From cybersecurity to cyber risk management

The 12th e-Crime & Cybersecurity Germany
23rd January 2019, Frankfurt

From cybersecurity to cyber risk management

How CISOs must move to a business-based security model


Two thirds of Germany's manufacturers have been hit by cyber-crime attacks, costing industry in Europe's largest economy some €43 billion, according to a survey published by Bitkom, Germany's IT sector association, in September.

Small and medium-sized companies, the economy's backbone, are particularly vulnerable to attacks.

This isn't simply FUD. It's a reinforcement of the fact that for companies, cyber risk is ultimately a business risk. German firms in particular are a target for well-resourced nation-state and criminal actors using cyber attacks to steal advanced manufacturing techniques and other intellectual property, as well as being the victims of less sophisticated hacks such as ransomware.

"Illegal knowledge and technology transfer ... is a mass phenomenon," says Thomas Haldenweg, deputy president of the BfV domestic intelligence agency.

And cyber risk in this context goes beyond theft: 19 percent of those polled said that their IT and production systems had been sabotaged digitally, and 11 percent reported tapping of their communications.

The challenge, then, is less the kinds of data privacy and breach issues that have made the headlines, which have serious but limited business impact, and more the prevention of core operational losses and to defend the foundations on which companies are built.

This is where there has often been a disconnect between traditional, siloed cybersecurity operations and companies' business and financial centres. This disconnect is a two-way street, but it has not been helped by some of the key mantras of cybersecurity which can imply that failure is inevitable and that, no matter how much is spent, a crippling attack is certain: not the message other risk management functions routinely trumpet.

So how can companies build cybersecurity processes that focus on the most important business outcomes? How can cybersecurity integrate with existing risk management infrastructure and in what ways is it similar/different? And how can cyber professionals better understand the P&L impacts of key risks and mitigation techniques in order to better present tactical and strategic options to their boards and the leaders of their business units?

 

e-Crime Germany will cover these and other key subjects for its audience of professionals tasked with safeguarding digital assets and sensitive data. There will be real-life case studies, strategic talks and technical break-out sessions from security teams behind some of the world's most admired brands, who know, just like you, that security is now more important to business than ever.

  • Getting the basics right

    • The British Airways hack shows that without the fundamentals, no amount of money or innovative technology is the answer: why do firms still fail at the basics?
    • Security in an outsourced IT environment: dealing with cost-cutting and old-fashioned attitudes to IT
    • The minimum viable cybersecurity process?
  • The nature of nation state actors

    • Just a few years ago, most firms were told they were not targets for nation states. How times have changed.
    • How can companies protect honest employees against increasingly sophisticated attacks?
    • What are the most commonly used attack strategies, and what are the best ways to defend against them?
    • Is the state doing enough to provide secure national digital infrastructure?
  • Cyber risk identification, measurement and management

    • Translating security vulnerabilities into realistic operational loss scenarios
    • Combining risk, cybersecurity and audit for the full picture
    • Communicating cyber risk to the business
  • Cost-effective compliance

    • GDPR and other regulatory demands are expensive: how to reduce the cost
    • Cognitive, robotic process automation and AI solutions to compliance demands
    • Outsourcing: from Cloud, to SaaS, to virtual CISO - are off-premises solutions the answer?
  • Securing specialised systems

    • SAP and other ERP implementations are attractive targets: do CISOs get involved?
    • What about treasury management, cash and risk management systems?
    • Industrial, supply chain, logistics and manufacturing: identifying and securing embedded technologies
  • AI: separating the hype from the reality

    • AI attacks based on analysis of social media are the next threat. Solutions?
    • What do vendors mean by "AI" and "machine learning" and what questions should CISOs be asking about these new products?
    • AI for devops: finding the bugs before they escape

Who attends

Job titles

Chief BISO
Chief Information Security Officer
Chief Information Security Officer
Chief Information Security Officer
Chief Security & Privacy Officer
CISO
CISO/CTO
Director
Director Cyber Defense & CERT
Director Data Privacy
Director Security Risk & Compliance
Director Global Security Investigations
Director Information Security
Director, CRISC
Head of Security & Governance
Head of Compliance
Head of Corporate Data Protection
Head of Cyber
Head of Cyber Security
Head of Cyber Threat Response
Manager Information Security
Head of I.T.
Head of I.T. Security
Head of Information Security
Head of Information Security
Head of Internal Audit
Head of IT / Operations
Head of IT Security
Head of IT-Security
Head of Legal Data Privacy
Head of Penetration Testing
Head of I.T. Security
Head of Security
Head of Security Management
Head PCI Compliance
VP Cyber Security & Defence
Vice President, Threat Intelligence
VP Credit & Fraud
VP Crisis & Emergency Management
ASIC Operations
BISO
Cards Security Manager
CERT
COO Data Protection Programme
Corporate Audit
Head of Methods, Projects, IT
Corporate Security Awareness Manager
Counsel, Privacy & Information Law
Country Security Officer
CTO Security & Risk
CTSO
Fraud & Risk Manager
GAMA Business Task Force
Global Head of Data Protection
Global IT - Information Security
Global IT Manager
Group Data Protection Commissioner
Group Information Security Officer
Group Lead Active Defense Center
Information Security Manager
Information Security Manager
Information Security Manager
Information Security Manager
Information Security Manager
IT Security Manager
IT Security Manager
IT Security Research Engineer
Global IT Security & Compliance
Global IT Security & Compliance
IT Spezialist, WAN und Zugang
ITM Global Information Security
Lawyer
Lawyer
Leiter Informationssicherheit CISO
Leiter Unternehmenssicherheit
Local Data Security Officer
Manager Compliance
Manager Fraud Prevention
Operational Security Officer
Partner
Partner
IT Infrastructure Vice President
Security Fraud Manager
Security Manager
Security Manager, CISSP
Senior Alliance & BD Manager
Senior Manager Internal Audit
Senior Enterprise Security Manager
Senior I.T. Auditor
Senior Information Security Manager
Senior Information Security Manager
Senior Internal Auditor
Senior IT Auditor
Senior Manager
Senior Manager, Products & Innovation
Senior Project Manager (Infocontrol)
Senior Ref NGN
Senior Researcher
Senior Risk Manager
Senior Security Consultant
Senior Security Expert
Senior Security Product Manager
Senior Security Professional
Senior Security Specialist
Senior Security Specialist
Cyber Crime Investigations
Service & Contract Manager
Software Development Engineer
Specialist Security
SR IT Security Consultant
I.T. Security & Compliance Manager
System Analyst
Systemadministrator / CISO
GAMA Business Task Force
Team manager IT Security Operations
Teamleader I.T. Infrastructure
TORM & Financial Crime

Companies

Deutsche Bank Group
Deutsche Post
GE Capital
NYSE Euronext
Vodafone
Merck & Co
Audi
Deutsche Bank Group
Deutsche Telekom
First Data Merchant Solutions
First Data Merchant Solutions
American Express
Tech Data
SAP
BT
Allianz
Otto Group
Marsh
Airbus
Deutsche Bank Group
Daimler
Hengeler Mueller
Commerzbank
Eurostar
Quipu
Nintendo
Triodos Bank
Wirecard Bank
Lanxess AG
Siemens
Deutsche Telekom
Federal Office for Information Security
Commerzbank
Bank Verlag
Six-Group
Atos
Citigroup
Elavon Merchant Services
Deutsche Telekom
Allianz
Citigroup
BP
Commerzbank
UBS
MAN SE
BMW
Vodafone
Field Fisher Waterhouse LLP
Vattenfall AB
Deutsche Bank Group
Vodafone
Sofort
Deutsche Bank Group
Allianz
Adidas
Adidas
Deutsche Lufthansa
Citigroup
Commerzbank
KfW Bankengruppe
DZ Bank
Oce
Teradata
AXA
Deutsche Bundesbank
KfW Bankengruppe
Airbus
Adidas
E.ON
BMW
Daimler
Postbank P.O.S. Transact
Osborne Clarke
RWE Group
DZ Bank
Robert Bosch
Adidas
DZ Bank
E.ON
Osborne Clarke
Baker & McKenzie LLP
Deutsche Bank Group
Q8 Kuwait Petroleum
Siemens
Vodafone
Research in Motion
Nintendo
Adidas
Commerzbank
Deutsche Post
DHL
Mondi
DHL
ThyssenKrupp AG
Deutsche Telekom
BP
Deutsche Telekom
UBS
Postbank P.O.S. Transact
BT
Deutsche Telekom
Research in Motion
Triodos Bank
Deutsche Post
Tech Data
American Express
COLT Technology Services
Nintendo
COLT Technology Services
Deutsche Bank Group
Deutsche Post
Citigroup
BNP Paribas
Deutsche Bank Group
Deutsche Bundesbank
SCOR
Santander

Industries

Banking
Communications
Electronics
Finance
Telecoms
Other
Automotive
Banking
Telecommunications
Technology
Technology
Finance
Technology
Technology
Communications
Life Insurance
Retail
Insurance
Manufacturing
Banking
Auto Manufacturing
Law Firm
Banking
Transportation
Finance
Entertainment
Banking
Banking
Real Estate
Technology
Telecommunications
Government
Banking
Banking
Finance
Technology
Finance
Finance
Telecommunications
Life Insurance
Finance
Energy
Banking
Finance
Transportation
Manufacturing
Telecoms
Law Firm
Energy
Banking
Telecoms
Other
Banking
Life Insurance
consumer products
Consumer Products
Transportation
Finance
Banking
Banking
Banking
Electronics
Technology
Life Insurance
Banking
Banking
Manufacturing
consumer products
Energy
Manufacturing
Auto Manufacturing
Banking
Law Firm
Energy
Banking
Manufacturing
consumer products
Banking
Energy
Law Firm
Law Firm
Banking
Energy
Technology
Telecoms
Technology
Entertainment
consumer products
Banking
Communications
Transportation
Other
Transportation
Law Firm
Telecommunications
Energy
Telecommunications
Finance
Banking
Communications
Telecommunications
Technology
Banking
Communications
Technology
Finance
Telecommunications
Entertainment
Telecommunications
Banking
Communications
Finance
Finance
Banking
Banking
Insurance
Banking


Venue

Steigenberger Frankfurter Hof

Location: 

Steigenberger Frankfurter Hof

Am Kaiserplatz 
(GPS input: Bethmannstraße 33)
60311 Frankfurt am Main
Germany

Telephone: +49 69 215-02

Directions: 

Please click here