Cybersecurity by remote control: protecting employees, customers and the business

15th e-Crime & Cybersecurity DACH: Virtual Edition
25th June 2020

Defend against new cyberthreats, maintain resilience, support the shift to go digital
Making a virtue of necessity: first responses & strategic planning


It seems an age ago, but as the first news began to leak out of Wuhan, cybersecurity professionals were looking forward to the next stage in the maturity journey.

They needed a holistic approach to their entire data management process; they needed an aggregated approach to compliance, privacy and security; they needed to apply standard operational risk modelling and budgeting to these activities; and they needed new management and staffing structures to implement these changes.

None of that is untrue - but the spread of COVID-19 has changed all our priorities by changing the way the world works and engages with customers.

It has created fundamental challenges to companies' ability to protect their systems and employees while continuing to serve their customers. Entire workforces have been transplanted to their homes and forced to shift their entire work life to the digital realm.

Out of necessity, remote access and wide-ranging privileges have been granted across organisations. And at the same time, businesses across every sector are ramping up online product and service delivery as fast as possible.

All of these responses have massively increased cybersecurity risk.

Large-scale adoption of work-from-home collaboration tools, rapid scaling of customer-facing networks and websites, greater all-round use of cloud and online applications, and the vast increase in data flows across previously controlled network boundaries are changing business paradigms on the fly. Cybersecurity is already finding it hard to play catch-up with this almost instantaneous digital and online pivot.

The hackers have noticed. They are already exploiting weaknesses in this new distributed business model. Phishing is easier in this stressed environment; DDoS and ransomware attacks more damaging (and so more lucrative); controls easier to subvert. Everything from corporates, to charities, to hospitals and other critical infrastructure is under attack.

As the entire business goes off-premise, how should CISOs react? What are the key priorities? How do CISOs ensure that they and their teams are secure as well as key employees and business processes? What is the initial response versus the longer-term?

 

The 15th e-Crime & Cybersecurity DACH will take place online and will look at how cybersecurity teams are tackling this dramatically different threatscape. Join us for real-life case studies and in-depth technical sessions from the security and privacy teams behind some of the world's most admired brands.

  • Rethinking identity and access management

    • Employees need off-site access to apps, data and other network resources - existing IDAM policies will need to be re-written fast
    • How can you restructure IDAM quickly? How can you push MFA to the whole network?
    • Can consumer-grade software be incorporated?
  • Stuck in the Cloud

    • Most companies have been forced to rely on Cloud-based apps and storage
    • So, they need visibility and controls, they need logs from providers to review for unauthorised access and data exfiltration, and they need to limit unauthorised access and services.
    • And what do their Cloud contracts say about force majeure?
  • Performing critical security tasks remotely - how can CISOs regain control?

    • Employees for whom long-term, secure remote working processes hadn't been set up in advance will not just be outside centrally controlled endpoint protection processes, they'll be beyond any patching and update processes.
    • Many security tools depend on being on the local network. How can security teams manage the basics remotely?
    • Will remediation and reimaging capabilities work as intended in a remote environment? What updates are needed to incident response playbooks?
    • Most organisations have 'abandoned' their existing office environments - including all the devices within them. These need to be monitored and protected too. Can it be done remotely?
  • Securing the customer - are your websites up to it?

    • The immediate need to move to online business channels creates a host of security and monitoring challenges
    • Are existing websites scalable to securely meet additional customer demands?
    • Do you rely too heavily on a single supplier? And what about the recent security changes to browsers such as Chrome which impact existing websites?
  • Maintaining the human firewall

    • With normal security measures compromised, employees are an even more critical frontline against cyberthreats - but they're stressed, and separated from coworkers they could ask about suspicious calls or emails.
    • What can cybersecurity teams do to help their colleagues protect themselves and the business?
    • Scammers are taking advantage of the situation - does email security need to be ramped up, even if it affects productivity? Are there other solutions?
  • Protection versus business needs

    • There is a wider strategic challenge: many businesses now face an existential threat and must take rapid and extraordinary actions to survive
    • Their requests for technologies to help them do this will demand near-instant responses and extreme flexibility
    • Never has it been more important that security teams understand and enable the business
  • Securing and protecting remote employees

    • The shift to home-working amplifies the BYOD / remote security issue: unsecured data transmission, use of VPNs, employees using workarounds to achieve tasks under pressure, the security of free video and collaboration tools, and so on.
    • What are the quick fixes and the longer-term solutions?
    • What about CISOs and their teams? They need unfettered remote access to the most sensitive systems and information - are they the weakest link? How can they ensure they're not hacked?

Who Attends

Job Titles

Chief BISO
Chief Information Security Officer
Chief Information Security Officer
Chief Information Security Officer
Chief Security & Privacy Officer
CISO
CISO/CTO
Director
Director Cyber Defense & CERT
Director Data Privacy
Director Security Risk & Compliance
Director Global Security Investigations
Director Information Security
Director, CRISC
Head of Security & Governance
Head of Compliance
Head of Corporate Data Protection
Head of Cyber
Head of Cyber Security
Head of Cyber Threat Response
Manager Information Security
Head of I.T.
Head of I.T. Security
Head of Information Security
Head of Information Security
Head of Internal Audit
Head of IT / Operations
Head of IT Security
Head of IT-Security
Head of Legal Data Privacy
Head of Penetration Testing
Head of I.T. Security
Head of Security
Head of Security Management
Head PCI Compliance
VP Cyber Security & Defence
Vice President, Threat Intelligence
VP Credit & Fraud
VP Crisis & Emergency Management
ASIC Operations
BISO
Cards Security Manager
CERT
COO Data Protection Programme
Corporate Audit
Head of Methods, Projects, IT
Corporate Security Awareness Manager
Counsel, Privacy & Information Law
Country Security Officer
CTO Security & Risk
CTSO
Fraud & Risk Manager
GAMA Business Task Force
Global Head of Data Protection
Global IT - Information Security
Global IT Manager
Group Data Protection Commissioner
Group Information Security Officer
Group Lead Active Defense Center
Information Security Manager
Information Security Manager
Information Security Manager
Information Security Manager
Information Security Manager
IT Security Manager
IT Security Manager
IT Security Research Engineer
Global IT Security & Compliance
Global IT Security & Compliance
IT Spezialist, WAN und Zugang
ITM Global Information Security
Lawyer
Lawyer
Leiter Informationssicherheit CISO
Leiter Unternehmenssicherheit
Local Data Security Officer
Manager Compliance
Manager Fraud Prevention
Operational Security Officer
Partner
Partner
IT Infrastructure Vice President
Security Fraud Manager
Security Manager
Security Manager, CISSP
Senior Alliance & BD Manager
Senior Manager Internal Audit
Senior Enterprise Security Manager
Senior I.T. Auditor
Senior Information Security Manager
Senior Information Security Manager
Senior Internal Auditor
Senior IT Auditor
Senior Manager
Senior Manager, Products & Innovation
Senior Project Manager (Infocontrol)
Senior Ref NGN
Senior Researcher
Senior Risk Manager
Senior Security Consultant
Senior Security Expert
Senior Security Product Manager
Senior Security Professional
Senior Security Specialist
Senior Security Specialist
Cyber Crime Investigations
Service & Contract Manager
Software Development Engineer
Specialist Security
SR IT Security Consultant
I.T. Security & Compliance Manager
System Analyst
Systemadministrator / CISO
GAMA Business Task Force
Team manager IT Security Operations
Teamleader I.T. Infrastructure
TORM & Financial Crime

Companies

Deutsche Bank Group
Deutsche Post
GE Capital
NYSE Euronext
Vodafone
Merck & Co
Audi
Deutsche Bank Group
Deutsche Telekom
First Data Merchant Solutions
First Data Merchant Solutions
American Express
Tech Data
SAP
BT
Allianz
Otto Group
Marsh
Airbus
Deutsche Bank Group
Daimler
Hengeler Mueller
Commerzbank
Eurostar
Quipu
Nintendo
Triodos Bank
Wirecard Bank
Lanxess AG
Siemens
Deutsche Telekom
Federal Office for Information Security
Commerzbank
Bank Verlag
Six-Group
Atos
Citigroup
Elavon Merchant Services
Deutsche Telekom
Allianz
Citigroup
BP
Commerzbank
UBS
MAN SE
BMW
Vodafone
Field Fisher Waterhouse LLP
Vattenfall AB
Deutsche Bank Group
Vodafone
Sofort
Deutsche Bank Group
Allianz
Adidas
Adidas
Deutsche Lufthansa
Citigroup
Commerzbank
KfW Bankengruppe
DZ Bank
Oce
Teradata
AXA
Deutsche Bundesbank
KfW Bankengruppe
Airbus
Adidas
E.ON
BMW
Daimler
Postbank P.O.S. Transact
Osborne Clarke
RWE Group
DZ Bank
Robert Bosch
Adidas
DZ Bank
E.ON
Osborne Clarke
Baker & McKenzie LLP
Deutsche Bank Group
Q8 Kuwait Petroleum
Siemens
Vodafone
Research in Motion
Nintendo
Adidas
Commerzbank
Deutsche Post
DHL
Mondi
DHL
ThyssenKrupp AG
Deutsche Telekom
BP
Deutsche Telekom
UBS
Postbank P.O.S. Transact
BT
Deutsche Telekom
Research in Motion
Triodos Bank
Deutsche Post
Tech Data
American Express
COLT Technology Services
Nintendo
COLT Technology Services
Deutsche Bank Group
Deutsche Post
Citigroup
BNP Paribas
Deutsche Bank Group
Deutsche Bundesbank
SCOR
Santander

Industries

Banking
Communications
Electronics
Finance
Telecoms
Other
Automotive
Banking
Telecommunications
Technology
Technology
Finance
Technology
Technology
Communications
Life Insurance
Retail
Insurance
Manufacturing
Banking
Auto Manufacturing
Law Firm
Banking
Transportation
Finance
Entertainment
Banking
Banking
Real Estate
Technology
Telecommunications
Government
Banking
Banking
Finance
Technology
Finance
Finance
Telecommunications
Life Insurance
Finance
Energy
Banking
Finance
Transportation
Manufacturing
Telecoms
Law Firm
Energy
Banking
Telecoms
Other
Banking
Life Insurance
consumer products
Consumer Products
Transportation
Finance
Banking
Banking
Banking
Electronics
Technology
Life Insurance
Banking
Banking
Manufacturing
consumer products
Energy
Manufacturing
Auto Manufacturing
Banking
Law Firm
Energy
Banking
Manufacturing
consumer products
Banking
Energy
Law Firm
Law Firm
Banking
Energy
Technology
Telecoms
Technology
Entertainment
consumer products
Banking
Communications
Transportation
Other
Transportation
Law Firm
Telecommunications
Energy
Telecommunications
Finance
Banking
Communications
Telecommunications
Technology
Banking
Communications
Technology
Finance
Telecommunications
Entertainment
Telecommunications
Banking
Communications
Finance
Finance
Banking
Banking
Insurance
Banking