7TH IT GOVERNANCE SUMMIT
Theme: Cyber & Technology Risks – Boardroom Concerns.
These intense hands-on sessions will assemble high-value subject matter experts and professionals across the globe in IT Governance, Information Security (IS), IS Audit, Risk Management, Cyber Security, Data Protection and Hacking.
Join several top executives who share mutual interest, acquire knowledge and skills that can be applied immediately and used against evolving threats.
Gain Fourteen (14) CPE Points for attending.
- Audit, Control, Risk Management, Governance professionals, Policy and decision makers.
- C-Suite Executives and Senior managers directly charged with protecting corporate infrastructure.
- Internal Auditors, Accountants, HR and Finance Professionals.
- Health, Insurance Professionals and Legal counsel who work with policy and decision-makers in establishing policies.
- Law enforcement staff who are involved in investigating cyber crimes.
- Government managers and senior executives responsible for protecting systems and critical infrastructures.
DELEGATES CAN EXPECT:
- Valuable content presented by some of the industry’s most forward-thinking leaders.
- High paced interactive participation, and latest technologies changing the security and risk landscape.
- 16 hours of relevant educational sessions from various top professionals with a wide range of backgrounds and experiences.
- Inspiration to protect your institution now and in the future from the ever-changing cyber-security landscape.
- A chance to network among an assembly of professionals who share common interests and more.
Don't miss this unique opportunity!
Join the discussion
Technology is creating fundamental changes in the role that IS Auditors play within the organization. Beyond the technical skills, IS Audit professionals are expected to understand and demonstrate skills they will need over the next decade in a technologically advanced and changing world.
The ability to determine the deeper meaning of what is being expressed, the ability to connect with others directly and solve complex problems, the ability to form good judgment and make informed decisions are some of the key skills that are required of the IS Auditor in a world of digital disruption.
This presentation focuses on the soft skills that IS Auditors must possess if they are to create, preserve and anticipate value and sustain superior performance.
We live in an age where the news of cyber-attacks and data breaches is no longer news. Institutions of all types and sizes (small, medium, large) are all targets of cyber-attacks.
One of several options institutions have in assessing their cyber-attack resiliency is conducting periodic security assessments to assess their cybersecurity maturity capabilities. One of these assessments takes the form of penetration tests, where testers simulate attacks against an organization, in attempts to compromise their network.
This presentation focuses on methods used in conducting external penetration tests to assess an organization’s external threat exposure. While the presentation is not exhaustive on how to conduct a penetration test, it touches on some key steps a penetration tester may consider during a test.
Yet to Provide
Traditionally, maintaining a hardened perimeter security was enough to protect data centres. Implementing layered security to detect and prevent breaches coming into or out of data centres implied that we could ward off attacks on our infrastructure. The new breed of attacks are more advanced and sophisticated, affecting all layers and segments of the network. Considering that hackers do not rest in their search of new attack vectors, it is necessary to constantly review and update our lines of defence to prevent their intrusion into our digital environments. This presentation aims to explore the evolution of attack vectors and threats and how organizations can prepare themselves to deal with them accordingly.
Bank of Ghana launched the Cyber Security Directive for financial institutions in October 2018 to provide a framework for establishing Cyber and Information Security protocols and procedures for Financial Institutions to help them protect themselves against ever increasing cyber-attacks and InfoSec breaches targeting the financial industry in Ghana. This unofficial Quick Reference Guide is the collective work of a group of cyber security researchers in Ghana that have been assisting banks with complying and adhering to this Act. The main aim is to inform and educate FIs on some of the key implementations and requirements.
Please note that the intention of this presentation is to provide supplemental information which does not replace or supersede BoG’s directive
There are different kinds of attacks that organizations face today. These attacks could be external or internal, the latter facilitated through insiders.
Inside threats could emanate from internal staff of the organization like the System & Network Admins, Board members, CEO, CIO, CTO, Senior Managers, External Consultants, Drivers, Cleaners and Auditors amongst others.
Such attacks pose risks that have serious ramifications for the organization including data loss, leakage of confidential data and financial losses.
Organizations can protect against insider threats using different cyber security mechanisms including a proper Policy and governance structure, Network enhancements, Privileged Account and Identity Management systems, SIEM/SOC solutions, Data-Loss Prevention solutions, Encryptions and by creating User awareness. In this presentation, we shall discuss how organizations can protect against insider threats.
Traditionally, Internal Audit provides assurance to management and the board on the adequacy of internal controls and the operational efficiency of the controls.
This assurance is provided on financial and non-financial operations of the business. With the increasing threat of cyber security, questions are being asked of the role of IA in cyber security. The proposed topic seeks to highlight the role of internal audit in cyber security.
How can IT security professionals take advantage of Security-as-a-Service to supplement their existing security programs? While cyber-attacks are increasing, your IT budgets and available security staff probably aren’t. You have too little time and too many alerts; and security tools are becoming more expensive and time consuming.
In this presentation, we will explore ways that IT security professionals can leverage Security-as-a-Service options, including: Managed Detection and Response, Vulnerability Management, Patch Management, Managed SIEM, SOC-as-a-Service among others. We will also consider how Security-as-a-Service can add 24×7 coverage and help improve the security posture of your organization.
Risk Management continues to be a value driver for business success. The need for a re-alignment in the thought process around managing risks since the dawn of digital age, cannot be over emphasized.
It is therefore becoming almost impossible to continue to view risk management and compliance in the “old way”, as companies are looking to innovate at the speed of light. Startups have emerged on the backdrop of technology into global companies, disrupting many existing companies and many more conventional companies are being and “will be” disrupted due to the sophistications of technology. The digital age is becoming a significant value driver in today’s world in terms of cost, platform and experience.
In this presentation we will briefly highlight the effects of Cybercrime and then establish the use of insurance as a risk management tool.
We will look at which companies need to be covered and outline the features insurance people look out for to pass a company as an appropriate risk.
We will then describe the main areas of coverage that most cyber insurances offer to enable participants appreciate the elements that are typically covered under a policy.
After the session, participants should be able to highlight the key benefits of a cyber liability policy and gauge its relevance to their organizations and clients.