Application security needs to be made an integral part of the full software development lifecycle, which is easier said than done. A DevSecOps approach will also support application security but what processes, tools and automation are needed to achieve this? This stream will explore the key components of this, including security auditing, penetration testing, threat modelling, design reviews and security unit testing. How can we achieve agility as well as share the responsibility for security business-wide? Also considered will be the rising serverless trend, its impact, and the demand for expertise as the lines between infrastructure and applications blur.
Following on from our first round of rigorous industry research, we are delighted to present our new streams for 2020:
Threat detection, intelligence and response
With cyber threats becoming increasingly frequent and sophisticated in nature, we need to use an intelligence driven approach to ensure we are one step ahead. Gain insight into organisations who have already adopted machine learning for both threat detection and intelligence. Learn about deploying various methods to cover the scope of attacks, adjusting to new threats and determining a heat map of where to concentrate business efforts. Join us as we break the stigma around cyber attacks and finally hear from those unfortunate enough to have suffered a significant breach. How best can we respond when faced with a threat and effectively protect our data, all whilst minimising the associated financial and reputational repercussions?
Automation, AI and ML security
Hackers have typically been ahead of the game using automation, AI and RPA to circumnavigate security protocols. But these technologies are now allowing organisations to fight back. From deep learning, including NLP, machine learning for fraud detection and many others, there is a growing demand for solutions to detect hackers and spot system vulnerabilities. However, AI is also subject to bias. As we’ve already seen in the US, an AI algorithm to predict the likelihood of criminals reoffending was proven to be biased towards black people. How do we tackle this and should we combine decision making with human capabilities and common sense?
Data protection, encryption and privacy
Governance, risk management and compliance
Securing network environments
Let’s talk about vulnerability. To protect your network, multiple lines of defense are required. Securing this is not just part of your ‘to-do list’, it should be considered at every stage of the security lifecycle. Rising trends such as BYOD workforces and remote working pose a huge threat. How can all of these devices interact and communicate securely? From firewalls and antivirus software to data encryption and VPNs for the mobile employee, the importance of individual security responsibility is increasingly a top priority. Alongside the shift to cloud computing, the growth in device numbers blurs the line and risks of where business data lives and who is responsible for it. Join the discussion on how best to navigate our network vulnerabilities and identify appropriate measures for detection, prevention and response.
Enterprise cloud security
Cloud services are swiftly becoming the norm in enterprise IT. The majority of organisations have moved at least one application or part of their computing infrastructure, embracing the flexibility and scalability cloud offers. But how do we tackle cloud security in hybrid and multi environments and who’s responsible for what? With recent cases of cloud downtime, are you at risk of a 3rd party data breach and if faced with an outage, what is your contingency plan to continue “business as usual”? Let’s get to grips with how to secure our diverse IT infrastructure and achieve a centralised overview to identify gaps in security.