Day 2 - 29 November 2018
Developing cloud security solutions: Chair’s welcome and opening comments
Fireside Chat: National Cybersecurity Strategy at the DHS
A one on one discussion with Director for Cybersecurity & Innovation covering:
- The recently released National Cybersecurity Strategy and DHS Cybersecurity Strategy, and what implementation means for industry.
- The Department’s risk-based posture towards cybersecurity threats
- Best practices and resources for businesses of any size
Plus an opportunity to ask your questions.
Global Director, Security Architecture
10:20AM - Day 2
Keynote: Here for the beer! How the world’s leading brewer is embracing the cloud and IoT securely.
- AB InBev is the world’s leading beer brewer and a top CPG company. With hundreds of thousands of employees and thousands of facilities globally, scaling up high technology and innovation are key to our digital transformation.
- As ABI embraces the cloud, industrial automation, IoT and Artificial Intelligence, we are faced with many challenges. Learn how we think about security and view it as an opportunity to save money, achieve our sustainability goals and make our consumers happy.
- Inside our breweries around the world, we rely heavily on automation, sensors and technology. Take a walk through a typical brewery and learn how our SOC leverages inputs from Industrial IoT / SCADA security systems to ensure the beer keeps flowing.
ADLINK IoT Solutions & Technology
10:50AM - Day 2
Director of Strategy & Solutions Marketing, Digital Networking
10:50AM - Day 2
Panel: Am I using the cloud securely?
- Examining the current state of cloud security vs traditional IT systems
- How do organisation develop cloud strategies that are secure, and account for data storage?
- What innovations are there, and what more do we need to see to counter emerging threats in the next five years?
11:50AM - Day 2
Security Past the Perimeter: An Immune System for the Cloud
In an age of borderless networks, security for the cloud and security for the corporate network can no longer be separated. Security teams are now presented with the challenge of monitoring and controlling access to these cloud environments, as they represent yet another frontier for cyber-attacks. Complete visibility has never been more important—or more difficult.
Powered by AI, Darktrace’s Enterprise Immune System technology is the only solution to offer real-time visibility and insight into all parts of a network, regardless of its configuration. By learning a ‘pattern of life’ for all networks, devices, and users, Darktrace can detect threats as they arise and autonomously respond in real time – all without impacting server performance.
In this session, learn:
- How new machine learning and mathematics are automating advanced threat detection across today’s borderless networks
- How to gain visibility across virtual environments, third-party clouds, hybrid deployments, and cloud-only infrastructures
- Why AI-driven visibility of both physical and virtual environments allow you to preempt emerging situations by autonomously responding in real time
- What smart prioritization and visualization of threats mean for resource allocation and lower risk
It’s not you, it’s me: How the shared responsibility model for cloud security still slips through
Security in the cloud is – and always has been – a two-way street defined as the vendor being responsible for security ‘of’ the cloud – software and hardware – while the customer is responsible for security ‘in’ the cloud – data, OS, identity and access management, and so forth. So why do companies still struggle?
This talk will address:
- Examples of where shares responsibility model has been effective, and examples where it has failed.
- Where does the vendors responsibility end and the customers start?
- The role of standards and compliance to aiding share responsibility models.
12:50PM - Day 2
Abstracting Application Security in the Cloud using Secure Enclaves
Traditionally, organizations had to worry about the security of their infrastructure in order to ensure privacy, integrity and confidentiality for their critical applications. It required securing the actual machines that the applications were running on. Recent advances in processor architecture introduced support for Secure Enclaves – execution units that enable hardware-grade isolation for application logic, protecting it from compromised or misconfigured infrastructure and creating a tighter security perimeter around the application itself. We explore how this paradigm shift bears the potential to revolutionize application security”.
The Secrets to Build Enterprise Worthy Secure Cloud Services
- Why it is important
- Top challenges and gaps cloud service companies fail to meet enterprise security requirement
- Deep dive – how to build enterprise worthy secure cloud services
- Silver bullet of open standard for cloud security
- The evolving landscape – what’s next
Senior Cybersecurity Analyst, BAE Systems | Chief Technology Officer
BAE Systems | SK2 Tech, LLC
Panel: How artificial intelligence and blockchain are the battlegrounds for the next security wars
- Artificial intelligence, machine learning, and blockchain, are emerging tech cited as key in an increasingly complex security environment, but what challenges do these technologies pose?
- Many key players are using security awareness and infrastructure is a key feature to differentiate themselves within the cloud wars, so how will this dictate how the market evolves?
- As the hyperscalers are moving further up the stack to find the latest battleground – so who is going to come out on top?
- Real life examples of where AI, ML and Blockchain are being utilised for security
Security Team Lead
03:50PM - Day 2
01:10PM - Day 2
Lessons Learned by the WordPress Security Team
Managing security for the WordPress project is a challenge to say the least. The sheer volume of reports, the resulting noise, securing an ageing codebase, handling disclosure – all difficult to handle, but just the tip of the iceberg. How do you keep sites and users secure with so much third-party code? What do you do about hosting environments? How do you educate users? When is it okay to break things to fix security issues and how do you manage reputation when you do? They may not have it all figured out, but over the years they’ve learned a lot – often the hard way. Aaron shares their hard-learned lessons in hopes that it makes things easier on everyone else!