Dynamic Defense for Today s Digital Business



Similar documents
Seven Things To Consider When Evaluating Privileged Account Security Solutions

Perspectives on Cybersecurity in Healthcare June 2015

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Combating a new generation of cybercriminal with in-depth security monitoring

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

CYBER SECURITY, A GROWING CIO PRIORITY

Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Best Practices for Building a Security Operations Center

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

CyberArk Privileged Threat Analytics. Solution Brief

PENETRATION TESTING GUIDE. 1

Advanced Threats: The New World Order

Rethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Cyber-Security. FAS Annual Conference September 12, 2014

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

Securing Your Business with DNS Servers That Protect Themselves

Cybersecurity Delivering Confidence in the Cyber Domain

Threat Intelligence: The More You Know the Less Damage They Can Do. Charles Kolodgy Research VP, Security Products

Into the cybersecurity breach

2015 GLOBAL THREAT INTELLIGENCE REPORT EXECUTIVE SUMMARY

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model

Securing Remote Vendor Access with Privileged Account Security

How To Protect Your It Infrastructure

Enterprise Cybersecurity: Building an Effective Defense

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

Stop advanced targeted attacks, identify high risk users and control Insider Threats

Cyber Threat Intelligence and Incident Coordination Center (C 3 ) Protecting the Healthcare Industry from Cyber Attacks

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

POWERFUL SOFTWARE. FIGHTING HIGH CONSEQUENCE CYBER CRIME. KEY SOLUTION HIGHLIGHTS

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

How To Create An Insight Analysis For Cyber Security

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

FREQUENTLY ASKED QUESTIONS

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

Managing cyber risks with insurance

The Path Ahead for Security Leaders

The Sophos Security Heartbeat:

Cybersecurity The role of Internal Audit

RETHINKING CYBER SECURITY

Address C-level Cybersecurity issues to enable and secure Digital transformation

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

ISO27032 Guidelines for Cyber Security

SANS Top 20 Critical Controls for Effective Cyber Defense

Cyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015

Cyber crime risk management protecting your business 4 November 2015

Niara Security Analytics. Overview. Automatically detect attacks on the inside using machine learning

Obtaining Enterprise Cybersituational

Cloud and Critical Infrastructures how Cloud services are factored in from a risk perspective

PCI DSS Overview and Solutions. Anwar McEntee

WRITTEN TESTIMONY OF

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program

PREPARED DIRECT TESTIMONY OF SCOTT KING ON BEHALF OF SOUTHERN CALIFORNIA GAS COMPANY

Threat Intelligence: What is it, and How Can it Protect You from Today s Advanced Cyber-Attacks A Webroot publication featuring analyst research

Cybersecurity: Mission integration to protect your assets

IBM Security QRadar Risk Manager

PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management

The Fortinet Advanced Threat Protection Framework

Retail Security: Enabling Retail Business Innovation with Threat-Centric Security.

TRANSATLANTIC CYBER SECURITY SUMMIT

Cyber Threats Insights from history and current operations. Prepared by Cognitio May 5, 2015

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Developing National Frameworks & Engaging the Private Sector

Threat Intelligence & Analytics Cyber Threat Intelligence and how to best understand the adversary s operations

Testimony of. Mr. Anish Bhimani. On behalf of the. Financial Services Information Sharing and Analysis Center (FS-ISAC) before the

IBM Security Strategy

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Defending Against Cyber Attacks with SessionLevel Network Security

Middle Class Economics: Cybersecurity Updated August 7, 2015

Cyber security: Are Australian CEOs sleepwalking or a step ahead? kpmg.com.au

Utilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst

Vulnerability Management

Symantec Cyber Security Services: DeepSight Intelligence

Executive Summary 3. Snowden and Retail Breaches Influencing Security Strategies 3. Attackers are on the Inside Protect Your Privileges 3

The Value of Vulnerability Management*

2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security

I D C A N A L Y S T C O N N E C T I O N

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

Introduction to Runtime Application Self Protection (RASP) Making Applications Self Protecting, Self Diagnosing and Self Testing

Transcription:

TENTATIVE CONFERENCE PROGRAM 08:15 08:50 Registration 08:50 08:55 Opening Remarks by Officiating Guest of Honor The 8 th InfoSecurity Summit 2016 Hong Kong Allen Yeung Government Chief Information Officer, The Government of HKSAR 08:55 09:25 Opening Keynote: Cybersecurity in a Digital World - Deploying Active Defense Cyber incidents continue to increase dramatically with wide ranging business risks across industries. McKinsey research for the World Economic Forum identified risks up to USD 3 trillion to the world economy. The majority of businesses are unprepared for these threats. Understanding and deploying an active defense is critical. The speaker will discuss the latest emerging threats and an approach to setting up an active defense. Harrison Lung Associate Partner, McKinsey & Company 09:25 09:55 Keynote 1: Security Everywhere: Protect Against Ransomware and Advanced Threats There is growing volume and sophistication of threat actors. Attackers are using innovative tactics such as ransomware, malvertising, exploits kits and other advanced malware in order to evade detection. The traditional way of setting up security perimeter with firewalls and sandboxes for protection is no longer sufficient. Protecting the enterprise today requires addressing the entire attack continuum - before, during and after an attack. Very often we have standalone security solutions that don t work together and what s needed is the integration of disparate security systems with network infrastructure to automatically detects and contains threats. In this session, the speaker will present a multi-layer approach to look beyond, and also within the security perimeter to quickly detect, analyse and contain modern day threats. Garrick Ng Head of Systems Engineering, Cisco Hong Kong & Macau 09:55 10:25 Keynote 2: Hunting the Known Unknowns Using Big Data Every network uses DNS, web and email, but are you looking under the hood to see the dangers that is hidden below? IT machine data is a data source that is easy to collect and incredibly valuable to an organization s cyber security defenses. This session discusses how big data can help to hunt the unknown collected IT machine data in your networks, along with showing you how to find common threats like Data Exfiltration, DNS tunneling and Malware C2 communications. We ll show you not only how to detect suspicious hacking activity, but how to find those known unknowns in your Splunk Enterprise. Paul Pang Chief Security Strategist, APAC, Splunk Inc.

10:25 10:55 Keynote 3: The Dark Side of Compliance for Identity and Access Management Standardisation of Identity and Access Management (IAM) is headed for a significant update. Bodies such as NIST, PCI Security Standard Council and IETF recently proposed new best practices and requirements for key management, in which the keys support interactive and automated authentication in the business automation. However, most organistaions lack true centralized management for controlling access credentials and thus leaving that in the "Dark Side" of compliance requirements including HKMA, MAS, PCI-DSS, Sarbanes-Oxley (SOX-404) or ISO27001. With the rapid change of business environments and threat landscape, IT security and audit professionals need to learn how to identify the risks and access compliance. The presentation will provide you with insight into compliance trends in IAM and case examples; and demonstrate approaches to integrate your security and privacy controls into day-to-day processes and procedures to ensure continuous compliance. Fouad Khalil Director of Compliance, SSH Communications Security 10:55 11:10 Morning Networking Coffee Break and Showcase Tour 11:10 11:40 Keynote 4: Combating Advanced Threats How to Detect an Attack in Real-time Each and every day, Security Operational personnel inside your organization have been continuously fighting with all kinds of emerging threats, which grow in terms of number and sophistication. The risk of your network being hacked by the newest 0-day threat, and attackers are trying to exploit weaknesses of your infra-structure has been growing tremendously that you will need to empower your Incident Response team members with the ability to track down threats inside your organization. In this presentation, we are going to take a look at the current challenges faced by most Incident Response team members in the industry. We will discuss the importance of understanding the lateral movement of the attacks; the ability to understand the entire extent and impact of a breach; how to build an evidence trail to identify every facet of the attack. We will also look at the different aspects in detecting an attack hidden inside your network. CF Chui Solutions Architec, Arbor Networks 11:40 12:10 Keynote 5: Protecting your Business by Securing your Weakest Links Public and private organisations today are facing tremendous challenges in defending themselves in the changing cyber threat landscape. On the backdrop of a fast evolving cyber threatscape, the defensive capabilities and approaches employed by companies today are out-dated and paltry in comparison to highly sophisticated tools, techniques and capabilities of the threat actors. This is further exacerbated by the global deficit of over 1.5million cyber security talent that is urgently needed to help defend organisations around the World. Join Mr Wong Loke Yeow in this session as he discusses what pragmatic approaches we can take to

protect our enterprises, as well as our oft overlooked partner ecosystem and supply chain and ensure that every link of our business "chain" is adequately secure, resilient, and can keep us ahead of the cyber security curve. Wong Loke Yeow Director of Security Solutions and Professional Services Consulting, Enterprise Security, Singtel Group Enterprise 12:10 13:00 Panel Discussion One: The Dynamic Defense Approach to Cybersecurity Traditional security models are failing. While the idea of a shift from prevention to detection has gained traction, most current approaches to detection rely heavily on the same techniques that have rendered preventative tools ineffective. The ultimate goal disrupting and stopping attacks has continued to elude security experts. The next stage in the industry s evolution is to move to a stance of dynamic defense, which combines the ability to detect an attack and fully understand its scope and potential impact on the business, and then use the information to disrupt the attack before adversaries can accomplish their goals. During the panel discussion, the panel chair and the panelists will share with us their insights on how to build enterprise-wide cybersecurity that Learns, Adapts, and Proactively Combats rapidly changing cyber threats. Panel Chair: Geoff McClelland, Program Director, CIO Connect HK 13:00 14:15 Executive Panelists: Lim Shih Hsien, Head, Information Security, Hong Kong Jockey Club Frank Law, Superintendent and Head of Cyber Security, Hong Kong Police Force Paul Jackson, ex Global Head of Cyber Investigations, JPMorgan Chase; Managing Director, Stroz Friedberg Shane Read, Chief Information Security Officer (CISO), Noble Group Networking Luncheon Roundtable (By Invitation Only) Sponsored by Citic Telecom CPC & Fortinet Inc.

14:15 14:50 Panel Discussion Two: Security in an Outsourced World Building security into your enterprise processes, and integrating it with your existing technology investments has never been more critical or complicated than it is in this era of decentralized computing, and ever-tightening compliance requirements. Furthering this complication is the impact that partnering deals can have since infrastructure, applications, and even data may now longer be under your direct control. During the panel discussion, the panel chair and the panelists will share their insights with us how to ensure efficient and effective security capabilities; understand the nature of the threats that exist today and the impact a sourcing relationship can have on these threats and the mitigation strategies and tools key industry leaders are using to address the challenge. Panel Chair: Todd Stewart, Executive Director, Cyber Security, Ernst & Young Executive Panelists: Gabriel Chan, Head of Information Security, Greater China, ABN AMRO Bank Micky Lo, Chief Information Risk Officer APAC, Information Risk Management, BNY Mellon Anna Gamvros, Partner, Norton Rose Fulbright Hong Kong 14:50 15:20 Keynote 6: The State of Security: Challenges to Solutions Organizations have invested in many security products, but are they really working or fully deployed? As security concerns continue to rise, organizations need assurance that previous and future security investments are effective. Analyzing emerging security trends and challenges, it s time to define the critical domains and capabilities needed to transform security. Matt Alderman VP of Strategy, Tenable Network Security 15:20 15:50 Keynote 7: Hunting and Farming: Concepts and Strategies to Improve Your Cyber Defenses Cyber defense is evolving. The new normal is managing more assets against more attacks with fewer staff. It is often daunting. But all is not lost. We must adapt our strategies, enhance our people and change the tide in order to have a fighting chance. This session will get you thinking about what your organization is doing to try to stop the bleeding and build some resiliency. Bernie Png Regional Sales Engineer, APJ, Carbon Black 15:50 16:20 Keynote 8: User Behaviour Intelligence Fundamentals: Behaviours, Characteristics, and Facts Today, most of the modern Attacks rely on Credentials. To attackers, external or internal, valid credentials are a coveted asset. Whether the attacker is a rogue insider or someone who has obtained valid credentials through social engineering techniques, the ability to roam the network with impunity puts valuable data at risk. The hardest problem for the Organizations becomes separating

risky behaviours from normal user behaviours. The 8 th InfoSecurity Summit 2016 Hong Kong User Behaviour Analytics Solution, leveraging existing log data to detect modern attacks, prioritize incidents efficiently, and help Organizations to respond effectively. User behaviour analytics analyses actual behaviour to determine risk and to inform overburdened security analysts about potential attacks, as well as how to remediate them. Exabeam will provide more insight on User Behaviour Analytics Solutions and its growing need. Harjith Prabhakaran Product Director, Asia Pacific & Japan, Exabeam 16:20 16:30 Showcase Demonstration 16:30 17:00 Closing Keynote: Key Takeaways From The 2016 PwC Global State of Information Security Survey Kok Tin Gan Cyber Security Partner, PwC 17:00 End of Conference ** This agenda is subject to change without prior notice.**

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information