Recent security breach and fraud incidents across enterprises of all sizes suggest that organizations need much better defenses. As new attack trends emerge, including newer forms of mobile attacks, the world is moving from a "Cold War" to a "Code War," where information has become vulnerable and organizations struggle to mitigate sophisticated intrusions that slip through the chinks in their armor.

This keynote kicks off the summit with a review of the threat landscape and the state of cybersecurity solutions and services. It pinpoints what enterprises need to do to keep pace with global cyber threats.

The biggest challenge with cloud migration is effectively managing resources. Automation can help, although it presents its own challenges, including visibility, a perceived loss of control and possible incompatibility of security tools and controls in the cloud.

It is critical to have automation capabilities in place that can pull together disparate sources, implement changes and reduce the risks posed by existing cloud assets.

This session reviews:

• How to automate the security controls and processes in the cloud;
• Deployment of the right security tools and technologies to build a data protection framework;
• Innovation security architectures to address digital complexities in the cloud.

Speaker:
A. K. Elavarasu, Vice President & Head-Information risk and Business Continuity, Mphasis

End point detection and response (EDR) implementation can be a time-consuming process that requires specialized skills. But it generates finely detailed technical data about every aspect of an end point, which helps in enhancing security. Although deploying EDR could be impractical for organizations that have small IT teams, for larger organizations, it has the capability to address some fundamental issues that signature-based anti-virus programs cannot handle. This session features a discussion of:

• The resource requirements for migrating to EDR;
• A plan for going down the EDR path;
• A strategy for getting the most from an EDR deployment.

Speaker:
Sudarshan Rajgopal, Global Lead- Information Risk Management and Security, Shell

As cyberattacks become more frequent, security operations teams and CISOs are struggling to keep up with the deluge of security alerts from an increasing arsenal of threat detection technologies. The challenges from an increasingly hostile threat landscape, combined with a lack of people, expertise and budget devoted to security, are driving organizations toward security orchestration and automation to tackle threats and transform security operations.

The session discusses:

• How digital transformation will enable security's transparent orchestration movement;
• Deriving threat intelligence from multiple sources in real time;
• Leveraging human and machine power to prioritize incident response activities;
• Automating machine-driven activities.

Threat hunting is the latest innovation for security operations centers when it comes to combating advanced security threats.

When resources and security controls deployed for early detection are inadequate, artificial intelligence may be a more effective approach to threat hunting and responses to advanced attacks.

This session reviews:

• Marrying threat hunting and incident response;
• How human intelligence can be used to proactively identify and mitigate threats more readily and reliably;
• How AI helps gather intelligence from billions of transactions.

Organizations are increasingly looking at advanced IAM policies and controls to reduce insider data breach risks.

CISOs are working toward establishing processes to grant appropriate access to data by creating and managing user accounts and preventing unauthorized access to information.

Organizations have started automating the processes with an advanced IAM solution to gain holistic access controls, user accountability and system auditability and threat detection.

The session addresses:

• How processes are being automated with the latest IAM solutions to weaken adversarial attack chains;
• The use of a multifactor authentication to add a layer of security and access and privilege-based control;
• Integrating IAM into existing systems through services that consolidate identities across applications and platforms.

The breach prevention used to rely heavily on static, signature-based detection. This is no longer an approach that will keep even simple threats out of your environment. This session will explain how AI, deception and dynamic behavioral analysis can enable organizations to prevent advanced attacks including ransomware, fileless malware, and never-before-seen threats.

The sessions will walk through such novel attacks and how an enterprise can implement countermeasures and defense techniques using AI and Machine Learning.

The session details:

• Focus on the machine learning models and techniques to identify unknown-unknown cybersecurity risk categories;
• Understand best ways to do cybersecurity incident profiling;
• How AI & ML can be part of a single architecture to protect against complex threats.

Visibility has been a big challenge for every security practitioner. The exponential increase in volume of incidents, threat intelligence and advisories that a typical security team needs to sift through on a daily basis, as well as the sophistication and stealth employed by advanced attackers makes detecting an intrusion like finding a needle in a haystack. Traditional approaches are failing to effectively scale to address contemporary challenges, and a fresh look at visibility is necessary for active threat-hunting, which deception technology can provide.

By bringing broad military deception strategies to cybersecurity, deception technology puts the narrative squarely back in the hands of the defender in the event of an intrusion.

This session will address:

• Making incident response and remediation an active, near real-time process;
• Creating an early warning system that gives practitioners the chance to determine motives;
• Devising a strategy for effectively incorporating deception tech into a security strategy.

Speaker:
Diwakar Dayal, Managing Director - India & SAARC, Tenable

With digitization in full bloom, organizations' IT infrastructures have mushroomed to another level. As a result of new technologies, including IoT and the cloud, the cyberattack surface has spread far beyond laptops or servers in a data center.

But are security strategies evolving to keep up with the changes? How can organizations measure their cybersecurity success? This session addresses these and other important questions.

Our speaker discusses:

• The role of "risk score" metrics;
• Discovering and quantifying an organization's cybersecurity riskmeasure;
• Using metrics to create a cybersecurity report card and prepare a roadmap to reduce cyber risk;
• Prioritizing the risks and vulnerabilities that need immediate attention.

There have been reports of India losing $18.5 billion due to business done on the digital black markets, which are used by hackers to infiltrate and siphon off information from big companies. Use of the dark web has raised questions on the loopholes in the laws in place to govern cybercrime in India. In the recent case Cosmos bank fraud, case, for example, $13.5 billion was fraudulently transferred with some assistance from the dark web.

The session details:

• How law enforcement agencies are dealing with the dark web;
• Challenges for investigating agencies in gathering evidence through the dark web;
• The complexities of the dark web and what needs to be done to pre-empt an attack and to understand the hackers' mindset;
• The need to be concerned about the dark web as part of your proactive defense strategy;
• How to approach monitoring and remediation if your content appears in the dark web.

Speakers:
Justice B N Krishna, Former Judge, Supreme Court of India, and Chairman of the Data Protection Committee
Latha Reddy, Distinguished Fellow, East West Institute, New York & Former Dy. National Security and Cybersecurity Adviser of India

Speaker:
Subhajit Deb, CISO, Dr. Reddy's Laboratories

Since May 25, 2018, when GDPR went into full effect, security practitioners have been waiting to see how privacy regulators might impose sanctions for breaches. They're still seeking clarity on various GDPR clauses. For example, is there a resilient data protection framework for GDPR? How can an organization implement built-in security controls for its data inventory? How should data governance be handled?

This session addresses:

• The practical challenges security practitioners face in complying with GDPR;
• How to build a strong privacy-centric contract and governance mechanism for suppliers and other third parties;
• Building in effective security controls at the design stage.

Speaker:
Sridhar Govardhan, CISO, Wipro Ltd

The recent breach incidents at Union Bank, Cosmos Bank and Punjab National Bank reveal interesting insights about insider fraud and how insiders can evade both deterrent and detection controls. This sessions offers insights from a CISO on how to detect and prevent insider fraud, as well as how to map insider threat programs using artificial intelligence and other advanced technologies.

Attend this session to learn:

• A model encompassing control implementation and monitoring of processes and technology usage by those with privileged roles;
• How "accidental insiders" are enabling fraud schemes;
• Integrating AI-enabled decision making and continuous surveillance with other enterprise systems.

Email remains a key vector for attacks, with business email compromises, which often involve impersonating a senior executive to request a money transfer, a growing concern.

BEC attacks often are not detected because the transaction appears legitimate. CISOs have searching for better ways to mitigate the risk.

This session reviews:

• The weakest link in business email security;
• How to better articulate the threat of email spoofing to executives;
• Techniques to plug gaps in email security.

As businesses surge ahead with agile development processes, security needs to integrate with the DevOps process to ensure responsibility is shared and security is built in.

DevSecOps enables application security testing in a more automated fashion.

This session reviews:

• How security teams can align their incentives with operations and developers;
• The benefits and challenges of DevSecOps;
• The regulatory mandates and compliance issues around secure coding?

CISOs are constantly working to develop detection, response and recovery capabilities, while prevention tops the wish list. To handle the skyrocketing volume of malware and cyber exploits, many enterprises are building SOCs that provide a central place for detecting, diagnosing and remediating online attacks.

There's a need to move to a next-gen SOC, or CSOC (Cybersecurity Operations Center) to be more proactive in detecting threats. This can be done by integrating analytics, threat hunting and threat intelligence functions with conventional SOC functions, including engineering, incident analysis and response.

This session details:

• Necessary ingredients of a CSOC that help in proactive monitoring and management capabilities;
• Tools for detection, quick response and sound analytics;
• Components of risk analysis engines.

Cognitive and behavioral biometrics can play an important role in the fight against fraud. This session describes various models used for behavior pattern analysis and demonstrate how this may be integrated into a SOC to achieve a proactive posture.

It addresses:

• Developing a risk framework with cognitive security;
• The technological expertise available to detect these anomalies and patterns;
• Detecting fraud in real time.

Speakers:
Jagmohan Singh, CISO, Canara Bank
K S Narayanan, CISO, PwC India
Sethu S Raman, CRO, MphasiS
Vijay Bharti, Senior Vice President & CISO, Happiest Minds

India's regulatory bodies are insisting that transactional data be stored domestically to help prevent breaches and to have better data protection mechanisms in place. The move could help fast-track cybercriminal investigations. But will data localization lead to improved data security?

This panel discusses:

• Whether the emphasis on data localization could hamper security efforts;
• The cost implications on storing data domestically;
• The best security controls to put in place;
• Whether creation of next-generation SOCs will help in building a strong monitoring framework.

Speakers:
Minatee Mishra, Security Center of Excellence (ScoE), Philips HealthTech
Ravikiran Avvaru, CISO, Toyota Kirloskar
Sridhar Subramanian, CISO, NCDEX
Subhro Dey, Associate VP-Risk and Compliance, Barclays Investment Bank

Too many organizations continue to address breach response from a reactive mode - having a crude disaster-recovery plan in place in case something "does" happen rather than accepting that something "will" happen and proactively preparing for it.

In this session, a panel of legal, technical and law enforcement experts discusses what well-prepared organizations are doing right when it comes to proactive interaction with law enforcement, information sharing and breach investigation and response.

The session discusses:

• Assessing an incident response plan;
• Evaluating forensic readiness;
• Using an information sharing mechanism.