An Award Show celebrating the success of the CISO’s and the Cyber Security Industry. Attendance: By Invitation Only
Two Days Conference involving Key Note Addresses, CISO Panels & Presentations Attendance: 250+ Security and Risk executivesPlus Exhibiton Visitors
Middle East Security Awards (MESA) Conference - Dubai
11, April 2017
Coffee and Registration
Welcome Note – MESA Team
OPENING REMARKS – MESA CHAIRMAN
INTERNATIONAL GUEST KEY NOTE PRESENTATION: Smart Meters - A Secure Critical National Infrastructure (UK Experience)
The UK Government is committed to ensuring that every home and small business in the country is offered a smart meter by 2020, delivered as cost effectively as possible and this is a key priority for the Department for Business, Energy & Industrial Strategy. Smart meters will contribute to the UK having a secure and resilient energy system and by being a catalyst for system flexibility on the demand side. This can play an important role in improving energy security in the future and in integrating renewable energy sources into the system.
This presentation will provide a brief history of the UK Smart Meters programme, an overview of the logical architecture used to support the implementation of the UK Smart Meters network, an overview of the PKI implementation that supports the system security framework and details of the operational security framework.
David Higgins - Security & Programme Director – UK National Grid
CISO INSIGHTS PANEL: Cybersecurity Innovation & Future Traits
The digitalization phenomenon in the hyper connect world has made the businesses think seriously about the cyber threats as it impacts the business growth and digital economy. This session discussed the latest security tactics and strategies from the regional and global security executives.
MODERATOR: Ahmed Baig, Founder, CISO Council
David Higgins, Security & Programme Director – UK National Grid
Biju Hameed, Head – Information Security & Compliance – Dubai Airports
Sandro Bucchianeri, GCSO – Seasoned Global CISO
Tamer Gamali, Head Technology Risk – Kuwait Finance House
Abdullah AlOmari, Executive General Manager Security and Privacy – Mobily
Headline Keynote: Threat Hunting
In the world of cybersecurity, some adversaries are more effective than others. Adversaries vary in motivation, resources, and skill, which translates to different overarching techniques and themes. In this talk, Andrew will discuss several high-level techniques implemented by the most effective adversaries to compromise systems, gain unauthorized access to sensitive data, and cause significant damage and loss. Next, he will discuss tactics you can use to protect against each of these offensive techniques. Finally, I will discuss the work we do on the Endgame R&D team to address the most advanced threats
Andrew Morris – Security Research – ENDGAME
11:15 Networking Coffee Break
CISO DIALOGUE: Defending your business: Earlier Detection and Effective Response?
Organizations today are preparing themselves against the unknown and unseen attacks. The cyber threats have evolved from relatively simple to highly complex targeted and sophisticated attacks. Unfortunately, organizations have to defend themselves at all levels and have a robust incident response. However, the time taken to detect an attack and track the activity of adversaries on you network is a challenge. Join us in a conversation about what businesses can do to reduce time for detection and response to improve their ability to protect their critical assets.
MODERATOR: Ahmed Qurram Baig, Co-Founder – CISO CONNECT
Samir Pawaskar – Manager - Cyber Security Strategy and Policy - Q-CERT
Shabbir Nalwala – Head - Information Security and IT Governance – Dubai South
Abdulla Sayari – CISO - Health Authority Abu Dhabi
Adel Al Hosani – CISO – Dubai Customs
Strategic Sponsor Keynote: Maneuvering in the Winds of Change… CISOs – You have many fish to fry!
Digital world gives rise to a new set of security threats applicable to all industry segments. As organizations embrace digital transformation, CISOs need to make sure that businesses remain resilient to digital risks and continue to furnish services to their customers. The task is not at all easy to deliver. This talk highlights new horizons of CISO’s responsibilities and identifies means to contribute towards a secure digital world.
Kamran Ahsan - Senior Director - Digital Security Services – Etisalat
Security Automation: The Benefits of Security Automation and Orchestration for CISOs
Must Humans Be Replaced by Artificial Intelligence and Machine Learning? – The speaker will demonstrate why fully unattended and unconditional automation is a path and not a turnkey. Dario will also share the results of a 100+ CISO Survey on this topic, proposing a gradual and effective approach to security automation and orchestration based upon Supervised Active Intelligence. All the above with the goal of lowering the reaction time up to 80% and guaranteeing the Return on Investment.
Dario V. Forte - Founder & C.E.O – DFLABS
SECURITY : Intelligent Security Operations: Enabling real-time detection and investigation
SOC teams are facing a number of challenges today, including talent shortages, an ever-increasing amount of data and tools, and multi-stage attacks that evolve constantly. In this session, you will learn how today’s SOC can access more data to enable analysts and hunt teams to investigate and resolve threats.
Travis Grandpre - Director - Enterprise Security – HP Enterprise
13:30 Lunch & Prayer Break
Data Security Address: Data Breach Recovery Real World Hints & Tips
Join this engaging presentation as we share real-world examples of how organizations can effectively recover from a security incident. Learn how to quickly respond after detecting malicious indicators of compromise and minimize the potential damage to an organisation. This session will share practical activities that security professionals can implement regardless of their industry.
Paul Edon – Cybersecurity Expert – TRIPWIRE
Prepare for the next Cyber War: The formula for a successful incident response
Rasha Abu Al-Saud - SVP– Information Security Risk - A Leading Saudi Bank
PARTNER KEYNOTE: Information risk and the Board: discussion impossible?
Information security professionals are often called to present and communicate with the Board, yet the results are less than satisfactory to both parties. Building on discussions with senior level information security professionals and Board-level individuals, Adrian will describe the issues around working with the Board and then highlight how information security professionals can address these issues and communicate better.
Dr. Adrian Davis, Managing Director – EMEA, (ISC)2
INTERNATIONAL LEADERSHIP KEYNOTE: Think different: Women Cybersecurity Leaders an answer to increased demand in cybersecurity.
Gender diversity in tech is a hot topic for organisations, as many understand the benefits that women can bring, such as greater profitability, innovation and balance. However, when it comes to cyber security women offer another advantage. They think differently to men and this includes how they see risk. In this talk I’ll be explaining the unique differences between men and women in terms of risk and how a failure to attract and retain women in cyber security is making us all less safe. I’ll also be giving you tips for what can be done to address the issue and incorporate more diversity within cyber security.
Key Points Discussed:
Jane Frankland – CISO Advisor – Cybersecurity Capital
15:40 Coffee Break
Closing Keynote: Adversarial Thinking — The Single Most Effective Way to Improve Your Security
Cybersecurity is full of hits and misses. With an every changing threat landscape, it’s easy to end up trying numerous new defences, only to watch them fail.
After studying the wins (and the losses) for the last two decades, we’ll explain what Adversarial Thinking really means, and how it can fundamentally change your approach to security.
Sahir Hidayathullah – C.E.O– Smokescreen
Breakout Session: 90 Minutes (On Invite Only)
CISO Roundtable Session: Data Security & Compliance - The CISO Challenges !!
Closing Remarks from the Chairperson
Closing Remarks from MESA
MESCON Conference - Dubai
12, April 2017
Welcome Note – MESCON Team
OPENING REMARKS – MESCON CHAIRMAN
INTERNATIONAL GUEST KEY NOTE PRESENTATION:
Smart Meters - A Secure Critical National Infrastructure (UK Experience)
As a Critical National Infrastructure the UK Smart Meters networks is subject to a number of threats. This session will at the end to end security management of those threats starting with design, through to implementation and operation and detail some of the techniques used to mitigate against risk.
GUEST KEYNOTE PRESENTATION:
APT attack methods and counter measures
When reading the news it seems like APT attackers would have almost magic superpowers. While in reality the methods most commonly used by attackers do not differ than much from malware or regular hacking.
It is true that organizations like CIA and NSA have also very advanced methods and tools, but even they are reluctant to use them unless they absolutely must. Which means that there is lot to be gained by being more trouble than it is worth for the attacker, and either forcing attacker risk exotic tools and methods being exposed to the public, or look for easier target.
In this presentation Jarno will cover most commonly used attack vectors and lateral movement methods and how to protect your organization against them.
Jarno Niemela – Senior Security Researcher – F-Secure Corporation
INTERNATIONAL KEYNOTE: Automating Security Operations and IR - Use Cases
The session will present the Top 5 Use Cases in Security Automation and Orchestration for SOC and IR, Based upon the Supervised Active Intelligence Paradigm. Security Automation and Orchestration can be effective both at Machine to Machine and Machine to Human level. Thus, the speaker will cover the following cases: Rule Based Vs Machine Learning based approach; the role of playbooks and incident correlation; API vs Agent-Based Approach; Reporting, KPIs.
Dario V. Forte, Founder & CEO- DFLABS
HEADLINE KEYNOTE: Threat Hunting
In the world of cybersecurity, some adversaries are more effective than others. Adversaries vary in motivation, resources, and skill, which translates to different overarching techniques and themes. In this talk, Andrew will discuss several high-level techniques implemented by the most effective adversaries to compromise systems, gain unauthorized access to sensitive data, and cause significant damage and loss. Next, he will discuss tactics you can use to protect against each of these offensive techniques. Finally, I will discuss the work we do on the Endgame R&D team to address the most advanced threats.
EMPOWERMENT PANEL: How can we attract more women in Cybersecurity
Cybersecurity brings immense opportunities for education/employment to women. While cybersecurity jobs are at all-time highs, the gender gap remains wide. Building awareness and interest in cyber careers among women takes a coordinated effort. This session will bring together professionals and advocates for women in cybersecurity to share experiences. Additionally, ways organizations can increase opportunities for women in cybersecurity will be discussed.
Moderator: Ahmed Qurram Baig, Co-Founder – CISO CONNECT
Fatma Bazargan– CISO– Injazat Data Systems
Shafeeqa Shakri - Senior Business Analyst - Information Security & Compliance
CISO SPEAKS: Bending the tree - For Future security leaders
This session is delivered by a globally experienced CISO advising the Rising stars and aspiring CISOs on shaping their career and working towards building the necessary competencies and skill sets for current and future roles.
Sandro Bucchianeri, Group CISO, NBAD
ASSOCIATE PARTNER KEYNOTE: Emerging Cyber Threats & Attack Trends:
The threats that will keep your security team awake this year – and what can you do to help. The session highlights the attack trends expected to be on rise in 2017 and emphasizes on the lessons to be learnt from the recent past attacks on various organizations ...
Ahmed Qurram Baig, Co-Founder – CISO CONNECT
13:20 Lunch & Prayer Break
INTERNATIONAL KEYNOTE: Robotics, AI & Machine learning will it still keep cyber security a concern ?
With the advent of Artificially Intelligent appliances in corporate network the first issue of Human error and Human as weak link would be eliminated, and once every network in the world has a self-learning appliance with built-in NIST framework and learning ability, anticipating an attack vector or a unknown cyber threat would no longer remain a human being concern.
Prashant Mali, Internationally renowned - Cyber Law & Cyber Security Expert
STRATEGIC SPONSOR KEYNOTE: Service Providers: Natural Ally in Securing the Digital Enterprise
Digital enterprise security needs swell far beyond their perimeters, networks to global clouds that are fundamental to power their growing business needs. Owning the network including visibility of network traffic, the availability of skilled security resources position service providers as a natural ally in fortifying the digital enterprise. Service providers who embrace ICT & new Digital lines of business can play a quintessential role in helping you secure your Digital needs. This session will highlight the role of an ICT / Digital Service provider as a natural partner in securing your enterprise.
Sudhir Menon – Director – Digital Security Solutions – Etisalat
SECURITY ANALYTICS SESSION: Using analytics and orchestration for faster detection and response?
Rajesh Gopinath, Presales Head - Paladion
EXPERT SESSION: Advanced Persistent Threats
The business cost of cyber defence will run into $B’s again this year. So why are we constantly hearing about another major breach in which thousands or possibly millions of business customers are adversely impacted? Join Tripwire’s Paul Edon as he discusses the Advanced Persistent Threat (APT) and how we can fight back
· Who, what and why: Who are the adversaries, what is an APT and why me?
· What doesn’t work: Locking the doors and windows doesn’t work if the intruders are already inside or if you open the door and ask them in.
· A strategy for success: Defence in depth still works, it just turns out the water is deeper than we first thought.
Paul Edon, Cybersecurity Expert, Tripwire
15:30 Coffee Break
CLOSING KEYNOTE: “ Adaptive Security.. the shift from WANT to NEED! "
Incorporating Adaptive Security into your security programme is no longer a recommended approach but an essential one.... To be seen as the ENABLER and not the INHIBITOR!
A look into this along with the 3 "I"s (Information - Identity - Innovation) to see how it gives leadership better visibility and assurance on the state of cybersecurity within the organization.
Security Think Tank Discussion – Open Table
Closing Remarks from Chair Person
Closing Remarks from MESCON