As more emphasis is placed on new regulations, it is important not just that companies know both what those new expectations are, and also how to follow the guidelines. With a continuous focus on cyber security awareness, this talk will go through some of the recommended approaches and internal and external stakeholder collaboration to minimise risk.
Trust in an organisation is critical, and CISOs must stay ahead of the evolving risk, demonstrating their security readiness through comprehensive cyber-risk assessments. This is a business challenge, not just a technical one, and a CISO who neglects compliance and risk may put the company, people and data in danger. This session will outline the expectations being placed on a CISO, and how to avoid the potential consequences of weak security risk assessments.
Boards increasingly consider IT security as a critical business risk. Well publicised security breaches highlight the importance that good security policies, technologies and professionals play in reducing that risk. But time blurs memories. How do chief information security officers enhance or maintain board-level support for security policies and ensure that these flow through the organisation – an even greater challenge when the company is international with its headquarters overseas?
With the increased frequency and sophistication of attacks becoming a greater challenge, organisations must be prepared for both the everyday attack, such as social engineering, the rise of deep fakes, or phishing, and major incidents such as ransomware. This session will examine ways to truly stress test an organisation's security policy, developing muscle memory for the organisation and identifying any weaknesses before a major breach exposes a company, its critical data and its reputation.
Organisations report that skilled security professionals are in short supply, making the market competitive and contributing to spiralling wages. What approaches are organisations using to retain or retrain talent to tackle these shortages? How are they diversifying the talent pool? What smart ideas are CISOs introducing to make their company stand out, particularly if their pay structure does not allow them to compete with the industry’s top payers?
People can be seen as the weakest link in the security chain, but often that because it is people that are the focus of threat actors' attention. In a well-prepared organisation where employees are well informed of the risks, they can be the strongest line of defence. Organisations also need to account for the psychological impact a successful attack can have on employees and customers. This presentation looks at how to apply cyberpsychology techniques to help change the behaviour of employees.
This session will highlight just how easy it can be for a threat actor to access information – through a live demonstration. Not prearranged ahead of time, this eye-opener will take just a few minutes to steal valuable information.
The threat level Artificial Intelligence represents to cyber security is being widely debated. Used in enterprises, it offers opportunities to put in place cutting edge defensive technologies that protect the organisation. In the hands of threat actors, AI generated attacks can redefine the security landscape, introducing threats faster. This panel asks how CISOs should invest in their cyber threat detection and prevention technologies to both embrace AI and provide protect against havoc it can wrought, and what regulations need to be in place in this new technology era.
Our lives are embedded with habits and actions that rarely change, making our encrypted data attractive and useful for a quantum technologies future. Worse, encrypted environments often evolve over time, making them hard to plan for and expensive to change. But quantum resilience will be expected by the C-suite, otherwise all data is an easy target. Criminal gangs and state-backed hackers are already preparing for this future data-fest. Are you?
Zero trust provides companies with a multi-layered approach to security that gives them in-built failsafe should a bad actor get through parts of the security infrastructure. Whilst a challenge to deploy correctly, this presentation provides best practice guidance for a zero-trust project rollout.
The CISO role should be seen as a board-level position. Any organisations that wants a dynamic, fleet-of-foot cyber security team, with the leader it deserves, cannot have a CISO sitting several layers from the board. It slows down decision making, can dilute critical information and hinders the ability to keep up with new threats. This panel gathers top CISOs to discuss how they are building high functioning teams and have ensured that high-quality security practices sit at the heart of the business.