The 13th e-Crime & Cybersecurity Germany
18th June 2019, Munich
Securing business inside insecure states
"Illegal knowledge and technology transfer ... is a mass phenomenon," says Thomas Haldenweg, deputy president of the BfV domestic intelligence agency.
The ultimate aim of cybersecurity is to ensure that business and government maintain the ability to operate as they wish in the digital era.
For the private sector, digital autonomy means being able to rely upon the state for protected infrastructure and defence against state-to-state threats, and being able to trust that providers of digital products and services are themselves secure. This challenge is different in different sectors: securing e-Commerce for a retailer may mean a focus on mobile, while securing industrial control systems at an engineering firm or within critical infrastructure can mean a focus on peculiar legacy code and hardware.
For the public sector, security is largely a matter of ministerial-level recognition of the seriousness of the issue, and the consequent levels of investment in people and infrastructure as well as a willingness to confront large technology providers over their stance on privacy and security.
Ensuring business continuity and autonomy through the transition to a digital economy is critical, and yet too often cybersecurity is viewed as a second consideration after “business” objectives: how often does the CFO mandate a move to the Cloud on the basis of cost-cutting, without costing the loss of control, autonomy and security such a move may entail?
The challenge, then, is the prevention of core operational losses, and the defence of the foundations on which companies are built. And this is where there has often been a disconnect between traditional, siloed cybersecurity operations and companies' business and financial centres.
This disconnect is a two-way street, but it has not been helped by some of the key mantras of cybersecurity which can imply that failure is inevitable and that, no matter how much is spent, a crippling attack is certain: not the message other risk management functions routinely trumpet.
So how can companies build cybersecurity processes that focus on the most important business outcomes? How can cybersecurity integrate with existing risk management infrastructure and in what ways is it similar/different? And how can cyber professionals better understand the P&L impacts of key risks and mitigation techniques in order to better present tactical and strategic options to their boards and the leaders of their business units?
e-Crime Germany will cover these and other key subjects for its audience of professionals tasked with safeguarding digital assets and sensitive data. There will be real-life case studies, strategic talks and technical break-out sessions from security teams behind some of the world's most admired brands, who know, just like you, that security is now more important to business than ever.