Enterprise Security

Chairpersons welcome and opening remarks.

• Implementing new procedures due to the challenges brought about by remote working, the increase of device usage, and more online activity through additional technologies. 
• Describing challenges around the increase of cyber-attacks on a global scale. 
• Introducing a culture of cyber security in organisations, with more businesses now introducing relevant policies. 

• Understanding different approaches to network and perimeter security in the public cloud and why a lift-and-shift approach will fail
• Building a common framework across multiple clouds and how to leverage it in order to control your cloud network perimeter, enforce policies, and gain insight into critical business telemetry
• Working across business stakeholders in the C-suite, security teams, network engineering, cloud teams, DevOps, finance, and more to achieve a secure cloud network while removing business barriers

• Examples of motivations for posing threats to national critical infrastructure. 
• An update of recent global hacking incidents against government authorities. 
• How to embed security awareness in your company culture. 

• Explaining the importance of a zero-trust approach, and how it strengthens a company. 
• Outlining the steps involved when implementing a zero-trust architecture. 
• Adopting culture and leadership skills to sustain a mature cyber security practice. 

• The balancing act of business disruption or data exposure. 
• Staying abreast of new strategies, technologies and regulations to protect the organisation. 
• Understanding how all areas of the company work, seeing the bigger picture. 

– Explanation of the need for cryptographic agility and post-quantum computing.  

– Overview of challenges and best practices for achieving cryptographic agility.  

– Recommendations for organizations to prepare for post-quantum computing. 

• SIEMs have evolved over the past few decades due to the evolving threat landscape, increasingly complex architectures, and ever-increasing data volume and velocity. In this session, we will cover the history of SIEMs and introduce a new strategy leveraging the concept of detection-as-code to optimize detections and threat hunting.  
• Taking a detection-as-code approach will show how to use a language most already know — Python and SQL. Leveraging the detection-as-code approach, we will also show how to write detections, test them, and introduce software development lifecycle best practices that can be used for version control, collaboration, and integration with your CI/CD pipeline. 

• Creating information security policies which are transparent and commonly understood across the organisation. 
• Making employees feel rewarded, empowered, and supported, so they react positively to company guidelines. 
• Introducing a top-down plus a bottom-up approach. 

Data is the most valuable asset of the modern organization, and as that data continues to grow exponentially, so too do increasingly sophisticated threats, internal risks from deletions, and software-based overwrites to compromise that asset.  The holistic challenge of recovering data that’s been deleted or lost is an expensive and time-consuming endeavor that requires a reliable end-to-end backup and recovery strategy that folds into your disaster recovery (DR) plan. 

Join a data protection specialist from Clumio as we unravel how to overcome these four data recoverability challenges: 

• Finding the data you need to recover 
• Recovering only the data you need, rather than the whole bucket, volume or instance 
• Recovering to another environment if the primary is compromised 
• Getting instant access to large volumes of data 

In the modern hybrid cloud, we are all flying blind. With the rapid expansion into a hybrid and multi cloud we are dealing with multiple data types, multiple tools, and simply not enough context to understand the risks.     

Let’s have a short chat about the high-level aspects of the issue and some suggestions on how to get a handle on the problem. 

• Protecting APIs requires a unified and fully integrated approach that works across the entire API protection lifecycle, protecting all APIs, across all API implementations, channels, and infrastructure environments 
• Public, private and cloud infrastructures are dynamic with developers constantly creating new APIs resulting in an ever-changing API attack surface. Security and services to manage and secure these APIs have not kept up with the pace of infrastructure changes and increased use of APIs. 
• In this session, we’ll look at: 
• The challenges around API protection 
• What CISOs can do to build a strong API protection program 
• The Cequence approach to Unified API Protection 

• Recent developments in MFA, biometrics, ZZO, SSO, and other alternatives to entering passwords; how these are evolving. 
• The pros and cons of eliminating passwords altogether. 
• Technological improvements to assist with authentication processes. 

80% of breaches last year were the result of account takeover. Identities are incredibly hard to protect because the tools used to manage them are not built for security teams and attackers are taking advantage. 

Join this session to discover: 

– The most common identity-based attacks you will face this year 

– How to get a handle on your entire identity population/attack surface 

– Common approaches to identity threat detection 

– Best practices for responding to identity threats 

The advent of the COVID-19 pandemic and the ongoing economic crisis quickly accelerated the evolution of healthcare and its ecosystem. The adaption of digital technologies in healthcare continues to improve healthcare outcomes, such as minimizing costs and improving productivity and patient experience. However, digital technologies also increase cybersecurity risks and related challenges. All stakeholders must understand the cybersecurity challenges to healthcare and act on them.  

The following are the significant challenges that the industry is facing when it comes to protecting patient safety, security, and privacy:

1) Increased cybersecurity risks 

2) Changing regulatory needs  

3) The rapid adoption of digital health, including medical devices, electronic records, & IT networks  

4) Emerging health technologies  

5) Sustaining legacy systems  

6) Visibility to third-party risks. 

View day 2 content here:

• Accelerating Digital Transformation