Tuesday, November 5, 2019

Panel discussion
How is the Battleground Changing to Manage Risk?

Copthorne Tara Hotel London Kensington Scarsdale Pl, Kensington, London W8 5SY, UK

Chris Kubecka
Chris Kubecka Hypasec, CEO
Ravinder Singh
Ravinder Singh TATA SIA Airlines Limited, Chief Information and Innovation Officer
Ron Brash
Ron Brash Verve Industrial Protection, Director of Cyber Security Insights
Kevin Borley
Kevin Borley KJB-ASSOCIATES LTD, Senior Technology Practitioner

This Keynote Panel will include industry disruptors who are changing the landscape to even the odds against evolving threats and malicious actors.
We will look at the following:
1. Where the Bad guys work closely together and share intelligence how can we do the same
2. How can organisations react faster to evaluate and adopt new architectures and mindsets to
change the battlefield location?
3. When vendors create a product with flaws or vulnerabilities that need constant management (at our cost) should we be taking hard action against them?
4. It is possible to gather intelligence as to who is being targeted and how. It is possible to gather information as to what vulnerabilities are looking to be exploited?
5. With nation-state actors developing significant cyber warfare capabilities aimed at disrupting corporate infrastructure and applications (for use against the enemy) what has to change in terms of how global corporates manage cyber risk?

More Than Turbulence- Aviation Software Vulnerabilities & Exploitation

Copthorne Tara Hotel London Kensington Scarsdale Pl, Kensington, London W8 5SY, UK

Chris Kubecka
Chris Kubecka Hypasec, CEO
  • Introductions to the challenges of modern aviation and technology
  • Maintenance and asset management
  • FAA requirements and recalls
  • Weaknesses in the exposure to various parts databases  
  • Lack of required security testing by the FAA on maintenance software
  • Software utilized in a modern airframe
  • Explanation of what types of software is in use on both planes and weight balancing
  • Buffer overflows, the FAA requires memory checks to ensure they stay within hardware operating parameters. But, no full boundary checks.
  • Explanation of current challenges: F35a has buffer overflow issues requiring a manual reboot of the flight computer, in flight
  • Gate logic doesn't equal good code or secure code: explaination of how the software is written whilst pointing out memory leaks, incompatibility with ease of patching unless substantial down time (except the 787) and the lack of any security testing for any aviation software on a plane.
  • Exposure of various airframe manufacturer systems.
  • Exposure of various airport ticketing and maintenance systems