Cyber Threat 360 Roundtable
Pulse Conferences would like to thank all guests and co-facilitators who attended the Cyber Threat 360 Roundtable in London 27 September 2018
Predict, prevent, detect, respond: 360-degree benchmarking on the challenges of the cyber threat landscape
Timings at a glance:
27 September 2018 – London
Roundtable discussion – Simpson’s in the Strand – 14:00-17:00
Networking Reception – The Yacht – 17.00- 19:30
Cyber Threat Security 360 Roundtable provided the ideal peer to peer benchmarking opportunity for CISOs, CIOs and other senior risk, responder and technology professionals to examine in-depth and with combined peer group brain power, a multi-faceted approach to managing the challenges of the current and emerging cyber threat landscape.
Complimentary to attend for CISOs and similar senior cybersecurity professionals working in-house for non-vendor, non-consultancy organisations, this is a unique opportunity to connect with peers and expand your trusted professional networks to strengthen capacity.
A multi-faceted ‘360’ benchmarking exercise for CISOs to exchange experiences on what works, what doesn’t, priorities and challenges around managing cybersecurity threats and breaches.
ROUNDTABLE 1: Prediction
Know your risks, understand your attack surface, uncover weak spots
Understanding the threat landscape. How to focus on those threats that are relevant to our organisation? Is it possible to be predictive in information security? Making best use of available resources. How to justify what security improvements to focus on? How do we quantify the cost of potential breaches to fund a sustainable cybersecurity programme?
ROUNDTABLE 2: Prevention
Minimise attack surface, maximise compartmentalisation and contain breaches
Combating the most common sources of compromise – insider threats and Internet exploits. What are the potential weaknesses in modern organisations that adversaries try to exploit? Are there ways of organising and deploying enterprise systems which reduce impact and reduce time to recover?
ROUNDTABLE 3: Detection
Recognise incidents and threats, isolate and contain them
Do you have visibility beyond the preventive layer? Or the human factor in case of mistakes and unexpected behaviour? How do targeted attacks usually happen? How do you build effective breach detection and response capabilities against advanced targeted attacks?
ROUNDTABLE 4: Response
React to breaches, mitigate the damage, analyse and learn
How do you prepare for the inevitable security incident? How do you select the necessary tools, methods and practices to enable seamless response capability across the organisation? How do you respond to incidents in a way that limits damage and reduce recovery time and costs? • What is the scope, source, magnitude and management response • What data and information should be collected • Who is on the crisis team • At what stage should customers be informed?
- Quentyn Taylor, Director of Information Security EMEA, Canon Europe
- Lee Barney, Director of Information Security, YOOX NET-A-PORTER GROUP
- Graham Edwards, DPO, Nationwide
- Chris Gibson, CISO, The Orwell Group
- Paul Pratley, Head of Investigations & Incident Response, MWR InfoSecurity
- Greg Jones, Principal Consultant & Founder, Digital Assurance, F-Secure
- Mats Palm, Director, Product Management, F-Secure
- Jani Kallio, Vice President Strategic Expansion, F-Secure
Timings – half day
14:00-14:20 Arrivals for afternoon tea and coffee
14:20-14:35 Introductions and objectives setting – co-chairs
14:35-14:50 Keynote / Case study
14:50-15:40 Roundtables 1-4 working each on a chosen 1st perspective
15:40-15:45 Short coffee break and participants rotate to chosen new table. Facilitators remain fixed to their allocated perspective
15:45-16:35 Roundtables 1-4 working each on a chosen 2nd perspective
16:35-16:55 Conclusions – each table shares back key findings to the whole group
16:55-17:00 Close of Roundtable
17:00-19:30 Networking reception – The Yacht
Two facilitators (a CISO practitioner and a senior strategist from F-Secure) will lead each table. Each of the 4 tables will focus on a given different ‘perspective’ of the cyber
threat landscape to consider. Attendees will be asked to select 2 out of the possible 4 Roundtables when they register. The CISO audience will rotate their choice of tables once. The two Co-facilitators and a note-taker will remain fixed to each table to lead and capture the key discussion points, observing The Chatham House Rule.
Shared output benefits
Notes will be taken throughout the roundtable discussions, observing the Chatham House Rule. Once all the feedback has been compiled and written up, the end-result will form the ‘Cyber threat 360 output report’, a report that will be distributed to all attendees in the weeks following the event with the combined thoughts and conclusions from the participating leading companies.