CISO Africa Summit - MIS Training

More documents

Recommendations

Info

Day Two: CISO Africa Summit - Business Security Governance, Risk, Legal& Compliance - Wednesday 21 November 201208:30 Coffee08:55 Chairman’s re-Opening09:00 Putting Information Security Governance intoPractice KEYNOTEWinston Hayden, President, ISACA South Africa, GroupInformation Security, Zurich Insurance CommitteeMember-IT Governance Sub-Committee, King III Report09:30 Towards Intelligence Based Security Models;Risk Mapping & Getting the Right Mix KEYNOTEHow do we identify and measure Information Securityrelated risks and compare them with other business risks?Ray Stanton, VP Professional Services BTGS, BT plc10:00 How to Create a Security Value PropositionCASE STUDYMalcolm Smith, Group Head of Security & Safety Services,Nedbank Limited10:30 Securing the Cloud & 3rd Parties CASE STUDYSpeaker to be confirmed11:00 Morning Coffee Break11:20 Securing Critical Electronic Infrastructures &Educating the Judiciary & Law EnforcementCASE STUDYOsioke O. Ojior, Group Chief Risk Officer, InterSwitchLimited Nigeria11:40 Protection of Personal Information Bill:Information Security Implications forBusinesses in South Africa LEGAL EXPERTISE!Mark Heyink, Legal Expert on Information Security12:20 Information Protection, Privacy & Towards ITRegulatory Compliance•Data protection & privacy: what’s on the radar forAfrica?•Compliance with international standards & codes ofpractice – PCI DSS; Data Protection, Privacy•Preparing for a balkanised Internet: privacy,interception & legal challenges•How can we prepare our organisations for the newworld where free & un-intercepted movement ofinformation is a thing of the past?•Towards a standardised pan-African InformationSecurity Regulatory Compliance framework?Panellists including: Osioke O. Ojior, Group Chief RiskOfficer, InterSwitch Limited Nigeria; Mark Heyink,Legal Expert on Information Security; Jenny Reid,President, Security Association of South Africa (SASA)Panel13:00 Lunch14:00 Insider Threats CASE STUDYDr. Cheryl Hennell, Head of IT Security and InformationAssurance, Openreach14:30 WorkshopsMobile Security, BYOD (Bring Your Own1Device) & What Does Consumerization of ITReally Mean for Enterprise Security?Co-facilitated by: Michael Mbuthia, Head IT Risk &Control, Co-operative Bank of Kenya; Simon RiggsSenior Vice President, Information Security Officer, GlobalInformation Security, Bank of America Merrill LynchSecuring mobile end-user devices in the organisation;Conducting an information security risk assessment;Embedding security behaviours2Securing Cloud: The First Phase of the NewGlobally Distributed Computing Landscape –Are We Ready?Co-facilitated by: Ray Stanton, VP ProfessionalServices BTGS, BT plc & Quentyn Taylor, Director ofInformation Security EMEA, Canon EuropeWhat do we need to do to deal with the securityimplications of your data in someone else's datacentre? allow/prohibit? Are you already in the cloud?15:30 Information Ethics & Disclosure STAND UP &SHARE SESSIONHeld under Chatham House Rule, audience andspeakers are invited to share experiences and provensuccessful approaches to:•When ‘no’ means ‘no’ in a non regulated environment!•Data loss experiences & approachesLed by: Clifford Collings, Group Executive: Anti- corruption& Security, South African Revenue Service (SARS)16:00 Afternoon Tea Break16:20 ROSI & Quantifying Risk GROUP SCENARIOPLANNING EXERCISEThe group collectively collates a list of top 5 securityconcerns (logical and physical). Then the groups splitinto 5 smaller groups each taking one of the 5 concerns.Each table presents back a ‘battle’ for winning thebudget to the top table of ‘senior management’ – bearingin mind transparency on how much to invest in security;as costs get cut, how do we demonstrate that we useour security budget most effectively? Staying relevantin a double dip! How will our organisation's businessmodel evolve in the future, and what InformationSecurity opportunities and risks will this present?Facilitated by: Charles V. Pask, Managing Director,ITSEC Associates Limited16:50 CISO Rotating Think TanksAttend 2 out of 3 of these rotating open discussionssessions in 3 corners of the room with 3 facilitators (15minutes discussion per rotation, followed by 3 minutesummary of key findings presented back to the fullaudience by the facilitator). Objective: how are keyareas maturing - risks, threats, tools, solutions!1. Addressing the risks of privileged accounts2. Does Information Security presentopportunities to gain competitive advantage?3. How do you know where your data is?17:30 Close of Day Two & Group ActivityRegister Now at www.mistieurope.com/cisoafrica Enquiries Tel: +44 (0)20 7779 8444
Day Three: CISO Africa Summit - Incident Response, Business Continuity,Digital Forensics, IT Audit – Thursday 22 November 201208:45 Coffee & Registration08:55 Chairman’s re-Opening09:00 Security Data Analytics CASE STUDYQuentyn Taylor, Director of Information Security EMEA,Canon Europe10:00 Electronic Evidence in Forensic Audits: ATelecoms Perspective CASE STUDYChukwunonso Okoro, Manager, Forensic Audit Services,Mobile Telephone Networks (MTN) Cameroon10:30 CISO Insights CASE STUDYSimon Riggs, Senior Vice President, Information SecurityOfficer, Global Information Security, Bank of AmericaMerrill Lynch11:00 Morning Coffee Break11:20 Post Incident Forensics & Processes KEYNOTEAdrian Culley, Global Security Engineer, AccessData11:50 Cyber Fraud, Vendors & Third PartyInfiltration into OrganisationsJenny Reid, President, Security Association of SouthAfrica (SASA)12:10 Counterintelligence – Enhancing BusinessContinuity & Supporting SecuritySteve Whitehead, Managing Executive, CorporateBusiness Insight & Awareness (CBIA)12:30 Lunch13:30 WorkshopsIT Audit Security Controls, Standards, Logs &1Procedures - Security Breaches & PatchingCo-facilitated by: Charles V. Pask, Managing Director,ITSEC Associates Limited & other speakers2Cyber Crime & Security Challenges for BanksCo-facilitated by: Simon Riggs, Senior Vice President,Information Security Officer, Global Information Security,Bank of America Merrill Lynch & other speakers14:20 WorkshopsBusiness Continuity Challenges & Setting up1an Incident Response Function (Operational &Tactical Level)Co-facilitated by: Chukwunonso Okoro, Manager,Forensic Audit Services, Mobile Telephone Networks(MTN) Cameroon; Dr. Cheryl Hennell, Head of ITSecurity and Information Assurance, Openreach2Running Successful Digital ForensicInvestigationsCo-facilitated by: Phillip Davies, Head ofInvestigations & Cyber Crime Lead, British SkyBroadcasting; Adrian Culley, Global Security Engineer,AccessData; Osioke O. Ojior, Group Chief Risk Officer,InterSwitch Limited Nigeria15:10 Key Security Polemics of the Day QUESTIONTIME TEAM DEBATE FOR PRIZESTwo teams battle it out for prizes in this traditional styledebate, focusing on 2 or 3 particular areas of controversywithin the information security space. One team will bemade up of speakers, the other team will includevolunteers taken from the audience. Subjects willdepend on key polemics of the day for example:1. Privacy & security: Is the gulf widening? Yes/no2. Flame: another example of APH (AdvancedPersistent Hype)? Yes/ no3. Social networks - allow/prohibit?Chaired by: Dr. Cheryl Hennell, Head of IT Security andInformation Assurance, Openreach; Yann A. Mouret, ChiefExecutive Officer, Africa Executive Protection Network16:00 Close of Day Three & Free EveningDay Four: CISO Africa Roundtable - Security Professionalism for Africa,Awareness & Measures – Friday 23 November 2012CISO Africa Roundtable is a discussion 'think-tank' for thought-leaders & practitioners in information security and corporate security.The roundtable provides an unrivalled benchmarking forum. The focus is on roundtable discussions & group work, with sessions facilitatedby established practitioners. You will meet & benchmark with professionals who face a similar set of challenges as you in a 'hands on',proactive & inspirational environment.Co-Facilitated by:LTC (R) William J. Godbout, Head, Security Unit, African Development BankClifford Collings, Group Executive: Anti-corruption & Security, South African Revenue Service (SARS)Malcolm Smith, Group Head of Security & Safety Services, Nedbank LimitedCharles V. Pask, Managing Director, ITSEC Associates LimitedDr. Cheryl Hennell, Head of IT Security and Information Assurance, OpenreachSimon Riggs, Senior Vice President, Information Security Officer, Global Information Security, Bank of America Merrill LynchQuentyn Taylor, Director of Information Security EMEA, Canon EuropeJohn Colley, Managing Director, EMEA, (ISC)2 EMEA✓ Timings - Coffee 08:30; Start 09:00; Coffee Break 11:00; Close & Lunch 13:00 – 14:00✓ Held under the Chatham House Rule - 'closed doors' session & strictly no press✓ Attendees determine preferred key topics in advance - input your questions for group action✓ Future gazing - benchmark & bond with peers✓ Create a ‘point for action’ plan with peers - take back for immediate implementation✓ Dress for Friday is casual✓ Optional group activity - will run following lunch (after 14:00)Register Now at www.mistieurope.com/cisoafrica Enquiries Tel: +44 (0)20 7779 8444
Page 3: Day One: CISO Africa Summit - Cyber

CISO Africa Summit - MIS Training

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?