VIRTUAL Agenda day 1
Tuesday, 25 August 2020



Plenary Session

09:30
Opening remarks from the chairperson

Michael Avery , Michael Avery, Anchor, Classic Business FM

09:40
Keynote The impact of Covid 19 on cybersecurity

Charl van der Walt , Charl van der Walt, head of security research, Orange Cyberdefense

  • How has the threat landscape changed since the crisis started? What type of threats are on the increase?
  • How have organisations responded? What new response measures have been implemented? What lessons have been learned?
  • To what extent are organisations’ remote working infrastructures and endpoints protected? What risks do companies need to be aware of?
  • How have companies educated their remote workers/implemented awareness campaigns?
  • What lessons about cybersecurity can be learned from the virus itself?

10:20
Keynote Security as a business enabler: Making the business case for security

Jo Stewart-Rattray , Jo Stewart-Rattray, director of Information Security & IT Assurance, BRM Advisory (Australia)

The hardest thing a chief information security officer ever has to do is to convince the business that security is there to be both an enabler and to protect the organisation, its employees and products using the right tools, education and collaboration. Collaboration and co-operation are essential, as is forming a strong relationship with colleagues from across the business, the board and the risk and assurance committee to ensure security is seen as an enabler to the market context in which the business operates. This often includes educating those at the highest level within the organisation using diplomacy and understanding. In this presentation, you will be introduced to the business model for information security, as well as hearing about practical, pragmatic approaches to positioning security as an enabler in a range of industry settings, from healthcare to heavy manufacturing and high-end tourism.

11:00
Break and exhibition visit

11:30
Keynote The need for unified security

Tormod Ree , Tormod Ree, Chief Executive Officer, Ava Security

In this presentation Tormod will take an in-depth look at the current security issues we are facing in business. With attacks becoming more sophisticated and often hybrid, how do we adjust and move forward?

12:10
Keynote Stopping ‘living off the land’ attackers in their tracks

Roland Daccache , Roland Daccache, team leader – sales engineering META, Crowdstrike

According to the latest CrowdStrike threat report, more than 50% of modern attacks are file-less and leverage existing tools and legitimate software on the endpoint to easily fly under the radar of the traditional security stack, such as the anti-virus, the firewall or the sandbox. With threat actors getting increasingly potent and sophisticated, Daccache will cover the kill chain of the modern cyber attack, and how to stop it in its tracks at each stage of the life cycle. Join the session to learn more about modernising your defence arsenal and properly leveraging endpoint detection and response technology so you stack the deck in your favour against your cyber adversaries.

12:50
Keynote Lessons from failure: How cyber security professionals can learn from analytic mistakes in other fields

George Beebe , George Beebe, vice president and director of studies, Center for National Interest (USA)

One of the most difficult challenges that cyber security professionals face is to anticipate and counter attacks by adversaries. The implications of failure are often enormous. But the odds against success are stacked by the inherent uncertainties in any complex system, the unpredictability of human behaviour, and the cognitive biases to which all analysts are prone, regardless of their area of expertise. Nonetheless, there is good news: Cyber specialists can learn lessons from past failures that increase their odds of success. In this eye-opening interactive talk, former CIA senior executive George Beebe shows how to apply those lessons in practical ways:

  • The process of becoming an expert in a field also makes experts less able to anticipate disruptions to the normal course of events.
  • To reduce their risks of surprise, cyber security professionals should learn lessons from mistakes made by experts in other fields.
  • These lessons include:
  •  Seeking alternative explanations for emerging developments;
  • Looking to disconfirm rather than to support plausible analytic hypotheses; and

Attempting to see things through the eyes of potential adversaries.

13:30
Break and exhibition visit

Track One: Strategy and user awareness

This track takes a strategic look at how to raise awareness of cyber security throughout your business and encourage a culture shift whereby all employees take responsibility for security. Incident response at a strategic level and the changing role of security professionals will also be discussed.

14:00
Welcome by Track Chair

Craig Rosewarne , Craig Rosewarne, managing director, Wolfpack Information Risk

14:05
Case Study A board conversation on cyber security risk management

Itumeleng Makgati , Itumeleng Makgati, CISO, SASOL

For years, cyber security was an issue that boards of directors took for granted; we are in a different position today, as it has become a business problem of the highest level, featuring frequently on the board’s agenda. Communications between the board and CISO have taken on added importance. Cyber security is no longer a matter of spending on defence for IT. It has become clear that the stakes are even higher than that: cyber security is the bedrock of tomorrow’s digital business. Whether you are “low, medium or high” on compliance scores does not tell you and the board enough about the risk to the business. In this presentation, Itumeleng Makgati will discuss how the CISO can help the board and management team “get on the same side of the table” when it comes to cyber security.

14:40
Panel Discussion How do you create a culture shift towards embracing security in your organisation?

Moderator:
Prof Elmarie Biermann , Prof Elmarie Biermann, director, Cyber Security Institute
Panelist:
Robin Barnwell, head: security strategy, Standard Bank
Blaise Ntwali, information security analyst, Capitec Bank
Patrick Ryan, managing director, Mobius Consulting
Mdu Zakwe, CEO, MICT SETA

15:15
Break and exhibition visit

15:30
Carpe diem – Seizing the security advantage! How to benefit from the ongoing transformation of security’s role in the workplace

Steve Jump , Steve Jump, founder & director, Custodiet Advisory Services

f you overhear someone talking about how they plan to address digitisation in their business, or they show you their plan for when 4IR happens, don’t laugh until you have thought about your own plans. The reality today is that if your business is not online, it is in trouble. If your customers cannot buy from you 24x7, they are already buying from your competitors.

The old way of thinking was to build your IT to support your business needs. The same applied to Web sites and databases to collect and mine your customers’ data. In this old world, security was often (always?) an afterthought, and probably included adding a password. But in today’s business environment, if you do plan on staying in business long enough to see what tomorrow actually looks like, you will have considered how the role of information security has made your business more agile, helped you prevent cyber-related outages and kept fraudsters away from both your own data, and from your customers’ data.

You haven’t? Then you really need to hear this. Security is not an add-on, it is a foundation for safe business, ensuring your new ideas can be published and accessed instantly, without concern; ensuring your customers can not only see that you are trustworthy, but you can prove it; making sure that your data stays your data, that your products stay yours until sold, and that your customer data remains just that – the data of your customers. And here is the part that your competitors do not want you to hear – the way you invest in security influences every other aspect of any technology you use, and it makes it better and cheaper to run.

16:05
Cybersecurity incident response – development, adoption, simulation

Angela Henry , Angela Henry, business information security officer, RMB
Raymond du Plessis, senior managing consultant, Mobius Consulting

In this talk Angela Henry and Raymond du Plessis will present on developing an effective incident management process. Worldwide cyberattacks are exponentially on the rise and many organisations are not ready to respond to an attack. Angela and Raymond will present on the steps you can follow to improve your organisations readiness to respond to a major cybersecurity incident. The talk will focus on the fact that a cybersecurity incident is not only an Information Security issue, it is an organisational-wide issue that requires the involvement of various business functions across the organisation to effectively deal with a cybersecurity incident. The talk will also include tips on developing and adopting a practical process that is applicable to your organisation, and lessons learnt from running simulation exercises.

16:40
Closing remarks from the chair and close of conference Day One

Track Two: GRC, Privacy and Regulation

This track will provide an update on data privacy and the legislation designed to enforce it, both local and global. It also examines how to integrate cyber risk into your information risk strategy. 

14:00
Welcome from the Track chair

Carolynn Chalmers , Carolynn Chalmers, director, Candor Governance; non-executive director, IITPSA

14:05
Update on data privacy legislation in SA: When will PoPIA come into effect?

Sizwe Snail , Sizwe Snail, member, Information Regulator South Africa; attorney, Snail Attorneys @ Law

  • What is the latest status of POPIA? When is it expected to become fully operational?
  • What are the challenges of implementing POPIA and how are they being overcome?
  • How will POPIA be enforced once it comes into effect?
  • What can organisations do now to start aligning their business and governance processes with the Act?

14:40
Comparing the pros and cons of data protection and privacy legislation and the need for a global response

Susi du Preez , Susi du Preez, InfoSec engineer, Impact IT & Risk Services

Privacy law refers to the laws that deal with the regulation, storing, and using of personally identifiable information of individuals, which can be collected by governments, public or private organisations, or other individuals. This presentation will explore why a global effort is important to make our privacy and data safe and why a silo approach is not the answer internationally. Susi will explain what the major countries have in place regarding privacy acts (e.g. GDPR, POPIA) and how they compare. She will also discuss the African continent and how we as a global community can make our privacy and data safe again.

  • Why a privacy act?
  • Why a global effort?
  • How do privacy acts compare with each other internationally?
  • Where are African countries with privacy acts?
  • Revealing a comparison study between privacy acts, which highlights the strictest act yet (released in January 2020)

15:15
Break and exhibition visit

15:30
Reimagining your threat landscape in order to provide a business relevant view on your information risks

Emmerentia du Plooy , Emmerentia du Plooy, head of Information Risk Governance, Standard Bank

So often our threat landscapes are informed by the best threat intelligence we can put our hands on, or how wide our research took us. They tend to focus on threat events and threat actors and becomes a discussion topic when we want to scare our audience. Let's face it, ransomware sounds scary no matter how you look at it. But what if we are so busy analysing our threat landscape that we miss what is right in front of us? The aim of this presentation is to offer you an alternative perspective. One that starts by acknowledging what information we have in our organization because without it we cannot determine how to protect it:

  • Reimagining a list of threats facing our organisations and putting our information at risk
  • How these threats can influence or shift your risk management approach and ultimately improve your resilience

16:05
Data privacy and ethics

Yvette du Toit , Yvette du Toit, associate director, PwC

16:40
Closing remarks from the chair and close of Day One

Track three: Breakout sessions I

14:00
Welcome from the Track chair

Adam Oxford , Adam Oxford, Journalist and Media Consultant

14:05
Adapting effective cyber security strategies in today’s age of radical digital transformation

Yassin Watlal , Yassin Watlal, system engineering manager, CrowdStrike

As organisations pivot to the cloud, and remote work moves from a novelty to the new reality, digital transformation is occurring more rapidly than ever. This presentation will focus on how to remain nimble and secure in this era of continuous change. In this session, we will address these crucial topics:

  • What is digital transformation and what is its effect on cyber security in organisations?
  • Why is it critical for organisations of all sizes to have a cyber security strategy that adapts rapidly?
  • What strategy, products and services can help reduce the risk of a breach as companies pivot to the cloud and embrace remote work?
  • What trends and challenges are on the horizon that will drive the next wave of change?

14:40
Make your SOC work smarter, not harder

Dimitris Vergos , Dimitris Vergos, sales engineering director for emerging markets, Splunk

The volume and complexities of today’s security incidents can tax even the largest security teams. This leaves big gaps in incident detection and response workflows that can put organisations at great risk. Your team can’t scale to manually catch and address every incident, so which ones should you focus on and which ones should you ignore? You shouldn’t be forced to make a choice. In this session, find out how to deliver security analytics, machine learning and automation capabilities to increase the efficiency of security teams and reduce the enterprise’s exposure to risk. Learn how to achieve big results from intelligently streamlined incident detection and response workflows—accelerating your actions, scaling your resources and optimizing your security operations.

15:15
Break and exhibition visit

15:30
Phase III: Advanced persistent threats and returning to the office

Sam Curry , Sam Curry, chief security officer, Cybereason

For most, regardless of geography, the question of returning to the office has arisen. Some are headed back either wholly or in part, while most are in a wait-and-see mode. Advanced persistent threats aren’t waiting. They are continuing to attack and will continue to attack. In this session, we will review motivations behind different kinds of APTs and what we predict they will do over the next few months.

16:05
Is Secure Remote Access like the emperor’s new clothes?

Charl van der Walt , Charl van der Walt, head of security research, Orange Cyberdefense
Wicus Ross, senior security researcher, Orange Cyberdefense

Enterprise businesses equip staff with mobile devices such as laptops and smart phones to perform daily tasks. This makes the workforce much more mobile but places an implicit burden on the staff to ensure that they are always on-line. Security is handled by the underlying operating system and supporting solutions, for example a Secure Remote Access solution or “VPN”.

Endpoint VPN technology has been around since at least 1996 when Microsoft created the Peer to Peer Tunneling Protocol (PPTP). OpenVPN and similar open source VPN technologies have advanced this tech from highly specialized to near commodity.

However, enterprise Secure Remote Access solutions can be complicated and nuanced. One case involves remote workers that connect to complimentary Internet hotspots typically offered by coffee shops, airports, hotels, etc. Hotspots are Wi-Fi access points that offer free Internet bandwidth. Most hotspots today feature a captive portal that require either a password, voucher code, or some form of consent that involves agreeing to terms of use.

A robust VPN implementation should not allow a user to interact with a network resource that bypasses the secure tunnel. What then happens in the time between connecting to the Wi-Fi hotspot and activating the tunnel? How vulnerable is the user during this time? Surely the Wi-Fi hotspot securely isolates guests and surely the local firewall on the laptop will protect the user from any attacker, but does this assumption hold even if the hotspot is fully under the control of an attacker?

In this presentation, we will reveal research we conducted into the efficacy of modern commercial “VPN” solutions in the face of modern mobile worker use cases, typical endpoint technologies, and contemporary threat models. In short: How “secure” can remote access ever be?

16:40
Closing remarks from the chair and close of Day One

Track four: Breakout session II

14:00
Welcome from the track chair

Matthew Burbidge , Matthew Burbidge, Writer, Online Editor, ITWeb

14:05
Leveraging your existing technology investments to improve your security and reduce your risk

Paul Grapendaal , Paul Grapendaal, head of Managed Security Services, NClose

14:40
The art of polymorphic phishing attacks – are you ready to respond?

Kamel Tamimi , Kamel Tamimi, principal security consultant, Cofense

As businesses adjust to having their employees work from home, they are also working hard to support it. However, new working conditions have opened up new security gaps that challenge the status quo and question the business’s resiliency to defend against polymorphic phishing attacks. The changing face of phishing e-mails continuing to evade secure e-mail gateways (SEGs) has threat actors adapting their tactics to exploit businesses that are unprepared. Are you ready to accelerate your security practice to respond to these types of attacks? Join Cofense for an in-depth review of the current phishing threat landscape, as seen through the eyes of those on the frontline – your end-users.

Key takeaway points will include:

  • Insights into the porous nature of SEGs and the latest tactics and techniques delivering credential phishing and malware today.
  • How to identify and defend against persistent and stealthy polymorphic phishing e-mails.
  • Strategies and tools to adopt that will strengthen your security practices.

15:15
BREAK AND EXHIBITION VISIT

15:30
Security synergy – bringing together EDR and NTA

Nithen Naidoo , Nithen Naidoo, CEO & Founder, Snode Technologies
Jeremy Matthews, Head of Panda Security's African operations.

Moving away from a siloed approach to cyber security and towards a holistic, comprehensive strategy that address a multitude of risk factors is essential in today’s environment. Adopting advanced technology solutions can facilitate this by delivering telemetry that can be used in decision-making. In this session, Nithen Naidoo and Jeremy Matthews will lead a discussion around the intersection of endpoint detection and response (EDR) and network threat analytics (NTA) – two critical technologies that should constitute a meaningful strategy.

  • The value of NTA technology as part of your cyber security strategy.
  • How integrating EDR telemetry and NTA into a single dashboard supports threat hunting and the SOC environment.
  • Customer success stories.

16:05
Password models in the real world

Petrus Potgieter , Petrus Potgieter, CIO, Phulukisa Health Solutions

The ideal password selection method is to generate a random string that is so long an attacker would find it practically impossible to iterate through all random strings of the specified length, and for the user of the password to then perfectly recall the password. Two practical impediments immediately apply: the inability of users to remember random strings and the impracticality of deducing from a specific single string that a random selection produced it and from what space it might have been selected. Commonly, this difficulty is addressed by a password policy, such as that published by the US National Institute of Standards and Technology (NIST). We discuss the weaknesses of rules-based policies and the inevitable trade-off between rules that delimit “bad” passwords and allowing the space from which passwords are chosen to expand. This presentation will give you a better understanding of principles in password policies and insights into how “good” password policies can be circumvented and can sometimes be counter-productive.

Demo Lab

14:00
FortiAnalyzer

Praven Pillay , Praven Pillay, MD, Maxtec

The challenges of complex and fragmented infrastructures continue to enable a rise in cyber events and data breaches. Assorted point security products in use at some enterprises typically operate in silos, obscuring network and security operations teams from having clear and consistent insight into what is happening across the organisation. An integrated security architecture with analytics and automation capabilities can address and dramatically improve visibility and automation. As part of the Fortinet Security Fabric, FortiAnalyzer provides security fabric analytics and automation to provide better detection and response against cyber risks. Join Maxtec for a rundown of all the new features in FortiAnalyser.
14:20
Citrix Intelligent Workspace

Anthony Feist , Anthony Feist, lead systems engineer, Citrix
Edwin Khangale, pre-sales engineer, Axiz

We’re living in the day and age of apps, apps and more apps. When a worker interacts with a typical enterprise application, you can bet they’re probably using less than 10% of the functionality because that’s all they need. Jumping around from one full-blown app to another is not efficient or conducive to productivity. Equally frustrating is the fact that many of these time-consuming application interactions (expenses, HR, IT tickets, PTO requests) have more to do with job maintenance than our actual job responsibilities. A digital workspace becomes an intelligent workspace when it moves beyond organising apps and data to guide, and, ultimately, automate work. To do this, you have to get out of the mindset of simply delivering applications and making the user hunt and peck for the right menus, screens and commands. You have to extract the relevant actions from those applications and use insights to prioritise them and present them to the employee in a simple way so they can get work done in the most efficient way possible.
14:40
Protecting your sensitive information

Ashley Maduray , Ashley Maduray, technical solutions professional, Microsoft

Learn how Microsoft solutions help users discover, classify and protect sensitive information wherever it lives or travels. Ashley Maduray will also explore Microsoft Endpoint DLP, which allows users to monitor Windows 10 devices and detect when sensitive items are used and shared. This gives users the visibility and control needed to ensure data is used and protected properly and to help prevent risky behaviour.
15:00
BREAK

15:30
Strengthen your cyber security posture with Log360 UEBA (user and entity behaviour analytics)

Harish Sekar , Harish Sekar, global speaker and business development manager, ManageEngine/Zoho Corporation

Log360 uses machine learning to detect behaviour anomalies, strengthening your defences against insider threats and data breaches and meeting POPIA compliance
15:50
Office 365 Security Controls – Nclose Microsoft Cloud Security Managed Service

Martin Potgieter , Martin Potgieter, co-founder and technical director, Nclose

Microsoft offers many tools to help you secure your Office 365 environment. The Nclose Microsoft Cloud Security managed service helps clients make use of these constantly evolving toolsets, so our clients can focus on the cloud migration strategy and know that the security there is managed. In this demo, we will walk through our approach to helping our clients make use of these tools, point to some commonly overlooked security controls, and lastly, demonstrate why a managed service for cloud security is important.
16:10
Close of Day One

Hackathon

08:30
Opening, Rules and Schedule

Tiyani Nghonyama , Tiyani Nghonyama, COO, Geekulcha

08:35
Goals and objectives of the Hackathon

Ivan Regasek, ITWeb

08:45
Capture The Flag Challenge. QnA

Nithen Naidoo , Nithen Naidoo, CEO & Founder, Snode Technologies

09:20
Cyber risk awareness. QnA

Steve Jump , Steve Jump, founder & director, Custodiet Advisory Services

09:40
Web Apps security. QnA

Ridewaan Hanslo, CSIR

10:00
Location Services. QnA

Lenah Kitenge, Here Technologies
Clint Leander,, Here Technologies

10:30
InfoSec for Beginners - career goals. QnA

Nadia Veeran-Patel, Luna Secure

10:50
International Organisation of Standards related to Information and Cyber Security. QnA

Muhammad Ali,, WWise

11:30
What the Hack? A look at common vulnerabilities. QnA

Keitumetsi Tsotetsi, Geekulcha

Event Sponsor

Diamond Sponsor

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Bronze Sponsor

Display Sponsors

Endorsed by