Leveraging inconvenient truths

10th e-Crime & Cybersecurity Mid-Year Summit
October 18th, 2018, London, UK

 

The first era of cybersecurity is over. It was an era of myths and half-truths that obscured the business realities of both providing and implementing cybersecurity, driven partly by venture capitalists and entrepreneurs jostling for position on the bandwagon, and partly by confusion among end-users over the nature of cyber-risk and the appropriate risk management structures and staffing.

But it’s time to confront the inconvenient truths of cybersecurity. Unless we do, cybersecurity effectiveness will continue to fall as spending rises, the cybersecurity industry’s credibility as a whole will suffer and ultimately end-users will turn to government and regulation to enforce security at a more fundamental level.

So what are some of these inconvenient truths? 

  • Cybersecurity is just another operational risk and needs to be managed like one.
  • Cybersecurity is a business risk and so must be evaluated like any other business proposition.
  • Companies will not definitely experience an existential threat to their operations from a cyber attack.
  • Everything cannot be protected equally.
  • Most companies cannot afford on-premise cybersecurity or even IT. The answer is the Cloud but security there is still a huge problem. 
  • Third-party security is a bigger issue than your own security and management by questionnaire is absurd.
  • Cybersecurity spending should be tailored to the threats and vulnerabilities specific to a particular organization – so all cybersecurity should be based on threat intelligence.
  • Current cybersecurity strategies are not scalable to the threat: only automation offers an answer.
  • Physical and cybersecurity are not separate and must be managed together.
  • Cybersecurity solution providers must work together to share threat information and ensure interoperability.
  • Most cybersecurity solution providers in existence today will not be around in the same form in three years’ time.
  • The current unwillingness to disclose breach and loss data and to detail cybersecurity precautions is untenable as stakeholders, customers and government demand this governance information and companies begin to use cybersecurity as a competitive differentiator.

The list goes on. Some end-users and solution providers are already working to these assumptions. Those that do will increasingly pull ahead.

e-Crime and Cybersecurity Mid-Year 2018 will look at the realities of achieving cybersecurity and resilience today. What is realistic? Which solutions providers can deliver it? Who at end-users should be making the key decisions? And what is the true role of the CISO in all this? 

  • Cybersecurity for the SME

    • Even large SMEs cannot resource large in-house IT/security. Solutions?
    • Cost versus risk: proving the value of cyber for the SME
    • Cloud solutions for ‘normal’ companies – what makes sense?
  • Intelligence-based cybersecurity

    • The importance of threat intel in budgeting for cyber risk
    • Matching threat intel with vulnerability assessment
    • Getting solution providers to work together
  • Ensuring enterprise scalability

    • How to build a scalable technology and team
    • Long-tail, Big Data – solving the core cyber scale problem
    • Do your solutions and stack scale to enterprise and threat?
  • Cyber-physical security: a holistic approach

    • Why physical security and cybersecurity must be managed together
    • The implications for the CISO and the security teams
    • Which solutions recognise the combined nature of next generation cyber-physical risks?
  • Cybersecurity: a core risk management discipline

    • Prove your cybersecurity wish-list is appropriate to the business
    • Making cyber part of existing operational risk processes
    • Getting buy-in from the CFO 
  • Taking third-party security seriously

    • Going beyond questionnaires – real solutions to the problem
    • Technology versus people versus process
    • Third-party security as a governance issue: helping your supply chain
  • Keeping up with the regulators

    • The latest insights and information on the GDPR and NIS
    • Ensuring that the organisation is compliant with all relevant national and international legal and governance requirements, including those which apply to outsourced third parties
    • Delivering cost-effective security solutions to ensure compliance with regulations and best-practice standards, such as PCI DSS, ISO 27001, and SOX
    • Ensuring compliance is not just 'tick a box' for the auditors but also reduces risk and improves security capabilities and business efficiency
  • Prepare for transparency now

    • Stakeholders are demanding information today
    • Cybersecurity attitude is untenable from a business perspective
    • Cybersecurity is governance and governance is public

Who attends

Job titles

Global Manager, Service Continuity
CISO
Head of Payments
Global IS Manager
Head of Digital Risk
Group I.T. Audit Manager
Global Security Supervisor
Head of Penetration Testing
Chief of Cybercrime Section
CISO, Head of Information Security
Global Head I.T. Governance
Head of ISAG
Global Fraud Risk Controller
Head of Global I.T. Security
Head of Data Protection
CISO
Head of I.T. Security Risk Management
Global IS Risk Manager
Global Head of IT Security
Head of Information Security Risk
CISO, Head of Digital Security & Risk
Group Finance & Compliance Director
Chief Security Officer
Chief Information Officer
Head of Cybercrime Unit
Head of Cyber Threat Intelligence
Head of Internal Audit
Head of I.T. Security
Chief Information Security Officer
Group I.S. Manager
Chief Executive
Head of Emergency Response
Head of I.T. Security
Director Of Information Security
Chief Information Security Officer
CISO
Head of Operational Risk Management
Group Data Security Manager
Head of Information Security
CIO
Head of Specialist Crime
Director of Security
Head of Informantion Security Risk
Head of Cyber & Investigations
Chief Information Security Officer
Head of Group I.T.
Head of Information Security
Global Head of Fraud Investigations
Chief Information Security Officer
Global Security Manager
Group CISO
Chief Information Security Officer
Director Global Investigations
Head of Policy & Performance
Head of Information Security
Global Head of Cyber Intelligence
Head of Information Security
Director Cybercrimes
Head of Payments & Fraud
Director of Risk & Compliance
Head of Information Security
Head of I.T. Security Operations
Group Information Security Manager
Head of Operational Security
Head of Payment & Financial Crime
Chief Information Security Officer
Head of Internal Audit
Head of Information Security
Head of IT Risk & Control
Director Enterprise Technology
Head of Business Controls
Director
Director of Security
Head of Cybercrime Investigations
Head of I.T. Security
Director, Global Security
Group I.T. Security Officer
Head of I.T.
Head of Risk & Resilience
Director Group Risk Management
Head of Investigations
Head of Customer Security
Chief Technology Risk Officer
Group Fraud Manager
CISO
Chief, Cyber Crimes
Chief Risk Officer
Head of Business Risk
Group IT Security Analyst
CIO Risk Manager
Group Infrastructure Manager
Head of Operations & Infrastructure
Head of Technical Support
Head Cybersecurity Operations
Head of Fraud Oversight
Director, Technical Investigations
Director
Global I.T. Security & Compliance
Director, Information Security

Companies

Trafigura
GE Capital
Babcock International Group
Scotia Gas Networks
Telefónica O2
Bank of America Merrill Lynch
ING
Catella Bank
Channel 4
H&M
BP
John Lewis Partnership
Royal Canadian Mounted Police
Experian
Jordan Cyber Crime Project
Zamir Telecom
John Wiley & Sons
Halma
Zurich Financial Services
Security Service of Ukraine
HSBC
British Medical Association
Romanian Directorate
TUI Travel
Markit
Western Union
Pennant International Group
TSL Education
Liverpool Victoria
The Finance Practice
Camelot Group
Capital One
Noble Group
HSBC
Dixons Carphone
Halma
Ghana International Bank
British American Tobacco
First Rate Exchange Services
Unum Provident
Santander
Rexam
Matalan
John Lewis Partnership
Home Retail Group
Allen & Overy LLP
ITV
Virgin Money
Spamhaus
Rank Group
EveryMatrix
Shop Direct
Sky
QVC
Lloyds Banking Group
General Motors Corporation
Tullett Prebon
Atcore Technology
Department of Homeland Security
Aviva
CIFAS
Premier Oil
HSBC
Rothschild
HSBC
Liverpool Victoria
Permanent TSB
Auto Trader
Public Health England
Selfridges
NBC Universal
Office of Civil Nuclear Security
UBM
Citigroup
SABMiller
Legal & General
Post Office
JD Sports
CERT-UK
Eurostar
Mayer Brown LLP
Swiss Re
UBS
Open University
The Bank of Tokyo - Mitsubishi UFJ
Dixons Carphone
Post Office
JustGiving
Bank of America Merrill Lynch
FIA Pakistan
Norgren
GE Capital
City of London Police
Unipart Group
Heathrow
Inmarsat
Modern Times Group
Ocado
Capital One

Industries

Banking
Industrial Engineering
Industrial Engineering
Oil/Gas
Telecommunications
Banking
Banking
Banking
Media
Retail
Oil/Gas
Retail
National Law Enforcement
Banking
National Law Enforcement
Telecommunications
Retail
Electronic/Electrical Equipment
Insurance
Central Government
Banking
Healthcare
National Law Enforcement
Travel/Leisure/Hospitality
Media
Banking
Aerospace/Defence
Media
Insurance
Banking
Casinos/Gaming
Banking
Mining/Metals
Banking
Retail
Electronic/Electrical Equipment
Banking
Food/Beverage/Tobacco
Banking
Insurance
Banking
Household/Personal Products
Retail
Retail
Retail
Legal
Media
Banking
Charity
Casinos/Gaming
Software
Retail
Media
Retail
Banking
Automobiles/Parts
Banking
Banking
Central Government
Insurance
Central Government
Oil/Gas
Banking
Banking
Banking
Insurance
Banking
Media
Central Government
Retail
Media
Central Government
Healthcare Services
Banking
Food/Beverage/Tobacco
Insurance
Transportation/Shipping
Retail
National CERT
Transportation/Shipping
Legal
Insurance
Banking
Education
Banking
Retail
Transportation/Shipping
Charity
Banking
National Law Enforcement
Industrial Engineering
Industrial Engineering
Regional Law Enforcement
Transportation/Shipping
Transportation/Shipping
Telecommunications
Media
Transportation/Shipping
Banking


Venue

Park Plaza Victoria, London

vpp

Location:
Park Plaza Victoria
239 Vauxhall Bridge Road, London, SW1V 1EQ. UK
Telephone: 0844 415 6752
 

Directions:
Please click here