© Copyright 2021 | CISO Platform | SACON

10,000+

100+

50+

25+

Views

CISO/CIO

Speakers

Trainings

Previous Years

Click Here For May 2018

Click Here For May 2017

Click Here For November 2016

Click Here For May 2016

Click Here For Nov 2017

Companies That Attend

Call For Speaker

Some of the best minds in the security industry present at our conferences. An ideal profile is found to be trainers, presenters at top security conferences. The quality of your presentation determines success. If your talk is submitted post deadline..we will consider it for the next time

Inspire, Share, Network

40K+ Security Professionals

Establish Your Brand

'Best Of The World' Series

Become A Trusted Expert

By Sharing Your Knowledge

Extend your reach and connect with world's foremost security experts and professionals

'Best Of The World In Security' designates the best minds in security who have exceptional contributions

Become a trusted expert on topics relevant to your industry. Establish you and your company as trusted and respected experts

This conference celebrates the foremost security researchers and trainers in the world. This is co-hosted by CISO Platform with 40,000+ global security professionals. Our vision is to promote collaborative and cooperative learning with the best of the minds in Cyber Security.

'Best Of The World In Security'

"CISO Platform 100"

 "Time 100" recognises the world's top influencers but there's nothing parallel for Security. So we created "CISO Platform 100" with the vision to recognise those who are making a difference to the world of security. 

Featured Trainings

Chester Hosmer
University of Arizona, Assistant Professor of Practice
Cyber Security Author

Python OSINT Collection from Geographic Hot Spots – Live While They Happen 

Introduction : This talk focuses on using Python to acquire LIVE open-source intelligence from tweets and the associated images, videos, and translated emojis from geographically bounded areas anywhere in the world. Twitter routinely removes tweets and images from their platform based on policy violations and other influences. By acquiring them as they occur provides both timely access to live events, as well as the ability to preserve future redacted information. Chester will provide details of the approach including snips of Python code along with a live demonstration. 

Red and Blue Team Joint Operations Learning the Offensive/Defensive TTPs 

Introduction : CyberWarFare: Red and Blue Team Joint Operations aims to provide the trainees with the insights of the offensive techniques used by the red team and defensive techniques employed by the blue teams in an enterprise. From Red Team perspective, trainee will not only understand the advanced Real-World Cyber Attacks but also simulate Tactics, Techniques and Procedures (TTP's) widely used by APT groups. However, from Blue Team perspective, trainee will understand how to Monitor, Detect, Analyse and then Respond against the real-time attacks performed by red team

Attendee Requirement : 
System with at least 4GB RAM having Virtualization support.
Open VPN Client
Updated Web Browser

Yash Bharadwaj
CyberWarFare Labs, Security Researcher
OWASP Trainer

Agenda : 

Threat Overview
Computational Propaganda
Echo Chambers
Live Demonstration Targeting Twitter Hot Spots
Analysis of Collected Images using Forensic Image Analysis
Hands on geographic collection using Python Scripts
Detailed Code Walk-through

Attendee Requirement : 
None

Manish Gupta
Citrix, Security Engineer
Defcon Trainer

Agenda : 

Cyberwarfare Red Team Highlights
Extensive OSINT activities
Custom Web Exploitation
Remote Access services exploitation
Multiple segregated networks with updated linux & Windows operating servers/workstations
Exploiting combination of Linux & Windows machines under Active Directory   environment
Abusing mis-configurations of enterprise security solutions etc.
Exploitation of widely used enterprise automation software
Manipulating active users browsing (User Simulation)
Bypassing Enterprise Security Solutions

Cyberwarfare Blue Team Highlights
Real Time Attack monitoring
Host and Network based security solution
Real Time Network Traffic Analysis
Endpoint Detection and Response solution
Digital Forensics and Incident Response

Abraham Aranguren 
7ASecurity , CEO Security Trainer, Director of Penetration Testing 

Practical Mobile App Attacks By Example 

Introduction : A significant amount of confusion exists about what kind of damage is possible when vulnerabilities are found in mobile apps. This workshop aims to solve this problem by providing a broad coverage of Android and iOS app vulnerabilities identified over multiple years of penetration testing. The purpose is to provide a comprehensive repertoire of security anti-patterns that penetration testers can look for and mobile app developers can watch out for to avoid. This workshop is a comprehensive review of interesting security flaws that we have discovered over the years in many Android and iOS mobile apps: An entirely practical walkthrough that covers anonymized juicy findings from reports that we could not make public, interesting vulnerabilities in open source apps with strong security requirements such as password vaults and privacy browsers, security issues in government-mandated apps with considerable media coverage such as Smart Sheriff, apps that report human right abuse where a security flaw could get somebody killed in the real world, and more Examples will include very interesting scenarios of copy-paste attacks, calling premium numbers from the phone, custom URLs, Deep Links, XSS, SQLi, RCE, MitM attacks, path traversals, and data leak examples from real-world mobile apps, Apart from that, many other issues, including interesting scenarios chaining several vulnerabilities, such as achieving RCE via SQLi, persistent XSS, data exfiltration, etc are also addressed.  

Agenda : 

Mobile app security
Static analysis
Dynamic analysis
File storage
Repackaging
Patching
Man-in-the-Middle (MitM)
Mobile app vulnerability patterns
Crypto 

Attendee Requirement : 
None

Harshit Agrawal
Independent Security Researcher  , RF and Telecom Security Researcher 

"CEMA and CEWO" Weaponized RF And It's Role In Warfare Operations  

Introduction :

Since cyberspace requires both wired and wireless links to transport information, both offensive and defensive cyberspace operations may require the use of the electromagnetic spectrum. In modern warfare, military forces are heavily dependent upon access to the electromagnetic spectrum for successful operations. Communications with friendly forces and detection, identification, and targeting of enemy forces, among other tasks, are all reliant upon the ability to operate unhindered in the spectrum. For this reason, control of the electromagnetic spectrum is considered essential to carrying out military operations. Ṭhe electromagnetic maneuver can be considered to be made up of five domains: land, sea, air, satellite, and cyber warfare of which RF signals are common, this session aims to provide opportunities for attendees to learn about Secure radio communications, Cyber Electronic Warfare, Radars, Signal Intelligence, and Spectrum monitoring which can be used to gain a secure tactical advantage.   

Agenda : 

Introduction to Cyber Electromagnetic Activities
Fundamentals of RF, Antenna and DSP
Signal Intelligence and Wireless Security
Information Operations
Internet of Battle Things
Counter Drone Survellience Techniques
Policies, Doctrines and Strategies  
Future of  Cyberwarfare

Attendee Requirement : 
None

Dr. Christian Folini 
Netnea, Senior Security Consultant,Black Alps Speaker

An Introduction To The OWASP ModSecurity Core Rule Set   

Introduction :

The OWASP ModSecurity Core Rule Set (CRS)  is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls.  CRS is the 1st line of defense against web application attacks like those summarized in the OWASP Top Ten and all with a minimum of false alerts.  This talk demonstrates the installation of the rule set and introduces the most important groups of rules. It covers key concepts like anomaly scoring and thresholds, paranoia levels, stricter siblings and the sampling mode. The important handling of false positives is also covered as well as pre-defined lists of rule exclusions for popular web applications helping to avoid false positives. 

Agenda : 

Introduction to WAFs and ModSecurity  
WAF platform choice
Introcuction to CRS and key concepts
Installation of CRS
Running a security scan against your CRS installation
Working with logs and reports
Tuning away false positives  

Attendee Requirement : 
None

Nathan Zimmerman 
YMCA of the USA, Sr. Information Security Officer 

Threat Hunting 360 – Where To Look  

Introduction :

The Information Security profession has become unfocused and untethered from foundational concepts. While companies are trying to digitally transform themselves, they are dazzled by vendors hawking machine‐learning’ and ‘artificial intelligence.’ We trust our most sensitive data and infrastructure to third parties without fully understanding the ‘Shared Responsibility model’ that underpins such a relationship. Meanwhile our networks, applications, servers, and endpoints are compromised because a port was left open. Access controls were not properly maintained and audited. ‘Shadow IT’ has become an even larger issue with the forced remote work of COVID‐19 transitioning into a wider acceptance of remote work in general. Ransomware, social‐engineering, Solarwinds, and on and on and on.  

Attendee Requirement : 
None

William Martin 
CleverThreat , Founder, Defcon Speaker

A Stroll Through The Kill Chain  

Introduction : This is a deep dive talk on penetration testing, and provides a first-person view of an attacker traversing through an environment. In a purple team styled seminar, we will take a deep dive on each of the steps in kill chains used to compromise environments. While viewing the first-person attacker perspective, we will also show what forensic data is being created and what protections could be placed to identify & terminate the attack. This talk is for any who are new to penetration testing, or those who have never seen one being conducted first hand.

Agenda : 

Penetration Testing  
Types & Methodologies
Preparing For A Test
External Network  
Attacks & Killchains
Endpoint Compromise
Evasion and Enumeration
Internal Network  
Attacks & Killchains

Attendee Requirement : 
Attendees should have a basic understanding of networking, logging & monitoring, active directory, and endpoint security. No special equipment will be required

Agenda : 

What is a ‘Threat’

What is a ‘vector’

Understanding what you are protecting

What WAS scary

What IS scary

What WILL be scary very soon

Application security

Presentation security

How to Investigate Threats 

Session security 

Network security  

Data Link security  

Sanita Meijere 
SK ID Solutions AS, Head of Business Relations 

Privacy Aspects, When Providing Digital Products And Services  

Introduction :

It will start with general insights into GDPR, its key principles, requirements and data subjects rights. We will also cover key aspects that are important when considering a new app or a solution to be developed (Privacy by design) and finally we will get to practical aspects – key documentation required to be compliant with GDPR requirements, e.g., Privacy Policy, Cookies` Policy, Data Processing Impact Assessment and a Risk Assessment and Treatment Plan. 

Attendee Requirement : 
PC with internet connection in order to download Word and Excel documents and work with them 

Agenda : 

Brief introduction to GDPR 

Goal & Principles

 Data subjects` rights 

Training 

NDAs 

What to keep in mind when designing new solutions  

Privacy by design 

Data minimization 

Ability to fulfill Data Subjects` rights 

Privacy policy 

 Cookies policy  

Data processing impact assessment 

Katy Westlund  
Netsecuris LLC , Cybersecurity specialist 

Framing The Importance Of Cybersecurity To Non-Technical people    

Introduction :

We all have psychological barriers to the information we receive outside our realm of understanding.  Framing cybersecurity awareness in ways that pertain to individual groups such as the sales team or hiring resources can create lasting behavior changes.   Learn the techniques to prevent trivialization or denial that every employee holds the key to staying cyber safe 

Attendee Requirement : 
None

Agenda : 

Framing Techniques 

Positive and negative attributes 

Biases and Heuristics 

Psychological Barriers 

Stages of change Behavioral outcomes 

Continuous Cyber Security Learning   

Applying Technical Cybersecurity Controls To Lessen The Impact Of Consequences When Employees Make Mistakes   

Introduction :

Risks cannot be eliminated, but they certainly can be controlled.

Agenda : 

Risk Review and Foundations
Explain Cyber Risks
Explain Cyber Threats
Explain Cyber Incidents
Explain Cyber Vulnerabilities
Explain Cyber Assets
Explain Cyber Controls
Explain Cyber Consequences or Impacts

Attendee Requirement : 
None

Leonard Jacobs   
Netsecuris LLC , President / CEO 

Gordon Rudd 
Stone Creek Coaching , CISSP, CEO 

Every CISOs First 90 Days On The Job  

Introduction :

You’re a CISO! Now what? Today’s CISO is a hybrid. Part technician, part manager, part leader and a visionary. No wonder so many new CISOs fail. Unfortunately, failure isn’t an option for today’s CISO! This session will give you the tools and techniques you’ll need to be a world class CISO. We’ll Explore the programs, processes, procedures, and technical skills needed to be a survive in your role as CISO.  We will also explore the tools to help you do your job better, cheaper, and faster than the competition.     

Attendee Requirement : 
Background in information security or cybersecurity helpful but not required 

Agenda : 

Learn to use the MAP (measure, asses, plan) process

Determine the skills you have & the skills you need in your department

Define your own personal areas for improvement

Assess your organization

Determine the organization's maturity

Determine the organization's operational readiness

Assess an information security department, the people in it, and the organization

Develop organization-specific tools to accurately determine the capabilities

Create the people, processes, and technology road map for the information security

Plan the work and work the plan

Measure the information security departments

Differentiate between processes, projects, programs, and reality

Prerna Sharma 
Workato, Security Consultant 

Vendor Governance  

Introduction :

Vendors help us all get our work done and deliver value to our customers but we are putting our own data & customers’ data at risk every time a 3rd party has access.Security risk, Privacy risk, Legal risk
We are required to evaluate our vendors - when onboarding and regularly thereafter 

Attendee Requirement : 
None

Agenda : 

Overview of Third-Party Risk Management 

Supply Chain Threat Landscape 

Regulatory Controls for TPRM 

Third-Party Risk Management 

Framework 

Use Case and tools

Vikram Dua 
Philips, Sr. Director, Head of Enterprise IT Security  

Challenges of Shadow IT In The Post Covid World  

Introduction :

Detailed talk on the challenges faced by multiple companies in diverse fields with the existence of Shadow IT that will be the norm in many cases post Covid. Whether the Shadow IT exists at home due to Work from Home or in different businesses with a company 

Attendee Requirement : 
None

Agenda : 

Introduction 

What is Shadow IT 

Advantages & Disadvantages of Shadow IT 

Future of Shadow IT 

Impacts of Covid -19 on Shadow IT 

Increased Shadow IT 

Data Leakage via Unauthorized File Sharing Services 

Use of Unauthorized Remote Access Tools 

Increased non compliance with IT laws and regulations Security risk and challenges  

Prevent shadow IT security Risk 

Build clear Visibility in to Shadow IT assets   

Switch of the non-compliant applications 

Implementation of strong remote access tools 

Fook Hwa Tan 
Northwave , Chief Quality Officer  

Security Transition – A New Perspective On Security For The Board By The CISO  

Introduction :

In this workshop we will examine the changing trend of the CISO from an IT security professional to a full member of the board or reporting directly to the board. We will discover together this trend and get practical tips to become a Security Leader in your own organization 

Attendee Requirement : 
None

Agenda : 

Introduction 

Current Reality

Security Vision  

Strategic Bets 

 Role of the CISO and the outsider 

Joshua Jebaraj  
Devops Intern  

Defending Docker Implementations  

Introduction :

Docker is one of the trending technologies that rules the IT ecosystem. Many companies have started to adapt the usage of docker in their companies. However, docker like many other technologies is not safe by default. We have to take certain steps to make sure that the docker deployment is safe and secure. This workshop introduces the attendees to docker basics, discuss various security problems in the default configuration and also discuss the various Defense mechanisms.
 

Attendee Requirement : 
Laptop with admin privilege of 4 GB ram and 20 GB free space 

Agenda : 

Introduction to Docker 

Hands-on: Getting started with Docker 

Pulling an image   

Running the container  

Building a Docker image 

Docker security

Hands-on: Writing secure Dockerfiles

Hands-on: Securing Docker containers

Hands-on: Docker runtime security 

Hands-on : Securing Docker configuration & the host machine 

Hands-on: Auditing Docker images

Prof. Sandeep Kumar Shukla, Professor, Program Director, C3i Technology Innovation Hub, IIT Kanpur

Cyber Security In The Power Grid   

Introduction :

Cyber Security of Power generation, transmission and distribution is a growing concern given the past incidents of cyber attacks on Ukraine power grid, on hydroelectric generation facility in the US, and several other cases around the world. The Stuxnet worm  in the Iranian nuclear enrichment plant in 2009 of course led to the formation of the NIST Cyber security framework development task force. However, the problem of power grid security is even further enhanced by the possibilities of unpatched vulnerabilities in field devices, programmable logic controllers, RTUs, SCADA and other OT components. Further, the extant industrial protocols such as Modbus, OPC and others lack the necessary primitives for cryptographic protection of communication and end point authentication. These issues require a comprehensive cyber protection policy implementation, continuous monitoring and detection of incoming threats, response strategies and recovery plans. In these 3 hours of short workshop we will discuss the issues of vulnerabilities in the power system devices and -protocols, discuss continuous monitoring strategies for intrusion detection, and use of AI/ML in this context.  
 

Attendee Requirement : 
Attendees are expected to be associated with power utilities, policy makers and others familiar with the structure and operation of power grid. Any one with general interest in Cyber Physical System Security will also find it interesting. There is no hands-on exercise for attendees, so there is no computational requirements.  

Agenda : 

Cyber Security in the Power Grid  

Introduction: Power Grid Components and Security Attack Surfaces 

The NIST Cyber Security Framework and its application in protecting Power Grid from Cyber attacks   

 Issues: Vulnerabilities in Hardware/Firmware/Software/Protocols 

VAPT in the Power Grid Devices 

C3i VAPT experiments and CVEs disclosed 

VAPT as a protection posture  

 Intrusion Detection as Continuous Monitoring 

Model Driven Intrusion Detection 

 Implementation of Intrusion Detection in the PLC 

Data Driven Intrusion Detection 

Machine Learning based Intrusion Detection Algorithms and use 

Importance of Comprehensive Cyber Security Policy and Implementation 

Response and recovery policies 

Rohit Negi, Lead Engineer & Security Architect (C3i Center), IIT Kanpur 

Vijayashankar Nagarajarao Foundation of Data Protection Professionals in India, Chairman    

DPO The New Destination For CISOs 

Introduction :

After the GDPR became effective, the role of a DPO in an organization has attracted the focus of professionals. Soon over hundred countries passed theeir own data protection laws (India is in the verge of passing its law) all of which indicated a role for the position of a DPO. Some laws have made it mandatory to all but the small entities and some have indicated that a DPO has to be a resident of the law making country. GDPR has made "DPO" a potential consultancy business since a non employee or an external organization can be appointed as the DPO of a company. Most of the laws have given a legal protection to the DPO and defined the responsibilities in such a manner that the DPO should ideally report to the Board. The law would also not favour a DPO sharing any other responsibility with a conflict. Hence the incoming of the professional labeled DPO has caused disruption to the established professional hierarchy in an organization where the CISO and CTO held a position of eminence. The program will discuss the skillsets required by a DPO, how an existing CISO/CTO needs to transform himself to fit to the new role and how he should organize himself if he has to be a successful DPO.
 

Attendee Requirement : 
Attendees are expected to be corporate executives with a reasonable understanding of Information security. There is no hardware requirement for the participants. References would be made to information sources and the participants may acquire additional information from these websites post the training.  

Agenda : 

The essential aspects of a Data Protection law 

The requirements of a DPO  

Differential skill sets that a DPO represents   

Organizing the team structure processes, skills and checklists 

Developing a migration plan from CISO to DPO  

Ritu Thakkar, qGrowth Consultant, Vice President    

Internet Security For Kids 

Introduction :

Today due to COVID-19 there is widespread school closures, children across the world are being given alternate resources, some online, to study outside of the classroom. Children spending time online with or without supervision through computers, smartphones or tablets. The Internet plays an integral part in a child’s life at home, in schools, and wherever they spend their free time. Though computers and mobile devices that connect to the Internet can be beneficial for learning, they can also be a source of danger and this is a very big concern for parents.  It is important to protect them from everyday dangers of inappropriate contact, conduct, and content that they may encounter while online. It’s time to add another topic to the list – cybersecurity awareness for Kids  

Attendee Requirement : 
None

Agenda : 

Knowledge of all types of risk 

Protecting Kids Online – School 

Teacher and Parent Role 

Need to Be Aware Of Internet dangers 

Safety Awareness  

Meet 40+ Speakers - 'Best Of The World In Security'

We brought together best of the minds in the Security Industry

Dan Cornell 

Chief Technology Officer , Denim Group 
RSA, Blackhat Speaker

Chief Scientist , Co-Author, McAfee

Katy Westlund

cybersecurity specialist 
Netsecuris LLC

Harshit Agrawal 

RF and Telecom Security Researcher 

Gordon Rudd 

CISSP, CEO 
Stone Creek Coaching

Fook Hwa Tan 

Chief Quality Officer , Northwave

Prof. Sandeep Kumar Shukla

Program Director 
C3i Technology Innovation Hub, IIT Kanpur

Rohit Negi

Lead Engineer & Security Architect , C3i Center IIT Kanpur

Vijayashankar Nagarajarao 

Chairman , Foundation of Data Protection Professionals in India

Ritu Thakkar 

Vice President 
qGrowth Consultant

Leonard jacobs

President / CEO , Netsecuris LLC

Joshua Jebaraj 

Devops Ethusiast & Contributor
Nullcon Chapter

Marco Ortisi  

Head of Penetration Testing and Security Research , Red Timmy Security

Abhinav Mishra 

Founder
Enciphers

Monappa KA 

Principal Threat Hunter
Microsoft

Abhay Bhargav

DevSecOps
We45

Dr. Gregory Conti

Co-Founder and Principal  Kopidion 

Dr Philip Polstra

Professor, Bloomsburg University of Pennsylvania

Featured Fireside

Allan Alford 
TrustMAPP , CISO/CTO 

How to Present Cyber Security Risk To Senior Leadership  

Introduction : A Chief Information Security Officer (CISO) role has become more crucial in building a successful business. 33% of CISO roles are expected to present directly to the board. Learn what are the major metrics, how to make a minimalistic dashboard and get the key message conveyed without overload

Dan Cornell  
Denim Group , CTO

The As, Bs, and Four Cs of Testing Cloud-Native Applications 

Introduction : For cloud-native applications, the combination of new technologies and architectural elements has introduced questions about how to scope, plan, and execute security assessments. This presentation looks at how the assessment landscape has changed with the introduction of cloud-native applications and explores how threat modeling is central to testing their security. In addition, the “Four C’s” conceptual model for looking at cloud-native application security is introduced, including a discussion of how both automated and manual testing methodologies can be used to accomplish assessment goals. 

Chuck Brooks   
Brooks Consulting International, President 

Cybersecurity Challenges Of IoT 

Introduction : The IoT security challenge comes down to understanding what is connected in the IoT landscape, knowing how to best protect the most important assets and effectively mitigating and remediating a security incidents and breaches 

Raj Samani    
McAfee , Chief Scientist 

The Tale Of The APT 

Introduction : This talk focuses on detailed analysis of state sponsored tactics to target and compromise large enterprises.  The talk will evaluate the emerging tactics used by adversaries, and the mechanisms required to not only defend but also how to stay up to date with developing TTPs.

Florian Hansemann    
HanseSecure , Admin Hunter 

There Is No Magic In Cyber 

Introduction : The talk is divided into 3 parts: Quick wins: pointing out typical errors in companies, which in my penetration tests often lead to serious security problems and possible counter measures. Second, Incredible but true: practical experience of a pentester. And where is the magic ? An attempt to show the right way for more information security. 

Dr Anton Chuvakin    
Google Cloud , Security Solution Strategy 

Trends In Modern Security Operations 

Introduction : The talk will cover some of the emerging security operations (SOC) trends and explore the evolution of the SOC concept in the coming years. 

CISO Platform

Speakers

Annual Security Summit, 2021

Call For Speaker

Trainings

Keynotes

Meet Our First 40+ Speakers

This conference is put together for the security community by our team. It brings together top minds from the global security industry to engage in great security sessions, workshops and more..

Register For 2021

This conference is put together for the security community by our team. It brings together top minds from the global security industry to engage in great security sessions, workshops and more..

Register For 2021

This conference is put together for the security community by our team. It brings together top minds from the global security industry to engage in great security sessions, workshops and more..

Register For 2021

This conference is put together for the security community by our team. It brings together top minds from the global security industry to engage in great security sessions, workshops and more..

Register For 2021

This conference is put together for the security community by our team. It brings together top minds from the global security industry to engage in great security sessions, workshops and more..

Register For 2021

This conference is put together for the security community by our team. It brings together top minds from the global security industry to engage in great security sessions, workshops and more..

Register For 2021

Featured Keynotes

Richard Stiennon 
IT-Harvest , Chief Research Analyst 

The Entire Security Industry 

Introduction : This talk dispels myths about our industry. One myth is that consolidation occurs. Another is the slow growth of the industry usually pegged at less than 10% a year by the major research firms. Another is that security startups fail at an alarming rate. They do not. There were only two failures of funded startups in 2020, although there were some acquisitions at fire sale prices. Stiennon shares the data from the Directory in Security Yearbook 2021. There are 2,615 vendors broken into 16 major categories.

Mike Spanbauer 
TrustMAPP , CISO/CTO 

10 Emerging Threats To Enterprise Applications 

Introduction : Learn about the most potentially damaging threats to current enterprise apps. You'll know about how these attack can expose your organization, strategies to mitigate and how to identify them. Learn how to secure your applications to limit the impact of an application-focused attack

Brad LaPorte 
High Tide Advisors , Board Advisor

Continuous Security Validation And Practical Strategies

Introduction : It's an ongoing challenge for the security world to be able to continuously test security controls in the network and prioritize remediation according to business impact. We'll learn the best practices, practical approach, empowering teams and security validation techniques.

Featured Panel

Matthew Rosenquist 
Eclipz.io Inc , CISO/Cybersecurity Strategist

How Nation State Attacks Are Fundamentally Changing Cybersecurity 

Introduction : Nation-state cyberattacks are becoming a global problem spread across Russia, China, North Korea, US, Israel and more. It's implications on cybersecurity are inevitable. Various measures and solutions must emerge to tackle the problem. Learn more in this session

Herb Kelsey
Quantum Vault, Inc , Founder

Mohammed Azmathulla Shaik 
Commercial Bank of Dubai , Senior Technology Risk specialist

Guide To Ransomware Prevention, Response And Recovery

Introduction : Ransomwares are often hard to contain without causing havoc in workstations. It can be a silent killer, no administration privilege needed, no UAC, uses standard windows API. It is crucial to control the vectors. Learn the prevention, response and recovery plan

Mohammed Siddiq
Emirates Development Bank , IT Manager

Raghvendra verma 
ISON Group , Group Head

Ziauddin Ansari 
Abu Dhabi Islamic Bank , Head of Cyber Defense Center

Kumar Ravi 
EXL , Vice President - Information Security

How To Protect Against The Latest Threats

Introduction : It is important to understand the stages of a common attack and how can you apply controls at each stage to protect your organization. A simple gap analysis can take you leaps forward. Take account of people, process, technology too. Learn a strategic way to approach this problem

Dilip Panjwani 
CyberEdBoardCommunity , Senior Director- CISO

Gokulavan Jayaraman 
Lumina Datamatics Limited , Senior Manager Quality

One of The 1st Award 

For Senior Security Executives

Analyst & Peer Learning

Playbooks, WarGames, Community RFP

Globally Recognised 

18k shares for Global CISO Platform 100 

Keynotes - Best Of The World In Security

Dan Cornell 

Chief Technology Officer , Denim Group 
RSA, Blackhat Speaker

CISO Initiatives Highlight

The Initiatives track is an exclusive meetup of CISOs focussed on peer learning

Vijay kumar Verma
Jio Platforms Limited , VP & Head, Cyber Security Engineering

Next Generation Red Teaming - Securing The Security Posture Of Your Organization
 

Introduction : Red team exercises and penetration tests provide a valuable service. This session will help you understand the technology, how it can help enterprise security gain better visibility and improvise. Learn a comprehensive approach to red teaming

Milind Mungale
NSDL e-Governance Infrastructure Limited , Executive VP & CISO

Navaneethan M
CISO & Head IT