Fraud & Breach Prevention Summit: Mumbai

February 21-22, 2017

Watch Past Sessions Online

WELCOME / Letter from the Content Director

Varun Haran

Associate Editor, ISMG

The multitude of high profile breaches in Asia and India in 2016 have inevitably dislodged the mindset that major breaches were purely a western phenomenon; indicating that as data breaches increase in scale and frequency, businesses today must prepare to ensure an effective, swift, and well- orchestrated response. ISMG is pleased to begin the year, with the first in its series of global summits: the Fraud & Breach Prevention Summit Mumbai, in February 2017. A two-day summit designed for senior Infosec, risk, forensic, compliance, cyber law and law enforcement professionals, the summit will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach across industries.

The Fraud & Breach Prevention Summit Mumbai will address contemporary challenges and topics of particular interest to the Indian and Asia practitioner community, such as path breaking innovations and technologies, building stronger incident response mechanisms, defense against the ransomware epidemic, tackling insider threat, securing the cashless payments infrastructure, threat intelligence, information sharing, governance and compliance challenges, securing Smart Cities and IoT, among many others.

Details

The Leela Mumbai

February 21st & 22nd, 2017

₹12000 + Tax

View Sessions

Watch This Summit’s Sessions Online
Become a Member

Santosh Khadsare

Information Security and Forensics Advisor, Govt. of India

Varun Haran

Associate Editor, ISMG

Phil Reitinger

President & CEO, Global Cyber Alliance

Schedule / Session Date & Times

8:30 am - 9:30 am

Registration, Breakfast & Exhibit Browsing

9:30 am - 9:45 am

Opening Remarks

9:45 am - 10:15 am

Keynote - Securing Financial Technology in the Move Towards a Cashless Economy

Speaker:
DR AS Ramasastri, Director, IDRBT

The present government’s move to demonetize currency has given an increased impetus to cashless and electronic transactions in the country. With digitization occurring across all spheres of life, the common citizen is being increasingly incentivized to go digital with their financial transactions which can rationally be assumed will approach much greater volumes in the coming years. With this in mind, where does India stand when it comes to securing the underlying technology infrastructure that will be the enablers for digital finance and banking? What are the shortfalls and what needs most attention from policy makers, practitioners and business leaders?

10:20 am - 10:50 am

Ready Before The Smoke Clears: Understanding The Correlation Between DDoS Attack

Speaker:
Manish Sinha | Senior Consultant, Arbor Networks

A DDoS attack is sometimes a smokescreen to cover up much more damaging activity such as theft or fraud. While you’re working frantically to mitigate the DDoS attack and get critical applications back online, cybercriminals could be working under the radar to break into your systems and conduct more malevolent activities. Learn to listen to your network activity:

Session will cover:

  • Clues from DDoS attacks that will help you investigate threats
  • Why organizations like FFIEC warn banks about the use of DDoS
  • Best practices for DDoS protection
10:55 am - 11:25 am

A Cyber Risk View Of The Indian Payments Landscape

Speaker:
Shivakumar Sriraman | Chief Risk Officer – India & South Asia | Visa

With the current demonetization move and the emphasis on cashless transactions in India, the chances of cyber risk to the payments infrastructure are higher than ever before. What then will be India’s stance going forward and how do business and practitioners need to respond to this risk? What is a resilient approach in the context of a country like India and What are the unique challenges that need to be surmounted? This session focuses on sharing a ‘risk’ perspective of data security, and risk management trends in the payments industry today. Speaker proposes to address:

  • Scope of cyber risk in the Indian payments landscape today
  • The impact of new age technologies to the payments landscape
  • Common challenges and pain points for financial institutions
  • Recommendations and insight towards a resilient framework
11:25 am - 11:40 am

Exhibiting & Networking Break

11:45 am - 12:05 pm

The Enterprise Immune System: Using Machine Learning for Next-Generation Cyber Defense

Speaker:
Apurva Jain |Darktrace

12:10 pm - 12:40 pm

The Essentials Of Effective Incident Response

Speaker:
Sunil Varkey |CISO | Wipro

Organizations can no longer afford to remain in denial that they are under siege from cyberattacks. Legacy security thinking focusing on blanket protection of all assets has failed as a doctrine, and organizations find themselves helpless to mitigate the sophisticated intrusions that slip through the chinks in their armor. With paradigm shifts in technology like the cloud, pulling the plug is no longer an option. What do organizations need to unlearn and relearn about incident response? What do they need to do in the first 24 hours, 1 week, 30 days and so forth to mitigate and recover in a resilient manner?

Discussion points:

  • Why incident response require different approaches
  • Why is it important to have a specialist response once an attack/breach is discovered
  • Should incident response be outsourced or should it be led from the front by the security team?
  • How can a robust incident response mechanism result in increased security resilience?
12:45 pm - 1:15 pm

Securing the Cashless Payments Infrastructure: BFSI Perspective

Speaker:
Ankur Jain, Director-IT & CISO, PayU

With increased impetus toward a cashless economy being driven by the recent demonetization drive by the Govt of India. There is an imminent need to look at the security robustness of the cashless payments infrastructure and the potential for fraud, even as the economy steams ahead with encouraging its adoption.

Discussion points:

  • Is the infrastructure robust? What are the weak links in the payments chain?
  • Where is the oversight lacking, and what are the mechanisms for preventing fraud
  • How can the gaps be addressed before they get exploited on a large scale
  • What are lessons from cashless initiatives around the world?
  • What are some new innovative authentication techniques that could be applied to the Indian context?
1:15 pm - 2:00 pm

Lunch

2:05 pm - 2:55 pm

Panel Discussion - Cyber Insurance: Evaluating Your Risk & Liability

Panelists:
Ravikiran Mankikar | CIO & CISO | SVC Bank
K Suresh |Head – IT | Tata AIG General Insurance Company Ltd
Dinesh Bareja | COO – OpenSecurity Alliance | Founder – IndiaWatch

Moderator:
Varun Haran, Associate Editor, ISMG Asia

The growth of the cybersecurity risk has given impetus to the cyber insurance market in India. But this space remains nascent and poorly understood. How effective is cyber insurance cover in the event of a data breach and what are some common criteria that are being used for evaluating an organizations level of risk? What are the current practices in the Indian market and what kind of traction can be expected in 2017?

Suggested takeaways/Discussion points:

  • The growth trajectory for cyber insurance in India
  • The relevance and effectiveness of cyber insurance
  • Common practices and parameters for evaluating organization
  • Lessons from more mature markets around the world
3:00 pm - 3:30 pm

Live Demo: Defending Against The Modern Malware Kill Chain

Speaker:
Gigi Joseph | CISO | BARC

This session will take a demonstrative approach with the speaker showing the practical application of offensive and defensive techniques that organizations today need to apply to effectively protect against the evolving malware menace, including ransomware and targeted attacks on a live test-bed. The speaker will bring in experiences from his specialist background at BARC to share practical recommendations and insights on defending IT, as well as ICT and OT infrastructure against such cyber threats. The session will look at the unique aspects of authentication and security in the context of IoT devices and other smart devices entering the environment.

  • Frameworks and strategies for effective protection
  • How easy is it to become a victim: some examples
  • The need for a renewed emphasis on getting fundamental security hygiene right
  • Common causes and challenges helping attackers succeed
3:35 pm - 3:50 pm

Break & Networking

3:55 pm - 4:25 pm

Actionable Threat Intelligence: Lower Your Detection Deficit

Speaker:
Venkatesh Subramaniam | Global CISO | Ocwen Financial Corp

Despite the deployment of an array of security solutions, cyberattacks too often remain undetected for months, creating massive financial, operational and reputational impact for the breached organizations. Detection systems produce excessive alerts, forcing security analysts to spend hours on manual validation to eliminate false positives. Persistent threats require an equally persistent response.
Session will cover:

  • How do you convert raw information into actionable intelligence operationally, in the context of your enterprise today?
  • How can you make the best of your threat intelligence subscriptions?
  • And what is the role analytics is poised to play here?
4:30 pm - 5:00 pm

Cloud Security and its Changing Paradigms

Speaker:
Sundar Ramaswamy | Partner | KPMG

Cloud has now established widespread presence in the enterprise technology landscape. Security has matured and there are new innovations like CASBs that are expected to really take off in 2017, with adoption peaking in 2018, according to analyst research. What is the current landscape for cloud security in India? What is the risk perception Indian practitioners have of it and how is it changing? What are some of the data residency and legal challenges and how are they being dealt with?

Discussion points:

  • The state of cloud security and what has changed
  • Maturity levels viz. North America and Europe
  • The threat landscape for could in 2017 and how this affects Indian Organizations
  • Roadmap for cloud security in 2017
5:05 pm - 5:35 pm

How Data Classification Enhances Protection and Reduces the Severity of a Breach

Speaker:
Mannan Godil | CISO | Edelweiss

With more data being moved out of on-premise environments, data needs to be classified and secured to an appropriate level to prevent it from being compromised. This embraces the practice of assessing the risk of data loss and mitigating those risks; and applying adequate resources towards securing the data, both on-premise and in the cloud. Cyber incidents are a fact of contemporary life, and significant cyber incidents are occurring with increasing frequency, impacting infrastructure no matter its physical location. Mitigating the loss of data is therefore a priority. And not all data is equal, some data needs to have a higher levels of security; other much lower; the cost in fact may be 10x different. What are some data strategies that practitioners can adopt to achieve this?

5:40 pm - 5:55 pm

Closing Remarks

6:00 pm - 7:00 pm

Refreshments & Networking

View Second Day's Schedule
8:30 am - 9:30 am

Registration, Breakfast, & Networking

9:30 am - 9:45 am

Opening Remarks

9:45 am - 10:45 am

Panel Discussion: We’ve Been Breached: Now What? How to Effectively Work with Law Enforcement and Regulators

Panelists:
Brijesh Singh |Special Inspector General of Police-Cyber | Government of Maharashtra;
Akshay Garkel | Director – Risk Advisory |Deloitte;
Sameer Ratolikar | SVP & CISO | HDFC Bank;
Raviraj Doshi | CTO |Smokescreen Technologies;

Moderator:
Geetha Nandikotkur, Managing Editor Asia & Middle East, ISMG

Too many organizations continue to address breach response from a reactive mode – having a crude disaster-recovery plan in place in case something “does” happen, rather than accepting that something “will” happen and proactively preparing for it. In this session, a panel of legal, technical and law-enforcement experts will discuss what well prepared organizations are doing right, when it comes to proactive interaction with law enforcement, information sharing and breach investigation and response.

10:50 am - 11:20 am

Breach Resilience: Intelligence Led Approach to Security

Speaker:
Vishak Raman | Senior Regional Director for India & SAARC |FireEye Technologies

The cyber threat landscape has become increasingly sophisticated and heterogeneous. The new threat environment requires a new defensive approach that will apply speed, agility, precision and scale to the problem. Security leaders are beginning to acknowledge that cybersecurity must evolve. Striving to ward off attacks is no longer enough — organizations must also respond to incidents with a focus on managing their business impact. The new approach must automatically integrate threat intelligence, industry best practices, and emerging cyber technology to deliver rapid threat detection, analysis and response. The session will talk about the significance of an Intelligence Led Security posture to build Breach Resilience.

11:20 am - 11:35 am

Exhibiting & Networking Break

11:40 am - 12:10 pm

Countering the Dark Web: Plan, Pray or Pay

Speaker:
Brijesh Datta | SVP & CISO | Reliance Jio Infocomm

The criminal underground harbors marketplaces where criminals coordinate sales of illicit merchandise and stolen data such a leaked credit cards, intellectual property, information, malware samples, exploit kits, etc. which professional cybercriminals use to target and compromise organizations around the globe. This session will focus on highlighting how such information is misused and monetized by cybercriminals.

 

The discussion will also envelope the advanced organization of cybercriminals, the post-breach criminal monetisation techniques, how to counter the growing number of malicious services, other activities and various techniques to understand how hackers prepare, infiltrate, exfiltrate data from corporate networks.

The session will discuss:

  • Post-breach criminal monetization techniques and how cybercriminals put a value to the data;
  • How to counter the growing number of organized for-hire cybercrime services;
  • Various techniques to understand hacker Modus Operandi and what they are after.
12:15 pm - 12:45 pm

The Black Market For Data In India – How it Works

Speaker:
Reshmi Khurana | Managing Director and Head, South Asia | Kroll Advisory

The estimated size of the black market for data in India is pegged at around $1 billion by an industry report. So what does this black market look like? How is the data procured, collated, validated and sold. And most importantly, what effect is this pilferage of data having on Indian enterprises?

 

This session will look at the economics of how the data market functions, how it is driving the fraud landscape, and what this means for information security & fraud practitioners today. What can be done and how can a concerted effort be made to fight this menace affecting the integrity of businesses – large and small. The session will attempt to showcase this problem from the perspective of various stakeholders, and talk about the linkages between information security and the fraud domain today.

Session will address:

  • Understanding the data black market in India – Where is your critical data most vulnerable and What kind of data is being targeted how is it being stolen
  • What happens to stolen data, how is it processed and used to commit fraud
  • The points of convergence between fraud and information security
  • Ensuring practical and effective fraud management and data leak prevention
12:45 pm - 1:45 pm

Lunch

1:45 pm - 2:20 pm

Live Demo: New Age Authentication Strategies and Roadmap

Speaker:
Rizwan Shaikh | Founder | Pristine InfoSolutions

Knowledge-Based Authentication and simple password authentication are antiquated in the age of the data breach. With rapid global growth in online and mobile banking and the rise of worldwide real-time payments, financial institutions are implementing innovative authentication methods aimed at improving customer experience while securing evolving ecosystems. Yet these authentication methods often function in silos, and then result in unnecessary customer challenges and ineffective operations.

Enterprises need an omni channel, customer-centric authentication management strategy that allows them to dynamically decide when and how to challenge customers. In devising this strategy, organizations can learn from the ways in which FIs use intelligent authentication management to manage customer authentication processes across all channels to make real-time, risk-based decisions.

The session will discuss:

  • Omni-channel authentication management;
  • New advances in authentication technologies;
  • Customer-first authentication decisions;
  • How to write authentication strategy policy for complex ecosystems.
2:25 pm - 2:55 pm

India’s Information Sharing Deficit

Speaker:
Vikas Singh Yadav | Cybersecurity Expert & Advisor | Government of India

Cyberattacks are now common place, with enterprises big and small becoming victims; not just in the big cities, but across the country, with little or no legal recourse or technical expertise available most of the time. And while it is common knowledge that everyone is under attack, practitioners are having to depend on the informal information sharing practices: ‘Old Boy’s’ networks and word of mouth, with virtually no effective method, framework or platform for information sharing operating in the country. Efforts such as IB-CART are floundering and need a firm strategic footing. Why is this worrisome and wat needs to be done immediately?

Discussion points:

  • The relevance of information sharing in the modern threat context
  • Contextual challenges in India that are hurdles to Info Sharing
  • The pressing need being articulated by the community
  • A viable framework to initiate sharing of information in an effective, sustainable manner
2:55 pm - 3:10 pm

Break & Networking

3:15 pm - 4:15 pm

Speed Networking With Presenters and Peers

One of the most valuable ways to learn is through interaction with your peers. Our “Speed Networking” session will provide an opportunity to meet practitioners who have similar challenges in the arena of fraud and breach prevention and discuss solutions to those potential obstacles. Mingle, share and learn in this unique, rapid fire and interactive environment.

4:20 pm - 4:50 pm

Plenary Session: Andhra Pradesh State Government’s Cybersecurity Strategy

Speaker:
J A Chowdary | Special Chief Secretary & IT Advisor to the Chief Minister | Government of Andhra Pradesh

With cybersecurity awareness increasing in government circles, various state governments are putting in plans to address the cyber risk resulting from digitization. The Andhra Pradesh state government has taken the lead and is a case study for other governmental entities in the country. In this session the speaker will delve into the AP’s cybersecurity initiatives, the goals, the risk perception and the roadmap going forward.

4:55 pm - 5:25 pm

Special Session: Speed of Innovation in Security - How Practitioners Can Adapt to the Dynamic Landscape

Speaker:
Pravin Rajpal | Founder-InnovatioNext | Innovation Coach to Fortune 500 Companies

The security landscape is highly dynamic and changes at a rapid pace from moment to moment. What can practitioners do and how can they innovate to keep pace and remain relevant in this ever changing environment? The speaker will showcase new age paradigms of innovation to help practitioners ideate better in their roles, in addition to speaking about the 3D idea generator, which is widely acclaimed for generating breakthrough ideas in innovation through gamification, to define and achieve organizational goals as practitioners in the information security and fraud domains.

5:30 pm - 5:40 am

Closing Remarks/ Vote of thanks

View First Day's Schedule

Meet Our Speakers

Threat Intelligence and the Power of Attribution

Arbor's Paul Bowen on Where Organizations Miss the Mark with Threat Intel

Ratings’ Role in Vendor Risk Management

SecurityScorecard's Sam Kassoumeh on How to Improve Vendor Assessments and Results

Security Readiness: How Do You Stack Up?

Intel's David Houlding on the Value of Benchmarking Tool and Data

A Common Sense Guide to Mitigating Insider Threats

Randy Trzeciak of CERT Reviews the Latest Research

Gartner’s Avivah Litan on Attribution and Elections

Analyst Offers Insights on Technologies to Improve Digital Attribution and Voter Authentication

How Cybercriminals Use Facebook

RSA's Daniel Cohen Describes Use of Social Media to Sell Stolen Cards

Visa on Growth of Card-Not-Present Fraud

Gord Jamieson Outlines How Canada Is Responding to New Wave of CNP Incidents

How the Dark Web Presents New Insider Threats

Carnegie Mellon's Michael Theis Offers Update on Latest Trends

Data Security Lessons Healthcare Can Learn From DoD

Dave Summitt Describes Applying Defense Department Strategies to Health Data Protection

Breach Investigations: Switching Sides

Former FBI Agent Jay Kramer on His New Legal Role in the Private Sector

SPONSORS / Supporting Organizations

Arbor Networks
Carbon Black
Check Point
Darktrace
Dell Security
Equifax
FireEye
Fiserv
Information Security Forum (ISF)
IPSwitch + Roundrobin
ISACA Pune Chapter
Ixia
NSFocus
Paloalto
Security Scorecard
Smokescreen
(ISC)² Delhi Chapter

SPEAKERS / Featured Speakers in this Summit

Dr. A.S. Ramasastri

Director, IDRBT

Sameer Ratolikar

CISO, HDFC Bank

Brijesh Singh

Inspector General of Police (Cyber) and CISO, Maharashtra

Shivakumar Sriraman

Chief Risk Officer-India & South Asia, VISA

Venkatesh Subramaniam

Global CISO, Ocwen Financial Corp.

Geetha Nandikotkur

Managing Editor, Asia & the Middle East, ISMG

Brijesh Datta

CISO, Reliance Jio

Mannan Godil

CISO, Edelweiss

Ankur Jain

Director-IT & CISO, PayU

Gigi Joseph

CISO, BARC

Ravikiran Mankikar

CIO & CISO, SVC Bank

Sundar Ramaswamy

Partner, KPMG

Sunil Varkey

CISO, Wipro Limited

Reshmi Khurana

Managing Director India & South Asia, Kroll Advisory

Akshay Garkel

Director, Enterprise Risk Services, Deloitte India

K Suresh

Vice President IT, Tata AIG General Insurance Company

Rizwan Shaikh

Founder & CTO, Pristine InfoSolutions

Dinesh Bareja

Principal Advisor, Pyramid Cyber Security & Forensics, Dubai & India

J A Chowdary

Special Chief Secretary, & IT Advisor to the Chief Minister, Govt. of Andhra Pradesh

Vishak Raman

Senior Regional Director-India & SAARC, FireEye

Vikas Singh Yadav

Ministry of Defence, Government of India

Pravin Rajpal

Founder - InnovatioNext and Innovation Coach to Fortune 500 Companies,

Manish Sinha

Senior Consultant, Arbor Networks

Apurva Jain

Regional Sales Manager, Darktrace

Raviraj Doshi

CTO, Smokescreen Technologies

S.V. Sunder Krishnan

Chief Risk Officer, Reliance Nippon Life Insurance

LOCATION / Venue & Address

The Leela Mumbai

Andheri Kurla Road, Sahar, Mumbai, Maharashtra 400059, India

Location TBA

Register Now

WATCH SESSIONS ONLINE

For our premium members, we offer online webinars from all of our past events. Become a member now to get access to keynotes and important sessions from previous events.

Become a Member

Registering For a Group?
Call + 1 (609)-356-1499  or email at events@ismgcorp.com