Sponsors
.png)
.png)
Associations
The Event
.png)
CYBERSECURITY
.png)
CIO.inc Business Transformation
Event Venue
August 23, 2023
Agenda
40+ Thought Leaders | 20+ Sessions | Executive Roundtables | Networking and more
Enterprises across the country are encouraged to invest in the infrastructure needed to build a secure and robust platform for business transformation and support the digital economy.
The plenary session sets the goals for security in leveraging the right technologies, establishing the security culture, and implementing a collaborative strategy to accomplish the task, with the C-suite and board riding on the same track.
The session will cover:
Are CISOs able to align their strategy with the business priorities and rise to the expectations?
What does digital innovation mean to security, and where is the disconnect?
What needs to change, both tactically and strategically, to build a cyber-resilient organization?
Cdr Aditya Varma (Retd)
Former Director Networks and Cybersecurity,
Indian Navy, Government of India
Amid constant disruptions and evolving business landscape, enterprises need to be resilient enough to navigate emerging challenges to establish sustainable growth. The C-suite, especially the CIOs and CISOs, must be beacons of change and think outside the box to build resiliency.
The convergence of IT and security is expected to power business efficiency, where leadership strikes the balance in employing the formula of connecting, collaborating and strategizing in driving transformative outcomes.
The keynote will set the stage in underpinning the need for demonstrating inclusive leadership skills that drive innovation and strategic thinking in establishing resiliency and protecting the organization from cyberattacks. How should CIOs and CISOs raise the bar in exhibiting leadership skills?
The keynote will cover:
How should the C-suite align its strategy with business priorities and rise to the expectations in sizing up the business risks?
A comprehensive checklist for CIOs and CISOs to foster resilience within their enterprises: What needs to change?
Should the C-suite and board look through the lens of risk management, cybersecurity and resilience?
.jpg)
Abhinav Sinha
Co-founder,
Eko India Financial Services Pvt. Ltd.
CISOs face a daunting task to secure anyone, anywhere on their terms - especially in this hyper-connected world, where cybercriminals act with increased agility. Organizations have been struggling with challenges around building scalability and managing security across cloud, hybrid, and traditional environments.
Ascertaining visibility across the infrastructure restricts teams from establishing accelerated and proactive threat detection and response. Hence, there is a need for strategic thinking and developing a comprehensive set of capabilities that give you visibility and an in-depth understanding of threat vectors and attack mechanisms.
The session will cover:
Understanding the changing nature of threats and knowing what you need to be ready for.
Key considerations for effective threat detection, investigation and response capabilities.
A platform-centric approach to establish visibility and in-depth protection across every layer of your digital assets.
Suroop Mohan Chandran
Executive Director, Product Management,
SonicWall
The daunting task for CISOs today is to tackle the growing complexity of the threat landscape and have a comprehensive understanding of the malicious and anomalous behavior of threat actors.
Most security leaders believe that there is a compelling need to defend against threats with full visibility and rapid response and minimize the likelihood of a breach with enhanced threat detection and response capabilities.
One way to do this, experts say is to rapidly identify and limit the exposure through continuous monitoring, detection, and modernization of these tools in the SOC environment.
The session will discuss:
How can you use the network traffic to support threat detection and response
Use of security tools and technologies to perform the network traffic analysis
Understanding the concept of user behavior through analysis of SOC components
Anandh Palanisamy
Senior Technical Evangelist,
ManageEngine
The daunting task for CISOs today is to detect, prioritize and remediate vulnerabilities arising from the open-source software supply chain process that is often the entry point for attackers to gain control over an organization’s critical assets.
The digital era is enabling organizations to develop its software to run the business. First-party or proprietary software often lacks the discipline in vulnerability and configuration management practices used for third-party software, which has a high risk of exposure. The challenge for security teams is to establish accountability for checking malicious codes in their supply chain, strengthen capabilities to assess and manage risks and vulnerabilities at the source code level generated by the first party, and possess a robust security architecture to respond to software or open-source supply chain threats.
The session will cover:
A uniform platform approach for seamless integration of proprietary assessment and commercial tools.
Building signatures for faster detection and remediation across third-party applications.
Establishing comprehensive visibility of the risk profile
Ambarish Bhalekar
Director, Enterprise Post-Sales Operations,
Qualys
Ankit Wasnik
Solutions Architect,
Qualys
Any successful defense requires understanding and measuring the effectiveness of the security posture in your enterprise, by taking cognizance of the new realities of cyber hygiene component. The siloes between security and non-security professionals can expose your organization to external vulnerabilities, such as data loss, zero-day exploits, data compromises, etc., which could be detrimental to the organization’s growth. History has proven that most real-world incidents still stem from a lack of basic cyber hygiene, often challenging the CISOs to establish an effective cyber hygiene score.
The session will discuss:
How to establish a comprehensive, actionable, and continuous cyber hygiene reporting
Why incomplete visibility is all too common
Establishing and assessing your security posture in a systematic and structured manner
Nuno Guerreiro
Director of Product,
Oryxlabs
Almost all CISOs are faced with the challenge of getting the necessary funding to support their cybersecurity programs. Are security leaders creating value for business and being a part of technology innovation? Is the CTO function aligned with security in driving innovation? Are the CTOs and CISOs meeting the expectations?
The session will cover how to get a CTO and the CISO to collaborate on a common goal to facilitate the continued success of their organization and find the disconnect.
Baidyanath Kumar
CISO and Data Protection Officer,
JK Lakshmi Cement
Kaustabh Dabral
Global CIO,
Dabur India Ltd.
Many believe ‘know thy enemy’ and thinking like a hacker can elevate an organization’s cybersecurity strategy. But in reality, are security leaders putting on a red hat and understanding the motivations, expectations, behaviors and goals of bad actors and making it part of their cyber-resiliency plan
Are CISOs using the right threat intel, security frameworks and red team skills to think like hackers and use that insight to shape their security strategies and evolve a defense-in-depth security framework
The session will cover:
How to build a threat-driven security strategy;
How to apply technology and tools to understand the enemy’s mindset;
What will change in building disruptive cybersecurity.
Sanjay Kaushal
Global CIO & CISO,
ISPL Pvt Ltd
Ashok Kumar
Director - Access Services,
Department of Telecom (DoT), Ministry of Communications
With API traffic growing faster, businesses are witnessing three times more attacks, making it the new battleground for CISOs. Experts say learning the API attack techniques that hackers use to achieve their targets is critical.
If the tactical goal is credential access, the attacker may use brute force attacks or man-in-the-middle attacks as their techniques. As organizations are modernizing their applications and infrastructure as part of their cloud strategy, the use of third-party software and APIs is immense to integrate with older applications and data stores. Protecting your APIs against vulnerabilities and malicious actors looking to gain access to your valuable data is crucial. There is a need to repurpose part of the budget from other layers of the technology stack to API security.
The session will cover:
Managing API attack surface; Understanding and quantifying top API risks;
Who owns API security in the organization and what to look for in an API security solution.
Umesh Kumar (Moderator)
Head - Cyber Security,
Godfrey Phillips India Ltd.
.png)
Nishant Gupta
Head of Cloud and DevSecOps,
ZebPay
-1692337660.png)
Vinit Sinha
Director - Cybersecurity SME,
Mastercard
R Shakya
Director General, Department of Telecom,
Government of India
The passing of the Digital Personal Data Protection Act 2023 has triggered major debate among the cybersecurity fraternity in terms of what constitutes reasonable security practices to prevent personal data breaches. The sub-section (5) of Section 8 A of the Act, which prescribes the obligation of Data Fiduciary to take reasonable security safeguards and be responsible for the protection of data and being accountable for any breach has compelled them to establish proactive security within the organization. Under the new Act, security practitioners are expected to establish themselves as business enablers and custodians of protection of the crown jewels, while retaining integrity and data sovereignty.
The session will discuss:
How to build a proactive security defense mechanism to comply with the sections of the Act
Getting the board’s buy-in in complying with the provisions of the Act
Use of the right technologies and tools to enhance the security posture
Rajan Pant
Business Head-SAARC,
Resecurity
The advent of 5G technology has brought about significant transformations in the enterprise landscape. As organizations increasingly incorporate 5G for their digital initiatives, it is crucial to understand the potential use cases and address the security considerations associated with this technology.
The session will cover:
Leveraging the power of 5G while ensuring robust security measures;
Exploring the impactful use cases of enterprise 5G;
Best practices and mitigation strategies.
.jpg)
Vinod Sivarama Krishnan
Chief Information Officer,
Indus Towers Ltd.
.png)
Parna Ghosh
President & Group CIO,
Uno Minda Ltd.
Ransomware attacks continue to plague organizations at an alarming pace, and the debate among the C-suite on the issue of paying the ransom or refusing to pay and dealing with the consequences is getting critical.
Some experts say that paying the ransom makes an organization vulnerable to reputational risk. This also means that an organization's risk calculations are going awry. Another argument would be that extortion payment may encourage continued criminal activity.
The session will cover:
The C-suite approach to a ransomware attack;
How to engage with the law enforcement before taking the decision;
Prepare now or pay later - A CISO's take and the role of Board and Top Management in dealing with extortion crisis.
Ashutosh Bahuguna (Moderator)
Lead- Cyber Security Assurance & Additional Director/Scientist,
Indian Computer Emergency Response Team (CERT-In), Ministry of Electronics & Information Technology
Amit Dubey
Member,
Police Technology Mission
Rishi Diwan
Chief Operating Officer,
TVS Supply Chain Solutions Ltd.
Anuj Tewari
Chief Information Security Officer,
TMF Group
Across the globe, governments and regulators are issuing directives and regulations on incident reporting requirements and timelines for reporting. How can an organization prepare for incident reporting requirements? Cyberthreat information exchange is crucial for maintaining situational awareness and to safeguard community against cyberattacks. How can organizations, the private sector, governments and nations build trust and enhance near-real-time information sharing to build a cyber-resilient community? What are the key steps for security leaders to prepare for the CERT-in proposed rule for cybersecurity risk management, strategy, governance and incident disclosure?
The session will cover:
Mechanisms and effectiveness of sharing of operational, strategic and enriched tactical threat intelligence;
Techniques to collect, correlate, enrich, contextualize and analyze tags and exchange of cyberthreat information exchange;
The mechanics of incident reporting with filing incidents.
B Paparaju
Executive Director & CISO,
ONGC Ltd
Dr. Pavan Duggal (Moderator)
Founder,
Pavan Duggal Associates
Rajiv Sharma
Vice President,
ISACA - New Delhi Chapter
Today, increased digitization of information and data has made traditional security and privacy concepts and measures irrelevant. The terms “data protection” and “privacy” have a multitude of interpretations, making it difficult to build an appropriate framework.
How is India's data protection and privacy policy defining the compromise of critical systems and information, targeted scanning or probing of critical networks, data breach reporting, and establishing privacy while enabling a secure ecosystem?
The session will cover:
Changes in the data protection and privacy frameworks in this digitization era;
Digitization, data protection and privacy - balancing security and convenience;
How are CISOs bridging the data protection and privacy gaps?
Kanishk Gaur
CEO,
India Future Foundation
Rakesh Maheshwari
Former Sr. Director and Gp Coordinator, Cyber Laws and Data Governance,
Ministry of Electronics & Information Technology (MeitY)
Advisory & Speakers
.jpg)
-1687242520.jpg)
.jpg)
.jpg)
-1687854648.jpg)
_page-0001.jpg)
Who Should Attend
Why attend
