SESSION One: The Future of Enterprise Security and Risk Management
From the IT department to the boardroom – Mapping and Prioritising the Security and Risk Landscape in the new Information Security paradigm
- Governance, Risk and Compliance (GRC)
- Changing perceptions: Information Security as a Business Objective
- Disruptive Technologies – Exploring Opportunities and Risks associated with Mobile, Big Data, IoT, Machine Learning, AI, Cloud Computing
- Effective Risk Management Strategies and Metrics
- Information Security as a business enabler – Devising Policies and Response Mechanisms
- Cyber Threat Risks – Guidance for Business Strategists and Boards
- Defining Risk Appetite and allocating Cyber Security Resources Efficiently
Conference Chair’s Opening Address
Keynote Address: Defending Against Cyber Risk
Cyber adversaries in the UAE regions are becoming sophisticated and stealthy, resulting in targeted attacks that often circumvent traditional security controls. New IT initiatives expand the attack surface and make cybersecurity more complex. And as a consequence many large organizations are losing ground as they attempt to address IT risk with an army of outdated tools and disparate manual processes.
We explore what CISOs should do, the investment being injected into the InfoSec function across the UAE, and government led initiatives in this area.
The Dark Web and Threat Intelligence
The Dark Web has become synonymous with all manner of cyber-crime activities from malware and data leakage through to the publishing of account credentials and hacking.
This session covers what the dark, deep, and surface web really are and why they matter to your business.
Managing new risks: Securing The Fourth Industrial Wave
Disruptive technologies like the IoT, mobile, cloud, big data and blockchain are expanding the cyber-attack surface. The Dyn attack in 2016 showed how exploiting connected devices can have a colossal impact on the internet. As our personal, professional and social lives become more interconnected – and dependent on cyberspace – we ask what emerging risks lie ahead of us and how we can prepare for them.
Building Resilience and Incident Response
Maintaining a discipline of strong cybersecurity has become increasingly difficult at enterprise organisations for a number of reasons. This session explores how you can better manage incidents and respond to breaches.
Insuring Against Ransomware and Cyber Extortion
There are significant consequences attached to cyber breaches. These include among other things the loss of customer data, financial costs, penalties from regulators, disruption of services and reputational damage. What can be done to mitigate the fallout of any breach? What is cyber insurance, what is and isn’t covered?
Questions to the Panel of Speakers
Refreshment Break Served in the Exhibition Area
Why Current Security Techniques are failing
Traditional security approaches are failing to proactively identify and block adversary activity. Most security tools address part of the cyber kill-chain. This session looks at:
- Continuous breach prevention techniques
- Real-time intelligence and monitoring
- Machine learning and automated security
Securing you Cloud
Public cloud solutions have become a problem for managing shadow IT. Its use by employees has created information security concerns for many enterprises. We examine the common approaches to solve the challenges around cloud security.
Questions to the Panel of Speakers and Delegates move to the Seminar Rooms
Networking Lunch Served in the Exhibition Area
SESSION Two: Building Resilience, Mitigating Risks, Sharing Best Practice
Sharing lessons learned, new innovations and stratagems for operational risk management
Conference Chair’s Afternoon Address
Afternoon Keynote Session: Safeguarding the Digital Enterprise
As organisations embrace cloud, mobile and new emerging technologies along with apps and IT consumer trends designed to unlock greater productivity, the digital enterprise is proving to be more diverse and connected than ever before.
How can businesses improve resilience against targeted and persistent cyberattacks? What can business executives so to get better returns on cyber security investment? How can security help to move business in new directions?
PCI and PII: Helping to Secure your Data
Organisations are acquiring, using and storing vast amounts of personally identifiable information – from information on employees through to customers, residents and patients. Precautions have to be taken to prevent loss, unauthorised access, leak or theft of this data. We cover what data is at risk and what you can do to protect it.
Intelligent Security in Action
Intelligent systems are becoming the must-have took to effectively respond to security challenges in real-time. We look at machine learning and advanced data analytics, and their role in modern threat detection.
Questions to the Panel of Speakers
Afternoon Networking and Refreshments served in the Exhibition Area
SESSION Three: Managing and Implementing a Secure ICT Infrastructure
Sharing best practice on how to analyse vulnerabilities in your ICT infrastructure and eliminate them
How to Prevent a Breach Before It Happens
We consider such things as:
- Measuring organisational risk appetite and adopting an information-centric approach to measuring and managing risk
- Best practice in securing endpoint computing devices
- Establishing an acceptable usage policy
- Trust-based policy controls and technical controls
- A consideration of legal rights and user privacy
- Creating user-awareness about responsibilities and standards
- Remote lock/wipe facilities, data recovery methods
Securing Endpoints – Mitigating Mobile Risks
The always on, always connected enterprise where sensitive data can be accessed anywhere at any time presents both opportunities and risks. Organisations can no longer afford to operate without endpoint protection. We explore the risks of mobility and how, when effectively secured, it can unlock savings and efficiencies for large enterprise.
Building an Effective Incident Response Plan
An incident response plan is fundamental to managing data breaches. No organisation can afford to be caught off guard. We explore:
- What a robust response plan looks like
- Key metrics organisations should be mindful of
- Policy implementation considerations
- Employee and management level buy-in
- Best practice on information governance