ESRM EUROPE

Enterprise Security & Risk Management

21 September 2017

Mövenpick Hotel, Amsterdam

SOCIAL


LATEST BLOGS


Public WiFi Security Tips and Tools

9th August 2017

As the number of consumers with mobile devices continues to rise, so too does the demand for reliable internet access. Out of necessity, many businesses […]


UK Hits Record Growth in Cyber Security Personnel

10th February 2017

With the threat of an international cyber security skills shortage looming, the UK’s intensive efforts to reduce the gap in recent years seems to be […]


LATEST TWEETS

PROGRAMME

SESSION One: The Future of Enterprise Security and Risk Management

09.00
The Conference Chair’s Opening Address

Robert Garskamp, Entrepreneur, Advisor on Digital Identity Matters and Founder of the IDnextplatform

09.30
Banking Case Study

Christian Goiceanu, Chief Security Officer, Banca Comerciala Romana Erste Bank

09.50
The New Era of Cyber-Threats: The Shift to Self-Learning, Self-Defending Networks

Director, Darktrace

In this session, learn: 

  • The implications of the new era of cyber-threats for business networks
  • Why legacy approaches like rules and signatures are proving insufficient on their own
  • How new immune system technologies are imperative for the next generation of cyber-defense
  • Why 100% network visibility and intelligence allow you to preempt emerging situations, in real time 
  • Real-world examples of subtle threats that routinely bypass traditional controls
10.10
Case Study: Rothschild Bank

Dimitri Chichlo, ‎VP Information Security & BCM at Edmond de Rothschild

10.30
Great Security Starts with IT

Director of Endpoint Detection and Response, Tanium

A good deal of data breaches could have been avoided or dealt with better if organisations had strong security fundamentals. It is vital to get the simple things right. How many endpoints are connected to your network? How many have the latest version of Flash installed? If you can’t answer these questions accurately with confidence and at speed, security hygiene is broken.

 

10.45
Questions to the Panel of Speakers
10.55
Morning Networking and Refreshments Served in the Exhibition Area
11.20
Exploring the role of CISO

Phil Cracknell, Group CISO (Interim), Homeserve plc and Founder and Chairman of ClubCISO

Today any business is dependent on broad and deep knowledge of information, physical and environmental security, risk management, business continuity preparedness, and staff awareness. Companies need to be resistant to DDoS, hacktivist, spam, many shades of phishing, natural disasters, political changes, and riots. Businesses are facing multiple dangers including data leakages, personnel misconduct and insider violations. In this presentation, we explore the role of a resilience and security officer, who needs to be supported by subject matter experts in order to provide a holistic approach, respond to threats and vulnerabilities.

 

11.40
What Boards Need To Know About Cyber Risk

Vince Warrington, Cyber Security Specialist

Studies show that cyber risk is poorly understood at Board level. Too often the information presented is technical in nature, introduces concepts the Board may not be familiar with, or is just presented in a format which is incompatible with their requirements. This session will inform you on how best to present on cyber security risk at Board level, giving you confidence that your requirements will be understood and acted upon. We’ll also cover how using metrics can help your case, and how you should approach a security breach.

12.00
Questions then Delegate Movement to the Seminar Rooms
12:15
Seminar - Compliance to Enablement: Enterprise Security Architecture & GDPR

With GDPR looming on the horizon for next year, many European enterprises are focusing on the very real challenges of compliance. In this session, we will show how the SABSA Enterprise Security Architecture Methodology’s focus on enabling the business delivers legal and regulatory compliance in ways that enable the business through improved effectiveness, efficiency and competitive advantage.

We will demonstrate business enablement throughout the SABSA lifecycle: from understanding enterprise goals and objectives; identifying the opportunities and threats related to new regulatory requirements to define enablement and control objectives into using these objectives to drive design, implementation, and operations. The SABSA approach provides the means to deliver business-driven compliance that enables a business to achieve its goals, rather than a compliance-driven business tied-up in regulatory knots.

13:00
Networking Lunch Served in the Exhibition Area

SESSION Two: Building Resilience, Mitigating Risks, Sharing Best Practice

Sharing lessons learned, new innovations and stratagems for operational risk management

14.00
Conference Chair’s Afternoon Address

Robert Garskamp, Entrepreneur, Advisor on Digital Identity Matters and Founder of the IDnextplatform

14.05
Case Study - Jacobs Douwe Egberts

Plamen Dimitrov, Global IT Security Manager, Jacobs Douwe Egberts

14.25
IMPLEMENTING AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) TO MAKE COMPLIANCE AND SECURITY A SUSTAINABLE REALITY

In the last few years, both IT and Regulatory environments have been getting increasingly sophisticated which is requiring firms of all sizes, to find simpler and more sustainable solutions to keep their risks under control. To this end, the ISO organisation has introduced the ISO27001 standard to help identify, manage and reduce business and information Security risks. During this sitting, we will cover some of the key points related to the ISMS implementation, based on practical experience.

14.40
Case Study

Zari Haji Rasoul, Information Security Officer, Gemeente Den Haag

15.00
Questions to the Panel of Speakers
15.10
Afternoon Networking and Refreshments Served in the Exhibition Area

SESSION Three: Managing and Implementing a Secure ICT Infrastructure

Sharing best practice on how to analyse vulnerabilities in your ICT infrastructure and eliminate them

15.40
Pragmatic Information Risk Management

Wil van Egdom, Information Security Officer, Greenpeace International

Good information risk management is a challenge for many organisations, especially for smaller NGOs with less budget and limited resources. Often work stops at risk analysis, i.e. creating a risk register which will successively gather dust in a drawer. In this presentation we look at how Greenpeace have chosen a pragmatic approach to manage their information security risks. An approach that maps a best practice set of information security measures to ten most relevant risks and that uses the Risk & Compliance Management tool; Easy2Comply.

16.00
THE IMPACT OF EU GENERAL DATA PROTECTION REGULATION ON YOUR (IT) ORGANISATION

On December 15, 2015, the European Parliament, the Council and the Commission reached an agreement on the new data protection rules, establishing a modern and harmonised data protection framework across the EU – the General Data Protection Regulation (“GDPR”). You might have already adopted privacy processes and procedures, but are you confident you have covered all the new GDPR rules to prevent significant fines and penalties for non-compliant data controllers and processors once it comes into force in the spring of 2018?

16.15
Seven Deadly Sins of a Risk Officer

Exploring the Risk Officer’s role in a changing environment and how to identify strengths and means to integrate into a new environment. The speaker will share his thoughts and reflections on lessons learned from having worked in risk management and internal controls in various environments.

16.30
Questions to the Panel of Speakers
16.40
Conference Chair’s Closing Remarks
16.45
Conference Closes, Delegates Depart