Public and private sector are and should be in a constant state of defence. They continue to be faced with new and advanced cyber-attacks that increase the overall risk to citizens and customers. Bringing together cyber risks and operational risks is key to improving an enterprise risk management strategy and resulting operational resilience. While cyber related operational risk has traditionally focused on how to avoid foreseeable catastrophic events, operational cyber resiliency is achieved by having the ability to absorb and rapidly respond to such events, and to further learn and adapt to them. Our session will focus key challenges and practical steps in achieving cyber resilience.
Machine learning and data analytics promise tremendous scope for improving infosec programs with over 90% of cyber attacks caused by a lack of data-driven understanding and monitoring of cyber hygiene. In this session, Stephane will reflect on his experiences with leveraging ML at BNP Paribas to improve detection of breaches and DLP risks as Covid-19 made understanding staff behaviors challenging as they shed the following of standard work procedures and protocols in a remote-work operating model. In this session, learn about:
Zero trust is often being touted as the solution to the sudden expansion in the cyber security perimeter that remote working has brought about. Lack of control over networks and end points and complexities with identity authentication are just a few of the big rocks any CISO today is having to think about. In this session, hear how to create a mature, scaled zero trust environment in their organisation to understand:
Most infosec teams today have been thinking hard about third party risk (TPR) management as their organisation transitions to the new "normal" that we'll adopt likely post Covid-19 too. Traditional surveys and frameworks are not going to be fit for purpose anymore in this environment and in this talk, see panelists will reflect on their professional experiences to share insights around:
· What gaps in your TPR did you uncover through your Covid-19 experience?
· How are you changing controls and governance over cyber risks & third party risks for the future?
· What are some ways you’re trying to improve how TPRs are quantified and understood by the business?
· How do you seek to improve quality and speed of data collection across your third party environments?
· What steps are you taking to enable an automated, continuous monitoring approach to TPRs?
As organisations accelerate digital transformation programs, with a consequent expansion within emerging technologies, they are constantly exposing their organisations to digital IT risk. With limited budgets and an expanding threat environment and risk landscape to secure, this session will see Neha Malhotra reflect on to share insights around: