2016 has been another year “in-famous” for huge data breaches and big data/money losses. Both financial institutions and IT service providers have faced tremendous issues, to not mention institutions and governments.
The cyberspace is multifaceted and so the cybercrime. Data are spread out, "physical premises" and "physical storage" sound like an old fashion words. Today devops, encrytpion tokens, softare defined networks, cloud APIs togheter with many others are part of our daily vocabulary.
But if the IT world evolved, cybercrime specialists didn't wait on sidelines. Only on memory malwares, the abuse of normal IT equipment operations, the usage of sophisticated encryption methodologies has transformed the way we look (or we must look) at the threats today.
Starting from a practical example Massimiliano Falcinelli will try to talk about all the minimum protections to have today to properly combat against cybercrime.
Why there is a need to stop addressing security only in relation to information technology? Why are traditional approaches to business security untenable under current risk conditions? Moving up the know-nothing, know-what, know-how, and know-why pyramid.
If we want to find out why a breach happened, or assess the damage,we have plenty of time to trawl through logs, look at session recordings,and so on. But if we want to prevent a breach, we have to react with lightning speed.
So what is it that can enable us to react fast enough? In an ideal world computers can make these decisions, but in reality this is usually a combination of some artificial and some human intelligence.
At the end of the day, the critical ingredient for both computers and humans is context. Without it, there is too much data, and too much irrelevant data, to make accurate and rapid decision making possible.
Complexity is the enemy of security. Trends, such as mobility, the growing popularity of cloud based services and IOT devices being connected to networks confront security specialists with serious challenges.
At this talk I will demonstrate what does the integration mean from a practical perspective, as this is the key to automatize processes.
From May 2018 every organization which handles personal data within the EU has to be compliant with the new General Data Protection Regulation. This directive will implement major changes on how organizations deal with personal data nowadays.
Although this is indeed a major change, the process does not necessarily have to be a burden as it will create an opportunity for every organization to implement a proper way to protect data. I will give an insight on how Check Point solutions can help to achieve GDPR compliance and ultimately protect data.
In an age where hackers remain a serious force to be reckoned with and where we can’t possibly control every user’s behaviour, embracing RASP security (Runtime Application Self-Protection) is a hugely effective way for app providers to get ahead.
The classroom courses are long ago replaced by e-Learning education through presentations. However, a slideshow about safety rules is quite boring. If an exam is mandatory the employees will put only the minimum of effort. They want to know it all down. This presentation explains how can we deploy state of the art interactive technology to achieve the goal: a change in user attitudes - all at low cost, customized way. Live examples, practical experience, case study.
Delivering effective cyber defence has moved well beyond the use of SIEM, we have to take the journey toward Advanced Cyber Defence and that is an ever evolving challenge. Find out how MOL, an Multinational oil company has faced this challenge and key lessons learned.
EU’s General Data Protection Regulation (GDPR) will be used in Hungary from 25. May 2018. The presentation will focus on pragmatical and technological issues regarding implentation of GDPR with special focus on financial institutions.