Mindshare 2022

Abstract
Are you an IT security professional, but not a mathematician? This session will explain you how Post-Quantum Cryptography works – with a 100 percent cartoon-based slide show. All cartoon stories presented refer to easy-to-understand analogies. No advanced mathematical skills are required. Among the Post-Quantum methods covered are lattice-based, hash-based, and code-based systems.

Speaker Bio
Klaus Schmeh has been at cryptovision for over 18 years. His current position is Chief Editor Marketing. Klaus is the most-published cryptology author in the world. He has authored 15 books about the subject, as well as over 300 articles, 25 scientific papers, and 1500 blog posts. Klaus is a popular speaker, known for his entertaining presentation style involving self-drawn cartoons and Lego models. He has lectured at hundreds of conferences, including the NSA Cryptologic History Symposium, HistoCrypt, the Charlotte International Cryptologic Symposium, and the RSA Conference in San Francisco.

Speaker Bio
Marco Smeja started his professional career with the US network specialist Novell. Looking out for new challenges, he came to join cryptovision in 2000, one year after the company had been founded. Acting as Chief Sales Officer, Marco acquired reputable customers, resellers, and system integrators for cryptovision, which prepared the ground for the continual international growth of the company. Thanks to his outstanding achievements, in 2019 he was promoted to the second Managing Director of cryptovision besides Markus Hoffmeister.

Speaker Bio
Denis Bouteille is the Digital Security Acquisitions Integration Director at Atos. From his home in Paris, he manages the integration of cryptovision into the Atos Group.  Before joining Atos, he had several leading positions in French IT companies.

Abstract:
Secure Digital Identities are a key factor for successful digitalization. The well-known German eID solution based on the German ID-Card provides a secure decentralized way for identifying natural German citizens. We present an outlook to the next development steps of the Germen eID solution, introducing the mobile Smart eID. We also present an outlook to European development. 

Speaker Bio
Since March 2021, Dr. Silke Bargstädt-Franke is heading the Division for Cyber Security for Digitization and Electronic Identities in the Federal Office for Information Security (BSI). In this role, she is responsible for cybersecurity aspects in the continuous growing field of digitalization projects of the federal government with a focus on secure electronic identities. 

Before Silke worked as Global Vice President Product Management at Veridos GmbH and was responsible for the complete product portfolio. She joined G+D/Veridos in 2009 and held several leadership positions in Project- and Product Management. Silke started her career in 1999 taking over different functions in Development, Project Management and Technical Marketing at Infineon Technologies/Qimonda AG. Silke is based in Bonn and holds a PhD in Physics from Hamburg University, Germany.

Abstract
In this panel discussion with high-profile matter experts we will investigate platform independence, dual sourcing, and open standards as means for issuing authorities to remain sovereign when implementing Government eID projects. We will not only discuss the benefits of these strategies for customers and projects but also address challenges for manufacturers, solution providers and evaluation bodies

Speaker Info
Ben Drisch, cryptovision, received his Diploma in Computer Science from the University of Dortmund. He has been Senior Security Consultant at cryptovision since 2002 and has led several large ID and company card projects during this time. Since 2008 he was responsible as a product manager for cryptovision’s Java-Card-based e-ID solution „ePasslet Suite”; he is heading the Business Field “Government ID” at cryptovision as Senior Vice President since 2019.

Ludger Holtman, Veridos, has been working in the field of smart card development for more than 25 years. Before he switched to the government area 10 years ago, Ludger was in charge of the project management for smart card development for the Payment and PayTV market.

Holger Roessner has more than 25 years of experience in the provision of semiconductors into the secure ID market. He serves as CEO of AdvanIDe Holdings Pte Ltd with global HQ in Singapore.  

Speaker Bio
My name is Stephen Mifsud, and I’ve been an ICT Project Coordinator with Identity Malta Agency for the past three and a half years. Having twenty-six years of technical experience in Electrical and Electronics and as an IT software developer, I was significantly involved in the implementation and coordination of the newest ePassport and eID card documents and systems. Alongside Identity Malta Agency’s Trust service provider I was involved in the specifications and upgrading of the Biometrics capturing workstations within Identity Malta Agency offices, all Maltese Embassies in different countries, and local border controls.

Abstract
Atos Big Data & Security is involved in and preparing several R&D projects aligned with the EU priorities.
Vasco will highlight how our innovative cryptographic and identities assets are embedded by design in those large program.

Speaker Bio
Global CTO for cybersecurity products, Distinguished Expert, Atos and member of the Scientific Community

Coming from an Information Technology engineering background, with 20 years’ of experience in information security, Vasco has helped many customers balance operational constraints versus acceptable business risks. In the recent years he has expanded this experience to help customers look into what the information security landscape might be in the next 5 years+ and best way to manage it. During innovation workshops, he shares with them some keys to anticipate the future shape of cybersecurity and maximize sovereignty over their most critical data.

Using those customer interactions and by continuously monitoring major technological trends, Vasco influences Atos cybersecurity services and products roadmaps, as well as partnerships, mergers and acquisitions.

Abstract
IT and IoT managers know for a long time that the less you can control your machines or devices and their environments, the more you need secure and well-managed digital identities. With the exponential growth of IoT in all industries and our every day’s life, establishing end-to-end trusted environments is crucial to cope with today’s cybersecurity threats.

The safe and effective market adoption of IoT based services in complex and heterogeneous ecosystems requires security, global interoperability, and strong governance. Let’s see why the public key infrastructure and digital identities became the keystone of digital trust.”

Speaker Bio
Axel Sandot is Product & Business Manager in charge of security and digital identities of Internet of Things (IoT) and Cooperative Intelligent Transport Systems (C-ITS, V2X). Member of the Atos Expert Community and lead of its IoT standardization taskforce, he performs his duty inside the Digital ID entity of the Group for four years.

Beforehand, Axel Sandot managed during more than 10 years the business development and technological projects of European companies in Latin America around identity, biometrics, digital trust, dematerialization, and deployment of main infrastructure projects.

Abstract
Ist S/MIME oder PGP die bessere Wahl für die E-Mail-Verschlüsselung? Diese Frage wird schon seit über zwei Jahrzehnten gestellt, ohne dass jemals eine allgemein akzeptierte Antwort gefunden worden wäre. Beide Formate haben ihre Vor-und Nachteile, und vor allem haben sie ihre Anhänger, die sich oft ideologisch aufgeladene Diskussionen liefern. Es bleibt also nichts anderes übrig: Man muss dem Anwender einen Client zur Verfügung stellen, der sowohl S/MIME auch PGP unterstützt. Der Autor dieses Beitrags war an der Entwicklung einer solchen Software beteiligt und berichtet über seine Erfahrungen. Als besondere Herausforderung erwies sich – wie häufig im Bereich der E-Mail-Verschlüsselung – die Benutzerfreundlichkeit.

Speaker Bio
Matthias Edelhoff joined cryptovision after his PhD Studies in High Energy Physics at the Large Hadron Collider. As a Developer he worked on middelware and email security products, before he took over Program Management for email security. In that capacity he spearheaded the development of the current email solution “GreenShield”. He was then promoted to Software Architect and is now contributing to multiple products and projects.

Abstract
Dieser Vortrag berichtet von einem Projekt im Behördenumfeld, das die Einführung von E-Mail-Verschlüsselung und E-Mail-Signaturen für 2.500 Anwender zum Inhalt hatte. In einem Teil der betroffenen IT-Umgebung war die Beachtung der Verschlusssachenanweisung notwendig, im verbleibenden Bereich war dies nicht der Fall. Neben geeigneten Clients für die Nutzer musste auch die notwendige Infrastruktur zur Verfügung gestellt werden. Trotz der heterogenen Anforderungen sollte nur eine Infrastruktur betrieben werden, und es sollte für die Anwender jeweils nur eine Benutzeroberfläche zum Verschlüsseln und Signieren geben.

Speaker Bio
Martin Peeckhaus has joined cryptovision in 2015, when he started as a representative in the Business Administration department. Due to his enthusiasm for information technology and especially cryptography, he decided to study computer science. Since his B.Sc. studies in Computer Science Martin is working as a Systems Engineer with focus on email and file security.

Abstract
Hacking like an Advanced Persistent Threat.
In this live hacking event, a typical external driven hacking attack will be simulated. From the initial foothold via E-Mail Phishing over lateral movement in the network up to gaining full access to the Active Directory. This hacking event will cover certain aspects of user behavior, technical misconfigurations, by-design flaws in Active Directory, extensive administrative privileges, and lack of monitoring.
Everything companies should be afraid of these days.

Speaker Bio
Alexander Sturz is a professional white hat hacker with more than 15 years of experience and holds various certifications in Information Technology. He has carried out hundreds of penetration test assessments in different areas and is specialized in Active Directory.
He started his penetration testing career at Siemens, moved to Atos 10 years ago and is currently a member of the Atos/SEC-Consult Red Teaming Force.

Yoga with Bernard:

15 minutes loosen up and relax from sitting

located in 4.EG

Speaker Bio
Barrister-at-law and Solicitor of the Supreme Court of Ghana
PhD in Criminology from Simon Fraser University, Vancouver, B.C., Canada
Master of Arts Degree in Sociology from The University of Manitoba, Winnipeg, Canada
Bachelor of Arts Degree in Sociology with Political Science, from the University of Ghana, Legon
Board Chairman, Ghana Refugee Board
Founding Dean of the Faculty of Law at Central University College (CUC) and Founding Director of William Ofori-Atta Institute of Integrity at the same University
Executive Secretary, National Reconciliation Commission; 2002-2005
Former Director of Operations, Anti-Corruption and Chief Investigator at Commission for Human Rights and Administrative Justice (CHRAJ)
Executive Secretary of NIA (July 2008 – July 2009)
United Nations (UN) International Management Consultant to the Government of Liberia
UN International Technical Advisor, Truth and Reconciliation Commission of Liberia
Commissioner for Human Rights, British Columbia, Canada (1992-1997)
Adjudicator/Member, Canadian Immigration and Refugee Board (1997)
Author of much-accaimed book, Fighting Armed Robbery in Ghana (2008)

Abstract
Over the last decade the Ecuadorian Government invested in technology and innovation to transform the life of the Ecuadorian citizens. For the electronic National Identification Document we have evolved in different phases to have a reliable open and standard based ICAO multi-application eID. For the electronic Passport the challenges haven’t been less significant, political changes that modified entities roles as well as new international recommendations guided the path to update our electronic Passport to have Supplemental Access Control with PACE support and provide people of Ecuador with a trustful modern eMRTD.

Speaker Bio
Mercedes Játiva has been working for the official security printing company owned by the Ecuadorian government, known as IGM. She started at IGM in 2003 as a Software Developer, then become a Technology Analyst and a Project Leader. Mercedes has been involved in EID documents since 2012 with the goal of helping her government with the development of smart identification documents. She is a Software Engineer graduated from the Polytechnic School of the Army (ESPE) and has a Master’s degree in IT management from National Polytechnic School located in Quito, Ecuador.

Abstract
This presentation focusses on latest developments in eHealth solutions. We will introduce the EU funded project “CONCORDIA” implementing a pilot for connecting smart homes with eHealth services and investigate 5G connectivity for ambulances. Furthermore, we cover interesting eHealth trends such as new applications for wearables, and Artificial Intelligence for eHealth; we also address the important topic of end-to-end security in eHealth services.

Speaker Bio
Dr. Detlef Houdeau works at Infineon Technologies AG in the Connected Security Solution Department. He obtained his Diploma at TU-Berlin in 1985 and completed his Doctoral thesis at SIEMENS in 1993 in the field of semiconductor processes. He has more than 200 publications to his name. Today, he is a member of BDI, BITKOM, ZVEI, Platform Industry 4.0 and Platform learning systems in Germany, EUROSMART in Europe and Charter of Trust, worldwide.

Anja Majstorovic is a head of development at eesy-innovation GmbH company. She is responsible for research, planning, and implementing new programs and protocols into organization and coordination of the development of new products  in  the  field  of  IoT  for  Smart  Home,  Smart  Health  and  Safety and  Security  applications. Her responsibilities in funding projects are to lead technical R&D activities. Born in Serbia, Anja holds Master Degree in Electrical Engineering and Computer science, with focus on telecommunications.

Abstract
Auf dem IT-Security-Podium wird das brandaktuelle Thema “Digitale Souveränität” aus verschiedenen Perspektiven diskutiert. Nicht zuletzt die derzeitige politische Situation beschleunigt den Wunsch zu mehr Souveränität in allen Bereichen. Vertreter von Bundesbehörden- und Ministerien, Vertrauensdienstleistern und Herstellern erörtern die Ziele und die Wege zu mehr Souveränität sowie die Herausforderungen für die IT-Security-Branche.

Simon Ulmer ist ein technologiebegeisterter und globalisierter Europäer. Er kam im Dezember 2017 zu Atos und ist nun der globale Leiter des Geschäftsbereichs Digital ID. Als deutsch-französischer Digital Native (und vielleicht ein bisschen Kontrollfreak) liebt er es, Cybersicherheitslösungen zu fördern und Souveränität zu ermöglichen. Er ist Mitglied der Atos Scientific Community und glaubt daran, Komplexes einfach zu machen.

Ralf König war für die Automobilindustrie, den Großhandel und das Finanzwesen in diversen Projekten tätig. Seit 2013 zeichnet er bei cryptovision als Projektmanager im Bereich Security Token Integration, später als Produktmanager für zwei Produktlinien und seit 2019 als Senior Vice President für das Geschäftsfeld “IT-Security” verantwortlich.

Pillip Rosch nimmt seit Mai 2019 die Funktion des Ressort-Informationssicherheitsbeauftragten beim Bundesministerium für Bildung und Forschung war. Zuvor befasste er sich im Geschäftsbereich des Bundesministeriums des Innern und für Heimat im Rahmen der Cyberabwehr operativ insbesondere mit der Detektion von Advanced Persistent Threats, als auch strategisch und organisatorisch mit der Weiterentwicklung von Detektionsprozessen und entsprechenden regulatorischen Vorgaben.

Dr. Dirk Woywod ist seit 2018 Chief Technical Officer (CTO) bei der Verimi GmbH. Nach seiner Promotion in theoretischer Physik an der TU Berlin, arbeitete er zwischen 2005 und 2009 bei McKinsey & Company als Projektleiter IT Plattform-, Restrukturierungs- & Strategieprojekte. Im Jahre 2010 war er als Chief Operating Officer (COO) bei betterplace.org beschäftigt. Von 2010 bis 2018 war Dr. Woywod in der Bundesdruckerei als Director/ VP/SVP tätig.

Abstract
For software to be secure in practice, users need to be willing and able to appropriately use security features. Therefore, actively improving in the usability of security features and products is a decisive step towards more security. We investigated usable security in development processes of more than 25 business contexts around the world. Within this session we will share our experiences as well as discuss structural challenges, common pitfalls, and possible mitigations.

Speaker Bio
Marco Gutfleisch is an IT Security Researcher at the chair of Human-Centred Security at the Ruhr University Bochum. He is currently enrolled in a PhD program within the Cluster of Excellence CASA and has previously worked in various roles in the quality assurance department of a german security company. In his research, Marco is investigating problems and approaches that could support the software industry to develop more secure and usable software while considering organisational, technical, and human factors. Influenced by his industrial experience and following the example of his first supervisor Prof. M. Angela Sasse, his research is strongly characterized by practicality and applicability.

Yoga with Bernard:

15 minutes loosen up and relax from sitting

located in 4.EG

Abstract
Zertifikate und Wallets: Digitale Identitäten sind ein Kernthema der Digitalisierung, doch wohin geht die Reise in Zukunft? Was ist die Rolle von SSI in Identitätslösungen, und wer kommt als ID-Provider für die Authentifizierung von Identitäten in Frage? Unter der Moderation von Jan Ziesing (VSDI-Vorstand und Fraunhofer) diskutieren Christian Drews (Governikus), Dirk Woywod (Verimi) und Arno Fiedler (VSDI-Vorstand und Nimbus Technologieberatung) über richtungweisende Identitätsfragen.

Abstract
Driven by the rapid expansion of IoT devices and applications the number of regulated PKI-based digitalization projects grow strongly in the EU. However, boundary conditions are often regulated per country. On the other hand, IoT devices from leading OEMs are sold, installed and operated in multiple countries. We show strategies how Atos supports international acting IoT companies by providing a holistic security value proposition meeting the requirements of national and/or EU-wide regulations.

Speaker Bio
Marcus Rosin gratuated 1994 in Business Administration and Electrical Engineering at the Technical University in Darmstadt and started then his career with Philips Semiconductors. He gained multi-functional experiences in various Purchasing, Product Marketing and General Management Positions in Hamburg, Taipeh and Shanghai. After 6 years in Asia, Marcus moved 2006 to Munich to join the New Business Division of Giesecke & Devrient, followed by leading a joint venture between G&D and Phison, a leading flash controller company from Taiwan. In parallel Marcus was appointed as Board Director of the SD Card Association to drive standards of embedding smartcard technology into microSD cards. In 2012 Marcus moved back to Hamburg to lead the eGovernment Business at NXP. 3 years ago, Marcus joined cryptovision, now Atos, and is in charge of the business field IoT & Industry.

Speaker Bio
Head of PKI Solutions and Services. Matthias initially worked as a IT Security Consultant, Auditor and IT Revisor before his main focus developed towards PKI topics. He contributed significantly to building up the Atos PKI Solutions and Services division. This portfolio includes, among others, the areas of ehealth PKI Services, Enterprise PKI (trusted root) and IOT, with e.g. Smart Metering. In addition, consulting and implementation projects for PKI and employee ID cards are carried out.

Speaker Bio
As Head of Global IoT Quality & Delivery Excellence Johannes Thomas is responsible for the global IoT Delivery and the successful delivery of customer projects. He is focused on IoT and innovative technologies for more than 7 years. During this time, he supported customers in all industries worldwide to identify opportunities enabled by IoT during their digital transformation process. Prior to his actual role he was part of the Global IoT PreSales team, designed the Atos offerings as Global Portfolio Manager IoT, AI and Analytics and led the Atos IoT Team in Germany.

Abstract
Our world is getting more and more digitalized at a rocket speed, which unfortunately causes the Cyber Threat to grow ever stronger in parallel. Companies urgently need to keep up with the rapid changes, by managing efficiently and transparently their accesses and identities and implementing a Zero Trust approach, in order to protect and exercise sovereignty over their data. Identity and Access Management is proving indispensable to securing your company against those threats. How can that be achieved, knowing that cyberattacks are a multi-headed monster?

Speaker Bio
Yann has 25+ years of experience in the Identity and Access Management domain and in other cybersecurity technologies.
Holding many different positions in consulting and presales in major software editors including Sun and Oracle, he is now leading the product management and presales teams at Evidian.
He is a member of the ATOS expert community.

Speaker Bio
Julia Zimmermann is the Product Manager of cryptovision’s smart card middleware SCinterface and the email- and file-encryption software GreenShield. She started at cryptovision in a Project Management position in 2019 and shifted towards product management shortly thereafter. In the past three years at cryptovision, she successfully managed international eID projects, and has put a focus on usability and internationalization of her respective products. Julia holds two Master’s degrees from the University of Alabama and Siegen University, respectively. She worked in an international research unit on quantitative morpho-phonetics for six years before switching careers towards IT.

Abstract
In February 2020, the German television station ZDF revealed that world’s the largest manufacturer of cryptographic equipment, the Swiss company Crypto AG, had been owned since 1970 by the German intelligence service BND and their American counterpart CIA. For nearly 50 years, this covert operation, known by the name RUBICON, gave the two countries full access to the diplomatic traffic of more than 100 countries, by installing backdoors in the equipment. In this 30 minute talk, Crypto Museum will guide you through the most important events of this secret operation, and will explain why the BND left the operation in 1994.

Speaker Bio
Marc Simons is a self-employed electronics engineer in Eindhoven (Netherlands). After studying electronics at the Polytechnic University of Eindhoven, he worked for several companies in the field of surveillance and security, before founding his own company at the beginning of the century, in January 2000. He has since specialised in the development of analog electronics and embedded platforms and sensors for agricultural applications.

Paul Reuvers is a self-employed electronics engineer in Eindhoven (Netherlands). After studying electronics at the Polytechnic University of ‘s-Hertogenbosch, he worked for several companies in the field radio, television and broadcasting, before founding his own company in 1986. He has since specialised in the development of embedded software for a variety of applications, including agricultural platforms and sensors.

In 2003 Marc and Paul founded the virtual Crypto Museum, which has since received international recognition. Crypto Museum has a physical collection of historical cipher machines and equipment for espionage, that is available on-line through its website. It is the goal to analyse, describe and restore as much of the equipment as possible, and share this information with the public.

Abstract
The Enigma is probably the most well-known cipher machine in the world, not least because of the important role it played during World War II. In this 30-minute talk, Crypto Museum will show the similarities and the differences between Fialka and Enigma. It illustrates the technological state-of-play of the Soviet Union in the 1950s and 60s, and proves that the Soviets had a good understanding of the weaknesses of the Enigma.

Speaker Bio
Marc Simons is a self-employed electronics engineer in Eindhoven (Netherlands). After studying electronics at the Polytechnic University of Eindhoven, he worked for several companies in the field of surveillance and security, before founding his own company at the beginning of the century, in January 2000. He has since specialised in the development of analog electronics and embedded platforms and sensors for agricultural applications.

Paul Reuvers is a self-employed electronics engineer in Eindhoven (Netherlands). After studying electronics at the Polytechnic University of ‘s-Hertogenbosch, he worked for several companies in the field radio, television and broadcasting, before founding his own company in 1986. He has since specialised in the development of embedded software for a variety of applications, including agricultural platforms and sensors.

In 2003 Marc and Paul founded the virtual Crypto Museum, which has since received international recognition. Crypto Museum has a physical collection of historical cipher machines and equipment for espionage, that is available on-line through its website. It is the goal to analyse, describe and restore as much of the equipment as possible, and share this information with the public.

Yoga with Bernard:

15 minutes loosen up and relax from sitting

located in 4.EG

Abstract
Research over the past two decade has shown that many people bypass security that requires too much time and effort, and those who try end up making mistakes. If we want security to be effective, it has to be usable. Software developers are supposed to take care of quality requirements such as usability, but also have to deliver functionality on time and budget. Our research shows many feel their companies are not providing enough information, training and expert support to help them make good choices.

Speaker Bio
M. Angela Sasse is the Professor of Human-Centred Security at Ruhr University Bochum. She is one of the pioneers of interdisciplinary security research and how we can make security easier for everyone involved. She is a Speaker of the Exzellenzclusterprojekt CASA and of the interdisciplinary Graduate School SecHuman. She was elected Fellow of the Royal Academy of Engineering in the UK in 2015, and to the NRW Akademie in 2021.

Abstract
Times have become hard for cyber criminals since Atos and cryptovision joined forces. Nevertheless, there are still numerous ways to make money with illegal IT stunts and to beat police investigators who are trying to put a stop to your activities. Among the methods you should know are password cracking, pacemaker manipulation, stealing digital art and protecting cheating tools from malware. It will be shown that anonymous forum postings, smart bulbs, and photographs of Prince William are more relevant for a cyber criminal than you think. And then, this session provides useful hints, such as “if you commit a murder, better switch off your Alexa and remove the victim’s wristband.”

Speaker Bio
Klaus Schmeh has been at cryptovision for over 18 years. His current position is Chief Editor Marketing. Klaus is the most-published cryptology author in the world. He has authored 15 books about the subject, as well as over 300 articles, 25 scientific papers, and 1500 blog posts. Klaus is a popular speaker, known for his entertaining presentation style involving self-drawn cartoons and Lego models. He has lectured at hundreds of conferences, including the NSA Cryptologic History Symposium, HistoCrypt, the Charlotte International Cryptologic Symposium, and the RSA Conference in San Francisco.

Speaker Bio
Adam Ross is an IT security professional with two decades of experience in diverse sectors like retail, transportation and military. For the past twelve years he has served as Product and Sales Manager for eID solutions at cryptovision. As an eID specialist, Adam has been actively involved in several national electronic identity card projects around the world where he actively advises enterprises and government agencies in how best to deal with the challenges of integrating and securing smart documents.