Day 2 - 29 November 2018
Enterprise Security – Emerging Tech & Regulations: Chair’s welcome and opening comments
Panel: The role of regulations & standards for cybersecurity
- What does the concept of standards really mean in the context of cybersecurity?
- Exploring corporate assocaition vs government based policies such as those from NIST, Cloud Security Alliance, FTC etc…
- Can a verticalized approach to standards work?
- What is current US regulation in this area?
U.S. Department of Homeland Security S&T Silicon Valley Innovation Program (SVIP)
10:30AM - Day 2
12:20PM - Day 2
Keynote: Adapting Innovation in Blockchain and IoT for DHS
This session will describe the security, privacy and interoperability lessons learned in adapting Blockchain and IoT technology to meet the needs of the Homeland Security Enterprise, and how the DHS Silicon Valley Innovation Program (SVIP) is partnering with the global innovation community to adapt and harness cutting-edge technologies to address the needs of DHS Operations at startup, rather than government, speed.
Top trends in IAM
Panel: Exploring Identity Access Management
Despite the best efforts of cyber security professionals to update systems and protect against vulnerabilities, if access to these systems is not managed correctly, attackers could gain access resulting in costly data breaches. Hence identity & access management (IAM) is a key component of modern cyber security planning and implementation. Controlling the use and issuance of administrative passwords in key. This panel will analyse the following:
- What factors need to be considered when implementing IAM systems?
- The role will technologies like Blockchain, and biometrics have in IAM?
- How important is IAM for cloud based systems, and what do security professionals have to consider differently?
Deputy Director of the Information Technology Laboratory (ITL)
National Institute of Standards and Technology
12:40PM - Day 2
Afternoon Keynote: NIST’s Role in Cybersecurity and IoT Standards
- NIST IR 8228 – “Considerations for Managing IoT Cybersecurity and Privacy” out for public comment until Oct. 24th
- Cybersecurity baseline for IOT
- The importance of public/private partnerships in standards development
EVP Sales & Marketing
01:10PM - Day 2
Keynote Panel: Evolving cyber intelligence landscapes
- Role of private, enterprise and governmental agencies in cyber intelligence – how is information shared across these?
- What is the difference between tactical, technical, strategic and operational cyber threat intelligence?
- The increasing role of automation, AI and machine learning for gathering and processing intelligence relating to cyber threats
- Discussion of best practices for gathering and acting upon cyber threat intelligence
Professor Dawn Song
Professor, Computer Science Division
02:50PM - Day 2
The rise of AI led cyber security and threat detection – stopping attacks before they happen
Cyber security for financial services
- What are the specific issues and threats around cybersecurity for the financial services sector?
- Where do all the players within financial service organisations fit into cyber security from server room (engineers, developers, technicians) to the board room (CROs, CIOs, CISOs)?
- Discussing data breaches in this sector and the consequences.
Global Software and IT Compliance Lead
03:50PM - Day 2
Vision for the future: Role of cyber risk and security in digital healthcare
In the present innovative healthcare industry( where IT, software are the key components of products), challenges prevail on appropriate regulations existence that ensure the safety and security of the patients/ customer. This presentation is an attempt to share the importance of cyber risk and compliance in the healthcare industry
This presentation is on the following points
- role of IT in digital healthcare
- role of cyber risk and compliance in digital healthcare
- advantages of integrated cyber risk and compliance framework in digital healthcare
This session will address some of the latest phishing attacks and explore what developers, companies and users can do to protect themselves and their organisations. From discussing what developers can do, to augmenting application security and controls with clear corporate communications across desktop and mobile.