Agenda

08:00 - 08:50

Registration and Networking Break

08:50 - 09:00

Chairman's Welcome

09:00 - 09:40

► Closing the cybersecurity skills gap

Shaik Abdulkhader, former CISO, leading energy company in Qatar

In the new digital world, our livelihoods are more getting more dependent and digital than ever before. Our critical resources, including public services, healthcare, energy, and transportation are all online. And threat actors know this; taking down a large supply chain or critical power grid can cause significantly more chaos than cyber-attacks of the past. By creating a sustainable pipeline of cybersecurity talent we might change the world.

  • Defining cybersecurity skills
  • Bridging the widening cybersecurity skills gap
  • How to cultivating cybersecurity talent
  • Lessons from the global response 
09:40 - 10:20

► Critical Infrastructure Protection

Sertan Selcuk, Regional Sales Director, META, OPSWAT

How can file transfers be secured across the entire enterprise, especially between uncontrolled devices? Sertan Selcuk will explain how to secure files transfer into, across, and out of secure environments to avoid malware and/or data breach.

  • Breach Prevention with Multiscanning
  • Cybersecurity Compliance
  • Digital Perimeter Control with Automated Device Blocking
  • Secure File Transfer with Automated Media Blocking
10:20 - 10:50

Networking Break and Refreshments

10:50 - 11:10

► FIFA World Cup 2022 and Privacy

Imran Chowdhury, Global Data Protection Officer, Al Jazeera Media Network

  • Millions of fans are expected to visit Qatar during the FIFA World Cup. With global privacy regulations on the rise, how do organizations in Qatar stay compliant?
  • What are the main accountabilities organizations should focus on?
  • Is complying with FIFA Cybersecurity Framework enough to stay compliant?
11:10 - 11:30

► Is XDR your must-have cybersecurity solution?

Paul John, Cloud Architect, Secureworks

Extended detection and response (XDR) delivers visibility into data across networks, clouds, endpoints, and applications while applying intelligence, analytics and automation to detect, analyze, hunt, and remediate today's and tomorrow's threats. In this session learn:

  • What to consider in an XDR framework?
  • The best XDR Strategic approach
  • How to improve security operations productivity?
  • Precision Threat detection and Immediate Response
11:30 - 12:10

► Offensive and Continuous Security Testing - the emerging standard beyond traditional Penetration Testing

Ron Peeters, Vice President Middle East/Emerging Markets, Synack

Increasingly sophisticated cyber attacks can easily exploit serious Vulnerabilities in live systems that you are not aware of TODAY, are not found with the common vulnerability scanning tools and neither by traditional Penetration Testing. Hence the need for a new, next generation approach of Offensive Security testing that better mimics and preempts malicious attack behavior.

In this session you’ll learn:

  • Why the current model of compliance-based penetration testing is increasingly ineffective and obsolete.
  • Which exploitable vulnerabilities are missed the most and cause the greatest concern.
  • How a model combining highly skilled security researchers (with a hacker mindset) deployed in large Cohorts provides the necessary critical mass.
  • Several customer examples in the Middle East benchmarking the advantage of Offensive Security Testing.
12:10 - 12:30

Networking Break and Refreshments

12:30 - 12:50

► Role of Security Operation Center (SOC) during cyber attacks

Davar Dattawala, Senior Analyst Customer Delivery, Ooredoo

  • Importance of onboarding of assets in SIEM
  • Role of "Use Case" and "Fine-Tuning" in generating true positives
  • Incident responder and forensics during and after cyber attacks
12:50 - 13:30

► Infinity War: Continuous Use of Infinite Insights to Detect Attacks and Stop Breaches

Parthi Sankar CISSP, Technical Director N.Europe, Anomali

Learn how The Anomali Platform uses big data management, machine learning, and the world’s largest intelligence repository in order to:

  • Automatically and continuously correlate ALL security telemetry against active threat intelligence
  • Enable organizations to understand what’s happening inside and outside their network to stop breaches. 
  • See how Anomali ties attack infrastructure to Threat Actors, Campaigns and MITRE ATT&CK® to predict and stem the next attack.

 

13:30 - 14:20

Networking and Lunch Break

14:20 - 14:40

► Security Enhancements for 5G Wireless Networks

Dr. Maode Ma, Research Professor, Qatar University

  • 5G wireless network architecture – the issues
  • Identifying vulnerabilitess and threats in this infrastructure
  • How 5G security issues impact CISOs
14:40 - 15:00

► Zero Trust: Getting Least Privilege Right, Finally

Layale Hachem, Senior Solutions Engineer, BeyondTrust

  • What is behind the concept of Zero Trust 
  • The goals of Zero Trust
  • Roadblocks to Zero Trust (legacy architectures and technologies)
  • How Privileged Access Management aligns with and enables Zero Trust
15:00 - 15:40

► Adaptive Email Security Architecture: Moving from Incident Response to Continuous Response

Alaa Abu Gharbieh, Regional Sales Manager – META, Cofense

With so much focus on cyberattack prevention, many security teams have adopted an incident response mindset versus one that assumes systems are compromised and require continuous monitoring and remediation.

Join us for this informative session that walks through the benefits of implementing an adaptive security architecture and risk framework, and how to classify your existing and potential email security investments to increase your security posture while reducing costs, vendors, and configuration complexity.

This session will cover:

  • What is Adaptive security architecture
  • Objectives of adaptive security architecture
  • Risk framework
  • The current situation in email and phishing security
  • Implementing adaptive security architecture and risk framework with Cofense
15:40 - 16:00

Networking Break and Refreshments

16:00 - 16:20

Panel: Does the blockchain create more security headaches than it solves?

Prof. Dr. Roberto Di Pietro (Moderator), Professor of Cybersecurity, HBKU College of Science and Engineering; Giorgio Torre, Project Manager, Leading Consulting Firm; Hani Al Khatib, Card Payments Expert, Leading Bank in Qatar

  • Are cryptocurrencies just a distraction?
  • Are blockchains really more secure?
  • Security in public versus private ledgers
  • Cybersecurity in a blockchain-dominated world
16:20 - 16:40

► Building a Human Firewall

Sirajhusen Modi, System Sec Head, Al Meera Consumer Goods

  • How to strengthen our Human Firewall: user awareness and what tools to use
  • Give training to weakest group of people
  • The hiring process – what is important?
16:40 - 17:00

► European approach to data protection, lessons learned after 4 years of GDPR

Maarten Stassen​​, Partner - Lawyer, Crowell & Moring LLP

On 25 May 2022, we will celebrate the fourth birthday of the General Data Protection Regulation (GDPR).

During this session we will discuss the following topics:

  • What has happened since May 25, 2018?
  • How to manage GDPR in an international environment?
  • European enforcement: should international companies be worried?
  • Is European data now truly better protected than before? 
17:00

Conference Close

Education seminars


How AI based ‘Threat Detection & Response’ finds and stops Ransomware


Abdullrazaq Zahran, Security Engineering Manager | META, Vectra AI

Cybercriminals are always looking for easy targets and opportunities to steal personal information. With no application, network, or data centre being invulnerable, decision-makers often harbour a false sense of security about their ability to fend off hackers—especially when they’re not armed with the necessary tools to succeed.

During our presentation we will cover:

  • How prepared your organisation is to detect and respond to a ransomware attack
  • What approaches other organisations are taking to stop ransomware gangs
  • How to detect and respond to Ransomware before it impacts you

Incident Response in the Age of Ransomware and Data Protection


Ayoub Jaaouani, Sales Engineer - MEA, Malwarebytes

Recent Trends – Current Industry situation and ransomware NIST Framework and Ransomware Incident Response Automation Lever for next gen SOC Malwarebytes Value Proposition

Key Take Aways:

  • Specific Pre Attack events that indicate behaviour of ransomware in your environment
  • Incident Response Strategy to clean your environment on an ongoing basis - Automated/Orchestrated.
  • Organisations standing on NIST Cyber Security Capability Maturity Model
  • NIST Framework best practices to prevent ransomware

OFFENSIVE AND CONTINUOUS SECURITY TESTING - the emerging standard beyond traditional Penetration Testing


Ron Peeters, Vice President Middle East/Emerging Markets, Synack

Increasingly sophisticated cyber attacks can easily exploit serious Vulnerabilities in live systems that you are not aware of TODAY, are not found with the common vulnerability scanning tools and neither by traditional Penetration Testing. Hence the need for a new, next generation approach of Offensive Security testing that better mimics and preempts malicious attack behavior.

In this session you’ll learn:

  • Why the current model of compliance-based penetration testing is increasingly ineffective and obsolete.
  • Which exploitable vulnerabilities are missed the most and cause the greatest concern.
  • How a model combining highly skilled security researchers (with a hacker mindset) deployed in large Cohorts provides the necessary critical mass.
  • Several customer examples in the Middle East benchmarking the advantage of Offensive Security Testing.

Cybersecurity Automation in SecOps


Karthik Ananda Rao, Chief Technical Evangelist, ManageEngine 

In this presentation, we will demonstrate on how SecOps can help regulate an organization's cybersecurity risk exposure by incorporating SOAR and SOC technologies. This automation of cybersecurity processes helps to prioritize, detect and respond to threats effectively by regulating business operations from password management to endpoint and data security.

  • Seamlessly collaborate between IT security and IT operations
  • Automate crucial security tasks, reduce cybersecurity risk and improve agility
  • Create a centralized function by continuously monitoring and improving security infrastructure
  • Detect anomalies and report on any unusual activity by UEBA

Regain control of your access with WALLIX PAM4ALL


Afi Hashim, Regional Manager, Middle East, Turkey & India & Danish Khan, Presales Manager, Wallix

Remote workforce, migration to the cloud, equipment multiplication, and new digital uses are leading to an explosion in the number and type of access to companies' critical assets. Face this challenge with PAM4ALL, the Unified Privilege Management solution that enables you to easily secure, control, and manage all your access. During this session, discover how WALLIX can help you reduce your threatscape by treating every user as a privileged user while keeping simplicity at the administration level.

During this session, you will discover:

  • How to prevent credentials theft from external attacks
  • How to stop lateral & vertical movement
  • How to prevent privilege escalation and insider threat
  • How to control third party access
  • How to meet audit and compliance requirements

Infinity War: Continuous Use of Infinite Insights to Detect Attacks and Stop Breaches


Parthi Sankar CISSP, Technical Director N.Europe, Anomali

Learn how The Anomali Platform uses big data management, machine learning, and the world’s largest intelligence repository in order to:

  • Automatically and continuously correlate ALL security telemetry against active threat intelligence
  • Enable organizations to understand what’s happening inside and outside their network to stop breaches. 
  • See how Anomali ties attack infrastructure to Threat Actors, Campaigns and MITRE ATT&CK® to predict and stem the next attack.

Adaptive Email Security Architecture: Moving from Incident Response to Continuous Response


Alaa Abu Gharbieh, Regional Sales Manager – META, Cofense

With so much focus on cyberattack prevention, many security teams have adopted an incident response mindset versus one that assumes systems are compromised and require continuous monitoring and remediation.

Join us for this informative session that walks through the benefits of implementing an adaptive security architecture and risk framework, and how to classify your existing and potential email security investments to increase your security posture while reducing costs, vendors, and configuration complexity.

This session will cover:

  • What is Adaptive security architecture
  • Objectives of adaptive security architecture
  • Risk framework
  • The current situation in email and phishing security
  • Implementing adaptive security architecture and risk framework with Cofense

Critical Infrastructure Protection by OPSWAT


Sertan Selcuk, Regional Sales Director, META, OPSWAT

How can file transfers be secured across the entire enterprise, especially between uncontrolled devices? Sertan Selcuk, META Regional Sales Director at OPSWAT will explain how to secure files transfer into, across, and out of secure environments to avoid malware and/or data breach.

  • Breach Prevention with Multiscanning
  • Cybersecurity Compliance
  • Digital Perimeter Control with Automated Device Blocking
  • Secure File Transfer with Automated Media Blocking