Identity Threat & Zero Trust  

Safeguarding the Foundation of your Organisation's Cybersecurity Strategy

9:00 a.m. - 10:30 a.m. 

There is one important truth that organizations need to face right now: the number and nature of identities is changing, and these changes are posing a direct risk to enterprise IT security. Identities are increasing both in type and number, and this changes the dynamic of identity management. We all have a unique identity. When translated to technology, we have more than one account associated with our identities, and threat actors target our accounts to infiltrate an environment. If you consider how many accounts an individual may have to perform their role within an organization, protecting users’ identities is one of the best strategies to prevent future security breaches. This discussion will center on Identity as an attack vector and get some insight to help the audience best protect this attack surface. It is not a coincidence that the rise in number and complexity of identities has coincided with a rise in identity-related breaches.

The Journey Toward Fully Embracing Organisation-wide Cyber Risk Management

Dissecting the Core functions of the NIST Framework to drive Management Decision Making

 10:45 a.m. - 12:30 p.m. 

Work around the NIST Framework has been increasingly driven by a recognition that risk management should be a fundamental driver for every organization’s decisions about investments in cybersecurity and privacy - whether those investments take shape as people, processes, or technology. NIST considers managing risk to be an essential principle and process for organizations of any size or type to employ in planning and carrying out their cybersecurity and privacy programs and in making decisions about priorities. The session will provide answers to critical questions - Do we have adequate visibility into our business processes to identify where cyber controls are needed? Are we capable of managing cyber risks throughout their lifecycle? Are we prepared to respond and limit the disruptive effects of cyber incidents through an organization-wide orchestrated approach? Once we’ve experienced an attack how quickly will we be able to resume normal operations? With increased competition for limited budgets and resources, organizations must ensure that available funding is applied towards the company's highest priority IT security investments. Applying funding towards high-priority security investments supports the objective of maintaining appropriate security controls, both at the enterprisewide and system level, commensurate with levels of risk and data sensitivity. Board members should seek to understand how far along their company is in the journey, so that they can set reasonable expectations for management.

Protecting the IOT/OT Attack Surface/Protecting Critical Infrastructure  

1:35 p.m. - 3:00 p.m. 

There is no doubt that the Ukraine/Russia conflict has seen a significant number of attacks on Critical Infrastructure as well as Zero Day Attacks. Given the severity of these attacks and their potential impact on providers’ operations and even the safety of their customers, it becomes crucial to recognize the importance of proper security practices around IoT & OT unmanaged devices to ensure that such attacks do not happen. Defenses set up for OT networks must be comprehensive, able to prevent unauthorized system access and should include detections for abnormal, unfamiliar, and malicious behaviors after a breach. IoT devices in critical infrastructure networks, if not properly secured, increase the risk of unauthorized access to operational assets and networks. Improper configurations such as default credentials and unpatched vulnerabilities are often abused by threat actors to gain network or device access. Once access is established, attackers could identify other assets on the same network, perform reconnaissance, and plan large-scale attacks on sensitive equipment and devices.

How to Incorporate Cybersecurity into your Operations Center  

4:00 p.m. - 5:15 p.m. 

As the global economy continues to digitize, data becomes a lucrative target for criminals. There are multiple types of cyber-attacks, from advanced persistent threats (APTs) and phishing to malware, cryptojacking, and ransomware. As the attacks become more sophisticated, so do the tools needed to effectively defend against them. Gone are the days where tools like anti-virus, firewalls, and access control would be enough. The ever-growing scope of the cyber landscape means that old solutions alone simply won’t cut it. Critical Cybersecurity decisions are based on a continuous flow of data from numerous sources. As a situation arises, operators must be able to analyze, share, and act on information as quickly as possible. In the event of a cybersecurity breach, rapid response is critical. Security analysts need to have rapid and easy access to contextualized data. This means they can quickly investigate any suspected compromises, and specific data is retrieved easily. Best practices for handling the challenging cybersecurity landscape suggest handling the entire lifecycle of a cyber security incident, from the initial detection of a breach through the return to normal operations, in one place. Leveraging Operations center resources to address cyber threats combines and maximizes skilled resources, best practices and technology solutions for the purpose of timely detection, real-time monitoring and correcting, and responding to cyberthreats to protect the organization’s assets. In addition, incorporating Cybersecurity into an Organisation's Operations Center, creates the platform to collect the status of various incidents, infrastructure status and the effectiveness of the enterprise’s defense preparedness through the reporting of predesigned key performance indicator (KPI) metrics intended for various stakeholders.