Event Recording

Anett Mádi-Nátor: C-Level Cybersecurity Awareness – Does the C-Suite Fall Behind in Understanding the Importance of Cybersecurity Services?

Show description
Speaker
Anett Mádi-Nátor
President / Deputy CEO responsible for Strategic Business Development
Women4Cyber Foundation / Cyber Services Plc.
Anett Mádi-Nátor
Anett Mádi-Nátor has more than a decade of experience in strategic and administrative layers of information security and cyber defence both as a private sector subject matter expert and as a government representative. She is now responsible for Strategic Business Development at a...
View profile
Playlist
Cybersecurity Leadership Summit 2020
Event Recording
Bryan Christ: Improving Operational Maturity with an Automation First Strategy
Nov 16, 2020

In his keynote, Bryan will talk on how automating Identity and Access Management can evolve your operational maturity and strengthen your security programs. 

Event Recording
Jan Tietze: Minimising Risk from Cyber Threats: Focus on Reducing Time to Containment
Nov 13, 2020
Event Recording
Steffen Minkmar: Cyber Resilience - Regulatory Developments in the Financial Services Industry (and Beyond)
Nov 12, 2020

Cyber resilience, a term often heard but never fully understood, has made headlines for many years. Nonetheless, we are still confronted with ransomware attacks that lead to the standstill of organizations, as evidenced in the 2017 Maersk attack or the declared state of emergency by the mayor of the city of New Orleans in December 2019 after the city was hit by a cyberattack.

Many organizations perceive cyber resilience as yet another regulatory topic to be addressed by the IT department or the IT security teams, ignoring the regulatory requirements deriving from stakeholders such as the European Central Bank, or the need to interlink cyber preparedness with business continuity efforts and the much-needed support not only by the business departments but also the C-suite.
All this stems from an incomplete understanding of cyber resilience and what added value it can offer to an organization. The presentation aims to close this knowledge gap by highlighting key regulatory requirements, and how these can be addressed in coordination with key decision-makers. It will also provide insights into future regulatory developments with a specific view on the EU legislation. The presentation will also talk about testing approaches for cyber resilience, such as the TIBER-EU (Threat Intelligence-Based Ethical Red Teaming for the European Union) framework.

Key takeaways:

1) After completing this session, the participant will be able to refer to relevant CR regulations and put them into context and everyday use and to understand expectations from the FS regulators.
2) After completing this session, the participant will have knowledge about how CR is applied in other FS organizations, and what tools and methods exist to assess CR readiness.
3) After completing this session, the participant will be able to discuss key CR topics with senior management to promote the importance of CR, and to make a business case for it.
4) After completing this session, the participant will be able to refer to available resources on the internet to deepen his/her knowledge of CR.

Event Recording
Martin Kuppinger: Cybersecurity Trends in the Age of Work from Home
Nov 11, 2020

The way people are working has changed fundamentally. Cybersecurity is even more essential than before. Martin Kuppinger, Principal Analyst at KuppingerCole, will look at the factors that drive the relevance of cybersecurity, but also change the way cybersecurity is done right. He then will look at the trends in cybersecurity and how new technologies and methods help in mitigating cyber risks and improving cyber attack resilience. This includes looking at the impact of Work from Home, changing attack vectors, or the impact of AI on cybersecurity, and discussing what new technologies such as SOAR and Cyber Ranges can provide for getting better in cybersecurity. He also will look at the need for doing a thorough cybersecurity portfolio assessment, to optimize spending and getting a grip on the zoo of cybersecurity tools most businesses already have to pay for and to manage.

Event Recording
Berthold Kerl: Top 2021 Cyber Topics: Results From a Recent KC Survey
Nov 13, 2020

In this talk, you will learn about the results of the recent KuppingerCole Survey on top Cybersecurity Topics for 2021.

Event Recording
Mario van Riesen: The Evolution of Application Security
Nov 16, 2020

Cyberattacks have rapidly evolved since the advent of online transacting almost 25 years ago, with attackers continually escalating and refining their evasion techniques. While organisations and individuals continue to mobilise in an attempt to mitigate the global disruptions taking place around them, cybercriminals have wasted no time in exploiting the COVID-19 pandemic. Today, attackers and fraudsters call upon a sophisticated suite of tools, including human-powered click farms, social engineering, and malware – all designed to defeat traditional defenses such as WAFs & CAPTCHAs. 

This session will dive deeper into how organisations can keep pace with this precipitate shift and adjust their security postures accordingly, to more accurately reflect the realities of an ever-evolving threat landscape. 

Discussion Points:  

  • Attack Evolution - navigate the automated application attack-roadmap as it has progressed from the commodification of Credential Stuffing and ATO schemes to some of the most cutting-edge examples of Manual Fraud capability. 
  • Countermeasure Efficacy - discover how F5’s Application Fraud portfolio addresses the whole spectrum of eCrime attacks deterring cybercriminals who continually retool to circumvent traditional countermeasures. 
  • Inverting Friction - understand how organisations can protect their customers and brand without compromising user experience or collecting PII. 
Event Recording
Jochen Fischer: A Small Leak Can Sink A Great Ship - Cybersecurity Warfare & SAP
Nov 13, 2020

Security is Culture – and culture starts with people (not technology!) The complex topic of SAP-security is a massive challenge for the almost 500.000 companies worldwide using SAP. The challenges are the same for everyone, and it is the combined corporate responsibility of the C-Level and all employees to protect the enterprise from threats. These core applications can be secured by focusing on the 3 main attack vectors: People, Processes, and Technology. Within this keynote, Jochen Fischer shares what needs to be done to define clear ownership and responsibilities for SAP-security. Enabling people to understand the risk in SAP is fundamental to design a sustainable strategy that is based on the individual risk profile of each individual company. It is time to stop the monkey business when it comes to mission-critical topics like security. As independent expert, Jochen Fischer provides state-of-the-art methodologies to deliver the right people the suitable skills required to protect SAP without burning money on tools that have no or limited effect on corporate cyber resilience.

Event Recording
Ana Isabel Ayerbe Fernández-Cuesta: Security by Design IoT Development and Certificate Framework
Nov 13, 2020

Next-generation of Smart IoT Systems needs to manage the closed loop from sensing to actuation with safe operational boundaries and the need to be distributed across IoT, Edge and cloud infrastructures with complex and heterogeneous systems, connectivity and failures, as well as being able to operate in an unpredictable physical world facing situations that have not been fully understood or anticipated in the software development process.

In this context, it is necessary to support the continuous delivery of trustworthy Smart IoT Systems, to support their agile operation, to support the continuous quality assurance strengthening their trustworthiness, and to leverage the capabilities of existing IoT platforms and fully legacy, proprietary and off-the-shelf software components and devices. In this talk, it will be explained how to facilitate the development, operation and quality assurance of trustworthy and resilient Smart IoT systems.

Event Recording
Stefan Romberg: Regulatory Compliance Challenges in 2020
Nov 11, 2020

How do you prepare for the increasing regulatory challenges in a time of ongoing cloud migrations with global service providers? The invalidation of the EU-US privacy shield and the enforcement of the NDAA Section 889 will require a thorough review of existing controls and a swift management of stakeholder interests. This key note will provide practical experiences and guidance to ensure you meet your compliance goals.

Event Recording
Markus Malewski, Joerg Hesske: No Chance for Hackers and Spies. Why Thyssenkrupp Takes a Completely Different Approach to Security
Nov 20, 2020

Markus Malewski, Head of SOC / SIEM at thyssenkrupp gives an insight how thyssenkrupp re-formed the Security division after the Winnti attack in 2016, why the company is so well prepared for current and future challenges and how the solutions of Elastic help to achieve those. Jörg Hesske, AVP CEMEA at Elastic shows how Elastic Security helps SecOps teams to protect their company against threats quickly and precisely with an integrative security approach.

Event Recording
Panel - Secure Work Anywhere: The New Normal from Corporate Policies to Security Practices
Nov 12, 2020
Event Recording
Espen Otterstad: Social Engineering - Exploiting the Human Factor
Nov 13, 2020