Upload
dangdiep
View
235
Download
1
Embed Size (px)
Citation preview
ConferenCe
ww
w.fl
emin
g.ev
ents
6 – 7 February 2017 | Abu Dhabi (U.A.E.)
Cyber Resilience & InfoSeC 2017Building a Defense Strategy that Works!
Associate SponsorEndorsing Body
Advisory CommitteeFurqan AhmedEmirates Investment Authority | IT Operations Leader
Dr. Jassim HajiGulf Air | Director IT
Prof. Ernesto DamianiKhalifa UniversityDirector Info Security Center
Samir PawaskarQ-CERTManager - Cyber Security Strategy and Policy, Cyber Security Division
Prof. Fadi AlaoulAmerican University of SharjahProf. Computer Sciences & Engineering
Ahmed Al MullaEmirates Global AluminiumSenior Vice President – Corporate Services
Irene CorpuzAbu Dhabi Government EntityHead of IT Security
Mario FosterAl Naboodah Group Enterprises | Group CIO
Noha AminKuwait Finance HouseInformation Security Head
Rasha Abu AlSaudNCB CapitalSenior Vice President- Head of Information Security Risk
Roshdi OsmanBanque Saudi FransiDeputy CISO/Senior Assistant Group General Manager
Biju HameedDubai AirportsCISSP, CISM, CISA, CRISC, Head of Information Security & Compliance
Jamal N. Al-KarakiAbu Dhabi PolytechnicDivision Head- Information Security Engineering Technology
Speakers & PanelistsStephen GaudinUS Embassy in Abu DhabiFBI Legal Attaché
Sultan Omran Al OwaisEmirates Nuclear Energy Corporation (ENEC)Information and Cyber Security Director
Ebrahim Hamdan Al AlkeemAbu Dhabi Systems & Information Centre (ADSIC)Governance Security Lead
Fuad Al-AnsariTakreerVice President - Information Technology Division
Adam El AdamaAl Hosn GasSISO
Prof. Ernesto DamianiKhalifa UniversityDirector Infomation Security Center
Georges De MouraEtihad Aviation GroupHead of Technology Security, Risk and Compliance – Technology & Innovation
Saqib ChaudhryCleveland ClinicCISO
Ibrahim Al MallouhiduVice President – Security Operations
Irene CorpuzAbu Dhabi Government EntityHead of IT Security
Meera Al MansooriAbu Dhabi Government EntityHead of Information Security
Sandro BucchianeriNational Bank of Abu Dhabi (NBAD) | Group Chief Security Officer - Group Operations, Technology & Corporate Support
Ahmed Al MullaEmirates Global AluminiumSenior Vice President – Corporate Services
Illyas KooliyankalADS Securities LLCDirector – Global Head of Information Security
Thomas HeuckerothEmirates AirlinesVP - IT Security
Rasha Abu AlSaudNCB CapitalSenior Vice President- Head of Information Security Risk
Adel Ibrahim Al HousaniDubai CustomsCISO & Information Security Head
Deepika Batra DiGiovineGEChief Information Officer (CIO), MENAT
Micro RohrBitdefenderGlobal Evangelist
Prof. Fadi AlaoulAmerican University of SharjahProf. Computer Sciences & Engineering
Dr. Jassim HajiGulf AirDirector IT
Biju HameedDubai AirportsCISSP, CISM, CISA, CRISC, Head of Information Security & Compliance
Mario FosterAl Naboodah Group EnterprisesGroup CIO
Thabet BakheetCentral Bank of UAEHead of Information Security
Omar FaroukMinistry of FinanceIT Governance & Security Manager
Dhruv SoiOWASP Middle EastChair
Furqan AhmedEmirates Investment AuthorityHead of IT Operations
Noha AminKuwait Finance HouseInformation Security Head
Speakers & Panelists
It was a wonderful event. It gave a lot of opportunities to interact with information security experts. We were able to know various security products that were a available in the market. - Ravi Rangarajan, Almarai Company
An excellent opportunity for IT security professionals to meet and exchange knowledge & experiences dream loudly and plan for a more secure society. - Aqel Mohammed Aqel, ISACA Riyadh Chapter
Past Sponsors
TM
www.ethergulf.com
www.ethergulf.com
These events are very much important for personal, organisational and national as well as regional inforsecurity insight and awareness. - Bhisham Kumar, Samba Financial, AGM
Who will you meet?
CISo/CSo/CIo/CITos/CooS/CTos
VP/Director/Head/Manager – IT Security
VP/Director/Head/Manager – ICT
Director/Head/Manager - risk/Audit & Compliance
Director/Head - Transformation
Head/Manager/engineer– network Security
Team Leader/Specialist/Analyst –
Cyber Security/Cyber Crime
Special Features
Power Debate & Hot Brain Storming Sessions
extensive Exhibition: Latest products & Solutions
executive Panel Session: Leader’s Dialogue
Live HACK Demos
Thought Provoking Real Life Incident Sharing
exclusive Breakfast Briefing on CyberWars
Government & Law enforcement entities
IT & Telecoms
oil & Gas
Utilities
Transportation & Logistics
Healthcare
Banking & financial Institutions
Academia
research & Development
Conference Focus Cyberwars in the Middle east : What
Corporations and Governments need to do?
Burning Under a Cyber Sun – Information & operational Security is Everyone's Responsibility to cover up
Becoming the Adversary—A Hacker's Perspective on Attacking an organization
Internet of Threats (IoT), Cloud, Big Data etc – Benefits vs Challenges
Agents of Change – Women in IT
Insider Threat : User Behavior Management & Awareness
Dangers of Ransomware : Is Anyone Safe?
Incident response: Preparing, identifying, containing, eradicating & recovery
DAY 16 february 2017
08:00 Registration & Networking
08:45 Welcome Note by Fleming.
08:50 Opening Remarks from the Chairman
Visionary Address
09:00 Resilience & Cyber Security – How Prepared Are You? OR The State of Cyber Security – Where are we in 2017?
Thought Leader Panel
9:10 Moving Cyber Security Further up the Board’s Agenda
•SecurityisEveryone’sResponsibility•HowtotranslatetechnicalCybersecurity
threats/risks in business language•HowcantheCISOdevelopanactionplanto
gain traction with the CIo, CTo, Cfo, Ceo, Audit Committee, Board – CISo as a strategist!
•Howcanweincreasesecuritygovernance?•Howtocreateacorporateculturethatadopts
security principle in mind at every level•Howcanweensurethatanorganisation’s
enterprise risk management related functions are aligned and integrated with the information security and privacy function?
•Istheboardcommittedtocyberresilience?Demonstrate awareness and ownership of cyber risk?
A unique chance for CISo to engage in a dialogue with CIos, Cfos, CTos, Ceos and non-executive Directors from across the Middle east, on the various issues and practical insights.
Panelists :
Ahmed Al Mulla | Corporate Services Emirates Global Aluminium | Senior Vice President
Mario Foster | Al Naboodah Group EnterprisesGroup CIO
Saqib Chaudhry | Cleveland Clinic | CISO
Sultan Omran Al OwaisEmirates Nuclear Energy Corporation (ENEC)Information and Cyber Security Director
Adel Ibrahim Al Housani | Dubai CustomsCISO & Information Security Head
Deepika Batra DiGiovineMENAT Corporate & GGO | GEChief Information Officer (CIO)
www.fleming.events tel.: +91 80 6600 5500 email: [email protected]
Presentation Theatre
09:50 Evolving Technologies & IoT’s (Internet of Threats) : Security Nightmare or Next Great Hope?•Howlatesttrendsoftechnologiesincreaserisks
(big data, IoT, M2M) as we have not yet learnt how to harness them properly
•Strategicapproachtodevelopintelligentdigitalimmunity : how can we make them in our favor?
•BenefitsVschallenges•HowtoensuretheIoTinnovationsmeetsthe
highest security standard?•Technologicalchallengesforbusinesses
and vendors when migrating towards the “Smartness” concept
•PredictiveAnalyticswithBigData-oneofthemost challenging area in cyber security
Ibrahim Al Mallouhi | duVice President – Security Operations
10:15 Morning Coffee Break & Networking
10:45 International Best Practice Guidance Insider threat – Real ENEMY?Insider threat programs within an organization help to manage the risks due to these threats through specific prevention, detection, and response practices and technologies. •Establishandmanage successful insiderthreats
programs especially in critical infrastructure organizations to mitigate all associated risks
•Howtoleverageontheexistingframeworkstoadopt such practices
Adam El Adama | Al Hosn Gas | SISO
11:10 Case Study Enterprise Social Media and Cloud Adaptations•ImplementingtheHybridCloudinGulfAir•Cloudbusinessapplicationsandsecurity
controls•ImplementingBigDataonGulfAir’sCloud•SocialMediaandCustomerFeedbackthrough
Big Data Application
Dr. Jassim Haji | Gulf Air | Director IT
11:35 Data Protection – Own Your Asset Before your Adversary•Understandingthevalueofadoptingarisk-
based, data-centric security strategy that aligns with corporate objectives.
•Identifyingthelatesttactics,techniquesandprocedures observed by a sophisticated adversary
•Addressinghowtobuildanorganisationalcoalition to define strategy from urgency to absorption
Georges De Moura | Etihad Aviation GroupHead of Technology Security, Risk and Compliance – Technology & Innovation
11:55 Tricks of the Trade : Dangers of Ransomware –Is Anyone Safe?ransomware has replaced advanced persistent threat (APT) network attacks as the most problematic cyberthreat -- and early indications suggest that they'll be the main problem for 2016 as a whole, cybersecurity researchers from Kaspersky Lab have warned.•Preventingtheproblemsinsteadoftreatingthe
symptoms•Commonransomwarescenarios•Criminalsinthecloud:Howmalware-as-a-
service is becoming the tool of choice for crooks
•Bestpracticestoprevent/detectadvancedmalware infections and reduce the chances of ending up in the headlines
•Waystoidentifyandrestorefilesthathavebeenencrypted by CrYPToLoCKer
DAY 16 february 2017
WoW* Panel
12:20 Placing Cyber Security at the Heart of the ‘Smart Enterprise’
•Assessingthedriversforinvestinginmoreadvanced cyber-security
•Mappingoutthecyber-securityinvestmentplanand priorities and mobilising the vision of the cyber secure smart enterprise
•Arisk-basedapproachtosecurityarchitecture•BringDemonstrableValuetoYourSecurity
Program
Panelists :
Omar Farouk | Ministry of FinanceIT Governance & Security Manager
Rasha Abu AlSaud | NCB Capital Senior Vice President- Head of Information Security Risk Security
Furqan Ahmed | Emirates Investment AuthorityHead of IT Operations
Ebrahim Hamdan Al – AlkeemAbu Dhabi Systems & Information Centre (ADSIC) | Governance Security Lead
Fuad Al-Ansari | TakreerVice President - Information Technology Division
*WoW – Words of Wisdom
13:00 Prayer Break & Luncheon
Tricks of the Trade
14:00 Third Party Risk & Industry Collaboration : You are only as Strong as your Weakest Link?•Assessbeforeyoubuy-Performthirdparty
vendor assessment•Developinganeffectivestrategytomitigate
third party risk: What to do?•ImplementInternalSafeguardsandMultiple
Layers of Protection•Robustgovernanceandstandardsoverthird
party suppliers•RaiseaRedFlagAboutthePowerofPrevention:
reinforce the threat is real•Workingwithlawenforcementandgovernment
bodies to enable investigations and facilitate prosecutions for cyber crime
Rasha Abu AlSaud | NCB CapitalSenior Vice President - Head of Information Security Risk
14:20 Human User Security – Assessment and Awareness•IdentityManagementandAccessRights•Implementtheconceptof‘leastprivilege’for
employee digital rights•PrivilegedUsermonitoringandmanagementis
key due to the nature of the access these users have.
•Implementingscalableandflexiblesolutionsthat provide secure and convenient information sharing to employees, partners, and customers
14:40 Digital transformation – Insecurity & Risks
Micro Rohr | Bitdefender | Global Evangelist
DAY 16 february 2017
Very well organized and an extremely engaged delegate audience. - Matt Anderson, San Institute, Director
I am taking home very rich knowledge about the forum topics and products/solutions which will be useful to our organization - Renato L. Nieto, Arab National Bank, E-Banking Risk Sr.Officer
15:05 Security Chat Corner (Panel)•RethinkingCyberSecurity:TimetoTransform
Security Mindset•PerceptionvsReality:Effectivenessof
Perimeter Security•Movefrombreachpreventiontobreach
acceptance &focus more on securing the breach
•Isnetworkperimetersecuritystillaneffectivecontrol for data security?
•Effectivetechnologyadoption+education&awarenessbuilding+processcontrol=Themagic formula
Listen to these experts as they share their perspectives on what type of solutions are needed to solve their most critical pain points for today and tomorrow.
Panelists :
Thabet Bakheet | Central Bank of UAEHead of Information Security
Prof. Fadi Alaoul | American University of Sharjah | Prof. Computer Sciences & Engineering
Biju Hameed | Dubai AirportsCISSP, CISM, CISA, CRISC, Head of Information Security & Compliance
Thomas Heuckeroth | Emirates AirlinesVP - IT Security
Georges De Moura | Etihad Aviation GroupHead of Technology Security, Risk and Compliance – Technology & Innovation
15:45 LIVE Demo on HackAttack
16:10 End of Day 1 & Closing Remarks from the Chairman
16:20 Networking Reception
DAY 16 february 2017
www.fleming.events tel.: +91 80 6600 5500 email: [email protected]
DAY 27 february 2017
08:00 Registration & Networking
08:15 Breakfast Briefing
08:50 Opening Remarks from the Chairman
Prime Keynote
09:00 Ensuring Information Security, Incident Response & Business Continuity for Continued Economic Prosperity(regulatory Update on national Cyber Security Program)
09:10 Towards a Safer and Secured E-Smart Government Infrastructure – Threats & Opportunities•IOT&RelatedSecurityChallenges–Seriesoftradeoffaboutrisksandrewards
•Howdowebestplanandsecureoursmartsystems?
•Regulatoryframeworkforimprovingdataprivacy and security
•Effectivecollaboration:howdothedifferentstakeholders ensure the integrity of the systems?
Ebrahim Hamdan Al – AlkeemAbu Dhabi Systems & Information Centre (ADSIC) | Governance Security Lead
Women Empowerment Panel
09:40 Breaking the Glass Firewall : The Changing Role of Women in IT Security•AgentsofChange:WomeninIT•LeadershipStyles–WomenVsMen•Obstaclesimpactingwomen’sparticipationin
the industry•Benefitsofinclusiveworkforce•AttractingandretainingfemaleITsecurity
professionals•Followinglegalrequirementsefficiently,
including notification and reporting requirements
Panelists :Irene Corpuz | Abu Dhabi Government EntityHead of IT SecurityNoha Amin | Kuwait Finance HouseInformation Security HeadMeera Al Mansoori | Abu Dhabi Govt. EntityHead of Information SecurityDeepika Batra DiGiovine | GEChief Information Officer (CIO), MENAT
10:15 Morning Coffee Break & Networking
10:45 Think like a Bad Guy - Change the Game to Proactively Protect your Business•Actionablethreatintelligencetocoverthe
predict aspect of a cyber security strategy•Howtomakeamoreproactive,offensive
position to address threats•Improveandprioritiseyourorganisation'sability
to disrupt the adversary •Whatistheintelligenceandcollaboration
strategy and design?
Saqib Chaudhry | Cleveland Clinic | CISO
11:10 Unseen Truths of Cyber Warfare & Cyber Terrorism•Evolutionsofcyberwars,currenttrendand
lessons learnt•Potentialobjectives/rootcauses•Existingcontrolsandfuturemeasuresto
enhance government control
Illyas Kooliyankal | ADS Securities LLCDirector – Global Head of Information Security
11:30 Collaborative Privacy-Preserving Data Analytics for Cyber Security•Howandwheninformationsharingbetween
organizations can help in thwarting attacks to their ICT infrastructures.
•Availabletechniques(e.g.obfuscationandencryption-based) for privacy-preserving sharing of network and application observables.
•Futureevolutionandtechnologyroadmapsofprivacy-preserving third-party and collaborative data analytics services.
Prof. Ernesto Damiani | Khalifa UniversityDirector Information Security Center
Drill Down Debate
12:00 Disclosure of Breach Information : Strengthens or Weakens Cyber DefenseDisclosure of data breaches might help strengthen cyber security for everyone. But keeping attacks and responses secret may lead to quicker fixes and less reputational harm. So join as we debate on should companies be required to share information about cyber attacks?•YES:Companiesnowareflyingblindwhen
closing security gaps•No:Itwouldlimitcompanies’abilitytothwart
attacksPanelists :
Omar Farouk | Ministry of FinanceIT Governance & Security Manager
Rasha Abu AlSaud | NCB CapitalSenior Vice President - Head of Information Security Risk Security
Prof. Ernesto Damiani | Khalifa UniversityDirector Info Security Center
Sandro Bucchianeri National Bank of Abu Dhabi (NBAD)Group Chief Security Officer - Group Operations, Technology & Corporate Support
12:30 Case Study Real World Cyber Investigations •Modusoperandiadoptedbytheattackersand
their tactics•Toolsofthetradetoidentifysuspicious
activities within the infrastructure and missing security controls
•Casestudy–uncoveringanattackerbehindmassive cyber attack targeting UAe based business.
Dhruv Soi | OWASP Middle East | Chair
13:00 Prayer Break & Luncheon
14:00 Secure coding practices – Ensuring security is “baked” in from the beginning of the SDLC.•DemoonCyberSecRisksandhowpayloads
process works to exploit
OR
Securing of Operational Technology
OR
Security As A Service – Pros & Cons
14:20 Plug the Cyber Talent Gap in the GCC Region
•Creating&Enhancingcybersecurityliterateworkforce
•Adoptingnewapproachesandtechnologiestostreamline critical aspects of recruiting, hiring, workforce planning, and training
•Findingandretaining"passive"cybertalent
7 february 2017
Events like these give you a good exposure to the current threat scape and helps in better equipping your organization with latest technologies available. - Mohammed Faiyaz Ali, Almabani General Int, IT Manager
www.fleming.events tel.: +91 80 6600 5500 email: [email protected]
14:40 Cyber GRC: Getting the best out of ISO 27001, COBIT5 and UAE (IA) Standards•Overviewoftheexisitingframeworkbeingused
across the enterprise•Customisingsecurityobjectivestofallin-line
with the business processes•Securingthebestfromglobalpracticestobuild
a robust cyber GrC framework or
A Must : Solid Incident Response Capability & Plan•DevelopinganEffectiveSecurityOperations
Center and Incident response Team•Preparingefficientandcomprehensiveincidentresponseplanstoeffectivelyminimisetheramifications of a breach
•Swiftforensicinvestigations•CompetentDisasterRecovery&Risk
Management •Implementingprocedurespromptlytomitigate
financial loss and impact on share prices•Followinglegalrequirementsefficiently,
including notification and reporting requirements
Industry Brainstorming Sessions
15:00 The Need of the Hour : Share & Collaborate Cyber Security Initiatives•Onlookingthecurrentcyberthreatlandscape,it
is imperative to share and collaborate with your peers from the other industry to learn from their best practices.
•Duringthissession,attendeeswillformgroups of industry verticals and brainstorm to agree what the top 3 challenges facing their respective industries are and how to address them collectively
Think Tank 1 : Government & DefenseThink Tank 2 : Banking & financial
Led by Sandro BucchianeriNational Bank of Abu Dhabi (NBAD)Group Chief Security Officer - Group Operations, Technology & Corporate Support
Think Tank 3 : oil & Gas
Led by Fuad Al-Ansari | TakreerVice President - Information Technology DivisionThink Tank 4 : Transportation & TelecomThink Tank 5 : other Industries (Misc)
16:10 End of Day 2 & Closing Remarks from the Chairman
16:20 Farewell Coffee & Networking
7 february 2017
How To Participate
Submitting Paper Proposal:
You can submit your paper proposal on any of the events topics, which will be available on the events website shortly
Contact:Zenab Husain Director e: [email protected] T:+97146091575
Exhibiting or Sponsoring at the Event:
In 2017, the event will be expanding its exhibition area and willofferanopportunityforexhibitingandshowcasingyourlatesttechnologies,services,andproducts.Weoffertailor made packages to sponsor the event based on your marketing budget.
Contact:John Paul Business Development Director e: [email protected]:+919731183803
Participating as a Delegate or wish to be a media partner:
You can always contribute by sharing your knowledge with your peers and colleagues. Contact:Sobia JameelMarketing Managere: [email protected]:+918066005500
Take A Look At Our Other Security Events
2nd Annual Kingdom Security 2016 02-03 november 2016, riyadh, Saudi Arabia5th Edition Middle East Homeland Security Summit 07-08 november 2016, Amman, JordanCyber Security India - 24-25 November 2016 new Delhi, India
Bitdefender is a global security technology company that delivers solutions in more than 100 countries through a network of value-added alliances, distributors and reseller partners. Since 2001, Bitdefender has consistently produced award-winning business and consumer security technology, and is a leading security provider in virtualization and cloud technologies. Through r&D, alliances and partnership teams, Bitdefender has elevated the highest standards of security excellence in both its number-one-ranked technology and its strategic alliances with theworld’sleadingvirtualizationandcloudtechnology providers. More information is available at www.bitdefender.com.
Associate Sponsor:
Bitdefender
www.fleming.events tel.: +91 80 6600 5500 email: [email protected]