A holistic approach to cybersecurity, risk management and business continuity

The 3rd e-Crime and Cybersecurity Spain, Madrid, 23rd November 2017

“The interconnected world offers unprecedented opportunities to criminals, terrorists, and hostile states. We must be better prepared for whatever the future holds,” Sir Julian King, EU Security Commissioner

“For Spain, as for the rest of the countries around us, cyber-espionage continues to be the greatest threat to national security,” Cyber ​​threats and Trends Report, Issue 2017 (CCN-CERT-IA-16/17), the National Cryptological Center

Like companies across the globe, Spanish firms have been rudely awakened to the threat of cyber-attack by the recent WannaCry ransomware outbreak. In Spain it was significant that telecoms giant Telefonica had been infected, though the attacks did not disrupt the provision of services or network operations. Telefonica said the impact of the attack was limited to some computers on an internal network and had not affected clients or services. But it is significant that malware managed to penetrate the defences of a large telco with sophisticated defences.
 
Individual attacks aside, Spanish firms face the same challenges as their international peers in a rapidly digitizing world: how do you build a resilient IT and data environment without stifling the ability of the underlying business to innovate and grow? 

The increasing sophistication and targeting of attacks is placing more strain on security architectures. Evolving compliance requirements complicate the systems required. And it is hard for in-house teams to step back from day-to-day operations and to see if there are better ways to what has been done in the past.
 
CISOs need help picking the right priorities and the right solutions. They face the industrialization of cyber-crime, fraud and theft, the need to support the digital transformation of companies’ underlying business and maintain customer convenience and the bewildering variety of vendors and security products.

And to secure budget they need to be able to demonstrate a measurable business case to the board.


The 3rd e-Crime & Cybersecurity Spain will cover these and other key subjects for its audience of professionals tasked with safeguarding digital assets and sensitive data. There will be case studies, strategic talks and technical break-out sessions from security teams behind some of the world’s most admired brands, who know, just like you, that security is now critical to business success.

  • Employee engagement

    Telling people they are to blame, that they are stupid and that they are the weakest link will not engage them. A team approach and good training will.

    • Examples of best practice in employee engagement
    • Turning employees into cyber-security assets
    • Cyber-security training: what works and what doesn’t?
    • What about dishonest insiders? How to monitor, detect and defeat
  • Is financial sector cyber-security up to scratch?

    They have the biggest IT budgets but they have the most complex cyber-security problems. How are the best banks protecting their core data and payment processes?

    • Securing the web, apps and mobile
    • Securing legacy systems while maintaining critical data exchange with regulators, clearing houses and exchanges
    • Fighting the last war: what are the latest regulatory developments?
    • Multi-factor authentication – the latest solutions
  • Payments innovation and cyber risk

    Payment channel innovation is a headache for banks, consumers and the companies that serve them. The newer and more convenient the payment mechanism - think contactless - the more the concerns over cyber-security.

    • Balancing customer convenience and security
    • Fighting determined multi-channel attacks
    • Tokenisation and the future of payment security
    • Lessons from PCI DSS and other payment security standards
  • The foundations of cyber resilience

    The proliferation of threats and potential solutions makes cyber risk management an ongoing headache. If threats are constantly evolving, and solution providers disagree on the basic defensive concepts, where do CISOs and other data security professionals start?

    • Building repeatable, adaptive systems and processes
    • Access control and managing privileged accounts access
    • Effective monitoring and detection systems 
    • Incident response planning, preparation, testing and execution
  • All roads lead to PCI DSS?

     

    PCI DSS can be seen as the most convenient convergence framework for complying with burgeoning global cyber and payments regulation:

    • PSD2, NIS, GDPR, ISO27001: building a framework for total compliance
    • The increasing role of PCI DSS in mandatory compliance frameworks
    • Using PCI DSS programmes to reduce the cost and burden of new regulations
  • Employee engagement

    Telling people they are to blame, that they are stupid and that they are the weakest link will not engage them. A team approach and good training will.

    • Examples of best practice in employee engagement
    • Turning employees into cyber-security assets
    • Cyber-security training: what works and what doesn’t?
    • What about dishonest insiders? How to monitor, detect and defeat
  • Is financial sector cyber-security up to scratch?

    They have the biggest IT budgets but they have the most complex cyber-security problems. How are the best banks protecting their core data and payment processes?

    • Securing the web, apps and mobile
    • Securing legacy systems while maintaining critical data exchange with regulators, clearing houses and exchanges
    • Fighting the last war: what are the latest regulatory developments?
    • Multi-factor authentication – the latest solutions
  • Payments innovation and cyber risk

    Payment channel innovation is a headache for banks, consumers and the companies that serve them. The newer and more convenient the payment mechanism - think contactless - the more the concerns over cyber-security.

    • Balancing customer convenience and security
    • Fighting determined multi-channel attacks
    • Tokenisation and the future of payment security
    • Lessons from PCI DSS and other payment security standards
  • The foundations of cyber resilience

    The proliferation of threats and potential solutions makes cyber risk management an ongoing headache. If threats are constantly evolving, and solution providers disagree on the basic defensive concepts, where do CISOs and other data security professionals start?

    • Building repeatable, adaptive systems and processes
    • Access control and managing privileged accounts access
    • Effective monitoring and detection systems 
    • Incident response planning, preparation, testing and execution
  • All roads lead to PCI DSS?

     

    PCI DSS can be seen as the most convenient convergence framework for complying with burgeoning global cyber and payments regulation:

    • PSD2, NIS, GDPR, ISO27001: building a framework for total compliance
    • The increasing role of PCI DSS in mandatory compliance frameworks
    • Using PCI DSS programmes to reduce the cost and burden of new regulations

Who attends

Job titles

Information Security Officer
U.I.T
Security Manager
Head of Fraud Risk Management
Director de Seguridad
CIO
CIO
Ingeniero
Security Manager
Arquitecto TI
Director de Seguridad
Profesor
Gerente Seguridad Tecnologías
Head of Card Payment department
Deputy IT Director
Seguridad Coperativa
Security Manager
CISO
Resp. Seguridad de la Información
Prevencion del eFraude
Director de Seguridad Bancaria
Head of Cyber Security
Consultor Senior
Director - IT Infrastructure & IT Security
Networking and Security
Asesora i Vocal del Consejo Nacional
Card Fraud Monitoring&Response
Auditoría Interna
Dirección de Seguridad
CISO
CISO Chief Information Security Officer
Responsable IT Compliance
Experto en Seguridad
Security Infrastructure Manager
Asesor
VP - Lead Security & Risk
Information Security Manager
Seguridad de la Información
Jefe de Proyecto
Director de Seguridad IT
Director de Seguridad
Director de Sistemas de Información
Tecnico
Manager Corporate Security
Director of Data Protection & Privacy
Resp. Seguridad Informática
Information Security Officer
Big Analytics + Fraud Reporting
CSIRT Manager
Analista
Subdirector Seguridad
Seguridad de la Información
Consultor
Gerente Infraestructura De Seguridad
SEGURIDAD DE LA INFORMACIÓN
Director Investigacion e-Fraude
Jefe de Area Seguridad
Chief Information Officer
Coordinador de Seguridad
Empresas/Business
Manager Audit IT
Ingeniero Seguridad
Regional Information Security Officer
Engineer IT Security
Chief Information Security Officer
Network Security Consultant
Head of Systems & Security
Analista
CISO
IT Security Officer
Chief Technology Risk Audit
Seguridad TIC
Security Manager
Director Seguridad en Sistemas
CIO
Responsable de Seguridad
Seguridad Corporativa
Consultor de Seguridad
Director Juridico
Director de Seguridad
Jefe de Tecnologia
Gerente Seguridad Sistemas
Director de Seguridad
CISO
Director de Auditoria IT Risks
Director de Seguridad de la Informacion
Gerente de seguridad
Gestion Riesgos Tecnologicos
CISO
IT Technician
CIO

Companies

Siemens
Cuerpo Nacional de Policia Madrid
La Caixa
Banco Popular España
Metro de Madrid
Redexis Gas
Tecnicas Reunidas
Telefonica
Grupo FCC
Enagas
Novo Banco
Universidad Politecnica de Madrid
Bankinter
The Spanish Bankers' Association
JB Capital Markets
Repsol España
Grupo FCC
Grupo FCC
Solvia Servicios Inmobiliarios
Bankinter
Santander
Hibu
Telefonica
BANCO INVERSIS NET S.A.
LaSegunda
Ministerio de Justicia
BBVA Grupo
CECA Bank
Vodafone
Iberdrola
EVO Banco
Cetelem Spain
Mapfre
Mapfre
Arrona de la Rosa y Asociados
Barclays
Reparalia
La Caixa
ISDEFE
Codere
Mapfre
Grupo DaXa
DGII
Codere
BGBG Abogados
Leroy Merlin
Siemens
BBVA Grupo
El Corte Inglés
Cuerpo Nacional de Policia Madrid
Mapfre
Iberdrola
Telefonica
Rural Servicios Informáticos
Sareb
Santander
Supermercados Dia
Perez Llorca
Telemadrid
AXA España
Banco Exterior
BT España
Daimler
Adidas
Tecnicas Reunidas
BT España
Grupo Cortefiel
Telefonica
Cajamar
General Dynamics ELS
Santander
Administración General del Estado
ISDEFE
Mapfre
Nautalia & Wamos
Codere
Iberdrola
ISACA
I-Olvido
Codere
Nautalia & Wamos
Grupo Mutua
Novo Banco
Yoigo Spain
BBVA Grupo
Sanitas
Cajamar
Banco de Crédito Cooperativo
CESCE
JB Capital Markets
Codeactivos

Industries

Electronic/Electrical Equipment
Regional Law Enforcement
Banking
Banking
Transportation/Shipping
Oil/Gas
Oil/Gas
Telecommunications
Construction
Oil/Gas
Banking
Education
Banking
Association
Banking
Oil/Gas
Construction
Construction
Real Estate
Banking
Banking
Media
Telecommunications
Banking
Insurance
Central Government
Banking
Association
Telecommunications
Electricity
Banking
Banking
Insurance
Insurance
Legal
Banking
Insurance
Banking
Aerospace/Defence
Casinos/Gaming
Insurance
Food/Beverage/Tobacco
Central Government
Casinos/Gaming
Legal
Retail
Electronic/Electrical Equipment
Banking
Retail
Regional Law Enforcement
Insurance
Electricity
Telecommunications
Banking
Banking
Banking
Retail
Legal
Media
Insurance
Banking
Telecommunications
Automobiles/Parts
Retail
Oil/Gas
Telecommunications
Retail
Telecommunications
Banking
Aerospace/Defence
Banking
Healthcare Services
Aerospace/Defence
Insurance
Travel/Leisure/Hospitality
Casinos/Gaming
Electricity
Association
Legal
Casinos/Gaming
Travel/Leisure/Hospitality
Insurance
Banking
Telecommunications
Banking
Healthcare Services
Banking
Banking
Insurance
Banking
Banking


Venue

NH Collection Eurobuilding, Madrid

NH Collection

Location:
NH Collection Madrid Eurobuilding
Barrio Chamartín, Padre Damián, 23 
28036 Madrid
Spain 
Telephone: +34 91 3537300