Early-bird Discount
expires in
Register Now

Agenda

Identity Security Best Practices

Identity Security Best Practices

Session
Thursday, November 16, 2023 14:30—15:30
Location: Satelit
Log in to download presentations

Practical Cloud Protection: A Guide for Modern Businesses
14:30—14:50

Watch the video

 

The realm of cloud security has been extensively covered in books and articles, yet a crucial aspect remains ripe for exploration. It revolves around the fundamental understanding of what your cloud service provider offers and, equally vital, where your responsibilities lie in the realm of cloud security.


When embarking on the journey of adopting a cloud service, the foremost question to answer is, "What aspects of security do I need to oversee?" In a traditional on-premises setting, roles are distinct: IT manages infrastructure, information and cybersecurity handles security, and application developers bear the responsibility for code integrity. However, the landscape is evolving, with many organizations embracing DevOps, where these responsibilities are often shared, and the lines between development and operations blur or vanish.

Regardless of organizational structure, the majority of security obligations reside within your company's domain when you use an on-prem environment. Transitioning from an on-premises environment to a cloud environment presents one of the most intricate challenges—a more intricate shared responsibility model for security.

In the context of cloud security, two paramount concerns need close attention. 

The first is the risk of misconfiguration. In a cloud environment, misconfigurations can inadvertently expose sensitive data and vulnerabilities, underscoring the critical importance of ensuring that cloud services and resources are set up correctly to mitigate such risks.

The second concern is insider attacks. Cloud users often lack influence over the staff of cloud service providers, making it essential to consider the possibility of insider threats. While cloud service providers typically promise robust security measures in place, it's crucial for organizations to implement their own layers of security to safeguard against insider attacks and unauthorized access, fortifying the shared responsibility model in the cloud.

In my presentation, I will delve into these intricacies, providing valuable insights and real-world examples of what your cloud service provider can do, irrespective of your specific needs and/or preferences.

 

Dr. Komitas Stepanyan
IT & Cybersecurity Director
Central Bank of Armenia
Komitas Stepanyan is a certified professional with 23+ years of experience in IT/Cybersecurity Governance, Risk Management, Business Continuity Management and Internal/IT Audit. Currently he is...
Adopting Insider Threat Management Best Practices for NIS2 Compliance
14:50—15:10

Watch the video

 

In today's dynamic cybersecurity landscape, safeguarding sensitive data and infrastructure from insider threats, while effectively monitoring supply chain and third-party users, is paramount. This presentation delves into the critical intersection of Insider Threat Management and NIS2 compliance, anchored in a detailed case study of a company subject to NIS2 regulations. We will explore a diverse toolkit and industry best practices tailored not only for achieving compliance, but also for streamlining cybersecurity processes through robust technical controls. Attendees will gain invaluable insights into seamlessly integrating cutting-edge tools and proven methodologies, ensuring unwavering compliance with NIS2 regulations while fortifying your security posture.

Yevhen Zhurer
Head of Business Development
Ekran System
Yevhen Zhurer is the Head of Business Development at Ekran System, a user activity monitoring and insider threat detection software company. He is based in Wuppertal, Germany. Yevhen has over 10...
Panel: Improving the Security Posture with Cloud Solutions
15:10—15:30

Watch the video

 
Carsten Fischer
Deputy Group Chief Security Officer
Deutsche Bank
Carsten is the Deputy Group Chief Security Officer and runs the Office of the CSO. In addition he is the regional Lead for Technology, Data and Innovation (TDI) for Germany. For the majority of...
Paul Fisher
Lead Analyst
KuppingerCole
Paul Fisher is a Lead Analyst who researches primarily on cybersecurity and identity and access management (IAM). He also studies trends in AI, IoT and data governance for different industry...
Stephan Schulz
Senior Solution Engineer
F5
Stephan Schulz has served as a Senior Solutions Engineer specializing in Security at F5 Networks for a decade. In this capacity, he offers technical guidance to both end customers and reseller...
Almost Ready to Join the cyberevolution 2023?
Reach out to our team with any remaining questions
Get in touch