Security Digital Summit:Improved security for business resilience
Security Digital Summit
Security leaders are having to be more proactive in meeting the growing complexity of the Cyber threat which means more compliance, risk management and protection. Yet as the pandemic is waning, organisations and functions are trying to open up and be more responsive to client needs in an increasingly democratised age, Security leaders will have to strike a careful balance.
Why Attend
New connections
Build new connections with likeminded senior leaders
Business trends
Stay current with emerging business trends
Key takeaways
Downloadable and actionable takeaways
New partnerships
Accelerate key projects through meaningful new partnerships
Insights
De-risk new projects by gaining a broad range of insights
New technologies
Understand the impact new technology can make
Trusted by
We host global organizations with the conversations that matter. That’s why we’re trusted by these top brands.
Event Agenda
09:00 - 09:15
09:00 - 09:15
Opening Remarks
Intro & Diamond Commentary
09:15 - 09:45
Keynote
The Importance of Partnerships within Enterprise
With the threat landscape worsening by the minute, cyber security breaches are inevitable. When a cyber-attack occurs, it's vital to have a holistic response as an organization. Join Allison Pineau-Good, Chief Diversity Officer & Chief Compliance Officer at GE, as she discusses the key partnerships she has created between the compliance and cybersecurity teams- particularly when looking at data as an asset. This keynote will explore the benefits of these partnerships, how they come into play when cyber-attacks happen, and how they can discover and close key gaps post- breach.
09:45 - 10:25
09:45 - 10:25
Panel Discussion
Turbulent times call for a robust governance, risk, & compliance framework
Accelerated digital transformation, complex post-pandemic operations, capital market volatility and geopolitical challenges mean companies are facing increased risk at an unprecedented rate. Breaches caused by ransomware in particular have increased not only in number (by 41% in 2022 alone), but in cost.
While governance, risk, and compliance were once seen as the organization's police - reacting to violations, misconduct, or other wrongdoing- that is no longer the case. Without a robust GRC framework that includes ESG, resiliency and strong cyber and compliance programs, there is a serious risk to a company’s reputation and its ability to attract and retain the best talent and customers. A well-planned GRC strategy comes with lots of benefits, and it has become even more important with the influx of uncertainties and challenges organisations face today.
Questions to answer in this panel include:
•What can companies do to strengthen resilience and become future-ready, while also keeping in mind GRC policies?
•How has Environmental/Social/Governance (ESG) affected your GRC strategy?
•What ideas do you have to move from the traditional and reactive approach to risk management, to one that is initiative-taking, tech- driven, and resilient?
•What are the fundamentals of creating a GRC strategy and supports an integrated approach to risk management?
10:25 - 10:35
Insight Break
10:35 - 11:25
Roundtables
Track 1: Remaining agile in changing data compliance landscape
Sponsor:
According to Gartner, By the end of 2023, modern data privacy laws will cover the personal information of 75% of the world's population.
The world of data is both changed and changing, driven by accelerated digital transformation. By 2025, 463 exabytes of data will be generated each day [Raconteur]. Despite obvious opportunities this level of data can bring, the growing emphasis on data privacy laws is driving the conversations businesses and governments are having about achieving a ""privacy-first approach"" to information security.
The scope of these laws means that businesses will manage multiple data protection laws in various jurisdictions and customers will want to know what kind of data you collect from them and how it is used; consequently, putting brand perception and trust at risk every time a confidentiality is broken.
The changing compliance landscape being led by privacy, not only puts company reputation at risks but can also create huge workloads and cost for companies, contributing to an estimated global annual cost of cybercrime of €5.5 trillion by 2021 as highlighted by the Cyber Resilience Act proposal by the European Commission.
To remain agile, businesses will need to focus on automation of your data privacy management systems by adopting privacy-enhancing technologies and promoting the awareness of cyber hygiene, privacy and data protection.
•How can we empower our businesses to remain agile in this changing compliance landscape?
•How can we reduce the complexity and risk attached to our data?
•How can we truly focus on delivering next generation data privacy management system?
Track 2: Cloud as Security investment
The shift to the cloud continues to accelerate at an unprecedented pace, and many organisations across the EU continue to prioritise the use and adoption of cloud-based offerings when looking to procure new technologies. According to Gartner, more than half of enterprise IT spending in key market segments will shift to cloud by 2025.
While this is leading to increased efficiency and productivity, the rapid adoption of cloud has also led to an increase in cloud-related security incidents. The 2022 IBM Cost of a Data Breach Report found that 45% of breaches occurred in cloud environments, with an average cost in the millions. This is bringing new security concerns, fuelled in many cases by the lack of clarity in the responsibilities of implementing and maintaining security, when it comes to cloud deployments.
While organizations today are leveraging public cloud resources as part of their digital transformation journey, this intensified need for cloud security has put an emphasis for a strategic shift to hybrid cloud environments that span private data centres and public clouds.
As security leaders embrace cloud and move towards optimising their approach, new challenges arise when balancing productivity levels, cost and security. Maximizing business value in the cloud cannot be achieved without ensuring that applications continuously perform, and that they do so at the lowest cost.
•How can IT leaders leverage automation to simultaneously assure application performance and minimize cost?
•How can be strike balance between innovation and security while leveraging interconnected cloud technologies
•How can be reduce complexities in deploying the best cloud security practices in multi cloud environment?
•How can IT leaders successfully overcome the lack of clarity in the responsibilities of implementing and maintaining security, when it comes to cloud deployments?
Track 3: Closing the Human Gap in the fight against cyber-attacks
Sponsor:
According to Verizon’s 2022 Data Breaches Investigations Report, 82% of data breaches involved a human element. This includes incidents in which employees expose information directly or by making a mistake that enables cyber criminals to access the organization’s systems.
Digitization, cloud adoption, artificial intelligence (AI) and Machine Learning (ML)... where to start? Naturally, organizations are utilizing AI and automation in their fight against cyber-attacks to minimize human involvement.
However, while automation and AI can increase operational effectiveness and offload repetitive actions, retaining the human factor has advantages that cannot be overlooked. Unlike AI solutions, people are capable of abstract thought, which is crucial when it comes to tackling cyber-attacks.
We must recognize that people are both the best response in cyber-attacks, and the weakest link in cyber security chains. This calls for a blended cybersecurity strategy that integrates human skills with automation and focuses on closing the human gap through successful cyber security culture.
During this round table we will explore:
•Who is responsible for driving a cybersecurity culture?
•What are the biggest challenges when it comes to strategy & cultural mindset?
•How can we leverage diversity to enhance sybersecurity?
•Helping people understand the “why” behind security is a vital building block of creating a security mindset. How can this be successfully carried out across large organizations?
•What are the latest best practices in the human aspects of security?
•Does your workplace culture encourage employees to come forward when they see or do something unusual?
•How IT leaders can successfully leverage their most precious resource-humans-to take the lead on their cybersecurity strategy?
•How can IT leaders can limit human error by giving the users a process that not only works with them but, most importantly, for them?
11:25 - 11:30
Short Break
11:30 - 12:10
11:30 - 12:10
Masterclass Breakouts
Knowing how an attacker thinks puts you one step ahead!
Are you anxious about your SaaS Security? Learn how to get on top of the different risks, and develop a holistic approach to fighting cyber-criminals. The massive shift towards use of SaaS applications enabled a digital transformation and rapid growth, but has definitely left a gap in security that has not been met. This session spotlights on how you can use SaaS safely, can you?
12:11 - 12:41
12:11 - 12:41
Headline Keynote
Application security at the speed of business. From zero day fixes to DevSecOps
09:00 - 09:15
Opening Remarks
09:15 - 09:45
Keynote
Unlocking Resilience through Agility: Moving Beyond Probability and Impact
During this keynote, attendees will learn about the importance of agility in building cybersecurity resilience. The speaker will emphasize the need to move beyond the traditional approach of managing cybersecurity risk based solely on probability and impact. Instead, we will explore the concept of agility and how it can help organizations to build resilient cybersecurity strategies.
09:47 - 10:27
09:47 - 10:27
Panel Discussion
The cybersecurity talent shortage: The outlook for 2023
According to (ISC)2’s annual Cybersecurity Workforce Study, found a worldwide gap of 3.4 million cybersecurity workers. 70% of those surveyed also said they think their organization’s security team is understaffed and decreasing its effectiveness.
As cyberattacks grow increasingly sophisticated and threat landscapes expand, it has become even more important for organizations get creative in their approach to attract and retain talent. In this panel session we will explore best practices that will attract and retain the right candidate.
•Why are many CISO’s and their IT leaders struggling to meet basic staffing goals despite their best efforts?
•How can we leverage automation when it comes to current employees’ burnout and repetitive tasks?
•How can organisations successfully support new talent entrance without advanced degrees and develop non-traditional cyber degree paths?
•How can organisations improve diversity and inclusion to address the skills gap?
10:27 - 10:37
Insight Break
Cloud Native Security: Shifting From Adversarial To Collaborative Security Practices
As we move into a cloud native, devops-driven world where agility is key, some of the best security teams are finding it’s time to shed our reputation of being “The Department of No” to break down barriers and embrace change. In this talk, Neil presents some practical approaches for reducing friction and increasing collaboration in DevSecOps while still keeping in mind our commitment to governance, risk, and compliance.
10:40 - 11:30
Roundtables
Track 1: Remaining agile in changing data compliance landscape
Sponsor:
According to Gartner, By the end of 2023, modern data privacy laws will cover the personal information of 75% of the world's population.
The world of data is both changed and changing, driven by accelerated digital transformation. By 2025, 463 exabytes of data will be generated each day [Raconteur]. Despite obvious opportunities this level of data can bring, the growing emphasis on data privacy laws is driving the conversations businesses and governments are having about achieving a ""privacy-first approach"" to information security.
The scope of these laws means that businesses will manage multiple data protection laws in various jurisdictions and customers will want to know what kind of data you collect from them and how it is used; consequently, putting brand perception and trust at risk every time a confidentiality is broken.
The changing compliance landscape being led by privacy, not only puts company reputation at risks but can also create huge workloads and cost for companies, contributing to an estimated global annual cost of cybercrime of €5.5 trillion by 2021 as highlighted by the Cyber Resilience Act proposal by the European Commission.
To remain agile, businesses will need to focus on automation of your data privacy management systems by adopting privacy-enhancing technologies and promoting the awareness of cyber hygiene, privacy and data protection.
•How can we empower our businesses to remain agile in this changing compliance landscape?
•How can we reduce the complexity and risk attached to our data?
•How can we truly focus on delivering next generation data privacy management system?
Track 2: Cloud as Security investment
The shift to the cloud continues to accelerate at an unprecedented pace, and many organisations across the EU continue to prioritise the use and adoption of cloud-based offerings when looking to procure new technologies. According to Gartner, more than half of enterprise IT spending in key market segments will shift to cloud by 2025.
While this is leading to increased efficiency and productivity, the rapid adoption of cloud has also led to an increase in cloud-related security incidents. The 2022 IBM Cost of a Data Breach Report found that 45% of breaches occurred in cloud environments, with an average cost in the millions. This is bringing new security concerns, fuelled in many cases by the lack of clarity in the responsibilities of implementing and maintaining security, when it comes to cloud deployments.
While organizations today are leveraging public cloud resources as part of their digital transformation journey, this intensified need for cloud security has put an emphasis for a strategic shift to hybrid cloud environments that span private data centres and public clouds.
As security leaders embrace cloud and move towards optimising their approach, new challenges arise when balancing productivity levels, cost and security. Maximizing business value in the cloud cannot be achieved without ensuring that applications continuously perform, and that they do so at the lowest cost.
•How can IT leaders leverage automation to simultaneously assure application performance and minimize cost?
•How can be strike balance between innovation and security while leveraging interconnected cloud technologies
•How can be reduce complexities in deploying the best cloud security practices in multi cloud environment?
•How can IT leaders successfully overcome the lack of clarity in the responsibilities of implementing and maintaining security, when it comes to cloud deployments?
Track 3: Closing the Human Gap in the fight against cyber-attacks
Sponsor:
According to Verizon’s 2022 Data Breaches Investigations Report, 82% of data breaches involved a human element. This includes incidents in which employees expose information directly or by making a mistake that enables cyber criminals to access the organization’s systems.
Digitization, cloud adoption, artificial intelligence (AI) and Machine Learning (ML)... where to start? Naturally, organizations are utilizing AI and automation in their fight against cyber-attacks to minimize human involvement.
However, while automation and AI can increase operational effectiveness and offload repetitive actions, retaining the human factor has advantages that cannot be overlooked. Unlike AI solutions, people are capable of abstract thought, which is crucial when it comes to tackling cyber-attacks.
We must recognize that people are both the best response in cyber-attacks, and the weakest link in cyber security chains. This calls for a blended cybersecurity strategy that integrates human skills with automation and focuses on closing the human gap through successful cyber security culture.
During this round table we will explore:
•Who is responsible for driving a cybersecurity culture?
•What are the biggest challenges when it comes to strategy & cultural mindset?
•How can we leverage diversity to enhance sybersecurity?
•Helping people understand the “why” behind security is a vital building block of creating a security mindset. How can this be successfully carried out across large organizations?
•What are the latest best practices in the human aspects of security?
•Does your workplace culture encourage employees to come forward when they see or do something unusual?
•How IT leaders can successfully leverage their most precious resource-humans-to take the lead on their cybersecurity strategy?
•How can IT leaders can limit human error by giving the users a process that not only works with them but, most importantly, for them?
11:31 - 12:01
Innovation Exchange Keynote
What asking ChatGPT recently confirmed about our (in)ability to communicate effectively about cybersecurity risks, as a business issue
Helping senior business leaders to make better-informed business decisions in the face of inherent uncertainties — i.e., risks — is the pinnacle of what security professionals do, in our dual roles as subject-matter experts and trusted advisors.
And yet, most of us currently struggle to do this effectively. The approaches we commonly use to communicate with senior leadership teams about risk are mostly useless for this purpose, and in some cases they’re worse than useless.
Recently, I asked ChatGPT a couple of questions in this area. In this session, I’ll share what it said — and why it only confirms our present reality.
12:03 - 12:33
12:03 - 12:33
Closing Prime Keynote
Use Strategic Security Testing to transform your security posture.
Most security testing today is purely tactical- we find vulnerabilities and sometimes fix them. We use this process to satisfy compliance requirements and report point-in-time status to regulators, but we rarely learn anything about our overall security posture and use that information to change our strategy and priorities. Strategic, transformational security testing is the solution.
Strategic security testing uses aggregated data from individual penetration tests to reveal the root cause of persistent weaknesses in security posture due to broken processes and overwhelmed staff. Security and IT management can use that data to invest in training and solutions that are specifically targeted at organizational deficiencies. Moreover, a strategic security testing program will track improvements in overall security posture over time so those improvements can be communicated to senior leadership and the board.
09:00 - 09:15
Opening Remarks
09:15 - 09:45
Keynote
Evolution of the role of the CISO and the talent shortage
09:46 - 10:26
09:46 - 10:26
Panel Discussion
Mitigating Third Party Risk through Innovation
Forrester Research believes that 60% of security incidents this year will result from issues with third parties, with many of these risks being identified after initial onboarding. As with any cyber security incident, they are not only costly and disruptive, but can cause significant damage to businesses reputation.
This continues to highlight the need for organisations to take action to ensure the security and integrity of their partner ecosystem. And, as these ecosystems become more diverse and dynamic, organisations must continue to innovate way of monitoring and collaborating with these critical business partners. Join leaders from a variety of organizations and industries as they discuss their journey and the challenges, they face working with 3rd party providers.
•How can IT leaders streamline upfront due diligence to focus on critical risks?
•How can organisations create relationship controls to compel compliance?
•The importance of developing a robust framework that includes a responsive and resilient risk management operations capability.
•How third-party risk management programs need to have a well -defined and thought- through strategy, supported by a clearly articulated risk appetite.
•Establishing business-driven methods for ongoing risk management
•How can organisations leverage Structured data, analytics, and automation to revolutionaries their risk management approaches?
•How can organisations use a data-centred approach to reduce their dependency on static, inefficient questionnaires?
10:27 - 10:37
Insight Break
10:37 - 11:32
Roundtable Leaders Panel
11:40 - 12:10
Innovation Exchange Keynote
Why AI is the Secret Weapon in Cloud Security: The Power of Machine Learning
As technology continues to evolve, so does the need for advanced security measures. With the increasing adoption of cloud computing, businesses are facing new security challenges that require innovative solutions. Artificial Intelligence (AI) is one such solution that has gained significant attention in recent years. We will explore the role of AI in cloud security and how it can help businesses protect their data and systems from cyber threats.”
12:11 - 12:41
Closing Keynote
Start left in software security with secure design
12:41 - 12:51
Insight Break -Closing Comments
Speakers Include
Ivan Sanchez Lopez
Jeremiah Roe
Michael Beaupre
Matthew Lemon
Eugenie Molyneux
Federico Iaschi
John Graham-Cumming
Mirco Rohr
Derek Brink
Nihal Newman
Paul McNamara
Michael Konopka
Chris Trynoga
Ziv Dines
James Blake
Allison Pineau-Good
Jason Ozin
Marc Samson
Sheril Nagoor Meera
Khadir Fayaz
Nick Hogg
Katie Diacon
Neil Carpenter
Ranadeep Sarkar
An immersive
event experience
interactive features including:
Audience Interaction
Engage with a virtual live audience just as you would at a physical event and create meaningful conversations.
Interactive Live Polling
Keep engaged through interactive live polling and gamification tools.
Direct connections
Ask your questions face-to-face with the speakers via our leading stage technology.
Relationship building
Build stronger connections with leading executives that you will take with you through your career
Thought Leadership
Content and insight from industry experts when it matters most
Intelligent interaction
Interactive quizzes gamify your experience
Related events
Have a question…
There is no cost associated with attending a GDS Summit. In return, we ask that all senior executives in participation attend for the full duration to ensure that all attendees get maximum value and insight from the interactive roundtables, live Q&As and breakout networking sessions.
Our digital summit portfolio is designed to bring together senior decision makers from large global businesses and innovative disruptor brands to drive industry forward through addressing business critical challenges collaboratively.
If you’re keen to build new connections with likeminded leaders, de-risk your projects through new insight and establish new partnerships that can accelerate your projects then apply to attend today.
Complete our form below if you’re interested in attending the summit and you meet our application criteria. A member of the GDS team will then reach out to run you through the programme and event format and discuss your participation.
On stage: co-host a panel discussion with a group of likeminded senior executives or host a solo keynote presentation. Both slots include elements of interactive audience Q&A
Off stage: become a roundtable moderator, leading the discussion with the same cohort of executives for the duration of the summit around a specific topic you’ve agreed to focus on during the roundtable session.
We can tailor a partnership package to help meet your business objectives. This might include brand awareness, driving traffic to your site or quality editorial content via exclusive interviews and Q&As with our executive audience. Enquire today for more information.