The COVID-19 pandemic brought disruption to businesses on an unprecedented scale, yet many of the challenges were already present: enablement of secure digital transformation, remote workers accessing corporate applications and data from outside a secure perimeter, and cybercriminals probing for any vulnerability through which to penetrate the network. The crisis invoked response at speed and scale, unveiling gaps in security programs. There remain further challenges, such as building cyber resilience in “the new normal” and ensuring business continuity. Risk metrics need to be updated and threat exposure re-evaluated, while building digital trust takes on even greater importance as digital relationships become pervasive. Finally, as organizations look to the future and beyond COVID-19, they should seek to assess which aspects of the new normal have brought broader business benefits and should be retained. Despite the current turbulence, security must maintain a strategic focus in line with broader enterprise strategy and be a key partner to the business.

For years we as the cyber security professionals have struggled to bring up to the management’s attention the importance of proper and timely dealing with the cyber security risks. We were dealing with obstacles such as understanding of the business versus technology terminology, understanding the exact nature of the cyber security risks, explaining to business what may be the consequences of having these risks materialize, and what appropriate actions the responsible business owners should take in order to mitigate them. We have established the understanding, with a help of compliance requirements and of regulations, although the most responsible companies did not have to wait for laws and regulations in order to set their risk management systems right. We have done a good job as a professional community, however, it is time to move forward, or one level up – cyber security, now more than ever, needs to be seen not only as the regular agenda point on management’s meetings, but also discussed as an important Board issue too. And the CISOs – Chief Information Security Officers, need to be prepared to step up once they are called to the Board meeting.

This presentation will give an overview of the contents that should be presented to the Board, ways to gather and structure the information on cyber security risks exposure, and methods of presenting it in a relatively short time given at the Board meetings, in a way that is understandable to the Board members in order for them to make informed decisions in alignment with their responsibilities. It will also examine the prerequisites for having such a successful cyber risk management system that can deliver the requested outcome at any moment in time - a clear picture of the cyber security risks exposure and expected trends for all the relevant stakeholders

The growing threat of cyber-attacks has forced many companies to rethink their approach to cyber security.

Recent examples of cyber-attacks globally, but also in our region, have shown that our weakest spot is not the shortage of security controls or budgets for information security, but our ability to maximize the value of our cyber security investments - especially in terms of our ability to detect and respond to cyber-attacks in a timely manner.

Time and time again it was proven on many levels that simply purchasing and deploying cybersecurity technology is not enough! It is critical that deployed cyber security solutions are properly designed, implemented and, most importantly, continuously monitored and improved.

An approach that many companies took are Managed Security Services (MSS), where the security operations are outsourced to an experienced and skillful third party. While the decision to outsource the security operations may bring many benefits to the organization, as always, there are certain risks and challenges related to such approach.

This presentation provides an overview of typical risks, challenges, and opportunities related to the usage of Managed Security Services, focused on Managed Security Operation Centers (Managed SOC).

The worst is over. We have passed through the initial weeks of COVID-19's impact relatively unscathed and successfully responded to the changes and crisis. This is not a small feat – cybersecurity encompasses so much more than just technology: business, processes, legal frameworks, compliance, and risk. For years, we have been saying that security's background role has moved to the front row in enterprises globally and that no digital expansion and transformation can be planned without it. Cybersecurity is of paramount importance in crisis times too. Join us for a panel of experts discussing the first response and road to recovery, how has work from home impacted companies globally and what are the priorities for the security team during COVID19, in terms of operations and controls, supporting the new business model, etc.?