We are pleased to announce our next event with Sally Trivino and Didier Stevens, which takes place on 7 May 2013 on the theme Digital Forensics. The venue is kindly provided by Landsbond der Christelijke Mutualiteiten / Alliance Nationale des Mutualités Chrétiennes (Haachtsesteenweg / Chaussée de Haecht 579, 1031 Brussels).

The Schedule:

18h00-18h30: Welcome at Landsbond der Christelijke Mutualiteiten (Brussels)
18h30-19h30: Forensics Technology Solutions for Litigation Support: Sally Trivino
19h30-19h45: Networking break
19h45-20h45: Network Device Forensics: Didier Stevens
20h45-21h30: Networking & closure

With special thanks to Landsbond der Christelijke Mutualiteiten for hosting the event.

Register here:

Forensics Technology Solutions for Litigation Support
 
Abstract: Protecting business interests requires companies to ensure their readiness to embrace potential disputes; class action settlements; litigation support for counsel or expert witnesses; arbitrations or special proceedings; potential misconduct, etc. The advent and evolution of information age has brought new challenges for the companies who have to deal with large amount of information produced; exchanged; processed; and stored in routine business processes. As a result, demand of forensics technology solutions for litigation support has considerably increased in the last few years due to the sprawling number of high-tech crimes and misdemeanours targeting businesses.
This talk will provide an overview of the challenges faced by the companies to tackle crimes involving information and communication technologies. A detailed insight into the forensic technology solutions currently used for the litigation support will be presented. These solutions cover evidence collection and preservation; electronic discovery and data analytics; consolidation of the findings in a format that is acceptable by courts of law. The implication of data protection legislations in collection, processing, and preservation of personal data will also be highlighted. Finally, a range of emerging challenges of this field will be presented to discuss their impact on the future of forensic technology solutions for litigation support.

Speaker short bio: Sally Trivino is a Director at PricewaterhouseCoopers (PwC) Belgium. She started up and currently leads the Forensic Technology Solutions department. She is mainly responsible for Data Mining, e-Discovery and Computer Forensics, Cyberforensics and Software Asset Management. She has participated in and led large global forensic investigations (Corruption cases, anti-trust cases, fraud investigations, PHI breaches, etc) . Sally has specialised in data mining and forensic technology tools and techniques to support litigation. She has been assigned by PwC as the lead internal instructor for Forensic Data Mining and Analysis within the EMEA territory.
 
Network Device Forensics
 
Abstract: The goal of this presentation is to raise awareness about the measures you can take to improve the success of network forensics.
Imagine that a rogue laptop connects to your corporate WiFi and is able to access the Internet via your corporate proxy server. Let us assume that your WiFi is protected by a pre-shared key, but that this rogue laptop is owned by a former employee. Will you detect this? And will you be able to trace back to the former employee?
A foreign competitor hires a tech savvy criminal to install a trojaned operating system on your edge router. This trojan facilitates access to your corporate network for unauthorized persons by tampering with the authentication control logic. Will you detect the trojaned router?
These two examples represent two common classes of forensic investigations where forensic evidence needs to be collected from network devices. In the first example, network devices contain evidence of the network traffic that flowed through them. In the second example, network devices have been compromised and forensic evidence needs to be lifted from them.
 
Speaker short bio: Didier Stevens (Microsoft MVP Consumer Security, CCNP Security, CISSP, GSSP-C, MCSD .NET, MCSE/Security, MCITP Windows Server 2008, RHCT, OSWP) is an IT Security Consultant currently working at a large Belgian financial corporation.
Didier has developed many digital forensic tools. In 2012, Didier founded his own company Didier Stevens Labs. You can find his open source security tools on his IT security related blog at blog.DidierStevens.com.

We are delighted to invite you to the Annual General Meeting event, which takes place on 14 March 2013 and will host a presentation on Two Tales of Privacy in Online Social Networks, given by Prof. Dr. Ir. Claudia Diaz of the KU Leuven. The venue is kindly provided by Trasys (Terhulpsesteenweg 6c, 1560 Hoeilaart).

The Schedule:

18h00-18h15: Welcome at Trasys for ISSA-BE members
18h15-19h15: ISSA-BE Annual General Meeting (ISSA-BE members only)
19h15-19h30: Break / welcome to non-members
19h30-21h00: Privacy and Engineering by Prof. Dr. Ir. Claudia Diaz
21h00-21h30: Networking drink & closure

With special thanks to Trasys for hosting this event and providing the catering.

Registration is mandatory, both for the AGM and for the following event. Please make sure to register by Tuesday 12 March COB. Parking will be available.

Register here:

Abstract - Two tales of privacy in online social networks

Privacy is one of the friction points that emerges when communications get mediated in Online Social Networks (OSNs). Different communities of computer science researchers have framed the ‘OSN privacy problem’ as one of surveillance, institutional or social privacy. In tackling these problems they have also treated them as if they were independent.We argue that the different privacy problems are entangled and that research on privacy in OSNs would benefit from a more holistic approach.
In this article, we first provide an introduction to the surveillance and social privacy perspectives emphasizing the narratives that inform them, as well as their assumptions, goals and methods.
We then juxtapose the differences between these two approaches in order to understand their complementarity, and to identify potential integration challenges as well as research questions that so far have been left unanswered.

Bio - Prof. Dr. Ir. Claudia Diaz:

Claudia Diaz received her master degree in Telecommunications Engineering at the University of Vigo (Spain), and her Ph.D. in engineering at the Katholieke Universiteit Leuven (Belgium). She is currently an assistant professor in Privacy Technologies at the K.U.Leuven group COSIC (Computer Security and Industrial Cryptography). Her research is broadly focused on the topic of Privacy Enhancing Technologies, where she has more than thirty international peer-reviewed publications on topics including anonymous communications, anonymity metrics, steganographic file systems, location privacy, privacy in social networks, traffic analysis, and privacy by design. She is a member of the advisory board of the Privacy Enhancing Technologies Symposium (PETS) and the scientific committee of CPDP. She has organized several scientific events including the 8th Privacy Enhancing Technologies Symposium (PETS), served as program chair of the 16th European Symposium on Research in Computer Security (ESORICS'11), and as chair of the PET Award (Award for Outstanding Research in Privacy Enhancing Technologies) in 2011 and 2012.

Annual General Meeting:

ISSA-BE members are also warmly invited to attend the AGM taking place just before the above presentation.

If you're an ISSA-BE member 'in good standing' and would like to participate in the board's activities, please send a mail to This e-mail address is being protected from spambots. You need JavaScript enabled to view it for more information or to become a candidate. Also, if you are unable to attend the AGM, you can give a voting mandate to another ISSA-BE member; please send a mail to This e-mail address is being protected from spambots. You need JavaScript enabled to view it with both your name and the name of your proxy.

The agenda for the AGM is as follows:
- Welcome
- Financials
- Membership
- Elections, including presentation of the functions and the candidates

We are pleased to announce our next event with Sean McGurk and Ernie Hayden  of Verizon's RISK team.

Critical Infrastructure Protection

The Schedule:
18h30 - 19h00: Welcome at Verizon
19h00 - 20h00: "Critical Infrastructure Protection and the Cyber Maginot Line" - Sean McGurk
20h00 - 20h30: Networking break
20h30 - 21h30: "Electric Utility Security - A Need For A More Holistic Approach" - Ernie Hayden
21h30 - 22h00: Networking drink & closure

With special thanks to Verizon for hosting the event.

Registration is mandatory and happens via our website. Please make sure to register by Tuesday 23 October EOB. Parking is available around the building (front and back).

Registration procedure:

We are pleased to announce our next event, co-organised with OWASP's Belgian Chapter, with Georgia Weidman and Joe McCray on Wednesday 26 September

The Schedule:

18h00 - 18h30: Welcome at PwC (Ghent)
18h30 - 19h30: Introducing the Smartphone Penetration Testing Framework (Georgia Weidman)
19h30 - 19h45: Networking break
19h45 - 20h45: Why Your Security Products Suck... (Joe McCray)
20h45 - 21h30: Networking & closure

With special thanks to PwC for hosting the event and offering drinks.

Registration procedure: through the OWASP registration page on https://owasp-belgium-2012-09-26.eventbrite.com/