Program Overview

• Advancing women's opportunities in Cybersecurity

  Qia Chen, Security Investigator, Cisco CSIRT

  Qia Chen is a Security Investigator in Cisco CSIRT team for more than 5 years now, focused on identifying, investigating, engaging and preventing security incidents. She comes from Shanghai, China and graduated from Shanghai Jiao Tong University with master’s degree, majored in Electronical Engineering. After college she started to work at Cisco in 2007 and has acquired several skills on the job (QA & Automation engineer in her previous roles before Security), and these have become a foundation for her role as a Security Investigator today. She has been accredited with SANS GCIH and GMOB certifications.

  According to the latest Cybersecurity Jobs Report, women comprise only 11% of the global information security workforce, meanwhile the worldwide deficit of qualified Cybersecurity professionals will reach 3.5 million by 2021. There is a vast opportunity for women to contribute in Cybersecurity with voice, vision, expertise and innovation. As a senior Analyst & Security Investigator in Cisco CSIRT team, I would like to share my journey & experience of how I am growing in Cybersecurity area, building up required skills, contributing to my team & being of value, pursuing family & work-life balance and passionately being inspired of my job in Security.

  October 9, 2018 10:00-10:45

• CERT-GOV-MD challenges, achievements and useful experience in improving cybersecurity and resiliency of Moldovan government

  Natalia Spinu, Head of Cyber Security Center, CERT-GOV-MD, STISC, Moldova

  A cybersecurity expert with many years of work experience in governmental and non-governmental sectors in Moldova. As a cybersecurity expert, Ms. Spinu has experience in the following areas: team management, cybersecurity program & policy development, implementation & audit of information security management system (based on ISO 27001), project management. Ms. Natalia Spinu is also a member of the emerging security challenges working group, national coordinator of NATO SPS program in Moldova.

  Cyber Security Center CERT-GOV-MD, within Information Technology and Cyber Security Service, headed by Ms. Natalia Spinu is a governmental computer emergency response team of Moldova, which handles cybersecurity incidents occurred in governmental networks. Under her leadership, the CSC CERT-GOV-MD became actively involved in many national cybersecurity development processes, including national cybersecurity program&policy developments, organizing cyber awareness conferences & workshops, building capacity of university to prepare qualified workforce for cybersecurity sector of Moldova and other.

  Cybersecurity is a common challenge. Like the vast majority of the states, the Republic of Moldova confronted with the need of ensuring protection of its citizen against cybersecurity dangers. However, with the increasing number of governmental electronic services and growing complexity of their protection coupled with flaws and uncertainties in the national legal framework formed a major threat to national security. It is clear that solving that issue is not the thing, which could be done alone. That requires active involvement, cooperation and information exchange of all responsible national institutions as well as international community. The presentation will: introduce the audience into Moldovan cybersecurity context, present current statistics of cybersecurity incidents, list latest international cooperation developments as well as will reveal current achievements and challenges faced by CERT-GOV-MD in improving cybersecurity and resiliency of Moldovan government.

  October 9, 2018 11:00-11:45

• Cybersecurity = Motherhood: Women are fit for cybersecurity

  Sachiko Hasumi, Information Security Officer, UN specialized agency

  Sachiko is an information security professional with more than 15-years experience and solid educational background. She has Master in IT from the Universtiy of Southern Queensland, Australia and also studied at the University of Prince of Songkla, Thailand. Sachiko has qualifications in CISSP, CCSP, CISM, CISA, CRISC, COBIT 5, ITIL, ISO 27001, CEH, PRINCE 2. She is multi-cultural, trilingual (Japanese, English and French), has lived in more than five different countries and worked with people from diverse backgrounds. Sachiko interest is to learn how to improve security in an orgnisation and also at home.

  Many women believe that cybersecurity is not for them partly because of misconception and negative images of cybersecurity. They turn away and leave cybersecurity and go somewhere else where they think they can fit in and enjoy themselves. So where do they go? We see many women in teaching, nursing, human resources and something to do with caring and nurturing. But why not cybersecurity? Cybersecurity is also about nurturing and caring. If it is true that women are naturally talented to protect, lead and guide the others in the society, women are a perfect fit for cybersecurity. Cybersecurity is all about nurturing capabilities to manage security risks to the sufficient maturity level. I will show you two examples at work and at home to convince you that women will enjoy cybersecurity.

  October 9, 2018 14:15-15:00

• Experience of CERT-UA team in Cyber Threat Counteraction

  Yevheniia Volivnyk, Information Security Specialist CERT-UA, SSSCIP, Ukraine

  Yevheniia Volivnyk graduated from the Institute of Special Communication and Information Protection of the National Technical University of Ukraine "Kyiv Polytechnic Institute". Since 2015, she is working as an Information Security Specialist at the State Center of Cyber Defense and Cyber Threats Counteraction of the State Service of Special Communications and Information Protection of Ukraine.

  This presentation shares the experience of the CERT-UA team in establishing the Cyber Incident Response Center for governmental institutions in Ukraine and related activity on strengthening cyber security of the governmental sector. As an Information Security Specialist at the State Center of Cyber Defense and Cyber Threats Counteraction, Yevheniia would discuss incident handling and counteraction approaches employed by the CERT-UA team to handle Advanced Persistent Threat (APT) actors and disrupt their offensive operations against the information systems of Ukraine.

  October 9, 2018 15:15-16:00

• Keynote Presentation

  Janthomas Hiemstra, Country Director, UNDP

  Janthomas Hiemstra has been a development advocate, practitioner and manager for the United Nations Development Programme for over 20 years. During this time he has served in a series of duty stations among which Palestine, Bosnia, Iraq, Syria and Ukraine.

  Knowledgeable in traditional UNDP areas of governance and environment, he is a specialist in conflict programming and post-conflict transition, focusing on resilience and (early) recovery, positioning UNDP during and immediately after humanitarian crises. He designed and rolled out UNDP’s global systems and procedures for immediate crisis response. As a development communicator he is very active on social media notably Facebook and Twitter @JTHundp. Janthomas hails from The Netherlands where he obtained a Master degree in Development Economics in 1989.

  October 9, 2018 09:45-10:00

• Opportunities and challenges for women in IT

  Jelena Zelenovic Matone, Senior Risk Officer, ESM

  Jelena has over a decade of professional experience in information security, governance, audit, risk mitigation, and implementation of best practices for large multilateral private and public sectors with global presence. Her active contributions to public and private sectors in policies, best practices, internal IT security controls, awareness programs, risk analysis and metrics have been recognized for her TA (technical assistance) on numerous occasions by IMF, EBRD, UN, etc. Currently she holds a Senior Risk Officer position for European Stability Mechanism.

  Presentation will concentrate on conversation that will discuss the top 10 tips to being a successful woman in every facet of life and work. It will be followed by a discussion of top 12 key factors to be successful in cybersecurity. Furthermore, the presentation will try to look at how both of these formulas together inspire Women in Cybersecurity to become accomplished and achieve success, regardless of obstacles and challenges that come our way.

  October 9, 2018 16:00-16:45

• Panel: Cybersecurity challenges for developing nations and possible policy response to address them

  Moderator: Paul Raines, Chief Information Security Officer, UNDP
  Panel:
  • Sachiko Hasumi, Information Security Officer, the UN specialized agency
  • Tima Soni, Chief Information Security Officer, UN Women / Cybersecurity Expert, UNICC
  • Natalia Spinu, Head of Cyber Security Center, CERT-GOV-MD, STISC, Moldova
  • Yevheniia Ivakhnenko, Head of International Department, CERT-UA, SSSCIP, Ukraine

  Yevheniia Ivakhnenko is the Нead of Department for International Cooperation in the sphere of cyberdefence and information cyberthreads at the State Center of Cyberdefense and Cyberthreats Counteraction. The State Center hosts the Computer Emergency Response Team of Ukraine (CERT-UA) which was accredited by Forum for Incident Response and Security Teams (FIRST) in 2009 and is part of State Service of Special Communication and Information Protection of Ukraine. Main task of the CERT-UA team is to ensure protection of state information resources and information and telecommunications systems from unauthorized access.

  October 9, 2018 11:45-12:30

• Panel: Women in Cybersecurity share their stories and opportunities

  Moderator: Stephanie Derdouri, Vulnerability Management Director in Financial services

  Stephanie Derdouri operates as a Director of Vulnerability Management for a large financial services company, ensuring the organization is protected against information security vulnerabilities that could jeopardize its mission. Derdouri oversees Application Security, Infrastructure Security, and Internal and External Penetration Testing Programs. Previously, Stephanie worked in both the federal and aerospace industries. Derdouri earned a B.S. in Computer Science from The George Washington University and an M.S. in Information Systems Engineering from Johns Hopkins University.

  Panel:
  • The Honorable Karen Evans, Assistant Secretary, Office of Cybersecurity, Energy Security, and Emergency Response U.S. Department of Energy

  Karen S. Evans was sworn in by U.S. Deputy Secretary of Energy Dan Brouillette as the Assistant Secretary for the Office of Cybersecurity, Energy Security, and Emergency Response (CESER) on September 4, 2018. Evans was confirmed as Assistant Secretary for CESER by the U.S. Senate on Tuesday, August 28, 2018.

  Before being nominated by President Donald J. Trump to lead the Department of Energy’s (DOE’s) cybersecurity efforts, Evans served in the public sector as a top IT official at the Office of Management and Budget under President George W. Bush, in the position that is now known as the federal CIO. She has also previously served as DOE’s CIO. Most recently, Evans was the National Director of the U.S. Cyber Challenge, a public-private program designed to help address a skills gap in the cybersecurity field. Mrs. Evans received her MBA and BA in Chemistry from West Virginia University.

  • Maria Bello, Vulnerability Threat Management Manager in Financial services

  Maria Bello has nearly 20 years of diversified experience encompassing Information Security and Assurance, Management, Information Technology, and Software Development. She has served in managerial and technical project lead positions in Jamaica, Nigeria and the United States covering primarily the financial and federal industries. Currently, Maria is a Cyber Security Manager at a large financial services company, ensuring the organization is protected against information security vulnerabilities that could jeopardize its mission. Maria earned her BSc. in Computer Studies at The University of West Indies and her Masters in Information Security and Assurance at Western Governors University.

  • Chitra Elango, Application Security Manager in Financial services

  Chitra Elango is a Cyber Security Manager leading the Application Security program for a large financial services company. Before moving into Application Security field, she had 15+ years of experience as a software developer, which gives her insight into how development teams operate. This enabled her to play a key role in introducing security to the existing service delivery pipeline and establishing a true DevSecOps model that supports greater business agility and provides assurance in the overall security of the delivered product. She was a driving force in aligning software security and business needs by empowering and enabling developers to identify software security vulnerabilities during active development cycles.

  • Marion Meissner, Executive for Cybersecurity Services in Aerospace industry

  Marion Meissner has worked in information security for over 25 years, including 18 years at NASA, where she was recently named program executive for Cybersecurity Services. Previously, she served as the Chief Information Security Officer of a NASA facility and in various other positions involving cybersecurity strategic planning and policy, security assessment and authorization, and security audits. Ms. Meissner began her career in private industry, working as a software developer, network security analyst, systems engineer and project manager. She holds a B.S. in Computer Science from Georgetown University and a M.S. in Computer Science, with a concentration in Information Security, from George Washington University. In her free time, Ms. Meissner enjoys martial arts and recently earned her second-degree black belt in Tae Kwon Do.

  October 9, 2018 16:45-17:30

• Providing effective incident response and threat intelligence for the UN System

  Tima Soni, CISO UN Women Cybersecurity Expert, UNICC

  Tima is the Head of Information Security Services at the United Nations International Computing Centre and CISO at UN Women. She oversees information security services at UNICC and at UN Women and has over 15 years of experience in information security. In her current role, she works to establish or improve information security programmes by framing and delivering information security governance, risk management, and security awareness as per industry best practices. She also oversees information security operations and information security assessments. Her team includes information security practitioners who support UNICC’s Partner Agencies as CISOs, security incident responders, computer forensic examiners etc. She has a Master degree in Cyber Crime and Computer Forensic Investigations from University College Dublin and another one from Karnataka University in Information Technology. She currently holds industry information security certifications CISSP, CISA, CISM, GCFA, GWAPT, ISO 27001 lead auditor.

  Common Secure Services help the development of professional, shared, trusted relationships among peers and subject matter experts to protect members and critical infrastructure of international organizations in the UN family and other international organizations. In this session, Tima will talk about how this initiative was developed and how it is helping UNICC’s Partner agencies in detecting and responding to cyber threats through effective incident response mechanisms and threat intelligence. She will also share the lessons learnt by many of UNICC Partner agencies and improvements that they are planning to be implement for enhancing their information security posture.

  October 9, 2018 13:30-14:15

• Welcome to conference participants, Program overview, logistics

  Paul Raines, CISO United Nations Development Programme

  Paul Raines is the Acting Chief Technology Officer and Chief Information Security Officer for the United Nations Development Programme. In that capacity he is responsible for managing the IT services and cyber-security and disaster recovery planning for the Organisation’s 177 locations around the world. His unit is the first and only United Nations unit to be both ISO 9001 and ISO 27001 certified. His information security unit has won international awards for outstanding performance including an Honors Laureate award from Computer World magazine in 2013 and CSO50 awards from CSO magazine for 4 of the past 5 years—a feat never before accomplished in the history of the award. The CSO award honors the top 50 cybersecurity organisations in the world for business value and thought leadership and UNDP is the first and only organisation to have won the award for 3 consecutive years. Recently, Computer World magazine selected Mr. Raines for its Premier 100 award for being among the 100 most influential IT leaders for 2016—the second time Mr. Raines has won this award in his career.

  Prior to UNDP, Mr. Raines worked for the Organisation for the Prohibition of Chemical Weapons (OPCW) where he, as well as other members of the organisation, was a joint recipient the 2013 Nobel Peace Prize. Prior to working for the United Nations he was the Chief Informations Security Officer for Bloomberg LP, Barclays Capital and the Federal Reserve Bank of New York. He is a graduate of the United States Air Force Academy and Harvard’s Kennedy School of Government. For relaxation he enjoys opera, Shakespeare plays, French wine and sometimes just sitting in a cafe with an espresso and pain au chocolat reading a good book on Roman history.

  October 9, 2018 09:30-09:45

• Kyiv 2018 UNDP/FIRST TC
  • Program Overview
  • Location
  • Registration