Event Format

With plenary sessions and a dedicated series of education seminars that form part of the main agenda, this event provides practical strategic, tactical and technical knowledge to information security stakeholders on how to manage threats and overcome challenges. Networking opportunities are provided over the course of the event during refreshment breaks and a buffet lunch.

Plenary Sessions Education Seminars Networking Breaks

2015 Key Themes

Privacy-by-design: how to build privacy into the business processes
  • Consideration the proposed regulations on the ‘Right to be forgotten’ and ‘Right to access one’s own data’ when designing processes
  • Analysing the possibilities of privacy-by-design to be used as an instrument for self-regulation
  • Communicating with international stakeholders in regards to privacy to maintain business models and practice
The nature of the CISO: advancing IT security to become high-level risk management and information asset protection 
  • Changing the perception of information security across the business, from being seen as a blocker to being seen viewed as a business enabler
  • Communicating cyber risk to the board and generating support across the enterprise through communication, awareness training and cooperation
  • Working with international enterprises, organisations and regulators  to mitigate attacks and minimise the threat from cyber espionage
Not if but when: preventing, detecting, responding to, and mitigating new threats in an evolving technology landscape
  • Mitigating new and increasingly advanced threats by investing appropriately in the People, Process and Technology triad as new technology continues to drive business growth
  • Creating security measures to effectively deal effectively with multiple attack vectors and mechanisms, whilst ensuring these processes don’t damage the organisation’s operational capabilities
  • Harnessing the power of data and threat intelligence to inform information security strategy
Evolving and enhancing information risk management frameworks
  • Delivering management information that can inform risk appetite and enable the business to improve risk-based decision making
  • Optimising financial opportunities for the business while ensuring that appropriate levels of risk are maintained and not exceeded
  • Creating a risk management framework that is responsive to the data and metrics available to the organisation
Improving incident response programmes: ensuring appropriate and sufficient responses to breaches whilst facilitating investigations
  • Developing a mature incident response plan and advanced Computer Emergency Response Team (CERT) to assist in minimising financial loss and reputational damage
  • Facilitating a forensic investigation through intelligence gathering and logging information to identify the breach
  • Responding to a data breach in a cost-efficient manner, including notification, reporting and recovery, to minimise business disruption and loss
Regulations: how to ensure compliance with existing and future legislations (EU Data Protection Directive)
  • Ensuring that the organisation is compliant with all relevant national and international legal and governance requirements, including those which apply to outsourced third parties
  • Delivering cost-effective security solutions to ensure compliance with regulations and best-practice standards, such as PCI DSS, ISO 27001, and SOX
  • Ensuring compliance does not just 'tick a box' for the auditors but also reduces risk and improves security capabilities and business efficiency