corporate information security based on its Red Team experiences accumulated in the past couple of years, which has targeted supply chain security, third-party software vulnerabilities, product factory default passwords to cloud service data leaks. Anticipating to assist companies to re-examine and reconstruct their risk assessment mechanisms from a broader perspective to further improve the effectiveness of the investment in information security resources.

    CEO, DEVCORE

    Allen Own

    Intermediate
    Red TeamRisk AssessmentPenetration Testing
  • 15:50

    Cyber Talent Forum 資安人才論壇
    • May 4th (Tue)
    • 15:50 - 16:20
    • 4F Cyber Talent 專區

    Achievements of Taiwan HolyHigh-- Information Security practical mentoring project and its current and future impetus.

    Associate Professor, Department of Information Engineering, Kunshan University of Science and Technology

    Lung Tseng

    General
  • 16:00

    Tech Briefing
    • May 4th (Tue)
    • 16:00 - 16:30
    • 7F 701E

    Taiwan Mobile Session

    Manager, Taiwan Mobile

    Vincent Cheng

    General
    Cloud SecuritySecurity Strategy
  • 16:00

    Tech Briefing
    • May 4th (Tue)
    • 16:00 - 16:30
    • 7F 701C

    Dell Session

    Senior Systems Consulant, Dell Technologies

    Ray Wu

    Intermediate
    Cyber ResilienceBackup and RecoverySecurity Strategy
  • 16:00

    Taiwan's Cybersecurity Researchers
    OT Security Forum
    • May 4th (Tue)
    • 16:00 - 16:30
    • 7F 701G

    From theory to practice: ATT&CK ICS journey

    This agenda uses the ATT&CK framework and tools to introduce information security threats in the ICS environment, and demonstrates it through the ICS testbed built for the Mitre, and describes what may be encountered in the real world.

    Deputy Engineer, Institute for Information Industry

    Sol

    Deputy Engineer, Institute for Information Industry

    Tom

    Intermediate
    MITRE ATT&CKOT SecurityICS/SCADA Security
  • 16:00

    Taiwan's Cybersecurity Researchers
    • May 4th (Tue)
    • 16:00 - 16:30
    • 7F 701F

    Fadacai: Bounty Program with Taiwanese Characteristics

    This presentation will introduce how to get the bounty program up and running.

    Independent Security Consultant,

    Ken Lee

    General
    Bug Bounty
  • 16:00

    Zero Trust Forum
    • May 4th (Tue)
    • 16:00 - 16:30
    • 7F 701B

    Are you tired of excessive threat warnings?

    Many IT managers already do a fine job in network event recording, but are unaware of how to fully utilize and exert the value of such information so that it becomes a powerful tool for managing network security. Through this agenda, we will show you how to, based on the principle of Zero Trust, use the network traffic incidents collected within the enterprise combined with active and effective threat intelligence to analyze the hidden network threats within the organization and block malicious connection attacks.

    CEO, NEITHNET

    ART Lin

    Intermediate
    Threat IntelligenceZero Trust NetworkThreat Detection & Response
  • 16:00

    Tech Briefing
    • May 4th (Tue)
    • 16:00 - 16:30
    • 4F 4A 展區會議室

    OrangeRed Session

    Intermediate
    Advanced Threat ProtectionRansomwareThreat Detection & Response
  • 16:00

    Blue Team Forum
    • May 4th (Tue)
    • 16:00 - 16:30
    • 7F 701H

    Deloitte Session

    The relationship between the APT organization's attacks and the threat of ransomware has caused many corporate images and assets to be damaged and affected greatly.

    This time the agenda shared international frameworks and defense-in-depth strategies for reference, discussed management and technical experience with the congregation, assisted companies in creating management processes and response strategies, and security configuration parameter assessments experience.

    Senior Consultant, Deloitte

    Kuro Huang

    Intermediate
    Security ArchitectureSecurity by DesignBlue Team
  • 16:00

    Brand Day - VMware
    • May 4th (Tue)
    • 16:00 - 16:30
    • 7F 703

    VMware Session

    Intermediate
    Threat Analysis & Protection
  • 16:00

    Cyber Leadership Forum
    • May 4th (Tue)
    • 16:00 - 17:00
    • 7F 701D
  • 16:00

    Tech Briefing
    • May 4th (Tue)
    • 16:00 - 16:30
    • 7F 702

    CipherTech Session

    Intermediate
    Data SecurityData Loss Prevention
  • 16:00

    Brand Day - Fortinet
    • May 4th (Tue)
    • 16:00 - 16:30
    • 7F 701A

    Fortinet Brand Day Session

    General
    Endpoint SecurityAIEndpoint Detection & Response
  • 16:45

    OT Security Forum
    • May 4th (Tue)
    • 16:45 - 17:15
    • 7F 701G

    Back to the basic, why network segmentation is easy to understand but so hard to implement. (Zero-Trust Network Concept in ICS Cybersecurity )

    Using quarantine to prevent human disease spreading and infections of viruses is a very effective method. A similar methodology is also a well-known countermeasure in cybersecurity, it is so difficult in real word implementation because the challenge is due to excessive restrictions and lack of supporting measures. Applying the network segmentation in the industrial control environment requires extremely high availability for the continuous operation of the field. This sharing will provide an appropriate recommendation to deal with different implementation-oriented challenges.

    Marketing Director, TXOne Networks Inc.

    Steven Hsu

    General
    ICS/SCADA SecurityZero Trust NetworkOT Security
  • 16:45

    • May 4th (Tue)
    • 16:45 - 17:15
    • 7F 701F

    Adjunct Assistant Professor, National Taiwan University

    Jimmy Chen

    General
  • 16:45

    Taiwan's Cybersecurity Researchers
    Blue Team Forum
    • May 4th (Tue)
    • 16:45 - 17:15
    • 7F 701H

    Win the Fight Against Financial Fraud: Case Studies in the Benefits of Automated Proactive Threat Hunting

    Cybersecurity in the 2020s and beyond needs to be more proactive. Through real-world financial fraud case studies, I will demonstrate not only the benefits of automated threat hunting but also why it is crucial in operating an effective, modern, proactive defense that is capable of detecting and eradicating the cyber threats of the mid-twenty-first century.

    Automated threat hunting creates more efficient SOCs by accelerating the investigation process—a necessity when defending enterprises with hundreds or thousands of devices and network connections. SOC analysts no longer need to spend excessive amounts of time investigating each and every connection or interaction with an unknown domain.

    Reducing risk and increasing cyber resilience is becoming more and more difficult in the twenty-first century; automated proactive threat hunting provides enterprises today with the capability to successfully fight the cyber threats of tomorrow—and win.

    Cybersecurity Researcher, CyCraft

    Dange Lin

    Intermediate
    Threat IntelligenceSecurity AnalyticsUnified Threat Management
  • 16:45

    Tech Briefing
    • May 4th (Tue)
    • 16:45 - 17:15
    • 7F 702

    The New Vision of Cybersecurity in the post-COVID era

    The COVID-19 epidemic has caused countries around the world to take isolation actions, making telecommuting a new standard work mode. The boundary between enterprise intranet and extranet is gradually blurred, and how to ensure enterprise Cybersecurity has become an important emerging issue. ZYXEL is one of the very few companies in Taiwan that independently researches and develops Cybersecurity, and will propose solutions to meet local market needs in response to these global trends.

    Product Manager Channel Sales Division Product Management Department, Zyxel Networks

    Tim Liu

    Intermediate
    Network SecurityUnified Threat ManagementThreat Detection & Response
  • 16:45

    Brand Day - VMware
    • May 4th (Tue)
    • 16:45 - 17:15
    • 7F 703

    VMware Session

    Intermediate
    Zero Trust NetworkFirewallNetwork Detection & Response
  • 16:45

    Taiwan's Cybersecurity Researchers
    701 Vulnerability Research Lab
    • May 4th (Tue)
    • 16:45 - 17:15
    • 7F 701E

    Make you rich in one day : insights the attack/defense of blockchain technique

    Senior Director, Trend Micro

    gasgas

    General
    Digital WalletVulnerability AssessmentSecure Coding
  • 16:45

    Brand Day - Fortinet
    • May 4th (Tue)
    • 16:45 - 17:15
    • 7F 701A

    Fortinet Brand Day Session

    Intermediate
    Zero Trust NetworkOT Security
  • 16:45

    Zero Trust Forum
    • May 4th (Tue)
    • 16:45 - 17:15
    • 7F 701B

    ZTA – Next Gen Security Design Architecture

    Covid-19 has been changing IT operation landscape and increase business cybersecurity risk scenario. ZTA will be the next generation cybersecurity design architecture and there is no difference between the Internet and Intranet. US NAS just announced a ZTA report, looking forward to implement ZTA principle and framework to respond the more and more cybersecurity risk.

    Associate Director, KPMG

    Hsiu, Shu-Chen (David Hsiu)

    General
    Zero Trust ArchitectureSecurity ArchitectureRisk Management
  • 16:45

    • May 4th (Tue)
    • 16:45 - 17:15
    • 7F 701C

    Managing Director, EY Consulting

    Christina Tseng

    General
  • 10:00
    • May 5th (Wed)
    • 10:00 - 10:05
    • 7F 701

    Opening Remarks

    Chairman, CYBERSEC 2021

    Editor in Chief, iThome

    Merton Wu

    General
  • 10:05
    Keynote
    5G Security Forum
    • May 5th (Wed)
    • 10:05 - 10:35
    • 7F 701

    5G:Serving Vertical Industries

    Member, National Communications Commission

    Yeali Sun

    General
    5G Security
  • 10:35
    Keynote
    • May 5th (Wed)
    • 10:35 - 11:05
    • 7F 701
  • 11:05
    Keynote
    Taiwan's Cybersecurity Researchers
    • May 5th (Wed)
    • 11:05 - 11:35
    • 7F 701

    Keynote Speech

    CEO, Team T5 Inc.

    Sung-Ting Tsai (TT)

    General
    RansomwareThreat IntelligenceManaged Detection & Response
  • 11:35
    Keynote
    • May 5th (Wed)
    • 11:35 - 12:05
    • 7F 701

    Keynote Speech

    TANG Feng (Audrey TANG), Executive Yuan

    Audrey Tang

    General
  • 13:00
    Taiwan's Cybersecurity Researchers
    CyberLAB
    • May 5th (Wed)
    • 13:00 - 14:30
    • 7F 702C

    Cyber Armchair Strategy vs Real-World Breach Experience

    Cyber attacks today are an inevitable threat modern organizations must face. How an organization detects, labels, responds, and remediates existing decifiencies in their cyber defense while also effectively utilizing their limited resources has become a necessary skill for infosec management teams for all organizations. One method that has helped alleviate this issue for infosec management teams has been the Cyber Defense Matrix (CDM), a well-known security model from recent years, and combining it with the use of various infosec frameworks.


    Our course will focus on the concept of CDM, how to successfully supplement it via other infosec frameworks, and the analysis of cyber attack methods in terms of defense. Participants will learn how to think like and defend themselves from threat actors by learning how to properly analyze an attack, succesfully construct an attack storyline, understand each step of the attack from the attacker’s perspective, and, finally, how to properly defende themselves at each phase of the attack.


    At the end of the course, participants will experience the latest in infosec edutech—an interactive CDM game. Through the game, participants will gain a deeper understanding of CDM concepts, common offensive and defensive techniques, how to successfully build an effective modern defense against today’s threats. This course will help participants evolve into valuable and effective information security personnel and prepare them for the inevitable frontline experience against a modern threat.

    Cyber Security Researcher, CyCraft

    Shang-De Jiang

    Cybersecurity Researcher, CyCraft

    Dange Lin

  • 13:00
    Taiwan's Cybersecurity Researchers
    CyberLAB
    • May 5th (Wed)
    • 13:00 - 15:00
    • 7F 703AB

    Oh my gosh! That's how container security should be done. What's involved in container security.

    While container has increasingly become a much applied technology in recent years, its architecture is utterly different from the traditional IT environment, rendering most of the existing security defenses ineffective in protecting containers.

    This session demonstrates how to leverage tools to enforce security policies in the development process to ensure that everything works as intended in the container. It involves protecting not just the container images used in the build process but also the container host, the platform, and the application layer during runtime. Some of the mistakes in deploying containers will also be explained, along with the consequences and preventive measures.

    Senior Technical Consultant, Trend Micro

    Albert Jen

  • 13:00
    Taiwan's Cybersecurity Researchers
    CyberLAB
    • May 5th (Wed)
    • 13:00 - 15:00
    • 7F 703C

    TeamT5 Cyber Range

    By practicing of incident response, you will understand the various TTPs of APT attack.Learn how to resolve the encoded content of script and find the way of persistence, lateral movement and how the shellcode is loaded.

    You will be devided into teams and help each other to see the whole scope of incident from an single alert.

    Cyber Security Consultant, TeamT5

    Tom

    R&D Engineer, TeamT5

    Zet

    Cyber Security Consultant, TeamT5

    Jason3e7

  • 13:00
    Taiwan's Cybersecurity Researchers
    CyberLAB
    • May 5th (Wed)
    • 13:00 - 15:00
    • 7F 702AB

    CHT Security Session

    Coming Soon

    Deputy Manager, CHT Security

    Pin-Ren Chiou

  • 14:00
    Brand Day - iSecurity
    • May 5th (Wed)
    • 14:00 - 14:30
    • 7F 701E

    Enhanced enterprise cyber resilience, prepared for unknown threats

    There is no 100% security in cyber world. The SolarWinds third-party supply chain issue prooved that no matter how strong the defense is, it is impossible to guarantee 100% security. The hacker and malicious attacks are always a continuous problem to enterprise, and sooner or later matters. Cyber Resilience is the primary to be focus and enhanced to any enterprise, advanced planning and deployment that prepares for the breach of the security defense line. iSecurity pointed out 4 steps for cyber resilience to be more stronger: Stop More Attacks, Find Breach Faster, Fix Breaches Faster, Reduce Breach Impact.

    CEO, iSecurity Inc.

    Julian Su

    Intermediate
    Cyber ResilienceRisk ManagementSecurity Architecture
  • 14:00
    Tech Briefing
    • May 5th (Wed)
    • 14:00 - 14:30
    • 7F 701C

    FineArt Technology Co., Ltd. Session

    Intermediate
    Endpoint SecurityEndpoint Detection & ResponseData Loss Prevention
  • 14:00
    Zero Trust Forum
    • May 5th (Wed)
    • 14:00 - 14:30
    • 7F 701B

    The zero trust security market trend

    Science and Technology International Strategy Center / Research Manager, Industrial Technology Research Institute

    Akuei Hsu

    General
    Zero Trust ArchitectureZero Trust Network
  • 14:00
    Cyber Leadership Forum
    • May 5th (Wed)
    • 14:00 - 14:05
    • 7F 701D
  • 14:00
    US-Taiwan AIT Day
    • May 5th (Wed)
    • 14:00 - 14:05
    • 7F 701F

    Commercial Officer, AIT

    Matthew Quigley

    General
  • 14:00
    Brand Day - SYSTEX
    • May 5th (Wed)
    • 14:00 - 14:30
    • 7F 701A

    The first line of defence : human firewall

    The global pandemic has proved to be an incubator of cybercrime, and Taiwan’s performance surprisingly ranked last for the past 3 years! In line with this, Systex Corporation’s seminar is designed to assist corporations instill a cyber awareness in employee actions through its 4Es: Experience, Examine, Experiment, and Evaluate. The human factor in cybersecurity will be emphasized to forge a strong firewall and fill the missing link for effective corporate cybersecurity.

    Cybersecurity Consultant / HEIS Cybersecurity Technical R&D Manager, SYSTEX

    Eason Liao

    Intermediate
    Security AwarenessSocial EngineeringCyber Criminal
  • 14:00
    Tech Briefing
    • May 5th (Wed)
    • 14:00 - 14:30
    • 4F 4A 展區會議室

    Intermediate
    5G SecurityNetwork Security
  • 14:05
    Cyber Leadership Forum
    • May 5th (Wed)
    • 14:05 - 14:35
    • 7F 701D

    ISM and ISC

    The ISM and ISC of Internet-only Bank

    General
  • 14:10
    Cyber Women Forum 資安女力論壇
    • May 5th (Wed)
    • 14:10 - 14:30
    • 4F Cyber Talent 專區

    Session

    HITOCN

    HITCON GIRLS

    TeamT5

    Turkey Li

    General
  • 14:10
    US-Taiwan AIT Day
    • May 5th (Wed)
    • 14:10 - 14:40
    • 7F 701F

    Palo Alto Networks Session

    Intermediate
    Threat Detection & ResponseAI SecuritySOAR
  • 14:30
    Cyber Women Forum 資安女力論壇
    • May 5th (Wed)
    • 14:30 - 14:50
    • 4F Cyber Talent 專區

    General
  • 14:35
    Cyber Leadership Forum
    • May 5th (Wed)
    • 14:35 - 15:05
    • 7F 701D

    Advance Digital Resilience in the Covid-19 Period: Road Toward New International Cybersecurity Standards and its Assessment and Review Practices.

    From the viewpoints of compliance, cybersecurity regulations and industry standards are still updated. In addition to ISO 27001, the NIST Cybersecurity Framework (CSF) and IEC/ISA 62443 are embedded in newly drafting SEMI Cybersecurity Standards and ITRI's Cybersecurity Maturity Model in Taiwan. Based on participation in drafting a standard and its practical implementation, the instructor will share and discuss stories behind those compliance issues.

    Senior Director, Willis Towers Watson Taiwan

    Bright Wu

    General
    StandardsGovernance Risk & ComplianceSecurity Awareness
  • 14:40
    US-Taiwan AIT Day
    • May 5th (Wed)
    • 14:40 - 15:10
    • 7F 701F

    Cisco Session

    全球資安產品事業部業務經理, Cisco 思科

    Lance Chu

    Intermediate
    Zero Trust ArchitectureZero Trust Network
  • 14:45
    Brand Day - iSecurity
    • May 5th (Wed)
    • 14:45 - 15:15
    • 7F 701E

    Stop More Attacks -- Advanced Deployment, block threats ouside borders

    Proper endpoint protection is the foundation of data protection. Especially during the pandemic period, working from home becomes a trend to enterprises; SASA SCANNER Mail and CDR can prevent most phishing and malicious ransomware; and be ensured the risk of internet access security in the container of BufferZone. And finally, collocates with a full-view Digital Guardian, which completely supervise the user behavior of the endpoints, that is almost non-invasive, except the endpoints, the security of IOT devices in enterprise is often ignored. VDOO's security detection can help.

    CTO, iSecurity Inc.

    Jason Lai

    Intermediate
    Cyber ResilienceData Loss PreventionIoT Security
  • 14:45
    Tech Briefing
    • May 5th (Wed)
    • 14:45 - 15:15
    • 7F 701C

    Website is Hacked What to Do - Case Study

    Cyber-attacks present a growing threat to businesses/enterprises, governments, and individuals all over the world.


    There are a lot of cyber-attacks happened to large enterprises in Taiwan in recent years as well. 

    Then, you thought these large enterprises didn’t prepare an specific security team or professional security software & hardware to protect cybersecuity ? 

    Obviously the answer is No. Hackers still targeted and attacked them which caused the huge losses.


    However, we found many small and medium enterprises or e-commerce customers believed that their company scale is small, hackers would not attack them, they may ignore the risk of cybersecurity.


    Therefore, in this session, we will use the e-commerce customer as a case study to illustrate how to against hacker and what is the best way to protect your website.

    IT & Cyber Security Consultant, PUMO network digital technology Co, Ltd.

    Seven

    Intermediate
    Web Service SecurityApplication SecurityWeb Security
  • 14:45
    Zero Trust Forum
    • May 5th (Wed)
    • 14:45 - 15:15
    • 7F 701B

    Zero Trust with Zero Friction

    Are you implementing Zero Trust or Zero Sleep? To achieve Zero Trust typically requires building a stack of solutions, integrating them and increasing security spend. This session will provide a framework and specific steps that show how to leverage identity centric security for Frictionless Zero Trust for IT, Security, and end users resulting in reduced risks, reduced cost, and a better user experience. This session shows you new technology that can help financial enterprises meet the unique needs around compliance and user experience, without compromising security.

    Cyber Security Specialist, CrowdStrike North Asia,

    Peter Fan

    Intermediate
    Zero Trust ArchitectureZero Trust NetworkThreat Detection & Response
  • 14:45
    Brand Day - SYSTEX
    • May 5th (Wed)
    • 14:45 - 15:15
    • 7F 701A

    Systex Email Security Cloud Overview

    Email is the major attack method of hackers.

    Such like social attacks, malicious links, BEC and even APT attacks may all be delivered via email.

    Systex Email Security Cloud provides multi-layer anti-virus engine,threat intelligence, AI analysis, sandbox detection...and many other detection and defense mechanisms. 

    The cloud-base service can save a lot of manpower and provide the most complete email security protection with the least impact on the customer’s environment.

    Sr. Director, SYSTEX

    Arthur Yu

    Intermediate
    Email SecurityBusiness Email Compromise
  • 14:45
    • May 5th (Wed)
    • 14:45 - 15:15
    • 4F 4A 展區會議室

    Enabling IoT EDR by Firmware Emulation and Re-hosting

    The properties of constrained resource, unfriendly interface, and heterogeneous architectures for IoT endpoint devices make secure protection for them extremely difficult. The mature protection mechanisms for traditional desktops (e.g., Antivirus or EDR) cannot be directly applied into IoT scenario. By extracting firmware of a IoT physical endpoint device and executing it in an emulated IoT system, this speech discusses how to establish a virtual IoT device with high fidelity and leverage system-level monitoring and IDS to achieve EDR for IoT endpoint devices.

    Associate Professor, Department of Computer Science and Infomration Engineering, National Taiwan University of Sciecne and Technology

    Shin-Ming Cheng

    General
    Endpoint Detection & ResponseFirmware SecurityEndpoint Security
  • 14:50
    Cyber Women Forum 資安女力論壇
    • May 5th (Wed)
    • 14:50 - 15:10
    • 4F Cyber Talent 專區

    IoT Threat Intelligence Researcher, Panasonic Cyber Security Lab

    Belinda Lai

    General
  • 15:05
    Cyber Leadership Forum
    • May 5th (Wed)
    • 15:05 - 15:30
    • 7F 701D

    Microsoft Security Automation

    Many companies use patchwork security defense architectures in the construction of security protection, resulting in a lack of integration and joint defense mechanisms in the overall defense process, making it more difficult for managers to track and manage. This agenda is mainly to provide the audience with another information security thinking model, how to build a smart information security platform to strengthen the overall protection of the enterprise and detect more unknown malicious attacks. Making managing security no longer a daunting task

    Senior Security P.M.M., Microsoft Taiwan

    Dragon Chang

    General
    Advanced Threat ProtectionSecurity ArchitectureSecurity Strategy
  • 15:10
    Cyber Women Forum 資安女力論壇
    • May 5th (Wed)
    • 15:10 - 15:30
    • 4F Cyber Talent 專區

    Managing Director, EY Consulting

    Christina Tseng

    General
  • 15:25
    US-Taiwan AIT Day
    • May 5th (Wed)
    • 15:25 - 15:55
    • 7F 701F

    Splunk Services Session

    Intermediate
    Cloud SecurityThreat HuntingZero-day Vulnerability
  • 15:30
    Cyber Leadership Forum
    • May 5th (Wed)
    • 15:30 - 16:00
    • 7F 701D

    CISO, Taiwan Mobile

    Bryan Chen

    General
    GovernanceCareer PathSecurity Job
  • 15:30
    Taiwan's Cybersecurity Researchers
    CyberLAB
    • May 5th (Wed)
    • 15:30 - 17:30
    • 7F 703AB

    Oh my gosh! That's how container security should be done. What's involved in container security.

    While container has increasingly become a much applied technology in recent years, its architecture is utterly different from the traditional IT environment, rendering most of the existing security defenses ineffective in protecting containers.

    This session demonstrates how to leverage tools to enforce security policies in the development process to ensure that everything works as intended in the container. It involves protecting not just the container images used in the build process but also the container host, the platform, and the application layer during runtime. Some of the mistakes in deploying containers will also be explained, along with the consequences and preventive measures.

    Senior Technical Consultant, Trend Micro

    Albert Jen

  • 15:30
    Taiwan's Cybersecurity Researchers
    CyberLAB
    • May 5th (Wed)
    • 15:30 - 17:30
    • 7F 703C

    TeamT5 Cyber Range

    By practicing of incident response, you will understand the various TTPs of APT attack.Learn how to resolve the encoded content of script and find the way of persistence, lateral movement and how the shellcode is loaded.

    You will be devided into teams and help each other to see the whole scope of incident from an single alert.

    Cyber Security Consultant, TeamT5

    Tom

    R&D Engineer, TeamT5

    Zet

    Cyber Security Consultant, TeamT5

    Jason3e7

  • 15:30
    Taiwan's Cybersecurity Researchers
    CyberLAB
    • May 5th (Wed)
    • 15:30 - 17:30
    • 7F 702AB

    CHT Security Session

    Coming Soon

    Deputy Manager, CHT Security

    Pin-Ren Chiou

  • 15:30
    Taiwan's Cybersecurity Researchers
    CyberLAB
    • May 5th (Wed)
    • 15:30 - 17:00
    • 7F 702C

    Cyber Security Researcher, CyCraft

    Shang-De Jiang

    Cybersecurity Researcher, CyCraft

    Dange Lin

  • 15:30
    Cyber Women Forum 資安女力論壇
    • May 5th (Wed)
    • 15:30 - 15:50
    • 4F Cyber Talent 專區

    Sharing the experience challenges about females participate in IT field in Military.

    In this high-tech era, cyber threats get in by every opening. Governments and private enterprises pay lots of attention on cyber security, which is no longer a non-popular knowledge but a national security issue which cannot be ignored. 

    ICEF is a mysterious organization in military. What important role does the ICEF play in the national cyber security team? How does ICEF protect our cyber territory?

    The speaker will share her experience about

    。Characteristics, work content and challenges of the ICEF

    。How to continuously improve and cultivate oneself during participating in IT work in the military

    Cyber & Information Officer, Information, Communication and Electronic Force, MND

    Wendy Chou

    General
    CyberwarfareNational Security
  • 15:55
    US-Taiwan AIT Day
    • May 5th (Wed)
    • 15:55 - 16:25
    • 7F 701F
  • 16:00
    Tech Briefing
    • May 5th (Wed)
    • 16:00 - 16:30
    • 7F 701C

    mlytics Session

    Head of Development, mlytics

    Francis Lien

    Intermediate
    Web Security
  • 16:00
    Brand Day - iSecurity
    • May 5th (Wed)
    • 16:00 - 16:30
    • 7F 701E

    Next-Generation SOAR

    Network attack situation continues to transform, the use of enterprise digital transformation after the extension of the security gap to attack, enterprise SOC analyst configuration, has been difficult to keep up with the pace of threat evolution, the security market has appeared SOAR in a scripted way to determine the security incident analysis SOP and automate the process of emotional intelligence collection and response action, the analyst manpower on high-value analysis operations, in order to shorten the response time of each event, to achieve the level of enterprise requirements of security control. 

    Technical Manager, iSecurity Inc.

    Philis Tseng

    Intermediate
    Cyber ResilienceSOARSIEM
  • 16:00
    Tech Briefing
    • May 5th (Wed)
    • 16:00 - 16:30
    • 4F 4A 展區會議室

    Intelligent Traffic Monitoring and DDoS Protection for 5G Backbone Network

    The rise of 5G technology, along with the exponential growth in the number of IoT devices, has posed unprecedented challenges for internet service providers to secure against DDoS threats. Therefore, it is necessary to set up a more effective security measure for the 5G core network architecture. In this session, we will discuss the differences between analyzing 5G networks and legacy networks by focusing on topics like data collection from the entire network as well as the 5G network slicing, automated traffic baselining and fingerprinting, real-time anomaly detection, virtual network segmentation, DDoS event tracking and reporting, and attack pattern profiling.

    Vice President, Product Development, Genie Networks Ltd

    Popo Tseng

    Intermediate
    DDoS ProtectionNetwork Visibility5G Security
  • 16:00
    Zero Trust Forum
    • May 5th (Wed)
    • 16:00 - 16:30
    • 7F 701B

    An overview of myths and strategies of the zero trust architecture

    Professor, National Taiwan University of Science and Technology

    Shi-Cho Cha

    General
    Zero Trust ArchitectureZero Trust Network
  • 16:00
    Cyber Leadership Forum
    • May 5th (Wed)
    • 16:00 - 17:00
    • 7F 701D
  • 16:00
    Brand Day - SYSTEX
    • May 5th (Wed)
    • 16:00 - 16:30
    • 7F 701A

    SYSTEX Corporation Session

    General
    Managed Security ServiceManaged Detection & ResponseSecurity Awareness
  • 16:25
    US-Taiwan AIT Day
    • May 5th (Wed)
    • 16:25 - 17:00
    • 7F 701F

    President, Cybersecurity Advanced Foundry

    Ching Hao MaoPanelist

    全球資安產品事業部業務經理, Cisco 思科

    Lance ChuPanelist

    General
  • 16:45
    Brand Day - iSecurity
    • May 5th (Wed)
    • 16:45 - 17:15
    • 7F 701E

    Reduce Breach Impact!

    The enterprises and hackers have been defensed and attacks for decades and have never stopped. We must assume that companies absolutely likely be invaded through network.This session will give some examples of the recent information security issues to explore how companies can prevent possible attacks by planning in advance, so as to prevent subsequent damages from expanding and affecting the business and reputation.

    Technical Manager, iSecurity Inc.

    Matt Chen

    Intermediate
    Cyber ResilienceCritical Infrastructure ProtectionCyber Supply Chain Security
  • 16:45
    Zero Trust Forum
    • May 5th (Wed)
    • 16:45 - 17:15
    • 7F 701B
  • 16:45
    Taiwan's Cybersecurity Researchers
    • May 5th (Wed)
    • 16:45 - 17:15
    • 7F 701C

    Data Breaches Related to Critical Infrastructure - A In-depth Analysis of Cyber Risk to Taiwanese Critical Infrastructure

    This research will collect publicly leaked data and share some of the traps and fun that we found during the analysis. We will also share how we have conducted big data analysis on more than 10 billion pieces of data from 200 plus datasets, with a particular focus on the analysis of data leakage and password habits of Taiwan's 8 critical infrastructure service providers. Finally, based on the in-depth analysis of our data, we will try to provide prediction warnings to high-risk CI sectors and vendors that may be invaded due to information leakage, and finally advise how to perform prevention and mitigation measures.

    Threat Researcher, TXOne Networks

    Mars Cheng

    Threat Researcher, TXOne Networks

    Yen Ting Lee

    Intermediate
    Critical Infrastructure ProtectionBig DataICS/SCADA Security
  • 16:45
    Brand Day - SYSTEX
    • May 5th (Wed)
    • 16:45 - 17:15
    • 7F 701A

    How Cyber Security Management Act influence cyber security management—Legal compliance and governance

    Driven by the Cyber Security Management Act, various government agencies are actively formulating comprehensive improvement plans to strengthen their cyber security protection. Since SYSTEX team is familiar with the IT environment in public sector, and understands the regulatory requirements, our "MOC (Monitoring and Operation Center) Cyber Security Service, was quickly adopted by various government angencies.

    Operation Manager, SYSTEX

    William Huang

    General
    Information GovernanceGovernance Risk & Compliance
  • 10:00
    Taiwan's Cybersecurity Researchers
    OT Security Forum
    • May 6th (Thu)
    • 10:00 - 10:30
    • 7F 701C

    Hack HMIs before bad guys do

    Some vendors would assume "whitelisting", "firewalling" their control system would make them "safe". We will prove otherwise, and talk about how we research deeply into security implications of human-machine interfaces, including firmware analysis, defending

     against attacks, and developing safer software.

    Threat Researcher, TXOne Networks

    Ta-Lun Yen

    Advanced
    Hackers & ThreatsOT Security
  • 10:00
    Taiwan's Cybersecurity Researchers
    AI & Security Forum
    • May 6th (Thu)
    • 10:00 - 10:30
    • 7F 701F

    Building ML-based Threat Hunting System from Scratch

    Security incidents and the false-positive alerts generated by SEIM solutions have grown considerably over the last decade. In this talk, we take a deep dive into the technical aspects of designing and creating an effective AI-driven threat hunting system from the ground up. Automated threat hunting systems, such as our Fuchikoma, alleviate alert fatigue by automating the investigation process, alert triage, and auto-generating attack storylines, allowing SOC analysts to rapidly identify and focus on the more severe incidents, their root cause, auto-enriched contextual information of each step of the attack, and ultimately, eradication and remediation. Each step of our design process on Fuchikoma’s automated ML-driven threat hunting system will be broken down step-by-step and explained thoroughly in detail. 

    Senior Researcher, CyCraft

    CK

    Intermediate
    APTMachine LearningThreat Hunting
  • 10:00
    DevSecOps & Cloud Security Forum
    • May 6th (Thu)
    • 10:00 - 10:30
    • 7F 701G

    Secure the Cloud and Save the Day

    Sharing common security issues, attack methods and detection/response mechanisms in cloud services, and how to build an effective cybersecurity protection system in practice, so that cloud security will not become a hot potato in the organization.

    Cybersecurity Engineer, MaiCoin

    Anderson Lin

    Intermediate
    Cloud SecurityIncident ResponseSOAR
  • 10:00
    Taiwan's Cybersecurity Researchers
    Cyber Free Talk
    • May 6th (Thu)
    • 10:00 - 10:30
    • 4F 4A 展區會議室

    【Cyber Free Talk】

    Founder & CTO, CyCraft Technology Corporation

    Birdman

    General
  • 10:00
    Taiwan's Cybersecurity Researchers
    5G Security Forum
    • May 6th (Thu)
    • 10:00 - 10:30
    • 7F 701B

    Campus Network Cybersecurity: Assessment with open-source components in a lab

    We will talk about cybersecurity in 4G/5G campus network and how to build a lab for assessment before buying.

    Senior Threat Researcher, Trend Micro

    Philippe Lin

    Intermediate
    5G SecurityOT SecurityTelecom Security
  • 10:00
    Targeted Ransomware Attack Forum
    Taiwan's Cybersecurity Researchers
    • May 6th (Thu)
    • 10:00 - 10:30
    • 7F 701D

    While Jenkins helps you implement CI/CD, it also inadvertently gives ransomware a hand

    Jenkins, the popular open-source CI/CD tool, has inadvertently become a vector for hackers to compromise your systems during the COVID-19 pandemic, leaving many systems of business users encrypted by ransomware. In this session, we will be sharing the difficulties and goodies we have found with implementing Jenkins. Using real cases, we show you how hackers can quickly compromise your systems and move laterally within your organizations. You will see that hackers and their threats are everywhere, and their attacks will never stop.

    Senior Analyst, Trend Micro

    Josh Huang

    Intermediate
    Incident ResponseThreat Detection & ResponseCSIRT
  • 10:00
    Taiwan's Cybersecurity Researchers
    701 Vulnerability Research Lab
    • May 6th (Thu)
    • 10:00 - 10:30
    • 7F 701H

    What makes Slack vulnerable to blind SSRF attack

    In this session, I'll explain the meaning and purpose of the different X-Forwarded-XXX headers. Next, I'll show how the attackers can bypass the IP Ban by the application via the wrong setting of X-Forwarded-For, or even ban other victim's IP. Last, I'll demo the blind SSRF vulnerabilities I found in Slack, which is due to the misconfiguration of the X-Forwarded-Host setting. It should make everyone knows more about the X-Forwarded-XXX headers.

    Software Engineer, IBM

    Luke

    Intermediate
    SecDevOpsWeb SecurityWeb Service Security
  • 10:00
    Taiwan's Cybersecurity Researchers
    CyberLAB
    • May 6th (Thu)
    • 10:00 - 12:00
    • 7F 703AB

    Oh my gosh! That's how container security should be done. What's involved in container security.

    While container has increasingly become a much applied technology in recent years, its architecture is utterly different from the traditional IT environment, rendering most of the existing security defenses ineffective in protecting containers.

    This session demonstrates how to leverage tools to enforce security policies in the development process to ensure that everything works as intended in the container. It involves protecting not just the container images used in the build process but also the container host, the platform, and the application layer during runtime. Some of the mistakes in deploying containers will also be explained, along with the consequences and preventive measures.

    Senior Technical Consultant, Trend Micro

    Albert Jen

  • 10:00
    Taiwan's Cybersecurity Researchers
    CyberLAB
    • May 6th (Thu)
    • 10:00 - 12:00
    • 7F 702C

    CyCraft Technology Corporation Session

    Coming Soon

    Cybersecurity Researcher, CyCraft

    Boik Su

  • 10:00
    Taiwan's Cybersecurity Researchers
    Blue Team Forum
    • May 6th (Thu)
    • 10:00 - 10:30
    • 7F 701E

    Domain Slayer: Mugen Backdoor

    In the first half of 2020, the COVID-19 pandemic has given rise to the need of working from home. While IT engineers strived to deploy VPN architecture so their colleagues could work remotely, a backdoor has also been opened for hackers to directly access the corporate intranet. 

    Hans and his team have observed ransomware attacks in major industries during the second half of 2020 and discovered this phenomenon, and in this speech, he will be sharing how his team performed red teaming exercises to intrude Active Directory and to establish backdoor, hoping to prevent companies from falling into the same trap. 

    Senior Consultant, CHT Security

    Hans Wang

    Intermediate
    Red TeamPenetration TestingMITRE ATT&CK
  • 10:00
    FINSEC Forum
    • May 6th (Thu)
    • 10:00 - 10:05
    • 7F 701A

    Opening Remarks

    Chairman, CYBERSEC 2021

    Editor in Chief, iThome

    Merton Wu

    General
  • 10:00
    CyberLAB
    • May 6th (Thu)
    • 10:00 - 12:00
    • 7F 703C
  • 10:05
    FINSEC Forum
    • May 6th (Thu)
    • 10:05 - 10:10
    • 7F 701A

    Guest Remarks

    Vice Chairperson, Financial Supervisory Commission

    JEAN CHIU

    General
  • 10:10
    FINSEC Forum
    • May 6th (Thu)
    • 10:10 - 10:40
    • 7F 701A

    【FINSEC Forum】

    Fu-Longe Tsai

    General
    Policy ManagementGovernanceSecurity Strategy
  • 10:40
    FINSEC Forum
    • May 6th (Thu)
    • 10:40 - 11:40
    • 7F 701A

    【FINSEC Forum】

    Fu-Longe Tsai

    Chief Information Security Officer, Fubon Financial

    Frank Su

    Executive Vice President, First Commercial Bank

    Dr. Pei-Wen Liu

    General
    Policy ManagementGovernanceSecurity Strategy
  • 10:40
    Cyber Talent Forum 資安人才論壇
    • May 6th (Thu)
    • 10:40 - 11:10
    • 4F Cyber Talent 專區

    AIS3: Past and Present

    Associate Professor, Department of Computer Science and Infomration Engineering, National Taiwan University of Sciecne and Technology

    Shin-Ming Cheng

    General
  • 10:45
    Taiwan's Cybersecurity Researchers
    OT Security Forum
    • May 6th (Thu)
    • 10:45 - 11:15
    • 7F 701C

    Method for detecting abnormal behavior of unknown protocol in industrial control environment

    IDS in the industrial control network environment can detect whether there is abnormal network packet behavior in the industrial control network environment, remind factory personnel that the communication of each computer in the factory is not attacked by external hackers, and prompt internal malicious employees Abnormal network packet behavior. We rely on "hearing" all the packets of the switch or router in the factory to let everyone "see" the purdue model and asset inventory table of the factory network, and teach you to see the normal and abnormal behaviors in the industrial control network; we will share Actual cases to see WannaCry's abnormal behavior will also introduce the importance of industrial control internal network isolation. Through a few actual cases, we can open the audience's eyes and see the abnormal behavior on the industrial control network. Except, the communication between the machine and the machine in the factory is like the communication between the Boss and the Servant. The language of communication may be Chinese, English, French, Japanese, but it may also be an unknown dialect (Unknown Protocol), so we will introduce the analysis of the Unknown Protocol. 

    Technical manager, Institute for Information Industry, Cybersecurity Technology Institute

    Tsou Yu-Ting

    Deputy Engineer, Institute for Information Industry

    Sol

    Intermediate
    Industrial SecurityNetwork SecurityNetwork Visibility
  • 10:45
    Taiwan's Cybersecurity Researchers
    AI & Security Forum
    • May 6th (Thu)
    • 10:45 - 11:15
    • 7F 701F

    Cyber Threat Hunting With STIX-Shifter and Watson AutoAI

    Introductory session on applying Watson AutoML + STIX-Shifter for Threat hunting. Using WML to train and serve a classification model that can examine a STIX bundle to indicate suspicious level.

    Staff Software Developer, IBM

    Charlie Wu

    Intermediate
    Threat HuntingSTIXCloud AutoML
  • 10:45
    DevSecOps & Cloud Security Forum
    • May 6th (Thu)
    • 10:45 - 11:15
    • 7F 701G

    IaC Security

    How to implement IaC safety feature by coding to obtain best practices in CI/CD process.

    MIS Manager of IT department, Rakuya.inc

    Chang Yu Wu

    General
    Security ArchitectureWeb SecurityDevSecOps
  • 10:45
    Targeted Ransomware Attack Forum
    • May 6th (Thu)
    • 10:45 - 11:15
    • 7F 701D

    Far EasTone Session

    Intermediate
    RansomwareSecurity OperationManaged Detection & Response
  • 10:45
    Taiwan's Cybersecurity Researchers
    Cyber Free Talk
    • May 6th (Thu)
    • 10:45 - 11:15
    • 4F 4A 展區會議室

    【Cyber Free Talk】

    CEO, Team T5 Inc.

    Sung-Ting Tsai (TT)

    General
  • 10:45
    Taiwan's Cybersecurity Researchers
    5G Security Forum
    • May 6th (Thu)
    • 10:45 - 11:15
    • 7F 701B

    What 3gpp has to say about TS.33

    Mobile telecommunication has gone through generations of evolution from the early days to the establishment of 3gpp in December 1998, when the world joined hands to revolutionize mobile telecommunication. Today, 3gpp has taken on the task to drive the development and establishment of standards for 5G. In addition to releasing specifications for this latest mobile telecommunication technology, 3gpp has also touched upon its security aspects and TS.33 is the outcome. This session invites the audience to take a look at how experts at 3gpp tackle some of the most iconic challenges in 5G.

    Security Threat Researcher, Trend Micro

    Shin Li

    Intermediate
    5G SecurityTelecom SecuritySecurity Consulting
  • 10:45
    Taiwan's Cybersecurity Researchers
    Blue Team Forum
    • May 6th (Thu)
    • 10:45 - 11:15
    • 7F 701E

    Discuss common issues in handling incidents from the perspective of the Blue Team

    In view of the common problems encountered by enterprises when they are invaded, discuss and the response and improvement methods before, during and after the incidents.

    Information Security Consultant Division Director, Talent-Jump Technologies, Inc.

    zero

    Intermediate
    Risk ManagementSecurity OperationPolicy Management
  • 10:45
    Taiwan's Cybersecurity Researchers
    701 Vulnerability Research Lab
    • May 6th (Thu)
    • 10:45 - 11:15
    • 7F 701H

    Let’s talk about malware, the surreptitious tactics.

    With advances in cybersecurity technology and diversified solutions providing protection from attackers, adversaries need more meticulously planned operations to hide their footprints. These surreptitious tactics leverage the power of operating systems and other trusted tools to achieve its malicious goals, such as the fileless malware attack.

    Cyber Security Consultant, TeamT5

    Tom

    Cyber Security Consultant, TeamT5

    Jason3e7

    Cyber Security Consultant, TeamT5

    Peter

    Intermediate
    Endpoint SecurityEndpoint Detection & ResponseCERT
  • 11:10
    Cyber Talent Forum 資安人才論壇
    • May 6th (Thu)
    • 11:10 - 11:40
    • 4F Cyber Talent 專區

    Security Incident Response Team Manager, Synology

    Hanen Lin

    General
  • 11:30
    Targeted Ransomware Attack Forum
    • May 6th (Thu)
    • 11:30 - 12:00
    • 7F 701D

    A Comprehensive, Joint Defense Strategy From your Intranet to the Internet

    In the face of the global epidemic, digital transformation of enterprises is imperative. New business models bring new opportunities, but they also extend more risks. In Q4 2020 alone, over 10 listed companies in Taiwan suffered extortion by professional hacker groups. Tens of millions of dollars of Ransoms caused heavy operating losses. Against long-term latent APT attacks, traditional passive external defenses, such as anti-virus software and firewalls, are no longer sufficient. How can MIS and IT personnel, who stands on the front line of information security, build a comprehensive defense strategy? In this forum, the senior technical manager of UPAS will share the practical experience of UPAS engaged in intranet security management for nearly 20 years: from APT kill chain analysis, ransomware attack types, to each corresponding defense link, introducing a joint defense mechanism, in order to help companies resist targeted ransomware attacks in the post-epidemic era.

    Senior Technical Manager, UPAS Information Security Inc.

    黃逸儒

    Intermediate
    RansomwareNetwork Access ControlZero Trust Architecture
  • 11:30
    Taiwan's Cybersecurity Researchers
    OT Security Forum
    • May 6th (Thu)
    • 11:30 - 12:00
    • 7F 701C

    The Hunt for Major League IoT-ICS Threats: A Deep Dive into IoT Threat Terrain

    This talk will share how we built an automated large-scale IoT threat hunting system, and will share a deep look into the overall threat situation and trends compiled from six target examples in the past year.

    Threat Researcher, TXOne Networks

    Mars Cheng

    Threat Researcher, TXOne Networks

    Patrick Kuo

    Intermediate
    IoT SecurityThreat HuntingHackers & Threats
  • 11:30
    Taiwan's Cybersecurity Researchers
    AI & Security Forum
    • May 6th (Thu)
    • 11:30 - 12:00
    • 7F 701F

    Cryptography in the Wild: A Real-World Analysis of Taiwanese User Passwords

    This talk will be the first-ever public report that analyses Taiwanese user passwords in depth. I will break down Taiwanese user passwords into multiple common patterns, discuss their weaknesses, give insight into building better password practices and policies, offer actionable advice for password assessment during Red/Blue team cyber security drills, and provide insight into real-world threats and the techniques they use to crack “very strong” passwords.

    Software Architect, CyCarrier

    Cheng-Lin Yang

    General
    Password ManagementRed TeamPolicy Management
  • 11:30
    Taiwan's Cybersecurity Researchers
    DevSecOps & Cloud Security Forum
    • May 6th (Thu)
    • 11:30 - 12:00
    • 7F 701G

    Building Your Container Botnet in 1 Minute

    Are you curious about container technology? 

    What is the security issue regarding it? 

    How to utilize this security issue to gain the host privilege and how to use Shodan to search for it ?

    Come with me !!!

    Engineer, IBM Security

    Jie Liau

    Intermediate
    Container SecurityCloud Security
  • 11:30
    Cyber Free Talk
    • May 6th (Thu)
    • 11:30 - 12:00
    • 4F 4A 展區會議室

    【Cyber Free Talk】

    Founder, HITCON

    Tim Hsu

    General
  • 11:30
    Taiwan's Cybersecurity Researchers
    701 Vulnerability Research Lab
    • May 6th (Thu)
    • 11:30 - 12:00
    • 7F 701H

    Trojan-added Telegram installer, are you infected?

    This session will introduce an attack that lured Chinese speakers to download the Telegram installer with Trojan. We will see how attackers can actively improve their attack techniques within a short time, and try to use various tricks to avoid detection and confuse users to identify their genuine functions.

    Security Consultant, Talent-Jump Technologies

    Theo Chen

    Intermediate
    PhishingThreat IntelligenceThreat Hunting
  • 11:30
    Taiwan's Cybersecurity Researchers
    • May 6th (Thu)
    • 11:30 - 12:00
    • 7F 701E

    From physical to digital and cloud: supply chain under attack

    Senior Threat Architect, Trend Micro

    Fyodor Yarochkin

    General
    Cyber Supply Chain SecurityHardware SecuritySoftware Security
  • 11:30
    5G Security Forum
    • May 6th (Thu)
    • 11:30 - 12:00
    • 7F 701B

    Countermeasures against Rogue BS Attacks in 5G Non-public Networks.

    Recently, industry could lease spectrum and non-public network to realize 5G killer applications such as intelligent factory. However, the popularity of 5G opensource and the occurrence of cheap software define radio (SDR) enable experimental base stations (BSs) possible. Adversary could easily adopt such BSs to launch malicious attacks against availability, integrity, and privacy of industrial IoT devices. In this speech, we deploy sensors with the aid of mobile edge computing (MEC) in 5G non-public network to detect rogue BS attack and mitigate its negative effects. 

    Associate Professor, Department of Computer Science and Infomration Engineering, National Taiwan University of Sciecne and Technology

    Shin-Ming Cheng

    General
    5G SecurityTelecom SecurityMobile Security
  • 11:40
    FINSEC Forum
    • May 6th (Thu)
    • 11:40 - 12:00
    • 7F 701A

    【FINSEC Forum】

    General
    Security StrategyZero-day VulnerabilityRansomware
  • 11:40
    Cyber Talent Forum 資安人才論壇
    • May 6th (Thu)
    • 11:40 - 12:00
    • 4F Cyber Talent 專區

    General
  • 13:00
    Taiwan's Cybersecurity Researchers
    CyberLAB
    • May 6th (Thu)
    • 13:00 - 15:00
    • 7F 703AB

    Oh my gosh! That's how container security should be done. What's involved in container security.

    While container has increasingly become a much applied technology in recent years, its architecture is utterly different from the traditional IT environment, rendering most of the existing security defenses ineffective in protecting containers.

    This session demonstrates how to leverage tools to enforce security policies in the development process to ensure that everything works as intended in the container. It involves protecting not just the container images used in the build process but also the container host, the platform, and the application layer during runtime. Some of the mistakes in deploying containers will also be explained, along with the consequences and preventive measures.

    Senior Technical Consultant, Trend Micro

    Albert Jen

  • 13:00
    Taiwan's Cybersecurity Researchers
    CyberLAB
    • May 6th (Thu)
    • 13:00 - 15:00
    • 7F 702C

    CyCraft Technology Corporation Session

    Coming Soon

    Cybersecurity Researcher, CyCraft

    Boik Su

  • 13:00
    CyberLAB
    • May 6th (Thu)
    • 13:00 - 15:00
    • 7F 703C
  • 13:00
    Cyber Talent Forum 資安人才論壇
    • May 6th (Thu)
    • 13:00 - 14:40
    • 4F Cyber Talent 專區

    General
  • 14:00
    Taiwan's Cybersecurity Researchers
    AI & Security Forum
    • May 6th (Thu)
    • 14:00 - 14:30
    • 7F 701F

    Some Things about Automatic DPI Rule Generation

    Deep packet inspection (DPI) technology is widely used in network-side defense or detection equipment such as IPS/IDS/UTM. The signature/virus patterns (i.e., DPI Rules) used to detect threats can be treated as the DPI system's soul. In the past, the generation of DPI rules relied on rich experience and consumed a lot of time. In recent years, with AI's help, we can have some automation in the rule generation process. Through this automation, we can lower the technical threshold of rule making and shorten rule generation time. This talk will share related technologies and provide a PoC demo.

    Director, TXOne Networks Inc.

    Canaan Kao

    Advanced
    Intrusion DetectionNetwork SecurityThreat Detection & Response
  • 14:00
    DevSecOps & Cloud Security Forum
    • May 6th (Thu)
    • 14:00 - 14:30
    • 7F 701G

    Cloud Data Leak! Real IR Case on GCP

    In this session, we will share our experience of investigation based on a real IR case, also share the different behaviors betweeen cloud platforms and normal enviroments. In conclusion, we will mention how to enhance operate monitoring and architecture security based on the case.

    Cloud Security Consultant, FUNNY SYSTEMS

    Leon Wang

    Intermediate
    Cloud SecurityIncident ResponseSecurity Architecture
  • 14:00
    Taiwan's Cybersecurity Researchers
    Cyber Free Talk
    • May 6th (Thu)
    • 14:00 - 14:30
    • 4F 4A 展區會議室

    【Cyber Free Talk】

    CEO, DEVCORE

    Allen Own

    General
  • 14:00
    FINSEC Forum
    • May 6th (Thu)
    • 14:00 - 14:30
    • 7F 701A

    【FINSEC Forum】

    Chief of Digital Technology Security Division, First Commercial Ban

    Michael Chang

    General
  • 14:00
    • May 6th (Thu)
    • 14:00 - 15:20
    • 7F 701E

    General
    Digital TransformationGovernance
  • 14:00
    Manufacturing Security Forum
    • May 6th (Thu)
    • 14:00 - 14:30
    • 7F 701B

    【Manufacturing Security Forum】

    Co-Founder & CEO, CyCraft Technology Corporation

    Benson

    General
    AIAPTSupply Chain Security
  • 14:00
    Targeted Ransomware Attack Forum
    Taiwan's Cybersecurity Researchers
    • May 6th (Thu)
    • 14:00 - 14:30
    • 7F 701D

    【Targeted Ransomware Attack Forum】CyCraft Technology Corporation Session

    Co-Founder & CSO, CyCraft Technology Corporation

    PK

    Intermediate
    RansomwareBusiness Continuity & Disaster RecoverySecurity Strategy
  • 14:00
    Taiwan's Cybersecurity Researchers
    701 Vulnerability Research Lab
    • May 6th (Thu)
    • 14:00 - 14:30
    • 7F 701H

    Rebuild The Heaven's Gate: from 32 bit Hell back to Heaven Wonderland

    Microsoft embeds a translation design named WoW64 (Windows 32 on Windows 64) used for running 32 bit PE (Portable Executable format) on 64 bit Windows. The design basically hosts every 32 bit PE file inside as a native standalone 64-bit process and translates every 32-bit system interrupt into a 64-bit syscall.


    In this talk, we're going to talk about deep reversing engineering on WoW64 architecture how it does translations, and some uncovered issues about crossing-architecture could be abused in the wild.

    Threat Researcher, TXOne Networks

    Sheng-Hao Ma

    General
    APTCyberwarfareRed Team
  • 14:00
    Healthcare Security Forum
    • May 6th (Thu)
    • 14:00 - 14:05
    • 7F 701C

    Opening Remarks

    Chairman, CYBERSEC 2021

    Editor in Chief, iThome

    Merton Wu

    General
  • 14:05
    Healthcare Security Forum
    • May 6th (Thu)
    • 14:05 - 14:10
    • 7F 701C

    Opening Remarks

    Director General, Department of Information Management, Ministry of Health and Welfare

    I-Ming Parng

    General
  • 14:10
    Healthcare Security Forum
    • May 6th (Thu)
    • 14:10 - 14:40
    • 7F 701C

    Director General, Department of Information Management, Ministry of Health and Welfare

    I-Ming Parng

    General
    Healthcare SecuritySmart HealthcareH-ISAC
  • 14:30
    FINSEC Forum
    • May 6th (Thu)
    • 14:30 - 15:00
    • 7F 701A

    Experience sharing on the effectiveness of information security implementations

    I believe everyone has such feelings when you are asked about your company’s security posture. Why is that even when essential information security regulations have been introduced, defense equipments have been purchased, and awareness trainings have been conducted, yet you are still not confident to say that your company is well prepared for cyber threats?

    This agenda discusses the effectiveness of information security implementations from the three elements of building a more comprehensive information security system: People, Process and Technology.

    CISO, E.SUN Bank

    Jung Chu Chen

    General
    GovernanceSecurity Strategy
  • 14:40
    Healthcare Security Forum
    • May 6th (Thu)
    • 14:40 - 15:10
    • 7F 701C

    General
    Zero Trust NetworkSIEMInformation Governance
  • 14:40
    Cyber Talent Forum 資安人才論壇
    • May 6th (Thu)
    • 14:40 - 15:00
    • 4F Cyber Talent 專區

    CISO, Taiwan Mobile

    Bryan Chen

    General
    Career PathSecurity Job
  • 14:45
    Tech Briefing
    • May 6th (Thu)
    • 14:45 - 15:15
    • 4F 4A 展區會議室

    Rule Your Network: Supercharge Your Network Operations and Security Operations with Actionable Intelligence

    Your company expands its IT network over time, to support business and stakeholder needs. This session will help you understand how your network and security teams can continue to take control of your IT network, as it grows in size and complexity, to make sure that your stakeholders continue to get the information they need, and help the business continue to thrive in a highly competitive industry.

    General Agent in Taiwan - Founder of Jnsun Technology, Flowmon

    Ted Chen

    Intermediate
    Network VisibilityNetwork SecurityNetwork Detection & Response
  • 14:45
    Targeted Ransomware Attack Forum
    • May 6th (Thu)
    • 14:45 - 15:15
    • 7F 701D

    Deconstructing the technical methods of Target Ransom & Malware Steal: Introduce evolutionary new attack technology and protection countermeasures.

    Show several blackmail families from the theft and blackmail incidents of major groups and organizations. Technical display analysis (1) Target Ransom uses DLL injection (2) Fileless threats, (3) Use Epplus to avoid malicious methods of security protection mechanisms, (4) Killing and anti-hacking backup methods, (5) Use the OS whitelist to run malicious actions and other intrusion methods. Extend the application of feasible protection technology for disaster reduction and analyze the defects of defense mechanism.

    Assistant Manager, FineArt Technology Co., Ltd.

    Ting Wei Yang

    Information Security Engineer, FineArt Technology Co., Ltd.

    Luke Chen

    Advanced
    RansomwareHackers & Threats
  • 14:45
    • May 6th (Thu)
    • 14:45 - 15:15
    • 7F 701F

    Introduce to the Security of Data Governance

    Data is an important resource for future profits in an enterprise, and a data governance system is to build an effective data flow network, which makes the data needed for business decision-making immediately available. However, in the process of data access, some misuse, non-compliant, or even malicious data use methods may occur. This agenda uses the PostgreSQL database as an example to illustrate the concept of data governance security in a concrete and practical way.

    Deputy Manager, Cathay Life Insurance Co.,Ltd

    Organizer, PostgreSQL Taiwan

    Yung-Chung Ku

    Advanced
    Data SecurityAccess ControlSecurity Strategy
  • 14:45
    Taiwan's Cybersecurity Researchers
    • May 6th (Thu)
    • 14:45 - 15:15
    • 7F 701G

    Security Policy Made Easy?! Yes, with Cost.

    SELinux is famous for its thorough access control over the whole Linux box, but also notorious for the steep learning curve. The bundled open-source Reference Policy provides detailed security rules for a common Linux system, using the SELinux mechanism. However, system administrators usually have to tinker for the particular needs, on top of the Policy. 

     

    In the meantime, due to the rise of cybersecurity attacks, people today pay much more attention to the light-weight solutions like whitelisting. In short, it is allowing or denying the program (or any subject) at the time of invocation. Its simplicity brings the popularity. To support the thinking, we made an experiment throwing away the Reference Policy and craft a so-called WhiteList Policy using the SELinux framework from scratch. It is intended to show 1) the loaded policy determines easy-to-use or not, not SELinux mechanism; 2) solution to security issues is a trade-off between many aspects, convenience and completeness especially; 3) there is always a gap between the theory and the practice on all security solutions , even the one simple as whitelist.

    Deputy Technical Manager, ITRI ICL

    Yu-Hsuan Wang

    Associate Engineer, ITRI ICL

    Yi-Ting Chao

    Intermediate
    Access ControlEndpoint SecurityApplication Security
  • 14:45
    Manufacturing Security Forum
    • May 6th (Thu)
    • 14:45 - 15:15
    • 7F 701B

    Cybersecurity in Supply Chain Management - The Challenge from the-widely-used IoT device

    The information security of the supply chain is a part of enterprise information security. From the financial supply chain mentioned in the financial security action plan of the Financial Supervisory Commission to the suppliers of intelligent manufacturing components, all of them have an interlocking influence on the information security risks of enterprises. In this speech, the speaker will explain how to build a reliable information security service providing network, and in the meantime, how to meet the regulatory trend of the competent authority and the requirements of enterprise landing.

    Risk Consulting Partner, PWC

    Chin-Jui (CJ) Chang

    Intermediate
    Cyber Supply Chain SecurityIoT SecuritySupply Chain Security
  • 14:45
    Taiwan's Cybersecurity Researchers
    701 Vulnerability Research Lab
    • May 6th (Thu)
    • 14:45 - 15:15
    • 7F 701H

    Tropic Trooper's Back: USBferry Attack Targets Air-gapped Environments

    Tropic Trooper is well aware that military or government organizations may have more robust security in their physically isolated environments (i.e., the use of biometrics or USB use in a quarantined machine before an air-gapped environment). The group then targets potentially unsecured related organizations that could serve as jumping-off points for attacks. For instance, we observed Tropic Trooper move from a military hospital to the military’s physically isolated network.

    This talk provides an overview of the USB malware called USBferry and its capabilities, as well as the other tools used to infiltrate physically isolated environments. In addition, we will talk about their notable tactics in their attack scenario. Further details, including indicators of compromise (IoCs), can be read in the : https://blog.trendmicro.com/trendlabs-security-intelligence/tropic-troopers-back-usbferry-attack-targets-air-gapped-environments/

    Sr. threat researcher, Trend Micro

    Joey chen

    Intermediate
    APTThreat IntelligenceCritical Infrastructure Protection
  • 15:00
    Cyber Talent Forum 資安人才論壇
    • May 6th (Thu)
    • 15:00 - 15:20
    • 4F Cyber Talent 專區

    Red Team Lead, DEVCORE

    Shaolin

    General
  • 15:10
    Healthcare Security Forum
    • May 6th (Thu)
    • 15:10 - 15:30
    • 7F 701C

    Secure DevOps & Continuous Security

    AppScan 全球技術負責人, HCL Software

    Peter Lee

    General
    DevSecOpsApplication SecurityApplication Security Testing
  • 15:10
    CyberLAB
    • May 6th (Thu)
    • 15:10 - 17:10
    • 7F 703C

    zha0

  • 15:15
    Manufacturing Security Forum
    • May 6th (Thu)
    • 15:15 - 15:35
    • 7F 701B

    Smart Manufacturing with Information Security - Everything you need to know about OT/IT Security

    Shifts in customer expectations have changed manufacturing forever. Modern manufacturing requires intelligent operations, scalable security, and connected supply chains to deliver more agile production, greater transparency, and smarter products and services.

    The Internet of Things (IoT) sits at the center of this transformation. Today, IoT is not just about connecting devices, instead, it is about enabling a Digital Feedback Loop where data can be synchronized between employees, operations, products, and customers. Data from customers informs product development; operations data informs staffing decisions; product sales data informs production. As more data is input into the system, the system becomes more intelligent, making manufacturing smarter, safer, faster, and more agile, all while improving products and customer experience.

    Principal PM Manager at Cloud and AI Engineering group, Microsoft

    Cathy Yeh

    General
    Digital TransformationIoT SecurityCloud Security
  • 15:15
    FINSEC Forum
    • May 6th (Thu)
    • 15:15 - 15:45
    • 7F 701A
  • 15:20
    Cyber Talent Forum 資安人才論壇
    • May 6th (Thu)
    • 15:20 - 15:40
    • 4F Cyber Talent 專區

    Senior Technical Consultant, ISSDU

    Jack Chou

    General
  • 15:30
    Healthcare Security Forum
    • May 6th (Thu)
    • 15:30 - 16:00
    • 7F 701C

    【Healthcare Security Forum】

    Intermediate
    Supply Chain SecuritySecurity Development Lifecycle
  • 15:40
    • May 6th (Thu)
    • 15:40 - 17:00
    • 7F 701E

    General
    Governance
  • 15:40
    Cyber Talent Forum 資安人才論壇
    • May 6th (Thu)
    • 15:40 - 16:00
    • 4F Cyber Talent 專區

    Jeffxx

    General
  • 15:45
    • May 6th (Thu)
    • 15:45 - 16:15
    • 7F 701G

    The Missing Piece of OpenWrt Security

    These embedded devices are very susceptible to security vulnerabilities, as they are always powered-on, and usually have no updates after manufacture (unless malfunctioning). OpenWrt is no exception. Although the community already tries its best to bring the state-of-art hardening to date, it is just insufficient as there are too many software packages but too few people maintaining. As a consequence per “defense in depth”concept, Thomas Petazzoni from bootlin initiated the work in 2019 bringing SELinux to OpenWrt, and the work has been merged to the mainstream as of today.

    Unfortunately the work addresses only the very first part of porting: necessary user-space packages and related kernel options, but not the bundled Reference Policy. After a detailed examination, our work fills the gap to unleash the power of SELinux, in hope to bring security to everyone in a more friendly way (prevention rather than mitigation).

    Engineer, ITRI ICL

    Po-Chun Chang

    Intermediate
    Access ControlEndpoint SecurityApplication Security
  • 15:45
    Manufacturing Security Forum
    Taiwan's Cybersecurity Researchers
    • May 6th (Thu)
    • 15:45 - 16:15
    • 7F 701B

    Product Security: The Good, the Bad, and the Ugly

    This presentation will introduce how to perform the product security assessment and disclose vulnerabilities from the PSIRT perspective.

    Independent Security Consultant,

    Ken Lee

    General
    PSIRT
  • 15:45
    Targeted Ransomware Attack Forum
    Taiwan's Cybersecurity Researchers
    • May 6th (Thu)
    • 15:45 - 16:15
    • 7F 701D

    【Targeted Ransomware Attack Forum】

    CEO, Team T5 Inc.

    Sung-Ting Tsai (TT)

    General
  • 15:45
    Taiwan's Cybersecurity Researchers
    701 Vulnerability Research Lab
    • May 6th (Thu)
    • 15:45 - 16:15
    • 7F 701H

    Brief Analysis of Insecure Deserialization with CVE cases

    The InSecure Deserialization issue in OWASP Top 10 is usually be viewed as a security researcher-only domain. 

    By leveraging few simple programs & 2 CVE cases, the speaker will lead audiences to dive into the root cause of this issue & how it could be exploited. 

    Audiences could better understand this mysterious issue & the magic of information security after this talk.

    Staff Software Engineer, IBM

    Peter Chi

    Intermediate
    Application Security TestingExploit of VulnerabilityPenetration Testing
  • 15:45
    Taiwan's Cybersecurity Researchers
    • May 6th (Thu)
    • 15:45 - 16:15
    • 4F 4A 展區會議室

    Let Me Google It for You - Security Concerns in Decentralized Finance (DeFi)

    1 Bitcoin is now worth over 1.5 million NTD. No matter if you’re an experienced investor or just beginning and unfamiliar with financial terms or the digital assets market, I’ll walk you through the basics of crypto security, known threats you need to avoid, and the emerging threats we all need to look out for. Be better informed and make stronger and safer decisions before investing in crypto.

    Cybersecurity Researcher, CyCraft

    Boik Su

    General
    BlockchainCryptographyFinTech
  • 15:45
    FINSEC Forum
    • May 6th (Thu)
    • 15:45 - 16:15
    • 7F 701A

    Third party service provider (TSP)’s challenges and solutions toward the open API tren

    Open API is an unstoppable trend in the future. In addition to the security control of open API end, how third-party service providers (TSPs) implement security controls will also be an important issue. In this session, we will elaborate the information security challenges and suggested solutions based on OneDegree’s open API experience in HK to the audience who would like to participate in API ecosystem. 

    Head of Cybersecurity, OneDegree

    Stanley Chou

    Intermediate
    Vulnerability AssessmentPenetration TestingSocial Engineering
  • 15:45
    Taiwan's Cybersecurity Researchers
    • May 6th (Thu)
    • 15:45 - 16:15
    • 7F 701F

    Introduction of Science and Technology Investigation draft legislation and privacy protection in communication softwares

    This paper will discuss Science and Technology Investigation draft legislation, especially the part of Source Telecommunication Tapping, from the perspective of law and information security technology. From the legal side, we will introduce the content of the relevant regulations and its influence on the investigation after it is in effective. Then we would move to personal privacy of mobile messengers, which includes the introduction of point-to-point encryption (end-to-end encryption, E2EE), as well as the protection of user content in Popular mobile messengers such as Whatsapp, Telegram, Facebook, LINE, clubhouse. The discussion would then point out the gap between “what the police hacking wants” and “what the police could really get in real world” from the technical perspective.

    Ph. D. Candidate, Soochow University

    Joy Ho

    Member, UCCU Hacker

    Vic Huang

    General
    PrivacyLawCryptography
  • 16:00
    Healthcare Security Forum
    • May 6th (Thu)
    • 16:00 - 16:30
    • 7F 701C

    General
    Network SecurityNetwork Monitoring
  • 16:15
    FINSEC Forum
    • May 6th (Thu)
    • 16:15 - 16:45
    • 7F 701A
  • 16:30
    Targeted Ransomware Attack Forum
    Taiwan's Cybersecurity Researchers
    • May 6th (Thu)
    • 16:30 - 17:00
    • 7F 701D

    Unpacking Targeted Ransomware: From Threat Distributor to Defensive Response

    This session provides in-depth analysis on targeted ransomware ecosystem. The major topics include an original threat distributor, crisis response, ransom negotiation and law enforcement disruption. We would like to invite the attendees to discuss how we can fight cybercrime from both technical perspective and real case study.

    Threat Researcher, Fox-IT

    Zong-Yu Wu (ZYWU)

    Threat Intelligence Researcher, SentinelOne

    Yi-Jhen Hsieh (YJ)

    Advanced
    Cyber CriminalRansomwareRisk Management
  • 16:30
    Taiwan's Cybersecurity Researchers
    701 Vulnerability Research Lab
    • May 6th (Thu)
    • 16:30 - 17:00
    • 7F 701H

    It's Okay to be Old Driver

    This session will go on Windows Driver architecture first to make audience become more easier to understand the driver's problems which I'm going to explain. With several famous instances, we will talk about driver's Downgrade Attack, Unauth-Handle & MSR exploit.

    Member, UCCU Hacker

    NotSurprised

    General
    Endpoint SecurityExploit of VulnerabilitySecure Coding
  • 16:30
    Tech Briefing
    • May 6th (Thu)
    • 16:30 - 17:00
    • 7F 701F

    Progress Session

    General
    Managed File Transfer
  • 16:30
    Tech Briefing
    • May 6th (Thu)
    • 16:30 - 17:00
    • 7F 701G

    OPSWAT 0-Trust vs 0-Day

    Intermediate
    Zero Trust ArchitectureCritical Infrastructure ProtectionAdvanced Threat Protection
  • 16:30
    Manufacturing Security Forum
    • May 6th (Thu)
    • 16:30 - 17:00
    • 7F 701B

    The NIST CSF as the Cybersecurity Maturity Assessment Tool - Third-Party Review on the High-Tech Client in Taiwan

    1. Project Motivation

    2. Industry Issues

    3. Project Preparation

    4. Comments and Observations

    5. Common Implementation Challenges

    Senior Director, Willis Towers Watson Taiwan

    Bright Wu

    General
    NIST Cybersecurity FrameworkGovernance Risk & ComplianceRisk Management