ESRM

Enterprise Security & Risk Management

27 November 2019

Victoria Park Plaza

SOCIAL


LATEST TWEETS

SEMINARS

Wednesday 27th November 2019

The Seminars will take place from 12.25 – 13.10.
Delegates will be able to attend one seminar at the event. No pre selection is required – delegates will be able to select which session they attend onsite.

SESSIONS

SEMINAR 1

Main Conference Plenary Room
Sponsored by:
Visibility and Control are Key. Data, Metrics, Live Information is Critical When Making Decisions During a Crisis

Simon Mullis, Director of Technical Account Management, Tanium

When Wanna-Cry et al. hit, organisations went into crisis management mode. Executives demanded live information from the enterprise, but for most organisations, tools that are using 25-year-old technologies and architectures meant hours or days delay in receiving critical information. Even when data could be provided, it was incomplete and could not be acted upon.

When it is all going wrong access to live, up-to-date data is imperative, including access to data that you currently don’t know you need. Once you have the right metrics to make an informed decision about a response, being able to act at scale across the entire enterprise is just as important.

Come and see how an enterprise platform can provide you with the data you need pre- and post-incident to ensure your business can bounce back from critical events.

SEMINAR 2

Edward 1
Sponsored by:
How To Stop An Attack Before It Stops You: Continuous Response Methodology

Tim Orchard, Managing Director, F-Secure Countercept

Over the past five years, organizations like yours have made enormous investments in cyber security.

Yet massive breaches are still happening, with businesses needing – on average – 69 days to contain an attack, after taking 100 days to detect the attack in the first place.

The faster a data breach can be contained, the lower the cost and impact on your business.

Join Tim Orchard, Managing Director of F-Secure Countercept to learn how to Continuous Response:
Advances incident response from a post-mortem scenario

  • Enables live containment and remediation
  • Prevents attackers from accomplishing their mission
  • Protects your business from the effects of a cyber-attack.

Tim will also talk about MITRE Att&ck framework by outlining:

  • What is MITRE
  • Why is it important
  • What do the MITRE results mean and how to take these into account when qualifying a solution provider

SEMINAR 3

Edward 3
Sponsored by:
Would You Panic if Your Company Data is Stolen From The Cloud?

Elmar Eperiesi-Beck, CEO & Founder, eperi GmbH

The fact is that data is regularly stolen from the Cloud, leading to lost IP & reputation, huge costs in customer communication, regulatory and public reporting and fines. What if in that instance the stolen data was unintelligible and therefore rendered worthless? eperi secure your cloud data by intelligent encryption at the application level, with YOU keeping control of the whole encryption process. Your data will be encrypted BEFORE leaving your enterprise environment en route to the cloud. Cloud providers also provide encryption, BUT in order to do that they need access to your data in clear text, leaving the door wide open for a data breach. Come and hear more from our CEO how we have helped global organisations to truly secure their cloud data.

SEMINAR 4

Edward 5
Sponsored by:
Monitoring Active Directory and Windows: Indications you are Under Attack

Derek Melber, Chief Technical Evangelist, ManageEngine

Most attackers will take the path of least resistance when trying to breach your environment. It makes sense that monitoring the common attack paths could result in detecting a potential breach. The issue is that monitoring all of the attack paths can be overwhelming if done manually or even with most solutions. In this webinar, Derek Melber will guide you through methods and solutions that allow you to focus on indicators that tie back to an attack. In this webinar, you will learn:

  • The common attack paths for Windows environments
  • Which groups to monitor
  • How logon behaviour can indicate an attack
  • How to monitor privileged access

SEMINAR 5

Edward 7
Sponsored by:
Third-Party Risk, Data Privacy and Regulatory Compliance – Brexit and Beyond

Sean O’Brien, CTPRP, Managing Director, DVV Solutions
Kevin Aston, Director, Ogma IT Services

How can your organisation better identify and address its key data privacy and protection responsibilities in the current regulatory environment? And what does this mean for those responsible for delivering a robust and effective Third-Party risk management (TPRM) program? This panel and open Q&A session with risk assurance experts will explore:

  • Achieving regulatory alignment (such as GDPR and SM&CR) throughout the digital supply chain
  • Establishing a TPRM framework that gains greater board-level support
  • Emerging risk assurance best-practice and opportunities for greater efficiency and scale

SEMINAR 6

Albert 3
Sponsored by:
Confessions of a SOC Analyst

James Stevenson, Regional Sales Manager, Palo Alto Networks

Hear from an experienced SOC analyst that quit due to alert fatigue and focused on building the Security Orchestration Automation and Response market (SOAR), to fix the most common SOC and Incident Response challenges faced by organisations today. Acquired by Palo Alto Networks in March for $550m, he will share his SOAR project experience during his time at Demisto, highlighting the positive business outcomes and challenges faced along the way. The objective is to provide valuable insight to those undertaking a SOC transformation project so that they can maximise the effectiveness of a Security Orchestration Automation and Response platform (SOAR) while avoiding the commons mistakes.

 

SEMINAR 7

Albert 2
Sponsored by:
Do You Know Whom Your APIs are Talking to?

Alex Cruz Farmer, Product Manager, Firewall, Cloudflare

APIs are the lifeblood of modern websites and mobile applications. It\’s easier than ever to code, deploy and operate APIs to power rich experiences, but this proliferation of endpoints has made it increasingly difficult to keep tabs on where your data is going.

This session will cover some techniques for identifying APIs, provide a framework for classifying the risk, and discuss approaches to mitigating this risk.

 

SEMINAR 8

Albert 1
Sponsored by:
Attackers Prey on Uncertainty: How to Fail at Threat Detection

Will Priestley, SE Manager, Varonis

It takes a great deal of visibility and context to detect and respond to sophisticated threats. Attackers usually target data, where enterprises have the least visibility and most uncertainty. In this session, we will explore new, sophisticated threats from inside and out, demonstrate how easy it is for adversaries to bypass traditional controls, and present a methodology to better protect data at scale, improve threat detection, and reduce uncertainty.