Agenda

08.00 - 08.50

Registration and breakfast networking 

08.50 - 09.00

Chairman’s welcome, Amanda Oon, Deputy Editor, AKJ Associates, Soizic le Leslé Fauvelle, Conference Producer, AKJ Associates, and Robert Walker, Managing Director, AKJ Associates 

09.00 - 09.20

►The new wave of AI/ML cyber attacks

Ashraf Aboukass, Global Head of Information Security Architecture, Schroders

  • What can emerging technologies such as artificial intelligence do to help security initiatives - and what new challenges do they introduce?
  • Developing strategy and oversight of hyperconnectivity
  • How are the cyber-criminals using ML and AI techniques. What do information security leaders need to know to stay ahead of the game?
09.20 - 09.40

► A global view of CyberCrime threats: It takes a network to fight a network

Michael Yeardley, Senior Director, Product Strategy, ThreatMetrix, and Rebekah Moody, Market Planning Director, ThreatMetrix

  • Latest global trends as seen in the ThreatMetrix Digital Identity Network, based on analysis from 16bn transactions seen globally in H1 2019
  • How harnessing the power of that Network can establish Trust, Confidence, and Integrity
  • With practical insight into how that Network can be used to detect advanced fraud, protect consumers and support digital transformation
09.40 - 10.00

► Bestsellers in the Underground Economy: Measuring Malware Popularity by Forum

Jason Steer, Director of EMEA Presales, Recorded Future 

  • How the majority of the top 10 mentions of malware in multiple languages included openly available dual-use tools, open-source malware, or cracked malware.
  • How many key malware families are over three years old or can be mitigated with basic security precautions.
  • How activity in underground forums correlates to growth in malware in the real world.
10.00 - 10.20

Playing by the rules (and regulations). Managing your relationship with regulators and other security stakeholders

Astrid Hansen, Chief Controls Officer and CISO, MENA, Barclays

  • The roles and influence of regulators and how that has changed over the last few years
  • The increased prioritisation of FS regulators such as the UAE Central Bank towards data governance and digital compliance
  • The cross-jurisdictional comparisons in a global organisation
  • The scrutiny of B2B clients towards information security and data governance. What are their demands and how can information security work as a commercial competitive advantage?
10.20 - 11.00

 Education Seminar 1

Delegates will be able to choose from a range of topics:

  • Protection in the age of the digital supply chain Jerome Bei, Sales Engineering Manager, EMEA, Accellion, and Paul Steiner, Managing Director EMEA Sales, Accellion
  • Digital risk protection to enhance user experience, Matthew Platten, AntiFraud Solutions Consultant, Cyxtera
  • WAN edge security posture in the SD-WAN era, Oussama Bachour, Senior Systems Engineer, Fortinet
  • FILES: The enfant terrible of any IT environment, Nicolai Solling, Chief Technology Officer, Help AG, and Dr. Aleksandar Valjarevic, Head of Solution Architecture, Help AG
11.00 - 11.30

Refreshments and networking

11.30 - 11.50

► Cyber-economics: information security metrics and incentives 

Martin Sivorn, Head of Cyber Security, UK Government Digital Service

  • Why information security needs metrics
  • The use of data to inform decisions and measure progress 
  • Case study: security risk scores. A way of simplifying security risk into a numerical index that helped people understand the impact of new issues or mitigations
  • The financialisation of cyber: incentives for security standards 
     
11.50 - 12.10

► Deception-based Threat Detection Myths & Realities – Changing the Game on Modern-day Attackers

Bahi Hour, SE Director, META, Attivo Networks

  • The challenge of current Cyber Threat Dwell Time – Detection Gap
  • Shift from Cyber Threat Prevention to innovative Detection and Incident Response
  • The Need for Deception
  • How It Works?
  • Myths and Realities - Common Misconceptions
12.10 - 12.30

► Prevent, respond and recover: Email security priorities for 2020 cyber resilience

Jerry Peter Bruzzese, Microsoft MVP (Office Apps and Services), Mimecast 

  • Develop your defence-in-depth strategy (email, web, awareness training)
  • Evaluate the connection between security and continuity: human error and the real risks of downtime. 
12.30 - 12.50

► Shift to Self-Learning, Self-Defending Networks

Roland Stride, Director, Darktrace

  • Leveraging AI algorithms to defend against advanced, never-seen-before, cyber-threats
  • How new immune system technologies can provide 100% visibility of your entire business, and enable you to pre-empt emerging threats & reduce incident response time
  • Why autonomous response is enabling security teams to neutralize in-progress attacks, prioritise resources, and tangibly lower risk
  • Real-world examples of subtle, unknown threats that routinely bypass traditional controls
12.50 - 13.30

 Education Seminar 2

Delegates will be able to choose from a range of topics:

  • No. It really IS all about you… Identity – use/abuse/compliance Richard Meeus, Security & Strategy Director EMEA, Akamai Technologies, and Elmar Witte, Senior Product Marketing Manager Security EMEA, Akamai Technologies
  • Anatomy of a hack: Perception vs. Reality, Kamel Heus, Regional Director, EMEA South & MEA, Centrify
  • Customers in the crosshairs, Andrew March, Platform Specialist, EMEA, Okta, and Justin Doo,Territory Manager Middle East, Turkey & Africa, Okta
     
  • Ditch the SOC, build a fusion centre, Ahmed Husain, CEO, Reload, on behalf of Protection Group International
     
13.30 - 14.30

Lunch and networking 

14.30 - 14.50

 The core issues of innovation and new technologies

Muhammad Rizwan Khan, Head of Compliance, Aldahab Exchange

  • New innovation and  smart technologies can be very effective tools to mitigate the risk of money laundering and terrorist financing for FI. How can you use them most effectively?
  • The ROI of corporate awareness and training. What is required specially in FI’s, regarding how to protect information and how the cyber security can be applied through advanced solutions which may relax the business and employees in secure environment?
  • Effective frame work must cover the scope of cyber risk management and identify the gaps from IT to Compliance which will be mutually beneficial for the company. How do you combine different functions such as cybersecurity and audit in an effective risk framework?
14.50 - 15.10

► The Confidence Game: How Attackers Exploit People, and How to Stop Them

Richard Davis, Cyber Security Strategist EMEA, Proofpoint, and Emile Abou Saleh, Regional Leader – Middle East, Turkey & Africa, Proofpoint

  • Learn how to identify who’s being attacked in your organisations; Many organisations have little idea which of their people receive sophisticated threats, targeted threats or even large volume threats. We call these target VAPs (Very Attacked People) - they are not who you would expect
  • Discuss how to leverage data to better understand your adversaries; Phishing and social engineering are the ways most organisations get compromised
  • Learn how to tailor a protection plan for your most at risk people
15.10 - 15.30

► Why the best laid cybersecurity plans fail, and what you can do about it today?

Jose Varghese, EVP and Head Of MDR Services, Paladion Networks, and Amit Roy, EVP and Regional Head of EMEA, Paladion Networks

In this session, we will cover the three critical components you need in your cyber security program

  • To detect and respond to threats faster,
  • The time it could take your organization to develop these capabilities,
  • The steps CISOs or security leaders can take to build this system and culture in their organization.
15.30 - 15.50

►Digital Piracy, a global cyber-crime: Let’s take the fight to the pirates

Phillip Davies, Director of Anti-Piracy, Sky

  • Piracy as a trans-national, borderless issue. How can we explore the issues of regulating and navigating digital crime in a borderless business world?
  • How has this been impacted by the onset of digitalisation and the race towards hyper-connectivity?
  • API’s, PayPal and cryptocurrency. Are these just buzzwords, or have they changed the way we – and the cybercriminals – manage digital fraud? What does today’s Fraud leader need to know?
15.50 - 16.10

► How Offensive Security Testing Better Protects You Against Malicious Hackers and Nation State-sponsored Cyberattacks

Ronaldus Peeters, Managing Director EMEA, Synack

  • There is continued, rapid growth in cyberattacks and these are increasingly sophisticated with greater break-in success.
  • Traditional vulnerability scanning and compliance-based Penetration Testing prove ineffective in detecting many serious vulnerabilities in live systems.
  • Hear about a new revolutionary security testing approach using large teams of highly-vetted international, top-class security researchers who can find serious vulnerabilities in any live system often within a matter of hours.
  • Several supporting case studies are discussed including how Synack was able to break into the Pentagon within just four hours
16.10 - 16.30

Refreshments and networking 

16.30 - 16.50

► Executive panel discussion

Know your cyber-stakeholders. Insights into who has accountability in your organisation for cybersecurity. And what they're doing about it

  • Muhammad Babar, Head of Compliance, MoneyGram Intenational 
  • Robert Cookson, Group IT Director, NOW Health International
  • Suresh Nair, Chief Information Security Officer – MENAT, GE
  • Shafiullah Mohamed Ismail, Senior Manager, Security Architect & IT Governance, Mubadala Development Company

 

16.50 - 17.10

► Achieving ‘the impossible’: cybersecurity and controlled spending

Sebastian Madden, Chief Corporate Development Officer, Protection Group International

  • Introduction to the Organisational Cybersecurity Maturity Assessment Model
  • Application to typical cybersecurity functions and units
  • Regulatory alignment to national and sectoral standards
  • Using the maturity model to identify over-investment, under investment and ineffective spend
17.10 - 17.30

► Executive panel discussion

Lessons on dealing with digitalisation

  • Ilham Ismail, Head of IT, Hospitality Management Holdings
  • Kausar Mukeri, Head of Information Security, InvestBank
  • John Manning, former Head of Technology Risk, Prudential
  • Hashim Saeed, Head of Information Technology, Azizi Developments
  • Ashish Khanna, Group Information Security Officer, Dubai Health Authority
17.30 - 17.30

Conference close, Robert Walker, Managing Director, AKJ Associates

Education seminars


Protection in The Age of The Digital Supply Chain


Jerome Bei, Sales Engineering Manager, EMEA and Paul Steiner, Managing Director EMEA Sales, Accellion

The Accellion secure content communication platform helps IT executives lock down and govern the exchange of confidential enterprise information with the outside world without getting in the way of users.

Thousands of global CIOs and CISOs trust Accellion to give their organizations protection, privacy and peace of mind.

  • Third Party Risk Explained
  • Zero Trust - a viable strategy?
  • Protecting all communication channels of sensitive content 
  • Unify Access to Enterprise Content Silos Without Migration

Digital Risk Protection to Enhance User Experience


Matthew Platten, Anti-Fraud Solutions Consultant, Cyxtera

In a digital-first world where more and more users rely on online banking, financial losses to cybercrime have increased by over 40% in the past three years. Adding insult to injury, end users expect the highest level of security from their banking provider and won’t tolerate protection that only applies after their account has been compromised.

Join Cyxtera as we’ll cover the following topics to help find the right risk protection balance:

  • The state of external threats & customer expectations
  • The downfalls of only a reactive risk mitigation strategy
  • How to balance the scales with proactive threat detect and response

Ditch the SOC, build a fusion centre


Ahmed Husain, CEO, Reload, on behalf of Protection Group International

What you need is a SOAR powered cyber threat management and response center. The SOC or the Cyber Command should be  equipped with real-time strategic, tactical and operational threat intelligence and cyber data fusion capabilities to produce a 360-degree view of an adversary. This approach empowers organizations to effectively combat threats by collecting, visualizing and correlating reliable threat data from multiple trusted tools and sources and delivering an automated threat response.

In this session, attendees will learn:

  • How to map your incidents and intelligence to the MITRE Att&ck framework and help your threat hunter in prioritizing what to hunt and where to hunt
  • How to collect reliable threat intelligence data and employ it to the best business advantage
  • How to achieve 360 degree visibility with SOAR powered threat management

No. It really IS all about you… Identity - Use / Abuse / Compliance


Richard Meeus, Security & Strategy Director EMEA, Akamai Technologies, and Elmar Witte, Senior Product Marketing Manager Security EMEA, Akamai Technologies

Cybercrime revolves around users and users rely on their identities. Protecting the identity of your customers will help you to protect your brand against the next breach.

Join Akamai on this educational seminar where we will discuss how cybercriminals are abusing password reuse, exploiting VPN tunnels and searching for soft targets.

  • Learn on techniques to detect and prevent credential stuffing
  • See how to minimise the attack surface when machines or users are compromised.
  • Ensure that all your assets are protected, not just the shiny website

WAN Edge Security Posture in the SD-WAN Era


Oussama Bachour, Senior Systems Engineer, Fortinet

This session discusses the importance of security for a complete WAN Edge transformation from headquarters to the enterprise branch. The presentation includes use cases and real-world examples of how organizations are using Secure SD-WAN to empower workforce globally.

  • Overview of challenges and complexity of existing and legacy enterprise WAN Edge Networks 
  • The impact of digital transformation on the design and requirement of Enterprise WAN edge
  • SD-WAN drivers and embedded technologies as solution for WAN edge transformation
  • Mitigation of security risks incorporated during digital transformation and the adoption of SD-WAN systems
  • Use cases and real world examples from customers' deployments

FILES: The enfant terrible of any IT environment


Nicolai Solling, Chief Technology Officer, Help AG, and Dr. Aleksandar Valjarevic, Head of Solution Architecture, Help AG

  • There are thousands of file formats and they are ultimately the agents that deliver everything from a website to an attachment in your inbox. While files are good and deliver functionality, they can also be bad, weaponised delivery vehicles for malware
  • In this session we will talk about files, the types one should be extra careful about and how these are utilised in social engineering malware and crypto-attacks
  • In a world where attackers have more resources and capabilities than ever, we will discuss how small changes and new technologie can significantly increase your robustness against both file-based and file-less attacks

Customers in the Crosshairs


Andrew March, Platform Specialist, EMEA, Okta, and Justin Doo,Territory Manager
Middle East, Turkey & Africa, Okta

As users now expect more from the organisations they interact with online, managing the identity of your customers is becoming much more complex. Password dumps, multiple devices and poor MFA adoption put pressure on security and development teams. All the time your competition is waiting in the wings ready to offer an alternative if your offering doesn't meet the customer's expectations.

Join Andy in a session where he discusses the threats to your customers, the impact those threats can have on your organisation and how to build a customer identity which not only protects your customers but provides a better user experience.

What attendees will learn:

  • How to model the risks and impacts of a customer account compromise.
  • How to drive registration with progressive profiling.
  • Choosing multifactor options which users love.
  • Techniques for monitoring emerging account threats.

Anatomy of a Hack: Perception vs. Reality


Kamel Heus, Regional Director, EMEA South & MEA, Centrify 

The number of data breaches has skyrocketed in recent years. Contrary to popular belief and Hollywood story lines, cyber-attacks are rarely carried out by legions of highly sophisticated coders gone rogue, deploying the most advanced techniques to penetrate organizations’ perimeter defenses. Reality paints a very different picture: cyber adversaries are no longer hacking to carry out data breaches ― they’re simply logging in by exploiting weak, stolen, or otherwise compromised credentials. Implementing an effective enterprise security strategy requires an understanding of hackers’ tactics, techniques, and procedures ― often called TTPs.

This breakout session will provide not only insight into the latest tactics, techniques, and procedures used by cyber adversaries, but more importantly provide best practices on how to implement a successful cyber security strategy in organizations independent of their size and industry.

The session will cover:

  • The Anatomy of a Hack
    • Common Misconceptions
    • Today’s TTPs and Cyber-Attack Lifecycle
  • A Blueprint on How to Minimize Your Risk Exposure
    • Best Practices Revealed
    • Meet the Antidote: Zero Trust
    • The Path to Zero Trust Starts with Identity
    • Real-Life Implementation Examples