Preface
Without last year’s grand success of multi-city “Security Symposium & Awards”, (Kolkata-Bangalore-Delhi-Mumbai) and the International Infosec Summit (Infosec Global 2018) in Kolkata, we planned for surging ahead to conduct Security Symposiums in Three international Cities (Dhaka-Dubai and Colombo) for the confluence of Global CISO’s to brainstorm on the future and impending challenges to conclusively emerge as Cyber Security Game Changer across the Globe.
Security Symposium and Awards Dhaka – 2019 was the first event as a part of a multi-city Event organized by Infosec Foundation and Enterprise IT World.
The Topic of the event will cover Cyber Security Road-map for Financial Sector/ Industry 4.0 / AI & Blockchain / Startups in IT Security ecosystem, Agility and Flexibility in adopting Cyber Security for Telecom/ Cloud/ Infra Providers, etc.
In the era of hyper-growth, and digital-driven economy, the enterprise risk management has reached to a whole new level. Cyber security has gone through a tremendous change and reinforcing India’s Cyber Security Framework is one of the burning issues in delivering high performance solutions. Only few countries have a cyber-security strategy or are in the process of developing one to protect against cyber-crime. While the overall cyber security posture of India is satisfactory, the mission is still far from being accomplished.
This is a platform that aims to bring together the MD/CEOs/CIOs/CDOs/CISOs in Global CISO’s with an agenda to interact and discuss the latest trends in Information Security and share their key experiences and learning. It will be an excellent opportunity for the attendee companies to showcase their services, credibility and product related to Information Security.
Event Brief:
The theme of the event is to create awareness on the roles and responsibilities of officers and persons protecting critical infrastructure. The Symposium will also witness awarding CISO (Chief Information Security Officers) of the country in recognition of their exceptional contribution to the industry.
Date & Venue:
The Westin, Dhaka, 17th February 12 Noon to 9pm
Delegate Profiles:
Around 200+ in numbers, 70% mostly CIOs from Large Enterprises Level Corporate, Bank & Financial Institutions, CEO & IT Heads of mid-sized organizations, 15% Key Govt. Officials, police, CID, Cyber Security Experts, Cyber Law Experts, Policy Makers, 15% Start-ups & Academia.
Event Highlights
The event was graced by Chief Guest Mr.M.A. Mannan, Honorable Minister, Ministry of Planning, Republic of Bangladesh alongwith Mr.K.A.M. Majedur Rahman (Managing Director, Dhaka Stock Exchange).
Besides few eminent key speakers like Mr. Mohammad Arfe Elahi (Chief Technology Officer, Access to Information Programme), Dr Muhammad Abdul Mazid (Adviser – A K Khan and Company Limited), Mr.Kapil Awasthi (Regional Director, North & East , Check Point Software Technologies), Mr. Ahmed Rokibur Rahman (Wooribank), Mr. Syed Moinuddin Ahmed, (Additional Managing Director & Company Secretary, Green Delta Insurance), Mr. Tapan Sarkar (Founder President CTO Forum, Managing Director ADN Edu Services Ltd.), Mr. Md.Jasim Uddin (Former First Vice President, FBCCI), Mr. Pallab Ganguly (Chairman – IEEE Comsoc Kolkata Section, CISO-Gen Calcutta Electric Supply Corporation), Mr.B. M. Zahid-ul Haque (Head of Information Security, BRAC Bank Limited), Mr. Syed Almas Kabir, President (BASIS), Mr.Shaerul Haque Joarder ( VP & Head of IT, Bangladesh), Cyber Security for the critical Infrastructure in a Power Utility, Mr. Jaspreet Singh (Partner – Cyber Security – Africa, India & Middle East (AIM), Advisory Services, Ernst & Young LLP), Mr.Greesh Behal, Regional Head – West (Klassify), Mr.Espen Haagenrud, (CISO, Grameen Phone), Mr.Azim U. Hoque (Co-Founder at Cyber Security Forum, Founder and President at University IT Forum), Mr.Tanveer Ehsanur Rahman (CTO, Novo Telecom) etc has also confirmed their gracious presence as speakers.
Detailed Coverage:
Risk and its mitigation is an integral part of any strategic planning. Risks are associated with core strategic assets and these assets have to be protected. In our times, many of our assets are highly dependent on IT infrastructure associated to run and manage them. For example, national power grid, power grid, logistics, dams, aviation, transport, capital markets, communication. These assets can be attacked and there are evidences of attack where IT infrastructure is used as the route of attack. Cyber security includes all kind of manifested and potential attack on these systems and in turn damaging the core assets behind these. Policy makers in macro-economic planning must take into account the short term and long term risks that stem from this. Next, ways and means to mitigate these risks and investment needed – both financial and non-financial must be articulated. Today, various non-state actors and proxies wage offensive action against sovereign nations, public and private nations and some are targeted to cause profound economic and psychological damage. Thus, many commentators argue that future wars will be mostly cyber-wars. Strategic Planning is now obligated, both in policy level and in working level to acknowledge the risk of cyber threats and also an inter-disciplinary approach to mitigate it.
The inaugural session was focusing on the same area since the chief guest was the planning minister of Bangladesh and the linkage of Cyber Security with the Digital Bangladesh Strategies were discussed in details.
After the inaugural session of Mr.Mohammad Arfe Elahi, Chief Technology Officer, Access to Information Programme (a2i), Bangladesh extended his keynote address Cybersecurity Initiatives by Bangladesh Government.
Next one was by Mr. Pallab Ganguly, Chairman – IEEE Comsoc Kolkata Section, CISO-Gen Calcutta Electric Supply Corporation (CESC) on Cyber Security for the critical Infrastructure in a Power Utility.
Advanced Persistent Threat Landscape and Remediation Roadmap was illustrated by Mr.Mohit Puri, Director – Presales, India/SAARC, Sophos in the next session.
Mr.Kapil Awasthi (Regional Director, North & East, Check Point Software Technologies) was instrumental delivering his Theme Session on Industry 4.0 Trends, Strategy & Best Practices.
There after the 1st Panel of the day took place with an interesting topic “Industry 4.0: Beyond Man and Machine“.
It was human muscle power that moved early phases of civilization. Man tamed animals and animal-muscle was put to use, especially for agriculture. Then men invented early stone tools, machine version 1.0. For last 10,000 years, man created machines of such power and sophistication that we no longer talk as how we learn as how to operate a machine but how machines learn from us. Internet of today is a great man-machine learning system where man is learning about machines and we machines are learning how human beings work. Thus a new dimension is now in the horizon where we are talking of Singularity where machines get a critical threshold of “intelligence” and rule us or machines become so smart that we humans, their creators find ourselves bench-marked against machines and companies may put their recruitment notice board with the frightening words – Humans need not apply.
Dr. Muhammad Abdul Mazid was the moderator for the session. Below was the core team architecture of the panel:
- Moderator: Dr Muhammad Abdul Mazid, Adviser-AK Khan and Company Limited,
- Ahmed Rokibur Rahman, Head of ICT, Woori Bank,
- Syed Moinuddin Ahmed, Additional Managing Director & Company Secretary, Green Delta Insurance,
- Tapan Sarkar, Founder President CTO Forum, Managing Director ADN Edu Services Ltd.
- Md.Jasim Uddin, Former First Vice President, FBCCI.
Key deliberations of the panel was revolving around the below questions:
- With machines becoming so smart and productivity gains so high, will fundamental laws of business be valid and applicable?
- How will be companies of Industry 4.0 look like ?
- How shall we keep human beings employed or what will be the core competencies and skills of the future ?
- How shall we prevent a scenario where machines will be our masters rather than our slaves?
After the 1st Panel, Mr.Sajeev Sengupta from Checkpoint had taken a detailed session on Threat Intelligence and Response.
Next session was Panel 2 on Security Orchestration and Managed Security it look place in the evening just after the tea break
Historically, IT security was diagnostic and reporting based. A security system used to monitor and report and the framework was that of “incident” and “events being managed.”. An evolved framework is now needed for more integrated and comprehensive reporting plus “acting” automatically for a wide range of events. This is Security Orchestration and Automated Response. For managed security business, SLA deviation not only results in loss of business, in worst cases of breach, it can lead to criminal proceedings even. Enterprises not only need to take action but also to demonstrate that a synchronized, timely and effective actions were taken and in a well documented manner for the threats and vulnerabilities. On the other hand, some of the current and future security threats and vulnerabilities will be launched in a way that there is not enough time to “report and analyse and act”, rather the system needs to be smart enough to take action automatically. Thus in short, we are finding an evolution from “reporting” to “acting”.
Security automation and orchestration replaces slow, manual analyst intervention from conventional incident response processes with machine-speed decision making.
Manual incident response processes, insufficient workflows and difficulty hiring security personnel have left security operations teams struggling to keep up with the growing volume of alarms. SOAR combines comprehensive data gathering, standardization, workflow analysis and analytics to provide organizations the ability to easily implement sophisticated defense-in-depth capabilities based on internal and external data sources.
Mr.Shaerul Haque Joarder was the moderator for the session.
Below are the architecture of the panel team:
- Moderation: Mr.Shaerul Haque Joarder, VP & Head of IT, EPIC Group
- Mr.Espen Haagenrud, CISO, Grameen Phone
- Mr.Azim U. Hoque, Co-Founder at Cyber Security Forum, Founder and President at University IT Forum
- Mr.B.M.Zahid-ul Haque, Head of Information Security, BRAC Bank Limited
- Mr.Syed Almas Kabir, President – BASIS, CEO & shareholder of MetroNet Bangladesh Limited and Managing Director of AyAl Corp
- Mr.Tanveer Ehsanur Rahman, CTO, Novo Telecom LTD
Key deliberations of the panel was revolving around the below questions:
- Importance of SOC (Security Operations Centre) and Incidence Detection and Response
- Awareness of Cybersecurity in the society in order to adopt proactive measures
- Potential Threats, Vulnerabilities and remediation measures in Financial Sector
- Govt. and Policy makers standpoint on managed security arena
- Impact of Cyber Attacks and adoption of 24×7 monitoring systems
- Placing Managed Defence and Security Orchestration Strategies to the management/board
InfoQuest, the sixth print journal of cyber security was launched in Dhaka as well. E-version of the same can be fetched from this link
The concluding part of the event was Cyber Awards for significant achievements in the domains
More detailed photographs can be visible from the Facebook Album.
Stay tuned for our future initiatives.
Sushobhan Mukherjee 