IT Security Insights 2022

Ulf has been working with information security in over 35 years in all areas and on all levels. From IT-support and helprunner to an Information Security Strategist on top level. Both in the private and public sector. As a consultant as well as an employee. 

Ulf will talk about that processes isn’t the holy grail in solving problems in information security. He will also discuss the problem in finding human resources in cybersecurity and present you with the solution to solve the problem.

Key Takeaways:

The conclusion of the presentation is that "one mistake you can live with, but two mistakes are one to many and may lead to that we lose the battle for cybersecurity."

Background: It is a common buzzword lately, “IT/OT Convergence” – but what aspects are doing the actual converging? Is it related to technology or business processes? Maybe it is an organizational question? Or is it just a sales-pitch from vendors? Mats will discuss why the answers to these questions differ depending on who you talk to.

Key Takeaways:

• What is IT/OT convergence?
• Has it already happened?
• Who should care?
• What comes after it?

Background: 2021 taught us that cybercriminals don't rest, the threat is constantly evolving and adversaries are increasing their operational tempo. Attacks are becoming more sophisticated and disruption is happening quicker than ever before, causing massive disruptions in all aspects of our daily lives. With the now globally renowned Global Threat Report, CrowdStrike recently published its most recent edition with findings and observations on all relevant events and trends in the field of cybersecurity. But even more important: how can security specialists use this information to keep their organization as secure as possible in 2022?

Key Takeaways:

During this session Stuart will discuss how intelligence can get you ahead of the adversary and, more importantly, get time back on your side.

• Understanding - the service acquisition, business objectives, technical and organizational controls, capabilities, and maturity - is key.
• Knowledge and proof - of total cost of ownership, features, and functionality, required maturity, vendor & lifecycle management, inhouse resources & competence, risk-awareness and cyber-risk-tolerance - are pre-requisites.

• Our instinct may be to set a blanket security policy for “anything in the cloud” instead of taking a risk-based approach, which will be far more secure and cost effective
• Encryption is not a cure-all silver-bullet and may lead to a false sense of security. Encrypting everything in SaaS because you don’t trust that service provider at all, likely means that you shouldn’t be using the provider in the first place. So why do we encrypt? Why do we so heavily rely on controls like this… Why do we readily buy tools and such?

Background: European Union (EU) launched the Cybersecurity Act (EU CSA) in April 2019 and then work on how to apply it has started in the different EU countries and ENISA. The EU CSA enables security certification of different ICT (information and Communication Technology) solutions that are planned to start in 2022/2023. 

Key Takeaways:

• What are the basics in EU CSA?
• What certification schemes are around the corner?
• How is the outlined time plan?
• What can be the actors?
• How might EU CSA affect our security work in the future?

Participate in workshops and round table discussions of your own choice from our supporting partners below. Round table sessions are limited to 7 participants/table.

Background: IT infrastructure and resources are the essence of most organizations. It's crucial to have a good network security policy framework in place. The Qualys Cloud Platform is the security industry’s most progressive and adaptable cloud-based platform, featuring a suite of solutions that guard networks and shield businesses.

• We live with a false sense of security
• What makes Sunburst (Solarwinds) and Log4Shell attacks so unique and difficult to address
• The comeback of the detection Network never lies

Background: Security risks and breaches have always been a focus for big corporates as well as small and medium-sized enterprises, and Acronis’ Cyberthreats Report has shown that their intensity and frequency is increasing exponentially. Amongst all cyber threats, Ransomware remains the world’s most costly and destructive malware to business, and should sit atop every IT professional’s cybersecurity priorities list.

Key Takeaways:

• Options to protect yourself by building a checklist as a foundation of a comprehensive ransomware protection plan
• How Acronis integrated cyber protection solution can help you keep your business safe and secure

Background: If you want to quickly damage a company – hack its developers. With supply chain attacks becoming the norm, we security professionals are challenged with securing new vulnerable endpoints. 

Key Takeaways:

• How do you protect a user which both has high privileges and a wide-open attack surface? 
• How do we allow developers to maintain their tooling and DevOps workflow while protecting them from an adversary? 

Participate in workshops and round table discussions of your own choice from our supporting partners below. Round table sessions are limited to 7 participants/table.

Background: Zero Trust starts by assuming that any identity – whether human or machine – with access to your applications and systems may have been compromised. The “assume breach” mentality requires vigilance and a Zero Trust approach to security, one that is centered on securing identities.With Identity Security as the backbone of a Zero Trust approach, teams can focus on identifying, isolating and stopping threats from compromising identities and gaining privilege before they can do harm.

Key Takeaways:

• How to make sure every user is who they claim to be with strong, contextual, risk-based authentication – increasing security and enhancing user experience
• How to vastly reduce your attack surface to only allow registered devices, with a good security posture, to access your resources
• How to grant privileged access the second it’s needed, and take it away the second it’s not

A good cyber strategy is a must at all levels. However, shielding everything seems impossible, especially when it comes to securing all systems – in some cases, the existence of these threats within the systems is unknown. How do you ensure that you can map all threats and proactively optimize preventions?

In addition, many security specialists have budget limitations. In a rapidly changing market where many different types of products and services are offered, it is therefore difficult to make the right choice. What should you consider when implementing these solutions? And how can you make sure it matches your cybersecurity strategy and budget?

Besides the above discussion points, Mikkel together with industry peers will also explore the following topics:

• What is my security posture today, and where should I be?

• Do I have the right competencies, and how can I enable my staff?

• What considerations do I need to make?

Dominique Meurisse hosts a few participants from his morning workshop in a round table setting. Table is reserved with maximum7 seats. 

Background: Encryption is an essential component of providing end-to-end security for the distributed workforce. Breaking AES-256 bit encryption through ‘brute force’ methods is impractical for even the most determined attackers. So why does security for something as simple as file sharing sometimes fail, and what can we do about it? 

Key Takeaways:

• The session will explore why encryption is just one essential piece of the security picture, and how we can leverage key rotation, secure clients, IT policies, and other best practices to secure the digital experience for remote and distributed workers.

Key Takeaways:

• How to understand and measure risk
• How different people perceive risk

Brief background: Since 2019 ICA has been on a journey of agile transformation which have seen us change our habits and ways of working.

Key Takeaways:

• In the presentation I will share how we work in an agile way and what that meant and did for my team during times of isolation and working from home.
• Managing an infosec in an agile way has made us more connected to our organisational context and the business, making our work more impactful and fun.

Background: The IKEA vision is “A better everyday life for the many people” and we bring that to life with a human-centric culture and the empowerment of our co-workers. Where security often sees people as part of the problem, we want to build a system where they are an essential part of the solution. A security operating model should be built for the enterprise, not exclusively for the security and privacy teams.

Key takeaways:

• What does Governance mean in a highly autonomous world?
• How do you build a security organisation when it cannot say NO anymore?
• How do you engage and scale the security and privacy work into an agile Digital organisation?

Background: Business Continuity processes, plans, tests have been around for a very long time. But in many cases, they were just a paper product, too far abstracted from the real day-to-day business threats. Nowadays, a business continuity plan very often aligns/resembles your cyber resilience program. Do one of them good and you get the other one for free! What is important though is not to stick to the basics, or the high level processes. But really, "get down and dirty"!

Georgios will present a use-case where proper business continuity planning really proved to be a business enabler.

Background: Over recent years, supply chain risks have emerged as one of the most pressing cybersecurity challenges with national security implications. With ever increasing specialisation among market actors, monodependencies on particular companies and organisations have become ubiquitous in digital supply chains – resulting in the rise and consolidation of nodes. When nodes fail, or become conduits for malicious code or espionage – the risk is not just organisational, but societal.

Key Takeaways:

• In this session, Johan will review some of the findings of MSB:s recent analysis of supply chain risks, how supply chain attacks and other causes of incidents may result in societal consequences – and what we ought to do about it.
  

The conference ends with a cocktail reception for you to network will all onsite participants. This is an opportunity to share what you have learned during the day, exhange ideas as well as make new contacts. For those of you who go to conferences to primarily network this is your moment to shine. Besides, one lucky attendee will win a prize during the prize draw that will be hosted by Gatewatcher!