Manage Information, IT & Data Security Risk : e-Crime Congress UK

Key Themes & Event Format

Event Format
The event is divided into plenary sessions and a dedicated series of education seminars that form part of the main agenda.

Plenary sessions are designed to provide delegates with practical strategic and tactical knowledge, complimented by education seminars which offer hands-on technical know-how.

This format ensures that information security stakeholders are provided with all the relevant information they need on how to manage threats and overcome challenges.

Networking opportunities are provided over the course of the event during refreshment breaks and a buffet lunch.
Key Themes
The latest from the threat landscape: cutting through the hype to identify emerging attack profiles that should inform information and I.T. security priorities for the year ahead

Previous evolutions in the threat landscape demonstrate that cyber attacks relying on a broad range of compromise create the conditions for those that follow to be stealthier, increasingly automated and more targeted. As malware becomes more sophisticated and malicious players who control large networks of infected computers (botnets) harvest intelligence on the systems that are connected to infected devices the threat from attacks designed to target highly specific information in a narrow range of organizations will increase.

Implications of the latest evolutions in zero day attacks, blended threats, Trojans, information harvesting malware, drive by downloads, web attack tool kits and rootkits
Advancing protective measures to defend against multiple attack vectors and the vulnerabilities created by internet business models and feature rich applications
Implementing effective defence mechanisms against focused exploits designed to target sensitive data by exploiting weak points in systems and processes
Preventing compromise or data exfiltration and minimising the chance of data loss due to weak points in defences across endpoints, networks, and servers
Addressing key areas of vulnerability across the network and application stack: securing technology and protecting data in a changing business and I.T. environment

Information security frameworks are being challenged to evolve. Technological innovations are enlarging the attack surface and placing IT departments at odds with regulatory requirements. Historically, security policies were documented and controls implemented in a reactive manner, either in response to incidents or adverse audits. As a result controls often only served a narrow purpose such as providing a compliance green light. Policy and the controls environment must now be aligned to meet changing operational needs while also ensuring the agility to prevent, detect and respond against future threats.

Building an intelligence led approach to the protection of electronic assets that counters internal or external attack vectors and mitigates threats to sensitive data
Combining threat modeling and impact assessments to inform business decision making processes and ensure a robust technology risk management strategy
Identifying vulnerabilities proactively across applications, networks and business partners' systems to reduce the attack surface and block known exploits
Defining a governance framework for the controls environment to deliver an adaptive capacity as risk profile changes in regard to threats and regulations
Architecting security in, not bolting security on: mitigating risks, ensuring compliance and supporting business goals by building security into BAU (Business As Usual)

Reducing risk, protecting data and securing technology requires a strategic, business led approach. The range of actors that pose a credible threat to the confidentiality, integrity and even availability of sensitive data has grown to include state sponsored attackers and self-styled hacktivists. At the same time the expanding cross-border influence of regional data protection and privacy legislation is increasing the burden of compliance. Building security into normal operational capability must become a priority as companies reduce the time it takes to launch new products to market.

Enhancing security architectures and risk management processes to manage the business demand for workforce mobilisation, web 2.0 technologies and outsourcing
Delivering robust capabilities within closed or shared virtual environments to effectively mitigate threat vectors and defend against new attack scenarios
Striking the right balance between effecting business change, redesigning I.T. processes and implementing technical controls to create value from compliance spending and improve security posture
Integrating security into change management processes to increase the effectiveness of security inspection, testing and assurance across networks and operating systems
Identifying and managing a data breach or network intrusion: effective frameworks for detecting compromise, responding to incidents and conducting cyber forensic investigations

Recent cyber attacks reported in the media demonstrate that organisations need to reconsider their risk profile, reassess how they measure the effectiveness of their information security posture and update their incident response plans. An organisation’s cyber risk profile is no longer determined by the potential monetary value of information to attackers. The threat landscape is made up of many malicious players with different motivations and aims. It is increasingly difficult to predict the nature and severity of attacks. Testing and updating incident response capability to make sure it is fit for purpose is therefore vital.

Defining the mechanics of an incident management plan to ensure a coordinated response from key stakeholders ranging from I.T. to PR and marketing
Leveraging the intelligence generated by technologies that include firewalls, intrusion detection systems and log management solutions to increase proactive capabilities to identify and respond to incidents
Structuring a Computer Emergency Response Team or function to manage requirements for the identification, escalation and remediation of security events
Assessing the capabilities that service level agreements with outsourced or cloud environments should specify regarding incident response
New models for consolidating and delivering security to the enterprise: taking advantage of innovations and opportunities to reduce cost and increase efficiency

Despite having to deal with a constantly evolving risk landscape, information security strategies should still be based around a common framework that delivers the core pillars of prevent, detect and respond. Deploying resources to areas where they will have the most valuable effect means focusing protective efforts on those assets that have a high level of confidentiality and competitive or intellectual value. This brings with it a fresh set of challenges: identifying and agreeing what those assets comprise, finding out where they are located and understanding the lifecycle of the assets from creation or receipt through to destruction.

Creating the foundations for effectively converging risk management, information security, business continuity, controls assurance, and legal or regulatory disciplines
Automating compliance monitoring, configuration changes, change management and compliance assurance to ensure downtime for business-critical services is minimised
Balancing the need to decrease the complexity of security mechanisms in the network with the need to ensure defence in depth and the ability to define and enforce security policies
Optimising security related I.T. processes to reduce inefficiencies in tasks such as patching, configuring and updating systems or applications