Day 1 - 13 November 2019

Developing Security Solutions

Gartner predicts that over $75 billion will be spent worldwide on infrastructure protection and security services in 2019.  As cloud computing takes a forefront for both consumer and enterprise computing, development of cloud security solutions is due to make up a large proportion of that spending.  With so much data now being stored in the cloud, the need for secure infrastructure is imperative.  On Day 2, we then shift focus to discussing compliance and regulation in the wider cyber security ecosystem, as well as taking a deep dive into threat management.

09:30AM

Developing security solutions: Chair’s Welcome and Opening Remarks

Hide Details

09:50AM

Cyber security Posture – how good is your overall cybersecurity strength?

  • Benefits of taking a holistic approach to cyber security, and how it improves the strength of your organisations cyber security
  • Examining policies, procedures and control mechanisms of different hardware, software, & cloud solutions – what else needs considering?
  • How to measure the other aspects of your overall security offering – including practices, processes, and the human behaviour.
Hide Details
More Details

Cloud Security

10:20AM

Am I using the cloud securely?

  • Examining the current state of cloud security vs traditional IT systems
  • How do organisation develop cloud strategies that are secure, and account for data storage?
  • What innovations are there, and what more do we need to see to counter emerging threats in the next five years?
Hide Details
More Details

10:50AM

Keynote: Developing an effective cloud cyber security solution

Hide Details

11:20AM

Networking Break

11:50AM

Joshua Fritsch

VP Technology

AccuWeather

Associated Talks:

03:40PM - Day 2

View Preparing for a Quantum World: Understanding the impact on Privacy and Security

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Senior Representative, Coronet

Coronet

.

Associated Talks:

12:30PM - Day 1

View Case Study: Cloud access security brokers (CASBs) – the gatekeeper between on-prem and cloud infrastructure

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Panel: Sharing responsibility for cloud security

  • Security in the cloud is – and always has been – a two-way street defined as the vendor being responsible for security ‘of’ the cloud – software and hardware – while the customer is responsible for security ‘in’ the cloud – data, OS, identity and access management, and so forth. So why do companies still struggle?
  • Which stakeholders throughout the business and beyond have to take responsibility for cloud security, and what education and training is required?
  • How do consumers fit into all this?
  • Discussing effective strategies for sharing this responsibility effectively from Enterprise.
. Joshua Fritsch, VP Technology, AccuWeather
. Senior Representative, Coronet, Coronet, .
Hide Details
More Details

12:30PM

Senior Representative, Coronet

Coronet

.

Associated Talks:

12:30PM - Day 1

View Case Study: Cloud access security brokers (CASBs) – the gatekeeper between on-prem and cloud infrastructure

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Case Study: Cloud access security brokers (CASBs) – the gatekeeper between on-prem and cloud infrastructure

  • What CASBs do and how they differ from more traditional cloud security solutions
  • How CASBs help with shadow IT policies and rising employee use of cloud apps
  • Combining visibility, compliance, data security and threat protection
. Senior Representative, Coronet, Coronet, .
Hide Details
More Details

12:50PM

Den Jones

Director of Enterprise Security

Adobe

Associated Talks:

12:30PM - Day 2

View Panel: Digital Identity & Security for modern Enterprise

12:50PM - Day 1

View How to Achieve Network Security ZEN

View Full Info

How to Achieve Network Security ZEN

Finding a balance between a pleasant user experience and stringent security requirements can be a challenge, but Adobe’s Zero-Trust Enterprise Network (or ZEN) initiative is intended to accomplish that. In this session, we will cover:

  • The guiding principles behind ZEN.
  • How you can leverage existing security technology investments and targeted automation technologies to develop your own ZEN framework.
  • Common issues you might encounter along your journey with guidance on overcoming those issues.
. Den Jones, Director of Enterprise Security, Adobe
Hide Details
More Details

01:20PM

Networking Break

02:30PM

Securing cloud-deployed containers

Cloud-deployed containers and container orchestration systems are becoming mainstream. Vulnerabilities and exploits associated with containers are gathering pace; however, the best practice of securing containers continues to be overlooked.

Hide Details
More Details

03:00PM

Francesco Cipollone

Head of Security Architecture & Strategy | Director of Events & Strategy

HSBC | Cloud Security Alliance

Associated Talks:

03:00PM - Day 1

View Application security at scale

03:30PM - Day 1

View Panel: Static to erratic? Appsec & the cloud

View Full Info

Application security at scale

. Francesco Cipollone, Head of Security Architecture & Strategy | Director of Events & Strategy, HSBC | Cloud Security Alliance
Hide Details
More Details

03:30PM

Francesco Cipollone

Head of Security Architecture & Strategy | Director of Events & Strategy

HSBC | Cloud Security Alliance

Associated Talks:

03:00PM - Day 1

View Application security at scale

03:30PM - Day 1

View Panel: Static to erratic? Appsec & the cloud

View Full Info

Panel: Static to erratic? Appsec & the cloud

  • How have public cloud environments changed traditional security approaches?
  • Where is the perimeter? What should you secure, and at what stage in development?
  • What does the Zero Trust approach mean for appsec?
  • Best practices for cloud based application security
. Francesco Cipollone, Head of Security Architecture & Strategy | Director of Events & Strategy, HSBC | Cloud Security Alliance
Hide Details
More Details

04:10PM

Hakan Azaklioglu

Senior Manager Security Operations Center

The Home Depot

Associated Talks:

04:10PM - Day 1

View Training and education for staff -the first line of defence

View Full Info

Jessland Baylin

Red Team Manager

The Home Depot

Associated Talks:

04:10PM - Day 1

View Training and education for staff -the first line of defence

02:20PM - Day 2

View Panel: Role of ethical hacking and penetration testing

View Full Info

Heather Gantt-Evans

Senior Director of Security Operations and Cyber Resilience

The Home Depot

Associated Talks:

04:10PM - Day 1

View Training and education for staff -the first line of defence

View Full Info

Training and education for staff -the first line of defence

. Hakan Azaklioglu, Senior Manager Security Operations Center, The Home Depot
. Jessland Baylin, Red Team Manager, The Home Depot
. Heather Gantt-Evans, Senior Director of Security Operations and Cyber Resilience , The Home Depot
Hide Details
More Details

04:40PM

Session Close

Day 2 - 14 November 2019

10:00AM

Kelvin Coleman

Executive Director

National Cyber Security Alliance

Associated Talks:

10:00AM - Day 2

View Developing security solutions Day 2: Chair’s Welcome and Opening Remarks

View Full Info

Developing security solutions Day 2: Chair’s Welcome and Opening Remarks

. Kelvin Coleman, Executive Director, National Cyber Security Alliance
Hide Details
More Details

10:20AM

Best practices for Cyber Security Developers

  • How and when to integrate Identity Access Management (IAM) systems throughout development
  • Considering architectures and tools
  • What other aspects do you need to consider best practices for? Performance? Compliance? Testing?
Hide Details
More Details

10:50AM

Kelvin Coleman

Executive Director

National Cyber Security Alliance

Associated Talks:

10:00AM - Day 2

View Developing security solutions Day 2: Chair’s Welcome and Opening Remarks

View Full Info

Jared Ho

Senior Attorney, Division of Privacy & Identity Protection

Federal Trade Commission

Associated Talks:

10:50AM - Day 2

View Panel: The role of regulations and standards for cybersecurity and privacy compliance

View Full Info

Lisa Plaggemier

Chief Evangelist

Infosec

Associated Talks:

10:50AM - Day 2

View Panel: The role of regulations and standards for cybersecurity and privacy compliance

View Full Info

Panel: The role of regulations and standards for cybersecurity and privacy compliance

  • What does the concept of standards really mean in the context of cybersecurity?
  • Exploring corporate association vs government based policies such as those from NIST, Cloud Security Alliance etc…
  • Can a verticalized approach to standards work?
  • What is current USA regulation in this area?
Moderator: . Kelvin Coleman, Executive Director, National Cyber Security Alliance
. Jared Ho, Senior Attorney, Division of Privacy & Identity Protection, Federal Trade Commission
. Lisa Plaggemier, Chief Evangelist, Infosec
Hide Details
More Details

11:30AM

Legal implications of high profile data breaches

What are the legal implications of data breaches?  This talk will look at some recent examples and discuss current legislature in the USA and beyond surrounding data breaches. How does shared responsibility for cyber security along the stack add complexity to this issue?

Hide Details
More Details

12:00PM

Networking Break

Threat Detection & Response

01:30PM

Afternoon Keynote: Threat detection and response techniques – What you need to know

  • Proactive threat detection
  • Combining human and technical elements
  • How security, network and endpoint threat detection software is being deployed and what results are we seeing
  • Real life examples of threat detection in action
Hide Details
More Details

02:00PM

Koen Lockefeer

Co-Founder & Board Member

ARMA Instruments

Associated Talks:

03:30PM - Day 1

View Neutrality and Intent in Secure Communication

02:00PM - Day 2

View Neutrality and Intent in Secure Communication

View Full Info

Neutrality and Intent in Secure Communication

  • The risk in smartphones
  • Threat posed by tech giants and nation state actors
  • ARMA G1 Secure Communicator
. Koen Lockefeer, Co-Founder & Board Member, ARMA Instruments
Hide Details
More Details

02:10PM

Cyber Crime: detection, prevention and recovery

Hide Details

02:20PM

Jessland Baylin

Red Team Manager

The Home Depot

Associated Talks:

04:10PM - Day 1

View Training and education for staff -the first line of defence

02:20PM - Day 2

View Panel: Role of ethical hacking and penetration testing

View Full Info

Wasif Khan

Director of Ethical Hacking

United Airlines

Associated Talks:

03:00PM - Day 2

View Building a Robust Ethical Hacking Team

02:20PM - Day 2

View Panel: Role of ethical hacking and penetration testing

View Full Info

Panel: Role of ethical hacking and penetration testing

  • What role white and grey hat hackers can play in developing secure systems?
  • Discussing the challenges and opportunities in this field
  • Real life examples from enterprise of how pen testing and ethical hackers are improving their organisations cyber security.
. Jessland Baylin, Red Team Manager, The Home Depot
. Wasif Khan, Director of Ethical Hacking, United Airlines
Hide Details
More Details

03:00PM

Wasif Khan

Director of Ethical Hacking

United Airlines

Associated Talks:

03:00PM - Day 2

View Building a Robust Ethical Hacking Team

02:20PM - Day 2

View Panel: Role of ethical hacking and penetration testing

View Full Info

Building a Robust Ethical Hacking Team

  • Develop a Threat Model for your entire enterprise
  • Build appropriate verticals and teams (Invest in Sr. talent who find vulnerabilities before the industry)
  • Employ Automation for PenTesting (known & repeatable tests so your team can do the cool work/research)
  • Develop a dashboard with risks for Executive (not technical teams)
. Wasif Khan, Director of Ethical Hacking, United Airlines
Hide Details
More Details

03:30PM

What is next on the threat horizon for 2020: staying one step ahead

  • Recent years have seen cyber attacks on organisations as wide ranging as Facebook, the City of Atlanta and the NHS, but what is likely to be the next big target for cyber criminals in 2020?
  • Are finance and healthcare still major targets? Does the ever rising use of IoT devices influence this?
  • What influence will emerging technology like Blockchain and AI have on future attacks.
  • What new solutions and tactics are available on the market to mitigate these new risks?
Hide Details
More Details

04:00PM

Session Close