8.30am till 5pm
Crowne Plaza Hotel
Via Aurelia Antica, 413
Following 4 previous editions in Brussels, New York, and Brazil – Free and Safe in Cyberspace comes to Rome, in advance of next March Italian general elections.
We’ll discuss how new standards, certification, and policies can radically minimize threats and maximize the opportunities of IT and AI security for the democratic accountability of our public institutions and for the economic development of Europe, Italy and Lazio Region.
The cybersecurity market has grown 30 times in the last 10 years to $120 billion. Yet the cost of cybercrime will accrue to $8 trillion by 2022. Not to mention that our democracies appear increasingly held for ransom by the best hackers. Large-scale hacking of critical autonomous systems and social media is fast becoming the most dangerous criminal weapon. Military systems are no less immune, but less is publicly discussed since their hacking becomes state secret as it happens. Meanwhile, security agencies wildly overstate the security of secure apps and other products to less expert criminals to use them.
Nearly all IT systems today, even those for the most sensitive uses, are hackable by even mid-level attackers, due to hyper-complexity and backdoors that states have been unable to keep for themselves. The World is turning into a Hacker Republic, where the most economic and political power accrues to those with hacking and informational superiority in IT and AI.
How did we get here and what can we do about it? For starter, the speed of IT for everyday computing requires complexity that is hopelessly incompatible with constitutionally-meaningful* privacy. There is nothing we can do about it, democracies will need to adapt their rules around it, but we are ready to accept that for 99% of our computing. But then again, there is a 1% of sensitive critical functions where citizens, enterprises, and governments have a huge need and demand for IT and AI with constitutionally-meaningful cybersecurity, even if it comes at a great sacrifice in speed, features, and cost.
But then why are these not available even for nearly all the richest and most powerful? Because powerful nations understandably felt the need that every IT system and all times is promptly hackable – in an era of rampant terrorism, unbreakable encryption, and lack of remote lawful access mechanisms. They resorted stockpiling discovered vulnerabilities instead of fixing them, promoting inadequate and flawed standards, and outright inserting backdoors all the way down to CPU and chip fabrication.
Can constitutionally-meaningful* cybersecurity be transparently reconciled with lawful access, so that it can be made available to our institutions, enterprises, and citizens without creating a public safety risk? Can we be both Free and Safe in Cyberspace? or do we have to choose? Can we even choose, really, or is it a “both or neither” challenge?
Can a few EU members states, regions and other stakeholders lead, by leveraging open components to build an entire new ultra-secure computing ecosystem and standard – parallel and not alternative to everyday IT devices – whereby transparency, oversight, accountability, and extreme levels of inspection in relation to complexity, become the secret sauce to ensure both the individual freedom, lawful access and public safety?
( “*” to be confirmed, but confirmed availability in 2016 for the same event;
“**” to be confirmed and invited)
- Anthony J. Ferrante. Managing Director & Head of Cybersecurity at FTI Consulting. Formerly served as Obama’s Director for Cyberincident Response & Cybersecurity Policy at the National Security Council. Former Chief of Staff of the Cyber Division at the US Federal Bureau of Investigation. He played a key role in the Whitehouse mitigation of Russian attacks during the 2017 US Presidential elections. (LinkedIn)
- Michael Sieber. Director of the Federal Office for Equipment, Information Technology and Use (BAAINBw) of the German Federal Armed Forces. Formerly Head of Information Superiority of European Defence Agency. (2014-2016), and Assistant Director Research & Technology (2010-2013). (Linkedin)
- Reinard Posch. Since 2001, he is Chief Information Officer (CIO) for the Federal Government of Austria responsible for strategic coordination of activities in the field of ICT including all levels of government. Since 2005 Head of the platform Digital AUSTRIA. Since 1999, he is Scientific Director of the Austrian Secure Information Technology Center (ASIT), setting state cybersecurity standards at all levels (member of SOGIS). From 2007 to 2011 he was Chairman of the Management Board of the European Network and Information Security Agency (ENISA).(online CV)
- Stefano Quintarelli. Currently a Deputy of the Italian Republic. Serves as Chairman of Steering Board of Italian Digital Agency. First signer of the 2014 national legislative proposal of “technological sovereignty and documented hardware”(url). Co-founder of the Italian IT security associations CLUSIT and AIPSI.Formerly professor of Computer Security. Formerly head of IT Section of the Italian main financial newspaper(Linkedin)
- Alexander Elkin. NGO Liason at Trustless Computing Association. Director of Business Development – Mission-critical NGOs at TRUSTLESS.AI. Formerly Head of Strategy & Internet Projects at Transparency International Russia.
- Raoul Chiesa. President of Security Brokers.The most famous Italian hacker for the last 30 years. Consultant and advisor to ENISA, Nato, Italian Ministry of Defense, United Nations UNICRI. (Linkedin)
- Davide Barillari. Councilor and former Head of Councilors of M5S Party at the Lazio Region. Former M5S candidate governor for Lazio Region (2013). Founder of Parelon, an open source e-participation IT service. Formerly Senior architect at IBM Italy. First underwriter of a 2014 Lazio regional law requiring “trustless computing” extreme transparency and audit of CPU and fabrication oversight for sensitive public e-services, and allocating EU regional R&D funds to cybersecurity and open Web. (Linkedin).
- Paolo Acunzo. Vice-President of Lazio Region of the Italian Democratic Party (PD), and Member of its National Directorate. Undersecretary at the European Federalist Movement. Industrial Liason Officer at ENEA, Italy nuclear agency.(Linkedin)
- Jovan Golic. Internationally recognized cryptographer and IT assurance expert. Formerly Privacy, Security and Trust Action Line Leader of EIT Digital. Senior innovation Director at Telecom Italia. (Linkedin)
- Raffaele Barberio. Leading Italian journalist. Editor at Key4biz, a leading Italian IT and cybersecurity news agency. President of the NGO Privacy Italia. (Linkedin)
- Rufo Guerreschi. Ceo of TRUSTLESS.AI and Exec. Dir. of Trustless Computing Association, promoting a standard and certifications body – a compliant open computing base and devices aimed at radically unprecedented levels of confidentiality and integrity, while enabling legitimate and constitutional lawful access. Formerly CEO of the Open Media Park, a planned tech park in the Lazio Region focusing on leading-edge cybersecurity of communications and artificial intelligence. (Linkedin)
- Rita Forsi*. Director of ISTICOM, the agency of the Italian of the Ministry of Economic Development that operates the Italian CERT, and sets certification for devices for the handling of state secret, under the guidance of Italian DIS, the Security Intelligence Department. (Linkedin)
- Roberto Baldoni*. Director Cybersecurity of the Italian Security Intelligence Department (DIS). Former director of the Center for Cyber Intelligence and Information Security, La Sapienza University. Autor of the Libro Bianco sulla Cybersecurity (pdf) Art. 3.4 deals with hardware and fabrication security). (LinkedIn)
- Angelo Tofalo**. Cybersecurity and intelligence researcher. Deputy of the Italian Parliament. Member of the Italian Parliamentary Committee for Intelligence Services Oversight (COPASIR). Policy leader for cybersecurity of Italy largest party, M5S, which has proposed an increase by €2 billion in public funds for cybersecurity.(Linkedin)
- Pierluigi Paganini*. Scientific Director of Master in Sicurezza Informatica e Cybersecurity al Link Campus. CTO at CybSec Enterprise. Member of ENISA Threat Landscape Stakeholder Group. Former CISO at Bit4D, leading Italian ID tech provider. Editor at Securityaffairs.co. Formerly a senior engineer at ST-Microelectronics. (Linkedin)
- Marit Hansen*. Data Protection Supervisor of the State of Schleswig-Holstein of the Federal Republic of Germany. The Privacy Commissioner of Schleswig-Holstein, Marit Hansen, is head of ULD. ULD is responsible for both freedom of information as well as data protection at private and public sector entities seated in Schleswig-Holstein.(Linkedin)
- Bart Preneel*. Arguably the most-recognized EU cryptographer and IT Security expert. Former President of the International Association for Cryptologic Research (2008-2014). Professor at KU Leuven COSIC group, organizers of the leading EU crypto conference Eurocrypt. Consultant to NIST on governance reform. Project manager of the Network of Excellence ECRYPT II ECRYPT-NET (2015-2019) and ECRYPT CSA (2015-2017).(Linkedin)
- Glyn Moody*. (MODERATOR) World-renowned Journalist and book author on digital civil rights. Contributing Policy Editor at ArsTechnica. His writings have appeared in Wired, The Guardian, Daily Telegraph, New Scientist, The Economist, Financial Times, Computer Weekly and Techdirt. (Linkedin)
- Carlo Blengino*. Lawyer, professor and constitutional legal expert in the area of digital privacy and surveillance. Fellow at NEXA Center for Internet & Society at the Politecnico di Torino.(Linkedin)
- Cosimo Comella*, Head of Digital Technologies and IT Security at the Italian Data Protection Agency.(Linkedin)
- 18.00-21.00 Reception at the Crowne Plaza Hotel for speakers, media, and guests.
- 08.30 – Coffee Break for attendees and speakers
- 09.00 – Welcome and introduction by organizers.
- 09.10 – Keynote by TBD
- 09.30 – CHALLENGE A: How can we achieve constitutionally-meaningful* IT security of communications?
What standards, standard setting and certifications processes can enable users to reliably assess their actual trustworthiness? What scale of investments are needed? How likely is it that they would sustainably be legally allowed?
- Moderator: TBD
- Panelists: TBD
- 10.30 – Keynote by TBD
- 10.50 – Coffee Break
- 11.05 – CHALLENGE B: How can we achieve constitutionally-meaningful* IT security that complies with legitimate and constitutional lawful access requests, without adding any additional risk to users’ privacy?
- Moderator: TBD
- Panelists: TBD
- 12.05 – Keynote by TBD
- 12.15 – PANEL: The future of cybersecurity for the most critical enterprise computing
The latest vulnerabilities show how even the most secure enterprise systems are radically inadequate to protect enterprises most critical data, communications, negotiations, and executives. From next May, GDPR will mandate disclosure of internal hacks, which may be much most costly – in reputation and competitive advantage – then the loss of consumer credentials. What are the prospects of new certifications and compliant technologies to deliver on those needs?
- 13.00 – LUNCH BREAK: light lunch for speakers, media, attendees and special guests
- 14.10 – Keynote by TBD
- 14.30 – CHALLENGE C: Can standards for ultra-high assurance* IT security, similarly advance the security of critical autonomous and AI systems and spur economic development?
Can ultra-high assurance ICT standards, applied to their most critical deterministic sub-systems, contribute substantially or radically to AI security? Can non-governmental ultra-high assurance (deterministic) IT standards – and related licensing and certification governance models – spur sustainable AI-driven economic development and foster short- and long-term AI safety and value alignment?
- Moderator: TBD
- Panelists: TBD
- 15.30 – Keynote by TBD
- 15.40 – Coffee Break
- 16.00 – CHALLENGE D (IN ITALIANO): Può la cybersicurezza e Intelligenza Artificiale divenire un primario volano di sviluppo della Regione Lazio e di Roma?!
Si dibatterà di come e se nuove tecnologie e nuovi standards cybersecurity per comunicazioni e intelligenza artificiale – per una regione come la Regione Lazio che ha la massima concentrazione di enti di ricerca in EU nella sicurezza, e importanti initiative private sul territorio – possano diventare: (a) un importante cardine dello sviluppo economico ed occupazionale; (b) modalità per adottare in maniera avanzata ma responsabile le più avanzate tecnologie per l’efficentamento dei servizi sanitari; (c) modo di migliorare la partecipazione responsabile dei cittadini.
- Moderator: TBD
- Panelists: Davide Barillari, Paolo Acunzo, …
- 17.10 – Keynote by TBD
- 17.40 – Closing by organizers.
- 21.00-23.00 – Dinner for panelists, media, speakers and special guests