Tuesday 12th November 2019
09:30 - 10:15 The CISO Challenge: How to Effectively Speak Cyber Security to your Executive Board
New research highlights key management and communication issues facing those responsible for cyber security, including entrenched perceptions by senior leadership and employees. Nearly 50% of cyber security professionals, for example, believe executive boards see them in just a maintenance role, rather than a source of innovation that contributes to the business. Given the enormous impact of security breaches and the increase in compliance requirements, CISOs need to communicate the value of cyber security across all levels of their organizations.
- Learn how to communicate to your Executive board and change perceptions that restrict cyber security effectiveness
- Find out the key metrics to a CISO’s success
- Learn how to make cyber security a more positive experience for all employees and departments
Joseph Carson, Chief Security Scientist (CSS) & Advisory CISO, Thycotic
10:30 - 11:15 Is Your Business Audit-Ready?: Third Party Risk Management Best Practices for Regulation
Amidst several stringent privacy regulations, businesses are under pressure to look closely at how they assess, monitor, and mitigate risk with third-parties. To maintain compliance with all applicable regulations, companies are seeking more automation and centralized databases for third-party risk management throughout the entire vendor lifecycle. In this session, discover the key operational features to implement in your own organization to ensure you’re audit ready for any regulation.
- How to streamline third-party risk management program for compliance with major regulations
- The top components of third-party risk management regulation
- What activities should be completed to prepare for compliance
Zach Reed, Solutions Engineer, OneTrust
11:30 - 12:15 How Asset Management Went From Boring, to Top of Mind
In the world of cybersecurity, asset management has been the boring sibling of more exciting things like threat hunting, deception, and automation. But the foundational challenges of understanding what devices, users, and cloud instances are in our environments have jumped to the top of CISOs priority lists. In this short, 30-minute webinar we’ll look at the challenges around making sure all assets comply with security policies, and we’ll discuss:
- How to get a complete asset inventory using the tools companies are already using
- How to uncover security solution coverage gaps
- How to automate policy validation and enforcement
Nathan Burke, Chief Marketing Officer, Axonius
12:30 - 13:15 The Use of Offensive AI in Cyber Security
Recent years have seen breakthroughs in the use of ML and AI, where huge benefits are gained in fields like autonomous vehicles, healthcare, cyber defense etc. Cyber attackers are always looking to improve their ROI when it comes to cybercrime, and they are extremely innovative when it comes to that. In this session, discover how we anticipate adversaries to start using ML & AI in offensive cyber security.
- Understand the motivations behind adopting AI for attacks
- A short term perspective and long term perspective of Offensive-AI
- Case study examples of real-life situations
Max Heinemeyer, Director of Threat Hunting, Darktrace
13:30-14:15 Knowing your enemy: Attack simulation in 2020
Although businesses have invested heavily in security, breaches have not been eliminated. What does it take to ensure we stay aware of our security posture? Join this session to learn how multinational companies use the latest automated attack simulation tools to know in advance what happens if they are breached.
- How to identify IT hygiene issues in real time
- Why Red Teams struggle to keep up and how automation can help
- What to look for in automated breach and attack simulation tools
Konstantinos Evangelakos, Director Field Engineering - East, XM Cyber
Wednesday 13th November 2019
09:30-10:15 Assess the Human Element in Cyber Risk
Insider threat via a company’s own employees (and contractors and vendors) is one of the largest unsolved issues in cybersecurity. On the surface, defining insider threat seems self-explanatory–a source of potential danger or harm to an organization stemming from someone that is within or part of an organization. There are, however, varied sources and motivations of insider threat.
- Illustrate the ways insiders create risk
- Introduce ways to reduce insider risks and create a culture of security
- Assessing the Human Element in Cyber Risk Analysis
Todd Thorsen, Senior Manager, Security Risk & Compliance, Code42
10:30 - 11:15 Fight against New Threat Paradigms with Cyber Threat Intelligence
The history of network security efforts had primarily been focused on protecting connections to and from the network. After several years, threats began to shift and new threats required traditionally separate security tools to work together, to inspect and secure data. Today, as society continues to shifts towards a digital economy, security tools that can effectively defend against new threat paradigms are only as effective as the threat intelligence behind them thus, the race between IT professionals and cybercriminals continue.
- Learn what threat intelligence is, how it works and how it can be utilised
- Discover new interconnected threat intelligence skills and strategies
- Prepare, prevent, and identify cyber threats looking to take advantage of your resources
Wade Woolwine, Principle Researcher, Rapid7
11:30-12:15 101 Guide to Security Automation
If you are dealing with too many manual changes processes, burdening an overworked staff, this webinar is a must-attend for you. You’ll learn how to use security automation to reduce the opportunities for mistakes and misconfigurations by taking the drudge work off your staff and fast-tracking traditional SecOps.
- Eliminate bottlenecks that plague traditional change processes
- Decrease errors by standardizing more areas of their security
- Support the dynamic demands of their agile/DevOps customers
Tim Woods, VP, Technology Alliance, FireMon
12:30-13:15 Panel Discussion: Who is responsible for Cyber Security in the enterprise?
Cyber Security is still primarily seen as an ‘IT issue’ and this often means that security often gets “bolted on” rather than embedded in a company’s ecosystem. In this panel discussion, discover why everyone within the business is responsible for Cyber Security and how to educate the enterprise on safeguarding customer data.
- Improve security by creating a culture of healthy suspicion
- Encourage the executive board to communicate policies
- Ensure best practice is maintained throughout your business
Kim Parham, Information Governance Compliance Analyst, Yum! Brands
Kayne McGladrey, Director of Security & IT, CIO, CISO, Pensar Development
Seth Eichenholtz, Head of eDiscovery and Head of Insider Threat Risk Management, Mastercard