If there is any one person in global corporate enterprise that is equipped to deal with the turbulent uncertainty of a global pandemic, it’s the CISO. A CISO’s career informs every decision leading up to this morning. But tomorrow’s breaches are born from today’s threats. Succeeding today only gives you the opportunity to battle more uncertainty tomorrow.
Q2 2020 informed us that our current universal reality will be with us longer term. More importantly, distinct reactions have provided the reality that our respective threat matrices will be increasingly local as regions continue to bifurcate from each other on pandemic response.
Fresh off a deep dive into the APAC region, the Cyber Security Hub brings you this EMEA focused virtual event. EMEA is ‘more open’ than APAC and the Americas and with that distinction comes new potential incidents that have not yet been seen by the rest of the world.
And so, now more than ever is the precise moment for our Cyber Security Hub EMEA Summit October 13-14, 2020.
- Amplifying the enterprise endpoint security focus
- Deep diving into IAM & PAM
- Realizing secure infrastructure, frameworks and standards
- Keeping pace with evolving global standards and regulations
- Unpacking enterprise security awareness
- Continuing to secure the enterprise through the onslaught of new attacks brought about by remote work
- Becoming the Technician with Legal Expertise who is a Business Executive CISO
What to expect from CS Digital EMEA:
- Access to cutting edge content and world class speakers from the comfort of your desk
- Videos: Downloadable MP4 recordings of all presentations
- Downloadable slides you can review again and again
- Opportunity to meet cutting edge technology providers
Who is it for?
- Cyber Security executives who want to hear from and engage with their peers on similar pain points/challenges faced within the APAC region
- Attendees of IQPC Cyber Security events that missed sessions or want to re-listen
- CS professionals based outside the APAC region who want to learn from APAC market case studies
Who should attend?
- Head and directors of Cyber Security
- Head and directors of Information Security
- Head and directors of IT
- Providers of cyber security solutions, services and software
Day One: October 13
Chairman´s Opening Remarks
Your Data: Training Eyes On The Focus Of Defense As Opposed To The Defense Itself
A traditional focus on perimeter was cogent when all were on prem. As the workforce has become more distributed, the focus must be on not only defending the jewels but the jewels themselves.
- Realizing true focus on a now infinite perimeter is difficult
- Crystalizing absolute understanding of data at rest and data in transit
- Coming to terms with petabytes of data points metastasizing the attack surface
- Elucidating the science that governs your data management
13:00pm CET: Your Systems: Divining Winning Combinations Of Cloud, Access, Endpoint, SIEM & SOAR
Cyber security budgets are flat or down. In a truly unfortunate confluence of events, CISOs are simultaneously dealing with an unprecedentedly dangerous threat landscape. Understanding not only where true vulnerabilities lie, but how those vulnerabilities can be fortified while being frugal is a task fraught with ferment.
- Realizing that cloud migration has become cloud evolution
- To CASB or not to CASB, that is the question
- Uncovering the dovetailing of access and endpoint
- Asking who and what simultaneously
- Beat AI with AI
- Expediting smart automation within the enterprise
- Spending at least 10% of your time focusing on what’s next
- Today’s bright shiny object is tomorrows technical debt
14:00pm CET: Your People: User Awareness, Insider Threats & A Distributed Workforce
A craftsman never blames their tools. It is not the systems that ultimately fail cyber security professionals- it's the people. Insider threats do abound but more often than malfeasance being a driver, misfeasance is the key to a breach. It wasn't the firewall that failed Capital One- it was a misconfiguration.
- Constantly reinventing user awareness initiatives in the face of a constantly evolving threat landscape
- Continually ferreting out malicious insider threats while zeroing in on benign insider threats with the same zest and gusto
- Outpacing the knowledge of your distributed workforce on new collaboration tools
- Remaining vigilant with your people via the sweetest possible means
15:00pm CET: VPN vs. RDS vs. VDI: An Evolution In Enterprise Remote Access Endpoint Security
Your distributed workforce is acting as a dispersive prism for the spotlight now on your remote access tool. A new focus on endpoint security has blossomed from the seeds of the global pandemic. It’s time to re-ask the following questions:
- What does your VPN still do that the alternatives don’t?
- What does your ‘hybrid’ RDS offer that VPN and VDI can’t?
- What does your VDI do with distinction?
- What do you need to do about your remote access no matter it’s form?
Day Two: October 14
Chairman´s Opening Remarks
12:00pm CET: Unpacking The New True Definition Of The CISO Role
Comprehensive cyber risk management requires the cooperation and expertise of individuals beyond the CISO. However, it starts with the CISO, and, for better or worse, the onus falls upon them. In order to break down silos and the castle-and-moat strategy that no longer works for cyber security, CISOs must be able to think like a businessperson. Translating security data into business metrics and creating a cyber security team beyond IT are two topics this discussion will explore. Also discussed in this session:
- Balancing CISO strengths and weaknesses with “deputy” positions
- The necessity of soft leadership skills in order to communicate the importance of cyber security adherence across workflow
- Collaborating with HR to create a cohesive cyber security ecosystem
1:00pm CET: The Step-Change in Access Management and Why it Matters
There was a day not so long ago where identity and access management (IAM) and privileged access management (PAM) involved simply locking down and controlling enterprise devices. Now, with the explosion of CYOD, the cloud, and digital transformations, IAM frameworks look entirely different. Discussed in this session:
- On-prem, cloud, and hybrid IAM solutions
- Controlling user identity and data access as opposed to applications and devices
- Investing in an IAM strategy that runs efficiently and cost-effectively
- Understanding how to work within GDPR guidelines while creating an IAM framework
2:00pm CET: Putting The S On GRC; Governance, Regulation, Compliance And Security
Cyber security is continuing to experience a global wave of legal and regulatory changes. When an enterprise is unprepared for changes in compliance, they open themselves up to not only legal ramifications but also security threats. CISOs have an ever more important role to play in the execution of regulatory compliance frameworks.
- Current established regulatory compliance frameworks and CISO’s role in them
- Partnering with third parties for compliance assessments
- Why compliance standards are an asset to the cyber security team; not a burden
3:00pm CET: IoT: A New Threat Landscape From Vending Machines To Smart Speakers
Enterprise IoT has been simmering on the back burner since 2016. At that time, the infrastructure to mainstream IoT devices simply didn’t exist. However, with the expansion of the cloud and rollout of 5G, change is upon us. Organizations need to address cyber security issues throughout IoT lifecycles. If the numbers say anything, they’re off to a good start. According to a Forbes roundup of IoT forecasts and market estimates, Gartner has predicted that spending on IoT Endpoint Security solutions will increase from $240M in 2016 to $631M in 2021. Further considerations discussed in this panel are:
- Adjusting organizational policies for IoT
- Implementing mitigation practices
- How to protect device, data, and personal security