Security Monitoring and Response

Thursday 25 July 2013, 9.00am - 12.00pm

Cantor Lecture Theatre, Cantor Build, City Campus, Sheffield Hallam University, Howard Street, Sheffield, S1 1WB.

Eduard Bisceanu, Dr. Almerido Graziano & Ray Lowes


9.00am - 10.30am - Session 1, Eduard Bisceanu & Ray Lowes
10.30am - 10:45am - Tea / Coffee
10:45am - 12:00pm - Session 2, Almerindo Graziano & Panel Discussion


An organisation's good security posture is based on a risk assessed balance of preventive, detective and reactive security controls. Unfortunately most organisations focus on the use of proactive measures by adopting technology-based security solutions. Detecting and reacting to security related events is still a challenging domain for many organisations often leading to situations where the organisation fails to realize it has suffered and intrusion or is currently suffering intrusions.

The objective of this event is to bring together experts in the fields of information security monitoring and incident response to present best practice methods and technologies which can be used by organisations today to minimize their risk exposure.

Specifically, at the event the invited speakers will provide some answers to the following questions and challenges:

  • What security-related events should an organisation monitor?
  • What tools and technologies work best? Commercial vs Opensource
  • Methods for effective incident response. Incident response that works
  • Proactive monitoring and detection of Advanced Persistent Threats (APTs)


Eduard Bisceanu
With a military education background, Eduard has begun his career as a signal officer in Romanian Army in 1997. From 2001, he moved with Romanian Intelligence Service, being first Cyber Threat Department manager. He has expertise in Information Security Management, electronic communications, advanced cyber crimes investigations, cyber threat analysis, assessment and response. He also was the first person who spoke in public on behalf of the Romanian Intelligence Community about cyber threats and related issues. Since the beginning of 2013, he is in charge of leading the Romanian Government Computer Security Incident Team, CERT-RO - as Deputy General Manager of this national body, with full responsibility in the operational area of CERT-RO capabilities. CERT-RO is a young organization, the legal basis of the institution were set in 2011, and is accredited with FIRST, TERENA and represent Romania at ENISA.

Dr. Almerindo Graziano
Almerindo Graziano is the CEO of Silensec, a management consulting, technology services and training company, specialised in information security services. Dr Graziano holds an MSc in Electronic Engineering and a PhD in mobile computer security, both from the University of Naples, Italy. For five years he also been the founder and course Leader for the MSc in Information Systems Security at Sheffield Hallam University, in collaboration with the British Standard Institution (BSI). He has personally authored a number of training courses from ethical hacking to intrusion detection, along with the ISO27001 Lead Implementer certification course offered by BSI worldwide. He has consulted in formation security for private and government organisations across Europe, Africa and Middle East. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor.

Ray Lowes
Ray Lowes leads the European Threat and Incident Management team at HSBC, one of the world’s largest banking and financial institutions. Ray has worked at HSBC for over 12 years and has a background in 3rd line systems support specializing in critical systems performance and availability, Windows Server infrastructure security and threat and security incident management. Ray holds an MSc in Information System security and SANS qualifications in Intrusion Analysis and Forensic Analysis.