Day 1 - 17 March 2020
Developing security solutions: Chair’s Welcome and Opening Remarks
Cyber security Posture – how good is your overall cybersecurity strength?
- Benefits of taking a holistic approach to cyber security, and how it improves the strength of your organisations cyber security
- Examining policies, procedures and control mechanisms of different hardware, software, & cloud solutions – what else needs considering?
- How to measure the other aspects of your overall security offering – including practices, processes, and the human behaviour.
Am I using the cloud securely?
- Examining the current state of cloud security vs traditional IT systems
- How do organisation develop cloud strategies that are secure, and account for data storage?
- What innovations are there, and what more do we need to see to counter emerging threats in the next five years?
Keynote: Developing an effective cloud cyber security solution
Panel: Sharing responsibility for cloud security
- Security in the cloud is – and always has been – a two-way street defined as the vendor being responsible for security ‘of’ the cloud – software and hardware – while the customer is responsible for security ‘in’ the cloud – data, OS, identity and access management, and so forth. So why do companies still struggle?
- Which stakeholders throughout the business and beyond have to take responsibility for cloud security, and what education and training is required?
- How do consumers fit into all this?
- Discussing effective strategies for sharing this responsibility effectively from Enterprise.
Case Study: Cloud access security brokers (CASBs) – the gatekeeper between on-prem and cloud infrastructure
- What CASBs do and how they differ from more traditional cloud security solutions
- How CASBs help with shadow IT policies and rising employee use of cloud apps
- Combining visibility, compliance, data security and threat protection
Zero Trust Security – the next phase of cloud identity
The next wave of cloud identity is through Zero Trust Security (ZTS). With more apps being used ‘as a service’ in the cloud, and more employees working remotely, traditional identity and access management (IAM) doesn’t cut it today. What’s more, ZTS assumes there will be bad actors both inside and outside your company’s network.
This session will explore what Zero Trust Security is, how it relates to organisations today in an IoT-heavy landscape, and how technologies such as machine learning can make an even greater impact.
Securing cloud-deployed containers
Cloud-deployed containers and container orchestration systems are becoming mainstream. Vulnerabilities and exploits associated with containers are gathering pace; however, the best practice of securing containers continues to be overlooked.
Migrating email and messaging security to the cloud securely
Panel: Static to erratic? Appsec & the cloud
- How have public cloud environments changed traditional security approaches?
- Where is the perimeter? What should you secure, and at what stage in development?
- What does the Zero Trust approach mean for appsec?
- Best practices for cloud based application security
Training and education for staff -the first line of defence
Day 2 - 18 March 2020
Developing security solutions Day 2: Chair’s Welcome and Opening Remarks
Best practices for Cyber Security Developers
- How and when to integrate Identity Access Management (IAM) systems throughout development
- Considering architectures and tools
- What other aspects do you need to consider best practices for? Performance? Compliance? Testing?
Panel: The role of regulations and standards for cybersecurity and privacy compliance
- What does the concept of standards really mean in the context of cybersecurity?
- Exploring corporate association vs government based policies such as those from NIST, Cloud Security Alliance etc…
- Can a verticalized approach to standards work?
- What is current EU regulation in this area?
Legal implications of high profile data breaches
What are the legal implications of data breaches? This talk will look at some recent examples and discuss current legislature in the USA and beyond surrounding data breaches. How does shared responsibility for cyber security along the stack add complexity to this issue?
Afternoon Keynote: Threat detection and response techniques – What you need to know
- Proactive threat detection
- Combining human and technical elements
- How security, network and endpoint threat detection software is being deployed and what results are we seeing
- Real life examples of threat detection in action
Cyber Crime: detection, prevention and recovery
Yann van Ewijk
Information Risk Analyst
03:00PM - Day 1
02:20PM - Day 2
Panel: Role of ethical hacking and penetration testing
- What role white and grey hat hackers can play in developing secure systems?
- Discussing the challenges and opportunities in this field
- Real life examples from enterprise of how pen testing and ethical hackers are improving their organisations cyber security.
Breach and attack simulation
What is next on the threat horizon for 2020: staying one step ahead
- Recent years have seen cyber attacks on organisations as wide ranging as Facebook, the City of Atlanta and the NHS, but what is likely to be the next big target for cyber criminals in 2020?
- Are finance and healthcare still major targets? Does the ever rising use of IoT devices influence this?
- What influence will emerging technology like Blockchain and AI have on future attacks.
- What new solutions and tactics are available on the market to mitigate these new risks?