Arrival and Registration
International keynote speaker and cyber security luminary
Mikko Hyppönen, chief research officer, F-Secure
Opening Address The state of cyber security 2018 and beyond
Charl van der Walt, chief strategy officer, SecureData SensePost
The purpose of this talk to offer a view on South Africa's "Security State of the Nation". As participants in a global economy that is technically and politically inter-connected in every possible way, how ready are we as a small emerging player to protect our digital assets, government and commercial, and thus maintain our competitiveness and ultimately our sovereignty as a nation?
The talk will seek to lay a foundation of reasoned awareness regarding our digital strengths and weaknesses and thereby also create a backdrop against which other talks and panels at the Summit can be viewed.
Insights will be drawn from an analysis of global trends in cyber security, both technical and policy, our own direct insights gleaned from operating on multiple continents for over a decade now, recent breach cases in South Africa and elsewhere, as well as various surveys and technical studies benchmarking South Africa against other countries in the world.
- A high-level of understanding of what "cyber" state-of-the-art is in the world's leading nation
- A high-level of understanding of where South Africa stands in that regard, and how that manifests in terms of our policies and technical levels of security
- Some thoughts on what to expect from the Security Summit and how to get their time spent at the event
International Keynote Speaker You're right, this talk isn't really about you!
Jayson Street, infosec ranger, Pwnie Express
"Stupid user clicked on a link", "Social engineering, because there's no patch for human stupidity" and "Make it simple enough that the CEO can understand it". Blaming users is not helpful. Instead of hiding our failures behind simplified excuses and jokes, let's address the elephant in the room. We need to find a solid way to approach and rectify the issues at hand. Technology is not our problem, human behaviour is! In this presentation, we will discuss topics related to human behaviour, which need to be modified for the sake of better security.
- A mirror will be held up to our industry as we inspect how we can better teach and interact with others
- Examine some important questions head-on and walk away with a better path for understanding the true issues we are facing
Networking, Business Matchmaking and Refreshments
International keynote speaker Orange is the new purple – how and why to integrate development teams with Red/Blue Teams to build more secure software
April Wright, senior manager: information security and compliance, Verizon (USA)
Introducing a new paradigm for integrating developers with offensive and defensive teams to enhance SDLC. Utilising Red, Blue, and now Yellow (Development) Teams in a structured way to provide knowledge sharing, strengthening of defences, coverage, and response, and ultimately the development of a high level of security maturity over time. This new concept of "Red + Yellow == Orange && Blue + Yellow == Green" focuses on the role of Developers as a critical piece of security assurance activities when combined with Offensive and Defensive Teams. Orange Teams add value when they have been integrated into SDLC by creating a cycle of perpetual offensive testing and threat modelling to make software more secure over time through a high level of dedicated interaction. Green teams add value when they help ensure software is capable of providing good DFIR information. This talk will evaluate how different Team combinations can lead to more secure software.
- Understanding why software is built un-securely
- The value in combining teams with different purposes but shared goals
- Ways to elicit change revealed, ie, tips for getting management buy-in
Everything you need to know about the expected impact of artificial intelligence in cyber crime
Eleanor Weaver, commercial director Middle East & Africa, Darktrace
This presentation will cover the upcoming and prominent changes in cyber security as a result of the rise of automation, self-learning machines and improving artificial intelligence.
- How artificial intelligence has impacted profoundly the future Internet and how this has paved the way for digital criminal activity
- Why these technologies have changed the complexity of business and protection, and how current defenders are being outpaced
- How machine learning and advanced mathematics act as tools for handling this complexity
- Real-life examples and applications of attacks unveiled
- How you can best protect your organisation from such attacks
Lunch, Networking and Business Matchmaking
Break into Tracks
Track one starts
Information has value: the art and science of information security law compliance
David Luyt, associate, Michalsons
Information has value. It's worth something to you and your customers. But, criminals also want to get their hands on it. In the same way that you protect your equipment and other valuable company assets against theft, you need to protect the personal information in your care against unauthorised access. It makes business sense, and more importantly – the law demands it. Data protection laws generally require you to take 'appropriate, reasonable technical and organisational measures' to secure personal information. Does that mean encryption, video surveillance, and policies? Let's explore the art and science of information security law compliance.
- Get an introduction to the art and science of information security law compliance
- Understand the main rules, codes, and standards that form the body of information security law
- Expand your understanding of what you think of as information security measures
- Learn how to comply with information security law in your organisation at a high level
Cyber security governance in SA: regulatory developments explained
Pria Chetty, regional director, EndCode
Delve into the complex framework that is cyber security regulation in South Africa. In a situation where existing legislation has proven impractical to implement, a draft national governance framework and a draft cyber crime law, the landscape remains uncertain. Add to this a host of pending regional and international regulation that will further influence the direction SA takes in forthcoming regulatory interventions. This presentation will deconstruct the regulatory developments that are invaluable to security professionals who need to ensure organisational security is consistent with regulatory compliance pressures.
- Uncover existing cyber crime offences, proposed cyber crime offences as well as institutional structures that impact the governance of cyber security as evident in existing and proposed regulation
- Extension of governance and oversight from critical data to critical infrastructure discussed
- Debate the current compliance environment in SA
- Unwrap the contents of The Budapest Convention on Cybersecurity, the African Union Convention on Cybersecurity, and the SADC Model Law on Cybercrime
Ensure global regulatory compliance with regards to privacy laws through electronic handshakes and signatures
Gideon Bouwer, cyber law and criminal law forensic specialist, Cyber Law Forensics
The full implementation date for the GDPR and POPIA is May 2018. Global compliance is therefore essential for any multinational company, or any company that transfers privacy data over the Internet. Two universal rules apply when considering international and local compliance, encryption and/or pseudonymisation. Both solutions must apply to data in transit and to data in storage. The implementation of effective electronic handshake solutions and electronic signature solutions will be presented and discussed.
- The practical implementation of cyber security tools to obtain transborder data flow compliancy
- A simplified view of global regulatory compliancy as it applies to cyber securityy
- A view of working legal/IT integrated solutions
The Cybercrime and Cybersecurity Bill in the private sector unpacked
Corien Vermaak, independent IT law specialist
Companies are becoming increasingly aware of the impending Cybercrime and Cybersecurity Bill. However, in most cases, businesses are ill-informed about the proposed effects on the private and public sectors respectively. The Bill not only aims at criminalising digital offences in a more mature manner than its predecessor, it also places certain cyber security obligations on identified business sectors. The Bill's obligations are aimed at certain focus areas for the cyber security framework.
- Unpack the identified and affected industries; find out if your business will be affected
- Find out what obligations are placed on businesses
- What are the minimum qualifying factors and priorities?
Importance of cyber security
Nkosana Mbokane, CEO, TechnoChange Solutions
Understanding the risks and prevention strategies for cyber attacks: management and personnel understanding and awareness; basic cyber security terminology that every employee should know and the reason why this is imperative.
Going deeper and discussing the reasons why some companies are attacked and others are not; how to avoid cyber attacks and why it is important for companies to have a cyber security strategy and plan; what are the most important components of the cyber security strategy; and who are the most important role players in ensuring success in the implementation of the cyber security strategy and plan.
The presentation concludes by highlighting the risks associated with cyber attacks for companies, what programmes are effective for creating cyber security personnel awareness and the difference between and importance of understanding the technical versus cultural aspects of cyber security, as well as dealing with and creating effective cyber security programmes that are key to preventing cyber attacks.
- When you are at risk of a cyber attack and how to build cyber security aware personnel
- How you can counter cyber attacks and build cyber resilient systems
- Important cyber security terminologies
Track two starts
Mini-Workshop Personality traits meet cyber security
The art of "people hacking", or social engineering, uses psychological techniques to trick people into revealing information, installing malicious software or participating in scams. Research has shown that certain personality traits make people more (and less) likely to fall prey to specific attacks or scams. This talk explores the above hypothesis, based on actual research carried out, which combines personality traits and security knowledge and behaviour.
- Deeper understanding of how personality traits influence online behaviour
- How to use this data in security culture and awareness programmes
- Security awareness best practices
Practical tactics to change user behaviour and create a secure culture
Dr Bright G Mawudor, head of cyber security services, IS
The human element of any attack is the most predominant vector hackers take today when compromising a system or organisation. Cyber security awareness is lacking in most organisations, and even with some of the most intelligent systems in place, they still fall prey to a hack.
- Mawudor's presentation will show practical examples of how an attack happens using social engineering, with live hacking demonstrations to break down the hacking methodology and how to create a secure culture.
Are you thinking as a myopic specialist or a business opportunity creator?
Keith de Swardt, CEO, 4IR Consulting
- Are you seen as a cost like insurance (unseen value) or a critical investment in your business future?
- Looking at the expression "more is better" or is it?
- Fear or passion, do we understand the human dynamic and how to lead it
- It is not only about the technology, but the people we lead and the culture we shape to achieve our strategic map of the digital landscape
- Putting security at the bedrock of your organisation – how and why
Digital transformation: visibility and compliance in a transitional World
Darron Gibbard, chief technical security officer, EMEA, Qualys
With an increasing pace of change and adoption of new technologies such as the Internet of Things, new platforms on which we deploy including public cloud, and new ways and places of working, brought about by the transitional and evolving nature of businesses, security visibility becomes ever-more critical, yet more challenging.
Gaining a clear understanding of IT infrastructure, hosts and critical applications, vulnerabilities to which they may be susceptible and the ability to demonstrate compliance against regulatory and organisational mandates is a task made more difficult by the transitional nature of business and underlying technologies.
- In this session we look at some of those challenges and the changing response to adapt and regain visibility in order to respond in a timely manner to critical events such as Wannacry, and wide-ranging initiatives such as GDPR.
Track Three starts
A security opportunity against advanced persistent threats
Many organisations still rely on anti-malware/virus protection systems for protection against APT attacks.
- Gain insight into the latest on anti-malware and anti-virus
- Recent statistics unveiled
- Detail the anatomy of APT attacks
- ARM and the role of IoT
Catch an intruder in his tracks – advanced threat hunting
Jeremy Matthews, regional manager: Africa, Panda Security
The threat landscape has evolved significantly over the past twenty plus years, this presentation will highlight these changes and reveal how these threats have advanced. Attack types will be explained, examples discussed and possible preventative measures considered. Secondly, the latest security paradigm for the endpoint detection and response will be brought to light and the implications for organisations debated.
- Anatomy of a cyberattack detailed
- Practical examples of how an attack happens and preventative measure available
- Live demonstration will delve deeper into EDR, threat hunting with forensic data
Case Study: Evade the traditional cyber defences deployed by enterprises and government agencies worldwide
Helge Husemann, product marketing manager EMEA, Malwarebytes
Find out how local organisations have identified and eliminated Advanced Persistent Threats (APTs), targeted attacks and other sophisticated malware that are designed to evade the traditional cyber defences deployed by enterprises and government agencies worldwide.
- Identify current APTs and other Malware currently plaguing business and society alike
How to train your security team cyber defence tactics
Nimrod Kravicas, security and testing sales director, Ixia
There is no need to explain the damage of a successful attack against any type of organisation, finance, government etc. Vendors training is all about operating their solutions, however, stopping a real-world threat requires security knowledge, research abilities and an understanding of the infrastructure and architecture to ensure that you make the right decision about how to mitigate an attack. You better send a soldier to the range before sending him to combat. In our session we will discuss the challenges of setting up a training room, what type of exercises need to be considered, how to maintain knowledge base over time
- What is CyberRange
- How CyberRange save you money and help you keep your reputation
- Why training your security team and employees is important to you, how to manage it as an on-going process
Thought-leadership Cyber security threats and mitigation techniques for multifunctional devices
Muyowa Mutemwa, RAD: senior cyber security specialist, CSIR
Every small, medium or enterprise organisation makes use of printers, copiers, scanners, faxes and multifunctional devices for day-to-day operational functions of the organisation. These devices are either purchased outright or obtained on a lease contract. When the device's end-of-life is reached, the devices are either disposed of through donations to non-profit organisations or retuned back to the original equipment manufacturer at the end of a lease agreement contract. Unknown to most IT operations personnel and information security personnel, these devices carry an inherent vulnerability. These devices have secure and unsecure network communications protocols, hard disk drives, volatile memory, and non-volatile memory. All these device specifications are vulnerable to cyber threats and attacks.
- Determine the extent to which your organisation is expose to the threat of sensitive information belonging to either an organisation or its employees being accessed
- Gain insight into research that was conducted on such devices
- Get guidelines on how to safely use and decommission such devices to circumvent the loss of sensitive information