Event Recording

Awareness?! How to Make It Work in a Low-Tech Environment

Speaker
Alina Smith
Cyber Security Assurance Lead
Aroundtown
Alina Smith
After completing an MBA in General Management and gathering experience as a Product Manager of an ERP system, I was given the opportunity to lead all Information Security Governance initiatives of the Aroundtown Group which I joined in 2020. Although I am relatively new to the field, I quickly...
View profile
Playlist
Cybersecurity Leadership Summit 2022
Event Recording
Learn How SD Worx Turned Its Cybersecurity Strategy Into a Business Enabler
Nov 09, 2022
Event Recording
Risk-Based Cyber Reporting Best Practices
Nov 09, 2022

Cybersecurity reporting is a critical mechanism to ensure effective commincation of significant security issues across different levels of your organization - from software architects to the Board. Yet, reporting today is far from being a formality and does not comprehensively highlight an organization's exposure to cyber threats. Join this session to understand the factors that drive the effectiveness of a risk-based cybersecurity report and get access to best practices on communicating actionable metrics within a specific context.

Event Recording
Zero Trust Journey, How We Moved from an Immature Organization to Zero Trust
Nov 09, 2022

This is the story of our journey to Zero Trust, from the initial analysis to its technical and effective implementation. As many organizations our starting point was not the best one (lack of proper asset management, mixed permissions, etc) but when we started to work on a Zero Trust implementation we were able to overcome these and also solve some unforeseen problems and offer major security also through Human Factors and Risk Management. The aim of this talk is to inspire security leaders on what is a Zero Trust Architecture (which is not an off-the-shelf solution and desn't require massive initial investments) and how they can reuse their internal knowledge and tools to deliver it.

Event Recording
Managing the Cyber Security Technical Debt: How did we get there? And what to do about it?
Nov 10, 2022

This presentation will explore why companies need security automation. We will look at how companies can ensure success (and how to ensure failure). Leveraging professional experience and doctoral research into security automation, the presenter will examine the keys to successful security automation, including how to prioritize use cases and build enterprise support. This session will look at how to decide what to automate (and what not to automate), strategies to help ensure a successful security automation program, and lessons learned from success and failure, including worst reason to pursue security automation.

Event Recording
NIS2 Directive – What It Is and Why You Need to Prepare
Nov 10, 2022
Event Recording
Sustainable Vulnerability Management: Case Study by KuppingerCole
Nov 10, 2022

For any large company, regulated or not, it is essential to have a mechanism or process for detecting vulnerabilities. For this purpose, various scanners exist that can automatically scan the company's IT assets for known and new vulnerabilities. However, this is where the big challenge begins: most scanners tend to find a large number of vulnerabilities. This is important and good, but not every vulnerability is equally relevant for every company.

Typically, most organizations drown quickly with the number of vulnerabilities they have. Different specific scanners for compliance, containers, source code, operating systems and applications deliver a hardly manageable number of different potential problems per asset.

For vulnerability management to work, you need to build a sustainable vulnerability management, define intelligent processes and specify intelligent bundling and prioritization.

In this presentation, Christopher Schütze will show how this was achieved in a successful project.

Event Recording
The Art of Becoming a Multifaceted CISO
Nov 09, 2022

The challenges to information security in companies are increasing every year. The focus is on serious attacks against small and large companies and the urgent need to protect their own information. It is no longer sufficient to view the protection of corporate information in a one-dimensional way. Many different facets are important: authentication, authorization, governance, policies, processes, monitoring and surveillance, cyber defense and many more.

Putting a company on the right track in the long term requires strategic and technical expertise that is usually managed from the information security area within the company - by the Chief Information Security Officer.

But what skills does a modern CISO need? What should be his or her strengths, what does a company need to look out for if it has this role, or how does a security expert need to develop in order to meet the numerous requirements for this position? Join this session by KuppingerCole CISO, Christopher Schuetze to get answers to these pertinent questions

Event Recording
Best Practices to Protect your APIs and Accelerate your DevOps Journey.
Nov 10, 2022
Event Recording
How to Build a Trusted Digital World Through Collaboration
Nov 09, 2022

Thanks to cybersecurity technologies such as Privilege Access Management and security concepts like Zero Trust, we now have the capacity to secure all digital access, from the cloud to IoT.

Digital access in software and hardware must be secure by design to minimize risk as much as possible. We have seen official agencies including the US and UK governments signing off expansive cybersecurity executive orders to boost national security, and cybersecurity chiefs pushing for the inculcation of security by design in software.

However, the technology itself is not enough to build a trusted digital world. To cultivate this world, we need to raise general cybersecurity awareness for all citizens. This is no easy feat, so the first logical step is to focus on building knowledge and awareness in business schools, mentoring the directors of the future because they will have to learn how to deal with cyber risk daily.

To bring a trusted digital world to life, we must also disrupt the political sphere in the UK and surrounding European countries. The European continent must become a leader in digital sovereignty – where data protection and privacy are respected by all – by cross-country collaboration and the establishment of a European Business Act. European countries are democracies that produce large amounts of data, so to achieve this act, we must create a separate European model that protects and respects our valuable data.

Key takeaways:

• Educate attendees on the concept of digital sovereignty

• Build interest in the better protection of our data

• Provide attendees with the appropriate tools and knowledge to start working towards making digital sovereignty a top priority for their organisation and beyond

• Inspire attendees to collaborate with other departments and countries to create a more trusted digital sphere

Event Recording
Why Threat Intelligence is Losing its Edge and How to Overcome Noise Overload
Nov 09, 2022
Event Recording
Ask Just Anything
Nov 10, 2022
Event Recording
Workshop | From Asset Management to Asset Intelligence: Crossing the CAASM
Nov 09, 2022

As the sprawl of devices, device types, and solutions continues to skyrocket, environments only grow more complex.

But there's good news: asset management has evolved.

Today’s “asset intelligence” moves from a spreadsheet approach to an API-driven, always up-to-date view into all assets via integrations of existing tools, data correlation at scale, and querying capabilities to find and respond to gaps.

Join this workshop to learn: how asset intelligence and the emerging Cyber Asset Attack Surface Management (CAASM) category improves security hygiene, reduces manual work, and remediates gaps.