Brazil Summit
In-Person Summit September 28 - 29, 2022
This hybrid summit's agenda will cover Zero Trust, IAM, Ransomware, Privacy, Fraud, Payments, IoT, Cryptocurrency, End Point Protection, Cloud Security and more.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.
Tivoli Mofarrej Hotel - Sao Paulo
Name :
Tivoli Mofarrej Hotel - Sao Paulo
Address :
Tivoli Mofarrej São Paulo Hotel - Alameda Santos - Cerqueira César, São Paulo - SP, Brazil
Tom Field
Senior Vice President of Editorial
ISMG
Abbas Kudrati
APAC Lead Chief Cybersecurity Advisor
Microsoft
Kudrati is Microsoft Asia’s lead chief cybersecurity advisor for the Cybersecurity Solutions Group. In addition to his work at Microsoft, he serves as an executive advisor to Deakin University, LaTrobe University, HITRUST ASIA, EC Council ASEAN and to several security...
Anna Delaney
Director of Productions
ISMG
Felipe Do Nascimento
Director, Technical Solutions
Tanium
Felipe Nascimento, Director of Solutions Engineering at Tanium, talks about the importance of adopting a continuous approach to IT hygiene. He shares how reviewing security and endpoint management fundamentals can accelerate cross-functional processes, improve organizational security, and re-align IT and...
Tonimar Dal Aba
Technical Manager
ManageEngine
Tonimar Dal Aba is the Technical Manager at ManageEngine, the enterprise IT management division of Zoho Corporation, in Brazil. He has a postgraduate degree in Information Technology from FIAP and is a specialist in IT management, Data Center, infrastructure management,...
Flavio Aggio
CISO
World Health Organization
Fabio Nunez
Sr. Products Manager
Illumio
Professional with over 30 years of experience in IT Infrastructure and Security with experience in major manufacturers such as Dell-EMC and Huawei. Fabio has several market certifications and a MBA in Information Technology Management from FIA and currently holds the...
Maurício Ribeiro
Diretor de Vendas Service Provider BR
F5
Com uma experiência profissional de mais 30 anos, sendo os últimos 20 anos como executivo de multinacionais de tecnologia voltadas para soluções de conectividade, prevenção a fraudes & segurança, Maurício iniciou sua trajetória na área técnica como especialista em redes...
View Agenda
Rise of Human-Operated Ransomware
Abbas Kudrati, APAC Lead Chief Cybersecurity Advisor, Microsoft

Human-operated ransomware is a large and growing attack trend that poses a threat to most industries. Human-operated ransomware is different from ordinary ransomware. These "hands-on keyboard" attacks leverage human attackers' knowledge of the common system and security misconfigurations to infiltrate a compromised network and adapt to the network and its weaknesses as they progress. These attacks can be catastrophic. Only by completely evicting the opponent can you protect yourself against future attacks. Unlike ordinary ransomware, which only requires malware correction, human-operated ransomware will continue to threaten your business operations.

Abbas Kudrati
  • 09:00 AM
  • 09:29 AM
Tráfego automatizado e prevenção às fraudes: como proteger o seu negócio e os dados dos seus clientes na “camada 8” / Automated Traffic and Fraud Prevention: How to Protect Your Business and Your Customers' Data at "Layer 8"
Maurício Ribeiro, Diretor de Vendas Service Provider BR, F5

As maiores empresas do mundo dependem das suas aplicações (web e mobile) para conduzir os seus negócios e manter a relação com o mercado, tornando estas aplicações e os dados dos clientes o seu maior ativo. 

Este valioso ativo transformou-se em um dos principais alvos de criminosos que se utilizam de técnicas avançadas e automatizadas para contornar as barreiras existentes, focando primeiro na validação de credenciais previamente vazadas em outros eventos de segurança, abrindo assim o caminho para uma miríade de fraudes digitais. 

Vamos descrever este novo desafio e apresentar sugestões para impedir que esta jornada criminosa seja interrompida no seu início.  


The largest companies in the world depend on their applications (web and mobile) to conduct their business and maintain their relationship with the market, making these applications and customer data their greatest asset. 

This valuable asset has become a prime target for criminals who use advanced, automated techniques to bypass existing barriers, focusing first on validating credentials previously leaked in other security events, thus paving the way for a myriad of digital frauds. 

We will describe this new challenge and offer suggestions to stop this criminal journey in its tracks.

Maurício Ribeiro
  • 09:30 AM
  • 09:59 AM
Como usar técnicas preventivas e defensivas para uma segurança cibernética eficaz / How to Use Preventive and Defensive Techniques for Effective Cybersecurity
Tonimar Dal Aba, Technical Manager, ManageEngine

Os atacantes tornaram-se sofisticados; as organizações precisam prever e antecipar seus movimentos para se proteger. Ao mesmo tempo, eles também precisam de uma estratégia reativa bem planejada, caso ocorra um ataque. Participe desta palestra para obter insights sobre uma estratégia de defesa em camadas que inclui ser proativo e reativo. Afinal de contas, uma infraestrutura de segurança de informações rígida é crucial para proteger sua organização de ataques cibernéticos cruéis.


Attackers have become sophisticated; organizations need to predict and anticipate their movements to protect themselves. At the same time, they also need a well-planned reactive strategy should an attack occur. Attend this talk to gain insights into a layered defense strategy that includes being both proactive and reactive. After all, a tight information security infrastructure is crucial to protecting your organization from vicious cyber attacks.

Tonimar Dal Aba
  • 10:00 AM
  • 10:29 AM
Crawl, Walk, Run your Segmentation Strategy
Fabio Nunez, Sr. Products Manager, Illumio

While there are varying definitions of what zero trust actually is, there is one thing everyone can agree on - segmentation is a key pillar. Another thing everyone can agree on? Segmentation is hard. This presentation will highlight a way to begin your zero trust journey leveraging enforcement boundaries which will enable you to protect your digital crown jewels as you work through your end to end zero trust plan.

Fabio Nunez
  • 10:30 AM
  • 10:59 AM
Cybercrime Policy vs Reality Gap

In this session, Neil Walsh, Head of Cyber at the United Nations, will discuss how, from the darknet COVID forums to ransomware as a service, cybercrime evolved and grew at a rapid pace in 2020/21. The session will give you an insight into the political and investigative challenges to combat a growing global threat - and how we might be able to bridge the gap between geopolitics and criminal investigation.

  • 11:00 AM
  • 11:29 AM
Cyber Crime, Cybersecurity, Technology and Law: An Evolution of the Intersection and Expanding Change

Once upon a time, local crime and threats to individual privacy were minimal. It's not like that today, as we all know. With the many benefits of technology comes the reality that cybercriminals exploit it to steal and victimize, and they can commit their crimes internationally thousands of miles away. People need to be concerned about cybercrime and identity theft, but criminals aren't the only people who collect and use personal data. Private information is also valuable to companies for marketing and sales purposes and to nation states for propaganda and disinformation operations. Cyber crime is a global threat that needs to be better investigated by the public and private sectors. All organizations need to protect themselves against cybercrime, properly investigate attacks, and consider the private information they collect, store, use and share.

  • 11:30 AM
  • 11:59 AM
Cybersecurity Engineering in Connected and Automated Mobility

The mass-manufactured car and new transportation systems became connected entities. Connected and Automated Mobility (CAM) uses wireless interfaces to provide drivers and customers with information, entertainment and new functionality. Cars are now another of our smart devices, and connected data services add value to improve vehicle marketing. However, decades of use of corporate systems and the Internet have demonstrated that connectivity provides an attack vector for threat agents.

  • 12:00 PM
  • 12:29 PM
5G: A New Era of Innovation, A New Era of Risk

5G networks will be the biggest critical infrastructure build the world has seen in the last 25 years, and along with the growth of cloud computing, automation and artificial intelligence, 5G will require focused attention today to secure tomorrow.

We will be able to confront actors who threaten the confidentiality, integrity and availability of our data, our privacy, our identity, but actually malicious actors intent on influencing what is arguably one of our most critical infrastructures.

  • 12:30 PM
  • 12:59 PM
Kerberos and Attacks 101

Want to understand how Kerberos works? Would you like to understand modern Kerberos attacks? Tim Medin shows how to attack Kerberos with Ticket attacks and Kerberoasting. It covers the fundamentals of Kerberos authentication and shows how the trust model can be exploited for persistence, leverage, and privilege escalation. In conclusion, he discusses defenses for these various attacks

  • 01:00 PM
  • 01:29 PM

This hybrid summit's agenda will cover Zero Trust, IAM, Ransomware, Privacy, Fraud, Payments, IoT, Cryptocurrency, End Point Protection, Cloud Security and more.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.

Tivoli Mofarrej Hotel - Sao Paulo
Name :
Tivoli Mofarrej Hotel - Sao Paulo
Address :
Tivoli Mofarrej São Paulo Hotel - Alameda Santos - Cerqueira César, São Paulo - SP, Brazil

Tom Field
Senior Vice President of Editorial
ISMG
Abbas Kudrati
APAC Lead Chief Cybersecurity Advisor
Microsoft
Kudrati is Microsoft Asia’s lead chief cybersecurity advisor for the Cybersecurity Solutions Group. In addition to his work at Microsoft, he serves as an executive advisor to Deakin University, LaTrobe University, HITRUST ASIA, EC Council ASEAN and to several security...
Anna Delaney
Director of Productions
ISMG
Felipe Do Nascimento
Director, Technical Solutions
Tanium
Felipe Nascimento, Director of Solutions Engineering at Tanium, talks about the importance of adopting a continuous approach to IT hygiene. He shares how reviewing security and endpoint management fundamentals can accelerate cross-functional processes, improve organizational security, and re-align IT and...
Tonimar Dal Aba
Technical Manager
ManageEngine
Tonimar Dal Aba is the Technical Manager at ManageEngine, the enterprise IT management division of Zoho Corporation, in Brazil. He has a postgraduate degree in Information Technology from FIAP and is a specialist in IT management, Data Center, infrastructure management,...
Flavio Aggio
CISO
World Health Organization
Fabio Nunez
Sr. Products Manager
Illumio
Professional with over 30 years of experience in IT Infrastructure and Security with experience in major manufacturers such as Dell-EMC and Huawei. Fabio has several market certifications and a MBA in Information Technology Management from FIA and currently holds the...
Maurício Ribeiro
Diretor de Vendas Service Provider BR
F5
Com uma experiência profissional de mais 30 anos, sendo os últimos 20 anos como executivo de multinacionais de tecnologia voltadas para soluções de conectividade, prevenção a fraudes & segurança, Maurício iniciou sua trajetória na área técnica como especialista em redes...

View Agenda
Rise of Human-Operated Ransomware
Abbas Kudrati, APAC Lead Chief Cybersecurity Advisor, Microsoft

Human-operated ransomware is a large and growing attack trend that poses a threat to most industries. Human-operated ransomware is different from ordinary ransomware. These "hands-on keyboard" attacks leverage human attackers' knowledge of the common system and security misconfigurations to infiltrate a compromised network and adapt to the network and its weaknesses as they progress. These attacks can be catastrophic. Only by completely evicting the opponent can you protect yourself against future attacks. Unlike ordinary ransomware, which only requires malware correction, human-operated ransomware will continue to threaten your business operations.

Abbas Kudrati
  • 09:00 AM
  • 09:29 AM
Tráfego automatizado e prevenção às fraudes: como proteger o seu negócio e os dados dos seus clientes na “camada 8” / Automated Traffic and Fraud Prevention: How to Protect Your Business and Your Customers' Data at "Layer 8"
Maurício Ribeiro, Diretor de Vendas Service Provider BR, F5

As maiores empresas do mundo dependem das suas aplicações (web e mobile) para conduzir os seus negócios e manter a relação com o mercado, tornando estas aplicações e os dados dos clientes o seu maior ativo. 

Este valioso ativo transformou-se em um dos principais alvos de criminosos que se utilizam de técnicas avançadas e automatizadas para contornar as barreiras existentes, focando primeiro na validação de credenciais previamente vazadas em outros eventos de segurança, abrindo assim o caminho para uma miríade de fraudes digitais. 

Vamos descrever este novo desafio e apresentar sugestões para impedir que esta jornada criminosa seja interrompida no seu início.  


The largest companies in the world depend on their applications (web and mobile) to conduct their business and maintain their relationship with the market, making these applications and customer data their greatest asset. 

This valuable asset has become a prime target for criminals who use advanced, automated techniques to bypass existing barriers, focusing first on validating credentials previously leaked in other security events, thus paving the way for a myriad of digital frauds. 

We will describe this new challenge and offer suggestions to stop this criminal journey in its tracks.

Maurício Ribeiro
  • 09:30 AM
  • 09:59 AM
Como usar técnicas preventivas e defensivas para uma segurança cibernética eficaz / How to Use Preventive and Defensive Techniques for Effective Cybersecurity
Tonimar Dal Aba, Technical Manager, ManageEngine

Os atacantes tornaram-se sofisticados; as organizações precisam prever e antecipar seus movimentos para se proteger. Ao mesmo tempo, eles também precisam de uma estratégia reativa bem planejada, caso ocorra um ataque. Participe desta palestra para obter insights sobre uma estratégia de defesa em camadas que inclui ser proativo e reativo. Afinal de contas, uma infraestrutura de segurança de informações rígida é crucial para proteger sua organização de ataques cibernéticos cruéis.


Attackers have become sophisticated; organizations need to predict and anticipate their movements to protect themselves. At the same time, they also need a well-planned reactive strategy should an attack occur. Attend this talk to gain insights into a layered defense strategy that includes being both proactive and reactive. After all, a tight information security infrastructure is crucial to protecting your organization from vicious cyber attacks.

Tonimar Dal Aba
  • 10:00 AM
  • 10:29 AM
Crawl, Walk, Run your Segmentation Strategy
Fabio Nunez, Sr. Products Manager, Illumio

While there are varying definitions of what zero trust actually is, there is one thing everyone can agree on - segmentation is a key pillar. Another thing everyone can agree on? Segmentation is hard. This presentation will highlight a way to begin your zero trust journey leveraging enforcement boundaries which will enable you to protect your digital crown jewels as you work through your end to end zero trust plan.

Fabio Nunez
  • 10:30 AM
  • 10:59 AM
Cybercrime Policy vs Reality Gap

In this session, Neil Walsh, Head of Cyber at the United Nations, will discuss how, from the darknet COVID forums to ransomware as a service, cybercrime evolved and grew at a rapid pace in 2020/21. The session will give you an insight into the political and investigative challenges to combat a growing global threat - and how we might be able to bridge the gap between geopolitics and criminal investigation.

  • 11:00 AM
  • 11:29 AM
Cyber Crime, Cybersecurity, Technology and Law: An Evolution of the Intersection and Expanding Change

Once upon a time, local crime and threats to individual privacy were minimal. It's not like that today, as we all know. With the many benefits of technology comes the reality that cybercriminals exploit it to steal and victimize, and they can commit their crimes internationally thousands of miles away. People need to be concerned about cybercrime and identity theft, but criminals aren't the only people who collect and use personal data. Private information is also valuable to companies for marketing and sales purposes and to nation states for propaganda and disinformation operations. Cyber crime is a global threat that needs to be better investigated by the public and private sectors. All organizations need to protect themselves against cybercrime, properly investigate attacks, and consider the private information they collect, store, use and share.

  • 11:30 AM
  • 11:59 AM
Cybersecurity Engineering in Connected and Automated Mobility

The mass-manufactured car and new transportation systems became connected entities. Connected and Automated Mobility (CAM) uses wireless interfaces to provide drivers and customers with information, entertainment and new functionality. Cars are now another of our smart devices, and connected data services add value to improve vehicle marketing. However, decades of use of corporate systems and the Internet have demonstrated that connectivity provides an attack vector for threat agents.

  • 12:00 PM
  • 12:29 PM
5G: A New Era of Innovation, A New Era of Risk

5G networks will be the biggest critical infrastructure build the world has seen in the last 25 years, and along with the growth of cloud computing, automation and artificial intelligence, 5G will require focused attention today to secure tomorrow.

We will be able to confront actors who threaten the confidentiality, integrity and availability of our data, our privacy, our identity, but actually malicious actors intent on influencing what is arguably one of our most critical infrastructures.

  • 12:30 PM
  • 12:59 PM
Kerberos and Attacks 101

Want to understand how Kerberos works? Would you like to understand modern Kerberos attacks? Tim Medin shows how to attack Kerberos with Ticket attacks and Kerberoasting. It covers the fundamentals of Kerberos authentication and shows how the trust model can be exploited for persistence, leverage, and privilege escalation. In conclusion, he discusses defenses for these various attacks

  • 01:00 PM
  • 01:29 PM

Speaker Interviews

September 28 - 29, 2022

Brazil Summit