Building a more secure future: cybersecurity for a truly digital world

12th e-Crime & Cybersecurity Mid-Year Summit
October 15th 2020 - Online

Securing the new business ecosystem
Compulsory high-speed digital transformation is changing cybersecurity for the better


Companies reacted faster to COVID 19 than anyone could have imagined.

Within weeks of the scale of the crisis being realised, entire workforces were operating from home. Collaboration tools that would've taken years to introduce and clear became normal. Global banks even transplanted entire trading floors to domestic environments, with all the supervisory headaches that brought.

For the first six weeks or so, most firms were simply firefighting. Just maintaining business continuity, getting hardware and software to where it was needed, and establishing the connectivity required was a mission.

And just as they and their businesses were at the point of maximum disruption, cybersecurity teams were also dealing with a huge spike in the volume and severity of threats. Phishing rose sharply; DDoS and ransomware attacks too. Stressed employees using unfamiliar or insecure systems are easier to hack and overall business disruption may render compensating controls less effective.

But the firefight is not the biggest challenge. That is what comes next.

As organisations become familiar with their new operating environments, the focus is shifting to the bottom line.

How should they adapt their business model to a new and changing work and business environment? What hybrid of physical and digital makes the most sense? How can that model be made as flexible as possible? And how can the extremely rapid acceleration of digital transformation programmes be kept cybersecure?

The dirty secret for most businesses has been how little they have embraced digital transformation and, partly as a result, how little they have invested in cybersecurity and data privacy.

The sudden imperative to digitalise or die is making short work of all the obstacles previously thrown in its way. Businesses that could find a dozen reasons to delay digital projects are now forced to operate entirely online. Regulators who would 'never allow' particular work or reporting practices have admitted they can be done.

So as digitalisation accelerates, how does cybersecurity adapt?

The 12th e-Crime & Cybersecurity Mid-Year Summit will take place online and will look at how cybersecurity teams are tackling this new world. Join us for real-life case studies, strategic guidance, and in-depth technical sessions from the security and privacy teams behind some of the world's most admired brands.

  • Cybersecurity for business resilience

    • Forced, rapid digitalisation has revealed the fragmented nature of many security programmes
    • Protecting the business while enabling innovation and flexibility requires new models and approaches for cyber
    • Are automation and orchestration the answer?
  • Securing and protecting remote employees

    • The shift to home-working amplifies the BYOD / remote security issue: unsecured data transmission, use of VPNs, employees using workarounds to achieve tasks under pressure, the security of free video and collaboration tools, and so on.
    • What are the quick fixes and the longer-term solutions?
    • What about CISOs and their teams? They need unfettered remote access to the most sensitive systems and information - are they the weakest link? How can they ensure they're not hacked?
  • Protection versus business needs

    • There is a wider strategic challenge: many businesses now face an existential threat and must take rapid and extraordinary actions to survive
    • Their requests for technologies to help them do this will demand near-instant responses and extreme flexibility
    • Never has it been more important that security teams understand and enable the business
  • Rethinking identity and access management

    • Employees need off-site access to apps, data and other network resources - existing IDAM policies will need to be re-written fast
    • How can you restructure IDAM quickly? How can you push MFA to the whole network?
    • Can consumer-grade software be incorporated?
  • Cybersecurity by remote control

    • Will existing incident response processes function properly across a distributed enterprise? What updates to playbooks are needed?
    • How can security teams ensure that they can carry out their jobs remotely, particularly when many security tools rely on access to the local network?
    • With CISOs and security teams now needing unfettered remote access to the most sensitive systems and information, are they themselves the weakest link? How can they ensure they're not compromised?
  • Securing the workplace revolution

    • Lockdowns and the extremes of WFH will end, but the cost, productivity, work-life balance and carbon benefits of remote working mean it's here to stay.
    • As flexible working becomes the norm, new hardware, software and processes will need to be implemented across all areas of the business.
    • Many initial measures put in place were intended as a short-term stopgap. What new long-term security measures are required by a permanent change to working patterns?
  • Building in security: easier said than done?

    • As businesses ramp up their digital business models, it's critical that they build security in from the beginning
    • But given the speed at which businesses are having to transform, that's a big ask. Even pre-coronavirus, security teams often found it hard to gain leverage over the business
    • How can cybersecurity teams ensure digital transformation and innovation are done securely?
    • Is this a CIO vs CISO battle?
  • Securing the customer - are your websites up to it?

    • The immediate need to move to online business channels creates a host of security and monitoring challenges
    • Are existing websites scalable to securely meet additional customer demands?
    • Do you rely too heavily on a single supplier? And what about the recent security changes to browsers such as Chrome which impact existing websites?
  • Stuck in the Cloud

    • Most companies have been forced to rely on Cloud-based apps and storage
    • So, they need visibility and controls, they need logs from providers to review for unauthorised access and data exfiltration, and they need to limit unauthorised access and services.
    • And what do their Cloud contracts say about force majeure?

Who attends

Job titles

Global Manager, Service Continuity
CISO
Head of Payments
Global IS Manager
Head of Digital Risk
Group I.T. Audit Manager
Global Security Supervisor
Head of Penetration Testing
Chief of Cybercrime Section
CISO, Head of Information Security
Global Head I.T. Governance
Head of ISAG
Global Fraud Risk Controller
Head of Global I.T. Security
Head of Data Protection
CISO
Head of I.T. Security Risk Management
Global IS Risk Manager
Global Head of IT Security
Head of Information Security Risk
CISO, Head of Digital Security & Risk
Group Finance & Compliance Director
Chief Security Officer
Chief Information Officer
Head of Cybercrime Unit
Head of Cyber Threat Intelligence
Head of Internal Audit
Head of I.T. Security
Chief Information Security Officer
Group I.S. Manager
Chief Executive
Head of Emergency Response
Head of I.T. Security
Director Of Information Security
Chief Information Security Officer
CISO
Head of Operational Risk Management
Group Data Security Manager
Head of Information Security
CIO
Head of Specialist Crime
Director of Security
Head of Informantion Security Risk
Head of Cyber & Investigations
Chief Information Security Officer
Head of Group I.T.
Head of Information Security
Global Head of Fraud Investigations
Chief Information Security Officer
Global Security Manager
Group CISO
Chief Information Security Officer
Director Global Investigations
Head of Policy & Performance
Head of Information Security
Global Head of Cyber Intelligence
Head of Information Security
Director Cybercrimes
Head of Payments & Fraud
Director of Risk & Compliance
Head of Information Security
Head of I.T. Security Operations
Group Information Security Manager
Head of Operational Security
Head of Payment & Financial Crime
Chief Information Security Officer
Head of Internal Audit
Head of Information Security
Head of IT Risk & Control
Director Enterprise Technology
Head of Business Controls
Director
Director of Security
Head of Cybercrime Investigations
Head of I.T. Security
Director, Global Security
Group I.T. Security Officer
Head of I.T.
Head of Risk & Resilience
Director Group Risk Management
Head of Investigations
Head of Customer Security
Chief Technology Risk Officer
Group Fraud Manager
CISO
Chief, Cyber Crimes
Chief Risk Officer
Head of Business Risk
Group IT Security Analyst
CIO Risk Manager
Group Infrastructure Manager
Head of Operations & Infrastructure
Head of Technical Support
Head Cybersecurity Operations
Head of Fraud Oversight
Director, Technical Investigations
Director
Global I.T. Security & Compliance
Director, Information Security

Companies

Trafigura
GE Capital
Babcock International Group
Scotia Gas Networks
Telefónica O2
Bank of America Merrill Lynch
ING
Catella Bank
Channel 4
H&M
BP
John Lewis Partnership
Royal Canadian Mounted Police
Experian
Jordan Cyber Crime Project
Zamir Telecom
John Wiley & Sons
Halma
Zurich Financial Services
Security Service of Ukraine
HSBC
British Medical Association
Romanian Directorate
TUI Travel
Markit
Western Union
Pennant International Group
TSL Education
Liverpool Victoria
The Finance Practice
Camelot Group
Capital One
Noble Group
HSBC
Dixons Carphone
Halma
Ghana International Bank
British American Tobacco
First Rate Exchange Services
Unum Provident
Santander
Rexam
Matalan
John Lewis Partnership
Home Retail Group
Allen & Overy LLP
ITV
Virgin Money
Spamhaus
Rank Group
EveryMatrix
Shop Direct
Sky
QVC
Lloyds Banking Group
General Motors Corporation
Tullett Prebon
Atcore Technology
Aviva
CIFAS
Premier Oil
HSBC
Rothschild
HSBC
Liverpool Victoria
Permanent TSB
Auto Trader
Public Health England
Selfridges
NBC Universal
Office of Civil Nuclear Security
UBM
Citigroup
SABMiller
Legal & General
Post Office
JD Sports
CERT-UK
Eurostar
Mayer Brown LLP
Swiss Re
UBS
Open University
The Bank of Tokyo - Mitsubishi UFJ
Dixons Carphone
Post Office
JustGiving
Bank of America Merrill Lynch
FIA Pakistan
Norgren
GE Capital
Unipart Group
Heathrow
Inmarsat
Modern Times Group
Ocado
Capital One

Industries

Banking
Industrial Engineering
Industrial Engineering
Oil/Gas
Telecommunications
Banking
Banking
Banking
Media
Retail
Oil/Gas
Retail
National Law Enforcement
Banking
National Law Enforcement
Telecommunications
Retail
Electronic/Electrical Equipment
Insurance
Central Government
Banking
Healthcare
National Law Enforcement
Travel/Leisure/Hospitality
Media
Banking
Aerospace/Defence
Media
Insurance
Banking
Casinos/Gaming
Banking
Mining/Metals
Banking
Retail
Electronic/Electrical Equipment
Banking
Food/Beverage/Tobacco
Banking
Insurance
Banking
Household/Personal Products
Retail
Retail
Retail
Legal
Media
Banking
Charity
Casinos/Gaming
Software
Retail
Media
Retail
Banking
Automobiles/Parts
Banking
Banking
Central Government
Insurance
Central Government
Oil/Gas
Banking
Banking
Banking
Insurance
Banking
Media
Central Government
Retail
Media
Central Government
Healthcare Services
Banking
Food/Beverage/Tobacco
Insurance
Transportation/Shipping
Retail
National CERT
Transportation/Shipping
Legal
Insurance
Banking
Education
Banking
Retail
Transportation/Shipping
Charity
Banking
National Law Enforcement
Industrial Engineering
Industrial Engineering
Regional Law Enforcement
Transportation/Shipping
Transportation/Shipping
Telecommunications
Media
Transportation/Shipping
Banking