Agenda
08:00 - 08:50 |
Registration and Networking |
08:50 - 09:00 |
Chairman's Welcome |
09:00 - 09:20 |
► Back to basics: security in an increasingly connected world Bassel Assah, Head of InfoSec and Business Continuity, Bankmed
|
09:20 - 09:40 |
► Q42020 Malware Trends: Year Punctuated by Ransomware and Data Breaches Nour Fateen, Presales Manager, UKI & META, Recorded Future
|
09:40 - 10:00 |
► CISOs, Complexity, Containment (and other C-words) Thom Langford, Security Advocate, SentinelOne
|
10:00 - 10:20 |
► Coping with Complexity: Building security into your E-commerce journey Mohammad Faheem, Cyber Security Lead, Chalhoub Group
|
10:20 - 10:50 |
► Education Seminars Session 1 Delegates will be able to choose from the following education seminars:
|
10:50 - 11:20 |
Networking break |
11:20 - 11:40 |
► From Technologist to Risk Manager: Changing the Cybersecurity Mindset Roland Abi Najem, Cyber Security Consultant & Instructor, American University of Science & Technology
|
11:40 - 12:00 |
► Lock the doors before profiling the burglar Trevor Dearing, Technology Director, EMEA, Illumio
|
12:00 - 12:20 |
► PAM: Foundational Security For Business Transformation Michael Byrnes, Director of Solutions Engineering Middle East, India & Africa & John Hathaway, Regional Vice President Middle East, India & Africa, BeyondTrust
|
12:20 - 12:40 |
► Securing the New Normal: Cyber AI for the Inbox Dan Fein, Director of Email Security Products, Darktrace
|
12:40 - 13:10 |
► Education Seminars Session 2 Delegates will be able to choose from the following education seminars:
|
13:10 - 14:10 |
Lunch and Networking |
14:10 - 14:30 |
► Security through control maturity and assurance in times of rapid change John Elliott, Director, Industry Standards, Mastercard
|
14:30 - 14:50 |
► Presentation by Pulse Secure |
14:50 - 15:10 |
► Why traditional penetration testing fails: rely instead on the wisdom of crowds Ron Peeters, Vice President Middle East and Emerging Markets, Synack
|
15:10 - 15:30 |
► Executive Panel Discussion: The Cloud Conundrum: Managing Security and Risks in the Cloud For many organisations, the adoption of Cloud-based apps and storage is happening at scale. Now more than ever, information security teams need visibility and controls, they need to limit unauthorised access and they need to ensure cloud security priorities are aligned across the organisation. In this discussion, we will examine the key considerations for defining a cloud security strategy, discuss managing privacy and data protection regulations in a cloud environment and lift the lid on the big picture implications of cloud on your security staff.
|
15:30 - 16:00 |
Networking break |
16:00 - 16:20 |
► The broader context of Cyber Resilience and Data: Essential considerations for your organisation’s ecosystem Luna de Lange, Partner and Data Protection Officer, KARM Legal Consultants
|
16:20 - 16:40 |
► Combatting Financial Cyber Crime: insights from Western Union Wissam Abed, Leader – Financial Intelligence Unit - Middle East & South Asia, Western Union
|
16:40 - 17:00 |
►Cybersecurity in the Age of Disorder Simon Brady, Managing Editor, AKJ Associates Ltd Pandemic, digitalisation, climate change, the collapse of Chimerica, Brexit – the list goes on. In all this chaos, cybersecurity, like everything else, has to change. But how? In this session, AKJ’s Managing Editor, Simon Brady, gives his take on where CISOs should be looking in 2021.
|
17:00 - 17:30 |
Networking break |
17:30 |
Conference Close |
Education seminars
SAP Security Threat Landscape 2021
Frederik Weidemann, Chief Technical Evangelist, Onapsis Inc
In the past few years, 64% of organizations’ ERP systems have been breached, according to a research study by IDC.
Are you aware how attackers have breached, and can break into unprotected customer SAP landscapes?
Attend this session to gain insights into:
- What attacks on your SAP systems look like
- What security challenges exist in SAP environments (e.g. S/4HANA)
- Moving to the cloud with confidence — how to address security in hybrid landscapes
- Ways to protect your organization
Cloud usage is dramatically increasing – are your security policy controls keeping up?
Kostas Lotsis, Senior Sales Engineer EMEA, Firemon
According to Gartner, “Through 2022, at least 95% of cloud security failures will be the customer’s fault.”
The most significant step an organisation can take to ensure appropriate levels of cloud security is for the corporate leadership to agree that cloud computing has become indispensable and that it should be governed through planning and policy.
We will be discussing Gartner’s findings
- Why delaying cloud migrations due to an exaggerated fear of the security of cloud providers, is resulting in lost opportunity and inappropriate spending
- Why a strategic cloud strategy that is lagging behind cloud usage, is leaving a hole in governance, leading to unnecessary compliance incidents and data leakage
- The impact of a lack of skills and resources for cloud use cases
- How to secure your cloud migrations with strategy and planning.
Micro-segmentation and your security strategy
Migchiel de Jong, Systems Engineer, Illumio
Segmentation is a well-known technical concept applicable to many domains. We will discuss the current state of affairs; why segmentation is relevant and what problems it helps address. Review the problems organizations have with implementing and maintaining segmentation and how you can address those problems.
Takeaways:
- Have a good understanding of the concept of segmentation
- Understand and recognize the problems with segmentation
- How to build a segmentation strategy
Ponemon Middle East Encryption Trends Study
Hamid Qureshi, Territory Sales Manager, Middle East & Africa, Entrust
The 2020 Middle East Encryption Trends Study, conducted by analyst firm the Ponemon Institute, is generated from a survey of 342 IT professionals based in the Middle East and highlights how leading organizations are applying their encryption strategies, with detailed insights into the use cases that are growing the fastest.
Join this session to find out more about the:
- Growing use of encryption for emerging use cases like Docker containers and the Internet of Things
- Increasing adoption of the cloud and cloud data encryption
- Continued pain associated with managing encryption keys and how this is driving the adoption of hardware security modules
How to build an advanced SOC with limited resources
Amjad Khader, Enterprise Sales Manager, LogRhythm
Whilst some organizations have a 24x7 security operations centre (SOC) with teams of dedicated analysts carefully monitoring for threats around the clock, every day of the year. Unfortunately, most organizations cannot afford a 24x7 SOC. The cost of having well-trained analysts onsite at all times outweighs the benefit.
In this session we will outline:
- Various security operations models - from an informal SOC to a 24x7 staffed team
- Common challenges faced by organizations with limited resources, including the dangers of an informal SOC approach
- How to balance the real cost of an informal SOC, against the potential damage caused by a data breach or uncontrolled malware
- Steps to building a SOC with limited resources
Extortionware: Your Privacy Problems Made Public
Lonnie Benavides, Head of Infrastructure and Application Security, OneLogin
Over the last decade, ransomware has increasingly become the most popular option for hackers to monetize the access they've obtained to corporate computer systems around the world. Over the last few years, we've observed the ransomware software and techniques adapt and evolve to include the theft and exposure of private information, creating extortionware as a new breed of malicious software. This talk will provide an overview of these techniques and discuss the potential privacy and security impacts you may face as a result.
Key takeaways from session:
- Greater understanding of the breadth of ransomware and extortionware
- The evolution of ransomware
- Prevention tools you can deploy to protect your data
Risk, Threat, Response: Drive Complexity, Time, and Cost Out of Your Security Program
Miles Tappin, VP of EMEA at ThreatConnect
Businesses of all sizes are under constant threat of cyber attack. Making matters worse, the IoT revolution is enlarging and complicating the cyber attack surface. Traditional security approaches will no longer work in this new environment, where security teams are drowning in vulnerabilities and alerts.
Join this presentation to learn the game-changing benefits of the new Risk—Threat—Response approach to cybersecurity and risk management.
What Attendees Will Learn
We will explore each element of the Risk—Threat—Response paradigm in detail.
- Risk: Why it is necessary and possible to scope the risk scenarios that matter most to your business from a financial perspective
- Threat: Manage the threat landscape with a priority view into the risk scenarios that matter most to your business
- Response: Automate & Orchestrate response across the entire security technology stack
Eliminate Uncertainty with Security Validation
Hatem Ali, Global Services and Intelligence Lead, MEA, FireEye
If you can measure it, you can improve it. One major challenge for cyber security teams is establishing a measurable process of validating their security operations to be able to identify gaps in detection coverage and areas of redundancy to provide specific areas of improvement including potential saving across your security controls.
This webinar will discuss how to:
- Operationalize Threat Intelligence: Ensure your security controls stand up to the latest tactics, techniques and procedures used by threat actors in your region and industry.
- Plan security improvements: From both a technology and process perspective.
- Establish evidence-based KPIs to improve security controls.
- Report the organization’s ability to mitigate pertinent cyber risks to senior stakeholders
Join this session to uncover how security validation proves the value of your efforts and ultimately reinforces your organization’s