Event Recording

Enterprise Access Control for Zero Trust

Show description
Speaker
Bryan Meister
Senior Principal Architect
Yahoo
Bryan Meister
Bryan Meister has been with Yahoo since 2011 holding multiple roles throughout the CIO organization including Service Desk Analyst, Technical Program Manager, Business Systems Analyst, and presently Senior Principal Architect. It was through this journey that Bryan experienced first-hand all...
View profile
Playlist
Cybersecurity Leadership Summit 2022
Event Recording
Risk-Based Cyber Reporting Best Practices
Nov 09, 2022

Cybersecurity reporting is a critical mechanism to ensure effective commincation of significant security issues across different levels of your organization - from software architects to the Board. Yet, reporting today is far from being a formality and does not comprehensively highlight an organization's exposure to cyber threats. Join this session to understand the factors that drive the effectiveness of a risk-based cybersecurity report and get access to best practices on communicating actionable metrics within a specific context.

Event Recording
Cyber Hygiene Is the Backbone of an IAM Strategy
Nov 10, 2022

When speaking about cybersecurity, Hollywood has made us think of hooded figures in a dark alley and real-time cyber defense while typing at the speed of light. However, proper cyber security means, above all, good, clean and clear security practices that happen before-hand and all day, everyday. This is particularly true for Identity and Access Management, which is a component of every domain within Cyber Security, and it's identified as a cause for more than 80% of data breaches. IAM is rarely about white-hat hackers counter-attacking an ongoing intrusion. It's mainly about a set of good practices, clearly defined processes and, overall, good hygiene in the way we manage our identities, our resources, our entitlements, and the way they relate to each other.

Event Recording
Security Automation: Realizing Business Benefits, Without Adding Headcount
Nov 09, 2022

The next generation of cyber threats have arrived and there aren’t enough security people or budgets to handle the growing volume and complexity. This presentation will explore why organizations — and not just their security teams — need security automation. We will look at the reasons why security teams utilize SOAR (Security Orchestration, Automation, and Response) to keep pace with threats and technological innovations, without their organizations needing to add headcount. Learn how when the security team automates traditional Tier 1 work, the entire organization benefits - from upskilling staff to eliminating spend on managed services. This session draws from real-world European enterprises whose adoption of NextGen SOAR was the catalyst for fundamental security and organizational improvements.

Event Recording
Zero Trust Is Table Stakes, Zero Knowledge Is the Next Evolution
Nov 09, 2022

Zero trust has been around in one shape or form in security for many years, usually under different names like the "Principle of least privilege" or "Mandatory Access Control'. It exists for a good reason, and needs to be re-enforced. But for any cloud native vendor, Zero Trust should be table stakes at this point. Zero knowledge at the organizational level, and not just Zero knowledge encryption, is the next evolution of security best practices. Join us to learn more.

Event Recording
Why Threat Intelligence is Losing its Edge and How to Overcome Noise Overload
Nov 09, 2022
Event Recording
How a Shoemaker Stole the City Treasury and Ended up as a Social Engineering Legend
Nov 10, 2022

Cyber Security traditionally has been seen as the domain of Technology, with an expectation that the solution for cyber resilience has to be provided by IT – and we happily accepted this challenge and delivered numerous software and hardware solutions, design and development principles, policies and process controls.

However, as most successful cyber-attacks in recent time have started by targeting users with phishing emails or social engineering, raising awareness of their role in increasing cyber resilience is at least as important as providing “just a technical solution”.

This presentation will – based on example of a famous real robbery in Berlin – show how user awareness can become an important line of defence in cyber security.

Event Recording
Quantum Computers: The Ultimate Opponent for Data Protection
Nov 09, 2022
Event Recording
Protecting Infrastructure in an Exposed Environment
Nov 10, 2022
Event Recording
CSLS Wrap Up and Closing Keynote
Nov 10, 2022
Event Recording
Rethinking Cybersecurity From the Human Element Point of View
Nov 10, 2022

Over simplifying, IT security means defending the IT systems from threats procured by cybercriminals. Their targets are, for example, the manipulation of systems, the extorsion or exfiltration of data, and the interruption or alteration of services. However, what happens if we have humans instead of IT systems? Given that the scope of an attacker is always the same, as aforementioned, attacking a human is an entirely different process, and the attack tactics must change. This well-known fact involves social engineering and human sciences (e.g., psychologists or behavioural sciences instead of informatics). However, from the cyber security side of the coin, what does it imply dealing with humans? What does it mean, for example, to perform convincing penetration testing or vulnerability scanning to deeply test human weaknesses: it is not merely a problem of sending a phishing email and waiting for clicks. How can be done a threat analysis or threat intelligence on humans? Moreover, how can a company calculate the cyber risk that a human represents and how many effective ways to reduce it? If we fully put humans (either as employees or IT security operators) at the centre of cybersecurity, the questions become several.

The problem is complex because, by its nature, it is multicultural and requires different non-technical competencies. It includes experts in philosophy, political science, cyber sociology, pedagogy, acting performance, etc., collaborating with cybersecurity experts. Facing the human element of security is a genuinely multicultural and interconnected approach. Furthermore, humans are coincidentally “human” and not machines: there are also ethical and legal issues to consider, and their reactions change during the day. The talk will explore and present a comprehensive view of what happens when there are not the IT systems but the humans at the centre of cybersecurity.

Event Recording
Security in the Face of Change: Past Lessons & Prospects for Our Future
Nov 09, 2022
The convergence of organizational decentralization, digitization, and global instability have raised the need to secure vital infrastructure. Can we learn from the past? Can we prioritize and plan future scenarios? 
Join Elastic as we share insights and lessons from building security products and evaluating them and gain ideas to plan your defense.
Event Recording
The Changing Face of Resilience
Nov 10, 2022

Resilience has been changing over the last 15-20 years, where we now accept and acknowledge the various types of reslience an organisation should be responding to. This session will explore how security has moved from a focus on just protection to faster detection and response. It will aso explore what the fast moving technologies mean for other types of resilience that organisations will be faced with in the coming future, and what they can do about it.