Day 1 - 13 November 2019

Developing Security Solutions

Gartner predicts that over $75 billion will be spent worldwide on infrastructure protection and security services in 2019.  As cloud computing takes a forefront for both consumer and enterprise computing, development of cloud security solutions is due to make up a large proportion of that spending.  With so much data now being stored in the cloud, the need for secure infrastructure is imperative.  On Day 2, we then shift focus to discussing compliance and regulation in the wider cyber security ecosystem, as well as taking a deep dive into threat management.

09:30AM

John Kinsella

President of the board - CSA Silicon Valley Chapter

Cloud Security Alliance

Associated Talks:

09:30AM - Day 1

View Developing security solutions: Chair’s Welcome and Opening Remarks

View Full Info

Developing security solutions: Chair’s Welcome and Opening Remarks

. John Kinsella, President of the board - CSA Silicon Valley Chapter, Cloud Security Alliance

09:50AM

Senior Representative, Extreme Networks

Extreme Networks

.

Associated Talks:

09:50AM - Day 1

View Developing an effective cloud cyber security solution

View Full Info

Developing an effective cloud cyber security solution

With more and more businesses using cloud services to expand and modernise their business, how can we prioritise security whilst still staying in budget? This talk will cover best practices to consider.

. Senior Representative, Extreme Networks, Extreme Networks, .

10:20AM

Greg Carpenter

Product Owner for CIS Cloud

Center for Internet Security

Associated Talks:

10:20AM - Day 1

View Cloud INSecurity – Doing your part in the Shared Security model for Cloud Computing

View Full Info

Steve Gold

Vice President Cybersecurity Solutions

Center for Internet Security

Associated Talks:

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

10:20AM - Day 1

View Cloud INSecurity – Doing your part in the Shared Security model for Cloud Computing

View Full Info

Cloud INSecurity – Doing your part in the Shared Security model for Cloud Computing

Moving to the cloud can be scary as you’re putting your environment in someone else’s hands. The hardest part is ensuring that the best practices you follow for your on-premise environment are changed and retrofit to your cloud environment. The Cloud provider will only go so far and you’re responsible for securing your own systems, services and applications. This session will cover how implementing the foundational cybersecurity best practices provided by the Center for Internet Security can help provide peace of mind when moving to the cloud. Hear how the CIS Controls, CIS Benchmarks and the CIS Hardened Images help you start secure and stay secure.

. Greg Carpenter, Product Owner for CIS Cloud, Center for Internet Security
. Steve Gold, Vice President Cybersecurity Solutions, Center for Internet Security

10:50AM

Cyber security Posture – how good is your overall cybersecurity strength?

  • Benefits of taking a holistic approach to cyber security, and how it improves the strength of your organisations cyber security
  • Examining policies, procedures and control mechanisms of different hardware, software, & cloud solutions – what else needs considering?
  • How to measure the other aspects of your overall security offering – including practices, processes, and the human behaviour.

11:20AM

Networking Break

11:50AM

Michelle Koblas

Communications Director

ISSA

View Full Info

Rakesh Radhakrishnan

Director (Cloud Security) - Strategy, Architecture & Innovation

BMO Financial Group

Associated Talks:

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Steve Gold

Vice President Cybersecurity Solutions

Center for Internet Security

Associated Talks:

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

10:20AM - Day 1

View Cloud INSecurity – Doing your part in the Shared Security model for Cloud Computing

View Full Info

Joshua Fritsch

VP Technology

AccuWeather

Associated Talks:

03:40PM - Day 2

View Preparing for a Quantum World: Understanding the impact on Privacy and Security

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Dror Liwer

Co- founder & CiSO

Coronet

Associated Talks:

12:30PM - Day 1

View What happens in the cloud, doesn’t stay in the cloud

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Panel: Sharing responsibility for cloud security

  • Security in the cloud is – and always has been – a two-way street defined as the vendor being responsible for security ‘of’ the cloud – software and hardware – while the customer is responsible for security ‘in’ the cloud – data, OS, identity and access management, and so forth. So why do companies still struggle?
  • Which stakeholders throughout the business and beyond have to take responsibility for cloud security, and what education and training is required?
  • How do consumers fit into all this?
  • Discussing effective strategies for sharing this responsibility effectively from Enterprise.
Moderator: . Michelle Koblas, Communications Director, ISSA
. Rakesh Radhakrishnan, Director (Cloud Security) - Strategy, Architecture & Innovation, BMO Financial Group
. Steve Gold, Vice President Cybersecurity Solutions, Center for Internet Security
. Joshua Fritsch, VP Technology, AccuWeather
. Dror Liwer, Co- founder & CiSO, Coronet

12:30PM

Dror Liwer

Co- founder & CiSO

Coronet

Associated Talks:

12:30PM - Day 1

View What happens in the cloud, doesn’t stay in the cloud

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

What happens in the cloud, doesn’t stay in the cloud

What happens in the cloud, doesn’t stay in the cloud – Why you should re-think who has access to what, from where, and what they can do with it.

. Dror Liwer, Co- founder & CiSO, Coronet

12:50PM

Den Jones

Director of Enterprise Security

Adobe

Associated Talks:

12:30PM - Day 2

View Panel: Digital Identity & Security for modern Enterprise

12:50PM - Day 1

View How to Achieve Network Security ZEN

View Full Info

How to Achieve Network Security ZEN

Finding a balance between a pleasant user experience and stringent security requirements can be a challenge, but Adobe’s Zero-Trust Enterprise Network (or ZEN) initiative is intended to accomplish that. In this session, we will cover:

  • The guiding principles behind ZEN.
  • How you can leverage existing security technology investments and targeted automation technologies to develop your own ZEN framework.
  • Common issues you might encounter along your journey with guidance on overcoming those issues.
. Den Jones, Director of Enterprise Security, Adobe

01:20PM

Networking Break

02:30PM

Subbu Iyer

VP Product Management

Cequence Security

Associated Talks:

03:40PM - Day 1

View Panel: Red Hot Cyber: Updates on the start-up world

02:30PM - Day 1

View Deep Dive: Protecting API-Based Applications From Automated Bot Attacks

View Full Info

Deep Dive: Protecting API-Based Applications From Automated Bot Attacks

  • Why Public Facing API Applications Pose a Security Risk and Why It Matters
  • Anatomy of Automated API Bot Attacks
  • Challenges with Securing APIs against Automated Attacks
  • Securing API Apps using Cequence Security
  • Product demo
. Subbu Iyer, VP Product Management, Cequence Security

03:00PM

Francesco Cipollone

Head of Security Architecture & Strategy | Director of Events & Strategy

HSBC | Cloud Security Alliance

Associated Talks:

-

View Cloud Security Alliance

03:00PM - Day 1

View Security Architect: slayer of dragons, defender of realms & protector of cybersecurity automation

10:50AM - Day 2

View Panel: The role of regulations and standards for cybersecurity and privacy compliance

View Full Info

Security Architect: slayer of dragons, defender of realms & protector of cybersecurity automation

The talk will take the audience on a journey from the origin of the security architecture, the challenge of cloud security and the role of an architect in the dev-sec-ops world. The talk explains the difference between traditional command and control governance and the solution to avoid starving automation and innovation with traditional security governance. We will look at modern SDLC and what should be deployed step by step in each stage.

. Francesco Cipollone, Head of Security Architecture & Strategy | Director of Events & Strategy, HSBC | Cloud Security Alliance

03:30PM

Training and education for staff – the first line of defence

Protecting against the human factor is still one of the most dangerous parts of securing a business. What are the dangers of uninformed employees and how can you ensure your training policy is up to scratch?

04:00PM

Session Close

Networking Party – 6pm – The Levi’s Stadium

An evening of networking on Wednesday, November 13 from 6pm. Access for Ultimate, Gold & Expo Plus holders in addition to speakers, sponsors, press & exhibitors. Taking place at The Levi’s Stadium, this legendary location has some pretty impressive views & is located just a few minutes walk from the expo venue.  Join us for drinks & networking.

Day 2 - 14 November 2019

10:00AM

Kelvin Coleman

Executive Director

National Cyber Security Alliance

Associated Talks:

10:00AM - Day 2

View Developing security solutions Day 2: Chair’s Welcome and Opening Remarks

View Full Info

Developing security solutions Day 2: Chair’s Welcome and Opening Remarks

. Kelvin Coleman, Executive Director, National Cyber Security Alliance

10:20AM

Senior Representative, Konica Minolta

Konica Minolta Business Solutions

.

Associated Talks:

10:20AM - Day 2

View Increased governance with managed security services

View Full Info

Increased governance with managed security services

To follow soon…

. Senior Representative, Konica Minolta, Konica Minolta Business Solutions, .

10:50AM

Kelvin Coleman

Executive Director

National Cyber Security Alliance

Associated Talks:

10:00AM - Day 2

View Developing security solutions Day 2: Chair’s Welcome and Opening Remarks

View Full Info

Francesco Cipollone

Head of Security Architecture & Strategy | Director of Events & Strategy

HSBC | Cloud Security Alliance

Associated Talks:

-

View Cloud Security Alliance

03:00PM - Day 1

View Security Architect: slayer of dragons, defender of realms & protector of cybersecurity automation

10:50AM - Day 2

View Panel: The role of regulations and standards for cybersecurity and privacy compliance

View Full Info

Jared Ho

Senior Attorney, Division of Privacy & Identity Protection

Federal Trade Commission

Associated Talks:

10:50AM - Day 2

View Panel: The role of regulations and standards for cybersecurity and privacy compliance

View Full Info

Lisa Plaggemier

Chief Evangelist

Infosec

Associated Talks:

10:50AM - Day 2

View Panel: The role of regulations and standards for cybersecurity and privacy compliance

View Full Info

Panel: The role of regulations and standards for cybersecurity and privacy compliance

  • What does the concept of standards really mean in the context of cybersecurity?
  • Exploring corporate association vs government based policies such as those from NIST, Cloud Security Alliance etc…
  • Can a verticalized approach to standards work?
  • What is current USA regulation in this area?
Moderator: . Kelvin Coleman, Executive Director, National Cyber Security Alliance
. Francesco Cipollone, Head of Security Architecture & Strategy | Director of Events & Strategy, HSBC | Cloud Security Alliance
. Jared Ho, Senior Attorney, Division of Privacy & Identity Protection, Federal Trade Commission
. Lisa Plaggemier, Chief Evangelist, Infosec

11:30AM

Erin Joe

Director of Cyber Threat Intellegent Intergation Center

Director of National Intelligence

Associated Talks:

11:30AM - Day 2

View The Challenge of Deterrence in Cyberspace

View Full Info

The Challenge of Deterrence in Cyberspace

Pursuing and defeating cyber-adversaries targeting global US interests and the private sector’s role in helping with deterrence in cyberspace.

. Erin Joe, Director of Cyber Threat Intellegent Intergation Center, Director of National Intelligence

12:00PM

Networking Break

01:30PM

Afternoon Keynote: Threat detection and response techniques – What you need to know

  • Proactive threat detection
  • Combining human and technical elements
  • How security, network and endpoint threat detection software is being deployed and what results are we seeing
  • Real life examples of threat detection in action

02:00PM

Koen Lockefeer

Co-Founder & Board Member

ARMA Instruments

Associated Talks:

03:30PM - Day 1

View Neutrality and Intent in Secure Communication

02:00PM - Day 2

View Neutrality and Intent in Secure Communication

View Full Info

Neutrality and Intent in Secure Communication

  • The risk in smartphones
  • Threat posed by tech giants and nation state actors
  • ARMA G1 Secure Communicator
. Koen Lockefeer, Co-Founder & Board Member, ARMA Instruments

02:10PM

Sharon Mirsky

Co-Founder

Firedome

Associated Talks:

02:10PM - Day 2

View Cybersecurity for the IoT: Firedome Case Study

View Full Info

Cybersecurity for the IoT: Firedome Case Study

To follow soon…

. Sharon Mirsky, Co-Founder, Firedome

02:20PM

Kelvin Coleman

Executive Director

National Cyber Security Alliance

Associated Talks:

10:00AM - Day 2

View Developing security solutions Day 2: Chair’s Welcome and Opening Remarks

View Full Info

Wasif Khan

Director of Ethical Hacking

United Airlines

Associated Talks:

03:00PM - Day 2

View Building a Robust Ethical Hacking Team

02:20PM - Day 2

View Panel: Role of ethical hacking and penetration testing

View Full Info

Tom Schmitt

Global Director for Threat Intelligence

Anheuser-Busch InBev

Associated Talks:

02:20PM - Day 2

View Panel: Role of ethical hacking and penetration testing

View Full Info

Panel: Role of ethical hacking and penetration testing

  • What role white and grey hat hackers can play in developing secure systems?
  • Discussing the challenges and opportunities in this field
  • Real life examples from enterprise of how pen testing and ethical hackers are improving their organisations cyber security.
Moderator: . Kelvin Coleman, Executive Director, National Cyber Security Alliance
. Wasif Khan, Director of Ethical Hacking, United Airlines
. Tom Schmitt, Global Director for Threat Intelligence, Anheuser-Busch InBev

03:00PM

Wasif Khan

Director of Ethical Hacking

United Airlines

Associated Talks:

03:00PM - Day 2

View Building a Robust Ethical Hacking Team

02:20PM - Day 2

View Panel: Role of ethical hacking and penetration testing

View Full Info

Building a Robust Ethical Hacking Team

  • Develop a Threat Model for your entire enterprise
  • Build appropriate verticals and teams (Invest in Sr. talent who find vulnerabilities before the industry)
  • Employ Automation for PenTesting (known & repeatable tests so your team can do the cool work/research)
  • Develop a dashboard with risks for Executive (not technical teams)
. Wasif Khan, Director of Ethical Hacking, United Airlines

03:30PM

Session Close