Start of first round of discussions for around 50 minutes. There will be 10 roundtables and you can attend at three different tables/topics.Roundtable 1: Monika Atanasova, Global Head of Cyber Third Party Risk Management at RaiffeisenThird Party IntelligenceKey Topics:
- What is strategic Threat Intelligence
- What is the impact of increasing 3rd party risk & why static assessment of that risk falls short
- What are top cyber risks you should monitor
- How to mitigate 3rd party risk with real-time, automated intelligence
- How does intelligence support risk management and investments in TPRM programs
- 3rd party Intelligence as an enabler for different teams
Roundtable 2: Maria Zidkova, IT Security Officer at City of Zurich
Zero Trust - Beyond Buzzwords- What is a Zero Trust strategy and why does it matter in an organization
- How to build trust with your key stakeholders! (and not with your systems)
- What are the major objectives you should consider within your Zero Trust journey
- How to initiate a Zero Trust implementation process and define a cloud-based protect surface
Roundtable 3: Carmen Mogan, Technical Information Security Officer at Deutsche BankCybersecurity Risk Management: Understanding Threats and Support Business Decisions
- Importance of security risk management: compliance or decision support
- Risk assessments and techniques that drive good decision making
- Understanding risk choices in relation to the risk appetite
- Monitoring the effectiveness of applied solutions
Roundtable 4: Claudia Zeuren, SOC Trainer, Senior Cyber Security Analyst & Quality Manager at SIX GroupSOC analyst’ love for Automation & Orchestration
- What is «automation»: definition, (wrong) perception, implementation, goals?
- Definition for «orchestration»: examples, advantages, tools, integration of ML/AI
- Analysing potential Phishing using automation (SOAR playbook) supported by machine learning.
- From requirements to Security, Business or Compliance Use Case: Detection as a Code “When DevOps meets Security (using GitLab repository)”.
Roundtable 5: Archana Panchal, Head of Security Operations and Response at NatWest ServicesThe Human Element in the SOC
This is a discussion of how good teams, running comprehensive SOC shifts across various operational facets, can facilitate a robust security posture. The statement in Top Gun 2 “it all comes down to the pilot” is also valid for Security Operations Centers. We are all pilots in the SOC and play a crucial role in being successful to achieve company goals. Pilots needs to know the destination of the company and during flight the pilot needs contextual awareness to reach the desired destination.
Let's discuss how to drive a security organization that supports what your company needs to build trust and mitigate the weakest link of all: the human element
Roundtable 6: Claudia Krücken, Business Information Security Manager M&A IT at NovartisCyber Risk Management - are we going too far? Or not far enough?
Cyber Risk Management is intended to support our company‘s IT teams in their decision making, to ensure money is spent on those activities adding most value to security (and) resilience of our company’s IT environment. It is, however, often perceived as a burden by our IT customers. What could we do to improve the situation - for gaining a better acceptance level while still performing a sufficient risk management in the light of ever-increasing cyber threats?
- Why do we see „burden“ perceptions?
- What could we do differently?
- What might we want to do in addition?
- What should we step away from?
Let‘s share and discuss our experiences and best-practices!
Roundtable 7: Johana ten Hove, ISACA SheLeadsTechEnhancing Operational Resilience through Crisis Simulations
Join Johana ten Hove from SheLeadsTech/Protiviti Switzerland for a discussion on testing your organization’s response to cyber attacks, focusing on DORA and FINMA mandates.
Agenda Highlights:
- Importance of Crisis Simulations: learn why simulations are vital for mitigating cyber threats
- Regulatory Requirements: understand DORA and FINMA mandates for ICT risk management and incident response
- Approaches to Crisis Simulation: explore best practices like scenario-based testing and tabletop exercises
- Leveraging AI: learn how to enhance simulation efficiency and accuracy with AI-driven tools
- Stakeholder Involvement: identify key personnel for planning and executing crisis simulations
- Post-Simulation Actions: understand how to analyze the results of a crisis simulation and how to implement improvements
Roundtable 8: (actually searching for further moderators)
Roundtable 9: Roundtable 10: