Speaker:
Gorka Sadowski, Former Gartner analyst and Chief Strategy Officer, Exabeam

Billions of dollars are spent annually to set up SOCs across every industry, and yet, according to RBS, 3,932 breaches were publicly reported in 2020 alone. Why are SOCs failing? Why are SOCs failing and the outcomes-based maturity model required to build resilient cyber organizations? Why is an outcome-based approach the only way for SOCs to offer adequate coverage and protection for your organization?

The session will discuss:

• How the most successful SOCs use a comprehensive, strategic, and end-to-end focused approach to address 95% of all operational issues at scale
• Why it is critical for Security Operations (SecOps) to become more use case-driven and complete lifecycle workflow orientated
• Lastly, learn about a new simple framework and maturity model that will help your organization approach SOCs the right way

Speaker:
Illyas Kooliyankal, Group CISO, Abu Dhabi Islamic Bank

A remote workforce. Economic stress. Pandemic fatigue. Rise in cyberattacks, Digital Transformation. These ingredients create a “perfect storm” for making cyberspace a war front for CISOs. According to media reports, UAE witnessed around a 250% increase in cyberattacks. About 95% of the Saudi Arabian organizations suffered a cyberattack in the past year, owing to the continuous adoption of new technologies and digitalization in the region.

Cyberspace provides the hackers an easier and faster platform to defraud the public and intrude into organizations. Sophistication in the attacks, leveraging the latest technologies like AI, and entry of naive users gave an additional impetus to the cybercriminals, where even nation-states and hacktivist groups increasingly started to play their role, increasing the complexities for CISOs.

The session will discuss:

• The real reasons for such elevated cyberattack scenarios
• How are CISOs bolstering their Cyber Defenses to Establish Business Resilience
• Prioritizing risks and investments to deploy the right security posture

Speaker:
Andrew Tsonchev, Director of Technology, Darktrace

The emergence of artificial intelligence-enabled malware is making cyber-attacks exponentially more dangerous and harder to identify among rapidly evolving technological advancements. Mounted at speed and scale, the AI-powered cyber-attacks will drastically increase yield for cyber-criminals, and they may even result in the subtle manipulation or distortion of information or data. In the face of offensive AI attacks, organizations turn to defensive cyber AI, identifying and neutralizing emerging malicious activity, no matter when or where it strikes.

The session will discuss:

• Paradigm shift in the cyber-threat landscape with advancement in offensive AI attack techniques
• How defensive AI tools can fight back
• Real-world examples of emerging threats that were stopped with Cyber AI

Speaker:
Neil Thacker, CISO, EMEA, Netskope

Organizations feel a shift in networking and security as they continue to adopt and embrace the cloud rapidly. With this shift, security and networking services and controls are converging while shifting to the cloud also. Enterprises are demanding speed, agility, security, and reliability without compromise. Simultaneously, CISOs are being tasked with delivering this transformation with the same apparent reduction in costs that cloud infrastructure programs have delivered.

The session will discuss:

• How the move to the cloud can improve TCO and improve ROI on network and security spend
• Demonstrate operational efficiencies to ensure network and security staff can re-purpose and prioritize their time to focus on events, alerts, and incidents
• A four-phase strategy focused on improving cloud security while supporting network and security transformation

Speaker:
Aram Eblighatian, Senior Technical Product Manager, BigFix

COVID-19 has introduced new challenges to IT Operations and Security Teams, forcing them to adapt to evolving workplaces, infrastructure, and tools to adapt to new processes and requirements to maintain agility and business continuity. Now more than ever, organizations need more effective risk-based vulnerability management and remediation solutions.

The session will discuss:

• Why organizations struggle to remediate known vulnerabilities
• How IT and Security teams can work better together
• How organizations can compress the time from vulnerability assessment to remediation

Speaker:
Roshdi Osman, Cybersecurity Specialist, Saudi Aramco

Enterprises have started embarking on a risk-based approach to identify, evaluate and prioritize threats. Security practitioners a customized method is evolved to enable the businesses to tailor their cybersecurity program to specific organization needs and operational vulnerabilities. Cybersecurity practitioners have been resorting to conduct business outcome analysis and risk assessment performance to quantify risks.

The session will discuss:

• What kind of security controls or frameworks are needed to perform a risk assessment
• How to establish continuous monitoring and governance to protect your critical infrastructure against attacks
• Aligning with other stakeholders in evolving a risk-based program

Speaker:
Arwa Alhamad, Cyber Security Enablement Director, Saudi Telecom Company

As Covid 19 has ushered in increased phishing scams across the Middle East nations, it has also called for a change in behavior in almost all areas, including cybersecurity, managers, and employees. With this, IT security's 'human factor' is becoming more relevant for a company to defend against cybercrime. The most prominent among phishing scams is the 'CEO scam', in which employees receive emails from their superiors requesting them to make payments or transmit sensitive information, among others.

The session will discuss:

• How to influence and secure the elusive human factor
• How to build a multi-line of defense by collaborating with the stakeholders
• Harnessing technologies to enable the teams to fight against phishing scams

Speaker:
Mohammad Mostafa, Global CISO, Egyptian Arab Land Bank

COVID 19 has thrown up multiple challenges for security practitioners. With most employees working at home during the COVID-19 pandemic, it's more important than ever for businesses to ensure that their third-party providers have adequate business continuity plans to provide uninterrupted service.

It's critical to ask and revalidate if our suppliers' business continuity plan is adequate to sustain our operations and understand our stated objectives. We typically think of supply chain attacks as stealthy attacks on hardware components, such as malware on laptops and network devices. However, recent incidents have proved it is more than that.

The session will discuss:

• How should the risk framework of supply chain vendors evolve
• The risks posed by different kinds of vendors
• How to redesign SLAs with third parties

Speaker:
Amit Mehta, Cybersecurity Advisory Lead, Middle East & Africa, Mastercard

Cyber-attacks, data breaches, and regulatory fines have become commonplace. Despite growing investment in security, many organizations still struggle to manage cyber risks. An average company deploys 47 security tools and still gets breached. Technology alone is not the answer to this problem. Cybersecurity is much more complex and needs expert focus, careful thinking, and senior management commitment. Organizations must take a holistic approach to cyber risk management and make decisions based on the potential business impact.

The session will discuss:

• Overview of the regional cyber threat landscape
• A holistic approach to cyber risk management
• Why we need to quantify cyber risks to make a good investment decision

The UAE has seen a 250% increase in cyberattacks this year, with ransomware incidents increasing in frequency. The financial sector and the health sector was one of the most affected. To this point, the focus of ransomware defenses has been on detection, but experts say it's time to shift to protection and even recovery. Some believe that an effective backup system that enables organizations to restore encrypted data without paying the attackers is business-critical.

The panel will discuss:

• Preventative measures every organization can take
• The first thing security teams should do if ransomware infects users' systems
• How to shift defensive strategies to protection and recovery

Speakers:
Narayanan Krishnan, Chief Technology Officer, Falconeye Cybersecurity
Riyad Jazmawi, Head of Information Security and IT Governance, Investbank, Jordan

Are security leaders creating value for business and part of technology innovation?: Is the CTO function aligned with security in driving innovation? Meeting the Expectations. Where is the Disconnect?