Day 1 - 13 November 2019

Developing Security Solutions

Gartner predicts that over $75 billion will be spent worldwide on infrastructure protection and security services in 2019.  As cloud computing takes a forefront for both consumer and enterprise computing, development of cloud security solutions is due to make up a large proportion of that spending.  With so much data now being stored in the cloud, the need for secure infrastructure is imperative.  On Day 2, we then shift focus to discussing network security – hearing from industry professionals about their latest solutions, how they work and what results are being seen by the companies using them.

09:30AM

Developing security solutions: Chair’s welcome and opening comments

Hide Details

Cloud Security

09:50AM

Cyber security Posture – how good is your overall cybersecurity strength?

  • Benefits of taking a holistic approach to cyber security, and how it improves the strength of your organisations cyber security
  • Examining policies, procedures and control mechanisms of different hardware, software, & cloud solutions – what else needs considering?
  • How to measure the other aspects of your overall security offering – including practices, processes, and the human behaviour.
Hide Details
More Details

10:20AM

Am I using the cloud securely?

  • Examining the current state of cloud security vs traditional IT systems
  • How do organisation develop cloud strategies that are secure, and account for data storage?
  • What innovations are there, and what more do we need to see to counter emerging threats in the next five years?
Hide Details
More Details

10:50AM

Keynote: Developing an effective cloud cyber security solution

Hide Details

11:20AM

Networking Break

11:50AM

Panel: Sharing responsibility for cloud security

  • Security in the cloud is – and always has been – a two-way street defined as the vendor being responsible for security ‘of’ the cloud – software and hardware – while the customer is responsible for security ‘in’ the cloud – data, OS, identity and access management, and so forth. So why do companies still struggle?
  • Which stakeholders throughout the business and beyond have to take responsibility for cloud security, and what education and training is required?
  • How do consumers fit into all this?
  • Discussing effective strategies for sharing this responsibility effectively from Enterprise.
Hide Details
More Details

12:30PM

Case Study: Cloud access security brokers (CASBs) – the gatekeeper between on-prem and cloud infrastructure

  • What CASBs do and how they differ from more traditional cloud security solutions
  • How CASBs help with shadow IT policies and rising employee use of cloud apps
  • Combining visibility, compliance, data security and threat protection
Hide Details
More Details

12:50PM

Zero Trust Security – the next phase of cloud identity

The next wave of cloud identity is through Zero Trust Security (ZTS). With more apps being used ‘as a service’ in the cloud, and more employees working remotely, traditional identity and access management (IAM) doesn’t cut it today. What’s more, ZTS assumes there will be bad actors both inside and outside your company’s network. 

 This session will explore what Zero Trust Security is, how it relates to organisations today in an IoT-heavy landscape, and how technologies such as machine learning can make an even greater impact. 

Hide Details
More Details

01:20PM

Networking Break

Threat Detection & Response

02:20PM

Afternoon Keynote: Threat detection and response techniques – What you need to know

  • Proactive threat detection
  • Combining human and technical elements
  • How security, network and endpoint threat detection software is being deployed and what results are we seeing
  • Real life examples of threat detection in action
Hide Details
More Details

02:50PM

Cyber Crime: detection, prevention and recovery

Hide Details

03:10PM

Panel: Role of ethical hacking and penetration testing

  • What role white and grey hat hackers can play in developing secure systems?
  • Discussing the challenges and opportunities in this field
  • Real life examples from enterprise of how pen testing and ethical hackers are improving their organisations cyber security.
Hide Details
More Details

04:00PM

Networking Break

04:20PM

Breach and attack simulation

Hide Details

04:50PM

What is next on the threat horizon for 2019: staying one step ahead

  • Recent years have seen cyber attacks on organisations as wide ranging as Facebook, the City of Atlanta and the NHS, but what is likely to be the next big target for cyber criminals in 2019?
  • Are finance and healthcare still major targets? Does the ever rising use of IoT devices influence this?
  • What influence will emerging technology like Blockchain and AI have on future attacks.
  • What new solutions and tactics are available on the market to mitigate these new risks?
Hide Details
More Details

05:20PM

Session Close

Day 2 - 14 November 2019

10:00AM

Developing security solutions Day 2: Chair’s welcome and opening comments

Hide Details

10:20AM

Best practices for Cyber Security Developers

  • How and when to integrate Identity Access Management (IAM) systems throughout development
  • Considering architectures and tools
  • What other aspects do you need to consider best practices for? Performance? Compliance? Testing?
Hide Details
More Details

11:00AM

Panel: The role of regulations & standards for cybersecurity compliance

  • What does the concept of standards really mean in the context of cybersecurity?
  • Exploring corporate association vs government based policies such as those from NIST, Cloud Security Alliance etc…
  • Can a verticalized approach to standards work?
  • What is current USA regulation in this area?
Hide Details
More Details

11:40AM

Legal implications of high profile data breaches

What are the legal implications of data breaches?  This talk will look at some recent examples and discuss current legislature in the USA and beyond surrounding data breaches. How does shared responsibility for cyber security along the stack add complexity to this issue?

Hide Details
More Details

12:10PM

Networking Break

Network Security

10:50AM

Keynote: Protecting your reputation – network security in action

As data is a key asset for all modern organisations,  securing the entirety of your network is of vital importance and a breach can have devastating consequences on all stakeholders involved, most importantly losing the trust of all those involved.  Hence securing your network, from applications, mobile and IoT devices, emails and messaging to data centres and infrastructure is vital.  This Keynote presentation will outline how a robust network security system can maintain the reputation of your business, giving real life examples from across verticals and give step by step practical advice on implementing E2E network security.

Hide Details
More Details

01:30PM

Detecting internal threats with user and entity behaviour analysis (UEBA)

According to Gartner, sales of standalone UEBA solutions are doubling each year and could top $200 million this year. In addition, many vendors are incorporating UEBA capabilities into other security tools, such as security information and event management (SIEM), network traffic analysis, identity and access management (IAM), endpoint security, data loss prevention or employee monitoring tools.

Explore this important technology and the advantages it can add to your security stack in this presentation – discussing the role of AI/ML for UEBA, the need for real time (or near real time) analytics and comparing the threats posed both externally and internally.

Hide Details
More Details

02:00PM

Panel: Breaking the static security approach to application security

Gartner’s report on the app security hype cycle states that IT managers “need to go beyond identifying common application development security errors and protecting against common attack techniques.” With the influx of cloud computing, mobile and IoT device use, breaking the ‘static security approach’ has never been more important in expanding the boundaries of the enterprise network. This panel will address:

  • Where is the perimeter? What should companies secure, and at what stage along the SDLC?
  • Security testing tools vs. application shielding products
  • The challenges of securing apps – anticipating the changing needs of the business and who is responsible for securing apps
  • Trends in application security – virtualisation, DAST and vulnerability detection
  • Recommendations for app-focused security in your business
Hide Details
More Details

02:40PM

Endpoint Security

Hide Details

03:10PM

Case Study: Web Security

Hide Details

03:30PM

Email and messaging security

Hide Details

04:00PM

Session Close