Enterprise Security

Chairperson’s welcome and opening remarks.

• Why should third-party risk management be central to your cyber security strategy? 
• Identifying a higher risk vendor by using the relevant frameworks. 
• Streamlining metrics effectively to remain secure. 

• Explaining the importance of a zero-trust approach, and how it strengthens a company. 
• Outlining the steps involved when implementing a zero-trust architecture. 
• Adopting culture and leadership skills to sustain a mature cyber security practice. 

• Creating information security policies which are transparent and commonly understood across the organisation.  
• Making employees feel rewarded, empowered, and supported, so they react positively to company guidelines.  
• Introducing a top-down plus a bottom-up approach. 

• Exploring the damaging consequences which social engineering brings to an organisation. 
• Analysing common misconceptions people may have when it comes to engaging with threat actors. 
• Highlighting key trends and behaviours demonstrated by attackers, to increase awareness. 

• Strengthening data security practices and deploying the relevant software, to provide as much automation as possible. 
• Educating the workforce so they can detect when a data loss prevention occurs and know how to respond appropriately. 
• How to categorise and prioritise data, to understand when it is at risk. 

• Recent data privacy laws in various geographical locations. 
• Difficulties when adhering to multiple compliance schemes at once. 
• Challenges for regulators as they try to keep up with rapidly surging cyber security threats. 
• Finding the right cyber security program for assisting with compliance issues. 

• Asking the question of “what are we actually consenting to?” when it comes to cookies. 
• The disastrous consequences of cookie hijacking and cookie poisoning. 
• Which types of cookies should be configured or blocked to enable the strongest privacy protection. 

• Complying with financial crime, cyber security, and data protection regulatory requirements. 
• Implementing the most effective controls to mitigate digital payment security risks. 
• Measuring risk appetite vs risk tolerance. 

• Revealing current statistics of the overall cyber security staff shortage. 
• Considering recruitment issues, such as aiming too high when it comes to certifications, but also hiring individuals with a limited skillset. 
• Speaking about employee retention challenges, with the ever-changing cyber landscape. 

• Data breaches, ransomware and malware, vulnerability of legacy systems, insecure medical devices and equipment, insider threats, DDoS attacks, lack of documented cyber and governance policies, cloud-based threats, phishing attacks, lack of cyber awareness. 
• Controlling systems and data proactively, so they are protected against cyber threats. 
• Emphasizing the importance of information security across the workplace, not allowing data access to all employees. 

End of Day 1 – Chairperson’s closing remarks.