Event Recording

New Security Fundamentals: Five Things CISOs and CTOs Should Consider

Show description
Speaker
Nadav Avital
Director of Threat Research
Imperva
Nadav Avital
As a manager in Imperva's threat research group and an expert in Web Application Security, I lead efforts to capture and analyze hacking activities, create new security solutions and research new threats and technologies. I have more than 10 years of industry experience in coding, inventing...
View profile
Playlist
Cybersecurity Leadership Summit 2022
Event Recording
Reducing Complexity – Introducing a Practical Model for Security Classifications
Nov 09, 2022

Building and running cyber security in both worlds modern cloud security in combination and legacy on premises introduces extra complexity.  Some of the well known security patterns and models are not applicable in cloud systems while the modern security models like zero trust barely  fit in legacy systems. Based on a model for security classification we will explore some does and don’ts in modern cyber security.

Event Recording
Ask Just Anything
Nov 10, 2022
Event Recording
Enterprise Access Control for Zero Trust
Nov 09, 2022

With many privileges to manage within an organization, authorization within an Enterprise can be a challenge. As capabilities in any organization are often in a state of constant change and growing complexity, implied trust can easily creep into authorization frameworks and policies leading to an overly-permissive environment. Learn how an organization can layer and support Role, Attribute, and Policy-Based Access Control methodologies to avoid these pitfalls and while also preventing entitlement duplication leading to a more secure Identity perimeter for your users. 

Event Recording
Microshard Technology: An Enabler for GDPR/Schrems II Compliance
Nov 09, 2022

This session will examine the ruling of 16 July 2020, where the Court of Justice of the European Union (the Court) in its Case C-311/18 Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (called “Schrems II case”) invalidated the EU-US Privacy Shield adequacy decision.

  • GDPR / Schrems II - Cloud challenges companies facing day by day 
  • Where innovation bridges the gap required for cloud adoption/migration
  • How these new tools compliment and elevate existing standards in encryption/sensitive data transit/storage
  • Microsharding - The answer to all hybrid and multi cloud challenges? 

How and why Microsharding was developed as a concept and a short summary of ShardSecure by Co-founder & CEO, ShardSecure - Bob Lam

Event Recording
The Blueprint for a Cyber-Safe Society: How Denmark provided eIDs to citizens and business
Nov 10, 2022

Implementing digital solutions enabling only using validated digital identities as the foundation for all other IAM and cybersecurity measures is the prerequisite to establish an agile ecosystem of commerce and corporation governed by security, protection, management of threats and ultimately trust. 

For more than 15 years, Denmark has provided public access to eID. 3. generation is now available delivering one unified system giving both citizens, employees, public authorities, and businesses easy access to solely accepting and using validated digital identities. Ensuring compliance within the framework of eIDAS and ultimately NIS2.

Bjarke Alling - current member and prior co-chair of the Danish National Cyber Security Council, founder and Group Director of the IT cybersecurity software company Liga, and a key contributor to the development of the Danish eID solution, will share insights into the solution and put it into a broader broader-crossing perspective.

Event Recording
Workshop | From Asset Management to Asset Intelligence: Crossing the CAASM
Nov 09, 2022

As the sprawl of devices, device types, and solutions continues to skyrocket, environments only grow more complex.

But there's good news: asset management has evolved.

Today’s “asset intelligence” moves from a spreadsheet approach to an API-driven, always up-to-date view into all assets via integrations of existing tools, data correlation at scale, and querying capabilities to find and respond to gaps.

Join this workshop to learn: how asset intelligence and the emerging Cyber Asset Attack Surface Management (CAASM) category improves security hygiene, reduces manual work, and remediates gaps.

Event Recording
CISO Talk: Cloud as a Security Enabler
Nov 09, 2022

More organizations are now moving to the cloud.  From a security perspective – refactoring the applications provides a major opportunity to improve security posture.  This session explores how the right approach towards can save time, increase inherent security, and ensure apps are compliant.

Event Recording
Rethinking Cybersecurity From the Human Element Point of View
Nov 10, 2022

Over simplifying, IT security means defending the IT systems from threats procured by cybercriminals. Their targets are, for example, the manipulation of systems, the extorsion or exfiltration of data, and the interruption or alteration of services. However, what happens if we have humans instead of IT systems? Given that the scope of an attacker is always the same, as aforementioned, attacking a human is an entirely different process, and the attack tactics must change. This well-known fact involves social engineering and human sciences (e.g., psychologists or behavioural sciences instead of informatics). However, from the cyber security side of the coin, what does it imply dealing with humans? What does it mean, for example, to perform convincing penetration testing or vulnerability scanning to deeply test human weaknesses: it is not merely a problem of sending a phishing email and waiting for clicks. How can be done a threat analysis or threat intelligence on humans? Moreover, how can a company calculate the cyber risk that a human represents and how many effective ways to reduce it? If we fully put humans (either as employees or IT security operators) at the centre of cybersecurity, the questions become several.

The problem is complex because, by its nature, it is multicultural and requires different non-technical competencies. It includes experts in philosophy, political science, cyber sociology, pedagogy, acting performance, etc., collaborating with cybersecurity experts. Facing the human element of security is a genuinely multicultural and interconnected approach. Furthermore, humans are coincidentally “human” and not machines: there are also ethical and legal issues to consider, and their reactions change during the day. The talk will explore and present a comprehensive view of what happens when there are not the IT systems but the humans at the centre of cybersecurity.

Event Recording
How the Current Crisis could become a Catalyst for Various Transformations
Nov 10, 2022
Event Recording
On the Charge: Securing the Energy Sector
Nov 10, 2022

The economic value represented by the energy industry makes utilities an attractive target for cybercriminals. An expansive attack surface coupled with strong interdependencies between physical and digital infrastructure makes utilities an interesting case study for cybersecurity implementation.

Jerry Onesti and Jochen Toesmann from EON highlights the impact of cyberthreats across the value chain of utilities and shares his insights on how to protect assets associated with cyber-sophisticated industries such as energy.

Event Recording
Security in the Face of Change: Past Lessons & Prospects for Our Future
Nov 09, 2022
The convergence of organizational decentralization, digitization, and global instability have raised the need to secure vital infrastructure. Can we learn from the past? Can we prioritize and plan future scenarios? 
Join Elastic as we share insights and lessons from building security products and evaluating them and gain ideas to plan your defense.
Event Recording
Germany's Cybersecurity Architecture and How it is Linked to International Actors
Nov 09, 2022
Christina Rupp has co-authored a publication of the Stiftung Neue Verantwortung, a Berlin based Think-Tank exploring the intersection of technology and society, on Germany’s Cybersecurity Architecture. In her introductory talk, she will provide insights into the development and status quo of Germany’s cybersecurity architecture and policy as well as its interplay with international levels such as the European Union.