Program

TimeAgenda
08:00-09:00Registration and Breakfast
09:00-09:05Welcome
09:05-09:45 State of Public/Private Partnership in Combating Cybercrime
Richard Boscovich
Microsoft Corp, Digital Crimes Unit
09:45-10:20
10:20-10:40 Coffee Break
Morning Tracks General Technical Technical+
10:40-11:20
11:20-12:00
12:00-13:10 Lunch
Afternoon Tracks Best Practices Internet of Things APTs
13:10-13:50
13:50-14:30
14:30-14:50 Coffee Break
14:50-15:30
15:30-15:50 Cloud Data Storage Security and Threats: Introduction to the panel debate
Jan Kaastrup
CSIS Security Group
15:50-16:40
16:40-17:30 Networking Session

Changes to the program may occur.

Speakers

Adam Lebech, Director, DI ITEK
Adam Lebech

Director, DI ITEK

Adam Lebech is the director of DI ITEK which is the Danish Federation for ICT and Electronics. Before joining DI ITEK in 2014, he has held senior management positions in the Danish government on ICT and eGovernment policy. Among other things he has been responsible for introducing the compulsory use of information security standards in the state administration, implementation of the NemID digital signature initiative, and establishing the Danish GovCERT.

Anton Cherepanov, Malware Researcher, ESET
Anton Cherepanov

Malware Researcher, ESET

Anton works as a malware researcher in ESET. One of his daily duties is analyzing various complex malicious threats. Fields of interest: information security, malware analysis, and reverse engineering.

David Jacoby, Senior Security Evangelist, Kaspersky Lab
David Jacoby

Senior Security Evangelist, Kaspersky Lab

David is a provocative security evangelist who is currently working as Senior Security Researcher for Kaspersky Lab. He is responsible for not only research but also technical PR activities in the Nordic and Benelux region where his tasks often include vulnerability and threat research. He also performs product and security audits, penetration tests, security research and is a known speaker at the world’s largest security conferences. His day-to-day job is about improving awareness of the current and future threats and vulnerabilities to which both consumers and large enterprises are exposed and fight cybercrime.

David has about 15 years of experience working in the IT security field. This has given him the opportunity to work in many interesting fields such as: Vulnerability and Threat Management, Customer Experience, Penetration Testing, Development and Fighting Cybercrime.

Gabor Szappanos, Principal Malware Researcher, Sophos PLC
Gabor Szappanos

Principal Malware Researcher, Sophos PLC

He graduated from the Eotvos Lorand University of Budapest with degree in physics. His first job was in the Computer and Automation Research Institute, developing diagnostic software and hardware for nuclear power plants.

He started antivirus work in 1995, and has been developing freeware antivirus solutions in spare time.

He joined VirusBuster in 2001 where he was responsible for taking care of macro virus and script malware. Since 2002 he was the head of the virus lab.

Since 2008 he is a member of the board of directors in AMTSO (Anti Malware Testing Standards Organizations).

In 2012 he joined Sophos as a Principal Malware researcher.

Henrik Larsen, Head of DKCERT, DKCERT
Henrik Larsen

Head of DKCERT, DKCERT

Henrik Larsen (1954), M. Arts, CISSP, CISM, CGEIT, Exam. ESL, ISMS-LI, is the head of DKCERT since March 2015. Before this, he was the Chief Information Security Officer at the University of Copenhagen since 2011. His experience includes seventeen years of ICT management with the UCPH and several years of project management, research and teaching. He has been presenting at a number of Danish and international conferences.

Inbar Raz, Hacker of Things
Inbar Raz

Hacker of Things, VP of Research, PerimeterX

Inbar has been teaching and lecturing about Internet Security and Reverse Engineering for nearly as long as he has been doing that himself. He started programming at the age of 9 on his Dragon 64. At 13 he got a PC, and promptly started Reverse Engineering at the age of 14. Through high-school he was a key figure in the Israeli BBS scene. He spent most of his career in the Internet and Data Security field, and the only reason he's not in jail right now is because he chose the right side of the law at an earlier age.

Inbar specializes in outside-the-box approach to analyzing security and finding vulnerabilities. From late 2011 to late 2014, he was running the Malware and Security Research at Check Point, using his extensive experience of over 20 years in the Internet and Data security fields. He has presented at a number of conferences, including Kaspersky SAS, Hack.lu, ZeroNights, ShowMeCon, several Law Enforcement events and Check Point events.

These days, Inbar is running the research at PerimeterX, shielding web sites against modern attacks by leveraging client side behavioral analysis, and providing highly accurate detection and low friction integration.

Kurt Sejr Hansen, Security manager, TDC Group
Kurt Sejr Hansen

Security Manager, TDC Group

A security manager at TDC, Kurt has been working in the Telco industry for more than 30 years and taking on roles ranging from development to management. In the last 10 years, Kurt has focused in particular on security in products and services delivered to TDC customers.

How to control security in an outsourced environment is a challenge that most organizations face. At TDC, Kurt’s role has been to ensure that TDC remains in control before, during and after signing an outsourcing agreement with a partner in an area with security concerns.

Kurt is a participant and member of several national and international security groups.

Education: B.COM, B.Sc. E.E – CISSP certified since 2004

Manuel Vigilius, Global Media Relations Manager, ISS World Services
Manuel Vigilius

Global Media Relations Manager - Group Communications, ISS World Services

A Journalist by education, I have worked in independent media as well as corporate communications in major Danish and global corporations for more than 15 years (including six years as web editor). I have also taught journalism at University of Southern Denmark and currently guest lecturer at the Danish School of Journalism.

Former employers: DSB (Danish State Railways), TDC, A.P. Moller – Maersk.
Currently employed at ISS World Services.

Marc Ester, Exchange Coordinator, G Data
Marc Ester

Exchange Coordinator, G Data

Marc Ester was born in the former coal and steel area in Germany in September 1983 in Wanne-Eickel. During his studies of applied computer science he worked for the "Institute for Internet Security" in Gelsenkirchen, where he was member of the awareness and pen-testing team. Since 2009 Marc works for the German anti-malware solution provider G DATA, which is located in Bochum. He works in the SecurityLabs where his tasks are cybercrime research and point of contact for the law enforcement. He is also responsible for data sharing with exchange partners.

Marion Marschalek, Malware Reverse Engineer, Cyphort Inc.
Marion Marschalek

Malware Reverse Engineer, Cyphort Inc.

Marion Marschalek is a malware reverse engineer and public speaker, on duty for Cyphort Inc. Santa Clara, California. Marion is focusing on the analysis of emerging threats and exploring novel methods of threat detection. Also she teaches malware analysis at University of Applied Sciences St. Pölten and writes articles for security magazines. She has spoken at international conferences around the globe, among others Defcon Las Vegas, RSA San Francisco and SyScan Singapore. Marion came off as winner of the Female Reverse Engineering Challenge 2013, organized by RE professional Halvar Flake.

Paul Vixie, Founder and CEO, Farsight Security
Paul Vixie

Founder and CEO, Farsight Security

Dr. Paul Vixie is the CEO of Farsight Security. He previously served as President, Chairman and Founder of Internet Systems Consortium (ISC), as President of MAPS, PAIX and MIBH, as CTO of Abovenet/MFN, and on the boards of several for-profit and non-profit companies. He served on the ARIN Board of Trustees from 2005 to 2013, as ARIN Chairman in 2008 and 2009, and was a founding member of ICANN Root Server System Advisory Committee (RSSAC) and ICANN Security and Stability Advisory Committee (SSAC). He operated the ISC's F-Root name server for many years, and is a member of Cogent's C-Root team. He is a sysadmin for Op-Sec-Trust.

Vixie has been contributing to Internet protocols and UNIX systems as a protocol designer and software architect since 1980. He wrote Cron (for BSD and Linux), and is considered the primary author and technical architect of BIND 4.9 and BIND 8, and he hired many of the people who wrote BIND 9. He has authored or co-authored a dozen or so RFCs, mostly on DNS and related topics, and of Sendmail: Theory and Practice (Digital Press, 1994). His technical contributions include DNS Response Rate Limiting (RRL), DNS Response Policy Zones (RPZ), and Network Telemetry Capture (NCAP). He earned his Ph.D. from Keio University for work related to DNS and DNSSEC, and was named to the Internet Hall of Fame in 2014.

Peter Kruse, Head of CSIS eCrime Unit & Partner, CSIS Security Group
Peter Kruse

Head of CSIS eCrime Unit & Partner, CSIS Security Group

Peter Kruse co-founded the Danish IT-security company CSIS in 2003 and is currently leading the eCrime department, which provides services mainly aimed at the financial sector. His ability to combine a keen appreciation of business needs and a profound technical understanding of malware has made CSIS a valued partner of clients not only in Scandinavia but also in the rest of Europe.

Today, Peter is by far the most quoted IT-security expert in Denmark and considered among the most recognized in Europe. He has a long history of active participation in several closed and vetted top IT-security communities and has numerous international connections in the antivirus- and banking industry, law enforcement and higher education institutions.

Peter Landrock, President and Owner, Cryptomathic
Peter Landrock

President and Owner, Cryptomathic

Peter Landrock is a mathematician and started working with data security in 1984. At Aarhus University he built one of the leading research teams in Data Security in Europe, and was elected President of the International Association for Cryptologic Research from 1992 to 1995. He first came to Cambridge in 1996 – where he now lives - as one of the organisers of a research programme in data security and cryptography at the Newton Institute, Cambridge University. He served on the Technical Advisory Board of the Microsoft Research Lab at Cambridge from 1997 to 2010, holds an honourable professorship in mathematics at the University of Aarhus and is a senior member of Wolfson College, Cambridge University. In 2010 he was nominated for the European Inventor Award by The European Patent Office and the European Commission for lifelong achievements in encryption technologies. He founded Cryptomathic A/S in 1986, which delivers large scale solutions to banks, major companies and governments all over the world, with offices in Aarhus, Cambridge, Munich and Silicon Valley.

Richard Boscovich, Assistant General Counsel, Digital Crimes Unit, Microsoft Corp
Richard Boscovich

Assistant General Counsel, Digital Crimes Unit, Microsoft Corp

As assistant general counsel on Microsoft’s Digital Crimes Unit, Richard Boscovich leads a team of investigators focused on malicious code and spyware enforcement cases. Based in Redmond, Wash., the team actively analyzes all forms of malware such as botnets, malvertising, scarware and click fraud. His work in the field includes developing the legal strategies used in the take downs and disruption of bot-net such as the Waledac, Rustock, Kelihos, Zeus, Citadel, Bamital and Nitol bot-nets. In addition to analyzing malicious code, the team actively pursues partnerships with others in the industry, as well as law enforcement agencies, and academics in the field.

Boscovich began his career as a corporate tax attorney at a major international law firm in New York City. He then served for 17 years at the U.S. Department of Justice (DOJ) as an assistant U.S. attorney in Florida’s Southern District (Miami). He directed the district’s Computer Hacking and Intellectual Property unit, where he prosecuted numerous high-profile computer intrusion cases, including the first federal juvenile prosecution of a 17-year-old computer hacker. During the last two and one-half years of his tenure at the DOJ, he served as chief of the Major Crimes unit, where he managed the activities of 25 assistant U.S. attorneys.

Boscovich has lectured throughout South America and Europe on behalf of both DOJ and the U.S. State Department on topics that include: money laundering, intellectual property investigations/legislation and comparative law, among others.

Boscovich joined Microsoft in 2008. He holds both a BA degree in Political Science/History and a law degree from the University Of Miami.

Righard Zwienenberg
Righard Zwienenberg

Senior Research Fellow, ESET

Zwienenberg started dealing with computer viruses in 1988 after encountering the first virus problems at the Technical University of Delft. His interest thus kindled, Zwienenberg has studied virus behaviour and presented solutions and detection schemes ever since. Initially he started as an independent consultant, in 1991 he co-founded CSE Ltd. where he was the Research and Development Manager. In October 1995, Zwienenberg left CSE and one month later he started at the Research and Development department of ESaSS BV – developers of ThunderBYTE. In 1998, Norman Data Defense Systems acquired ESaSS and Zwienenberg joined the Norman Development team to work on the scanner engine. In 2005 Zwienenberg took the role of Chief Research Officer at Norman. After AMTSO – Anti Malware Testing Standards Organization - was formed, Zwienenberg was chosen as its president. He is serving as a Vice-President of AVAR and on the Technical Overview Board of the WildList. Zwienenberg left Norman in 2011 looking for new opportunities and started as a Senior Research Fellow at ESET, spol. s r.o. In April 2012 Zwienenberg stepped down as President of AMTSO to take the role as CTO. He also started on Executive Committee of IEEE ICSG. Since April 2015 Zwienenberg returned as President of AMTSO.

Zwienenberg has been a member of CARO since late 1991. He is also vice-president of AVAR. He is a frequent speaker at conferences – among these Virus Bulletin, EICAR, AVAR, RSA, InfoSec, SANS, CFET, ISOI, SANS Security Summits, IP Expo, Government Symposia, SCADA seminars, etc - and general security seminars. His interests are not limited to malicious code but have broadened to include general security issues and encryption technologies over the past years. His hobbies include but are not limited to being a Trekkie, playing the drums, magic and illusions and balloon modelling.

Robert Lipovsky, Malware Researcher, ESET
Robert Lipovsky

Malware Researcher, ESET

Rober Lipovsky, malware researcher in ESET, is responsible for malware intelligence and research. He has given presentations at a number of security conferences, including EICAR, CARO, and Virus Bulletin.

Thomas Siebert, Manager System Security Research, G Data
Thomas Siebert

Manager System Security Research, G Data

Thomas Siebert, born in 1982 in Bottrop, is one of the young and dynamic IT experts that emerged from the structural change of Germany's 'Ruhrgebiet'. Having graduated from Ruhr University Bochum with an engineer's degree in IT Security, he became co-inventor of the G DATA BankGuard technology. With years of experience in the international field of computer sciences and eminent programming skills, he became Manager of G DATA's System Security group. Today, he researches, develops and maintains innovative pro-active anti-malware technologies together with his team.

Details

What is the location of CCCC15?

This year, the conference is held at the beautiful conference center of DI’s headquarters:

DI - Dansk Industri (Industriens Hus)
H. C. Andersens Boulevard 18
1787 København

Nearby parking areas

When is CCCC15 held?

The conference is held on June 11, 2015. We start with breakfast at 8am, and finish off after a networking session at ca. 17:30.

Public Transportation and Parking

The conference venue is located just a short walk away from Copenhagen’s main train station. The closest bus stop is ‘Rådhuspladsen’ for lines 2A, 12, 26 and 33.
If arriving by car, parking is possible at a number of underground parking lots located in the vicinity of the conference venue (Q-Park Idustriens Hus; City Auto & P-service at Jernbanegade 1, etc.). All parking is subject to availability and a parking charge.

Conference Registration Fee

Participation in the conference is subject to a registration fee of 999 DKK incl. VAT (moms). This fee includes admission to all conference sessions, breakfast, coffee breaks, lunch and the networking session.

The fee will be invoiced to participants after their registration and is payable by the due date stated on the invoice. The registration fee is not refundable. If you are unable to attend the conference, a substitute delegate is welcome at no extra charge. Please, notify us about this change by the start of the conference.

Conference Agenda Structure

This year, the conference program is divided into 3 morning and 3 afternoon tracks

Morning

  • General
  • Technical
  • Technical+

Afternoon

  • Best Practices
  • Internet of Things
  • APTs

More details about the individual presentations and presenters are available through the ‘Program’ and ‘Speakers’ sections. For most of the presentations, a short abstract of the presentation’s content and the information on its technical level is provided.

Based on your personal preferences, choose one morning and one afternoon track and sign up for it upon your registration for the conference.

How to register for the conference?

Click on the orange ‘Register now’ button located on the right side of the menu banner. Fill in all the requested details and submit your registration form.

Videos

Copenhagen Cybercrime Conference 2014

Scandinavian Cybercrime Conference 2013

Register Now

About

CCCC15

Just within a few years, the Copenhagen Cybercrime Conference has become the premier cybersecurity event of the Nordics. Bringing together cyber security researchers and practitioners from different sectors and industries, the conference represents a unique platform for sharing latest findings, trends and best practices from the field of cybercrime. Hosted by CSIS, Confederation of Danish Industry and Ministry of Business and Growth, this year’s conference is going to take place at DI headquarters on June 11, 2015. It is going to offer 16 presentations distributed across a number of tracks and dealing with topics such as the Internet of things, APTs, encryption and many others.

CSIS

CSIS Security Group was founded in 2003 with the mission to respond to the growing threat of IT criminals. As a trusted provider of anti e-crime services and as one of the first movers within this field, CSIS Security Group has proven to be the preferred partner for some of the largest banks and financial institutions in the world.

DI ITEK

Represents 300 IT, Telecoms, Electronics and Communication Companies within the Confederation of Danish Industry. Promotes the best possible framework conditions for competiveness and growth in the ICT and Electronics companies. Works to make Denmark an attractive country for IT, telecommunications, electronics and communication companies to invest in.

Ministry of Business and Growth

The Ministry of Business and Growth seeks to improve the conditions for growth in Denmark. The Ministry conducts thorough economic analyses and suggests policy initiatives in areas imperative to economic growth.

Sponsor(s)

Atea

News

A number of CCCC15 presentation slides are available for download.
Registration is now closed. Thank you for your interest.
Check out who is joining our panel debate on 'Cloud Data Storage Security and Threats'.
New talk on the 'General' track: Is all security advice good? Listen to Righard Zwienenberg from ESET to find out more.
Due to the coming parliamentary elections, no public appearances of representatives of public authorities are allowed. For this reason, the presentations by Niels May Vibholt (Ministry of Business and Growth) and Kim Aarenstrup (NC3, Danish National Police) had to be cancelled.
Submit your questions for the panel debate 'Cloud Data Storage Security and Threats' to .
What to do when the crisis hits you and how to prepare for it? Manuel Vigilius from ISS World Services will share some of his insights and best practices.
Richard Boscovich from the Digital Crimes Unit at Microsoft is joining this year's CCCC as the keynote speaker.
You think your home is safe? Ask David Jacoby from Kaspersky Labs!
What do tomatoes have to do with cyber security? Gabor Szappanos from SOPHOS is ready to tell you all about it.
Can encryption save the world? Find out with Peter Landrock from Cryptomathic!
Kurt Sejr from TDC Group is going to share some best practices related to outsourcing-contracts
CSIS cooperates on this year’s conference with DI ITEK and the Ministry of Business and Growth.

Presentations

CCCC15 Presentations for Download – Part 1

Adam Lebech, DI ITEK:
Information security - current challenges and perspectives
Gabor Szappanos, Sophos:
The Attack of the Killer Tomatoes
Inbar Raz, PerimeterX:
Physical [In]Security: It’s not ALL about Cyber
Jan Kaastrup, CSIS:
Cloud Computing from a security perspective
Manuel Vigilius, ISS:
Don’t be an ostrich – be a chipmunk
Marion Marschalek, Cyphort:
The Stuxnet-O-Meter: Measuring Complexities
Paul Vixie, Farsight Security:
Waterfall Computing – Creating Value in the Absence of Big Data
Peter Kruse, CSIS:
How Website Insecurity Can Ruin Your Business
Righard Zwienenberg, ESET:
PUA – Potentially Unwanted Advice