Three Days. Three Regions. One Virtual Conference.

Join us each morning at 8:45 am (to the specific region) before our Keynote takes the stage for a special Conference Kickoff that will leave you with an understanding of the following:

• Best Platform Tips & Tricks
• How to obtain your Conference CPE credits
• Session Content Overview

Access this event from the Main Stage or Networking Lounge and don’t miss out on this opportunity to ask all your questions ahead of time. This session will not offer CPE and is not required. 

Audit in the Age of Disruption/Auditing Emerging Technologies

Audit has been around for ages now, with one exception being the evolving dynamics of what is being audited and how quickly the landscape is changing. Auditors no longer have the luxury of coming in to conduct audits after the fact or for that matter, even human audits may become ineffective considering the quantum of data that is generated and the speed at which things change.

Things get even more complicated when you add the opacity or lack of visibility into the inner workings of what is being audited that is a reality when it comes to auditing things like Artificial intelligence(AI) and machine learning(ML), quantum computing and whatever is emerging out there. Shift left thinking is required to better leverage audits from a strategic perspective and use the power of audits to better integrate emerging technologies into the enterprise landscape rather than to use audits to correct or fix things. This means, audit as a process will need to engage much earlier in the pipeline of technology adoption. There is also an urgent need to change the terms of this engagement. The session will present ideas on how to leverage audit as a tool for effective integration of emerging technologies into the enterprise. Audit paradigms such as audit independence and line of defense thinking will be relooked at to understand what changes may be required in the context of emerging technologies and the disruption they bring. We will explore shifts required across areas such people, organizational structures and enterprise strategies related to emerging technologies and audit and their intersection.

After completing this session, the participant will be able to:

1. Understand the challenges to traditional audits due to emerging technologies. 
2. Analyze and articulate an approach to engaging and auditing emerging technologies.
3. Recognize what enterprises can do to leverage audit as a strategic tool.
4. Know changes required for improved audit effectiveness in the age of disruption. 

Operational Technology (OT) has been with us for a long time, deeply rooted in our everyday lives. As you sleep and work, whether at home or in the office, the heating, ventilation, and air-conditioning are OT. The elevators and escalators you use to ascend or descend buildings and train platforms are OT. Your automobile, the bus you took, the train you took is OT. The traffic lights and signaling systems, the power that generates almost every piece of equipment around us operate using OT. OT equipment wasn’t built with the intent to operate in Industry 4.0. It was insecure by design because security relies heavily on such legacy equipment operating in enclosed networks, without exposing themselves to hacking from the outside world. I will share the nuances of an increasingly complex cyber-physical world, the pivotal importance of cyber resilience, and what we can all do to tip the asymmetry of complex attacks by our collective defenses.

After completing this session, the participant will be able to:

1. Understand phygital systems and the critical role they play in our lives and economy.
2. Recognize the multi-faceted attack surfaces and nuances of phygital systems.
3. Know what digital trust and resilience meant in the phygital world.
4. Comprehend approaches to future-proof and sustain digital trust and resilience.

Enterprises, Business and Governments around the world are aware of the potential benefits and risks of AI. There is a growing consensus that regulations are needed to ensure that AI is used responsibly. This powerful technology has the potential to be a great boon to society, but it also has the potential to be a curse.

Where data accuracy, protection, and control come together, Privacy issues sit at the forefront of online activity, business actions, and government decisions. This is largely in response to the breaches, scandals, and personal data leaks that have eroded confidence in technology and information systems. Trust and Security plays a vital in the future of AI. 

After completing this session, the participant will be able to:

1. Understand AI in business, cybersecurity and data privacy.
2. Answer the question, "Can Artificial Intelligence threaten Privacy?"
3. Identify challenges in AI regulations.
4. Trust and security are essential for future of AI.

In this age of emerging technology and digital transformation a mature, effective, and efficient risk management program is needed more than ever. The question is what are the components of a risk program and who is responsible for risk? Who is responsible to identify, assess, and respond to risk? This session will cover the basic components of risk and the relevant stakeholders who should be involved in the building and maintenance of the program. 

After completing this session, the participant will be able to:

1. Understand the importance of risk management and how it integrates with the overall strategy of the enterprise.
2. Understand the essential components of a risk management program and who is responsible for building and performing the functions.
3. Understand the relevance of risk management as it relates to emerging technology.

This session explores how individuals measure privacy and how and why this has changed over time, the privacy perceived role of government; the good, bad and ugly of corporate privacy practices; how we can qualitatively and quantitatively value privacy; and the role ethics and digital trust frameworks in enhancing privacy.

After completing this session, the participant will be able to:

1. Recall the Contextual Integrity Model as a way of understanding privacy.
2. Identify the gaps in current legislation that allow corporate privacy breaches.
3. See examples of bad corporate privacy practices and frameworks for improvement.
4. Recognize qualitative and quantitative approaches to valuing privacy.

In the dynamic landscape of technological advancements, Artificial Intelligence (AI) has emerged as a powerful tool with vast business potential.  

This talk emphasizes the establishment of an effective AI governance framework that integrates cybersecurity principles and digital trust mechanisms. It delves into the key components of a secure AI governance framework, including Responsible AI policy, responsible AI risk assessment, privacy protection, AI project life cycle management, data governance and security. The talk also explores how security teams can actively contribute to the development and implementation of AI governance policies to ensure the secure deployment and operation of AI technologies.

After completing this session, the participant will be able to:

1. Understand key principles of Responsible/Ethical AI.
2. Know the key elements to kick-start an AI governance framework.
3. Learn the key success factor to establish the framework.
4. Explore the importance of diversity and the role of security team in AI initiative and governance.

Explore how to govern Generative AI, striking a balance between innovation and responsiblity. Delve into ethical principle, data privacy, legal compliance and engagement.

After completing this session, the participant will be able to:

1. Understand Generative AI definition and significance.
2. Enhance Risk Management Proficiency.
3. Appreciate data privacy and security considerations for Generative AI innovation.
4. Evaluate Stakeholder Engagement Strategies.

AI is shaping our future! It is shaping how we work and what the world of work will be like in the future, particularly in the technology and security spaces. Further, we live in a time when people believe that digitisation is the great leveler of opportunity for all. But this is not the truth at all. Wholesale digitisation and the rollout of AI come with its own risks and costs that we must be aware of.  

We find ourselves in a world where the future is being shaped by technology, which could contribute to transforming social norms, such as giving a voice to the voiceless, which is laudable. We also find in that world that there is a perpetuation of algorithmic biases based on race and gender, which is something we all should be concerned about.  

Jo Stewart-Rattray, who returned from the United Nations earlier this year, has brought a deeper learning and understanding of how we can all work together in security, technology and privacy to overcome some of these biases and create safe spaces for individuals to interact. This is an exciting topic with interesting light bulb moments filled with startling stats. Jo herself, as a committed technologist and security professional, found some of the learnings she came away with to be confronting.

After completing this session, the participant will be able to:

1. Understand the social issues being brought into play by the race to wholesale use of AI.
2. Recognise potential stereotyping and inbuilt bias.
3. Determine methods to transform the issues into opportunities for all.
4. Take the light bulb moments and put them into action in your sphere of influence.

On August 12, the world’s largest democracy passed its landmark comprehensive privacy law. That country is India, and its law is the Digital Personal Data Protection Act. India is also the most significant country in the world for business process outsourcing. So, what does the DPDPA mean for international businesses, and how does it measure up with other data laws globally? What are the similarities and differences in obligations? What do the terms “data fiduciary” and “significant data fiduciary” mean? How does the law deal with cross-border transfers of data? In this session, we will examine India’s new privacy regime and discuss its impact on enterprises with operations in or that involve India.

After completing this session, the participant will be able to:

1. Understand the distinctions between a data fiduciary and a significant data fiduciary and their respective duties.
2. Analyze data principal rights under the DPDPA and how these compare with other privacy laws.
3. Know the grounds for data processing as recognized in the DPDPA and the key implications for businesses.

Benefits and Risks of AI Panel Discussion – Asia/Pacific
What are the benefits and risks of AI? Is it dangerous? Are there biases? Close out the day with an AI panel discussion. The discussions will cover these and other questions regarding this emerging technology. Join us in Asia-Pac on Tuesday, 21 Feb from 15:00 - 16:00 (UTC+10)!