Agenda

08:00 - 08:50 GST

Registration and Breakfast Networking 
08:50 - 09:00 GST

Chairman's Welcome
09:00 - 09:20 GST

► Combating e-frauds in the Banking Industry

Reema Tewari, Regional Head, Risk & Governance, Technology & Operations, Africa & Middle East, Standard Chartered Bank & Rahul Mathur, Regional Head, Business Risk Management, CPBB (Consumer, Private & Business Banking), AMEE, Standard Chartered Bank

  • Types of e-frauds
  • Current Trends
  • Mitigating Actions

 
09:20 - 09:40 GST

► Why your MFA Will not keep the bad guys out

Chris Robins, Senior Sales Engineer, EMEA, Beyond Identity

  • MFA Requirements Have Changed
  • Cybercriminals have become more sophisticated in their attacks, and traditional MFA that relies on passwords and other weak factors can’t keep up
  • Remote working has expanded and rapid cloud adoption demands that companies ensure the identity of the user behind every device, and assess the level of risk before access
  • Unlike traditional MFA, Beyond Identity can protect your data from advanced attacks
  • Traditional MFA relies on weak factors like passwords and one-time codes. Beyond Identity eliminates passwords and only uses strong factors like asymmetric cryptography and biometrics to protect your organization from phishing, ransomware attacks, and other password-based attacks
09:40 - 10:00 GST

How to Disrupt Adversaries With Security Intelligence

Nagaraj Hebbar, Senior Sales Engineer, META, Recorded Future

  • Proactively Detect and Validate Threats
  • Monitor Threats to Your Tech Stack
  • Investigate the Dark Web
  • Conduct Advanced Threat Research and Reporting
10:00 - 10:20 GST

► How to start your third-party software security journey

Goutam Pudota, Global Head of Information Security, IFFCO Group

  • Introduction to Third-party security risk management
  • Key Challenges
  • Considerations for provides and consumers
  • Assessing and establishing third-party software security program
  • Key Benefits
10:20 - 11:00 GST

 Education Seminar Session 1

Delegates will be able to choose from the following education seminars:

  • Adaptive Email Security Architecture: Moving from Incident Response to Continuous Response - Kamel Tamimi, Director of sales Engineering, Cofense
  • Leveraging key management and automation to secure your public and hybrid clouds - Simon Taylor, Channel Manager Middle East and Africa, Entrust
  • Back to basics: How to detect, fix and prevent misconfigurations across your hybrid environment - Amr Ahmed, Senior Sales Engineer, EMEA, FireMon & Amr El-Hatter, Regional Sales Manager, EMEA, FireMon
  • Incident Response in the Age of Ransomware and Data Protection, Kapil Matta, Regional Manager, Enterprise - MEA, Malwarebytes
11:00 - 11:30 GST

Networking and refreshments
11:30 - 11:50 GST

► Bridging the cybersecurity skills gap

Siham Benhamidouche, Cybersecurity Officer for Middle East and Africa, Schneider Electrics

  • Hiring and retaining the best
  • Re-skilling and finding internal talent
  • How to use technology and automation to fill gaps
11:50 - 12:10 GST

► Do you Know What Information Your APIs are Leaking?

Jason Kent, Hacker in Residence, Cequence Security

Attend this session to fully understand the API security risks your organization faces. Topics include:

  • Security risks associated with the increased use of health monitoring APIs, API specifications, and GraphQL.
  • Compliance and governance risks related to APIs that may inadvertently expose sensitive data.
  • Why APIs used to facilitate account login/registration and inventory lookups are more susceptible to automated attacks.
12:10 - 12:30 GST

► OFFENSIVE AND CONTINUOUS SECURITY TESTING - the emerging standard beyond traditional Penetration Testing

Ron Peeters, Vice President Middle East and Emerging Markets, Synack

In this session you’ll learn:

  • Why the current model of compliance-based penetration testing is increasingly ineffective and obsolete.
  • Which exploitable vulnerabilities are missed the most and cause the greatest concern.
  • How a model combining highly skilled security researchers (with a hacker mindset) deployed in large Cohorts provides the necessary critical mass.
  • Several customer examples in the Middle East benchmarking the advantage of Offensive Security Testing.
12:30 - 12:50 GST
► Securing Crypto Organisations
 
Andrew Morfill, CISO, Komainu 
  • Why securing not just the keys is fundamental to asset security
  • The importance of a holistic approach to security
  • Attacker techniques remain similar to other industries with exfiltration the key differentiator
 
12:50 - 13:30 GST

► Education Seminar Session 2

Delegates will be able to choose from the following education seminars:

  • Closing The Digital Transformation Gap with Zero Trust - Mohamed Eissa, Sales Director, META & Hani Zeini, Senior Technical Sales Consultant, Entrust
  • The Dynamic Shift in Digital World - Karthik Anandarao, Chief Technical Evangelist, ManageEngine
  • How AI based ‘Threat Detection & Response’ finds and stops Ransomware - Rabih Itani, Country Manager, United Arab Emirates, Vectra AI
13:30 - 14:30 GST

Lunch and Networking 
14:30 - 14:50 GST

► Apprenticeships & Talent Development within Cyber

Craig McEwen, Group CISO, Anglo American

 
14:50 - 15:10 GST

► Building security from DevOps to SecDevOps

Anoop Paudval, Information Security Manager, Gulf News

  • Succeeding with SecDevOps: the challenges
  • Planning the transition from DevOps to SecDevOps
  • Achieving sustainability with reduced operational cost, risk and improved performance.
  • Lessons from the process
15:10 - 15:30 GST

► Trusted Computing and its application in fighting e-Crime

Dr Ian Oliver, Technical Staff (Cybersecurity), Nokia Bell Labs

  • The shift from malware to Supply chain attacks in the domain of ‘nation state actors’. 
  • How effective is TPM 2.0 in addressing these attacks.
  • Higher level services and integrating technology into IoT, Edge Cloud and communications.
  • Case studies from safety critical domains such as medical and railway systems. 
15:30 - 15:50 GST
Networking and Refreshments 
15:50 - 16:20 GST

► Panel: Resilience versus security – creating a new mindset

Craig McEwen, Group CISO, Anglo American; Mohammad Faheem, Cyber Security Lead, Chalhoub Group; Hadinur Hora Imlani, Head of IT Innovation, Index Exchange; Andrew Morfill, CISO, Komainu

  • Is resilience just another name for incident response?
  • What resource shifts does resilience require?
  • Testing and measuring cyber-resilience
16:20 - 16:40 GST

► Winning the Cybersecurity Communication Battle

Luqman Kondeth, Director Campus Technology Security, NYUAD

This talk will present essential communication ideas for CISOs & security professionals to change this perception and achieve buy-in from stakeholders.

  • Discussing technical backgrounds that may hamper the successful communication of Cybersecurity programs to stakeholders such as end users, peers, management or the executive.
  • How poor program participation can negatively affect management sponsorship and ultimately the success of the CISO & the security professional
  • Conclusion

 

 
16:40 - 17:00 GST

► PCI SSC 2022 update

Jeremy King, Regional Head for Europe at PCI Security Standards Council

  • Current status of the PCI DSS V4.0 and the release timescale
  • Updates on other PCI Standards:
    • Software Security Framework
    • Point to Point Encryption
    • Mobile Payments
  • Remote Assessments
17:00 - 17:05 GST

Chariman's Closing Remarks 
17:05 GST

 Conference Close

Education seminars


How AI based ‘Threat Detection & Response’ finds and stops Ransomware


Rabih Itani, Country Manager, United Arab Emirates, Vectra AI

Cybercriminals are always looking for easy targets and opportunities to steal personal information. With no application, network, or data centre being invulnerable, decision-makers often harbour a false sense of security about their ability to fend off hackers—especially when they’re not armed with the necessary tools to succeed.

During our presentation we will cover:

  • How prepared your organisation is to detect and respond to a ransomware attack
  • What approaches other organisations are taking to stop ransomware gangs
  • How to detect and respond to Ransomware before it impacts you

Back to basics. How to detect, fix and prevent misconfigurations across your hybrid environment.


Amr Ahmed, Senior Sales Engineer, EMEA, FireMon & Amr El-Hatter, Regional Sales Manager, EMEA, FireMon

The world has changed. And so have our networks. Over the past two years, organisations have had to accelerate their digital transformation projects due to a newly distributed workforce.

As a result, many organisations are now operating a hybrid network. but are those networks really secure?

Misconfigurations are the #1 cause for firewall/cloud security group breaches, and according to Gartner by 2023, 99% of firewall breaches will be because of misconfigurations.

Join us as we explore how you can tackle this challenge head on.

This session will cover:

  • The security risks brought on by a hybrid environment
  • The Triple C approach: Detecting, fixing and preventing misconfigurations with compliance, change and clean up
  • Enforced compliance: How you can completely eliminate misconfigurations for good, and stay risk & fine free.

Closing The Digital Transformation Gap with Zero Trust


Mohamed Eissa, Sales Director, META & Hani Zeini, Senior Technical Sales Consultant, Entrust

Since the start of the pandemic, IT teams were forced to improvise, experiment, and accelerate the pace of digital transformation. As most people were forced to work from home, hackers increased their activity and ferocity to match. The impact of these threats is staggering. In this seminar, we will discuss how enterprises can close the digital transformation gap with Zero Trust to ensure stronger security for critical assets and create a line of defense against costly breaches.

 Join this session as we will cover:

  • Securing the new enterprise reality
  • How to align Zero Trust with the digital transformation of enterprises
  • Simplify security for your IT teams

Leveraging key management and automation to secure your public and hybrid clouds


Simon Taylor, Channel Manager Middle East and Africa, Entrust

When migrating from on-premises to the cloud you want to maximise the control of your cryptographic keys. Sure you can use the native keys provided by the CSP for less critical applications, but for high assurance use cases wouldn’t it more reassuring if you knew the provenance of those keys - controlling exactly where and how your keys have been created. Join this session to:

  • hear how you can own and control your keys, whilst automating the key management process from inception through to retirement
  • discover how to scale the management of tens of thousands of encryption keys, for workloads that are even hosted on different platforms
  • learn how to improve the overall security posture of your organisation

Adaptive Email Security Architecture: Moving From Incident Response to Continuous Response


Alaa Abu Gharbieh, Regional Sales Manager – META, Cofense

With so much focus on cyberattack prevention, many security teams have adopted an incident response mindset versus one that assumes systems are compromised and require continuous monitoring and remediation.

Join us for this informative session that walks through the benefits of implementing an adaptive security architecture and risk framework, and how to classify your existing and potential email security investments to increase your security posture while reducing costs, vendors, and configuration complexity.

This session will cover:

  • What is Adaptive security architecture
  • Objectives of adaptive security architecture
  • Risk framework
  • The current situation in email and phishing security
  • Implementing adaptive security architecture and risk framework with Cofense

Incident Response in the Age of Ransomware and Data Protection


Ayoub Jaaouani, Sales Engineer - MEA, Malwarebytes

Recent Trends – Current Industry situation and ransomware NIST Framework and Ransomware Incident Response Automation Lever for next gen SOC Malwarebytes Value Proposition

Key Take Aways:

  • Specific Pre Attack events that indicate behaviour of ransomware in your environment
  • Incident Response Strategy to clean your environment on an ongoing basis - Automated/Orchestrated.
  • Organisations standing on NIST Cyber Security Capability Maturity Model
  • NIST Framework best practices to prevent ransomware

Dynamic shift in the Digital World.


Mr A Karthik, Chief Technical Evangelist, ManageEngine

  • Trends to look out for an agile and resilient IT for business
  • How do these trends impact your business and growth?
  • What factors to consider while choosing a software vendor that deals with these trends?