ABOUT THE SUMMIT

Dr. Shankar Ramamoorthy, Professor- Information Science Engineering, Head - Industry- Interface, CMRIT

Topic Abstract

Cybercriminals are going to create 3.5 million new, unfilled cybersecurity jobs by 2021. Compare that with one million openings in 2016. That’s an increase of 350 percent in just five years.And with that increase comes some serious cybersecurity revenue dedication. Everywhere, businesses are investing a remarkable amount of money into hiring security professionals, maintaining customer privacy and avoiding ransomware attacks.In 2017 alone, all of those protection efforts cost businesses $86.4 billion

The author will be discussing 5 Trends namely how Ransomware Evolution, AI Expansion, IOT Threats , Block chain revolution and Serverless Apps Vulnerability will pose challenges to Cyber Security frameworks of organization. The paper will also be discussing what are the solutions to address the above challenges.

Subho Halder, Co-Founder and CTO, Appknox

Topic Abstract

Mobile adoption is strategic in every industry today. Although it can be a great catalyst for growth, the security risks that come with it cannot be overlooked. Even though this fact is established, many companies are still not following some of the mobile application security best practices. The goal of this is to raise awareness about application security by identifying some of the most critical risks facing organizations during development.

We will be covering from basic OWASP top 10 security issues to live demos on different use-case scenarios on how a hacker can hack your application, and how to prevent them.

Avinash Iyer, Associate Director- Cyber Security, PwC

Topic Abstract

We live in a world of connected devices. Do these devices only increase the ease of our lifestyle or are they increasing any risks to us as well? What’s the best ways of incorporating IOT into our lives.

Dr. Aditya Mukherjee, Security Leader, Accenture

Topic Abstract

The the information security industry is a fast-paced ever-transforming field, which in the past couple of years with the influx of off-the-shelf malware, advance exploit kits and paid DDoS services has seen an increase in the importance of timely, proactive response. To enable the organization to successfully mount an impregnable defense, the need of the hour is to capture, analyze and provide actionable information that can be used to safeguard the organization. Enter ‘Cyber Threat intelligence’.

Cyber Threat Intelligence is a new yet massively evolving domain in information security today. Since the beginning of time, Information (Knowledge) has always been regarded as a critical form of an advantage in any strategy-making process. CTI over the years has rolled from a previously perceived set of skills and techniques to a well-defined framework with the new infused market requirements spawning from the recent threat activities in the ever-changing IT landscape which has bought sophisticated attacks such as State-sponsored cyber-attacks, Ransomware, APT’s, Zero-days and Hacktivism that is now at the very doorstep of government, big & small corporations alike.

Vishal Saraswat, Information Security Expert, Bosch Engineering and Business Solutions

Topic Abstract

Although quantum computers of an appropriate size still do not exist, given the recent developments in the field of quantum computer construction and the present rate at which the dependency of the developing societies on secure information technology is growing, there is an immediate need of alternative public key cryptosystems which can be implemented on today’s computers and would be secure enough in a post quantum era. We present a brief overview of the current developments.

Sitesh Behera, Sr Manager - Infrastructure Platform, BankBazaar

Topic Abstract

Today SOC has been bombarded with huge amount of data we collect from deployed infra across office / prod landscapes. The major threat which is ignored today is present internally. The project discusses how to analyse such data and pinpoint anomalies using machine learning. This helps in focusing SOC team to focus on anomalies and quick response to them.

Mansi Thapar, Head - Information Security, Jaquar Group

Topic Abstract

Cybercrime is the greatest threat to every company in the world. - “Cyber-attacks are the number one problem with mankind, even worse than nuclear weapons.” Having said that, we as security professionals work endless to identify, protect, detect, respond and recover from security incidents. We deploy world class perimeter, network, port and end point security to protect our corporates from incidents and protect our crown jewels from being breached. But somewhere in this constant endeavour, we miss to cater to the the main reason for cyber incidents. – THE HUMAN FACTOR.

Various reports indicate Human error to be the most dominant reason for cyber-attacks in an organisation. Top 5 human errors being falling for email phishing, letting unauthorised users accessing corporate devices, poor user managed passwords, poorly managed privileged accounts and mis-delivery. All these points, have one underlying solution – USER AWARENESS. I know most of you must have automated measures in place for privileged accounts, auto password policy etc, but breaches still happen.

Below are some of the tips/topics on creating a security training programme to close the gap between the weakest link (Human Factor) and security

Training module should cover at least the following mentioned awareness trainings

• Email security
• Mind of a hacker
• Use of Freeware
• Passwords
• Clear Desk
• Privacy
• Security of mobile devices
• Social engineering
• Identity theft
• Insider threats
• Securing supplier relationships
• Access control
• Backup Importance
• Cloud security
• Importance of Cybersecurity
• Viruses
• Protecting intellectual property

Topic Abstract

Before you are overwhelmed by questions as you course through the excellent learning sessions with our speakers, get answers and better insights to your doubts through 'Ask me Anything'. Here is an opportunity to undertake a balb session where you get to ask any question relative to the event and gain professional guidelines and cognisance form individuals with in depth knowledge on the subject matter. With this effective Q/A session we allow you to address the most burning questions by asking our team of influential and expert speakers.

Ranjeet Thakur, Senior Engineering Manager -CyberSecurity, PayPal

Topic Abstract

Why IAM is needed for Corps? some common patterns of implementation

Anand Tapikar, Product security Leader, GE healthcare

Topic Abstract

What will be covered in the presentation

• Common attacks on Container infra – Like cross container attacks, data snooping, rogue containers
• 10 Strategies to build good K8s and container infrastructure
• Pentation testing K8s infra
• Data encryption, authentication and RBAC within K8s
• Secure Secrets storage and protection from data snooping
• Overview of open source/commercial tools that can be leveraged
• K8s and container Benchmarks

How this topic is relevant

• 1 out of 5 organization going for container installation
• Container security attack vectors are rising
• Recently major vulnerability discovered in containers and got good media attention

Manjul Verma, Master Security Architect, HP

Topic Abstract

Due to the ever-changing threat landscape of adversaries, and government regulations to protect the public interest and user data, there has been a greater focus on the security of end-point computing systems.

To ensure, endpoint computing system remains secure when used in both personal and business, there is a significant attention from manufacturers and vendors to deliver security built on defense-in-depth principles to protect data - resides on rest, in use or in transit.

This session should help one become self-aware of potential threats of end-point systems and layered security controls applied for protection that help in the further learning.