Day 2 - 29 November 2018
Enterprise Security – Emerging Tech & Regulations: Chair’s welcome and opening comments
Panel: The role of regulations & standards for cybersecurity
- What does the concept of standards really mean in the context of cybersecurity?
- Exploring corporate assocaition vs government based policies such as those from NIST, Cloud Security Alliance, FTC etc…
- Can a verticalized approach to standards work?
- What is current US regulation in this area?
Keynote: Legal implications of high profile data breaches
What are the legal implications of data breaches? This talk will look at some recent examples and discuss current legislature in the US and beyond surrounding data breaches. How does shared responsibility for cyber security along the stack add complexity to this issue?
How will GDPR affect IoT & Blockchain users and vendors?
- In May 2018, the European General Data Protection Regulation, also known as GDPR, becomes enforceable.
- Discussing the fundamentals of GDPR, and the effect it will have for companies using and making IoT & Blockchain products.
- Who are the stakeholders affected and how can help you decipher this legislation?
- Will implementation of the GDPR limit innovation in the countries where it applies compared to ROW? Discussing models used in other parts of the world.
Panel: Exploring Identity Access Management
Despite the best efforts of cyber security professionals to update systems and protect against vulnerabilities, if access to these systems is not managed correctly, attackers could gain access resulting in costly data breaches. Hence identity & access management (IAM) is a key component of modern cyber security planning and implementation. Controlling the use and issuance of administrative passwords in key. This panel will analyse the following:
- What factors need to be considered when implementing IAM systems?
- The role will technologies like Blockchain, and biometrics have in IAM?
- How important is IAM for cloud based systems, and what do security professionals have to consider differently?
Afternoon Keynote: The rise of AI led cyber security and threat detection – stopping attacks before they happen
- How machine learning and artificial intelligence can be used to improve threat detection and management
- Machine learning going beyond traditional SIEM (security information and event management) methods
- Why multi-cloud and more complex cloud environments mean more attack vectors
Keynote Panel: Evolving cyber intelligence landscapes
- Role of private, enterprise and governmental agencies in cyber intelligence – how is information shared across these?
- What is the difference between tactical, technical, strategic and operational cyber threat intelligence?
- The increasing role of automation, AI and machine learning for gathering and processing intelligence relating to cyber threats
- Discussion of best practices for gathering and acting upon cyber threat intelligence
Cloud security – is Blockchain the missing link?
This session will explore how Blockchain technology can aid with securing the cloud, addressing issues such as maintaining data integrity and digital ID, plus helping organisations with auditing for compliance.
Panel: Cyber security for financial services
- What are the specific issues and threats around cybersecurity for the financial services sector?
- Where do all the players within financial service organisations fit into cyber security from server room (engineers, developers, technicians) to the board room (CROs, CIOs, CISOs)?
- Discussing data breaches in this sector and the consequences.
Emerging threats in healthcare – Ransomware and DDoS
- Hospitals and healthcare providers are using more and more connected devices and storing more patient data than ever in the cloud – what are the risks?
- Discussing threats from DDos using medical devices to ransomware attacks on private patient data.
- How can organisations recover their reputations and trust after medical data breaches?
This session will address some of the latest phishing attacks and explore what developers, companies and users can do to protect themselves and their organisations. From discussing what developers can do, to augmenting application security and controls with clear corporate communications across desktop and mobile.