13th Annual e-Crime & Cybersecurity Congress in Abu Dhabi

10th May, 2023 • The St Regis, Abu Dhabi, UAE 

Making the most of your cybersecurity resources

CISOs’ real-world job is getting the best from a limited budget: learn from the experts

 

All too often cybersecurity is still seen as a binary, IT issue: is our IT infrastructure secure? The problem with that approach is first, the answer is always ‘not 100%’, and second, the question completely avoids the factors that should drive a real-world security programme. Cybersecurity is a business risk like any other; its significance is a function of the risk cyber-crime is to the business; there is a finite level of resourcing to mitigate the most material elements of that risk; and there will always be residual risk that cannot be mitigated – this represents the limitations of the budget and the risk appetite of the firm.


So, is there a better way to do cybersecurity than thinking of it as a constant battle to purchase the latest IT to keep up with ever more technologically advanced hackers? One answer is to move away from a granular focus on IT. For example, the foundation of many cybersecurity programmes is the asset inventory. Get a list of every device and application on the network so that you can monitor and log activity, ensure regular patching and check for anomalous behaviours. But treating every device and every application the same, regardless of how they contribute to risk, is wasteful without a business-led evaluation of business-critical processes.


Taking a risk-based approach to security creates a more efficient and effective programme, it reduces waste and maximises the allocation of resources to issues that are of genuine, material significance to the business. It may also result in evidence that can be used to increase the resources available to the security team by demonstrating real business value.


Another way to apply real-world thinking to cybersecurity is to start with people: buying technology that is too complex, or that requires significant IT resources or ongoing staffing, means under-using that technology or even exposing the organisation to increased risk. So, start with the team you can afford and then think about what tech that implies. A realistic evaluation of the skillsets available and the flexibility of in-house resources may well lead to a decision to outsource.


And other business risks can at least partly be hedged or insured. Right now, the cybersecurity insurance market sems to be in flux, with some insurers even saying that cybersecurity is becoming an ‘uninsurable’ risk. In reality premiums are finally being adjusted to reflect the cybersecurity posture of firms that want to buy it. So, what do you need to prove to ensure continued access to cyber-insurance and are those requirements consistent with current levels of security resourcing?

The 13th e-Crime & Cybersecurity Congress in Abu Dhabi will look at how cybersecurity needs to change to reflect real-world business conditions. Join our real-life case studies and in-depth technical sessions from the security and privacy teams at some of the world’s most admired brands.

  • Getting real about cyber risk management

    • Until cybersecurity is truly seen as risk management, hackers will continue to evade outmoded control frameworks.
    • Quantification is key, but so is how it is used.
    • Part of this is down to CISOs, part of it to Boards and part of it to solution providers.
    • The banks have done it. When will the rest of business catch up?

  • Insuring the uninsurable?

    • Cyber-insurers need to understand the risks they are insuring if they are to set premiums at a level that makes sense.
    • They also need to know that they are insuring risks that clients have taken steps to mitigate properly.
    • why insure those who leave their digital doors open?
    • What can and can’t be insured?

  • Cybersecurity as a service: the pros and cons

    • MSSP, MDR, CSaaS – all of these offer varying degrees of outsourced cybersecurity services
    • So when does it make sense to outsource?
    • And what outsourcing arrangements make sense for which firms?

  • Cybersecurity for SaaS/IaaS/PaaS

    • Most companies’ core reliance is now upon a small number of monolithic application suites and Cloud services
    • In addition, they are likely to be developing their own software in the Cloud
    • These and other changes fundamentally alter the IT landscape in which cybersecurity operates
    • So do CISOs need a new model for cybersecurity and are legacy solutions still valid?

  • Making the most of next gen tech: automation, AI and the rest

    • The next 20 years will see an ecosystem of small single-issue vendors slim down to a far less complex set of larger platforms
    • These platforms will be able to invest in continuous development and offer to cover all or large chunks of organisations’ security needs
    • But will the winners in this evolution be those at today’s cutting edge?

  • Upskilling security teams

    • Organisations have limited budgets
    • The skills shortage in security staff growing
    • This dynamic affects the type of on prem security operation firms can employ
    • So how can CISOs continuously upskill their teams?

  • The rise and rise of effective cybersecurity regulation

    • Data privacy is only a small part of the picture.
    • Regulators are looking at operational resilience in key sectors like finance – securing the wholesale payments market is a priority and others will follow.
    • They are looking at disclosure and fining the miscreants. How to comply with new regimes?

  • Keeping citizens safe

    • The COVID era demands unprecedented levels of citizen engagement. Compromises are inevitable to ensure the safety of all.
    • But the systems required to provide safety also create a huge data security and privacy challenge for both governments and employers alike.
    • Can solution providers help?

  • From smart machines to smart cities - securing the IoT

    • How long will it be before every significant device and location is part of an ecosystem of sensors connected to public and private networks?
    • Driving apps tell insurers what premiums to charge. Packaging machines report their own breakdowns. 
    • But are these devices visible on your network and how are you securing them?

  • Reining in BigTech

    • Resilience and security increasingly come down to key dependencies outside the organization.
    • With on prem tech the past and Cloud and external IT the future, how do public and private sector organisations ensure security when they rely on vendors who are vulnerable but above leverage with even their biggest clients?
    • Time for governments to step in?

  • Developing the next generation of security leaders

    • If cybersecurity is to change to meet the evolution of our digital world, then so must those who implement it.
    • CISOs cannot cling to an IT paradigm and companies must move away from hiring on false pretences (on budget and commitment) and firing at the first breach.
    • What does a next-gen CISO look like and are you one of them?

  • Securing digital currencies and DLT

    • The move towards non-cash payment methods during the crisis has been extreme, and looks irreversible.
    • Many more governments are now looking at developing their own digital currencies.
    • How do we go about securing a world in which most - perhaps all - payments are digital?
    • And what about the blockchain?

Who attends

Job titles

CISO
Chief Information Officer
Sr. VP - Operational Risk, Fraud, BCP & Technology Risk
Senior Fraud Investigator
Chief Risk Officer
Regional Head of Information Security & Risk - Middle East
Senior IT Security Manager
Director of Information Security
Group CIO
Associate Director - PCI Compliance
Senior Exec IT Infrastructure
CISO & Information Security Head
Director - Information Security
Head of Information Security & IT Compliance
Senior Specialist - Critical Infrastructure Security
Group Head of Risk Management & Internal Audit
Manager, Security Operation Center
Director, Digital Transformation & Technology
Chief Technology Officer
Head of IT Security
Manager, Cyber Defence Centre
Fraud Operations Manager
CISO
Manager, Information Security Risk
Manager, Operational Risk
Director of IT Security
Head of IT
Manager, IT Security and Controls Assurance
Head of Information Security & Technology Risk
Director of Cybercrime Dept
CISO
Manager, Security Architecture & Compliance
Head of I.T. Security
Senior Manager, IT Security Operations
Head of IT Security Operations
Head of Regional Security & Fraud Risk
Group Information Security Officer
Head - Information Technology Risk Management & CISO
Senior IT Risk & Security Officer
Regional Fraud Prevention Manager
Group I.T. Compliance Manager
I.T. Security Manager
I.T. Manager - Network & Security
Head of Information Security
SVP - Head of Information & Physical Security
CISO/ IT Manager
Head of Information Technology
Director of Information Security Department
ICS Head of Security
CIO
Head Enterprise Risk Management
Director of IT Security and Infrastructure
ICT Director
Group Chief Security Officer
Manager SOC Operations
Head of Information Security Risk and Governance
Regional Compliance Head - MENA
Vice President, Chief Information Security Officer
Head of Cybersecurity Strategy
Head of Fraud Prevention
Group IT Security Manager
VP - Operational Security Group Head
Director of Information Technology
Head of Cyber Security
Head of IT Solutions & Delivery
Senior Computer Security Officer
National Head - Fraud & Operational Risk
CIO
Group ICT Manager
IT Compliance, Security and Architecture
Special Agent
Security Solutions Architect
PCI Project Manager
Group Chief Information Officer
Senior Manager, Enterprise Security
Head of Technology
Cyber-Crime and Digital Forensics Specialist
Regional Head Fraud Risk
Group Head of Systems and Monitoring
Director of IT Security Governance
IT Project Manager - Special Projects
IT Infrastructure Manager
Manager, IT Security and Networks
Vice President - Security Architecture
Group IT Infrastructure Manager
Zone CISO
Head of ICT Technical Security Services
Senior IT Security Architect
Chief Compliance and Information Security Head
Manager Security Operations Center
Manager I.T. Governance Risk Management
Associate Vice President – IT Security, Risk & Business Resilience
Chief Compliance Officer
Head of Information Security & Compliance
Group Head of IT
Application Security Officer
Project Manager, Cards & Channels, MENAP and AFRICA
Head of ICT
Chief Security Officer
AVP and Audit Manager - Technology
Senior Information Security Manager
Head of Compliance
IT Security Officer
Senior Director - Security Risk Management
Head of Fraud Risk Management
CISO
Vice President & Manager, IT Network
Head Fraud Investigations
Threat Intelligence Program Lead and Senior Manager Information Security Risk Team
Group Director of Information Security
Head of Business Information Security
Technology Deployment Manager
Senior Manager, Security Architect & IT Governance
Senior Manager Information Security
Regional IT/IS Manager - Middle East & Asia
Manager, Security Architecture
Senior I.T. Security Engineer
CTO
Head of IT Compliance & Security Architecture
VP & Head of Audit - Applications
Manager – Technology Risk & Security
Head of Threats and Intelligence
IT Manager Network and Security
VP - Risk & Governance and Information Risk
Manager of Information & Physical Security Governance
Group Chief Information Officer (CIO)
Senior Information Security Officer
Regional Head, Strategic Security Threats
Senior Network & Security Engineer
Group Leader - Vulnerability Management
Director, Information Security & Architecture
Manager - Information Security
Manager – IT Security,Group Risk Management
Chief Risk Officer
Chief Information Security Officer
IT Security Manager
IS Manager
Regional Director Information Technology Middle East
CISO
Head Operational Risk MENA
Group Head of I.T. & CISO
Head of SOC
SVP Specialist, Security Threat Intelligence
Group Chief Information Security Officer
CISO
Head of Information Security, UAE, Africa, Middle East & Pakistan
Head of e-Crime Unit
Security and Network Officer
Senior IT Security Engineer
Deputy CIO / CISO

Companies

Abu Dhabi Health Services Company (SEHA)
Barclays
Emirates Palace
Nokia
Daman Health
Abu Dhabi Police
AXA Insurance Gulf
Commercial Bank of Dubai
Atlantis the Palm
Abu Dhabi Department of Economic Development
Ministry of Economy UAE
GE Capital
Burjeel Hospital
Abu Dhabi National Insurance Company
Mashreq Bank
Hospitality Management Holdings
RAK Bank
Munich Re Syndicate
Merck Group
Statistics Department Abu Dhabi
Mobily
Du
United Arab Emirates Ministry of Labour
Union National Bank
Rotana Hotel Management Corporation
Consolidated Contractors Company (CCC)
United Arab Shipping Co
Etihad Airways
Standard Chartered Bank
Royal Jet Group
The Petroleum Institute
Al Tamimi & Co
Abu Dhabi Global Market (ADGM)
Nakheel
Emirates National Oil Company Limited (ENOC)
TIME Hotels
Wall Street Exchange
Herbert Smith Freehills LLP
Prestige Jet
Schlumberger
Ecobank
British American Tobacco
Abu Dhabi National Energy Company (TAQA)
American Express
Abu Dhabi Accountability Authority
Air Liquide
Emirates Nuclear Energy Corporation
RSA Insurance Group
Mubadala Development Company
MIG Holding
Sport360
Emirates Airlines
Honeywell
Petrofac Ltd
Citigroup
Tamweel
Abu Dhabi Finance
Department of Finance Abu Dhabi
Masdar Institute of Science and Technology
Mafraq Hospital
Emirates Investment Authority
Health Authority Abu Dhabi
Ajman Bank
Al Ghurair Group
Emarat - Emirates General Petroleum Corporation
Emirates NBD
Zayed University
Gulf Agency Company
Abu Dhabi Aviation
Abu Dhabi Airports Company
Abu Dhabi General Secretariat of the Executive Council
UAE Armed Forces
Intrum
Tatweer Petroleum
Network International
Crowne Plaza
Al Najah Education LLC
Al Masraf Bank
Emirates Group
Abu Dhabi Islamic Bank
Panasonic
First Abu Dhabi Bank
Gulf International Bank
Deyaar Development Co.
Ericsson
National Bank of Umm Al Qaiwain
Sky News Arabia
Emirates Islamic
Budenberg Middle East
ADNOC - Abu Dhabi National Oil Company
Ministry of Presidential Affairs
Abu Dhabi Terminals
Dunia Finance
ADNOC Gas Processing
Al Futtaim Group
Abu Dhabi Investment Authority
Damac Holding Company
Orient Exchange
National Corporation for Tourism & Hotels
Belhasa International
Moneygram International
Abu Dhabi Media
Arab Bank
Medtronic
Lulu Group International
Al Ansari Exchange
Aramex
Al Fardan Group
Cleveland Clinic Abu Dhabi
Emirates Investment Bank
National Bank of Fujairah
Central Bank of the UAE
Jumeirah Group
VPS Healthcare
DBA - Darwish Bin Ahmed & Sons
Global Development Group - GDG
LandMark Group
UAE Government
Al Ahalia Money Exchange Bureau
Baker Hughes
Commercial Bank International
Al Fahim Group
Abu Dhabi Commercial Bank
Muthoot Exchange
Dolphin Energy
Majid Al Futtaim Group
Ministry of Foreign Affairs - UAE
HSBC
UAE Exchange Centre
Habib Bank AG Zurich
Federal Authority for Identity and Citizenship
LUKOIL
Abu Dhabi Water & Electricity Authority
Sharjah Islamic Bank
MAN Truck & Bus Middle East
Federal Transport Authority UAE
Al Rostamani Group
Emaar Industries & Investments
Al Hilal Bank
Ahmed Seddiqi & Sons
Bird & Bird LLP
Watania
Etisalat Group
Western Union
Ministry of Interior UAE
DHL
Noor Bank
Vodafone
Starwood Hotels & Resorts
Union Insurance

Industries

Banking
Industrial Engineering
Industrial Engineering
Oil/Gas
Telecommunications
Banking
Banking
Banking
Media
Retail
Oil/Gas
Retail
National Law Enforcement
Banking
National Law Enforcement
Telecommunications
Retail
Electronic/Electrical Equipment
Insurance
Central Government
Banking
Healthcare
National Law Enforcement
Travel/Leisure/Hospitality
Media
Banking
Aerospace/Defence
Media
Insurance
Banking
Casinos/Gaming
Banking
Mining/Metals
Banking
Retail
Electronic/Electrical Equipment
Banking
Food/Beverage/Tobacco
Banking
Insurance
Banking
Household/Personal Products
Retail
Retail
Retail
Legal
Media
Banking
Charity
Casinos/Gaming
Software
Retail
Media
Retail
Banking
Automobiles/Parts
Banking
Banking
Central Government
Insurance
Central Government
Oil/Gas
Banking
Banking
Banking
Insurance
Banking
Media
Central Government
Retail
Media
Central Government
Healthcare Services
Banking
Food/Beverage/Tobacco
Insurance
Transportation/Shipping
Retail
National CERT
Transportation/Shipping
Legal
Insurance
Banking
Education
Banking
Retail
Transportation/Shipping
Charity
Banking
National Law Enforcement
Industrial Engineering
Industrial Engineering
Regional Law Enforcement
Transportation/Shipping
Transportation/Shipping
Telecommunications
Media
Transportation/Shipping
Banking


Venue

The St. Regis, Abu Dhabi

ABU

Location:

The St. Regis Abu Dhabi

Nation Tower, Corniche, Abu Dhabi, United Arab Emirates
Telephone: + 971 (2) 694 4444

Coordinates:

24.464006°N
54.328015°E


Description:

Boasting a landmark address on the Corniche, in the iconic Nation Towers, The St. Regis Abu Dhabi offers worldly refinement and timeless traditions just steps from the Federal National Council, Supreme Court, and prestigious corporate headquarters. Dedicated to uncompromised living, the hotel features 1,700 square meters of meeting space along with a pool and Rémede Spa.

Accommodation:

Please contact the venue for further information.


Directions:

Please click here