Programme @

ESRM

Enterprise Security & Risk Management

24 March 2022

London

Programme @ ESRM

Session One

Managing security and mitigating risk in a hyper-disruptive world

  • How to calibrate and execute your digital business security plan
  • Weighing the proper level of security governance against your business objectives
  • Advance your adaptive security  architecture
  • Operational Business resilience: survive any storm and build any castle
  • Fundamentals of risk: data security

view presentation

09:00 (GMT)

Conference Chair's Opening Address

09:05 (GMT)

How to calibrate and execute your digital business security plan

Digital business presents unique challenges which often fail to be addressed by the prevailing examples of traditional information risk and security management.

We map out the core basic tenets you need to develop a pragmatic vision and strategy for digital business security; the global context in which you are operating; the extent to which the company culture is a business enabler; whether the company’s capabilities and capacity align with the market in which it is operating; technology adoption and promotion which is targeted and purposeful.

We address how to:

  • Challenge conventional security practices, culture and infrastructure
  • Formalise digital security programme integrated with a clear vision
  • Establish a principle-based programme and adaptive architecture for effective implementation

09:20 (GMT)

How to best weigh the proper level of security governance against your business objectives

Confronting disruptive challenges, dealing with risk, assessing security threats, reducing risk where possible, and managing security. These are the primary issues which security and risk leaders must have within their periphery at all times.

However, none of it can be achieved without an effective security and risk governance framework.

We address:

  • Assess and measure the effectiveness of your technology risk
  • Introduce measures to finesse your security programme
  • Define a roadmap for improvement
  • Provide sustainable metrics for continuous measurement and improvement

09:35 (GMT)

Advance your adaptive security architecture

As the significance of the number of  systems, users, applications, endpoints, “things,” partner relationships and transactions that require protection continues to expand and evolve, so too must an organisations approach to the management of each elements security requirements.

We address, the unprecedented complexity and new risks that existing practices are ill-equipped to manage, and how with a robust, flexible, and adaptive security architecture you can provide yourself with the opportunity to build a holistic security and risk ecosystem.

09:50 (GMT)

Operational Business resilience: survive any storm and build any castle

The last year has driven business resilience to the top of the executive agenda.

It has now become the most sought-after power skill to develop.

We address, how to apply a holistic perspective to integrate resilience into organisational structures.

10:05 (GMT)

Fundamentals of risk: data security

By being responsible for monitoring trends in the external data privacy environment, ERM makes itself the enterprise gatekeeper.

The standard characteristics of an effective ERM framework is one in which risk leaders are able to determine risk appetite for data privacy risk, gauge executive risk tolerance, and standardise cross-business risk appetite.

We address:

  • Best practice approach to managing data risk
  • The primary owners of business risk activity
  • Identify risks from the business without disrupting daily activities
  • Calculating your data breach weak points and probability
  • Enable employee-led privacy risk mitigation
  • Stay on top of current and emerging data privacy risks

10:20 (GMT)

Questions to the Panel of Speakers

10:35 (GMT)

Refreshment Break Served in the Exhibition Area

11:05 (GMT)

Panel Discussion and Audience Q&A

Where to start with your cyber security culture change?

11:35 (GMT)

Questions to the Panel of Speakers & Delegates move to the Seminar Rooms

11:50 (GMT)

Seminar Sessions

12:30 (GMT)

Networking Lunch Served in the Exhibition Area

Session Two

Securing the tools, technologies, and processes designed to make you a security and risk leader

  • Why it’s no longer about the perimeter
  • Bridging Visibility Gaps in Hybrid Cloud Monitoring
  • Securing your expanded workforce
  • Designing against unauthorized third-party access
  • Taming the exponential rise in external identities
  • Rise in privacy risk: fragmented regulatory environment

view presentation

13:30 (GMT)

Conference Chair’s Afternoon Address

13:35 (GMT)

Why it’s no longer about the perimeter

Network security architectures need to protect resources and data wherever they reside, versus within an arbitrary perimeter.

This has become a business security imperative due to the pace of network spread which is difficult to harmonise, collate and account for.

We address why you should:

  • Focus on securing applications and data, rather than securing the network
  • Evaluate security solutions based on integration provided with other tooling and platform providers
  • Choose security solutions that provide visibility and control of the entire hybrid environment

13:50 (GMT)

Bridging Visibility Gaps in Hybrid Cloud Monitoring

When cloud adoption shifts from a new trend to daily reality, it causes headaches to everyone responsible for the performance, availability, and security of business services or apps.

How do you monitor owned and rented infrastructure with all of their differences without creating visibility silos and ending-up with a bunch of disparate tools?

In order to truly benefit from the scalability and flexibility of the cloud, you not only need a comprehensive insight in order to troubleshoot confidently, but also to wed all the islands of insight together to achieve a reliable cross-environment visibility.

14:05 (GMT)

Securing your expanded workforce

In response to the growing public health crisis, at the start of 2020 rapid adoption of capabilities in M365 enabled many to be able to support secure remote working at scale.

They were also able to maintain business continuity and reduce reliance on VPN by using Azure to present Window’s Virtual Desktops and enable an agile workforce to connect from anywhere on any device and maintain a strong cybersecurity posture.

As the endemic became a pandemic, this meant that those who adopted this innovative approach to remote working were able to scale the solution out and add capability to a global workforce.

We address:

  • Adopting a risk-based approach
  • Promoting leaders and champions to position of influence
  • 1The people, process and technology needed in times of disruption

14:20 (GMT)

Questions to the Panel of Speakers

14:35 (GMT)

Afternoon Networking and Refreshments served in the Exhibition Area

15:05 (GMT)

Panel Discussion and Audience Q&A

CISO Talk: security in the age of the virtual enterprise

15:35 (GMT)

Afternoon Networking and Refreshments served in the Exhibition Area

16:05 (GMT)

Designing against unauthorized third-party access

Improperly managed third-party access management is now the primary means through which personal information is disclosed.

Whether by accident or by design, unauthorised third-party access accounts for 57% of enterprise information and data leak.

We address, two famous examples of recent data breaches which were a result of redundant third-party access remaining open, how this resulted from a failure in security oversights, and how you can best protect against the intimate knowledge former employees have of company systems.

16:20 (GMT)

Taming the exponential rise in external identities

Having the right platform in place to successfully tame, channel and collaborate with the many forces which make up your business means being able to better interact and share resources or apps with users outside of your organisation.

We address, how to share your data with any number of external partners without compromising data control,  add social and enterprise identity providers to a customized sign-up flow, and scale apps to customers.

16:35 (GMT)

Rise in privacy risk: fragmented regulatory environment

Regional variation, changeable regulatory norms, shifting compliance standards. These are just some of the reasons why many find the regulatory environment in which they are operating difficult to manage in a holistic way.

Join us as we explore the value of having a single source for your information and implementation requirements.

  • Automate manual processes and increase connectivity for improved efficiency
  • Realise cost savings, and better coordination and cross-enterprise visibility
  • Streamline your regulatory processes with an end-to-end regulatory information management system

16:50 (GMT)

Questions to the Panel of Speakers

17:00 (GMT)

Closing Remarks from the Conference Chair

17:05 (GMT)

Conference Closes, Delegates Depart

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

Killware is the Next Big Cyberthreat
It may sound like some scary direct-to-DVD horror movie or video game, but the safety of industries, businesses and the general public are gleaming no entertainment or enjoyment about the next big threat. As ransomware has seen a huge increase over the last two years thanks to the global pandemic and the pandora’s box it...
The New Dark Web is Telegram
During October 4th’s full blackout of Facebook, Messenger, Instagram and WhatsApp, millions of people suddenly found themselves scrambling for the 6-hour window towards other means of communication, such as Twitter and LinkedIn. To continue talking with friends and family, many flocked to alternative communication tools such as Viber and Telegram to communicate. In the case...
United Nations Under Data Attack
Threat actors have accessed the United Nation’s proprietary project management software, Umoja, earlier this year stealing information to be used in further attacks. Attacking the UN The threat actor stole credentials from a United Nation’s employee to breach sections of the UN’s network in April of 2021 and steal critical data. The overall aim was...