EuroCACS Presentations and Descriptions 



Track 1—Audit and Assurance

111–The Pain with Segregation of Duties

Klaudia-Agnes Knosalla, CISA
Senior Expert - Governance, Risk and Internal Controls
Bertelsmann Accounting Services GmbH

How to develop and implement a pragmatic approach for your organisation and how to overcome the obstacles you will meet along the way.

After completing this session, you will be able to:

  • Understand the risks and challenges entities face with regard to Segregation of Duties (SoD) and make the connection to relevant elements of the COBIT 5 Framework
  • Provide examples on how to develop a risk-based and pragmatic approach to effective SoD design from an organisational and technical perspective
  • Get to know examples for communicating a coherent and comprehensible approach to your different stakeholders
  • Challenge the current paradigms about SoD controls in relation to the possibilities of continuous monitoring and data analytics

121–Additional Information Coming Soon!


131–Excel - the Dark Matter of IT

Patrick O’Beirne
Spreadsheet Mgmt Consultant
Systems Modelling, Ltd

This session outlines how to address current concerns about risks from the uncontrolled use of spreadsheet-based "Shadow IT". It covers how to assess risk in the context of spreadsheet criticality, and a process of high level and detailed reviews.

After completing this session, you will be able to:

  • Understand the real incidence of spreadsheet errors
  • Recommend good practice in spreadsheet development and control
  • Assess risk, scope a test plan, ask penetrating questions, recognise indicators of good practice
  • Be aware of software tools for spreadsheet audit efficiency

141–Key Controls for Data-Centric Security

Zeal Somani, CISA

Kishor Vaswani
Chief Executive Officer

The traditional approach starts with defending the perimeter and then going inward with layers of defense. Today organisations need security and controls that stays with the data -- no matter where it resides.

After completing this session, you will be able to:

  • Build a data-centric security and audit programme
  • Identify capabilities and tools for greater data visibility to identify where sensitive data resides, is processed, and in transit
  • Identify key data security controls i.e., detective, corrective, preventive for how data should be managed and accessed within the business context
  • How to continuously monitor and mature these controls such that compliance requirements are met by the organisations

211–ICT Governance - Getting It Right

Ian Musgrave, CISA
Head of IT Assurance

Why do so many organisations get ICT Governance wrong? Including an overview of why ICT Governance is important, what good ICT governance looks like and the pitfalls of when it goes wrong (failure to innovate, incoherent strategies and performance).

After completing this session, you will be able to:

  • Identify what ICT governance is and its importance to the organisation
  • Understand what good ICT governance looks like and its importance in delivering ICT strategies
  • Appreciate via examples what happens when ICT governance is not delivered optimally and how this restricts the organisation in achieving its objectives
  • Learn what the priorities should be for an ICT auditor in performing a review of ICT governance

221–Data Protection–The Pragmatic Audit Approach

Matthias Kraft, CISA, CISM, CGEIT, CRISC
Senior Manager Internal Audit
FIL Holdings (Luxembourg) S.A.

The pragmatic approach to auditing data protection (DP): This session will help to understand top DP priorities, implications and characteristics of European law such as the GDPR and help the professional to avoid common pitfalls when auditing DP.

After completing this session, you will be able to:

  • Understand data protection implications and characteristics European law
  • Describe key areas of data protection risks and understand how audit functions can respond using different approaches and common regulation such as GDPR
  • Explain how to cover major aspects of data protection as part of an audit plan
  • Articulate top data protection priorities and how to avoid common pitfalls

231–A Long Journey to A New Level of Audits

Petra Hoffmann-Stascheck
Senior Consultant
DB Systel GmbH

DB Systel's audit experience of more than 20 years is shared. The auditing system is presented as well as the challenges and our solutions. It is discussed how we managed to create an efficient audit landscape with full coverage of our organisation.

After completing this session, you will be able to:

  • Have an insight in our audit landscape, our audit and improvement culture, understand our challenges, see how we dealt with them, and how to use our experiences in her or his own organisation
  • Understand how DB Systel manages issues from audits, how participants and stakeholders contribute to continuous improvements and how to transfer our experiences to her or his own organisation
  • See how to avoid double work for auditors as well as for auditees, but ensure full coverage, and even how to improve their own efforts to get more benefit from audit activities than before
  • Recognise the challenges you are facing when handling a large spectrum of different audits within an organisation and when transforming from a hierarchical structure to a new world's working scheme

241–Auditing IT Culture

Assistant Manager
Turkiye Is Bankasi A.S.

Throughout the session, the prominent role of IT culture in IT performance will be highlighted and the value of, and opportunities in implementing emergent approaches in auditing culture into IT organisations will be discussed.

After completing this session, you will be able to:

  • Inform about the definition, types of enterprise culture and IT culture and their interconnections
  • Inform about the differences between traditional audit work and culture audits
  • Inform about the components of IT culture and their corresponding significance
  • Inform about the various methods of auditing IT culture, and possible usage of the results of audit work focused on IT culture

251–The Evolution of IT In The External Audit

David Meadley, CISA, CGEIT, CRISC
Assistant Manager

If we have learnt anything from recent IT events, it's that the environment we and our clients operate is constantly changing and reacting to new threats and opportunities. We will examine how our external audit approach is changing.

After completing this session, you will be able to:

  • Describe what the International Standards on Auditing require when it comes to IT in external audits
  • Describe the difference between general IT controls and various types of application controls typically relied upon in an external audit and how this may impact the scope of internal audit
  • Describe some of the various options available to test general IT and application controls for external and internal audit purposes
  • Describe alternative external and internal audit approaches without relying on traditional general IT and application controls

261–Auditing the Digital Forensic Process

K. Rama Subramaniam, CISA, CISM
Director & CEO
Valiant Technologies Group

Robust forensic process after a cyber-attack to collect digital evidence of probative value is emerging as a key security governance requirement. Stakeholders expect the IS auditor to attest reliability of the process. How can the IS auditor do this?

After completing this session, you will be able to:

  • Review and report on the process of integrating the digital forensic process with the organisation's information security strategy, as part of the information security governance requirements
  • Review and recommend the changes to be made in IT landscape in order not to miss out on evidence of probative value available in the information flowing through, stored and processed on the systems
  • Review the digital forensic process for conformity with emerging global standards in this area. Look for lessons from conventional forensics discipline to adopt in digital forensics
  • Develop and implement an audit programme that will assure stakeholders of the appropriateness of the digital forensic processes in operation; protecting chain of evidence and meeting the legal needs.

311–Auditor’s Guide to a Penetration Test

Herbert McMorris, CISA, CISM, CGEIT, CRISC
Information Security Analyst

Penetration testing identifies flaws in a security programme including technical, process, and personnel failures. But what should the auditor or risk manager do with the results? This session discusses what the auditor and risk manager need to know.

After completing this session, you will be able to:

  • Define the different types of penetration tests
  • Discuss why penetration testing is needed
  • Understand the penetration test report
  • How resolution and mitigation should be verified

321–Auditing IOT

Versatilist Consulting India Pvt, Ltd

The internet of everything is around us whether we like it or not. Organisations are increasingly relying on IoT for all aspects making the need for auditing IOT increasingly critical.

After completing this session, you will be able to:

  • Understand current and potential IOT usage
  • Appreciate the concerns that will need to be addressed due to the usage of IoT
  • Establish audit considerations for IOT
  • Conduct IOT audits based on a framework approach


Return to Event Page >>



112–Aligning Security to the New Wave

Sandeep Godbole, CISA, CISM, CGEIT
General Manager - Info Security

The tools of the trade for IT professionals have changed. Architecture (Micro Services), Development Methodology (Agile) and Deployment (DevOps) are different from the conventional methods. The session aligns security for this new normal.

After completing this session, you will be able to:

  • Gain basic understanding of Micro Services architecture, along with the Agile approach and the DevOps deployment
  • Determine the change from the conventional approaches and methods related to system architecture, development and deployment
  • Identify processes, stages, check points where security is necessary
  • Participate as a security expert in projects that deploy agile, microarchitecture and DevOps

122–Dev Ops, Agile and Compliance

Guy Herbert, CISA
Head of IT Risk and Compliance

Dev Ops and Agile development can allow you to build a fast-paced compliance pipeline that will allow your development teams to maintain speed and keep your risk and audit teams happy.

After completing this session, you will be able to:

  • Understand DevOps and Agile risks and controls
  • Understand the DevOps and Agile process flow
  • Design controls for DevOps and Agile developments
  • Design audit plans for DevOps/Agile environments

132–Additional Information Coming Soon!


142–Risk Based Approach to Security

Samuel Korpi, CISA
Information Security Specialist
Neste Corporation

In this session, we explore what a risk based approach to security might look like. The aim is to bridge the gap between risk and control, so that we are better equipped in estimating and justifying the controls we put in place into our environment.

After completing this session, you will be able to:

  • Understand the need for common terminology related to security and risks and utilise sample definitions given in the presentation
  • Utilise the security feedback loop to model and link together security and risk, through assurance, control and threat assessment
  • Understand the complexity of risk mapping, considering especially the multitude of information sources
  • Make an informed decision on whether to consider risk based approach to security for their organisation

212–Using COBIT 5 to Manage Shadow IT

Christopher Rentrop
HTWG Konstanz

Shadow IT is a widespread and growing phenomenon. Several processes within COBIT5 deal with or are affected by Shadow IT. In this presentation we will analyse these processes and thereby demonstrate how to use COBIT to manage Shadow IT.

After completing this session, you will be able to:

  • Understand the definition of Shadow IT and the phenomenon
  • See which COBIT 5 processes are (negatively) affected by Shadow IT
  • Understand which critical IT management processes are missing or on a low maturity Level in a typical Shadow IT setting
  • Use COBIT 5 to plan a Shadow IT audit project in his (or her) company

222–COBIT & SFIA as Organisational Design Tools

Daniel Merriott, CISA, CGEIT
Principal Consultant

COBIT can be leveraged to help with operating model design, acting as an integrator of other processes (ITIL, SIAM, PRINCE, etc.). Combined with SFIA we can define the both the roles and skills needed by a current or future operating model.

After completing this session, you will be able to:

  • Understand how to map between COBIT and SFIA (the Skills Framework for the Information Age) frameworks in a meaningful way
  • Use COBIT as a framework to integrate other process frameworks in operating model design
  • Validate organisation positions against the capabilities needed in an operating model
  • Build a consistent view of the skills needed to deliver an operating model, and identify any skills gaps that need managing

232–Fraud Prevention Program- Unexplored Side

Rajiv Gupta, CISA
Vice President & Chief Internal Auditor
United Spirits, Ltd - a Diageo Group Co

Session will focus on: 1. Why knowledge of Forensic Accounting has become a necessity for a finance professional. 2. How fraudster plays with human psychology? 3. Fraud Triangle: How to use it to devise Fraud Prevention Program for ANY company?

After completing this session, you will be able to:

  • Identify Green Flags or "All is Well" syndrome at their clients
  • Use "Fraud Triangle" to develop Fraud Prevention Program
  • Use Beneish Model - only model available, as of date, to detect fraud in financial statements with more than 75% probability!
  • Identify areas where the IT & Finance auditors should invest more time and resources especially in substantive audit procedures

242–Effective Cloud Governance

Paolo Ottolino, CISA, CISM
Cyber Security Professional

In the era of Cloud, 3 main concepts for IT Governance: - Measurement: thorough management of People|Process|Technology - Cycles: further improvements in aligning IT to Business - CSOA: readiness to services delivered on Hybrid Cloud environments. Both Cloud Acquirer and Provider should adopt agreed upon Governance models.

The indicator types to adopt:

  • Direct KPI
  • Create KGI
  • Protect KRI
  • Execute SLA
  • Monitor KMI
  • Security Indicators
  • STO:Security Testing Objectives
  • VSC:Vulnerability Scan Coverage
  • PCS:Platform Compliance Score
  • PTL:Patch Latency
  • MBI:Meantime Between Incident

Identity Indicators:

  • IMC:Identity Management Coverage
  • 2FA:Two Factor Authentication
  • MCP:Meantime to Certified Privileged Account
  • TUP:Time for User Provisioning
  • PAU:Privileged Account per User
  • Resilience Indicators
  • RTO:Recovery Time Objective
  • RPO:Recovery Point Objective
  • SRC:System Recovery Coverage
  • MTR:Meantime To Repair
  • MBF:Meantime Between Failure

252–Risk Transfer-Is It for Your Organisation?

Lisa Young, CISA, CISM
Vice President
Axio Global

Is Risk Transfer a good fit for your organisation? This session is designed for organisations that want to understand additional options for risk management and if risk transfer is a good option for the overall risk management strategy.

After completing this session, you will be able to:

  • Understand risk management in a business context
  • Tips for risk analysis and impact quantification
  • Know what scenarios fit risk transfer options
  • Understand risk transfer options

262–DevOps - The Game Changer

Philip Green, CISA, CISM, CRISC
G3 Service Solutions Limited

From Deming to DevOps. This presentation discusses DevOps as a game changer - why it cannot be ignored, the challenges it presents and the shift in thinking & approach needed to turn it from a blocker to an enabler to information risk & security.

After completing this session, you will be able to:

  • Understand that DevOps as a game changer cannot be ignored
  • Understand the basic principles of DevOps, its roots in Agile practices, it's link to continual improvement and 'The Three Ways'
  • Understand how DevOps challenges traditional risk & security controls
  • Understand the shift in thinking and approach needed to turn DevOps from a blocker to an enabler to the information risk & security professional

312–OT Operating Models Using COBIT 5

Arno Kapteijn, CISA, CGEIT
Management Consultant IM/IT

Improving alignment of the Operational Technology (OT) and Information Technology (IT) Domain by building an OT Operating Model based on COBIT 5 - A case study at Stedin (utility company in The Netherlands).

After completing this session, you will be able to:

  • Assess how COBIT 5 is useful for the governance and management of operational technology
  • Understand how the IT and OT domains can be better aligned by using COBIT 5
  • Understand how corporate governance of OT can be improved by using COBIT 5
  • Use COBIT 5 to provide a comprehensive framework that assists enterprises in achieving their objectives for the governance and management of all enterprise Technology, not just IT

322–BIA: The Root of Security & Recovery Plans

Herbert McMorris, CISA, CISM, CGEIT, CRISC
Information Security Analyst

The Business Impact Analysis (BIA) is the root of security, risk & recovery programmes, yet it is often performed incorrectly. How does the BIA drive risk management process, security programmes, and recovery efforts, and who should perform the analysis?

After completing this session, you will be able to:

  • Explain the purpose of a Business Impact Analysis
  • Know how the BIA applies to risk and recovery programmes
  • Determine the critical outputs from the analysis
  • Know how outputs apply to risk, security, and recovery


Return to Event Page >>


Track 3—GDPR, Data Analytics & Information Management

113–Additional Information Coming Soon!


123–Advanced Technical Tools for Compliance Audits Pt. 1

Andrew Neal, CISM, CRISC
President, Forensic Technology & Consulting
TransPerfect Legal Solutions

Compliance with data privacy and information security regulations is becoming a more visible problem with higher financial penalties. Using techniques developed for other IT/IS disciplines, compliance audits can gain deep insight into data content, technical controls, and the real-world functioning of the controlled environment.

After completing this session, you will be able to:

  • Describe some of the technical challenges in auditing compliance with GDPR and other data privacy regulations
  • List the steps in an advance technical compliance audit
  • Leverage technical tools from other IT/IS disciplines to perform an audit
  • Implement technical tools in their own compliance audit programme

133–Advanced Technical Tools for Compliance Audits Pt. 2

Andrew Neal, CISM, CRISC
President, Forensic Technology & Consulting
TransPerfect Legal Solutions

Compliance with data privacy and information security regulations is becoming a more visible problem with higher financial penalties. Using techniques developed for other IT/IS disciplines, compliance audits can gain deep insight into data content, technical controls, and the real-world functioning of the controlled environment.

After completing this session, you will be able to:

  • Describe some of the technical challenges in auditing compliance with GDPR and other data privacy regulations
  • List the steps in an advance technical compliance audit
  • Leverage technical tools from other IT/IS disciplines to perform an audit
  • Implement technical tools in their own compliance audit programme

143–3,2,1...Boom - GDPR Maturity Now

Petri Koivisto, CISA

3,2,1...boom - GDPR is live, what is the maturity of your products and services now against GDPR? This presentation demonstrates how we utilised selected framework to establish a guarantee to our customers for GDPR compliancy.

After completing this session, you will be able to:

  • Understand how to build compliance framework for GDPR
  • Understand how to establish a guarantee for customers
  • Compare selected approach to their approach
  • Learn how this approach raises awareness and maturity in security and privacy area

213–Tackling the GDPR: A Roadmap to Compliance

Kabir Barday
Chief Executive Officer

Learn how to build a GDPR roadmap while integrating privacy management tools as a function of IT security, risk management, audit and compliance, as well as the importance of understanding and demonstrating on-going privacy regulation compliance.

After completing this session, you will be able to:

  • Understand the requirements, importance, and implications of the GDPR for an organisation’s privacy and security teams
  • Build a compliance roadmap with both privacy and security in mind
  • Understand how privacy management tools fit into an overall security ecosystem
  • Demonstrate ongoing compliance with the GDPR and other privacy regulations

223–GDPR Panel: Week 1 - What We Know Now

Additional Information Coming Soon!

After completing this session, you will be able to:

  • Discuss the current status and developments relative to the GDPR
  • Understand the challenges faced by various stakeholders in the GDPR compliance process
  • Bring suggestions for best practices back to their organisations
  • Contribute to and engage with their organisation’s GDPR programme

233–GDPR Pain Points

Paolo Ottolino, CISA, CISM
Cyber Security Professional

GDPR harmonises Privacy Regulation throughout the EU, establishing: - to defend data of EU citizens - by Data Controller/Processor - controlled by SA, EDPB - heavy sanctions - to issue by May 25th, 2018.

Top 5 Development Impacts

  • Treat Register
  • Privacy by Design/Default
  • Pseudonymization
  • Profiling
  • Third Party

Top 5 Suggested Tools

  • GRC
  • SIEM
  • PAM
  • DLP

Top 5 Operational Impacts

  • Data Breach
  • DPO
  • Consent
  • Right to Erasure
  • Code of Conduct

Top 5 Suggested Company Functions

  • Internal Audit
  • SOC
  • IRT
  • Internal Risk
  • Security Assurance

243–Additional Information Coming Soon!


253–Protect Your Data Against Insider Threats

Thomas Baumann, CISA, CRISC
Head of Data Engineering
Swiss Mobiliar

This presentation discusses how database activity monitoring and encryption help to safeguard your data against intentional and unintentional threats, and how Machine Learning algorithms might help to uncover anomalous user activities.

After completing this session, you will be able to:

  • Describe the countermeasures against intentional insider threats
  • Mitigate risks of unintentional insider threats
  • Identify the role of databases as targets of attacks
  • Understand how machine learning algorithms might help to identify threats

263–Privacy in a Contextual World

Versatilist Consulting India Pvt, Ltd

Technologies are increasingly becoming contextual and organisations are rushing to leverage this to better serve customers without understanding the implications on privacy- the session provides insights to navigate this mine field.

After completing this session, you will be able to:

  • Overview of various contextual technologies
  • Privacy implications- what you should know
  • Establishing a risk based approach to managing privacy
  • What can you do to manage privacy implications of contextual technologies

313–After the Enforcement - Journey to GDPR

Manoj Patel
CyberSecurity & Risk Global Practice EMEA

Your Compliance Journey to GDPR - After the Enforcement GDPR journey milestones Requirements & challenges & applicabilities of the regulation GDPR & organisational objectives GDPR - Best practices approach.

After completing this session, you will be able to:

  • Understand the enforcement impact
  • Learn the requirements and challenges
  • Align GDPR & organisational objectives
  • Fulfill requirements and how to be compliant

323–So the GDPR is Here, Now What?

Ralph O Brien
Principal Consultant - Europe, Compliance Solutions

This session will focus on the status of GDPR compliance, regulatory guidance on enforcement, the impact of Brexit and the U.K. Data Protection Bill, and best practices for GDPR internal audits, liaison with audit committees and support of DPO’s.

After completing this session, you will be able to:

  • Compare their organisation’s GDPR status with peers in their industry
  • Assess the likelihood of enforcement action against their organisation and the likely penalty in the event of a GDPR compliance failure
  • Explain the impact of Brexit and the U.K. Data Protection Bill (or Act, if enacted) on their organisation’s GDPR programme
  • Map industry best practices against their organisation’s approach to GDPR internal audit and liaison with audit committees and DPO’s


Return to Event Page >>


Track 4—Security/Cyber Security

114–Hollywood's Cybersecurity Lessons

William Macleod
Senior Cyber Security Specialist
University of Strathclyde

A tongue in cheek look at movies as diverse as Despicable Me and Batman vs Superman, reveals some truths about cybersecurity and some not-so-truths.

After completing this session, you will be able to:

  • Identify 4 threat actors
  • Identify 4 threat vectors
  • Identify 4 threat targets
  • Identify 4 mitigation methods

124–Hunting the Balance Point

Markus Kluge, CISM
Head of Information Security

New regulations demanding better protection of PII, the PSD2 Directive capitalize on the accessibility of APIs and end-user are asking for APPs with a perfect UX and UI. How does information security fit in this ecosystem?

After completing this session, you will be able to:

  • Identify the impact of new directives and regulations as well as end-user "demands" on new mobile services
  • Understand where information security and compliance related tasks should find their place into project planning if the deliverables deal with PII, financial data, end-user interaction A.A
  • Explain to colleagues, friends & family, why there is no perfect app and always a residual risk associated to the use of every app used for payments
  • Teach their network how important (and time saving) common sense is when designing, coding and using apps for financial transactions

134–A Security View of Future of Payments in EU

Alen Beganovic, CISM, CGEIT
Security Consultant
Ethernaut Information Technologies D.o.o.

PSD2 has introduced new players in payment arena (AISP & PISP) and brings new strategies and requirements in payments and digital banking “Open Banking” begins - banks are forced to make strategic decision: become compliance provider or key player.

After completing this session, you will be able to:

  • Understand key business and technology risks and opportunities for existing players (primary banks) in payment ecosystem
  • Describe role of the new players in payments (AISP and PISP) and new transaction flows
  • Understand key requirements from PSD2 and relevant standards and guidelines, strong customer authentication and dynamic linking, from security point of view
  • Describe main requirements for mandatory APIs for account information and payment initiation

144–Threat Intelligence Sharing: Trusted Circles

Manoj Patel
CyberSecurity & Risk Global Practice EMEA

Sighting Search and Trusted Security Circles Importance of Threat Sharing - Why share threat intelligence? Current Global ISACs (Information Sharing & Analysis Centers) Identify & assess the impact of a cyber-attack Immunity by Community.

After completing this session, you will be able to:

  • Learn about what Sighting Search and Trusted Security Circles are
  • Understand Importance of Threat Sharing - Why share threat intelligence?
  • Use of Threat intelligence to identify, remediate and/or assess the impact of a cyber attack
  • Know Current Global ISACs (Information Sharing & Analysis Centers)
  • How to approach on Threat Intelligence sharing
  • Drive Immunity by community

214–3rd Party Security in the Era of Cyber

Michael van Dinter, CISA, CISM, CRISC
Chief Information Security Officer
Targo Commercial Finance

In a world of interconnection all companies use 3rd parties for services and outsourcing of various functions of the own organisation. But how does one secure those 3rd parties? Learn how in this session.

After completing this session, you will be able to:

  • Identify how to integrate 3rd party cyber security assessments into internal processes like the purchasing processes
  • Review all 3rd party engagements and identify those requiring an in-depth cyber security assessment
  • Ask the right questions to assess the 3rd parties’ cyber security practices and get the needed answers
  • How to work successfully with the 3rd party towards assessing cyber security practices

224–Emerging Security Threats and Challenges in Cloud

Shaveta Datta
AVP Quality

As cloud computing grows in size and shape, it also brings in its own sets of challenges. While cloud adoption is on the rise, many organisations are still reluctant to make that final decision. Security in cloud is a major concern to organisations.

After completing this session, you will be able to:

  • Adoption of cloud computing is on the rise and aided by an equal pace in new technology and product trends
  • Cloud Computing aims to change the way IT services are provided, delivered and consumed
  • Cloud platform provides a compelling reason to migrate applications and services, by aiming to increase efficiency, reduce cost and yet are dynamic and scalable
  • Cloud computing platform is characterised by challenges and risks on security, compliance, trust and privacy. Looking at them, these do not seem to be new (and existing in a traditional IT environment
  • Security is one of the key pillars of a cloud implementation, without which Cloud adoption is sure to suffer

234–Proactive Cybersecurity Response Case Study

Mick Ryan, CISM
Head of Cybersecurity Operations
Ward Solutions

Head of Information Security & Cybersecurity
ICON, plc

This session will use real examples to outline how to adapt their incident response plans & playbooks, embrace new technologies & automation and proactively assess their security controls in order to successfully defend modern cybersecurity attacks.

After completing this session, you will be able to:

  • Leverage experiences of a multinational organisation to improve your incident response processes. These will include several attack examples, how they were defended, and outline lessons learnt
  • Use the information shown improve your incident response plan, we will show through technical attacks experienced how we improved our incident response plans and playbooks
  • Demonstrate through examples how to proactively assess your security controls through the use of automated cyber simulation platforms and security models (mitre att&ck)
  • Use practical experiences of emerging technologies such as robotic process automation, cyber simulation and machine learning to see how these can be incorporated into your security architecture.

244–Understanding Deep & Dark Web

University of Rome

Dark web is a mysterious world who attracts everyone. The presentation if focused to show the dangers coming from the dark web and how to prevent users from accessing it without affecting normal operations, with techniques and practical examples.

After completing this session, you will be able to:

  • Understand what is behind the normal web navigation
  • Understand the TOR network operation, anonymity and hidden services
  • Have a knowledge of deep & dark web, difference and content
  • Prevent internet misuse and avoid employee surfing dark web using company assets

254–Cybersecurity & Payments in The Netherlands

Marco Doeland, CISM
Manager Risk Management

Learn how the Dutch successfully decreased electronic fraud on payments from 80 Million to 10 Million in the last five years. Combining technical measures, collaboration and creating awareness for the Dutch consumers.

After completing this session, you will be able to:

  • Understand why information sharing and collaboration is a prerequisite in order to fight cybercrime
  • Understand which technical measures are successful in fighting fraud
  • Recognise the importance of creating security awareness for consumers
  • Have more knowledge about cybersecurity and payments, in particular related to the game changer PSD2

264–Advanced Vulnerability Remediation

Andrew Scott, CISM
Assurance Lead - Scotland
Context IS

When the number of systems and vulnerabilities on an estate start mounting up counting the vulnerabilities and tracking them in a governance forum is no longer enough, you need advanced remediation strategies to deal with the volumes.

After completing this session, you will be able to:

  • Work out key vulnerabilities on their estate to prioritise volume and risk basis
  • Understand how to turn remediation from a per system problem to an organisational opportunity
  • Design organisation wide remediation tactics, processes and technology
  • Apply these to make step changes in the security posture of their organisations

314–Cyber-Surveillance: Defending Our Privacy

University of Rome

We live in the new information warfare era, and personal privacy and data are hard to protect, keeping a proper behavior not only when on-line, but mainly in the day-by-day life, with best practices, tools and techniques.

After completing this session, you will be able to:

  • Develop Skills for Cyber Safety and How to keep a low-profile in every circumstance
  • Ensuring on-line anonymity and Navigate Social Networking Sites
  • Understand Instant Messaging Code and how to use a virtual private network
  • How to care your passwords techniques for improving login security (e.g. two-factors authentication, etc.)

324–The Path to Self Securing Software

Gary Robinson
Founder, Uleska

This talk covers exciting new research, moving application security from a reactionary to a proactive discipline. We present a methodology whereby teams can automatically secure their software, and monitor its security compliance on a daily basis.

After completing this session, you will be able to:

  • Understand the nature of the research conducted on the delays and costs of application security. We will show insights into the industry research we have conducted across the UK & Ireland
  • Learn of existing technologies that facilitate proactive application security. Dr. Yan Haung from the UK Center for Information Security Technologies will discuss open-source tools in this area
  • Walk through new methodologies to conduct automated computer audits via source code analysis, directly comparing the source code against industry standards (e.g. PCI DSS, ISO 27001, etc.)
  • Look to the future. Based on research and development so far, the audience will walk through potential for future advancements, providing near real-time audit information on developing software


Return to Event Page >>


Track 5—Security/Cyber Security - Advanced

115–Payment Security (PSD2)

Jorke Kamstra, CISA
National Bank of Belgium

Bank heists used to be cowboys using guns until 25 years ago when electronic payments were invented. In 2017 the modern bank heist consists of a hacker remotely taking over a PC. What can we do to protect people's money today?

After completing this session, you will be able to:

  • Explain the major risks of electronic banking
  • Explain the reason why we should care about public trust in electronic money
  • Make the link between cyber security frameworks (NIST), assurance frameworks (COBIT) and prudential banking regulation
  • Explain why we need innovation in payment security

125–Security Governance and Management

Andrej Volchkov
Volchkov Consulting

Security controls can be modeled as a Three Layer Control Framework: Strategic, Tactical and Operational. Presentation of the framework and building blocks with associated method for self-assessment and toolset for CISOs and decision makers.

After completing this session, you will be able to:

  • Better understand and visually represent the main security governance and management activities. Be able to "ask right questions" about security
  • Use a simple model to do a review or a self-assessment of the security governance and management
  • Use the appropriate tool in each of the building blocks of security governance and management. Initiate discussion on the adequacy of the security in the company
  • Better evaluate and communicate on the security posture in the company at all levels

135–Red Teaming – Common Findings and Solutions

Andrew Scott, CISM
Assurance Lead - Scotland
Context IS

Hear from one of the organisations who helped define red team testing in the UK what Red Teaming is, why it is valuable to an organisation, how to do it well and some of our most common findings from these engagements.

After completing this session, you will be able to:

  • Articulate what a red team exercise is and what it should involve
  • Maximise the value of running a red team exercise for their organisation
  • Describe why it gives more value to an organisation than just penetration testing
  • Describe common findings identified during Red Team Engagements based on a review of over 100 engagements. Understand ways to address these findings in their organisation

145–Additional Information Coming Soon!


215–Securing Active Directory

Tom Madsen, CISM
Security Advisor
Fort Consult

Active directory is the core identity management system for many organisations, thus making the security of this a core concern for all of these. Having an AD designed in a secure manner makes the management of it much easier.

After completing this session, you will be able to:

  • Design a new implementation of Active Directory with security as one of requirements
  • Alter an already existing Active directory to implement a more secure configuration
  • Manage active directory in a more secure manner for both user accounts and service accounts
  • Understand the concept of Just Enough Administration and implement it in their own environments

225–Stop Cyber-Attacks in Your SAP Landscape

Mohammed Sharfuddin
Security / GRC Consultant
King Abdullah University of Science & Technology

Know what is Cyber Security and how different it is from Information Security. Learn the architecture of SAP & understand the difficulties in securing SAP applications, and also learn how weakness can be exploited by APT for a complete system loss.

After completing this session, you will be able to:

  • Defining Cyber security & learn the various cyber-attacks & their evolution
  • Learning the architecture and the different platforms of SAP and the difficulty in securing from Cyber attacks
  • Establishing a successful Cyber security programme for an enterprise
  • Technology solutions to secure various SAP platforms & an example of a Cyber Incident

235–Secure Application Development & Deployment

Luc Pelfini, CISA, CISM, CRISC
Vice Director

In this session we present two approaches for providing adequate software assurance: one based on a strict software development methodology, the other on application-specific risk analysis and derived security requirements.

After completing this session, you will be able to:

  • Explain threats and vulnerabilities against software (custom-made and off-the-shelf)
  • List the most important types of weaknesses found in applications/software (custom-made and off-the-shelf)
  • Explain an SDLC (software development life cycle) based approach for software assurance
  • Explain approaches to secure/contain off-the-shelf software

245–Auditing Machine Identity Protection

Kevin Bocek
Vice President, Security Strategy & Threat Intelligence

We spend billions each year on securing human identities (usernames/passwords/etc.), but almost nothing on securing machine identities. With a 5-stage maturity roadmap for machine identity protection, auditors can highlight risks of staying unsecure.

After completing this session, you will be able to:

  • Understand machine identity protection and how it compares to human identity protection on the internet and networks
  • Use a 5-stage assessment to establish the maturity of each organisation on machine identity protection
  • Deliver audit findings for each of the 5 stages to provide a concrete path for audited organisations to improve their security and progress on the machine identity protection maturity roadmap
  • Know the risks of misuse of machine identities and the specific risks that are still prevalent at each machine identity protection stage (as well as the risks that are mitigated at each stage)

255–Measuring and Managing IT Security Risk

Neil Gast, CISA
United Airlines

Is your IT Security programme effective? Can you identify and prioritise your most pressing security issues? Is your security improving? How do you know? Learn how United Airlines is building an enterprise risk programme to confront these questions.

After completing this session, you will be able to:

  • Understand the foundational elements and effort involved in creating an IT Security risk management programme, and understand why many security risk management programmes fail
  • Create and manage a security metrics catalog that aligns to their own IT environment and business priorities, and prioritise data sources for realistic metrics measurement targets
  • Understand the complexity of implementing an IT Security risk management programme, and define a reasonable roadmap and evolutionary path for programme growth and maturity
  • Apply lessons learned to avoid many of the pitfalls encountered in developing and implementing an IT Security risk management programme.

265–Data Lives 24 Hours A Day.... Do You?

Asim Fareeduddin, CISA, CISM
VP, Regulatory Controls & IT Security Assurance
RELX Group

Data cannot be protected if the one does not know which information is critical or where it resides. This case study will share real life strategies and advice on how to gain visibility, identify & manage critical data assets in your organisation.

After completing this session, you will be able to:

  • Create a comprehensive data inventory and appropriately classify the data based on risk
  • Apply specific controls to the classified data based on conducting a risk assessment
  • "Sell" the concept of data classification and prioritization to various stakeholders including the c-suite, board & senior management
  • Select a control framework that fits their organisation in order to appropriately safeguard their data

315–SSH Keys—Lowest Cost, Highest Risk Tool

Mike Dodson
Sr. Director of Global Sales Engineering

All enterprises rely on SSH to authenticate privileged users and establish trusted access to critical systems. But, the SSH keys are often left unprotected and inadequately audited. Hear common mistakes on security, policy, and auditing practices.

After completing this session, you will be able to:

  • Learn how SSH keys provide the ideal mechanism for cyber criminals to gain unauthorised privileged access and pivot through a network environment, and how to control it
  • See why PAM solutions don’t protect against all SSH key risks
  • Learn the common pitfalls in SSH key management made by nearly every organisation
  • Develop a plan to audit for best practices in SSH key management

325–A Framework for Choosing An ISMS

Steve Mair, CISM
Sr Cyber Security Consultant
PGI Cyber

There are several different security management systems in use, but how do you know which is the right one for your business? Here we’ll look at practical guidance on how to choose the most appropriate models and systems for your organisation.

After completing this session, you will be able to:

  • Identify some of the more common security models and understand how they should change in the future
  • Identify some of the common security management systems in use today, and the key differences between them
  • Determine business requirements and map those on to security management systems
  • Decide which security management systems are most appropriate for their organisation


Return to Event Page >>



WS1–Cybersecurity Fundamentals

Richard HollisRichard Hollis, CISM, CRISC
Risk Factory Ltd.

Why become a cyber security professional? The protection of information is a critical function for all enterprises. Cyber security is a growing and rapidly changing field, and it is crucial that the central concepts that frame and define this increasingly pervasive field are understood by professionals who are involved and concerned with the security implications of Information Technologies (IT). The CSX Fundamentals workshop is designed for this purpose, as well as to provide insight into the importance of cyber security, and the integral role of cyber security professionals. This workshop will also prepare learners for the CSX Fundamentals Exam.

WS2–COBIT 5 Foundation

Bruno Horta SoaresBruno Horta Soares, CISA, CGEIT, CRISC
Founder & Senior Advisor
GOVaaS - Governance Advisors, as-a-Service

Learn the importance of an effective framework to enable business value. Delve into the elements of ISACA’s evolutionary framework to understand how COBIT 5 covers the business end-to-end and helps you effectively govern and manage enterprise IT. Developed for anyone interested in obtaining foundation-level knowledge of COBIT, the course explains the COBIT framework and supporting materials in a logical and example-driven approach.

  • Earn the COBIT 5 Foundation Certificate! Attendees can take the Foundation Exam Monday, 28 May 2018 for an additional US $150!

WS3–Cybersecurity for Auditors

Vilius BenetisVilius Benetis, CISA, CRISC
Cybersecurity Professional, CEO

Cyber security focus is a requirement for any organization today, but how can a company know and understand what their cyber security posture is? A strong cyber security audit program with qualified, capable auditors and a robust work program or standard is a must. During this workshop, we will dig into the details of cyber security audit. We will evaluate the ISACA NIST Cybersecurity Framework Audit Work Program as well as various cyber security frameworks and tools including the NIST Cybersecurity Framework and the FFIEC Cybersecurity Assessment Tool.

WS4–Maintaining Focus on Data Protection & Privacy Beyond May 2018

Data Protection Project Manager & Advisor
Privacy Squad

GDPR becomes enforceable on 25 May 2018. Organisations must ensure there is continued focus on data protection beyond May 2018 and not just from a GDPR perspective. A robust operational lifecycle and governance framework is a pre-requisite for ensuring ongoing compliance with applicable legislation.

This interactive workshop will use a case study and involve working in groups to generate specific products/deliverables. Participants will benefit from sharing experiences and learning points not just from the instructor but also from each other.

After completing this workshop, participants will be able:

  • Articulate the competences, responsibilities and organisational structures needed to support the governance framework
  • Ensure their organisations' strategy for Data Protection is in place and relevant
  • Describe the key elements of the Operational Lifecycle and how to establish them
  • Know how to integrate ISO 27001 with other relevant standards and ensure their organisations’ privacy control framework is fit for purpose


Return to Event Page >>



2018 Opening Keynote Address

Risk & Decision Making

Caspar BerryCaspar Berry
Motivational business speaker specialising in risk, decision making, innovation and leadership.

While the subject of decision making is unimaginably vast and profound, the key message of this keynote is that all decisions are essentially investment decisions and that all of us as decision makers are essentially investors every moment of every day. Caspar will show attendees how the process of decision making is essentially the process of trying to maximise the returns they make on their investments. In life these might be better relationships and quality of life. In business it is all about efficiency, productivity, doing more with less and, in a literal sense, return on investment. In order to be great decision makers – or investors – we need to understand the brilliance, but also the limitations and flaws, of our innate judgement and decision-making mechanism. Most notable among these is our emotional fear of failure. It is this which very often stops us from taking opportunities with high overall returns and which must therefore be conquered.

Among his other claims to fame, opening keynote speaker Caspar Berry was one of the two poker advisors on the 2006 James Bond Movie, Casino Royale. Co-founder of Twenty First Century Media, former screenwriter and professional poker player, Caspar has become a renowned speaker to global corporations and a catalyst for embracing uncertainty and taking calculated risks in making game-winning decisions.

Leadership Brief

Robert StroudRobert Stroud
Past Chair of ISACA Board of Directors




2018 Closing Keynote Address

The Big Data Revolution

Mike WalshMike Walsh
Futurist, Innovation and Technology Speaker and Authority on Emerging Markets. Iot Expert

There is a new war coming – over the future’s most valuable asset. Big Data, once just the domain of technology professionals, will soon be the number one issue for all business leaders. Consumers are producing more of it, marketers are starting to leverage it, and governments are seeking to control it – and most importantly, business leaders will be asked to make decisions based on it. The real Big Data revolution is not just about the amount of data that has to be processed, but a mindset change about how data gets used in the enterprise. With original research, practical evaluations of disruptive strategies and case studies from some of the world’s most innovative firms, Mike Walsh will give you the roadmap you need to set your Big Data strategy in place for the future.

For IT Leaders:

  • The new mindset required to integrate third party Cloud platforms and experiment with exotic Big Data technology platforms
  • Meeting the challenge of engaging business decision makers to commit to Big Data investments

For Senior Decision Makers:

  • Incorporating data into strategic decision making
  • Innovative approaches to data visualization as a tool for communicating trends and patterns
  • Relevant case studies of the ‘winners circle’ of companies who, today, are making the big bets on tomorrow’s Big Data platforms

Mike is the CEO of Tomorrow, a global consultancy on designing companies for the 21st century. He advises leaders on how to thrive in the current era of disruptive technological change. Mike’s clients include many of the global Fortune 500, and as a sought-after keynote speaker he regularly shares the stage with world leaders and business icons alike. Mike previously founded Jupiter Research in Australia, and has also held senior strategy roles at News Corporation in the Asia Pacific Region. Mike’s best-selling book ‘Futuretainment’, published by Phaidon was the winner of the design award by the Art Director’s Club in New York. Mike’s latest book is The Dictionary Of Dangerous Ideas. Each week he interviews provocative thinkers, innovators and troublemakers on his weekly podcast, ‘Between Worlds’. A true nomad, Mike travels over 300 days a year worldwide, researching trends, collecting innovation case studies and presenting on the future of business.


Return to Event Page >>