June 20

09:00– 17:00
Participants’ registration
10:00– 11:30
Opening plenary session
The road to cyber resilience — a walk together?
Hall Аmphitheater
English
The global network is a world which is already inhabited by more than 4 billion people. We go there to form our digital identity, store and transfer huge amounts of data every day and generally do things that we could previously do only in the real world. For the new generation, the cyberworld is becoming the main space for interaction — it is faster, full of information and opens up endless opportunities for development. However, that world is fragile — the strategies for protecting the real world have evolved over thousands of years, and here we are just beginning to shape them for the virtual sphere. And we do not have these millennia at our disposal. So, how do we protect the new digital world from digital threats? Is this a task for each state separately or a common challenge for the whole world? Which approach to choose?
11:30– 12:00
Coffee break
12:00– 13:00
Panel discussion
Cybersecurity strategies: public services
Press Hall
English
Cybercrime is one of the most pertinent international threats of our century. This problem cannot be solved at the national level — geographically scattered groups may stretch across continents and fall under the jurisdiction of a number of states at once. Different levels of technological development, maturity of the legal framework in this sphere and geopolitical turbulence complicate cooperation and the process of resisting cybergangs. Can we make a difference? Or will cybercriminals always be one step ahead?
12:00– 13:00
Panel discussion
Cybersecurity strategies: financial industry
Hall Аmphitheater
Russian
Banks, payment systems, credit agencies, monetary funds constitute a circulatory system of the economics providing vital services for the global community. Malfunction of just one link within the chain will lead to failure of the whole system therefore the crucial issue for is the security of the financial sector. Taking into account global digitalisation, the issue of cybersecurity takes stage and increased attention of cybercriminals considerably increases the risks of possible losses. What is the correct way to build security strategy in financial institutions? How is it possible to both secure the sector and decrease clients’ possible risks? Can we foresee future threats and start building protection right now?
12:00– 13:00
Panel discussion
Cybersecurity strategies: critical infrastructure
Hall 2
Russian
Today cyberattacks have the potential to cause more serious damage than physical events be they natural or man-made. Therefore, the cybersecurity of critical infrastructure comes to the forefront — a successful attack on the services of the critical infrastructure may undermine the economic stability of the country and greatly affect the standard of living of ordinary people. How to protect oneself against such situations? What exactly should states and companies be focused on doing? And what positive contribution can international cooperation bring in this area?
12:00– 13:00
Panel discussion
Cybersecurity strategies: disruptive technologies
Hall 3
Russian
Technological progress facilitates the advancement of cybercrime. Each day fraudsters find new vulnerabilities, sharpen their hacking and social engineering skills as well as develop malware that could penetrate even the most secure systems. All this creates critical conditions for many organisations and stimulates the industry to create new methods of protection. Will we be able to catch up with the criminals and provide cybersecurity on a global level?
12:00– 13:00
Panel discussion
Cybersecurity strategies: telecommunications
Hall 1
Russian
The telecommunication industry lies at the heart of Internet development. Providing communications to the population of our planet, telecom operators made it possible to instantly contact people on the other side of the world, opened up the endless expanse of the World Wide Web, where you can find almost any data in a matter of minutes. The constant development of this sphere makes it possible to carry out these actions at ever-increasing rates, opening up even more opportunities for us to enjoy, and cybercriminals alike. Are we able to protect the users without slowing down the technological evolution?
13:00– 14:30
Networking and free time
13:15– 14:15
Closed round table
Investment attractiveness of federal subject of Russia in regard to IT and cybersecurity
Russian
14:30– 16:00
Closed round table
Cybercrime investigations. Cooperation of law enforcement and business. International collaboration
Russian
14:30– 18:00
Topical sessions
Legal environment
The section will cover the legal aspects of cybersecurity as well as the issues of international cooperation for legislative push-back against cybercrime.
14:30– 15:00
Attributing cyberattacks
Hall 3
English
Attribution of attacks is a fundamental structure in cybersecurity and state safety depends on the stability of this structure. Since 2013 a number of governments and companies have made significant advances in attributing computer network intrusions, setting precedents that had certain legal consequences, for example in the insurance industry. New norms and practices are emerging, and Thomas Rid will reflect on recent trends in cyberattack attribution.
15:15– 15:45
Legislating a borderless, ungoverned virtual world — is it possible?
Hall 3
English
'Where is the international law of Cyber?' Significant States have proposed internationally binding treaties, other States are moving forward with regional conventions and various public-private partnerships have emerged. However, the level of engagement in international law-making for cyber appears low. It seems we have not gained the traction needed globally to counter the very real and very present danger of cyber conflict.
Time is running out to agree an internationally binding treaty for Cyber. If we don’t work together it won’t happen.
16:00– 16:30
Can malicious actors be held accountable for illegal acts in cyberspace?
Hall 3
English
Let us assume that states agree to a set of rules for the use of cyber weapons — for example, not attacking critical infrastructure during peacetime. What happens when a state violates one of those rules — is it possible to define who is responsible in this case? Enforcement techniques in use or under consideration include diplomatic pleas and threats, economic sanctions, indictments, public shaming, joint investigations, recalling diplomats, as well as military and information countermeasures. Such techniques are proving ineffective and potentially destabilizing. Mr. McConnell will outline a proposed enforcement regime to improve security and stability in cyberspace.
16:45– 17:15
Ensuring cybersecurity of critical infrastructure
Hall 3
English
Rafael Maman will make an analysis of the history of cyberwars, the latest developments in the field of ensuring cybersecurity of critical infrastructure of national importance, as well as the main problems that we encounter on the way to ensuring an adequate level of cybersecurity of critical infrastructure, what we call the «known unknowns» of operating technology security.
14:30– 18:00
Topical sessions
Capacity building
The section will focus on issues of increasing the competence of specialists and global capacity building in cybersecurity, as well as ways of developing international cooperation in this area in order to increase the level of countering cybercrime.
14:30– 15:00
Сybersecurity education in the nuclear and energy sector
Press Hall
English
Guido Gluschke will give an overview on educational cybersecurity activities in the nuclear power and energy fields, international trainings and other forms of professional development in these spheres. The speaker will also address faculty engagement within the energy sector.
15:15– 15:45
Building a global cyber ecosystem: the role of the academia
Press Hall
English
Most experts agree that in order to establish a thriving cybersecurity ecosystem, well-coordinated interaction between the following components is essential: Corporate, Military and Academia, as well as support of start-ups and presence of investors. Yuval Elovici will give a detailed analysis of the contribution of the academia to such ecosystems, using real-world examples and case-studies.
16:00– 16:30
Islands of freedom: how universities become growth points of cybersecurity capacity
Press Hall
Russian
Cybersecurity places increased demands on technical knowledge and depth of development of various fields of applied mathematics and IT technologies, and at the same time, this area is criminalized, which makes it difficult for beginners to acquire many practical skills. The experience of the faculty of the CMC of Lomonosov Moscow State University and the Faculty of Computer Science of the National Research University Higher School of Economics, shows how the combination of academic freedom, science, education and business allows us to vertically and horizontally scale human resources in this area.
14:30– 18:00
Topical sessions
Threat intelligence
The section will touch on acute digital threats and key global challenges of cybersecurity, as well as recommendations for increasing the overall resilience to cybercrime.
14:30– 15:00
Customer is not always right
Hall 2
Russian
Evgeny Voloshin will talk about the evolution of cyberattacks, the shifting focus from complex technological scenarios to socio-technical ones, as well as a qualitative change in the approach to social engineering.
15:15– 15:45
Evolution of targeted attacks on the financial sector
Hall 2
Russian
Based on the attacks of Lazarus cybergang.
16:00– 16:30
16:45– 17:15
An incident. How to bounce high?
Hall 2
Russian
The total number of incidents is steadily increasing, as well as their complexity. However, in terms of investigating and responding to them, they are all divided to three categories: very interesting, average and boring. What incidents does the business most often give up and why? Are APT attacks boring? Who is behind such attacks and how difficult / expensive is it to organize them? How have the attacks on organisations of various sectors of the economy changed over the past year and a half? Is it possible to resist the attacks that we consider interesting? Is it worth spending time and resources on countering primitive and boring attacks? What is worth preparing now?
17:30– 18:00
Predicating the unpredictable: a look into 2019 cyberthreat landscape
Hall 2
English
The pace of change in the cyber world makes predictions almost impossible to make. Can we truly prepare for what’s next? Probably not entirely, but there is a lot we can learn from our ongoing research of current cyberthreats.
14:30– 18:00
Topical sessions
Disruptive technologies
The session will shed light on the prospects of innovative technologies in cybersecurity, as well as the issues of strengthening collaboration to resist cyberthreats.
14:30– 15:00
Future vehicular mobility transition and its impacts on cybersecurity
Hall Аmphitheater
English
Since introducing the technology for autonomous driving, cybersecurity was mostly an afterthought. But failures in this sphere can damage brands or even kill passengers, and undermine trust of the public in the future mobility concepts. The industry is slowly starting to incorporate improvements, especially since the hacks of connected vehicles by white hat hackers on public TV. The executive management of autogroups needs to learn to recognise these issues and take into account the security risks, arising on the way towards the bright future.
15:15– 15:45
Cybersecurity in digital chaos
16:00– 16:30
Cybersecurity in the era of mobility: protect business by protecting ourselves
Hall Аmphitheater
Russian
In the modern world there is an obvious trend for mobility — remote job locations, constant moving, necessity to use various devices for work and to keep them constantly updated, and that is besides the headache stemming from the employees in charge of cybersecurity. Hence, it becomes clear that it is not the person that is mobile, but rather their «digital identities», which also need to be protected somehow. All this considered makes us think about a complex approach to understanding a person’s cybersafety. Standard means no longer apply here — something new is needed.
16:45– 17:15
Machine learning on the other side of cybersecurity barricades
Hall Аmphitheater
Russian
Machine learning is widely used in technologies to counter various attacks. But what if the attackers also turn to these tactics? Ivan Novikov will give examples of attacks using machine learning as well as techniques for detecting new vulnerabilities based on these examples.
17:30– 18:00
The use of prognostic and statistical analysis methods for automating the processes of predictive response to new cyberattack techniques
Hall Аmphitheater
Russian
The report will focus on the development of modern predictive models of potential cyberattack scenarios, which, being integrated with log data streams coming from various protection tools and IT infrastructure, effectively model potential attack vectors and models of the attacker’s behavior and thus automate the process of responding to incidents in predictive mode.
14:30– 18:00
Topical sessions
Investments in cybersecurity
The session will explore the issues of investing in the cybersecurity industry, as well as key points for developing innovations in this area.
14:30– 15:00
Investments — risk, return & impact
Hall 1
English
The session will explore the issues of investing in the cybersecurity industry, as well as key points for developing innovations in this area.Why are we investing and advising institutional and private entities together with governments to invest in cybersecurity? What are the risks, the returns and the impact on the society, economy and other spheres of life? Is it worth investing in cybersecurity?
15:15– 15:45
Cybersecurity investment opportunities
Hall 1
Russian
The global cybersecurity investment market is actively developing with Compound Annual Growth Rate (CAGR) exceeding 20%. One of the active players of this market is Skolkovo Innovation Center. Vasily Belov will speak about the main trends and investment opportunities in the industry.
16:00– 16:30
16:45– 17:15
Biometrics in cybersecurity as an investment opportunity
Hall 1
Russian
By 2022, 70% of large enterprises will implement biometric authentication in their Identity and Access Management projects. How safe is this method, are there any risks of compromising biometric data and how do these risks affect investments? Will biometrics replace traditional technologies when it becomes an integral element of cybersecurity? Oleg Glebov will talk about the key areas of innovation for authentication, providing security against compromising and substitution of biometric data as well as applying sound event analysis for protection of industrial facilities.
18:00– 22:00
Cocktail reception at the Bolshoi Theatre (by invitation)

June 21

09:00– 15:00
Participants’ registration
12:30– 14:00
Main plenary session
Secure digital world — possible future or wishful utopia?
Congress Hall
English
For centuries, scientists, writers and politicians have been fantasising about the future of the planet. When asked about what may be in store for us in the era of unprecedented technical progress, in the 19th century they spoke about submarines and flying machines, in the 20th century — about anthropomorphic robots and the colonisation of distant worlds. But we, being witnesses of this future, see something larger — a boundless world of digital opportunities, existing in parallel with the real world. This world appeared only a few decades ago and is just starting to develop and it is up to us to decide what this development will be — transparent and safe or full of digital threats
12:30– 13:00
Networking and free time
18:00– 24:00
Sberbank Night (by invitation)