Arrival and registration
Opening Keynote Address: South Africa has a security problem
Charl van der Walt, Chief Strategy Officer, SecureData SensePost (UK)
- What victories have been achieved from a defender point of view?
- What advancements have been made?
- What progress has been made in terms of the push towards better identity and authentication management/processes (MFA)?
- What positive impact have regulation and compliance requirements such as GDPR had?
International Keynote Address: Unbelievable stories of cyber-horror
Graham Cluley, Independent Security Expert (UK)
Every day we read headlines of data breaches, hacks, and malware attacks. Often they're identikit newspaper stories where you could easily just change the names of the companies involved and the number of customer records they have had stolen from them. But every now and then something extraordinary happens. Like the companies who pretended to be hacked when they weren't, or the attackers who went to extraordinary lengths to steal millions from their employers. In this presentation, computer security veteran Graham Cluley explores some of the surprising and unusual ways that companies have been hacked, and the craziest things tech companies have done to put our data at risk.
- How hacked companies exploit the media to boost their brand
- How to cheat at the lottery and win $14.3 million
- Recognising the insider threat
- You won't survive unless you're sceptical
International Keynote Address: The future of security analytics: from static lists to machine learning
TK Keanini, Distinguished Engineer, Advanced Threat Solutions, Cisco (USA)
As we look back 20 years, what and how we defended our digital business was drastically different, yet the analytical outcome remains the same: detect and remediate threats in a timely manner. Threat actors have evolved, our environments have changed to include everything from traditional data centres to public clouds, network sessions are dark to direct inspection, and as a result, security analytics has had to innovate to keep pace. You should not have to be a data scientist to be an educated consumer of these advanced analytical techniques. In this talk, we will quickly review what machine learning is and set a foundation for talking about the different techniques, but more importantly, when to use it in certain applications and when not to use it. You will leave with six simple questions every security vendor applying machine learning should be able to answer and you will be a more educated consumer of this technology.
Morning refreshments and exhibition visit
International Keynote Address: Israel's strategic response to the cyber threat
Ofir Hason, CEO & Co-Founder, CyberGym (Israel)
Israel is perceived as a world leader in cyber capabilities. In a report that examined the cyber preparedness of twenty-three countries, Israel received the highest score (4.5 stars out of 5). Israel has become a cybersecurity powerhouse at the centre of an $82 billion industry. Last year it exported $6.5 billion in cybersecurity products and convinced more than 30 multinationals to open local R&D centres. Current estimates reveal Israel has about 20% of the global private cybersecurity investment. Israel is constantly under attack. The secret to their existence is having technological superiority to their enemies. Cyber is not an exception. Developing operational capabilities in the cyber arena is essential to safeguarding Israel's national strength. Its economy and its future as a democratic and open society depend largely on the capability to protect the country's vital computer networks from any disruption of normal life. In this presentation, Ofir will discuss Israel's strategic positioning as a cybersecurity leader:
- The government as coordinator.
- The government as a business catalyst
- Investing in human capital
- Making the military a start-up incubator and accelerator
- Innovative approach: thinking outside the (cyber) box
Total Wipe Out: What could happen if cyber criminals successfully attacked a country's critical infrastructure systems?
Veronica Schmitt, Lead Forensic Analyst, DFIR Labs
Cyber warfare can be described as digital attacks which are aimed against a country or nation in order to cause disruption to the computer systems which are associated with critical infrastructure. The aim of a cyber war like this would be to create the most significant damage, potential death, destruction and/or total anarchy. The term "BlackOut" is used in hacker circles to refer to a plan to cause a total blackout within a country or nation of all critical infrastructure. With the ever-increasing interconnectivity of a country's critical infrastructure, it's possible that a country could experience BlackOut and be crippled within a month. This presentation will be in the format of a reenactment of a theoretical BlackOut plan on a fictional country, "Barony of Mejis", by using information and tooling that is freely available on the Internet. The presentation will be given around a set timeline indicating a high-level approach to a BlackOut plan. All targets will be applicable in real life, and based on realistic systems, but will be fictionalised.
- Understanding the Internet of "hackable" Things
- Understanding how critical infrastructure is connected to the Internet
- Understanding the vulnerabilities within these systems
- Insights into a BlackOut plan and getting into the mind of cyber war criminals
- Using examples of real-world hacks which have taken place
Panel discussion Assessing SA's national cyber risk 'thermometer' - what is our national risk level and how prepared are we in the case of an attack?
Moderator: Craig Rosewarne, Managing Director, Wolfpack Information Risk
Gerhard Cronje, Head: Cyber and Information Security Unit, South African Reserve Bank (SARB)
Susan Potgieter, Head: Strategic Services, SABRIC
Mike Silber, General Counsel & Group Head: Regulatory, Liquid Telecom
Dr Kiru Pillay, Chief Director: Cybersecurity Operations, Department of Telecommunications and Postal Services
Kovelin Naidoo, Cyber Security Officer, First Rand Group
The probability and impact of cyber-attacks was rated as the top man-influenced risk facing countries and organisations in the recent 2018 World Economic Forum Global Risks Landscape report. The health, safety, security, economic well-being of citizens, effective functioning of government, and perhaps even the survival of the industrialised world, relies heavily upon interconnected critical systems. A country may experience widespread disruption or even loss of human life if these systems become inoperable. South African organisations responsible for critical infrastructure need to have a consistent and iterative risk-based approach towards identifying, assessing and managing cybersecurity risk. During this facilitated discussion, Craig will engage with key public and private sector stakeholders to discuss:
- The current cyber risk challenges facing SA
- Who are the main public and private institutions accountable at a national level?
- What is the current state of our country's readiness to mitigate these threats?
- Proposed initiatives and timelines and possible opportunities for joint public/private partnerships
International Keynote Address: Increase your security posture using cloud-driven visibility
Henrik Johansson, Principal – Office of the CISO, Amazon Web Services
Learn how cloud technology can super charge your security by providing visibility into your entire infrastructure and everything going on. Understand why that old server under the desk that no one knows about is no longer a threat since you can’t hide unwanted resources in the cloud.
We will cover areas like:
- Why visibility is fundamental for secure workloads
- What is visibility vs auditability
- Understanding the role of managed services in offloading your security team
Lunch and exhibition visit
Track One - Strategy and User Awareness
This track takes a strategic look at implementing a business-driven cyber security plan and where the responsibility for cyber security should sit within your organisation. It also examines how to raise awareness of cyber security throughout your business, from the boardroom to the shop-floor.
Craig Rosewarne, Managing Director, Wolfpack Information Risk
Case study Developing a business-driven security strategy around prevention, detection, response and recovery
Gerhard Cronje, Head: Cyber and Information Security Unit, South African Reserve Bank (SARB)
- Defining the reference framework from the technical level to executive level so that everyone understands the issues
- Balancing the need for a tactical approach to plug any immediate threats while putting in place a proactive strategy for cybersecurity
- Thinking like a hacker: identifying the systems/data that drive your business that could be attacked
- Understanding what tools you need and ensuring that they are operationalised properly
- How do you ensure that your security plan demonstrates a visible increase in security after implementation?
Case study Where does cybersecurity belong in your organisation? Creating the right culture and structure to enable cybersecurity to be effective
Alex Bowdler, IT Operations & Security Manager, Aspen Pharmacare
- What are the pros and cons of locating cybersecurity within the following departments:
- Physical security
- Who is responsible for what? Creating appropriate reporting lines specific to your organisation and separating the governance of cybersecurity from its implementation
- Ensuring collaboration across all the different departments and encouraging the person responsible for cybersecurity to share information
- Getting the culture right: creating an environment of openness and transparency in order to manage the organisational risk
- Creating an agile structure for a fast response, e.g. emergency procurement processes
- What are the pros and cons of outsourcing the CISO function and cybersecurity services?
Afternoon refreshments and exhibition visit
Cybersecurity: Increasing your reputational resilience
Marina Bidoli, Partner and Office Head, Brunswick South Africa
"When, not if" has long been a stark warning from cyber experts and regulators. Despite growing awareness that businesses can be brought to a standstill, too many organisations still do not take adequate steps to prepare in advance for a cyber breach or significant data incident. The reputational impact of a poor response can be severe, compounding the initial financial and operational impacts. Trust in leadership and the brand is eroded and badly handled communications can worsen the situation. It becomes a case of "You should have seen this coming. You should have been better prepared. Why did you not protect my information?" Recent Brunswick Insight research shows that, fairly or unfairly, there is much finger pointing, with the brunt of the blame for a cyber incident falling on the victim of the attack not the perpetrator. There has also been an increase in class action suits and, in significant breaches, the resignations of either their CEO, CISO and/or Head of Legal. So what does one do in such a toxic environment? In this presentation the speaker, Marina Bidoli, will look at reputational aspects of cyber breaches. She will provide some highlights of what works, and what does not.
- Preparation pays: how can you prepare for a cybersecurity breach?
- Toolkits, messaging, stakeholder maps and simulations matter: what should you have ready for a rapid response?
- Case studies and tips on how best to navigate through the crisis
- Steps needed to rebuild reputation and regain trust
Panel discussion How do you increase user awareness and keep your workforce 'cyberfit'?
Moderator: Jenny Mohanlall, CEO, RITS-SA
Julian Ramiah, Group Chief Information Security Officer, Liberty Holdings
Kobus Pienaar, CIO, Vedanta Zinc International
Mdu Zakwe, CEO, MICT SETA
Venisha Nayagar, Director: Information Security and Risk Management, CRYPT IT
Wayne Theron, Information Security Manager, BankservAfrica
- Understanding cyberpsychology: what is the impact of human behaviour on security within your organisation?
- How do you demonstrate to users the risks on a business and personal level, e.g. what happens if you click on a link?
- How do you design and implement an effective, ongoing phishing awareness campaign?
- Creating a culture of reporting security incidents based on trust and understanding rather than fear
Cyber insurance: what are the benefits and what to look out for when choosing a cyber insurance product?
Ryan van de Coolwijk, Product Champion: Cyber, ITOO Special Risks
- Examining the benefits of cyber insurance: what does it cover?
- Understanding how a cyber insurance policy helps to mitigate risk exposure in the case of a breach
- What should you look out for when choosing a cyber insurance policy? What questions should you ask?
- What do cyber insurance providers look for when deciding whether to provide coverage and what level?
Closing remarks from the Chair and official networking cocktail function
Track Two - Governance, Risk, Compliance and Regulation
This track will provide an update on all the current and proposed legislation around cyber security, most notably, the Cybercrimes Bill. It also examines the need to quantify your cyber risk and how to empower your internal audit team to assist with cyber security.
Track Chair: Corien Vermaak, CyberSecurity Specialist, Cisco
Case study Integrated Risk Management - automating peace of mind
This case study presentation will examine how the implementation of integrated risk management at Growthpoint allowed them to identify, manage and remediate high risk third parties and provided them with the process, automation and evidence required to achieve compliance to their standards.
Developing a cybersecurity programme based on the NIST framework
Raymond du Plessis, Senior Managing Consultant, Mobius Consulting
The NIST Cybersecurity Framework is being adopted by many organisations because it focuses on the key capabilities required to identify, protect, detect, respond and recover from cyber related threats and incidents. However, improving cybersecurity capabilities comes with a significant investment, which is why some companies are reluctant to fully adopt the framework. During this talk Raymond will discuss using the framework to develop a risk-based approach for cybersecurity improvements that will help motivate the investment required. This presentation will include the high-level steps you can use to go from developing a threat profile, performing an initial assessment, through to developing your improvement programme. The presentation will also include some of the key aspects to consider for your improvement programme and the adoption of the framework such as operational capacity, prioritisation, budget and programme governance.
- Using the NIST Cybersecurity Framework to assess your organisation's current capabilities and threat profile
- The high-level steps to take when developing a cybersecurity programme
- Aspects to consider for your improvement programme
Afternoon refreshments and exhibition visit
An update on the Cybercrimes Bill
Corien Vermaak, CyberSecurity Specialist, Cisco
- Examining the latest version of the Cyber Crimes Bill: what does and doesn't it cover? When will it be passed into law?
- How will the broad phrasing in the Bill impact CIOs and companies, i.e. to what extent could they become criminals based on their use and handling of data?
- Does this legislation go far enough to address the issues that SA is currently facing in terms of cyber crime and cybersecurity? What more needs to be done from a policy/legislative point of view?
- Comparing the Bill with equivalent international legislation – what is done globally?
Achieving compliance with security and privacy regulations: POPIA & GDPR
Yvette du Toit, Senior Manager, EY
- An update on GDPR and POPIA: when will POPIA come into force? What has been the impact so far of GPDR on South African-based companies?
- Comparing GDPR and POPIA: to what extent do they overlap? If they both apply to the same information, which piece of legislation will prevail?
- Understanding the need for your organisation's approach to PoPIA and GDPR to be driven by the Board and not IT
- How will POPIA and GDPR be enforced?
- If GDPR applies to your organisation, do you need to appoint an EU-based representative?
Security ratings: Enabling organisations to focus on measurable cyber risk reduction
Russell Budworth, Sales Director, BitSight Technologies
In this presentation you will learn ideas and best practice for effective conversations on risk with your security teams, board members, business partners, insurers and regulators:
- How security ratings help organisations measure, manage and report on cybersecurity performance
- Monitoring critical 3rd party suppliers for the identification of concentration risk (4th parties) and hidden dependencies
- Benchmarking - How are 'we' doing... especially compared to our peers and competitors?