What are the most common business projects

Laying the foundation for a digital future ... or not

17th E-Crime Congress DACH: Online
June 16, 2021

Security for sustainable digital business
Build in a hurry, calmly regret: Digitization should promote top-down safety cultures. But does she do that?


At AKJ's last DACH event, participants were asked what has changed most about cybersecurity in the past five years. One of the most common responses was that while threats have become more common and complex, and cybersecurity itself has become common knowledge, however, neither the managers nor the senior management work with a mentality that puts safety first.

And this creates real problems: the responses to our research indicate that companies are often unwilling or unable to make the extensive operational changes required for a truly mature safety culture.

Digitization has become a question of corporate survival. So the priority has been to get it up and running quickly, not to have built-in security or to put in place better practices for engaging security teams in digital business projects, many of which are outsourced to third parties. Business, not safety, has the upper hand in this response to the pandemic.

Within digitization, the dependence on third parties is also a security risk for an increasing proportion of the business-critical infrastructure. We didn't need the SolarWinds hack to educate ourselves about the third party risk, but it was a timely reminder of how fundamental this is.

This business-first approach, according to our research, reflects management's continued belief that security is just a “necessary expense,” a tax on the company that needs to be minimized where possible. CISOs still have to work hard to show the board why safety isn't an unnecessary friction, it's a trailblazer.

Even with the board of directors on board, the broader problem of security culture remains: when short-term business goals outperform security, when privacy compliance gets the budget through the checkbox but actual security doesn't, organizations are not only at increased risk with With the new technologies they now rely on, they also face an uphill battle to build the top-down safety culture that every business needs over the long term.

And while companies have more and more technical debt in solving business and security problems one by one, Cybercriminals work with increasing organization and sophistication.

This divergence between what companies are willing to advocate for cybersecurity and what bad actors are willing to invest in terms of time and resources jeopardizes the sustainability of many business models of digitization.

The E-Crime & Cybersecurity DACH Congress will take place online and will examine how cybersecurity teams, risk management functions and committees are addressing the main issues. In view of the critical digitization, is this finally the moment when traditional cybersecurity management has to change?

  • Built-in security: from DevOps to SecDevOps?

    • When companies build digital business models, it is critical that they build security right from the start
    • Given the pace at which change is happening, this is a big question - even before COVID-19, many organizations have prioritized speed over security
    • What can cybersecurity teams do to change this? Is it a fight between CIO and CISO?
  • Remote execution of critical security tasks - how can CISOs regain / maintain control?

    • Employees for whom long-term, secure remote work processes have not been established in advance are not only outside of centrally controlled endpoint protection processes, but also outside of the patch and update processes.
    • However, many security tools depend on being on the local network. How do security teams make sure they can do the basics remotely?
    • Are the correction and re-imaging functions working as intended in a remote environment? What updates are required for incident response playbooks?
    • Most organizations have "given up" their existing office environments - including all of the equipment they contain. These must also be monitored and protected. Can this be done remotely?
  • Cyber ​​security for business resilience

    • Forced, rapid digitization has shown that many security programs are fragmented
    • Protecting the company while enabling innovation and flexibility requires new models and approaches to cyber
    • Are automation and orchestration the answer?
  • Securing the job revolution

    • Lockdowns and the extremes of WFH will come to an end, but the cost, productivity, work-life balance, and carbon benefits of remote working mean that certain newer structures will remain
    • As flexible working becomes the norm, new hardware, software and processes must be implemented in all business areas
    • Many of the first measures were intended as a short-term emergency solution. What new long-term safety measures are required for a permanent change in work patterns?
    • Most businesses have been forced to rely on cloud apps and storage
    • Hence, you need visibility and control; You need logs from vendors to review for unauthorized access and data exfiltration. You need to restrict unauthorized access and unauthorized services.
    • And what do their cloud contracts say about force majeure?
  • Security for the 5G revolution

    • The zero latency of 5G will crystallize the IoT revolution - the ability to question devices in real time (e.g. from mobile apps) is a gamechanger
    • But because connections happen faster, attacks and breaches also happen faster, and potentially with much greater reach
    • How can cybersecurity teams respond? Is automation the answer?
  • Securing the company from sensors

    • Companies in all industries rely on intelligent technology and networked devices
    • How does security work with so much data from sensors and legacy control systems flowing outside of normal networks?
    • For many businesses (energy, healthcare, utilities, manufacturing, logistics, etc.), it's not just about privacy. An attack can cease operations, cause physical damage, or even result in death
  • Secure digital currencies

    • The trend towards cashless payment methods during the crisis was extreme and appears to be irreversible
    • Many more governments are now trying to develop their own digital currencies
    • How can we secure a world where most - maybe all - payments are digital?
    • The COVID era requires an unprecedented level of citizen engagement
    • The systems required to ensure security pose major data security and privacy challenges for both governments and employers
    • Are Compromises Inevitable? What is the best way to keep critical data safe?

Who participates

Job title

Chief BISO
Chief Information Security Officer
Chief Information Security Officer
Chief Information Security Officer
Chief Security & Privacy Officer
CISO
CISO / CTO
Director
Director Cyber ​​Defense & CERT
Director Data Privacy
Director Security Risk & Compliance
Director Global Security Investigations
Director Information Security
Director, CRISC
Head of Security & Governance
Head of Compliance
Head of Corporate Data Protection
Head of Cyber
Head of Cyber ​​Security
Head of Cyber ​​Threat Response
Information Security Manager
Head of I.T.
Head of I.T. Security
Head of Information Security
Head of Information Security
Head of Internal Audit
Head of IT / Operations
Head of IT Security
Head of IT Security
Head of Legal Data Privacy
Head of Penetration Testing
Head of I.T. Security
Head of Security
Head of Security Management
Head PCI Compliance
VP Cyber ​​Security & Defense
Vice President, Threat Intelligence
VP Credit & Fraud
VP Crisis & Emergency Management
ASIC Operations
BISO
Cards Security Manager
CERT
COO data protection programs
Corporate audit
Head of Methods, Projects, IT
Corporate Security Awareness Manager
Counsel, Privacy & Information Law
Country Security Officer
CTO Security & Risk
CTSO
Fraud & Risk Manager
GAMA Business Task Force
Global Head of Data Protection
Global IT - Information Security
Global IT Manager
Group Data Protection Commissioner
Group Information Security Officer
Group Lead Active Defense Center
Information security manager
Information security manager
Information security manager
Information security manager
Information security manager
IT security manager
IT security manager
IT Security Research Engineer
Global IT Security & Compliance
Global IT Security & Compliance
IT specialist, WAN and access
ITM Global Information Security
Lawyer
Lawyer
Head of Information Security CISO
Head of Corporate Security
Local data security officer
Compliance Manager
Fraud Prevention Manager
Operational Security Officer
partner
partner
IT Infrastructure Vice President
Security Fraud Manager
Security manager
Security Manager, CISSP
Senior Alliance & BD Manager
Senior Manager Internal Audit
Senior Enterprise Security Manager
Senior I.T. Auditor
Senior Information Security Manager
Senior Information Security Manager
Senior Internal Auditor
Senior IT Auditor
Senior manager
Senior Manager, Products & Innovation
Senior Project Manager (Infocontrol)
Senior Ref NGN
Senior Researcher
Senior Risk Manager
Senior Security Consultant
Senior Security Expert
Senior Security Product Manager
Senior Security Professional
Senior Security Specialist
Senior Security Specialist
Cyber ​​Crime Investigations
Service & Contract Manager
Software Development Engineer
Security specialist
SR IT Security Consultant
I.T. Security & Compliance Manager
System analyst
System administrator / CISO
GAMA Business Task Force
Team manager IT security operations
Team leader I.T. Infrastructure
TORM & Financial Crime

Companies

Deutsche Bank Group
German postal service
GE Capital
NYSE Euronext
Vodafone
Merck & Co
Audi
Deutsche Bank Group
Deutsche Telekom
First Data Merchant Solutions
First Data Merchant Solutions
American Express
Tech data
SAP
BT
alliance
Otto Group
Marsh
airbus
Deutsche Bank Group
Daimler
Hengeler Mueller
Commerzbank
Eurostar
Quipu
Nintendo
Triodos Bank
Wirecard Bank
Lanxess AG
Siemens
Deutsche Telekom
Federal Office for Information Security
Commerzbank
Bank publishing house
Six-Group
Atos
Citigroup
Elavon Merchant Services
Deutsche Telekom
alliance
Citigroup
BP
Commerzbank
UBS
MAN SE
BMW
Vodafone
Field Fisher Waterhouse LLP
Vattenfall AB
Deutsche Bank Group
Vodafone
Right away
Deutsche Bank Group
alliance
Adidas
Adidas
German Lufthansa
Citigroup
Commerzbank
KfW banking group
DZ Bank
Oce
Teradata
AXA
German Bundesbank
KfW banking group
airbus
Adidas
E.ON
BMW
Daimler
Postbank P.O.S. Transact
Osborne Clarke
RWE Group
DZ Bank
Robert Bosch
Adidas
DZ Bank
E.ON
Osborne Clarke
Baker & McKenzie LLP
Deutsche Bank Group
Q8 Kuwait Petroleum
Siemens
Vodafone
Research in Motion
Nintendo
Adidas
Commerzbank
German postal service
DHL
Mondi
DHL
ThyssenKrupp AG
Deutsche Telekom
BP
Deutsche Telekom
UBS
Postbank P.O.S. Transact
BT
Deutsche Telekom
Research in Motion
Triodos Bank
German postal service
Tech data
American Express
COLT Technology Services
Nintendo
COLT Technology Services
Deutsche Bank Group
German postal service
Citigroup
BNP Paribas
Deutsche Bank Group
German Bundesbank
SCOR
Santander

Industries

Banking
communication
electronics
Finances
telecommunications
Other
automobile
telecommunications
technology
Life insurance
Manufacturing
Automatic manufacture
law firm
transport
entertainment
property
government
energy
Consumer products