Information Security Society Switzerland (ISSS)



The slides of some presentations are available in the member area of the ISSS website (only for members).

Welcome Address

With the first ISSS Information Security Switzerland Conference, ISSS is pursuing the proven path of offering  decision-makers, managers, experts and anyone involved in the field of ICT security an independent, high-calibre and inspiring discussion platform for transferring and exchanging ideas and expertise. And now it has a new format: a conference in Lausanne, in the heart of French-speaking Switzerland, for guests from both French and German-speaking parts of Switzerland, with English-speaking, internationally renowned speakers. ISSS has succeeded in inviting many eminent experts from research and industry, who will communicate their knowledge and give their views on relevant and current ICT security challenges for Switzerland. They include distinguished speakers, successful ICT security users and top-class specialists, as well as visionaries. We offer you a setting in which to cultivate personal exchanges, and invite you to the subsequent presentation of the first ISSS Excellence Award.

I look forward to meeting you at this top-level conference.

Dr. Ursula Widmer, President ISSS,

Introduction to the Conference

Enjoy a comprehensive presentation and discussion of current information and communication security topics by top-of-the-line experts in the field! After Bruce Schneiers thrilling account of the Snowden/NSA affair, we will take a close look at lingering privacy threats, from users being tracked on their journey through cyberspace to privacy threats presented by novel developments such as the Google Glass, our beloved smartphone and the analysis of DNA sequencing. The topic of threats to relevant and even critical infrastructure is also given due attention, with a longterm analysis of zero-day attacks. It may come as a surprise that even space missions may be compromised by cyberthreats, as will be demonstrated by the person in charge of security in the European Space Agency.
Two sessions will be devoted to exploiting machine learning techniques to make sense of big data repositories for corporate defense, and methods for modeling and visualizing the behavior of exploits that are capable of evading a defense line composed of firewalls, and intrusion prevention and anti-virus systems. The general topic of risk assessment and mitigation will be addressed by professionals with a long experience in the corporate ICT security landscape.
Our closing keynote speaker will entertain us with his observations about the human (or psychological) factors of security. Our machinery may be perfect, but if we fall for the tricks of clever attackers, we will become victims. You will walk away knowing seven principles that will help you understand how to improve the security of your systems, and your own security.

Prof. Dr. Bernhard Plattner, Conference Chair, Board Member ISSS,

Who should attend

The conference is aimed at

• Chief Information Officers and Chief Tochnology Officers
• Chief Security Officers, Chief Information Security Officers and Chief Privacy Officers
• Risk Management Professionals
• Security and Privacy Professionals
• Head IT / Security / Privacy
• Security Vendors

from businesses, public sector and universities.


Registrations can be made online:

Registration deadline: September 30, 2013. The number of participants is limited. Registrations are considered by date of entry.

ISSS Excellence Award

The Information Security Society Switzerland (ISSS) is proud to announce the ISSS Excellence Award as a platform for recognizing the best student thesis in this field, and to motivate young researchers and students to invest their talent and dedication in innovative contributions to information security. The ISSS Excellence Award will be attributed at the First ISSS Information Security Switzerland Conference taking place on October 1, 2013 at the Lausanne Palace Hotel in Lausanne.

For more information please visit:

Program for Tuesday, October 1, 2013

Conference Moderation: Prof. Dr. Bernhard Plattner, Professor of Computer Engineering at ETH Zurich, Conference Chair, Board Member ISSS


Click to make bigger



Special Guest Talk by Dr. Bruce Schneier

Dr. Bruce Schneier will give you his insight into the affair around the whistleblower Edward Snowden and the US and UK secret services.

Internet Privacy: Towards More Transparency by Dr. Balachander Krishnamurthy
Internet privacy has become a hot topic recently with the radical growth of Online Social Networks (OSN) and attendant publicity about various leakages. For the last several years we have been examining aggregation of user's information by a steadily decreasing number of entities as unrelated Web sites are browsed. I will present results from several studies on leakage of personally identifiable information (PII) via Online Social Networks and popular non-OSN sites. Linkage of information gleaned from different sources presents a challenging problem to technologists, privacy advocates, government agencies, and the multi-billion dollar online advertising industry. Economics might hold the key in increasing transparency of the largely hidden exchange of data in return for access of so-called free services. I will also talk briefly about doing privacy research at scale.

Holistic Privacy: From Location Privacy to Genome Privacy by Prof. Dr. Jean-Pierre Hubaux
People are enjoying better computers, better networks, and better medical instruments. Yet, the more sophisticated these tools become, the higher becomes the likelihood that intimate information about citizens becomes compromised. In this talk, we will take the examples of smart phones and DNA sequencing to discuss these issues. We will explain how privacy can be quantified in such settings. For location-based services, we will address the trade-off between privacy level and quality of service. For genomic data, we will detail the outcome of research we have carried out in collaboration with geneticists and describe cryptographic solutions that could be deployed by hospitals in the near future.

New Cyberthreats to Space Missions by Stefano Zatti
The use of outer space is no longer restricted to the historical space race, as it now holds a number of private and institutional entities’ interests, linked to many categories of scientific and application missions. The use of outer space is regulated, and must abide by certain international rules rooted in the Outer Space Treaty of 1967; the various players have normally been compliant with.
Threats to space missions have been until recently limited to institutions or organizations with large means, capable of heavy investments in complex and expensive infrastructures. The criticality of space in relation to meteorology, earth observation, navigation, manned space flight, and telecommunications services, have deeply modified the threat profile. The increasing connectivity of these dedicated space infrastructures with ground based networks accessible via the Internet to anybody on earth, have also extended the number of potential actors behind these threats to virtually anybody on Earth.  
Security for space missions thus becomes crucial when a hacked satellite does not fly or does not provide its functions, leaving the earth-based components in a blind status, with all imaginable consequences.

After a presentation of the European Space Agency (ESA) and some of its most challenging and high-profile missions, the talk will address potential scenarios aimed at denying the services of space assets, analysing as well the implications on the citizens and then the possible sets of countermeasures.

Applying Big Data and Machine Learning to Corporate Defense by Gunter Ollmann
Corporate defenses are increasingly compiled of layers upon layers of protection technologies. Yet, attempts to collect, correlate, and action the multitude of security alerts from each layer have proved unsuccessful – leaving organizations prone to continued breaches. New techniques in managing big data and the automated analysis of unstructured data - combined with recent advances in machine learning - appear to provide new opportunities in dealing with many of the most complex information security problems organizations face today. This presentation will examine the role of big data and machine learning in future threat detection and mitigation strategies.

Lessons Learned From a Rigorous Analysis of 2 Years of Zero-Day Attacks by Dr. Marc Dacier, Ph.D.
A zero-day attack is a cyber attack exploiting a vulnerability that has not been disclosed publicly. While the vulnerability remains unknown, the software targeted cannot be patched and anti-virus products cannot detect the attack through signature-based scanning. Very little is known about zero-day attacks because, in general, data is not available until after the attacks are discovered. In this presentation, we describe and discuss the results of a systematic study of zero-day attacks between 2008 and 2011. We develop a technique for identifying and analyzing zero-day attacks from the data available through the Worldwide Intelligence Network Environment (WINE), a platform for data intensive experiments in cyber security ( WINE includes field data collected by Symantec on 11 million hosts around the world. To the best of our knowledge, this represents the first attempt to measure the prevalence and duration of zero-day attacks, as well as the impact of vulnerability disclosure on the volume of attacks observed. We identify 18 vulnerabilities exploited in the real-world before disclosure. Out of these 18 vulnerabilities, 11 were not previously known to have been employed in zero-day attacks. A typical zero-day attack lasts on average 312 days and hits multiple targets around the world; however, some of these attacks remain unknown for up to 2.5 years. After these vulnerabilities are disclosed, the volume of attacks exploiting them increases by up to 5 orders of magnitude. These findings have important technology and policy implications that we discuss.  This presentation builds upon  earlier results published at the ACM Conference on Computer and Communication Security, held in the USA, mid October 2012 by Tudor Dumitras and Leyla Bilge.

Defense Evasion Modeling – Bypassing the Cyber Kill Chain by Dr. Stefan Frei
Cybercriminals persistently challenge the security of organizations through the rapid implementation of diverse attack methodologies, state of the art malware, and innovative evasion techniques. In response organizations deploy and rely on multiple layers of diverse security technologies. This talk examines the attackers' kill chain and the measured effectiveness of typical defense technologies such as Next Generation Firewalls (NGFW), Intrusion Prevention Systems (IPS), Antivirus/Malware Detection, and browser-internal protection. Empirical data on the effectiveness of security products derived from NSS Labs' harsh real world testing is presented together with a live demonstration of successful evasion of malware detection across multiple layers of security.

SafeSlinger: Easy-to-Use and Secure Public-Key Exchange by Prof. Dr. Adrian Perrig
Users regularly experience a crisis of confidence on the Internet. Is that email or instant message truly originating from the claimed individual?  Such doubts are commonly resolved through a leap of faith, expressing the desperation of users.  To establish a secure basis for online communication, we propose SafeSlinger, a system leveraging the proliferation of smartphones to enable people to securely and privately exchange their public keys. Through the exchanged authentic public key, SafeSlinger establishes a secure channel offering secrecy and authenticity, which we use to support secure messaging and file exchange. Essentially, we support an abstraction to safely "sling" information from one device to another. SafeSlinger also provides an API for importing applications' public keys into a user's contact information. By slinging entire contact entries to others, we propose secure introductions, as the contact entry includes the SafeSlinger public keys as well as other public keys that were imported.  We present the design and implementation of SafeSlinger, which has been implemented for Android and iOS and is available from their respective app stores.

Global Bank Inc. Versus Cybercrime Inc. by Stefan Marzohl
Large financial services company like Credit Suisse increasingly depend on the Internet for doing business. This talk addresses the threats of exposing such business activities to the Internet and the way Credit Suisse is tackling mitigation efforts. Credit Suisse has developed a holistic approach to identify, prioritize and mitigate risks. The keynote will elaborate on Credit Suisse’s approach to secure Internet facing applications, in particular when accessing sensitive data or when transactions are involved. It will reflect on the different security measures, such as fraud prevention, authentication and the security of the applications itself. Besides Internet facing applications Credit Suisse encounters other threats of doing business over the Internet, such as data leakage, employee access or using outsourced services. All of this needs to be accomplished in an increasingly regulated environment, within shrinking budgets and the ever changing threat landscape.

Cybercrime, Cyberterrorism, Cyberwar – Where Are the Boundaries by Raimund Genes
Cybercrime is known and understood, and the focus of the IT-Security companies is to protect their customer base against these kind of attacks. To protect against cyberterrorism is a different task, as the attacker likely will start a targeted attack and will not care about monetary gains. This makes cyberterrorists less predictable. And then we see a whole new level of cyberthreats actually created by governments to attack other countries, and to conduct industrial espionage. And it's not just the usual suspects, China and Russia, but also the US and others. In his presentation, Raimund Genes will highlight how these developments force companies and governments to rethink IT security.

Understanding Scam Victims: Seven Principles for Systems Security by Dr. Frank Stajano
The success of many attacks on computer systems can be traced back to the security engineers not understanding the psychology of the system users they meant to protect. We examine a variety of scams and short cons that were investigated, documented and recreated for the BBC TV programme The Real Hustle and we extract from them some general principles about the recurring behavioural patterns of victims that hustlers have learnt to exploit.  We argue that an understanding of these inherent human factors vulnerabilities, and the necessity to take them into account during design rather than naïvely shifting the blame onto the gullible users, is a fundamental paradigm shift for the security engineer which, if adopted, will lead to stronger and more resilient systems security. The research presented is joint work with Paul Wilson.

Speakers and Moderators

Dr. Marc Dacier


Dr. Marc Dacier, Ph.D., Symantec Research Labs, Culver City, CA, USA
Dr. Dacier is a Sr. Director at Symantec Research Labs. Prior to joining Symantec, Dr. Dacier was a professor at Eurecom and, before that, the manager of the Global Security Analysis Lab at IBM Research in Zurich. He has served on more than 100 program committees, has co-authored more than 60 papers in peer reviewed conferences and journals. He serves on the advisory boards of several universities.

Stefan Frei

Dr. Stefan Frei, NSS Labs, Austin, TX, USA
NSS Lab's Research Director Dr. Stefan Frei is a known veteran in the security space. Before joining NSS Labs, Frei was Research Analyst Director at Secunia where he was responsible for the Lab to identify trends and turn security data into business actionable information, as well as serving as the key spokesperson on evolving threats. Prior to joining Secunia he worked for the ISS X-Force (now part of IBM) security assessment services, executing high profile cutting edge attack-based consultancy services throughout EMEA. Frei is an accomplished security writer for various publications, authoring a number influencing papers and reports, and he frequently speaks at leading conferences and industry workshops (e.g. BlackHat, DefCon, RSA, FIRST, ISF, InfoSec, eCrime). He is an electrical engineer by training and holds a PhD and business degree from the Swiss Federal Institute of Technology.

Raimund Genes

Raimund Genes, Trend Micro, München, Germany
Raimund Genes brings more than 30 years of computer and network security experience to his position of Chief Technology Officer at Trend Micro. In this role, Mr. Genes is responsible for introducing new methods to detect and eradicate threats. He is responsible for a team of developers and researchers around the globe who research and develop new core technology components to protect against email, Web and file-based threats under the Smart Protection Network umbrella. Raimund has held several executive management positions within Trend Micro including General Manager for Trend Micro’s Incubation Business, President of European Operations; European Vice President of Sales and Marketing; and Managing Director. Raimund worked in the German air force for 12 years in radar guidance and aircraft tracking and holds a master of science in radar guidance from the German Air Force Academy. He is also a Certified Network Engineer.

Jean-Pierre Hubaux

Prof. Dr. Jean-Pierre Hubaux, EPFL, Lausanne
Jean-Pierre Hubaux is a professor in the School of Computer and Communication Sciences of EPFL and has done pioneering work in the security of mobile ad hoc networks and of vehicular networks.  He has published more than 100 papers and co-authored a book on this topic. He was the chair of the steering committee of the ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc) and of the ACM Conference on Security and Privacy on Wireless and Mobile Networks (WiSec). Today, he is one of the very few faculty members in Europe focusing his research on privacy enhancing technologies. In 2011, he started research in genome privacy, in close collaboration with geneticists at EPFL and CHUV and with a start-up company named SophiaGenetics.
He held visiting positions at the IBM T.J. Watson Research Center and at UC Berkeley. He is one of the seven commissioners of the Swiss FCC and a Fellow of both ACM and IEEE.
More about him can be found at

Prof. Phil Janson

Prof. Phil Janson, 'Professor of IT security engineering, EPFL, Conference Board
Phil Janson got a BS in EE from the U. of Brussels and MS, EE, and Ph.D. in Computer Science from M.I.T. In 1977 he joined the IBM Zurich Research Lab. In 1986 he worked on OS/2 LAN gateways at the IBM Development Lab in Austin, Texas. In 1995 he became head of a new Computer Science Department at the IBM Zurich Lab, which he built up until 1999, with a focus on IT security technologies, smart cards, pervasive computing and e-business. From 1995 to 2007 he was also Relationship Manager for Europe between IBM Research and the IBM Financial Services Sector. In 2001 he became a member of the Advisory Board of the Informatics and Communication Systems Dept of the EPF in Lausanne and was elected to the Research Council of the Swiss National Foundation. Nowadays He teaches IT security engineering at the Swiss Federal Institute of Technology in Lausanne (EPFL). He holds a dozen patents and has written over 50 papers in the areas of IT security and distributed systems as well as a book on Operating Systems.


Dr. Balachander Krishnamurthy, AT&T Labs - Research, Florham Park, NJ, USA
Balachander Krishnamurthy of AT&T Labs--Research works on all aspects  of Internet privacy, Online Social Networks, and Internet measurements. He has authored and edited ten books, published over 90 technical papers,  holds forty patents, and has given invited talks in thirty five countries. He co-founded the successful Internet Measurement Conference and in 2013  the first ACM Conference on Online Social Networks (  He has been on the thesis committee of several PhD students, collaborated  with over seventy five researchers worldwide, and given tutorials at  several industrial sites and conferences. His most recent book is ""Internet Measurements: Infrastructure,  Traffic and Applications"" (525pp, Wiley, with Mark Crovella). The earlier book 'Web Protocols and Practice"" (672 pp, Addison-Wesley,  with Jennifer Rexford) is the first in-depth book on the technology  underlying the World Wide Web, and has been translated into Portuguese,  Japanese,  Russian, and Chinese. Bala is homepageless and not on any OSN  but many of his papers can be found at""

Stefan Marzohl

Stefan Marzohl, Credit Suisse, Zurich
Stefan Marzohl heads up IT Security Architecture globally for Credit Suisse. The mandate of his team is to reduce operational risk, promote adequate protection of data using appropriate technologies and processes and provide adequate traceability of business transactions. The IT Security Architecture unit provides security strategies, standards and guidelines to all business units globally. Stefan Marzohl has an extensive background in Software Development and Systems Engineering. After almost 10 years of being an independent consultant in Telecommunications, he joined Credit Suisse in 2002 as a senior Telecommunications engineer. He then spent 5 years in London as the global CTO for Telecommunications and Infrastructure Security. In 2011 he moved back to Zürich to head up IT Security Architecture.

Gunter Ollmann Gunter Ollmann, ioActive, Inc., Seattle, WA, USA
As IOActive's Chief Technology Officer Gunter Ollmann plays a key role in shaping IOActive's services strategy as the company embarks on its next phase of growth and leadership in innovative service offerings in semiconductor security, embedded software risks and device threats. Prior to joining IOActive, Ollmann served as the vice president of research and CTO at Damballa, where he focused on inventing new crimeware mitigation technologies and the identification of criminal operators behind botnets and other advanced persistent threats. Before joining Damballa, Ollmann held several strategic positions at IBM Internet Security Systems (IBM ISS), most recently as chief security strategist. In this role, he was responsible for predicting the evolution of future threats and helping guide IBM's overall security research and protection strategy, as well as serving as the key IBM spokesperson on evolving threats and mitigation techniques. He also held the role of director of X-Force and was former head of X-Force security assessment services for EMEA while at ISS (which was acquired by IBM in 2006).

Adrian Perrig
Prof. Dr. Adrian Perrig, ETH Zürich, Zurich
Adrian Perrig is a Professor of Computer Science at the Department of Computer Science at the Swiss Federal Institute of Technology (ETH) in Zürich, where he leads the network security group. From 2002 to 2012, he was a Professor of Electrical and Computer Engineering, Engineering and Public Policy, and Computer Science (courtesy) at Carnegie Mellon University. He served as the technical director for Carnegie Mellon's Cybersecurity  Laboratory (CyLab). He earned his Ph.D. degree in Computer Science from Carnegie Mellon University under the guidance of J. D. Tygar, and spent three years during his Ph.D. degree at the University of California at Berkeley. He received his B.Sc. degree in Computer Engineering from the Swiss Federal Institute of Technology in Lausanne (EPFL). Adrian's research revolves around building secure systems and includes network security, trustworthy computing, and security for social networks.

Prof. Dr. Bernhard Plattner Prof. Dr. Bernhard Plattner, Professor of Computer Engineering at ETH Zurich,
Conference Chair, Board Member ISSS
Bernhard Plattner is a Professor of Computer Engineering at ETH Zurich, where he leads the Communication Systems research group (CSG) at the Computer Engineering and Networks Laboratory (TIK). He has been the principal investigator or Co-PI of numerous national and international projects. His research currently focuses on software-defined networks, mobile computing and systems-oriented aspects of information security. In the past, he performed research in applications of communication systems and higher layer protocols, integrated services networks, multimedia applications for high-speed networks and has explored new approaches to pro¬tocol engineering. Between 1996 and 2005 he pioneered research on active networks and new approaches for dynamic service creation and management.

Dr. Lukas Ruf Dr. Lukas Ruf, CEO, Consecom AG, Conference Board, Board Member ISSS
Dr. Lukas Ruf is Senior ICT Security and Strategy Consultant and CEO with Consecom AG. He has been active in consulting for more than twenty years. His primary areas of interests are Information Security Management Systems, Identity and Access Management, Secure Information Systems, and IT-Strategy Consulting. Longterm experience encompasses Governance, Processes and Technology oriented design and review mandates.

Dr. Bruce Schneier Dr. Bruce Schneier
Bruce Schneier is an internationally renowned security technologist, called a "security guru" by The Economist. He is the author of 12 books - including Liars and Outliers: Enabling the Trust Society Needs to Survive - as well as hundreds of articles, essays, and academic papers. His influential newsletter "Crypto-Gram" and his blog "Schneier on Security" are read by over 250,000 people. He has testified before Congress, is a frequent guest on television and radio, has served on several government committees, and is regularly quoted in the press. Schneier is a fellow at the Berkman Center for Internet and Society at Harvard Law School, a program fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the Security Futurologist for BT -- formerly British Telecom.

Frank Stajano
Dr. Frank Stajano, University of Cambridge, Cambridge, UK
"Frank Stajano, PhD, is a faculty member in the security group of the University of Cambridge Computer Laboratory and has been a research scientist in industry for several years (Olivetti, Oracle, AT&T, Toshiba, Google). His personal grand challenge is making the digital society fair for non-geeks: this motivates his research interests in privacy, in the psychology of security and, specifically, in liberating computer users from passwords with his ERC-funded Pico project. He holds a PhD in computer security from the University of Cambridge. He is a Toshiba Fellow and the author of ""Security for Ubiquitous Computing"" (Wiley, 2002)."

Dr. Ursula Widmer Dr. Ursula Widmer, President ISSS,  Dr. Widmer & Partners, attorneys-at-law
Ursula Widmer, Dr. iur., attorney-at-law, studied law at the University of Berne. Bar admission in 1982. Academic collaborator of the Institute of Swiss Private and Comparative Law. Thesis on the subject of «Liability for software defects». Founding partner of Dr. Widmer & Partners, attorneys-at-law, Berne, Switzerland, a commercial law firm specializing in IT, Internet and Telecommunications Law. Lecturer in IT and Internet law at the University of Berne and lecturer in Information Security Law at the Swiss Federal Institute of Technology Zurich (ETHZ). Former member of the Swiss Federal Data Protection Commission. Board member of the German Foundation for Law and Information Technology (DSRI), President of the Information Security Society Switzerland (ISSS) and Past President of the International Technology Law Association (ITechLaw).

 Stefano Zatti Stefano Zatti, Security Office Manager, European Space Agency, Rome, Italy
Stefano Zatti is the Manager of the Security Office of the European Space Agency, based in Frascati, Italy. He is responsible for the policy definition and control of the implementation of all aspects of security in the Agency. He has worked for ESA since 1993, covering roles related to the design and operations of the information systems and the communication networks of the Agency and then focussing on the security thereof. In 2002, he founded the ESACERT. He worked before for the IBM Zurich Research Laboratory, where he took part in projects on internetworking, secure authentication and key distribution (Kryptoknight), and security management (Samson), and at the University of California at Berkeley, where he worked on distributed systems (clock synchronization – the TEMPO project, that was transferred into Berkeley Unix 4.2, and load balancing) during the glorious times of Berkeley Unix. He teaches a graduate course on “Corporate Security Policies” at the University of Rome “La Sapienza”. He holds a Laurea Degree in Mathematics from the University of Pavia, Italy and a Master of Science in Electrical Engineering & Computer Science from the University of California at Berkeley, USA.


ISSS Excellence Award Jury 2013

Prof. Dr. Srdjan Capkun

Prof. Dr. Srdjan Capkun, ETH Zurich  
Srdjan Capkun (Srđan Čapkun) is an Associate Professor in the Department of Computer Science, ETH Zurich and Director of the Zurich Information Security and Privacy Center (ZISC). He was born in Split, Croatia. He received his Dipl.Ing. Degree in Electrical Engineering / Computer Science from the University of Split, Croatia (1998), and his Ph.D. degree in Communication Systems from EPFL (Swiss Federal Institute of Technology - Lausanne) (2004). Prior to joining ETH Zurich in 2006 he was a postdoctoral researcher in the Networked & Embedded Systems Laboratory (NESL), University of California Los Angeles and an Assistant Professor in the Informatics and Mathematical Modeling Department (IMM), Technical University of Denmark (DTU).

Prof. Dr. Hannes Lubich

Prof. Dr. Hannes Lubich, FHNW  
Dr. Hannes Lubich has worked in the areas of operating systems, network technologies, computer-supported cooperative work, security management and IT architecture for 20 years. For 10 years he was a researcher and senior lecturer at the Swiss Federal Institute of Technology, and was responsible for creating and running the Swiss Academic and Research Network (SWITCH), as well as the Swiss Computer Emergency Response Team (CERT). For 7 years he was the Chief IT Security Officer (CISO) of Julius Baer Group, a large, Swiss-based international private bank. For 4 years he worked for CA Inc. as a Principal Consultant and IT Security Strategist for the region Central Europe. From mid 2007 to January 2009, he was the EMEA Head of the Business Continuity, Security and Governance (BCSG) Practice of British Telecom Global Services.

Prof. Dr. Serge Vaudenay

Prof. Dr. Serge Vaudenay, EPF Lausanne
Serge Vaudenay entered at the Ecole Normale Supérieure in 1989 with a major in mathematics. He earned his agrégation (secondary teaching degree) in mathematics in 1992, then a PhD in Computer Science at the University of Paris 7 - Denis Diderot in 1995. He subsequently became a senior research fellow at the CNRS, prior to being granted his habilitation à diriger des recherches (a postdoctoral degree authorizing the recipient to supervise doctoral students). In 1999, he was appointed as a Professor at the EPFL, where he created the Security and Cryptography Laboratory. Current work: Cryptographic analysis: security analysis (security proofs, attacks) of cryptographic primitives; Lightweight cryptography: design and analysis of cryptographic primitives in constrained environments (stream cipher, key agreement, RFID privacy); Secure communication channels: key agreement, authentication and confidentiality, privacy.

We Thank Our Sponsors!

We are grateful for the generous support of our sponsors for the First ISSS Information Security Switzerland Conference.





Media Partners

How to reach the Conference Hotel Lausanne Palace

Address: Lausanne Palace & Spa Hotel, Grand Chêne 7-9, 1002 Lausanne, Switzerland

How to reach the hotel from the Lausanne railway station:

1) By Walking
If you are travelling light, you can take the pedestrian street right in front of the main exit of the station, and walk up this street until the end. Then you will have to turn to your left, you will see the hotel a few meters away. This is a 10 minutes walk (500 meters).

2) By Taxi
There is a station just outside the railway station and it is a 5-7 minutes ride.

3) By Metro
The station is in front of the main entrance on the "Place de la Gare".
Take line 2, direction "Croisette" and stop at the next station "Lausanne Flon".
There will be an elavator from the platform to take you up. The hotel will be right behind you on your way out.

How to get to Lausanne by Train:

From Zurich HB:click to make bigger
07:04 departure                                      
09:10 arrival     

Form Bern SBB:
08:04 departure                                    
09:10 arrival

From Basel SBB:
07:04 departure                                       
09:10 arrival       

From Geneva SBB:
08:33 departure                                       
09:12 arrival

From Neuchâtel SBB:
08:34 departure
09:15 arrival

From Fribourg SBB:
08:26 dep
09:10 arrival

From St. Gallen SBB:
05:44 departure
09:10 arrival

How to reach the hotel by car:
Take the N5 direction Geneva (Génève) / Nyon / Lausanne. Then take the A9 direction Simplon / Grand-Saint-Bernard / Lausanne. Rejoin the Swiss motorway A1 in the direction of Lausanne-Sud / Geneva (Genève) then Lausanne-Ouchy / Lausanne-Maladière / Lausanne-Malley / Lausanne-Centre. Take exit no. 2 and continue on the Avenue du Chabalais for 1.5 km. At the roundabout, continue straight ahead on Avenue de Provence then on Avenue de Tivoli. Continue on the Avenue Jules Gonin then Rue du Grand Chêne.