Speaker:
Jelena Zelenovic Matone, Senior Unit Head, Op. Risk & CISO, European Investment Bank

Emerging from the COVID-19 quarantine, enterprises cybersecurity leaders suddenly find themselves tasked with securing a new hybrid workforce and defending their largest-ever attack surface. Identity is the new perimeter, and cloud is the new environment. What are the threats to watch and technologies to embrace? Join Jelena Zelenovic Matone, CISO, European Investment Bank, as she discusses:

• The new threat landscape
• Identity, cloud, endpoint security and other key priorities for 2021
• Leadership demands for the new hybrid workforce

Speaker:
Tom Smith, Solutions Architect, Veracode

Like operations, security's goals of minimising enterprise risk sometimes seem to be at odds with development's mandate for change. In reality, there is a middle path that can allow development to deliver more secure code at DevOps speed, but it requires security to adapt to the principles that have proven successful for DevOps. Join this session and you will come away with an understanding of:

• Automating Security into your DevOps process
• Integrating to "Fail Quickly"
• Limiting False Alarms
• Building Security Champions
• Keeping Operational Visibility

Speaker:
John Marsden, Head of Fraud Prevention and Authentication - EMEA, TransUnion

Speaker:
Giorgio Gheri, CTSO, Qualys

All Industries need to continuously ensure the security of their IT environment. Security is a must, but it is painful, expensive, and there is no glory! Blighted with challenges the real question is: what are the critical points that require the biggest effort, and how to make them smoother and possibly automatic. Our session will explore:

• Data Enrichment
• Context- and Risk-driven Prioritisation
• Effective Remediation Workflow

We will then conclude with the only real concern: when you remediated, did you really remediate?

Speaker:
Barry McMahon, Sr. Intl Product Marketing Manager (IAM), LastPass by LogMeIn

In a recently published European wide report sponsored by LastPass, the research findings are clear: business leaders want security to demonstrate greater value-add in areas such as operational excellence, user experience and compliance. Yet, with 60% projects kicked off without security involved, it's almost impossible for security leaders to stop being perceived as blockers.

In this session, Barry will share key insights and guidance on how security leaders can leverage Identity and Access Management (IAM) to turn the challenges they face from within their own teams, and from across the business, into opportunities to deliver on key business priorities that will enable the business to grow and operate securely.

There is also guidance on how to best to position the benefits of IAM by speaking the language of the board

Speaker:
Michael Mauch, Product Manager, Network Security Architecture - Symantec Enterprise Division, Broadcom

Securing a remote workforce has never been more essential for today's Financial Institutions. Workers must remain productive wherever they are, but a poorly implemented solution will only add complexity and cost, eliminating many of the benefits of moving to the cloud.

As more users need remote and mobile access to websites and cloud applications, digital transformation was intended to remove the cost and complexity of the traditional perimeter defense. However many are finding that's not the case, while the lost insight and control have made matters worse. To solve this issue, security professionals are rapidly coalescing around a Secure Access Service Edge (SASE) approach to deliver smooth, low-latency connectivity that pleases users and those that need to protect them alike.

This presentation will clarify the importance of SASE and Integrated Cyber Defense in protecting customer data, preventing attacks and optimising security operations in Financial Services.

Speakers:
Ian Porteous, Regional Director, Security Engineering, Check Point Software Technologies
John Salmon, Partner, Hogan Lovells International LLP
Quentyn Taylor, Director, Information Security, Canon EMEA
Victoria Baines, Visiting Fellow, Oxford University

The attack surface will be larger than ever, the workforce more distributed than we've known, and our cybersecurity will be contingent upon how we approach identity, cloud, email and endpoint devices.

This is the unfolding scenario for 2021, and this panel brings together a diverse group of experts to discuss:

• The evolving threat landscape;
• New business challenges and regulatory demands;
• Emerging technology solutions;
• X-factors that could disrupt everything.

Speaker:
Patrick Grillo, Senior Director, Solutions Marketing, Fortinet

Providing secure remote access to employees has been a long-standing part of any IT strategy, but with the recent need for more employees to work remotely, organizations have found their existing capabilities overwhelmed. While supporting this type of workforce with little to no notice was critical to ensure business continuity, guaranteeing the security of both the remote employee and the organization is equally crucial. Organizations should also be prepared that a large remote workforce becomes the norm rather than a response to an unexpected disruption.

This session will examine how organizations should prepare themselves to securely support the rising number of remote users with potentially differing capabilities.

Speaker:
Martyn Crew, Director of Solutions Marketing, Gigamon

The old cliché "you can't protect against what you can't see" holds as true for cybersecurity as for physical security. Financial Services organizations have been at the forefront of digital transformation and have realized that, without the right planning and tools, security can become a casualty in this process.

View this webinar and join the discussion involving these issues and ways that Financial Services organizations can protect themselves and their customers in the digital transformation process.

Speakers:
Charles Keane, Security Specialist, User Entity and Behavior Analytics Group, Forcepoint
Homayun Yaqub, Senior Director of Strategy, Forcepoint

The challenges of a rapidly growing mobile workforce coupled with the ever-rising demand to increase productivity have highlighted the need for greater precision in evaluating risk exposure and improving an organization's security posture. Despite these significant variables, a financial institution's most valuable resources remain constant - its people and the highly sensitive data they interact with.

In this session, Forcepoint's Homayun Yaqub & Charles Keane will be exploring "Security and Conduct Risk in Evolving Work Environments". Attendees will discover:

• Why traditional monitoring and surveillance approaches are incomplete
• How to improve organizational efficacy by better aligning compliance and security objectives
• The benefits of a people and data centric security strategy to more effectively reduce risk exposure.

Speaker:
Robert Golladay, Strategic Accounts Director, Illusive Networks

An attacker's most efficient approach to a pay day is to land on a host and then 'live off the land' using the residue of errant credentials and connections left behind from the course of daily operations-cached domain admin credentials, disconnected RDP sessions, local admin accounts using the same password, and more. Once an attacker grabs domain credentials, the odds are against you successfully detecting lateral (or vertical to cloud) movement when their activity appears 'normal' to most security tools and established baselines. Given the turbulent state IT security driven by massive employee shifts to WFH status, existing tools are all the more challenged to discern real threats from false positive anomalies. To flip the odds in your favor, we will share how distributed, endpoint-based deception technology is helping deliver incontrovertible detection of attacks in motion, be it external threat actors or malicious insiders. Rather than resource intensive 'probabilistic' alerts that end up as false alarms, deception technology has emerged as a 'deterministic' solution for early attack detection, allowing organizations to build new forms of automated threat response armed with precise, source based forensics.

Speaker:
Christopher Martin, Security Specialist, Chronicle, Google Cloud

Big data once meant terabytes; today, your business thinks in petabytes or more. Learn how to combat critical threats in the Financial Services industry and in your own network by correlating your massive amounts of telemetry data with threats in the wild at the speed of a Google search. Power your incident investigation and threat hunting with relational metadata and retroactive and proactive hunting capabilities in the world's largest malware library.

Speaker:
Jonathan Armstrong, Partner, Cordery

In this session, Cordery law firm partner Jonathan Armstrong will review some of the legal and compliance issues for European enterprises in the post-pandemic era, including:

• GDPR enforcement
• The unique risks associated with returning to the office
• Increased security and litigation risks related to device and data security.

Speaker:
Matthias Maier, Product Marketing Director, Splunk

Security teams need to plan and prepare for a consistent security and compliance posture across a larger, more fluid ecosystem in the cloud. To cover the additional attack surface, it's important to know all the nooks and crannies, and what operates within them. One of these operators are the App Dev teams that increasingly move toward DevOps. Code is being built and released at a level of speed and complexity that leads to high interdependencies - causing unpredictability and risk. Now more than ever, a strategy needs to balance Security Operations' costs with the growing list of responsibilities that come as part of the package with cloud. Don't be left behind, join this session to learn the secrets of leading security teams, including:

• What the future of security operations centres (SOCs) and job roles will look like
• How the SOC Team needs to be strategically embedded in DevOps
• How to ensure and monitor compliance with an organization's security policy across multi-cloud services
• How DevOps' principles can be practiced in the SOC operating model
• What it looks like to plan and establish a SOC in the cloud
• Starting your plan and how to communicate it to managemen

Speaker:
Jeremy King, International Director, PCI Security Standards Council

In an increasingly digital world, where players from virtually all sectors are racing to innovate, the risk of data theft is very real. The payment card industry has defined standards for protecting cardholder account data. But what about other data types? And what can be learned from payment card industry standards? As recent, high-profile breaches have shown, personal data is increasingly being targeted by cyberattackers and must be protected. Even email addresses, if left unprotected, can be valuable resources for attackers interested in waging socially engineered attacks against customers and consumers.

So what lessons can be learned from the data security practices that the payment card industry has introduced over the years? This session reviews the various solutions used to secure cardholder data and describes why ongoing work to devalue data, regardless of the data type, has become increasingly critical.