Arrival and Registration
International keynote speaker and cyber security luminary talks to information security across the globe – where are we right now, what is happening now and what happens next
Mikko Hyppönen, chief research officer, F-Secure
Technology around us is changing faster than ever. We've already become dependent of our digital devices, and this is just the beginning. As connected devices open new opportunities for imagination, they also open up new opportunities for online criminals.
- What's happening with attacks linked to cryptocurrencies?
- What's happening with machine learning?
- Where are we today?
- Where are we going?
- A future view of infosec from a global and local perspective
- The latest trends and the associated infosec related case studies unveiled
- What does a cyber-criminal look like and why does he/she do what they do
- A minute-by-minute update – everything you need to know up to the minute
Cisco: an architectural approach to security
John Maynard, vice president & EMEAR lead, cyber security, CISCO
International Keynote Speaker You're right, this talk isn't really about you!
Jayson Street, VP: infosec, SphereNY
"Stupid user clicked on a link", "Social engineering, because there's no patch for human stupidity" and "Make it simple enough that the CEO can understand it". Blaming users is not helpful. Instead of hiding our failures behind simplified excuses and jokes, let's address the elephant in the room. We need to find a solid way to approach and rectify the issues at hand. Technology is not our problem, human behaviour is! In this presentation, we will discuss topics related to human behaviour, which need to be modified for the sake of better security.
- A mirror will be held up to our industry as we inspect how we can better teach and interact with others
- Examine some important questions head-on and walk away with a better path for understanding the true issues we are facing
Networking, Business Matchmaking and Refreshments
International keynote speaker Orange is the new purple – how and why to integrate development teams with Red/Blue Teams to build more secure software
April Wright, senior manager: information security and compliance, Verizon (USA)
Introducing a new paradigm for integrating developers with offensive and defensive teams to enhance SDLC. Utilising Red, Blue, and now Yellow (Development) Teams in a structured way to provide knowledge sharing, strengthening of defences, coverage, and response, and ultimately the development of a high level of security maturity over time. This new concept of "Red + Yellow == Orange && Blue + Yellow == Green" focuses on the role of Developers as a critical piece of security assurance activities when combined with Offensive and Defensive Teams. Orange Teams add value when they have been integrated into SDLC by creating a cycle of perpetual offensive testing and threat modelling to make software more secure over time through a high level of dedicated interaction. Green teams add value when they help ensure software is capable of providing good DFIR information. This talk will evaluate how different Team combinations can lead to more secure software.
- Understanding why software is built un-securely
- The value in combining teams with different purposes but shared goals
- Ways to elicit change revealed, ie, tips for getting management buy-in
Industry perspective Bringing cyber security to C-level and board – an imperative task in all organisations
Vincent Mello, manager: system administration and risk management, Rand Water
Cyber security cannot remain with the technical, operational teams and management only. C-level and the board are then found wanting when faced with serious, demanding and time-sensitive decisions in cyber security-related situations. All of the latest developments in the industry with regards to cyber security strategies, investment and reporting demand C-level and the board's attention.
The questions asked by too many C-level and board members is – where do we start, and how do we adequately and effectively perform their executive and oversight roles?
- Private and public organisational cyber security challenges – latest case studies and impact analysis
- Hard questions the C-level and board need to ask to ensure coverage on their cyber security initiatives
- Guide for C-level and the board to ensure cyber security risk is given the attention it deserves
- Role of the audit and risk committee at board level and how this can be measured
- Cyber security performance evaluation system/approach for C-level and the board in organisations
Lunch, Networking and Business Matchmaking
Break into Tracks
Information has value: the art and science of information security law compliance
David Luyt, associate, Michalsons
Information has value. It's worth something to you and your customers. But, criminals also want to get their hands on it. In the same way that you protect your equipment and other valuable company assets against theft, you need to protect the personal information in your care against unauthorised access. It makes business sense, and more importantly – the law demands it. Data protection laws generally require you to take 'appropriate, reasonable technical and organisational measures' to secure personal information. Does that mean encryption, video surveillance, and policies? Let's explore the art and science of information security law compliance.
- Get an introduction to the art and science of information security law compliance
- Understand the main rules, codes, and standards that form the body of information security law
- Expand your understanding of what you think of as information security measures
- Learn how to comply with information security law in your organisation at a high level
Cyber security governance in SA: regulatory developments explained
Pria Chetty, regional director, EndCode
Delve into the complex framework that is cyber security regulation in South Africa. In a situation where existing legislation has proven impractical to implement, a draft national governance framework and a draft cyber crime law, the landscape remains uncertain. Add to this a host of pending regional and international regulation that will further influence the direction SA takes in forthcoming regulatory interventions. This presentation will deconstruct the regulatory developments that are invaluable to security professionals who need to ensure organisational security is consistent with regulatory compliance pressures.
- Uncover existing cyber crime offences, proposed cyber crime offences as well as institutional structures that impact the governance of cyber security as evident in existing and proposed regulation
- Extension of governance and oversight from critical data to critical infrastructure discussed
- Debate the current compliance environment in SA
- Unwrap the contents of The Budapest Convention on Cybersecurity, the African Union Convention on Cybersecurity, and the SADC Model Law on Cybercrime
Are African organisations ready for Europe's GDPR?
- Impact of the EU General Data Protection Regulation (GDPR) on African, including South African, organisations
- How does the GDPR affect African organisations and are we bound by the GDPR and how will the GDPR be enforced in jurisdictions such as South Africa?
- Unique GDPR regulatory requirements including data protection officers, privacy impact assessments
- The impact of the GDPR on the architecture and use of technology solutions such as cloud computing, IoT and mobile
The Cybercrime and Cybersecurity Bill in the private sector unpacked
Corien Vermaak, independent IT law specialist
Companies are becoming increasingly aware of the impending Cybercrime and Cybersecurity Bill. However, in most cases, businesses are ill-informed about the proposed effects on the private and public sectors respectively. The Bill not only aims at criminalising digital offences in a more mature manner than its predecessor, it also places certain cyber security obligations on identified business sectors. The Bill's obligations are aimed at certain focus areas for the cyber security framework.
- Unpack the identified and affected industries; find out if your business will be affected
- Find out what obligations are placed on businesses
- What are the minimum qualifying factors and priorities?
Digital transformation: visibility and compliance in a transitional World
Darron Gibbard, chief technical security officer, EMEA, Qualys
With an increasing pace of change and adoption of new technologies such as the Internet of Things, new platforms on which we deploy including public cloud, and new ways and places of working, brought about by the transitional and evolving nature of businesses, security visibility becomes ever-more critical, yet more challenging.
Gaining a clear understanding of IT infrastructure, hosts and critical applications, vulnerabilities to which they may be susceptible and the ability to demonstrate compliance against regulatory and organisational mandates is a task made more difficult by the transitional nature of business and underlying technologies.
- In this session we look at some of those challenges and the changing response to adapt and regain visibility in order to respond in a timely manner to critical events such as Wannacry, and wide-ranging initiatives such as GDPR.
Cyber Resilience - are you ready?
Changes to the regulatory, legislative and technological landscapes impact on what every business needs to do to be truly ready for a cybersecurity incident. The bar of reasonableness is being raised - are you ready?
Learn how to navigate the complex matrix of compliance requirements and practical suggestions of what to do before, during and after a cybersecurity incident.
This will include:
- The impact of King IV, Cybercrimes and Cybersecurity Bill
- Industry-specific cyber-resilience regulations
- How to best manage claims, disputes and legal risk arising from a cybersecurity incident
Track two starts
Chairman: Clement Monakhisi, senior manager - IAM and data application security, IBM Security
Mini-Workshop Personality traits meet cyber security
The art of "people hacking", or social engineering, uses psychological techniques to trick people into revealing information, installing malicious software or participating in scams. Research has shown that certain personality traits make people more (and less) likely to fall prey to specific attacks or scams. This talk explores the above hypothesis, based on actual research carried out, which combines personality traits and security knowledge and behaviour.
- Deeper understanding of how personality traits influence online behaviour
- How to use this data in security culture and awareness programmes
- Security awareness best practices
Practical tactics to change user behaviour and create a secure culture
Dr Bright G Mawudor, head of cyber security services, IS
The human element of any attack is the most predominant vector hackers take today when compromising a system or organisation. Cyber security awareness is lacking in most organisations, and even with some of the most intelligent systems in place, they still fall prey to a hack.
- Mawudor's presentation will show practical examples of how an attack happens using social engineering, with live hacking demonstrations to break down the hacking methodology and how to create a secure culture.
Incident response in the context of POPIA
Russell Opland, global privacy ("POPIA") business expert
An integrated approach to insider threat protection
Clement Monakhisi, senior manager - IAM and data application security, IBM Security
As organisations battle multiplying complex threats to their data and sensitive information, they are forced to face an unsettling fact: in many cases, the threat originates from the inside, with a trusted user. These attacks can cause irreparable damage to a well-established brand, and undo in seconds the reputation painstakingly built over years of doing the right thing. It can lead to customers losing trust in the company, eclipsing in comparison the immediate financial value of the stolen information.
- Where are my crown jewels?
- Processes? What processes?
- The right tools still don't work
- You are focusing on the wrong users
- Your employees might not trust you
Importance of cyber security
Nkosana Mbokane, CEO, TechnoChange Solutions
Understanding the risks and prevention strategies for cyber attacks: management and personnel understanding and awareness; basic cyber security terminology that every employee should know and the reason why this is imperative.
Going deeper and discussing the reasons why some companies are attacked and others are not; how to avoid cyber attacks and why it is important for companies to have a cyber security strategy and plan; what are the most important components of the cyber security strategy; and who are the most important role players in ensuring success in the implementation of the cyber security strategy and plan.
The presentation concludes by highlighting the risks associated with cyber attacks for companies, what programmes are effective for creating cyber security personnel awareness and the difference between and importance of understanding the technical versus cultural aspects of cyber security, as well as dealing with and creating effective cyber security programmes that are key to preventing cyber attacks.
- When you are at risk of a cyber attack and how to build cyber security aware personnel
- How you can counter cyber attacks and build cyber resilient systems
- Important cyber security terminologies
A security opportunity against advanced persistent threats
Steve Marshall, chief operating officer, Risk-X
Many organisations still rely on anti-malware/virus protection systems for protection against APT attacks.
- Gain insight into the latest on anti-malware and anti-virus
- Recent statistics unveiled
- Detail the anatomy of APT attacks
- ARM and the role of IoT
Catch an intruder in his tracks – advanced threat hunting
Jeremy Matthews, regional manager: Africa, Panda Security
The threat landscape has evolved significantly over the past twenty plus years, this presentation will highlight these changes and reveal how these threats have advanced. Attack types will be explained, examples discussed and possible preventative measures considered. Secondly, the latest security paradigm for the endpoint detection and response will be brought to light and the implications for organisations debated.
- Anatomy of a cyberattack detailed
- Practical examples of how an attack happens and preventative measure available
- Live demonstration will delve deeper into EDR, threat hunting with forensic data
How to train your security team cyber defence tactics
Nimrod Kravicas, security and testing sales director, Ixia
There is no need to explain the damage of a successful attack against any type of organisation, finance, government etc. Vendors training is all about operating their solutions, however, stopping a real-world threat requires security knowledge, research abilities and an understanding of the infrastructure and architecture to ensure that you make the right decision about how to mitigate an attack. You better send a soldier to the range before sending him to combat. In our session we will discuss the challenges of setting up a training room, what type of exercises need to be considered, how to maintain knowledge base over time
- What is CyberRange
- How CyberRange save you money and help you keep your reputation
- Why training your security team and employees is important to you, how to manage it as an on-going process
Cyber security and privacy at the age of Internet of Things
Owen Bredan, technology visionary and a proven information security leader
Cyber security and privacy is a serious concern not just in the IoT, but in all the applications, devices or systems where we share information. Even when users take precautions to secure their information, there are conditions that are beyond their control. Adversaries can now craft attacks with unprecedented sophistication and correlate information not just from public networks, but also from different private sources, such as cars, smart fish tank, home automation systems, toys and even refrigerators.
- Cybersecurity landscape for the Internet of Things
- Inefficiency of current security standards uncovered
- Intelligent cybersecurity systems: The key to a safer tomorrow
Thought-leadership Cyber security threats and mitigation techniques for multifunctional devices
Muyowa Mutemwa, RAD: senior cyber security specialist, CSIR
Every small, medium or enterprise organisation makes use of printers, copiers, scanners, faxes and multifunctional devices for day-to-day operational functions of the organisation. These devices are either purchased outright or obtained on a lease contract. When the device's end-of-life is reached, the devices are either disposed of through donations to non-profit organisations or retuned back to the original equipment manufacturer at the end of a lease agreement contract. Unknown to most IT operations personnel and information security personnel, these devices carry an inherent vulnerability. These devices have secure and unsecure network communications protocols, hard disk drives, volatile memory, and non-volatile memory. All these device specifications are vulnerable to cyber threats and attacks.
- Determine the extent to which your organisation is expose to the threat of sensitive information belonging to either an organisation or its employees being accessed
- Gain insight into research that was conducted on such devices
- Get guidelines on how to safely use and decommission such devices to circumvent the loss of sensitive information
Protecting the business from ransomware
Kudakwashe Charandura, director cyber security, SizweNtsalubaGobodo
Since its discovery on 12 May 2017 the WannaCry ransomware attack continued to spread, impacting over 10,000 organisations and 200,000 individuals in over 150 countries, according to European authorities. It shut down work at 16 hospitals across the United Kingdom, as reported by The Guardian. However, while measures were taken to slow the spread of the malware, new variations surfaced.
In May 2017 the PETYA malware crippled many organisations in Europe and the US. The malicious software spread through large firms including the advertiser WPP, food company Mondelez, legal firm DLA Piper and Danish shipping and transport firm Maersk.
In light of these attacks:
- What is ransomware?
- How can it impact your business?
- How can organisations and individuals protect themselves from such attacks?
Join us for this insightful discussion as we unpack practical solutions to better prepare and protect businesses from such cyberattacks.
Everything you need to know about the expected impact of artificial intelligence in cyber crime
Eleanor Weaver, commercial director Middle East & Africa, Darktrace
This presentation will cover the upcoming and prominent changes in cyber security as a result of the rise of automation, self-learning machines and improving artificial intelligence.
- How artificial intelligence has impacted profoundly the future Internet and how this has paved the way for digital criminal activity
- Why these technologies have changed the complexity of business and protection, and how current defenders are being outpaced
- How machine learning and advanced mathematics act as tools for handling this complexity
- Real-life examples and applications of attacks unveiled
- How you can best protect your organisation from such attacks
Exploits in the cryptocurrency craze: what you must know to protect your organisation
Helge Husemann, product marketing manager EMEA, Malwarebytes
As long as cybercriminals can make a profit, businesses and their data will always be a target. However, this is just the beginning to the new attack vectors and threats organisations are now facing. Learn about a few of the trends and recent attack methods that our research labs have discovered pertaining to nefarious block-chaining and illegal drive-by crypto-mining. We will uncover how these attacks are being delivered and how your company or personal electronic devices may be at risk—without you even knowing it. Additionally, we will identify the essential security measures that your customers must incorporate to protect themselves and their company.
- The current/future state of drive-by and crypto-mining within the cryptocurrency real TTP's (Techniques, Tactics, Procedures) used to assist in illegal block-chaining activities
- Best of breed security practices needed to mitigate and protect yourself and organisation from these new drive-by block-chaining attack vectors
- Last but not least a couple of tips and things to think of if you are the CIO/CISO of an organisation from a 10 year old to a "start up"
Thought-leadership Data integrity, the lifeblood of the future
Maeson Maherry, chief solutions officer, LAWtrust
If data is the new oil, then data integrity is the lifeblood of the future. I would go so far as to say that without integrity and authenticity, data may as well not even exist. If we look back at the last attacks in the news you quickly see a sensationalist effect of all the attacks. Widespread denial of service due to ransomware or other attacks. We are all starting to get our heads around the importance of data backups and reasonable security practices, but what if the attack did not have an obvious and visible outcome? What if the attack's purpose was to change the information you relied on so as to cause far more damage over time. Would you be able to prevent this or even detect it before it is too late? A lot has been said about block-chain technology and the immutability of the records in the block-chain, so let's have a look at the technology and business concepts that make a block chain secure and immutable and then discuss uses for these elements within or outside of a block chain solution. This talk will build a framework of essential elements to be considered in designing a business system that you can rely on.
- The talk will help the audience understand the role and importance of data integrity as a security threat
- We will look at the popularity of the blockchain concept and how its fundamentals can be applied to any data
- We will build up a framework of essential elements to be considered to build a trustworthy business system
- I will discuss a case study of the electronic DNA system applied to privileged user transaction integrity in government and how it delivered on organisational security
Cybernetics 2020 – Automation, Algorithms & AI
Neil Thacker, CISO, EMEA, Netskope
This talk will position the current state of human and machine mechanics and the next steps for automation in cybersecurity. From the first Automatic Computing Engine in the 1950's through to the present day, technology, mathematics and science have run parallel to accelerate artificial applied intelligence into mainstream applications. With the focus on connectionism and the use of bayesian and artificial neuron techniques and their exposure to large datasets, this talk will translate simulation examples into real-world use cases that can be applied to modern cybersecurity programmes.
- Understand the role of automation in a cybersecurity program including first steps to build decision trees based on probable models
- The role of the human. Monitor, Model, Apply – how reinforced learning skills can be applied to day-to-day operations
Active defence in the age of cyber 4.0
Kovelin Naidoo, cybersecurity officer, First National Bank
- Know your enemy, the evolution of organised crime
- Why duck when you can hit back?
- From Russia with love – industry 4.0 learnings from Russian underground
Are you thinking as a myopic specialist or a business opportunity creator?
Keith de Swardt, CEO, 4IR Consulting
- Are you seen as a cost like insurance (unseen value) or a critical investment in your business future?
- Looking at the expression "more is better" or is it?
- Fear or passion, do we understand the human dynamic and how to lead it
- It is not only about the technology, but the people we lead and the culture we shape to achieve our strategic map of the digital landscape
- Putting security at the bedrock of your organisation – how and why