VIRTUAL Agenda day 3
Thursday, 27 August 2020



Plenary Session

10:00
Opening address from the chair

Michael Avery , Michael Avery, Anchor, Classic Business FM

10:10
Keynote Cyber security governance – why is it important?

Tichaona Zororo , director: Digital Transformation & Innovation Advisory, EGIT & immediate past president ISACA South Africa ChapterTichaona Zororo, director: Digital Transformation & Innovation Advisory, EGIT & immediate past president ISACA South Africa Chapter

Cyber security governance has never been more critical than it is today. The new reality is accelerating business models’ transformation at unprecedented scale and pace, inadvertently increasing the risks and impact of cyber attacks. The World Health Organisation recently reported a fivefold increase in cyber attacks. Regulators are also piling up their own pressures and privacy demands are rising sharply. Business leaders urgently need to provide cyber security leadership to ensure businesses are protected from increasing cyber security risks and impacts. Cyber security governance practices need to adapt with agility and speed to the new business context to ensure alignment with new dynamic strategic business priorities and risk appetite. A holistic, enterprise-wide approach to cyber security has become a priority for the board and senior executives. This presentation will focus on:

  • Why effective cyber security governance is a critical success factor for cyber security;
  • Key components of cyber security governance;
  • What does an effective cyber security playbook look like?
  • Measuring return on cyber security investments;
  • Asset classification and categorisation;
  • A risk-based approach to cyber security;
  • How to build an effective cyber security incidence response plan;
  • Developing a cyber security-savvy board; and
  • Cyber security reporting to the board of directors and senior executives.

10:50
Panel Discussion Fireside chat: Addressing the security skills shortage in SA ¬ the trend towards promoting security education and upskilling internally

Prof Elmarie Biermann , Prof Elmarie Biermann, director, Cyber Security Institute
Panelist:
Robin Barnwell, head: security strategy, Standard Bank
Sandro Bucchianeri, Absa group chief security officer

11:30
Break and exhibition visit

12:00
Keynote Quantum reckoning: The coming day when quantum computers break cryptography

Roger A. Grimes , Roger A. Grimes, data-driven defense evangelist, KnowBe4 (USA)

Quantum computing is getting ready to break all traditional public key crypto, like RSA and Diffie-Hellman, and every secret it protects. This means digital certificates, PKI, TLS, VPNs, WiFi networks and even most crypto-currencies are left unprotected in an instant. The only question is when it will happen. Many experts think it’s sooner than you think. The digital day of reckoning is coming. Will you be prepared? In this eye-opening presentation, Grimes will explain:

  • How quantum computers are breaking today’s crypto;
  • When it’s likely to happen; and
  • What you can do to start preparing for it today.

12:40
Hackathon update

Tiyani Nghonyama , Tiyani Nghonyama, COO, Geekulcha

The #SS20Hack takes place on the sidelines of the ITWeb Security Summit. In this session, teams of young techies give a sneak preview of what they have been building during the Hackathon. These are aspiring young security professionals working on building their skills in innovation/mechanism development to protect digitally connected citizens. 

13:00
Break and exhibition visit

Track one: The security implications of 4IR

This track looks at how disruptive technologies and the advent of 4IR can be used to enhance cyber security, as well as how these technologies are adding a new level of complexity for security professionals. 

14:00
Welcome from the Track Chair

Winston Hayden , Winston Hayden, independent management consultant and advisor

14:05
Cyber everywhere. Ready or not, it’s here – the future of cyber survey 2019

Eric Mc Gee , Eric Mc Gee, associate director: Risk Advisory Southern Africa, Deloitte

As the world becomes smaller, cyber is getting bigger. With every new connected device, digital discovery, or automated process comes new vulnerabilities and cyber concerns. In the burgeoning era of “cyber everywhere”, are organisations positioned to embrace the opportunities that cyber will create? Or is there a stark disconnect between an organisation’s transformational goals and the reality of disparate agendas and finite resources?

Deloitte conducted a survey, in conjunction with Wakefield Research, among 500 C-level executives who oversee cyber security at companies with $500 million or more in annual revenue, including 100 CISOs, 100 CSOs, 100 CTOs, 100 CIOs and 100 chief revenue officers. This survey enabled us to gain deep insight into what our customers are thinking about cyber and how they are integrating it into their organisations.

  • Cyber requires more executive attention, budget, prioritisation, people, tools, processes, governance and overall collective thought
  • Cyber needs a leader with the authority to drive change
  • Cyber will require organisations to become more nimble, more flexible and more collaborative as they work to secure their organisations, their employees, their customers and partners
  • Data complexities will continue to challenge many organisations
  • Automation, speed and insights will power the future of cyber

14:40
Using Blockchain to improve security, efficiency and trust

Gerhard Cronje , Gerhard Cronje, head: Cyber & Information Security Unit, South African Reserve Bank

15:15
Break and exhibition visit

15:30
AI, machine learning and automation: How can they be used to enhance cyber security?

Prof. Ernest Ketcha Ngassam , Prof. Ernest Ketcha Ngassam, General Manager: Information Security Architecture & Technical Excellence, MTN

16:05
IOT security: How are organisations adopting IOT and what are the security implications

16:40
Closing remarks from the chair and end of summit

14:00
Welcome from the Track Chair

Kris Budnik , Kris Budnik, independent advisor

14:05
Building an integrated cyber security capability in complex business environments: A double-edged sword

Dr Jabu Mtsweni , Dr Jabu Mtsweni, Head of Research Centre for Cybersecurity, Council for Scientific and Industrial Research (CSIR)

Cyber security is a complex arena affecting almost every other technological domain. However, a one-size-fits-all approach or framework is not effective in this space, because cyber security is not just a technology issue. It also deals with a collection of tools, policies, processes, guidelines, best practices, assurances, risks, people and related assets that affect the overall security of organisations, individuals, systems and data. Therefore, in building and implementing a cyber security capability for different environments, context and size play a major role. Context matters because cyber security threats come in different shapes and forms, and different environments do not suffer the same threats or risks. At the same time, the size of any environment has a direct impact on the effectiveness of the overall cyber security capability, including investment, capacity and incident response.

When considering both context and size, there are obstacles that hamper the development of an effective cyber security capability in complex environments. At the same time, cyber security presents a number of dilemmas for these environments, especially because as organisations grow, reliance on technological systems, which in turn increases the cyber security risks and threat surface, creates a double-edged sword conundrum. This presentation will present a dynamic approach to addressing these obstacles and dilemmas when building a measurable and effective cyber security capability for complex environments. The proposed approach is drawn from lessons learnt in a number of real-world cyber security capability-building projects that the presenter has been involved in within large organisations locally, regionally and internationally. The significant contribution from the approach is that it provides large and complex organisations with tools to identify priorities for investments and capability-building in their cyber security efforts, and in turn keep a balanced cyber security posture. This presentation will cover:

  • Lessons on how to navigate the application of cyber security in complex environments;
  • Holistic elements to consider over and above technology, people and processes when dealing with cyber security; and
  • How to never let your guard down and think that compliance is security.

14:40
Offensive security – do we need to fight back?

Henry Denner , Henry Denner, IT security officer, Gautrain Management Agency

The answer is an emphatical ‘YES’, but the question is HOW?

The best defence is a good offence. This means that if you attack your opponents, they will be so busy fighting off your attack that they will not be able to attack you. This notion has been widely used on the sports field for nearly a century and has been the cause of many victories. But applying this to cybercrime is a mammoth, if not impossible, task. However, it is a noble idea and can help us to better prepare and defend against cybercrime. Unlike cybercrime, on the sports field you know your opponent and you have set parameters in which to move. There are rules, there are boundaries. The challenge in today’s cyber world is that with such a vast attack surface, where rules and boundaries don’t apply, we most likely won’t and don’t know our opponents. Fortunately, what we do know is the techniques and attack vectors they are most likely to use. The problem is, have we thought of everything? Simply put: to catch a criminal, you have to think like a criminal. Outwitting and outpacing criminals have to be put on top of the security defence agenda. We have to create our own cyber army, one that consists out of the entire organization, not just IT! This session will cover the following topics:

  • Defining an offensive security strategy
  • Understanding the mind of a hacker
  • Understanding your real organisational security posture
  • Building and equipping your army

15:15
Break and exhibition visit

15:30
The convergence of physical security with infosec/cyber security

Kris Budnik , Kris Budnik, independent advisor

The debate around the inevitable convergence between physical and logical security has been around for over two decades now. The potential behind the now ubiquitous IOT and location-based services, for example, has not escaped digital innovators and marketers – take Strava or even Google Maps. Yet, little has been done to leverage these capabilities in our world. In this session, we will explore some of the potential behind consumer technologies and advances in the physical security world that, if realised, could significantly improve the corporate security programme.

16:05
Managing third-party cyber security risks

Venisha Nayagar , Venisha Nayagar, MD, CRYPT IT Information Risk Management

Nearly 50 years ago, Warren Buffett warned his young son, Howard: “It takes 20 years to build a reputation and five minutes to lose it. If you think about that, you will do things differently.” This statement has been highly relevant with the recent data attacks in South Africa through the dependence on many third parties. Global supply chains remain crucial to the success of multinational companies. Given the huge pressure to reduce costs, along with the advent of globalisation, digitisation and transportation advancements, few companies operate exclusively within their own four corners anymore. They have become so-called “extended enterprises” that span numerous levels up and down the supply chain, from the suppliers where they source their raw materials, to all service providers in between. While your organisation focuses on stopping these attacks and trying to get ahead before another breach, your limited resources and staff may mean that most of your company’s attention is on internal networks and data – now extending to the cloud. But it is also important not to overlook threats caused by third-party vendors, suppliers and business associates.

  • What is third-party cyber security risk?
  • Unpacking the type of vendor controls and risks you should be aware of.
  • Creating a third-party risk management programme for your organisation.
  • Incident response and resilience for third parties.
  • Assurance, monitoring and reporting of third-party risks.

16:40
Closing remarks from the chair and end of summit

Track three: Breakout sessions

14:00
Welcome from the Track chair

Wicus Ross , Wicus Ross, senior security researcher, Orange Cyberdefense

14:05
Citrix

Andre Combrinck , Andre Combrinck, lead sales engineer, Systems Engineering, Citrix
Francois van Deventer, senior networking sales specialist, Citrix

We’ve seen an ever-increasing move to cloud computing over a number of years, but are organisations prepared for the risks they face? In this session, we’ll discuss the rise of zero trust and the SASE (Secure Access, Secure Edge) principles when planning the protection of their platforms. We’ll also look at the rapidly developing world of microservices, the risks these environments face and how to mitigate these.

14:40
Other people’s platforms: defeating online fraud outside your virtual jurisdiction

Dr Sam Small , Dr Sam Small, chief security officer, ZeroFOX

With a low-cost barrier to entry, online fraudulent activity and digital risks across the Internet are more ubiquitous and persistent than ever, while the status-quo for preventing, identifying and remediating such threats is often cumbersome, costly and insufficient. In this session, we present results from our year-long effort to measure the reach of today’s threats and detail some new twists on the classics. In addition, we will review a digital threat taxonomy to help practitioners more rigorously evaluate their programs, playbooks and priorities. Finally, we will dissect a handful of real-world examples and share proven identification and mitigation strategies that any organization can adopt.

15:15
Break and exhibition visit

15:30
Speaker to be confirmed, Microsoft


16:05
How to prevent file-based attacks on critical networks

Oren T Dvoskin , Oren T Dvoskin, global marketing director, Sasa Software

Financial services, public utilities and manufacturing companies are seeing an increase in attacks on their infrastructures. Most recently, a recurring pattern involves the usage of mutated ransomware, targeting the disruption of activities rather than achieving financial gains. In this session, we will discuss how to prevent these attacks through a three-pronged approach:

  • Reviewing the recent attack patterns against infrastructures;
  • Using signatureless technologies, including content disarm and reconstruction (CDR) to prevent weaponised content; and
  • Protecting high-risk content channels, including e-mail, document sharing and portable (USB) media and, where applicable, industrial control system-specific attacks.

16:40
Closing remarks from the chair and close of Day Three

Demo Lab

14:00
Demo Lab

14:20
You now have 1 000+ new ways to make sure your users think before they click!

Sam van der Westhuizen , Sam van der Westhuizen, Enterprise Account Manager, KnowBe4

KnowBe4’s game-changing partnerships with The Security Awareness Company, Popcorn Training, exploqii, Canada Privacy Training, Twist & Shout, TeachPrivacy, Syntrio and El Pescador allows you to significantly better manage the ongoing problem of social engineering. In your fight against phishing and ransomware, you can now deploy the best-in-class phishing platform combined with the world's largest library of security awareness training content; including 1 000+ interactive modules, videos, games, posters and newsletters. Join us for a live demo of KnowBe4's security awareness training platform, our extensive content library, and the tools that are available to help you to prevent the ongoing problem of social engineering.
14:40
ZeroFOX, Public Attack Surface Protection

Colin Brice , Colin Brice, sales engineer, ZeroFOX

Problem overview
Organisations today increasingly rely on digital platforms to engage customers, interact with employees and grow business. Public platforms, including surface, deep and dark web, social media, mobile apps and e-mail, provide a critical business conduit while simultaneously providing bad actors a new attack surface with which to target organisations: their public attack surface. Attackers leverage the scale, trusted nature, lack of security visibility and anonymity of these public platforms to launch a new breed of highly-effective attacks, all of which occur outside the firewall. With a fundamental lack of visibility and control, organisations struggle to identify and remediate digital risks and protect themselves across this public attack surface.
Solution overview
ZeroFOX, the global leader in Public Attack Surface Protection, constantly monitors all publicly available platforms in existence to discover hidden threats and all types of malicious cyber activity targeting your organisation, and coordinates with network providers and hosts to take threats down before they go public. Using diverse data sources and artificial intelligence-based analysis, the ZeroFOX Platform identifies and remediates targeted phishing attacks, credential compromise, data theft, impersonations, brand hijacking, executive and location threats that abound on public platforms. ZeroFOX continuously monitors for emerging threats, instantly alerts security teams and authorities on attack initiation, and automatically takes swift corrective actions ranging from offending content moderation to attacker infrastructure take-down.
15:00
BREAK

15:30
Demo Lab

15:50
Demo Lab

16:10
Demo Lab

16:30
Close of day three

Diamond Sponsor

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Bronze Sponsor

Display Sponsors

Endorsed by