Chief Information Security Officer Middle East - MIS Training

Chief Information Security OfficerMiddle East 4th Annual SummitThe Agenda That Speaks directly to those Responsiblefor Information Security in Business & Cyber CNI27 - 29 February 2012, Park Rotana Hotel, Abu Dhabi, The United Arab EmiratesInternational Speaker Panel Includes InformationSecurity Directors & Cyber Experts from:NEW – 5 Workshops & Roundtables...Cloud Security & Securing VirtualisationSecuring the Consumerization & Mobilization of Enterprise ITAdvanced Persistent Threats & HackingBuilding Cyber Threat Response Capacity to Protect Critical NationalInfrastructureCISO Middle East Roundtable – Benchmarking Held Under The ChathamHouse Rule• The United Arab EmiratesComputer Emergency ResponseTeam, aeCERT• tunCERT: Tunisian ComputerEmergency Response Team• Webster University, Geneva• Information Technology Authority(ITA) of Oman• Cloud Security Alliance•Zynga• Saudi Arabian Airlines• Saudi Aramco• Abu Dhabi Securities Exchange• Bank of America Merrill Lynch• Travelex• Cumbria Police, UK• Barwa Bank, Qatar•British AmericanTobacco plc.• British Bankers' Association• British Telecommunications plc.• Canon Europe• Euroclear SA/NV• Field Fisher Waterhouse• Investec Bank Group• Jumeirah Group, UAE• BT Global Services• Qatargas Operating CompanyLimited• Trust Bank Algeria• ITSEC Associated Limited• Jumeirah Group•Websense• National Bank of Canada•nCircle• Guidance Software• American University ofSharjah (AUS)•FireEyeVery useful programme for risk decision making & for creatingvalue & trust between IT security & the businessInformation Technology Authority (ITA) of OmanGold SponsorGreat conference! I wish MIS all success forfuture such events that I also hope to attendJumeirah Group, UAELead CISO RoundtableSponsorGold One to OneMeetings SponsorBronze Sponsor Breakfast Briefing Sponsor Exhibition KeynoteSponsorReasons to Attend:Fully oriented towards Middle East issues - what is actually inplace in the Middle East & how it can be embedded & matured...NEW case studies from major regional & multi-national companies -lessons learnt, action taken, proven do's & don'ts. Apply this knowledgeto your own organisationEmerging trends in cyber crime & advanced persistent threats now & in thenext 5 years. Prepare an appropriate responseRiyadhAssociation PartnersEgyptEducation PartnerEngage with those responsible for cyber security in big business &Critical National Infrastructure. Expand contacts & developpartnerships with CERTs & business CISOs at the forefront ofMiddle East cyber defenceThe Global Leader InAudit and Information Security Trainingwww.mistieurope.com/cisome

Chief InformationSecurity OfficerMiddle EastDear Colleague,Participate in the programme that speaks directly to thoseresponsible for Information Security in business & protectingcyber space for Critical National Infrastructure. Directors ofinformation security, CIOs & senior cyber professionals in theMiddle East will meet for MIS Training Institute’s 4th CISOMiddle East Summit & Roundtable, taking place 27-29 February2012 at the Park Rotana in Abu Dhabi, the United Arab Emirates.With an international speaker faculty that includes leaders of themost prominent businesses, government cyber commands &critical national infrastructure, this agenda drives new thinking inhow to build holistic information security & risk management – inthe face of Cyber-Crime; IT Consumerization; Cloud &Virtualisation Launches; Advanced Persistent Threats; Mobile& Social Networking Risks; BCP Challenges & Convergence...Abu Dhabi 2012 promises to provide the most thoughtfuldiscussions yet. Attend to gain insights into crux questionsabout what the future holds & how your peers are preparing – allin the Middle East business & government context.New – 5 Workshops & Roundtables...Deployment Roundtables - Peers Share Valuable Roll-OutExperiences on:• Wrapping Security Around Cloud & Virtualisation Launches• Advanced Persistent Threats: Stopping Cyber Criminals360 Degree Workshops – Gain a Holistic Risk Analysis on:• Securing IT Consumerization: Mobile & Social NetworkingRisks for the Enterprise• When Security Fails: Practicalities & Pitfalls For When It GoesWrongCISO Middle East Roundtable – Held Under the Chatham House Rule:• New Focus on Security Awareness, Training & Performance:How Do You & Your Organisation Measure Up?Agenda at a GlanceDay One: CISO SummitIncludes Deployment Roundtables - Peers Share Valuable Roll-OutExperiences on:• Wrapping Security Around Cloud & Virtualisation Launches Ledby: Nils Puhlmann, Co-Founder, Cloud Security Alliance &Chief Security Officer, Zynga• Advanced Persistent Threats: Stopping Cyber CriminalsDay Two: CISO SummitIncludes 360 Degree Workshops - Gain a Holistic Risk Analysis on:• Securing IT Consumerization: Mobile & Social Networking Risksfor the Enterprise• When Security Fails: Practicalities & Pitfalls For When It Goes WrongDay Three: CISO Middle East RoundtableHeld Under the Chatham House Rule: Focus on SecurityAwareness, Training & Performance: How Do You & YourOrganisation Measure Up?Highlighted International Speakers by Sectors Include...Government / Law Enforcement:• The United Arab Emirates Computer Emergency ResponseTeam, aeCERT (a TRA Initiative)• Information Technology Authority (ITA) of Oman• Forensic Institute, Ministry of Justice, Netherlands• tunCERT: Tunisian Computer Emergency Response Team• Danish GovCERT, Ministry of Defence, Denmark (provisional)• Cumbria Police, UKMulti-National Business Groups:• Jumeirah Group, UAE• Canon Europe• British American Tobacco plc.• Field Fisher Waterhouse• Qatargas Operating Company Limited• Saudi Arabian Airlines• British Telecommunications plc.• Zynga• Cloud Security AllianceFinancial Sector:• Abu Dhabi Securities Exchange• Bank of America Merrill Lynch• Barwa Bank, Qatar• British Bankers' Association• Euroclear SA/NV• Investec Bank Group• Lloyd’s• Travelex• Trust Bank AlgeriaGold SponsorFireEye is the leading provider of next-generation threat protection focused on combating advancedmalware, zero-day and targeted APT attacks. FireEye's solutions supplement security defenses suchas traditional and next-generation firewalls, IPS, antivirus and Web gateways, which can't stopadvanced malware. These technologies leave significant security holes in the majority of corporatenetworks. FireEye's Malware Protection Systems feature both inbound and outbound protection and asignature-less analysis engine that utilizes the most sophisticated virtual execution engine in theworld to stop advanced threats that attack over Web and email.Our customers include enterprises and mid-sized companies across every industry as well as federalagencies. Based in Milpitas, California, FireEye is backed by premier financial partners.Lead CISO Roundtable SponsornCircle is the leading provider of Information Risk & Security Performance Management SolutionsGold One to One Meetings SponsorWebsense, a global leader in unified web securityBronze SponsorGuidance Software is recognized worldwide as the industry leader in digitalinvestigative solutions. The EnCase® Enterprise platform is used by over half of the Fortune 100,and thousands attend Guidance Software's renowned training programs annuallyBreakfast Briefing SponsorAujas is a global Information Risk Management (IRM) company helping clients mitigate risk using theAujas IRM IP Comb Framework, which is a combination of process framework, service automation andproduct components to ensure service scalability, innovation and service excellence.Exhibition-Keynote SponsorOver 250 banks and governments in 22 countries trust us for their information security needsREGISTER NOW at www.mistieurope.com/cisome | ENQUIRIES Tel: +44 (0)20 7779 7208

Day One, CISO Middle East Summit Monday 27 February 201209:30 Chairman’s OpeningMr. Charles Pask, Managing Director, ITSEC Associated LimitedNew Perspectives & Partnerships to Build HolisticSecurity & Risk Capacity for Business & CNI09:40 Promoting a Safer Cyber Culture in the UAE OPENING KEYNOTEEng. Meshal Abdulla Binhussain, Head of Cyber SecurityOperations, The United Arab Emirates Computer EmergencyResponse Team of The Telecommunications RegulatoryAuthority (TRA), UAE10:00 Managing Information Security & Business Continuity KEYNOTEMr. Illyas Kooliyankal, Chief Information Security Officer, AbuDhabi Securities Exchange10:25 Security in 2012 KEYNOTETareque Choudry, Head of Security Practice and ProfessionalServices MEA, BT Global Services10:50 Coffee Break11:10 How to Integrate Security Management into the OverallEnterprise Risk Management Framework KEYNOTEMr. Rick McConnell, Chief Security Officer, Euroclear SA/NV11:35 How to tackle next generation cyber threats, attacks and crime?(Modern Malicious Malware, Zero hour exploits, advancedpersistent threats and targeted attacks)Ray Kafity, Regional Sales Director, Middle East, Turkey andAfrica, FireEye• What are the new and emerging threats?• Anatomy of the modern malware and next generation cyberthreat infection lifecycle• What current solutions are available in the market place?• What are the next generation malware protection solutions andarchitecture available in the market place?11:50 Partnerships & Tools to Build Emergency Cyber Response &Business Continuity Capacity to Protect Critical NationalInfrastructure PANEL• Forging national & international partnerships, collaborations &frameworks• Controls & response strategy in place to be manipulated tocause catastrophic damage?• What exactly is the level of threat facing your organisation?• How do we identify & develop the appropriate cyber securitycapability for the future when technology is evolving so fast?Panellists Include: Eng. Meshal Abdulla Binhussain, Head ofCyber Security Operations, The United Arab Emirates ComputerEmergency Response Team, aeCERT (a TRA Initiative); Mr. RickMcConnell, Chief Security Officer, Euroclear SA/NV; Mr. HaythemEl Mir, CTO, National Agency for Computer Security, tunCERT:Tunisian Computer Emergency Response Team; Federico De LaMora, Director EMEA, nCircle12:25 Effective IT security embraces productivity whilst defendingagainst advanced blended threatsMr John Rutherfurd, Territory Manager, Websense14:25 New ‘DEPLOYMENT ROUNDTABLES’ benchmarking discussionsled by experts & peers who will share proven roll-out experiencesin these high risk launch areas.Advanced Persistent Threats & Cyber Crime: What is theEmerging Threat Horizon? How to Deploy Effective NetworkDefencesFacilitators include: Mr. Kausar Mukeri, Head of Infrastructure &Security, Barwa Bank, Qatar; Mr. David Cripps, CISO, InvestecBank Group; Mr. James R. Gay, Chief Information Security Officer,Travelex; Ray Kafity, Regional Sales Director (Middle East,Turkey& Africa), FireEyeWhat does the emerging threat horizon look like - cyber crime;phishing; mobile phones; credit card scanning; identity theft...?• Proven strategies for facing the growing threat of online fraudagainst customers• Botnets & malware: understanding the threat - evaluating tools& techniques on capturing malware• Penetration testing: assessing vulnerability testing tools• What role will ‘hacktivism‘ play in shaping the future securitylandscape?• Security Awareness, Legal Challenges & Tomorrow’s HighValue Targets?15:00 Afternoon Coffee Break & Exhibition15:20 A Pragmatic Approach to Application Access Control KEY CASESTUDYMr. Ahmed M. Saleh, Manager, IT Security, Saudi ArabianAirlines15:55 Why do I need a comprehensive incident response platform?Dennis Oommen, Sr. Regional General Manager, GuidanceSoftware16:10 Awareness & Training: Where are Tomorrow's New CISOscoming from? What New Technology Challenges Do They Face?PANEL• Which organizations face the biggest threats & how this ischanging?• Which new technologies define today’s & tomorrow’schallenges?• What do you feel the single biggest change to securityprofessionals will be in 2011?• What are you/ your organization doing to prepare for this?Chaired by: Tareque Choudry, Head of Security Practice andProfessional Services MEA, BT Global ServicesPanellists: Mr. Emad Ali Maisari, Director of IT Security,Jumeirah Group; Zynga; Dr. Fadi Aloul, Associate Professor ofComputer Science & Engineering, American University of Sharjah(AUS), UAE; Mr. Kais Barakat, Senior Information ProtectionAnalyst - Information Technology, Saudi Aramco; Mr. DorairajBalasubramanian, Information Technology Authority (ITA) of Oman16:40 Close of Day One17:30 Networking Canapes and Refreshments on Yas Island, overlookingthe harbour and the famous Yas Marina Race CircuitSponsored by:12:35 LunchProven Approaches to Emerging Risks & AdvancedPersistent Threats13:35 Managing Identity Management, Security & Privacy KEY CASESTUDY Mr. Kais Barakat, Senior Information Protection Analyst -Information Protection Management Division, Saudi Aramco14:05 Data Retention, Destruction and Discovery; and the issueswhen juggling consumerisation,Web2.0 and the cloudMr. David Cripps, Chief Information Security Officer, InvestecBank GroupREGISTER NOW at www.mistieurope.com/cisome | ENQUIRIES Tel: +44 (0)20 7779 7208

Day Two, CISO Middle East Summit Tuesday 28 February 201208:55 Chairman’s Opening(Coffee & Breakfast will be Served in the Conference Room)Mr. Quentyn Taylor, Director of European Information Security,Canon Europe09:00 – 09:35 Social Media Risks & Security: Balancing Security withOpen Communication GROUP DISCUSSION• Harnessing social media for business advantage• How have networking sites influenced recent protests & uprisingsin the Middle East? Should this be a cause of concern?• Corporate risk assessment of modern technology risk -planning for the mitigation of reputational damageLed by: Mr. David Cripps, Chief Information Security Officer,Investec Bank Group & other speakers; Mr. Rick McConnell,Chief Security Officer, Euroclear SA/NVSecurity Governance & Information RiskManagement (Data Leakage)09:35 Information Security Governance: What it Takes to SucceedKEY CASE STUDYDr. Eduardo Gelbstein, Adjunct Professor, Webster University,Switzerland10:05 Social Media: Friend or Foe to the Enterprise? KEY CASE STUDYMr. James R. Gay, Chief Information Security Officer, Travelex12:20 Lunch13:20 - 14:00 WORKSHOPSecuring IT Consumerization: Mobile & Social Networking Risksfor the EnterpriseFacilitators include: Mr. Quentyn Taylor, Director of EuropeanInformation Security, Canon Europe; Mr. David Cripps, ChiefInformation Security Officer, Investec Bank Group & otherspeakers; Kais Barakat, Senior Information Protection Analyst -Information Technology, Saudi Aramco; Kawther Haciane, SeniorIT Security & Disaster Recovery Manager, National Bank ofCanadaAs the ‘i-revolution’ & a wave of new tablets & mobile handsetsengulf businesses, the security risks & challenges around securingyour workforce become ever more pronounced with the growth &workplace integration of social networking.• Mobile security in the Middle East context• How can the enterprise protect IT endpoints & secure data?• Crux - where to put the security controls?• Mitigating social networking risks – the human factor• GSM Attacks: mobile malware the trillion dollar threat?14:00 Afternoon Tea Break & Exhibition10:45 Morning Tea Break & ExhibitionBusiness Continuity, Forensics & Incident Response11:05 Protecting Sensitive Data: How can Security Better AddressExisting & Pending Risks? What Role will ‘Hacktivism’ Play inShaping the Future Security Landscape? PANEL• Avoiding inappropriate disclosure of sensitive information• What are the real, perceived & unknown risks to data? Internal& external• What is the right blend of technology, processes & policies?Panellists: Mr. Illyas Kooliyankal, Chief Information SecurityOfficer, Abu Dhabi Securities Exchange; Mr. Emad Ali Maisari,Director of IT Security, Jumeirah Group, UAE; Mr. Kausar Mukeri,Head of Infrastructure & Security, Barwa Bank, Qatar; ChandraPrakash Suryavanshi, Practice Head, Information Risk AdvisoryServices, Aujas15:30 National Strategy to Secure the Cyber Space – KEY CASESTUDYMr. Haythem El Mir, CTO, National Agency for Computer Security,tunCERT: Tunisian Computer Emergency Response Team15:50 The Business Continuity Planning In Financial Institutions: NewThreats & Challenges KEY CASE STUDYMr. Sofiane Chafai, Security Officer, Direction Contrôle Interne,Trust Bank Algeria16:10 Close of Day Two11:40 Don’t Be a Statistic! Securing Data Assets KEY CASE STUDYMr. Quentyn Taylor, Director of European Information Security,Canon EuropeREGISTER NOW at www.mistieurope.com/cisome | ENQUIRIES Tel: +44 (0)20 7779 7208

Day Three, CISO Middle East Roundtable Wednesday 29 February 2012Security Awareness, Training & Performance: How Do You & Your Organisation Measure Up?Chaired by:Mr. Charles V. Pask, Managing Director, ITSEC Associates LimitedCo-Facilitated by:• Federico De La Mora, Director EMEA, nCircle• Mr. James R. Gay, Chief Information Security Officer, Travelex• Mr. Kais Barakat, Senior Information Protection Analyst - Information Protection Management Division, Saudi Aramco• Mr. David Cripps, Chief Information Security Officer, Investec Bank Group• Mr. Emad Ali Maisari, Director of IT Security, Jumeirah Group• Mr. Quentyn Taylor, Director of European Information Security, Canon EuropeStart 09:00 / Coffee Break 10:45 - 11:10 / Lunch and Close 12:45CISO Roundtable Middle East held under the Chatham House Rule is an open benchmarking forum on topicsrequested directly by you the attendee. The key theme for the 2012 roundtable is ‘Security Awareness, Training &Performance: How Do You & Your Organisation Measure Up?’ The focus is on interactive discussion & group work,with sessions facilitated by established information security practitioners & industry experts from the Middle East &internationally.• Held Under The Chatham House Rule - No press are permitted. 'Closed doors' session• Notes from the session – discussion summaries will be distributed to all roundtable attendees following the event• Key topic areas of focus - will be determined by the input of participants beforehandFurther discussions including for example:• How do you measure up against your peers in security performance?• How are you preparing for the future?• Insider threat: building a secure workforce• Securing the right funding & justifying ROSI“Very interesting & informative event,”Central Bank of Lebanon“A great platform to meet experienced people &gain invaluable insights into information securitypractices. Keep it up! ”Central Bank of Oman“Provides an exceptional opportunity fornetworking with security professionals fromdifferent regions & to learn more about emergingsecurity threats & counter measures,”BAE Systems UAE2 events, sameplace, same time!MIS is hosting the 2nd MiddleEast Fraud & Corruption Summitalongside the 4th CISO MiddleEast Summit. Seewww.mistieurope.com/fraudMERecommendthis event toyour auditcolleague &receive a groupdiscount!Call +44 (0)207779 7208for details.REGISTER NOW at www.mistieurope.com/cisome | ENQUIRIES Tel: +44 (0)20 7779 7208

Chief Information Security Officer Middle East27 - 29 February 2012, Park Rotana Hotel, Abu Dhabi, The United Arab EmiratesRegistration CodeIS120209-W5 Easy Ways to RegisterAbout International the Venue Speaker & Accommodation Panel ListingsThe 4th Chief Information Security OfficerMiddle East Summit will be held at:Park Rotana, Abu Dhabi,P.O. Box 43377 Abu Dhabi U.A.EThe 5-star Park Rotana Abu Dhabi provides acombination of deluxe accommodation, diverseculinary experiences with signature diningvenues, state-of-the-art meeting & recreationalfacilities. The Park Rotana is winner of ‘AbuDhabi’s Leading Business Hotel 2011’.MIS Training has arranged limited discountedrates at the Park Rotana Hotel:• Single Occupancy Room: AED 790 per night• Double Occupancy Room: AED 860 per night* Note these prices are exclusive of 6% Tourism Fees & 10%Service Charge but inclusive of Breakfast.Guests to make their own reservations bycontacting Teodoro Bernales Dy (GroupCoordinator)Phone: +971 (0)26573333/3252;Fax: +971 (0)26573000/3259;Email: groups.park@rotana.comWeb: www.rotana.comWeb: www.mistieurope.com/cisomeEnquiries: +44 (0)20 7779 7208Email: mis@mistieurope.comFax: +44 (0)20 7779 8293Mail: Sara Hook, MIS Training,Nestor House, Playhouse Yard,London EC4V 5EX UKFees International / Registration Speaker Information Panel ListingsSpecial CISO Rate * - £1,500Vendor/Advisory Rate - £2,195Included in the Fee:• Entry to 3-day event• All lunches & daily refreshments• Confirmed networking dinners,receptions & local tours (detailssubject to confirmation)• Certificates & accreditation forCPE points for Continued Education• Official presentation materials (onsite) & web-linkto all updated presentations (post event)*Please note the following terms & conditions apply to the above CISO rate:• CISO must demonstrate that they are currently practising as CISO, head ofinformation security, or in a senior information risk or corporate security role (& notin a sales or marketing related role.)• The Guest must not be working for an organisation (or subsidiary, or independentconsultant) that provides professional security product, vendor or recruitmentservices, software development, outsourcing, ICT or consultancy / advisory servicesto security or technology professionals.• The rate applies to registrations for the CISO Middle East Summit & Roundtable (3days) & fully paid registrations.• The final decision on the rate applicable is at the discretion of MIS Training Institute.Cancellation Policy - Should a delegate be unable to attend, a substitute may attend in his or her place. A creditor refund, minus 10% administration charge, is available if written notification is received by Monday 6thFebruary 2012. Thereafter, no refunds will be given. MIS reserves the right to change or cancel this programmedue to unforeseen circumstances. Founded in 1978, MIS Training Institute is the global leader in internal audit,fraud, IT audit & information & corporate security training. MIS' expertise is drawn from years of experiencegained in providing training courses, summits & conferences, as well as onsite training to professionals acrossthe globe. MIS Training Institute sits within the Euromoney Training Group, a division of Euromoney InstitutionalInvestor Plc (FTSE250). Euromoney Institutional Investor Plc is part of the Daily Mail & General Trust (DMGT).The information you provide on this form will be used by Euromoney Institutional Investor PLC & its groupcompanies (“we” or “us”) in relation to your registration for this event. [We may share this information with thesponsors of this event]. We may also monitor your use of our website(s), including information you post &actions you take, to improve our services to you & track compliance with our terms of use. Except to the extentyou indicate your objection below, we may also use your data (including data obtained from monitoring) (a) tokeep you informed of our products & services; (b) occasionally to allow companies outside our group to contactyou with details of their products/services. As an international group, we may transfer your data on a globalbasis for the purposes indicated above, including to countries which may not provide the same level ofprotection to personal data as within the European Union. By submitting your details, you will be indicating yourconsent to the use of your data as identified above. Further information on our use of your personal data is setout in our privacy policy, which is available at www.euromoneyplc.com or can be provided to you separatelyupon request. Marketing choices: If you object to contact as identified above by telephone , fax , or email ,or post , please tick the relevant box & return to: K Bevan, MIS Training, Nestor House, Playhouse Yard,London EC4V 5EX. If you do not want us to share your information with other companies (including thesponsors) please tick this box .REGISTER NOW at www.mistieurope.com/cisome | ENQUIRIES Tel: +44 (0)20 7779 7208