Tickets

Trainings for Qubit Conference®
Slovakia 2024

14. November 2024

RESOLVING INCIDENTS WITH OPEN SOURCE TOOLS

In-person | Duration: 6 hours | Suitable for Cyber Defense Analysts, Incident Responders, Blue Teamers, SOC Analysts, and Threat Hunters. The number of training participants is a maximum of 25.
Training description:
When we talk about a cyber attack, it is not a question of “if” it will happen, but “when” it will happen. Since it is better to be prepared for such a situation, we would like to focus on incident response as part of this training. The content primarily focuses on the Windows operating system, which is still one of the most widespread environments in small, medium, and large companies. At the beginning, we will briefly discuss the basic principles and tasks involved in incident response. We will also review the initial steps to take if an incident is detected. In a model scenario, we will start addressing an incident with one infected device, and then apply the acquired knowledge to identify other infected systems. All these activities will be performed using open-source tools commonly used in incident response, and we will demonstrate their advantages and disadvantages. We will try tools such as Hayabusa, Chainsaw, Sysinternals suite, Velociraptor, and Wazuh.
Requirements for training participants:
  • Knowledge of the Windows operating system
  • A computer with at least 16 GB of RAM, 40 GB of free space on the HDD/SSD, and VirtualBox installed (64-bit version)
  • If needed, we can provide an image for VMware (in this case, please, contact us a few days before the training starts)
  • Allowed access via RDP to the cloud (TCP port 3389 to the external IP)
  • Local administrator account (this will help resolving potential issues during the training)

Before the training, participants will receive a link to download the materials.

TRAINERS

Ladislav Bačo

Ladislav Baco

Network Infiltration Analyst | ESET | Slovakia

Read more >

Miroslav Sidor

Security analyst | ESET | Slovakia

Read more >

CODE STRONG: MENTAL RESILIENCE IN A TIME OF CHAOS

In-person | Duration: 6 hours | Suitable for CEO, Leader, Team Leader, Project Leader, Project Manager. The number of training participants is a maximum of 25.
Key Training Points:
  • Mental Resilience: Learn the basics of mental resilience and why it is essential for success and mental well-being.
  • Stress Neurobiology: Discover practical techniques for managing stress, improving focus, and maintaining productivity under pressure.
  • Emotional Agility: Develop the skills to recognize and regulate emotions, create better relationships, and foster a more harmonious work environment.
  • Practical Tips and Techniques: Experience exercises and techniques that can be easily incorporated into your daily routine.
  • Interactive Sessions: Engage in interactive activities and discussions with fellow IT professionals to share experiences and learn from each other.

This workshop is a valuable opportunity to invest in your mental health, increase your resilience, and ultimately enhance your performance and job satisfaction. Join us to learn, grow, and thrive on your professional journey.

Training description:

In the dynamic field of information technology, professionals face challenges that strongly impact mental health and overall well-being. Peak performance requires a lot of physical and mental energy. Enhancing the ability to focus, manage stress and pressure, make quick and correct decisions, and increase mental resilience is essential in today’s business, work, and life.

This workshop will provide you with answers to the questions of HOW:

  • To be prepared for demanding challenges and quickly regain balance after overcoming them?
  • To increase the sense of mental control?
  • To regulate your emotions so they help you?
  • To cultivate the ability to focus and make decisions amidst chaos?
  • To grow with every experience?

The workshop will focus on managing the high demands and stressful situations that today’s life imposes on us. It will provide you with the necessary tools and strategies to effectively address these challenges.

Requirements for training participants:

No specific knowledge is required. Participants should be willing to be open and honest, as sharing their questions and experiences can enrich the entire group.

TRAINER

Relovská

Zuzana Relovska

Executive Leadership Coach & Consultant | Slovakia

Read more >

MANAGING CYBER RISKS QUANTITATIVELY

Immediately and practically improve cyber risk management using basic CRQ (cyber risk quantification) methods.
In-person | Duration: 6 hours | Suitable for CEO, CFO, COO, CIO, Heads of Compliance, Heads of Internal Audit, Enterprise Risk Managers, IT Infrastructure Managers, Security and Data Privacy Managers (e.g., CISO, DPO, Security Managers), Cybersecurity, Data Protection, or Compliance Specialists (e.g., Security Analyst, Risk Analyst, Cybersecurity Auditor). The maximum number of training participants is 25.
Training description:

Elevate your cyber risk management from dubious to quantifiable! Embark on a journey towards excellent and practical risk-based cybersecurity with our training specifically designed for beginners in Cyber Risk Quantification (CRQ). You have the opportunity to enhance your practical “quant risk” skills under the guidance of an experienced expert, Mgr. Michal Hanus, Ph.D. Join us and turn theoretical knowledge into practical experience, quantify cyber risks, and select appropriate countermeasures efficiently, economically, and strategically. All within the context of current Slovak legislation and regulatory guidelines.

Requirements for training participants:

P1: Reasons for the failure of traditional methods

(“A problem well stated is a problem half solved.” – Charles Kettering)

We will closely examine the essence and objectives of cyber risk management and immediately uncover the pitfalls of popular qualitative risk analysis. We will explore why the traditional cyber risk model, Risk = Threat x Vulnerability x Impact, with its alluring but misleading simplicity of risk matrices, fatally fails and produces outcomes worse than random chance. Find out what quantitative analysis is and isn’t, and how incremental improvements towards quantifying cyber risks (CRQ) can revolutionize risk assessment and comparison, making cyber risk management a valuable asset for the entire company.

P2: Redefinition of the risk model for practical and pragmatic decisions

(“All models are wrong, but some are useful.” – George Box)

Break away from the flawed qualitative mantra and embrace the scientific estimates and calculations that factor in the true influence of threats and vulnerabilities in a robust scenario-specific risk model.

We will move away from the flawed and highly promoted qualitative mantra R=T*V*I in the Slovak legislation and shift towards quantitative estimates and real calculations using scientifically validated methods. We will properly consider the impact of threats and vulnerabilities in a verified risk model based on specific scenarios.

P3: One universal number is not enough: The art of precision and accuracy in risk analysis

(“The flaw of averages.” – Sam Savage)

We will uncover the limitations of discrete quantitative analysis as described and mandated by ISO standards. We will find out why a single number cannot determine your risk management strategy, and finally, we will show why the “quantitative methods” stated in Slovak legislation have nothing to do with CRQ.

P4: From theory to practice with real-life examples

(“In theory, theory and practice are the same. In practice, they are not.” – Benjamin Brewster)

In a real-life case study, we will vividly illustrate the comparable complexity and laborious nature of the quantitative analysis of cyber risks (CRQ) compared to the current SK legislative-preferred and entirely inaccurate methods. You will acquire the selection of experts, their calibration, and the art of using expert estimates to measure inherent risks and assess mitigation effectiveness; subsequently, calculating residual risks will become routine.

P5: Practical Experience with Established Tools in the Field

(“Avoid spreadsheet misery, the price of using cheap spreadsheets is too high.” – Robert Brown Jr.)

During this course, participants will gain introductory practical experience with modern and established tools such as R/RStudio, Lumina Analytica, and MS Excel, and explore their applications in modern cyber risk management.

Requirements for training participants:

• basic knowledge of statistics and probability (basic course)
• ability to practically apply mathematical skills at an intermediate (high school) level
• intermediate proficiency in MS Excel
• knowledge of general principles and common terminology used in the field of cybersecurity
• understanding of principles, concepts, and common elements/components of contemporary corporate ICT environments
• intermediate knowledge of the enterprise risk lifecycle and general principles and common processes for their management within a business

Requirements for training participants:

• End device (notebook, tablet, phone) with WiFi or internet connection
• Web browser (for simple mathematical survey questions, basic expert estimates, mathematical quizzes for entertainment and future profit, to run the web model from AgenaRisk AI)
• PC with MS Office or MS Excel (for initial simple modeling and basic calculations)
• Desktop software Analytica for Windows Free Edition (installable from the AnaSetup.exe package available at https://lumina.com/analytica-downloads/
• Desktop versions of a) the R statistical language and b) the RStudio Desktop development environment for Windows (both installation links and instructions are available at https://posit.co/download/rstudio-desktop/)

Warning:

• MacBook with MacOS, Microsoft 365 for Mac, and RStudio for MacOS can certainly be used, but we cannot provide support for this setup during training
• We only support the current versions of Windows, Office, and RStudio for Windows

TRAINER

Dizajn bez názvu (1)

Michal Hanus

Cyber Security Consultant | Cyber Rangers | Czech Republik

Read more >

OD AUDITU PO INCIDENT RESPONSE PLÁN

Ako efektívne zabezpečiť organizáciu

Prezenčne | Dĺžka trvania 6 hodín | Vhodné pre C-level pozice (CISO, CIO, CEO, CTO)
Počet účastníkov 30
Školitelia:
  • Peter Hanzlík | Konzultant v DXC Technology
  • Marián Možucha | SAP Solution Architekt v DXC Technology
Kľúčové body školenia:
  • Úvod do AI
  • Úvod do Generatívnej AI
  • Využitie Generatívnej AI v podnikových produktoch a riešeniach
  • Praktické ukážky nasadenia Generatívnej AI:
  • Bezpečnosť v Generatívnej AI
  • Etika v AI
  • Regulácie AI
Training description:

Workshop sa zameriava na poskytnutie komplexného pohľadu na oblasť umelej inteligencie (AI), jednej z najvýznamnejších a rýchlo sa rozvíjajúcich technologických oblastí. Naším cieľom je prekonať klamlivé predstavy o AI a poskytnúť jasné a podrobné informácie o jej historickom vývoji, rôznych konceptoch a rôznych oblastiach, v ktorých nájdeme jej aplikácie. Ponúkneme podrobný pohľad na Generatívnu umelú inteligenciu (Generatívna AI) a jej významnú úlohu v dnešnej dobe. Oboznámime sa s hlavnými stavebnými blokmi, ktoré tvoria nový typ AI, a preskúmame, prečo je tento prístup výrazne odlišný od tradičnej GOFAI (Good Old Fashioned AI).

Requirements for training participants:

No specific knowledge is required. Materiály z workshopu (PDF prezentáciu) poskytneme po jeho uskutočnení.

TRAINER

úprava foto spíkers (1)

Name and Surname

function | company | country

Read more >

created by digital and marketing agency ©CaIS4you, s.r.o., design by graphic designer ©Slaavo

Ladislav Bačo

Analytik sieťových infiltrácií
ESET | Slovensko

Ladislav Bačo je bezpečnostný konzultant a analytik malvéru, s 15 ročnými skúsenosťami v oblastiach počítačovej bezpečnosti, informatiky a vzdelávania. Ladislav spolupracoval pri riešení bezpečnostných incidentov namierených voči kritickej infraštruktúre doma aj v zahraničí a analyzoval viacero pokročilých kybernetických hrozieb typu APT. V súčasnosti pracuje vo firme ESET ako analytik sieťových infiltrácií.

Ladislav je držiteľom odborných certifikácií ako GCTI, CHFI a ECES.

Miroslav Sidor

Bezpečnostný analytik
ESET | Slovensko

Miroslav je bezpečnostný analytik s viac ako 8 ročnými skúsenosťami v oblasti kybernetickej bezpečnosti. Momentálne pracuje ako bezpečnostný analytik v spoločnosti ESET. V minulosti pracoval pre vládnu jednotku CSIRT.SK ako analytik a neskôr ako vedúci oddelenia Analýzy Kybernetických Hrozieb. Má praktické skúsenosti s riešením ransomware incidentami. Je držiteľom rôznych odborných certifikácií ako BTL1, CHFI a GCFA.

Zuzana Reľovská

Executive Leadership Coach & Consultant
Slovensko

Leadership a well-being koučka sa pohybuje vo svete biznisu viac ako 20 rokov. Má skúsensti s rozvojom organizácií a líderských kompetencií naprieč rôznymi odvetviami, regiónmi, či úrovňami riadenia. Pracovala pre veľké korporácie ako IBM, Dell a Korn Ferry, aktuálne okrem individuálneho koučovania a poradenstva, usporadúva Well-being konferenciu pre lídrov, prvú svojho druhu na Slovensku. Od roku 2018 spolupracuje s Forbes Slovensko na projekte Nevyhorení a prispieva k témam mentálneho zdravia a osobného rozvoja lídrov.

Michal Hanus

Cyber Security Consultant

Cyber Rangers | Česká republika

Michal je blue teamer, odborník na kybernetické riziká, architekt bezpečnostných riešení a manažér IT služieb s viac ako 20-ročnými skúsenosťami. Jeho kariéra zahŕňa technické školenia, tvorbu IT a InfoSec stratégie, strategické riadenie projektov a bezpečnosť kritickej infraštruktúry. Zameriava sa najmä na riadenie rizík v IT a kvantitatívnu analýzu kybernetických rizík (CRQ). Na základe kybernetických hrozieb a rizík a stavu firemného prostredia určuje konkrétne bezpečnostné stratégie, systematické plány rozvoja kybernetickej bezpečnosti a súbory opatrení na zvýšenie kybernetickej odolnosti. Venuje sa tiež bezpečnosti priemyselných a riadiacich systémov a prevádzkových technológií (ICS a OT Security).

Rečník

Čoskoro zverejníme informácie o rečníkovi.

Slovensko

Čoskoro zverejníme informácie o rečníkovi.

Ladislav Baco

Network Analyst

ESET | Slovakia

Ladislav Baco has 15 years of experience as a security consultant and malware analyst in computer security, IT, and education. Ladislav collaborated on addressing security incidents targeting critical infrastructure domestically and abroad and analyzed several advanced cyber threats, such as APTs. Currently, he works at ESET as a network infiltration analyst.

Ladislav holds professional certifications such as GCTI, CHFI, and ECES.

Miroslav Sidor

Security Analyst

ESET | Slovakia

Miroslav is a security analyst with over 8 years of experience in cybersecurity. Currently, he works as a security analyst at ESET. In the past, he worked for the government unit CSIRT.SK as an analyst and later as the head of the Cyber Threat Analysis department. He has practical experience in dealing with ransomware incidents. He holds various professional certifications such as BTL1, CHFI, and GCFA.

Zuzana Relovska

Executive Leadership Coach & Consultant

Slovakia

Zuzana is a leadership and well-being coach who has been active in the business for over 20 years. She has experience in developing organizational and leadership competencies across various industries, regions, and management levels. She has worked for major corporations such as IBM, Dell, and Korn Ferry. Currently, in addition to providing individual coaching and consulting, she organizes the Well-being Conference for leaders, the first of its kind in Slovakia. Since 2018, she has collaborated with Forbes Slovakia on the “Unburnt” project and contributed to topics related to mental health and the personal development of leaders.

Michal Hanus

Cyber Security Consultant

Cyber Rangers | Czech Republic

Michal is a blue teamer, cyber risk expert, security solution architect, and manager of IT services with more than 20 years of experience. His career includes technical training, IT and InfoSec strategy creation, strategic project management, and critical infrastructure security. It mainly focuses on risk management in IT and quantitative analysis of cyber risks (CRQ). Based on cyber threats and risks and the state of the corporate environment, he determines specific security strategies, systematic cyber security development plans, and sets of measures to increase cyber resilience. He also deals with the security of industrial and control systems and operational technologies (ICS and OT Security).

Speaker

We will post speaker information soon.

Slovakia

We will post speaker information soon.

Boris Mutina

Security analyst

Excello a Virusfree.cz | Czech Republic

Boris is the author of many articles and professional publications in the field. After many years traveling in pursuit of cybersecurity, Boris is now a happy cybersec analyst at Excello. He serves as an auditor and researcher. As a freelance IT security specialist, he collaborates with numerous companies across Europe.