Event Format

With plenary sessions and a dedicated series of education seminars that form part of the main agenda, this event provides practical strategic, tactical and technical knowledge to information security stakeholders on how to manage threats and overcome challenges. Networking opportunities are provided over the course of the event during refreshment breaks and a buffet lunch.

Plenary Sessions Education Seminars Networking Breaks

2013 Key Themes

Preventing, detecting and responding to new threats in an evolving technology landscape
  • Mitigating new and increasingly advanced threats by investing appropriately in the People, Process and Technology triad as new technology continues to drive business growth
  • Creating security measures to effectively deal effectively with multiple attack vectors and mechanisms, whilst ensuring these processes don’t damage the organisation’s operational capabilities
  • Harnessing the power of data and threat intelligence to inform information security strategy

Evolving and enhancing information risk management frameworks
  • Delivering management information that can inform risk appetite and enable the business to improve risk-based decision making
  • Optimising financial opportunities for the business while ensuring that appropriate levels of risk are maintained and not exceeded
  • Creating a risk management framework that is responsive to the data and metrics available to the organisation
 
Ensuring an adequate and rapid response in the event of a breach and facilitating investigations
  • Developing a mature incident response plan and advanced Computer Emergency Response Team (CERT) to assist in minimising financial loss and reputational damage
  • Facilitating a forensic investigation through intelligence gathering and logging information to identify the breach
  • Responding to a data breach in a cost-efficient manner, including notification, reporting and recovery, to minimise business disruption and loss
 
Advancing IT security to become high-level risk management and information asset protection  
  • Changing the perception of information security across the business, from being seen as a blocker to being seen viewed as a business enabler
  • Communicating cyber risk to the board and generating support across the enterprise through communication, awareness training and cooperation
  • Working with international enterprises, organisations and regulators  to mitigate attacks and minimise the threat from cyber espionage

Establishing an efficient and effective compliance strategy
  • Ensuring that the organisation is compliant with all relevant national and international legal and governance requirements, including those which apply to outsourced third parties
  • Delivering cost-effective security solutions to ensure compliance with regulations and best-practice standards, such as PCI DSS, ISO 27001, and SOX
  • Ensuring compliance does not just 'tick a box' for the auditors but also reduces risk and improves security capabilities and business efficiency