Topic

Blockchain and Governance, Risk, and Compliance

Abstract

key factors impacting risk and compliance executives include the need and expectation of real benefits from digital technologies, such as big data, artificial intelligence (AI) and machine learning, as well as distributed ledger technology (blockchain) to bring measurable increases in efficiency to risk management operations. At the same time, many firms are facing challenges in moving toward the future. At a fundamental level, the report indicates that risk operations are having difficulty developing agile capabilities and continue to be hampered by inflexible technology.

Biography

Expert and influencer on Blockchain, Cybersecurity, Digital transformation, IoT, and Advisor and mentor to People in these Domains – Partner for each success.
Co-Founder of GloryThink Academy: The Source of Complete Blockchain Knowledge. Participated in many of ICOs either as investor or Advisory Board member.
Ramy is Blockchain Technical Advisory Board Member in Government Blockchain Association, GSDC – Global Skill Development Council, Blockchain Council, Coin Governance System, and many other Blockchain Organizations.
Delivering multiple Blockchain Training in multiple languages (English and Arabic), with different types and levels (Beginner, Medium, Advance, Fin Specialized, Gov Specialized & Trading courses )
He joined Kaspersky Lab in 2017, and been Promoted to be the Lead Solutions Architect for Enterprise & National Level Projects in the Middle East, Turkey & Africa Region, Engage with big and national organizations ( like CERTs ) to build their Cybersecurity competencies on a national and wide-scale level.

Khalid MajedSr System Engineer RSA Archer, RSA

Topic

“Managing IT Risk in the Digital Transformation Age”

Abstract

Digital transformation is no longer optional, or even a differentiator. Digital transformation has become compulsory for every organization to remain relevant and competitive in today’s digital economy. So why is managing risk – and especially digital risk – so hard? The Digital transformation, along with other factors, are continuously adding pressure to organizations. IT teams focus on infrastructure, providing services to enable users and customers, and limiting downtime. They’re also tasked with modernizing over time, and keeping pace with technology innovations. As one’s digital and business foot print expands, one’s attack surface is increasing. Hackers and threat actors can access one’s network and cause sever disruption to business. Meanwhile, risk/compliance teams focus on meeting regulatory, that our constantly changing, and audit needs and meeting the company’s legal requirements. These forces add up to increased risk in one’s business – making risk management a board level topic. A transformative and integrated approach to risk management is the answer. Aligning risk domains to provide a wider view of risk, and cut through silos and unneeded complexity.

Topic

GRC, A holistic Road Map for Digital transformation

Abstract

GRC is an evolving set of business management processes that companies use to establish unified business management techniques. GRC technologies introduce a holistic platform for ERM, automated techniques for processes governance and enhanced standards and regulatory compliance processes. Many organisations utilise the GRC platform in the implementation of ISO 27001 in order to obtain more visibility, enable proactive decision-making and of course to increase return on investment (ROI) from compliance. The basics of GRC processes and its features, however, are still unclear for many GRC users. In addition, the integration approach of GRC with other frameworks or standards is currently immature and ineffective; top management’s needs for integration between GRC and ISO 27001 are not a high priority. Compliance with ISO 27001:2013 and its controls is complicated and is both money- and time-consuming. For this reason, the automation of ISO 27001:2013 processes through integration with GRC technology has become a new trend in the information security arena.

Biography

Mohamed Mousa is Chief Information Security Officer (CISO) with MSc. In Information security from Royal Holloway University, University of London alongside numerous technical and management professional certificates. For more than 15 years, Mr. Mousa has a wide experience in working with government and private sector, implementing and auditing different Governance, Risk and Compliance (GRC) cyber security frameworks. As CISO, Mr. Mousa has extensive exposure to different Digital Transformation programs, Governance frameworks and international standards in dealing with securing e-commerce channels. Mr. Mousa’ core competencies include Information security management, strategic business orientation, risk management, penetration tests, network security, and business continuity planning and incidents/threats management. Mr. Mousa design and conduct several information security awareness programs in different business models. The last but not least Mr. Mousa was key speaker in different information security conferences around EMEA region and is continually invited to give lectures in different academic forums.

Topic

Protecting Against Common Web Application Vulnerabilities

Abstract

The web application environment is where applications are hosted on web servers to be accessed by users over the web. This architecture is favored across many organizations these days as it has many technological advantages and introduces ease of use and convenience to the users. In today’s environments, statistics are showing that the majority of attacks are happening on the top layers, specifically on web applications, and in order to address security needs properly we need to understand the vulnerabilities and threats associated with web applications and protect against them.
In this webinar we will showcase some of the common web application vulnerabilities and explain how these attacks serve successful against them, we will also have a look at how to countermeasure these attacks with effective controls. Some of the common vulnerabilities that we will talk about are SQL injections attacks, parameter tampering attacks, file injection attacks, and cross-site scripting (XSS).

Biography

Alaa Bahrani is a Regional Cyber Security Leader at GE with 14 years of experience in the Information Technology industry. Over the years, he has garnered expertise across the entire software development life cycle, gained in-depth exposure across information security, infrastructure, project management, networks and network security. He has been recognized as an accomplished Information Security professional, having extensive experience with web application security, network security, database security and using secure programming methodologies to clear out vulnerabilities in