<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=306561&amp;fmt=gif">

CISO Africa 2020

18 February | Pre-Conference Focus Day
19 - 20 February | Main Conference Days
Maslow Hotel, Sandton, Johannesburg

Download The Agenda Book Your Seat Today Sponsor CISO Africa 2020 Download The Essential Guide to Modern Cybersecurity
Pre-Conference Focus Day
18 February 2020
07:30

Pre-Conference Focus Day Registration Opens

Identity & Access Management Focus Day registration opens.

Tea, coffee & morning refreshments served.

Pre-Conference Focus Day Registration Opens

February 18 | 07:30 - 09:00

Identity & Access Management Focus Day registration opens.

Tea, coffee & morning refreshments served.

Speaking:

08:55

Welcome & Opening Remarks

The Identity & Access Management Pre-Conference Focus Day provides an opportunity for you to supplement your knowledge at CISO Africa. The hands-on interactive pre-conference event consists of numerous case studies and group discussions specifically focused on IAM, PAM, customer and end-point security.

Speaking:

Ryan Matthews - Corinium

Ryan Matthews

Head of Production: MEA, Corinium Global Intelligence

Welcome & Opening Remarks

February 18 | 08:55 - 09:00

The Identity & Access Management Pre-Conference Focus Day provides an opportunity for you to supplement your knowledge at CISO Africa. The hands-on interactive pre-conference event consists of numerous case studies and group discussions specifically focused on IAM, PAM, customer and end-point security.

Speaking:

Ryan Matthews - Corinium

Ryan Matthews

Corinium Global Intelligence

09:00

Reserved For Focus Day Partner

For more information on how you can participate at the IAM Focus Day Partner, please contact michelle.meldau@coriniumgroup.com

Reserved For Focus Day Partner

February 18 | 09:00 - 09:30

For more information on how you can participate at the IAM Focus Day Partner, please contact michelle.meldau@coriniumgroup.com

Speaking:

09:30

Security 2.0 – Developing an Integrated IAM & Privileged Access Management (PAM) Strategy

  • How integration can reduce the security risks, enhance visibility, access and control
  • Aligning PAM & Identity Governance and Administration (IGA) to your IAM strategy
  • Increasing visibility through PAM
  • How integrating PAM and IAM improves regulatory compliance and reporting (incl. GDPR)

Security 2.0 – Developing an Integrated IAM & Privileged Access Management (PAM) Strategy

February 18 | 09:30 - 10:00

  • How integration can reduce the security risks, enhance visibility, access and control
  • Aligning PAM & Identity Governance and Administration (IGA) to your IAM strategy
  • Increasing visibility through PAM
  • How integrating PAM and IAM improves regulatory compliance and reporting (incl. GDPR)

Speaking:

10:00

Discussion Group: Developing an IAM Programme

IAM is inextricably tied to an organisations digital transformation journey & strategy. IAM practitioners, including IT security and risk divisions recognise the need for an independently managed IAM programme. Participants will discuss how to validate the need for an IAM programme, how to divide responsibilities across the organisation, and ensure that the programme aligns with internal audit and governance guidelines.

Speaking:

Duane Carsten Discovery

Duane Carstens

Group InfoSec Officer, Leading Financial Services Institution

Marlon Nair AF

Marlon Nair

Head: IAM, Alexander Forbes

Marlany Naidoo Mercantile

Marlany Naidoo

Head: Information Security & IT GRC, Mercantile Bank

Discussion Group: Developing an IAM Programme

February 18 | 10:00 - 10:30

IAM is inextricably tied to an organisations digital transformation journey & strategy. IAM practitioners, including IT security and risk divisions recognise the need for an independently managed IAM programme. Participants will discuss how to validate the need for an IAM programme, how to divide responsibilities across the organisation, and ensure that the programme aligns with internal audit and governance guidelines.

Speaking:

Duane Carsten Discovery

Duane Carstens

Leading Financial Services Institution

Marlany Naidoo Mercantile

Marlany Naidoo

Mercantile Bank

Marlon Nair AF

Marlon Nair

Alexander Forbes

10:30

Morning Tea & Networking

Morning Tea & Networking

February 18 | 10:30 - 11:00

Speaking:

11:00

Zero-Trust as the Foundation for your Organisational Cybersecurity Strategy

  • Developing a transformational road map to Zero-Trust
  • Zero-Trust networking
  • The Role of Multi-Factor Authentication (MFA) in advancing your Zero-Trust strategy
  • Effectively defining your policies and protecting critical assets

Speaking:

Marlon Nair AF

Marlon Nair

Head: IAM, Alexander Forbes

Zero-Trust as the Foundation for your Organisational Cybersecurity Strategy

February 18 | 11:00 - 11:30

  • Developing a transformational road map to Zero-Trust
  • Zero-Trust networking
  • The Role of Multi-Factor Authentication (MFA) in advancing your Zero-Trust strategy
  • Effectively defining your policies and protecting critical assets

Speaking:

Marlon Nair AF

Marlon Nair

Alexander Forbes

11:30

Transforming Customer Digital Experiences Through IAM

  • Placing Identity Security at the heart of a layered defense strategy
  • Protecting customer data and improving visibility & privacy (CIAM & Consent Management)
  • Moving beyond compliance to using GDPR to improve customer relationships
  • How IAM data can drive customer loyalty, improve customer profiling and deliver on personalisation strategies

Speaking:

Costa Std Bank

Costa Panagiotopoulos

Head: IAM, Standard Bank

Transforming Customer Digital Experiences Through IAM

February 18 | 11:30 - 12:00

  • Placing Identity Security at the heart of a layered defense strategy
  • Protecting customer data and improving visibility & privacy (CIAM & Consent Management)
  • Moving beyond compliance to using GDPR to improve customer relationships
  • How IAM data can drive customer loyalty, improve customer profiling and deliver on personalisation strategies

Speaking:

Costa Std Bank

Costa Panagiotopoulos

Standard Bank

12:00

Discussion Group: Moving Beyond Security: How IAM Can Drive Value & Increase Revenue

Customer-centricity should be key to any comprehensive digital transformation strategy; but how can organisations balance user demands against security requirements. This discussion will address the question of customer identity sprawl. How to move beyond in-house legacy systems that fall short when it comes to mobile apps and customer facing apps. How to develop frictionless customer experiences, and evaluating single sign-on as a strategic security investment.

Speaking:

Simon Motaung

Simon Motaung

Specialist: Identity & Access Management, African Bank

Armel Lupapi - Derivco

Armel Lupapi

Identity & Access Governance Specialist, Derivco

Discussion Group: Moving Beyond Security: How IAM Can Drive Value & Increase Revenue

February 18 | 12:00 - 12:30

Customer-centricity should be key to any comprehensive digital transformation strategy; but how can organisations balance user demands against security requirements. This discussion will address the question of customer identity sprawl. How to move beyond in-house legacy systems that fall short when it comes to mobile apps and customer facing apps. How to develop frictionless customer experiences, and evaluating single sign-on as a strategic security investment.

Speaking:

Armel Lupapi - Derivco

Armel Lupapi

Derivco

Simon Motaung

Simon Motaung

African Bank

12:30

Lunch & Networking

Lunch & Networking

February 18 | 12:30 - 13:30

Speaking:

1:30

Reserved for Focus Day Parner

For more information on how you can participate at the IAM Focus Day Partner, please contact michelle.meldau@coriniumgroup.com

Reserved for Focus Day Parner

February 18 | 13:30 - 14:00

For more information on how you can participate at the IAM Focus Day Partner, please contact michelle.meldau@coriniumgroup.com

Speaking:

2:00

Identity of Things

  • Adapting processes and technologies to securely manage the influx of users and devices and the rise in multiple interaction points
  • How generic bootstrapping architecture and identity management systems can reduce complexity
  • Evaluating the move to Identity Relationship Management (IRM) in place of traditional IAM
  • Scaling IRM for to improve performance, flexibility and offer a single view of the IoT ecosystem

Identity of Things

February 18 | 14:00 - 14:30

  • Adapting processes and technologies to securely manage the influx of users and devices and the rise in multiple interaction points
  • How generic bootstrapping architecture and identity management systems can reduce complexity
  • Evaluating the move to Identity Relationship Management (IRM) in place of traditional IAM
  • Scaling IRM for to improve performance, flexibility and offer a single view of the IoT ecosystem

Speaking:

2:30

Discussion Group: Nurturing a Culture of Security

Employees can be your biggest risk when it comes to securing your organisation assets, data, and intellectual property. This discussion will offer practical guidelines on how to strengthen your human firewall, fostering a cyber-aware culture, outline a plan for ensuring that your security parameters focus on security weak/control points. Address the growing need to advance identity and data security, and delve into great cloud security debate.

Speaking:

Discussion Group: Nurturing a Culture of Security

February 18 | 14:30 - 15:00

Employees can be your biggest risk when it comes to securing your organisation assets, data, and intellectual property. This discussion will offer practical guidelines on how to strengthen your human firewall, fostering a cyber-aware culture, outline a plan for ensuring that your security parameters focus on security weak/control points. Address the growing need to advance identity and data security, and delve into great cloud security debate.

Speaking:

3:00

Afternoon Tea & Networking

Afternoon Tea & Networking

February 18 | 15:00 - 15:30

Speaking:

3:30

Assessing Hybrid and Multi-Cloud IAM capabilities

  • How current IAM systems can support Hybrid & Multi-Cloud
  • How to securely migrate applications to the cloud without compromising IAM
  • Comparing Cloud-based MFA services to improve trust and user experience whist reducing cost
  • Ensuring IGA systems support cloud

Assessing Hybrid and Multi-Cloud IAM capabilities

February 18 | 15:30 - 16:00

  • How current IAM systems can support Hybrid & Multi-Cloud
  • How to securely migrate applications to the cloud without compromising IAM
  • Comparing Cloud-based MFA services to improve trust and user experience whist reducing cost
  • Ensuring IGA systems support cloud

Speaking:

4:00

Next-Generation Identity Analytics & Intelligence

  • Moving towards data-driven risk based IAM
  • Automating critical identity-based controls with artificial intelligence (AI) and machine learning (ML)
  • Extending access governance and identity analytics to cloud-based systems (SaaS, IaaS etc.)
  • Using advanced analytics to identify and monitor access risk while transforming compliance-driven processes with risk intelligence
  • Adding enhanced analytics to your IAM solution

Next-Generation Identity Analytics & Intelligence

February 18 | 16:00 - 16:30

  • Moving towards data-driven risk based IAM
  • Automating critical identity-based controls with artificial intelligence (AI) and machine learning (ML)
  • Extending access governance and identity analytics to cloud-based systems (SaaS, IaaS etc.)
  • Using advanced analytics to identify and monitor access risk while transforming compliance-driven processes with risk intelligence
  • Adding enhanced analytics to your IAM solution

Speaking:

4:30

Discussion Group: Preventing Fraud & Safeguarding Identities in a Connected World

As organisations continue to embrace the digital world, and devices become increasingly connected – online crime and fraud has never been more profitable. Attacks are becoming more complex and advanced. Effective identity solutions have the capacity to significantly decrease transaction fraud and identify malicious users before they put the enterprise at risk. Participants will get essentials insights into defining and enforcing policies to block users from assuming too many privileges whilst reviewing what scalable identity solutions are available to prevent identity theft, malware and ransomware.

Speaking:

Dirk Kotze

Dirk Kotze

Information Security Officer, FNB Consumer

Discussion Group: Preventing Fraud & Safeguarding Identities in a Connected World

February 18 | 16:30 - 17:00

As organisations continue to embrace the digital world, and devices become increasingly connected – online crime and fraud has never been more profitable. Attacks are becoming more complex and advanced. Effective identity solutions have the capacity to significantly decrease transaction fraud and identify malicious users before they put the enterprise at risk. Participants will get essentials insights into defining and enforcing policies to block users from assuming too many privileges whilst reviewing what scalable identity solutions are available to prevent identity theft, malware and ransomware.

Speaking:

Dirk Kotze

Dirk Kotze

FNB Consumer

5:00

Close of Focus Day

Close of Focus Day

February 18 | 17:00

Speaking:

Main Conference Day 1
19 February 2020
07:30

Main Conference Registration Open

Main registration open.

Tea, coffee & morning refreshments served in exhibition area.

Main Conference Registration Open

February 19 | 07:30 - 09:00

Main registration open.

Tea, coffee & morning refreshments served in exhibition area.

Speaking:

08:50

Welcome & Opening Remarks

Speaking:

Ryan Matthews - Corinium

Ryan Matthews

Head of Production: MEA, Corinium Global Intelligence

Welcome & Opening Remarks

February 19 | 08:50 - 09:00

Speaking:

Ryan Matthews - Corinium

Ryan Matthews

Corinium Global Intelligence

09:00

Reserved for Lead Partner

For more information on Lead Partner benefits at CISO Africa 2020, please contact michelle.meldau@coriniumgroup.com

Reserved for Lead Partner

February 19 | 09:00 - 09:30

For more information on Lead Partner benefits at CISO Africa 2020, please contact michelle.meldau@coriniumgroup.com

Speaking:

09:30

Keynote: The Rise of the CISO - Bringing Security Awareness to the Board

  • Technology, security and cyber risk are high on the board’s agenda, but how can you turn a checkpoint into a discussion they can understand?
  • How to approach regulatory concerns from an IT management perspective
  • Key challenges for the board, and board challenges for the CISO
  • What level of awareness should the board have, and how best to articulate it

Speaking:

Keynote: The Rise of the CISO - Bringing Security Awareness to the Board

February 19 | 09:30 - 09:50

  • Technology, security and cyber risk are high on the board’s agenda, but how can you turn a checkpoint into a discussion they can understand?
  • How to approach regulatory concerns from an IT management perspective
  • Key challenges for the board, and board challenges for the CISO
  • What level of awareness should the board have, and how best to articulate it

Speaking:

09:50

Keynote: Zero Trust Throughout the Enterprise

  • Zero Trust is fully monitored, identifiable and data-centric, but can it be executed throughout the enterprise without causing delays or costing time and money?
  • What would a Zero Trust model look like?
  • With heavily restricted access inside and outside the network, with greater access control to data, how can you adhere to a Zero Trust model and maintain productivity or innovation?
  • Are there alternative approaches? Hybrid models etc.

Keynote: Zero Trust Throughout the Enterprise

February 19 | 09:50 - 10:10

  • Zero Trust is fully monitored, identifiable and data-centric, but can it be executed throughout the enterprise without causing delays or costing time and money?
  • What would a Zero Trust model look like?
  • With heavily restricted access inside and outside the network, with greater access control to data, how can you adhere to a Zero Trust model and maintain productivity or innovation?
  • Are there alternative approaches? Hybrid models etc.

Speaking:

10:10

Keynote: Meeting the Skills Gap in Security

  • How trying to solve for new problems using old techniques doesn’t always work (people vs automation)
  • Why it is important to upskill and redeploy people from other parts of IT and the organisation into security functions
  • Using agile and feature teams to solve for a common problem
  • Filling in the “Sec” gap in DevSecOps

Speaking:

Julian Ramiah - Liberty

Julian Ramiah

Group Chief Information Security Officer, Leading Financial Services Firm

Keynote: Meeting the Skills Gap in Security

February 19 | 10:10 - 10:30

  • How trying to solve for new problems using old techniques doesn’t always work (people vs automation)
  • Why it is important to upskill and redeploy people from other parts of IT and the organisation into security functions
  • Using agile and feature teams to solve for a common problem
  • Filling in the “Sec” gap in DevSecOps

Speaking:

Julian Ramiah - Liberty

Julian Ramiah

Leading Financial Services Firm

10:30

Panel Discussion: How to Articulate Business Value of Security to the Board and the Business

  • If cyber hygiene and awareness is a checkmark in a board meeting, what practical examples can you give to direct attention to more pressing concerns – and how best to articulate these concerns?
  • What are some of the other most common questions you get asked?
  • Does every proposal put forward come down to ROI? Or have you found other techniques to motivate the board?
  • As much as we want to teach business and the board in particular the value of security-speak, could more be done to educate the security teams in business-speak and flip the conversation around?

Speaking:

Zaid Parak - Discovery

Zaid Parak

Group CISO, Discovery

Robin Barnwell - Standard Bank

Robin Barnwell

Head: Security Strategy Enablement, Standard Bank

Julian Ramiah - Liberty

Julian Ramiah

Group Chief Information Security Officer, Leading Financial Services Firm

Pragesen Pather - Sun International

Pragasen Pather

GM: IT Governance, Risk & Security, Sun International

Panel Discussion: How to Articulate Business Value of Security to the Board and the Business

February 19 | 10:30 - 11:00

  • If cyber hygiene and awareness is a checkmark in a board meeting, what practical examples can you give to direct attention to more pressing concerns – and how best to articulate these concerns?
  • What are some of the other most common questions you get asked?
  • Does every proposal put forward come down to ROI? Or have you found other techniques to motivate the board?
  • As much as we want to teach business and the board in particular the value of security-speak, could more be done to educate the security teams in business-speak and flip the conversation around?

Speaking:

Julian Ramiah - Liberty

Julian Ramiah

Leading Financial Services Firm

Robin Barnwell - Standard Bank

Robin Barnwell

Standard Bank

Zaid Parak - Discovery

Zaid Parak

Discovery

Pragesen Pather - Sun International

Pragasen Pather

Sun International

11:00

Morning Tea & Networking

Morning Tea & Networking

February 19 | 11:00 - 11:30

Speaking:

11:30

Reserved for Associate Partner

For more information on Associate Partner benefits at CISO Africa 2020, please contact michelle.meldau@coriniumgroup.com

Reserved for Associate Partner

February 19 | 11:30 - 12:00

For more information on Associate Partner benefits at CISO Africa 2020, please contact michelle.meldau@coriniumgroup.com

Speaking:

12:00

Keynote: Structuring the Security Organisation Across Multiple Territories

  • An overview of the Standard Bank model
  • How skills development and automation will enable greater collaboration and better understanding between teams
  • Challenges in perfecting organisational design; compliance and regulatory issues, skills gap, cost implications etc
  • Enabling access and control within a cloud-centric IT strategy

Speaking:

Robin Barnwell - Standard Bank

Robin Barnwell

Head: Security Strategy Enablement, Standard Bank

Keynote: Structuring the Security Organisation Across Multiple Territories

February 19 | 12:00 - 12:20

  • An overview of the Standard Bank model
  • How skills development and automation will enable greater collaboration and better understanding between teams
  • Challenges in perfecting organisational design; compliance and regulatory issues, skills gap, cost implications etc
  • Enabling access and control within a cloud-centric IT strategy

Speaking:

Robin Barnwell - Standard Bank

Robin Barnwell

Standard Bank

12:20

Keynote: Build the Security Business Case in a Major Retailer

  • Breaking down security into business language
  • Thinking of security as a business asset rather than a grudge purchase
  • Strategies on building allies and bringing the board to an agreed level of understanding
  • A general overview of our IT security strategy and execution which goes beyond ROI

Speaking:

Gadija Ryklief - Edcon

Gadija Ryklief

GM: Information Security , Edcon

Keynote: Build the Security Business Case in a Major Retailer

February 19 | 12:20 - 12;40

  • Breaking down security into business language
  • Thinking of security as a business asset rather than a grudge purchase
  • Strategies on building allies and bringing the board to an agreed level of understanding
  • A general overview of our IT security strategy and execution which goes beyond ROI

Speaking:

Gadija Ryklief - Edcon

Gadija Ryklief

Edcon

12:40

Keynote: Interweaving Security Awareness into Corporate Culture

  • Where to start? Top-down, bottom-up or both?
  • IAM vs Zero Trust vs Education
  • The perimeter is shrinking; how to bring awareness to an increasingly mobile workforce
  • How do you measure the success of security awareness programmes? Managing anomalies and identifying baseline metrics

Speaking:

-fs-Kovelin-Naidoo-2018.xl

Kovelin Naidoo

CSO, FirstRand Group

Keynote: Interweaving Security Awareness into Corporate Culture

February 19 | 12:40 - 13:00

  • Where to start? Top-down, bottom-up or both?
  • IAM vs Zero Trust vs Education
  • The perimeter is shrinking; how to bring awareness to an increasingly mobile workforce
  • How do you measure the success of security awareness programmes? Managing anomalies and identifying baseline metrics

Speaking:

-fs-Kovelin-Naidoo-2018.xl

Kovelin Naidoo

FirstRand Group

1:00

Reserved for Associate Partner

For more information on Associate Partner benefits at CISO Africa 2020, please contact michelle.meldau@coriniumgroup.com

Reserved for Associate Partner

February 19 | 13:00 - 13:30

For more information on Associate Partner benefits at CISO Africa 2020, please contact michelle.meldau@coriniumgroup.com

Speaking:

1:30

Lunch & Networking

Lunch & Networking

February 19 | 13:30 - 14:30

Speaking:

2:30

Reserved for Stream Partner A

For more information on Stream Partner benefits at CISO Africa 2020, please contact michelle.meldau@coriniumgroup.com

Reserved for Stream Partner A

February 19 | 14:30 - 15:00

For more information on Stream Partner benefits at CISO Africa 2020, please contact michelle.meldau@coriniumgroup.com

Speaking:

2:30

Reserved for Stream Partner B

For more information on Stream Partner benefits at CISO Africa 2020, please contact michelle.meldau@coriniumgroup.com

Reserved for Stream Partner B

February 19 | 14:30 - 15:50

For more information on Stream Partner benefits at CISO Africa 2020, please contact michelle.meldau@coriniumgroup.com

Speaking:

2:30

Reserved for Stream Partner C

For more information on Stream Partner benefits at CISO Africa 2020, please contact michelle.meldau@coriniumgroup.com

Reserved for Stream Partner C

February 19 | 14:30 - 15:00

For more information on Stream Partner benefits at CISO Africa 2020, please contact michelle.meldau@coriniumgroup.com

Speaking:

3:00

Stream A - Case Study: IT GRC as Part of an Integrated Risk Strategy

  • Why IT GRC needs to be at the heart of business risk mitigation strategies
  • Understanding and mitigating third party supplier risks
  • Building compliance and legal requirements into DevOps
  • Best practices on seamlessly integrating GRC across the business

Speaking:

Stream A - Case Study: IT GRC as Part of an Integrated Risk Strategy

February 19 | 15:00 - 15:20

  • Why IT GRC needs to be at the heart of business risk mitigation strategies
  • Understanding and mitigating third party supplier risks
  • Building compliance and legal requirements into DevOps
  • Best practices on seamlessly integrating GRC across the business

Speaking:

3:00

Stream B - Case Study: Developing a Cloud Security Strategy for your Business

  • Remote access, speed, and SaaS adoption is forcing change in architecture, but how is it influencing security options?
  • What are the similarities and differences to on-premise and cloud security?
  • How to design and manage a hybrid security model?
  • What are important new concepts to understand, or does security remain fundamentally the same?

Stream B - Case Study: Developing a Cloud Security Strategy for your Business

February 19 | 15:00 - 15:20

  • Remote access, speed, and SaaS adoption is forcing change in architecture, but how is it influencing security options?
  • What are the similarities and differences to on-premise and cloud security?
  • How to design and manage a hybrid security model?
  • What are important new concepts to understand, or does security remain fundamentally the same?

Speaking:

3:00

Stream C - Case Study: Secure Automated Data Centres

  • Do you know what data you are meant to protect? You can only secure what you see.
  • Imbedding security throughout the data centre
  • Knowing where your gates are and who has access
  • Multi-cloud environments and the main challenges to securing multiple data centres

Speaking:

james-grant std bank

James Grant

Automation/DevOps Lead, Standard Bank

Stream C - Case Study: Secure Automated Data Centres

February 19 | 15:00 - 15:20

  • Do you know what data you are meant to protect? You can only secure what you see.
  • Imbedding security throughout the data centre
  • Knowing where your gates are and who has access
  • Multi-cloud environments and the main challenges to securing multiple data centres

Speaking:

james-grant std bank

James Grant

Standard Bank

3:20

Stream A - Case Study: Implementing GRC in the Digital Era

  • GRC is fundamental to doing business in a digital world
  • Putting technology (and people) at the heart of your GRC programme
  • Can you make compliance "attractive"?
  • How much of this is data governance, and how much is determined by user experience?

Speaking:

Sphiwe Mbatha

Sphiwe Mbatha

Head: IT Security & Governance, Bayport Financial Services

Stream A - Case Study: Implementing GRC in the Digital Era

February 19 | 15:20 - 15:40

  • GRC is fundamental to doing business in a digital world
  • Putting technology (and people) at the heart of your GRC programme
  • Can you make compliance "attractive"?
  • How much of this is data governance, and how much is determined by user experience?

Speaking:

Sphiwe Mbatha

Sphiwe Mbatha

Bayport Financial Services

3:20

Stream B - Case Study: Best Practices for Securing Cloud-Native Applications

  • Connecting the dots: containers, serverless functions and microservice architecture in the cloud
  • Can you scale on-premise security functions in the cloud?
  • Untangling access and permissions in the cloud
  • Practical best practices for securing cloud apps

Stream B - Case Study: Best Practices for Securing Cloud-Native Applications

February 19 | 15:20 - 15:40

  • Connecting the dots: containers, serverless functions and microservice architecture in the cloud
  • Can you scale on-premise security functions in the cloud?
  • Untangling access and permissions in the cloud
  • Practical best practices for securing cloud apps

Speaking:

3:20

Stream C - Case Study: DevSecOps Impact on the Security Operations Team

  • Creating a culture that treats “security as code”
  • How to promote collaboration between IT engineers, software developers, and security teams
  • Is anyone doing DevSecOps right?
  • Why the next generation security operations offices should be based on DevSecOps principals

Stream C - Case Study: DevSecOps Impact on the Security Operations Team

February 19 | 15:20 - 15:40

  • Creating a culture that treats “security as code”
  • How to promote collaboration between IT engineers, software developers, and security teams
  • Is anyone doing DevSecOps right?
  • Why the next generation security operations offices should be based on DevSecOps principals

Speaking:

3:40

Stream A - Case Study: Taking an Agile Approach to GRC and Security

  • Identifying risk domains and assigning responsibility
  • Ensuring that all stakeholders are collaborating especially from a GRC perspective
  • Making the board truly understand the business impact of governance
  • Is everyone aware of GRC principles and controls in place; how to develop easy to understand awareness

Speaking:

Tammy Naicker - Vodacom-1

Tammy Naicker

Executive Head of Department: Group Technology Governance & Assurance, Vodacom

Stream A - Case Study: Taking an Agile Approach to GRC and Security

February 19 | 15:40 - 16:00

  • Identifying risk domains and assigning responsibility
  • Ensuring that all stakeholders are collaborating especially from a GRC perspective
  • Making the board truly understand the business impact of governance
  • Is everyone aware of GRC principles and controls in place; how to develop easy to understand awareness

Speaking:

Tammy Naicker - Vodacom-1

Tammy Naicker

Vodacom

3:40

Stream B - Case Study: Next Generation Network Security

  • You might not be there yet, but more a more mobile workforce is coming - are you prepared?
  • What are some of the most commonly used remote and cloud security policies?
  • What should be your security architecture, deployment and integration considerations?
  • Predicting what the threat landscape will look like in five years’ time

Speaking:

Tony Christ

Tony Christodoulou

CIO: EMEA, American Tower Corporation

Stream B - Case Study: Next Generation Network Security

February 19 | 15:40 - 16:00

  • You might not be there yet, but more a more mobile workforce is coming - are you prepared?
  • What are some of the most commonly used remote and cloud security policies?
  • What should be your security architecture, deployment and integration considerations?
  • Predicting what the threat landscape will look like in five years’ time

Speaking:

Tony Christ

Tony Christodoulou

American Tower Corporation

3:40

Stream C - Case Study: Adapting Security Practices for DevOps

  • Embracing agile development and DevOps is huge step forward, but why has security been left behind?
  • How to test security controls outside of raw code; at what point can testing be done?
  • Do all traditional security practices need to rewritten, if so, how?
  • Is there a best practice model to introduce security into an agile project environment?

Stream C - Case Study: Adapting Security Practices for DevOps

February 19 | 15:40 - 16:00

  • Embracing agile development and DevOps is huge step forward, but why has security been left behind?
  • How to test security controls outside of raw code; at what point can testing be done?
  • Do all traditional security practices need to rewritten, if so, how?
  • Is there a best practice model to introduce security into an agile project environment?

Speaking:

4:00

Afternoon Tea & Networking

Afternoon Tea & Networking

February 19 | 16:00 - 16:30

Speaking:

4:30

Stream A - Discussion Group: GRC & Cloud Security

This discussion will look at the impact of cloud migration on GRC and security. What will impact with regards governance and risk issues be on cloud implementation Moving to the cloud requires input from many different stakeholders and cannot be done retroactively, but is are all key stakeholders seated around the same table and on the same page?

Speaking:

Marlany Naidoo Mercantile

Marlany Naidoo

Head: Information Security & IT GRC, Mercantile Bank

Loritta Kudumbu

Loritta Kudumba

Head of IT Governance, Risk and Compliance, Barloworld Equipment

Gasbene

Gasbene Mahlangu

Portfolio Head: Business Resilience, Standard Bank

Stream A - Discussion Group: GRC & Cloud Security

February 19 | 16:30 - 17:10

This discussion will look at the impact of cloud migration on GRC and security. What will impact with regards governance and risk issues be on cloud implementation Moving to the cloud requires input from many different stakeholders and cannot be done retroactively, but is are all key stakeholders seated around the same table and on the same page?

Speaking:

Marlany Naidoo Mercantile

Marlany Naidoo

Mercantile Bank

Gasbene

Gasbene Mahlangu

Standard Bank

Loritta Kudumbu

Loritta Kudumba

Barloworld Equipment

4:30

Stream B - Discussion Group: What Has Been Your Approach to Cloud Security?

This discussion will look at shared views on cloud adoption and security management. Access from anywhere at any time has broken down traditional perimeters - the big question is have/will you architect for cloud security? What does this new security architecture look like? How are teams/companies approaching this differently?

Speaking:

Ronald Mulder - CocaCola

Ronald Mulder

IT Security & Risk Manager, Coca-Cola Beverages Africa

Richard Hlalele - UJ

Richard Hlalele

Information Security Officer, University of Johannesburg

Simphiwe Makhoba - Exxaro II

Simphiwe Makhoba

Cloud Architect Lead, Exxaro Resources

Stream B - Discussion Group: What Has Been Your Approach to Cloud Security?

February 19 | 16:30 - 17:10

This discussion will look at shared views on cloud adoption and security management. Access from anywhere at any time has broken down traditional perimeters - the big question is have/will you architect for cloud security? What does this new security architecture look like? How are teams/companies approaching this differently?

Speaking:

Ronald Mulder - CocaCola

Ronald Mulder

Coca-Cola Beverages Africa

Simphiwe Makhoba - Exxaro II

Simphiwe Makhoba

Exxaro Resources

Richard Hlalele - UJ

Richard Hlalele

University of Johannesburg

4:30

Stream C - Discussion Group: DevSecOps Adoption

This discussion will look into DevSecOps in practice. For most, the ideal is to work in a DevSecOps environment, but very few are able to achieve this consistently, if at all. This is an opportunity to share thoughts around DevSecOps practices, its feasibility and reality. The question is: Are your security and DevOps teams working together?

Speaking:

Adele Jones - Nedbank

Adele Jones

Lead Architect: Information Security & Blockchain, Nedbank

Denisha - DBSA

Dr Denisha Jairam-Owthar

CIO: Metro Services, City of Johannesburg

Ahmed Theba - Discovery

Ahmed Theba

Information Security Architect, Discovery

Stream C - Discussion Group: DevSecOps Adoption

February 19 | 16:30 - 17:10

This discussion will look into DevSecOps in practice. For most, the ideal is to work in a DevSecOps environment, but very few are able to achieve this consistently, if at all. This is an opportunity to share thoughts around DevSecOps practices, its feasibility and reality. The question is: Are your security and DevOps teams working together?

Speaking:

Denisha - DBSA

Dr Denisha Jairam-Owthar

City of Johannesburg

Adele Jones - Nedbank

Adele Jones

Nedbank

Ahmed Theba - Discovery

Ahmed Theba

Discovery

5:10

Stream A - Discussion Group: GDPR, POPIA & Future Privacy Laws Impact on Compliance

This discussion will focus on the impact and implementation of GDPR and POPIAI. Does your business need to comply with both? What has its impact been on your business? Will customer data be rendered worthless, or will customers soon take control of their data and be rewarded for sharing it?

Speaking:

Juanita Moolman - Hollard

Juanita Moolman

Executive Head: Governance, Risk Management & Compliance, Hollard Insurance

Chene Maartens Edcon

Chene Maartens

Executive: IT GRC, Edcon

Portia Simelane OMInsure

Portia Simelane

Head: IT GRC, Old Mutual Insure

Makabongwe-Siziba

Makabongwe Siziba

Director: Corporate Governance of ICT, Department of Public Service & Administration

Stream A - Discussion Group: GDPR, POPIA & Future Privacy Laws Impact on Compliance

February 19 | 17:10 - 17:50

This discussion will focus on the impact and implementation of GDPR and POPIAI. Does your business need to comply with both? What has its impact been on your business? Will customer data be rendered worthless, or will customers soon take control of their data and be rewarded for sharing it?

Speaking:

Makabongwe-Siziba

Makabongwe Siziba

Department of Public Service & Administration

Juanita Moolman - Hollard

Juanita Moolman

Hollard Insurance