Michael Avery, Anchor, Classic Business FM
Suelette Dreyfus, academic specialist, School of Computing and Information Systems, University of Melbourne (Australia)
You’ve built the biggest, strongest cyber security wall ever. Then your organisation’s staff unlocks the front door to welcome in the intruders. AI is touted as the magic fix for solving the weakness of human factors in the cyber security chain. But the technology is seen as immature relative to need and is perceived as taking more time and budget to implement than is worth the pay-off. Most of all, there is no ‘press a button and problem’s solved’ solution here – there is no replacement for human IT managers understanding what such systems recommend and why. Trust and transparency in AI platforms handling cyber security are essential – but will vendors provide this?
This keynote will look at what the international academic research finds about human factors in cyber security. What are they and what approaches can be used to address them? This isn’t just about understanding human behaviour, it’s also about how organisations can make their security responses fit with the humans, instead of demanding the humans fit security programmes and protocols. Some IT security experts recommend punitive measures against employees who repeatedly don’t attend to cyber security – but is it realistic to punish the busy C-suite exec? Are there better ways to win security for your organisation?
Uri Rivner, chief cyber officer & co-founder, BioCatch (Israel)
Major attacks have rocked the online shores of the UK and US! In the UK, a tsunami of social engineering scams is encouraging thousands of victims to move their entire account's worth to criminal hands. Meanwhile, the US is fighting two tidal waves: a steep increase in account opening fraud due to identity data hacks and synthetic ID scams, and massive campaigns targeting its new real-time P2P money transfer scheme. Can these new threats be stopped? In this uniquely interactive keynote, Uri will ask the audience’s help by going through a series of real-world cases and ask delegates to make a difficult call: is this is a fraudster or a genuine user?
Jason Jordaan, principal forensic analyst, DFIR Labs
When one looks at critical attacks in the physical world, such as the Japanese attack on Pearl Harbour in World War II, or the 9/11 attacks against the World Trade Centre and the Pentagon, intelligence failures were identified that could have mitigated the impact of the attacks, if not stopping them altogether. We see the same thing happening in the cyber world, where intelligence efforts are fragmented, not only within government, but also in the private sector. If you look at the South African situation, our cyber threat intelligence environment is segmented and fractured, and there is significant distrust. We are not alone in this. So how do we try and improve the situation? How do we improve our ability to share threat intelligence to protect us all, and to collaborate on common threats? This presentation will explore some of the mechanisms and frameworks currently in operation around the globe aimed at improving our ability to share cyber threat intelligence that is meaningful, as well as how we can better collaborate against a common enemy, the cyber threat actors:
• Identifying the common problems in threat intelligence collaboration and sharing
• What do we actually mean by threat intelligence?
• Uniting against a common threat
• Building networks of trust
• Intelligence frameworks and platforms
Craig Rosewarne, managing director, Wolfpack Information Risk
Kiru Pillay, chief director: Cybersecurity Operations, Department of Communications and Digital Technologies
Adv Paul Louw, senior deputy director public prosecutions, National Prosecuting Authority of South Africa
Jason Jordaan, principal forensic analyst, DFIR Labs
This track will focus on the latest technology developments and the implications they have for information and cyber security. Some of the subjects covered include: cloud, container security, identity governance and administration and DevSecOps.
Winston Hayden, independent management consultant and advisor
O'Shea Bowens, founder and CEO
As a defender, we've seen the landscape change over the past few years. A shift to cloud, better endpoint detection capabilities and overall acceptance of leveraging threat intelligence. All these items are advantages for SOC personnel, but how are we incorporating application security? How the heck are we securing our containers? The idea of "shifting left" is based on secure SDLC, but how do we build detection, response and monitoring of applications and containers into the SOC? The normal gambit of next-generation firewalls and anti-virus products aren't applicable as applications differ from build to build. This presentation will focus on building out capabilities to help defenders identify vulnerable containers, attacks against the application, detection mechanisms and how to leverage this information for triage.
• Understanding how to build secure containers.
• Identifying layer 7 non-traditional attacks against your application.
• Identifying attacker movement inside your container.
• Learn tactics and techniques to aid your SOC approach to ‘shifting left’.
Gus Clarke, head of Security, Tari Labs
This track will focus on the offensive and defensive tools, technologies and strategies that your blue and red teams should be considering. Topics such as incident response, threat hunting and vulnerability management.
Wicus Ross, senior security researcher, Orange Cyberdefense
Most modern-day cyber attacks start with an endpoint compromise. Deployment of an endpoint detection agent before a cyber attack is therefore crucial but by no means the silver bullet for detection and response as a whole; problems can and do arise from an over-reliance on EDR-aligned solutions. As will be demonstrated in this talk, EDR technology requires the insights and understanding of a highly skilled security team. The information and data it generates is indeed powerful, but alone this technology cannot defeat a skilled attacker’s ability to contextualise and circumvent complex situations and environments. In response to this contention, Warren Hero, Webber Wentzel’s Chief Information Officer will discuss the then and now of preparing his organization for a cyber attack while Roy Fisher, F-Secure’s Consulting Director, provides context regarding the sophisticated nature of modern attackers and why equal insight and skills are required to counter such threats. You will learn:
Veronica Schmitt, lead forensic analyst, DFIR Labs
In the digital age, we are moving more progressively to an interconnected world. This leads to more incidents taking place and the spotlight being placed on how an incident is handled. Instead of highlighting how it should be done, Veronica will show how it should not be done and the reasons why. The presentation will draw from her personal experiences within the industry and cases that she has investigated. Veronica will also focus on the volatile nature of the incident response evidence available.
Cyril Baloyi, group chief technology officer, City of Johannesburg
Kudakwashe Charandura, director – Cybersecurity, SNG Grant Thornton
The rise of cyber attacks requires greater focus and investment into cyber security. A common thread in all cyber attacks is the exploitation of a vulnerability or a weakness in existing systems. It is thus imperative for businesses to assess their systems and processes to identify any vulnerabilities and plug them, before cyber criminals exploit them. The session will unpack vulnerability management and offer practical solutions to effectively identify, prioritise and resolve vulnerabilities and protect businesses from cyber attacks.
Cybereason is the leader in endpoint protection, offering endpoint detection and response, next-generation antivirus, managed monitoring and IR services. Founded by elite intelligence professionals born and bred in offense-first hunting, Cybereason gives enterprises the upper hand over cyber adversaries. The Cybereason platform is powered by a custom-built in-memory graph, the only truly automated hunting engine anywhere. It detects behavioural patterns across every endpoint and surfaces malicious operations in an exceptionally user-friendly interface. Cybereason is privately held and headquartered in Boston with offices in London, Tel Aviv, and Tokyo.
See more at: www.cybereason.com.
Cloudflare, Inc. (@cloudflare) is on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers more than 10 trillion requests per month, which is nearly 10 percent of all Internet requests worldwide. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all traffic routed through its intelligent global network, which gets smarter with each new site added. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was recognized by the World Economic Forum as a Technology Pioneer, named the Most Innovative Network & Internet Technology Company for two years running by the Wall Street Journal, and ranked among the world's 50 most innovative companies by Fast Company. Headquartered in San Francisco, CA, Cloudflare has offices in San Jose, CA, Austin, TX, Champaign, IL, New York, NY, Washington, D.C., London, Munich, Beijing, and Singapore.
Please visit www.cloudflare.com
Popcorn Training - a KnowBe4 company create high quality, engaging and effective security awareness videos, games and interactive learning modules.
All content is locally produced and available on KnowBe4's award-winning training and simulated phishing platform.
KnowBe4, whose mission it is to help organisations manage the ongoing problem of social engineering are a leader in the Gartner Magic Quadrant for security awareness.
Please visit popcorntraining.com
SensePost is part of Orange Cyberdefense, Europe's largest managed security, threat detection and threat intelligence services provider. SensePost is it’s elite consulting arm, renowned for its expertise, 18 year track record and innovation on the frontlines of cybersecurity.
With team members that include some of the world's most preeminent cybersecurity experts, SensePost has helped governments and blue-chip companies both review and protect their information security and stay ahead of evolving threats. SensePost is also a prolific publisher of leading research articles and tools on cybersecurity which are widely recognised and used throughout the industry and feature regularly at industry conferences including BlackHat and DefCon.
Please visit sensepost.com
Magix Security delivers comprehensive and trusted Cybercrime Defense and Detection solutions and services to address, manage, and contain the risks of financial losses and reputational damage arising from the misuse of applications, or other IT information assets, by employees and/or third parties.
Checkmarx is the global leader in software security solutions for modern enterprise software development. Checkmarx delivers the industry’s most comprehensive software security platform that unifies with DevOps and provides static and interactive application security testing, SCA and developer AppSec training to reduce and remediate risk from software vulnerabilities.
Learn more at Checkmarx.com
Securicom provides best in industry cloud-based Managed IT Security Services to address the increasing security threats that businesses find themselves contending with.
Please visit www.securicom.co.za
Telspace Systems provides security assessment services to organisations in order to make organisations as unattractive to cybercriminals as possible thus reducing their cyber security risk. Our main goal is to provide high quality services to organisations and to add value. Services include Application Assessments (web, mobile and thick), Social Engineering, Attack and Penetration Testing, Infosec Training and Advisory (consulting).
Please visit www.telspace.co.za
Wolfpack provides specialist information and cyber threat consulting, training & awareness services to governments and organisations in Africa and pro bono incident support to victims of cyber attacks.
Please visit www.wolfpackrisk.com