9:00 - 9:45 am SGT -- Matching Your Investment To Security Outcomes: Incident Detection & Response Done Right
What is the value of your organizations's data and assets to an attacker? To have a truly robust cyber defence plan, it is critical that organizations recognize their desired outcomes while dedicating an appropriate amount of resources to achieving them.
Be it a DIY approach or outsourcing to a managed service provider (MSP), fulfilling tasks associated with security compliance or the latest trends is simply "activity without a meaningful purpose." After all, if your business is unique, shouldn't your security challenges and outcomes be unique as well? Join us to learn:
- Why identification of the various sources of cyber risk is critical to implementing a successful security strategy unique to your organization
- Why organizations should focus their efforts on processes and technologies that help them achieve meaningful security outcomes and not simply fulfilling security tasks
- What the modern threat landscape means for you across the industry and the size of your organization
Speaker: Robin Long, Regional Manager, APAC, Incident Detection and Response, Rapid7 (Australia)
10:30 - 11:15 am SGT -- Virtual Think Tank: "New Age Attacks: CISO Strategies To Counter & Remediate"
The threat landscape has grown by leaps and bounds. The World Economic Forum 2018 has, for the first time, put "cyber" as one of the top 5 risks in terms of likelihood. Researches also stay that by 2021, there will at least one "zero-day" attack every day. Malware and fileless attacks are also on the rise. Fileless attacks were included in an estimated 77% of successful data breaches worldwide and 35% of all cyber-attacks are fileless exploits, according to a Ponemon Institute report for 2018. In this context, CISOs and their teams form the fulcrum of an organization's ability to bounce back and maintain business continuity. We look at ways and means to help CISOs evolve continuously and stay ahead of their game, addressing the following issues:
- What are the visible changes that you observe in the threat and attack landscape?
- How is your organisation dealing with this ever-changing landscape?
- How are you evaluating advanced threat detection services?
- How are customer requirements evolving?
- What are you advising customers on how these threats can be managed?
- How do yo udeal with some of the real issues?
- What is your opinion on investment of dollars, focus & energy between "Advanced Detection capabilities versus Prevention capabilities?"
Moderated By: Tarun Kumar, CISO, Nissan Digital India & Deputy Global CISO at Nissan Motor Corp.
Panelists: Bart Kulach, CISO/Chief Architect at NN Life Insurance (Japan)
Udaya Wijesinghe, Sr. Cyber Security Architect, Optus (Australia)
12:00 - 12:45 pm SGT -- The Threat From Within: Dealing With DDOS Attacks Which Originated From The Backyard
The proliferation of IoT devices, 5G mobile devices and the darkweb leads to a new attack vector which sits in your backyard. In 2016, attackers leveraged vulnerabilities in IoT devices to launch massive botnet-based DDoS (ex. Mirai botnet). Over the past two-years, data suggest that a massive DDOS attack has the potential to cause isgnificant disruption in the world. Current security architectures are not effective if the attack originates from their backyard. With today's changing threats, the reality is that security professionals need to continually evaluate and adjust their game plans to remain productive and resilient against cyber threats.
- Why is the threat landscape changing so rapidly in terms of DDOS?
- Why do we need to understand the anatomy of a cyber-attack?
- What is the impact of 5G, IoT and darkweb on cyber security?
- What are the limitations of current cyber security architectures?
- How can you improve cyber security architecture to deal with an emerging threat?
Speaker: Udaya Wijesinghe, Sr. Cyber Security Architect, Optus (Australia)
2:00 - 2:45 pm SGT -- Human Factors: Anticipating The Risk Of Human Error For Robust Cyber Security
- Measuring the risk of malicious intent as the primary motivation behind a data breach
- Mitigation strategies available to you and your workers to avoid data breaches and security compromised by human error
- How to identify which systems require protection, which adversaries are most likely to target your systems and what level of protection is required
Speaker: Bart Kulach, CISO/Chief Architect at NN Life Insurance (Japan)