Agenda

Presentations already confirmed include:


► FIFA World Cup 2022 and Privacy

Imran Chowdhury, Global Data Protection Officer, Al Jazeera Media Network

  • Millions of fans are expected to visit Qatar during the FIFA World Cup. With global Privacy regulations on the rise, how do organizations in Qatar stay compliant?
  • What are the main accountabilities organizations should focus on?
  • Is complying with FIFA Cybersecurity Framework enough to stay compliant?

► Closing the cybersecurity skills gap

Shaik Abdulkhader, CISO for Leading Energy Company in Qatar

In the new digital world, our livelihoods are more getting more dependent and digital than ever before. Our critical resources, including public services, healthcare, energy, and transportation are all online. And threat actors know this; taking down a large supply chain or critical power grid can cause significantly more chaos than cyber-attacks of the past. By creating a sustainable pipeline of cybersecurity talent we might change the world.

  • Introduction – Cybersecurity skills
  • Widening cybersecurity skills gap
  • Challenges in cultivating the Cybersecurity Talent
  • Global response & solutions

► European approach to data protection, lessons learned after 4 years of GDPR

Maarten Stassen​​, Partner - Lawyer, Crowell & Moring LLP

On 25 May 2022, we will celebrated the fourth birthday of the General Data Protection Regulation (GDPR).

During this session we will discuss the following topics:

  •  What has happened since May 25, 2018?
  • How to manage GDPR in an international environment?
  • European enforcement: should international companies be worried?
  • How did our digital lives change?
  • Is European data now truly better protected than before? 

► Security Enhancements for 5G Wireless Networks

Dr. Maode Ma, Research Professor, Qatar University

  • Introduction to 5G Wireless Network Architecture
  • Vulnerability and Threats in the space
  • Motivation to secure
  • Examples of Enhancement
  • Open Research Issues
  • Conclusion

► If humans are the problem, is AI/ML the answer?

Radhakrishnan M, Innovation Lead / Chief Technology Advisor, Chapter Lead - Government Blockchain Association, Qatar

  • Can AI solve the problem of social engineering or does it make it worse?
  • What do current ML security solutions do (and what don’t they do?)
  • Is there any true AI in cybersecurity today?
  • The problem of AI-based attacks

► Role of Security Operation Center (SOC) during cyber attacks

Davar Dattawala, Cybersecurity CD Manager, Ooredoo

  • SOC is the backbone of your cyber security program
  • Importance of onboarding of assets in SIEM
  • Role of "Use Case" and "Fine-Tuning" leading to True positive incidents
  • Incident Responder and Forensics during and after the cyber attack

► Building a Human Firewall

Sirajhusen Modi, System Sec Head, Al Meera Consumer Goods

  • How to strengthen our Human Firewall: User awareness and what tools to use
  • Give training to weakest group of people
  • Hiring process -  what is important

► Losing control of the digital landscape 

Simon Brady, Managing Editor, AKJ Associates Ltd

  • Proper security regulations - too little, too late?
  • Boards and cyber - talk versus walk
  • Basic cyber hygiene is impossible - discuss
  • Security tech isn’t for you it’s for them 

Panel: Does the blockchain create more security headaches than it solves?

Prof. Dr. Roberto Di Pietro (Moderator), Professor of Cybersecurity, HBKU College of Science and Engineering; Radhakrishnan M, Innovation Lead / Chief Technology Advisor, Chapter Lead - Government Blockchain Association, Qatar; Giorgio Torre, Project Manager, Leading Consulting Firm; Hani Al Khatib, Card Payments Expert, Leading Bank in Qatar

  • Are cryptocurrencies just a distraction?
  • Are blockchains really more secure?
  • Security in public versus private ledgers
  • Cybersecurity in a blockchain-dominated world

► Is XDR your must-have cybersecurity solution?

Mohamed Ismail Niyaz, Cloud Architect, Secureworks

Extended detection and response (XDR) delivers visibility into data across networks, clouds, endpoints, and applications while applying intelligence, analytics and automation to detect, analyze, hunt, and remediate today's and tomorrow's threats. In this session learn:

  • What to consider in an XDR framework?
  • The best XDR Strategic approach
  • How to improve security operations productivity?
  • Precision Threat detection and Immediate Response

► Zero Trust: Getting Least Privilege Right, Finally

Michael Byrnes – Director of Solutions Engineering iMEA, BeyondTrust

  • What is behind the concept of Zero Trust 
  • The goals of Zero Trust
  • Roadblocks to Zero Trust (legacy architectures and technologies)
  • How Privileged Access Management aligns with and enables Zero Trust

Education seminars


How AI based ‘Threat Detection & Response’ finds and stops Ransomware


Abdullrazaq Zahran, Security Engineering Manager | META, Vectra AI

Cybercriminals are always looking for easy targets and opportunities to steal personal information. With no application, network, or data centre being invulnerable, decision-makers often harbour a false sense of security about their ability to fend off hackers—especially when they’re not armed with the necessary tools to succeed.

During our presentation we will cover:

  • How prepared your organisation is to detect and respond to a ransomware attack
  • What approaches other organisations are taking to stop ransomware gangs
  • How to detect and respond to Ransomware before it impacts you

Incident Response in the Age of Ransomware and Data Protection


Kapil Matta, Regional Manager, Enterprise - MEA, Malwarebytes

Recent Trends – Current Industry situation and ransomware NIST Framework and Ransomware Incident Response Automation Lever for next gen SOC Malwarebytes Value Proposition

Key Take Aways:
 

  • Specific Pre Attack events that indicate behaviour of ransomware in your environment
  • Incident Response Strategy to clean your environment on an ongoing basis - Automated/Orchestrated.
  • Organisations standing on NIST Cyber Security Capability Maturity Model
  • NIST Framework best practices to prevent ransomware

OFFENSIVE AND CONTINUOUS SECURITY TESTING - the emerging standard beyond traditional Penetration Testing


Ron Peeters, Vice President Middle East/Emerging Markets, Synack

Increasingly sophisticated cyber attacks can easily exploit serious Vulnerabilities in live systems that you are not aware of TODAY, are not found with the common vulnerability scanning tools and neither by traditional Penetration Testing. Hence the need for a new, next generation approach of Offensive Security testing that better mimics and preempts malicious attack behavior.

In this session you’ll learn:

  • Why the current model of compliance-based penetration testing is increasingly ineffective and obsolete.
  • Which exploitable vulnerabilities are missed the most and cause the greatest concern.
  • How a model combining highly skilled security researchers (with a hacker mindset) deployed in large Cohorts provides the necessary critical mass.
  • Several customer examples in the Middle East benchmarking the advantage of Offensive Security Testing.

Cybersecurity Automation in SecOps


Karthik Ananda Rao, Chief Technical Evangelist, ManageEngine 

In this presentation, we will demonstrate on how SecOps can help regulate an organization's cybersecurity risk exposure by incorporating SOAR and SOC technologies. This automation of cybersecurity processes helps to prioritize, detect and respond to threats effectively by regulating business operations from password management to endpoint and data security.

  • Seamlessly collaborate between IT security and IT operations
  • Automate crucial security tasks, reduce cybersecurity risk and improve agility
  • Create a centralized function by continuously monitoring and improving security infrastructure
  • Detect anomalies and report on any unusual activity by UEBA

Regain control of your access with WALLIX PAM4ALL


Afi Hashim, Regional Manager, Middle East, Turkey & India & Danish Khan, Presales Manager, Wallix

Remote workforce, migration to the cloud, equipment multiplication, and new digital uses are leading to an explosion in the number and type of access to companies' critical assets. Face this challenge with PAM4ALL, the Unified Privilege Management solution that enables you to easily secure, control, and manage all your access. During this session, discover how WALLIX can help you reduce your threatscape by treating every user as a privileged user while keeping simplicity at the administration level.

During this session, you will discover:

  • How to prevent credentials theft from external attacks
  • How to stop lateral & vertical movement
  • How to prevent privilege escalation and insider threat
  • How to control third party access
  • How to meet audit and compliance requirements