VIRTUAL Agenda day 3
Thursday, 27 August 2020



Plenary Session

10:00
Opening address from the chair

Michael Avery , Michael Avery, Anchor, Classic Business FM

10:10
Keynote Cyber security governance – why is it important?

Tichaona Zororo , director: Digital Transformation & Innovation Advisory, EGIT & immediate past president ISACA South Africa ChapterTichaona Zororo, director: Digital Transformation & Innovation Advisory, EGIT & immediate past president ISACA South Africa Chapter

Cyber security governance has never been more critical before than it is today. The new reality is accelerating business models’ transformation at unprecedented scale and pace, inadvertently increasing the risks and impact of cyber attacks. The World Health Organisation recently reported a fivefold increase in cyber attacks. Regulators are also piling up their own pressures and privacy demands are rising sharply. Business leaders urgently need to provide cyber security leadership to ensure businesses are protected from increasing cyber security risks and impacts. Cyber security governance practices need to adapt with agility and speed to the new business context to ensure alignment with new dynamic strategic business priorities and risk appetite. A holistic, enterprise-wide approach to cyber security has become a board and senior executive priority. This presentation will focus on:

  • Why effective cyber security governance is a critical success factor for cyber security;
  • Key components of cyber security governance;
  • What does an effective cyber security playbook look like?
  • Measuring return on cyber security investments;
  • Assets classification and categorisation;
  • A risk-based approach to cyber security;
  • How to build an effective cyber security incidence response plan;
  • Developing a cyber security-savvy board; and
  • Cyber security reporting to the board of directors and senior executives.

10:50
Panel Discussion Fireside chat: Addressing the security skills shortage in SA ¬ the trend towards promoting security education and upskilling internally

Prof Elmarie Biermann , Prof Elmarie Biermann, director, Cyber Security Institute
Panelist:
Robin Barnwell, head: security strategy, Standard Bank
Sandro Bucchianeri, Absa group chief security officer

11:30
Break and exhibition visit

12:00
Keynote Quantum reckoning: The coming day when quantum computers break cryptography

Roger A. Grimes , Roger A. Grimes, data-driven defense evangelist, KnowBe4 (USA)

Quantum computing is getting ready to break all traditional public key crypto, like RSA and Diffie-Hellman, and every secret it protects. This means digital certificates, PKI, TLS, VPNs, WiFi networks and even most crypto-currencies are left unprotected in an instant. The only question is when it will happen. Many experts think it’s sooner than you think. The digital day of reckoning is coming. Will you be prepared? In this eye-opening presentation, Grimes will explain:

  • How quantum computers are breaking today’s crypto;
  • When it’s likely to happen; and
  • What you can do to start preparing for it today.

12:45
Hackathon update

Tiyani Nghonyama , Tiyani Nghonyama, COO, Geekulcha

The #SS20Hack takes place on the sidelines of the ITWeb Security Summit. In this session, teams of young techies give a sneak preview of what they have been building during the Hackathon. These are aspiring young security professionals working on building their skills in innovation/mechanism development to protect digitally connected citizens. 

13:00
Break and exhibition visit

Track one: The security implications of 4IR

This track looks at how disruptive technologies and the advent of 4IR can be used to enhance cyber security, as well as how these technologies are adding a new level of complexity for security professionals. 

14:00
Welcome from the Track Chair

Winston Hayden , Winston Hayden, independent management consultant and advisor

14:05
Cyber everywhere. Ready or not, it’s here – the future of cyber survey 2019

Eric Mc Gee , Eric Mc Gee, associate director: Risk Advisory Southern Africa, Deloitte

As the world becomes smaller, cyber is getting bigger. With every new connected device, digital discovery, or automated process comes new vulnerabilities and cyber concerns. In the burgeoning era of “cyber everywhere”, are organisations positioned to embrace the opportunities that cyber will create? Or is there a stark disconnect between an organisation’s transformational goals and the reality of disparate agendas and finite resources?

Deloitte conducted a survey, in conjunction with Wakefield Research, among 500 C-level executives who oversee cyber security at companies with $500 million or more in annual revenue, including 100 CISOs, 100 CSOs, 100 CTOs, 100 CIOs and 100 chief revenue officers. This survey enabled us to gain deep insight into what our customers are thinking about cyber and how they are integrating it into their organisations.

  • Cyber requires more executive attention, budget, prioritisation, people, tools, processes, governance and overall collective thought
  • Cyber needs a leader with the authority to drive change
  • Cyber will require organisations to become more nimble, more flexible and more collaborative as they work to secure their organisations, their employees, their customers and partners
  • Data complexities will continue to challenge many organisations
  • Automation, speed and insights will power the future of cyber

14:40
A guide for securing blockchain deployments

Gerhard Cronje , Gerhard Cronje, head: Cyber & Information Security Unit, South African Reserve Bank

Blockchain technology and the emergence of financial technology (FinTech) has aimed to transform the way we see computer systems enable the business. It is also starting to change how society sees technology. Blockchain, and especially crypto-currency, has challenged the average person’s core notions on how business and finance could, and should, operate. Blockchain security is sometimes seen as having addressed confidentiality through encryption, integrity through signing and availability through distributed processing. Non-repudiation is a typical benefit in the use of cryptography as is done in the blockchain, although most crypto-currency implementations allow for pseudo-anonymity, which is the ability to link an action to a specific private key, but not forcing the user to link his or her identity. There are myriad deployment options that affect blockchain security and the security areas mentioned are by no means the complete security picture. This presentation aims to identify the security-related factors that will influence blockchain implementations and serve as a primer for security decision-making for any security professional. This presentation will not aim to address blockchain’s relevance, applicability, transformational capabilities or specific implementation issues or design flaws not directly related to security.

15:15
Break and exhibition visit

15:30
AI, machine learning and automation: How can they be used to enhance cyber security?

Prof. Dr. Ernest Ketcha , Prof. Dr. Ernest Ketcha, SoC - UNISA and GISATE, MTN Group

AI, machine learning and automation are not new to cyber security. In fact, they form part of most core processing engines that make up the entire cybersecurity technology capability of an organization. With the ever-increasing sophistication of threat actors and attack vectors, there is a need to explore advanced defence mechanisms. In this presentation we will consider the current cyber defence value chain, establish its limitations and introduce an advanced ML-driven cyber defence value chain model as an approach to keep up with the pace of sophistication in the threat landscape.   

16:05
IOT security: Do I need a firewall for my light bulb?

Brett van Niekerk , Brett van Niekerk, senior lecturer, University of KwaZulu-Natal
Barend Pretorius, acting senior manager: ICT Support Services, Transnet Port Terminals

The fourth industrial revolution is marked by the introduction of ‘smart’ technology, with Gartner predicting that 20 billion devices will have been connected to the Internet by this year (2020). Although most of these devices will be consumer devices, businesses, industry, governments and the military are already exploring the possibilities and capabilities of both commercial and industrial IOT (IIOT) in their respective sectors in order to gain a competitive advantage. As IOT integrates into business processes, it also converges with cloud computing, mobile and other platforms, increasing design complexity and risk. However, information and cyber security are often neglected or non-existent when it comes to IOT and IIOT. Europol recently indicated that threat actors now rely on IOT devices to target critical infrastructure via distributed denial of service attacks. During the COVID pandemic, many employees are working at home, possibly with vulnerable ‘smart’ devices that could record discussions or compromise home networks. This presentation will provide an overview of IOT and IIOT, and the associated threats, incidents, vulnerabilities and risks. A discussion will follow on the variety of available standards and frameworks, and proposes a methodology and guidelines for selecting standards, frameworks and controls to govern and secure IOT and IIOT in your organisations.

16:40
AI/Automation/IoT – No Trust? No Business

Robert Brine , Robert Brine, Market Development, Cyber & Intelligence Solutions – Southern Africa, Mastercard

  • The trust formula: AI plus ethics
  • Quality or quantity data shapes delivery?
  • Transparency as a trust-building measure
  • Who’s in control? Governance in the new world
  • True AI, Machine Learning (ML) - mission critical, cognitive learning AI
  • Decision intelligence - using automation to improve decision making
  • Connected devices vs connected data - operationalising AI to get better outcomes
  • Behavioural modelling - predictive analytics vs IoT
  • Mastercard case studies

17:15
Closing remarks from the chair and end of summit

14:00
Welcome from the Track Chair

Kris Budnik , Kris Budnik, independent advisor

14:05
Building an integrated cyber security capability in complex business environments: A double-edged sword

Dr Jabu Mtsweni , Dr Jabu Mtsweni, Head of Research Centre for Cybersecurity, Council for Scientific and Industrial Research (CSIR)

Cyber security is a complex arena affecting almost every other technological domain. However, a one-size-fits-all approach or framework is not effective in this space, because cyber security is not just a technology issue. It also deals with a collection of tools, policies, processes, guidelines, best practices, assurances, risks, people and related assets that affect the overall security of organisations, individuals, systems and data. Therefore, in building and implementing a cyber security capability for different environments, context and size play a major role. Context matters because cyber security threats come in different shapes and forms, and different environments do not suffer the same threats or risks. At the same time, the size of any environment has a direct impact on the effectiveness of the overall cyber security capability, including investment, capacity and incident response.

When considering both context and size, there are obstacles that hamper the development of an effective cyber security capability in complex environments. At the same time, cyber security presents a number of dilemmas for these environments, especially because as organisations grow, reliance on technological systems, which in turn increases the cyber security risks and threat surface, creates a double-edged sword conundrum. This presentation will present a dynamic approach to addressing these obstacles and dilemmas when building a measurable and effective cyber security capability for complex environments. The proposed approach is drawn from lessons learnt in a number of real-world cyber security capability-building projects that the presenter has been involved in within large organisations locally, regionally and internationally. The significant contribution from the approach is that it provides large and complex organisations with tools to identify priorities for investments and capability-building in their cyber security efforts, and in turn keep a balanced cyber security posture. This presentation will cover:

  • Lessons on how to navigate the application of cyber security in complex environments;
  • Holistic elements to consider over and above technology, people and processes when dealing with cyber security; and
  • How to never let your guard down and think that compliance is security.

14:40
Gone phishing during a global pandemic: The reputational impact of cyber breaches

Marina Bidoli , Marina Bidoli, partner and office head, Johannesburg, Brunswick

COVID-19 has been a gift for cyber attackers, who have wasted no time in exploiting new vulnerabilities in the rush to “work from home”. Even the most sophisticated global organisations have come under attack from criminal syndicates, opportunists and nation states. In this talk, Marina Bidoli, of global communications group Brunswick, will provide lessons from the frontline. She will present cyber security trends from the latest Brunswick Insight research, as well as lessons emanating from recent SA and international breaches. Some highlights:

  • Trends such the rise of destructive ransomware with data exfiltration; an increase in COVID-19 related disinformation; additional pressures on IT teams; and increased dwell time as hackers explore organisations’ networks to identify critical assets before acting;
  • Tips to prepare for a breach;
  • Reputational impacts of a poor response;
  • How to best navigate through a crisis; and
  • Regaining trust.

15:15
Break and exhibition visit

15:30
The convergence of physical security with infosec/cyber security

Kris Budnik , Kris Budnik, independent advisor

The debate around the inevitable convergence between physical and logical security has been around for over two decades now. The potential behind the now ubiquitous IOT and location-based services, for example, has not escaped digital innovators and marketers – take Strava or even Google Maps. Yet, little has been done to leverage these capabilities in our world. In this session, we will explore some of the potential behind consumer technologies and advances in the physical security world that, if realised, could significantly improve the corporate security programme.

16:05
Managing third-party cyber security risks

Venisha Nayagar , Venisha Nayagar, MD, CRYPT IT Information Risk Management

Nearly 50 years ago, Warren Buffett warned his young son, Howard: “It takes 20 years to build a reputation and five minutes to lose it. If you think about that, you will do things differently.” This statement has been highly relevant with the recent data attacks in South Africa through the dependence on many third parties. Global supply chains remain crucial to the success of multinational companies. Given the huge pressure to reduce costs, along with the advent of globalisation, digitisation and transportation advancements, few companies operate exclusively within their own four corners anymore. They have become so-called “extended enterprises” that span numerous levels up and down the supply chain, from the suppliers where they source their raw materials, to all service providers in between. While your organisation focuses on stopping these attacks and trying to get ahead before another breach, your limited resources and staff may mean that most of your company’s attention is on internal networks and data – now extending to the cloud. But it is also important not to overlook threats caused by third-party vendors, suppliers and business associates.

  • What is third-party cyber security risk?
  • Unpacking the type of vendor controls and risks you should be aware of.
  • Creating a third-party risk management programme for your organisation.
  • Incident response and resilience for third parties.
  • Assurance, monitoring and reporting of third-party risks.

16:40
Closing remarks from the chair and end of summit

Track three: Breakout sessions

14:00
Welcome from the Track chair

Wicus Ross , Wicus Ross, senior security researcher, Orange Cyberdefense

14:05
Trust in an untrusted world – considerations for Zero Trust

Andre Combrinck , Andre Combrinck, lead sales engineer, Systems Engineering, Citrix
Francois van Deventer, senior networking sales specialist, Citrix

We’ve seen an ever-increasing move to cloud computing over a number of years, but are organisations prepared for the risks they face? In this session, we’ll discuss the rise of zero trust and the SASE (Secure Access, Secure Edge) principles when planning the protection of their platforms. We’ll also look at the rapidly developing world of microservices, the risks these environments face and how to mitigate these.

14:40
Creating value and building brand trust by securing consumer digital identities: how business leaders achieve this

Marius Agenbag , Marius Agenbag, managing director, Altron Security
Andrew Whittaker, Sales & Service Executive, Altron Security

The most common denominator in your digital transformation strategy is Digital Identities. Serving as the new perimeter, many businesses are asking how best to secure these to enable their transformation journey. Join us to hear how business leaders in South Africa are creating value and ensuring brand reputation and trust is built and upheld by addressing the complexities. More specifically, we will share some insights of how we have recently assisted leading South African financial services and retail customers to secure the digital identities of their customers, partners and workforce and catered to the rapidly increasing demand for safe online access.

15:15
Break and exhibition visit

15:30
The importance of a holistic security strategy

Colin Erasmus , Colin Erasmus, modern workplace business group lead & Johannes Kanis, cloud and enterprise business group lead, Microsoft

This session will examine how to implement a holistic security strategy and will include topics such as identity and access management, threat protection, information protection and cloud security.

16:05
Prevention of file-based attacks on critical networks: Lessons from the Garmin ransomware incident

Oren T Dvoskin , Oren T Dvoskin, global marketing director, Sasa Software

Financial services, public utilities and manufacturing companies are seeing an increase in attacks on their infrastructures. Most recently, a recurring pattern involves the usage of mutated ransomware, targeting the disruption of activities rather than achieving financial gains. In this session, we will discuss how to prevent these attacks through a three-pronged approach:

  • Reviewing the recent attack patterns against infrastructures;
  • Using signatureless technologies, including content disarm and reconstruction (CDR) to prevent weaponised content; and
  • Protecting high-risk content channels, including e-mail, document sharing and portable (USB) media and, where applicable, industrial control system-specific attacks.

16:40
Closing remarks from the chair and close of Day Three

Demo Lab

14:00
Previewing Ava Security's Reveal Platform

Ana Garcia , Ana Garcia, systems engineer, Ava Security

Providing a short demonstration around the Ava Insider Risk Prevention platform - utilising Machine Learning and Analytics to protect against the modern day threats.
14:20
You now have 1 000+ new ways to make sure your users think before they click!

Sam van der Westhuizen , Sam van der Westhuizen, enterprise account manager, KnowBe4

KnowBe4’s game-changing partnerships with The Security Awareness Company, Popcorn Training, exploqii, Canada Privacy Training, Twist & Shout, TeachPrivacy, Syntrio and El Pescador allows you to significantly better manage the ongoing problem of social engineering.
In your fight against phishing and ransomware, you can now deploy the best-in-class phishing platform combined with the world's largest library of security awareness training content, including 1 000+ interactive modules, videos, games, posters and newsletters.
Join us for a live demo of KnowBe4's security awareness training platform, our extensive content library, and the tools that are available to help you to prevent the ongoing problem of social engineering.
14:40
ZeroFOX – Public Attack ZeroFOX Protection

Matt Chinnery , Matt Chinnery, senior sales engineer, ZeroFOX

Problem overview
Organisations today increasingly rely on digital platforms to engage customers, interact with employees and grow business. Public platforms, including surface, deep and dark Web, social media, mobile apps and e-mail, provide a critical business conduit while simultaneously providing bad actors with a new attack surface to target organisations: their public attack surface. Attackers leverage the scale, trusted nature, lack of security visibility and anonymity of these public platforms to launch a new breed of highly effective attacks, all of which occur outside the firewall. With a fundamental lack of visibility and control, organisations struggle to identify and remediate digital risks and protect themselves across this public attack surface.
Solution overview
ZeroFOX, the global leader in public attack surface protection, constantly monitors all publicly available platforms in existence to discover hidden threats and all types of malicious cyber activity targeting your organisation, and co-ordinates with network providers and hosts to take down threats before they go public. Using diverse data sources and artificial intelligence-based analysis, the ZeroFOX Platform identifies and remediates targeted phishing attacks, credential compromise, data theft, impersonations, brand hijacking, executive and location threats that abound on public platforms. ZeroFOX continuously monitors for emerging threats, instantly alerts security teams and authorities on attack initiation, and automatically takes swift corrective actions ranging from offending content moderation to attacker infrastructure take-down.
15:00
BREAK

15:30
How to create and secure digital identities of all users: customers, suppliers and employees

Richard Craig , Richard Craig, principal consultant, Altron Security

Watch how we assist companies to ensure safe online access across all systems using technology that is easily and rapidly deployed at scale. During this session we will demonstrate some of the modern identity standards like Open ID Connect (OIDC) and Oauth2. We will also show how you can secure both your Web and API landscape using these open standards. Lastly, we’ll show how multi-factor authentication plays a role in securing your digital identity landscape.
15:50
How to leverage human sensors to detect and remediate phishing attacks in minutes

Kamel Tamimi , Kamel Tamimi, principal security consultant, Cofense

Cyber attackers, more than ever, are finding creative ways to evade perimeter controls to make their way to a user's inbox of remote workers. The rise in new phishing attacks, reduced IT resources and security budgets have left many security operation teams pondering how they can achieve visibility and proactively respond to persistent and stealthy polymorphic threats that are undetected by SEGs. Join Cofense’s Demo Lab session to take a deeper look as we show organisations:

  • How to leverage human intelligence to succeed where SEGs fail;
  • How to reduce ‘dwell time’ and respond to phishing threats faster; and
  • How to use automation to rapidly detect, analyse and quarantine phishing e-mail attacks with Cofense
16:10
Close of day three

Event Sponsor

Diamond Sponsor

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Bronze Sponsor

Display Sponsors

Endorsed by