Cybersecurity Summit: Mumbai
Hybrid Summit November 9 - 10, 2022
As organizations are returning to the earlier trend of working from the office, the challenge for security teams in stopping cyberattacks and breaches in 2022 continues, providing no respite for the weary. The recent directives from India's Computer Emergency Response Team (CERT-In) to the organizations to report breaches or any incident within six hours of discovery have put more pressure on the enterprises to reset their cybersecurity strategy. As we progress into 2023, which is just a quarter away, CISOs from the region have the daunting task of building a cyber-resilient enterprise against the backdrop of the continuously changing threat landscape. The race now is against complexity, time, intelligence, speed and accuracy. India's policymakers and regulatory bodies articulate that we live in an AAJA world - Asthirata, which means volatility or a high rate of change; Anishchita, which means uncertainty and lack of clarity about the present and the future; Jatilata, which means complexity concerning multiple factors that impact critical decisions; and Aspashtata, which means ambiguity about the unprecedented and challenging times in the industry. Against growing chaos, what conversations do the security teams need to have, and what priorities and initiatives need to be established to tackle the threat challenges in 2023? To gain insights into how to address the present challenges and use the right technology and frameworks, attend ISMG's virtual cybersecurity summit as the global and regional cybersecurity thought leaders discuss critical aspects of cloud security, C-suite debate on the state of cybersecurity, data security and privacy, cryptocurrency, risk management, digital payments security, quantum threat to security, IoT, identity and access management, supply chain threats, and more. ISMG's events provide actionable education and exclusive networking opportunities with peers and subject matter experts. CPE credits are also available to all summit attendees .
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.
Mathan Babu Kasilingam
CISO & DPO
Vodafone Idea
Uday Despande (Conference Co-Chair)
CISO
Larsen & Toubro Group of companies
Amit Ghodekar
Vice President - Information Security
Axis Bank
Anuprita Daga (Conference Chair)
President, CISO
Yes Bank
Shivkumar Pandey
Group CISO
BSE
View Agenda
Welcome to ISMG's Cybersecurity Summit: Mumbai

The summit's objective is to provide education and exclusive networking opportunities to the participants with peers and subject matter experts. The program has been carefully designed with the support and guidance of the 'editorial advisory board,' including senior thought leaders from the region, to capture the regional security challenges that resonate with their current concerns. The summit editorial advisory board includes:

Conference Chair: Anuprita Daga, President, Chief Information Security Officer, Yes Bank

Conference Co-Chair: Uday Deshpande, CISO, Larsen & Toubro Group of companies

Advisory Members: 

  • Amit Ghodekar, Vice President - Information Security, Axis Bank
  • Mathan Babu Kasilingam, CISO & DPO, Vodafone Idea Ltd
  • Kapil Madaan, Global Head-Information Security, Risk and Compliance, Max Healthcare
  • Nikhil Chawla, Head - Global Information and Cybersecurity, Colgate-Palmolive
  • Shivkumar Pandey, Group CISO, BSE India
  • 09:00 AM
  • 09:14 AM
Plenary Session: Impact of the Hybrid Cyberwar on the Critical Infrastructure

The importance of operating in and protecting the cyber domain has gained considerable attention during this quasi-kinetic cyberwar. It’s obvious that cyberattacks on various geographies and government systems severely impact the global economy and particularly the critical infrastructure sector and the ability to execute in modern, network-centric warfare. The effort to secure the enterprises against cyberattacks has led to much debate about the question: Is cyber deterrence possible given the sophistication of the attacks and the extensive offensive nature of the adversary groups? 

The countries have witnessed a cyber spillover from the Ukraine and Russia conflict — DDoS, ransomware, wiper malware, and other attacks against critical infrastructure. 

The plenary session will cover how the critical infrastructure sector should prepare for and defend against the quasi-kinetic cyberwar.

  • 09:15 AM
  • 09:34 PM
Keynote: Enterprise Cybersecurity Resilience in 2022: Restructuring Your Cyber Plans

With the ongoing hybrid cyberwar, cyberattacks are at an all-time high and have become a permanent and persistent threat for cybersecurity teams. Cybersecurity leaders are under constant fear of how to fend off an attack by a well-equipped nation-state.  

Given the situation is “not if a cyberattack will happen, but when” anymore, the security leaders need to revisit their strategy and revise their action plans to build a resilient and agile digital organization and maximize resilience. There is a constant need to adopt new technologies to combat the inevitable threats. 

The keynote will cover: 

  • How to maintain cyber resilience in wartime
  • Understanding potential risks and enterprise preparedness as wartime CISOs
  • Accelerating response to growing threat activity
  • 09:40 AM
  • 10:09 AM
Fireside Chat: Are Detection Technologies Playing Harder on Privacy? The Balancing Act

Some experts say technology can promote accountability and anonymity. The computer systems and applications require 'proof' of identity - for every function within an organization - before allowing access to the user. The question it raises is whether the newly deployed technologies for threat detection in an enterprise will play hard on privacy?

The session will cover:

  • Defining privacy and technology landscape in 2022
  • Impact of increasing detection tools on privacy
  • A collaborative approach to fuel privacy and tech innovation
  • 10:00 AM
  • 10:29 PM
Cyber Insurance’s Response to Rising Ransomware Attacks: The Latest Hurdles

The cyber insurance industry has been challenged by the rising costs of cybercrime. The element of unpredictability of the cybercrime world does not work well for the industry. New coverage and rising renewal rates are major concerns. Premiums are rising by 10- to 20-fold. Recent research reports show that 70% of cybersecurity professionals believe insurance payments to companies that have paid a ransom exacerbate the problem and cause more attacks.  Moreover, cyber insurance companies are targets themselves. The question on everyone's mind is "to what extent is cyber insurance fueling ransomware attacks?"

The session will also cover:

  • Will ransomware ultimately lead to the fall of cyber insurance companies?
  • How the cyber insurance industry must approach the problem of ransomware
  • The growing influence of insurers on the security programs for enterprises
  • 10:30 AM
  • 10:59 AM
Unlocking the Value of Quantum Computing: A Cybersecurity Perspective

Large enterprises have started exploring quantum computing as a driver for business transformation and intelligent change because it allows organizations to accelerate digital transformation.

Experts say quantum-era cybersecurity will wield the power to detect and deflect quantum-era cyberattacks before they cause harm.

Security leaders say to unlock the value of quantum computing, two systemic risks - tech governance and cybersecurity - need to be overcome.

The session will cover:

  • Evolving a standardized process to address risks with the use of quantum
  • How to build crypto agility and manage cryptographic environment better
  • A tactical and strategic approach to mitigating quantum risks
  • 11:00 AM
  • 11:29 AM
Conquering Third-Party Insecurities: Lessons for CISOs

The industry has witnessed the largest breaches and security incidents related to third-party vendors. These include mishaps involving business associates, and vulnerabilities and exploits pertaining to third-party software and supply chain partners. Organizations have now started establishing departments focused exclusively on third-party vendor risk management to assess and mitigate third-party risks.

The session will cover: 

  • How to eliminate third-party risks by using the right tools
  • How to evaluate third-party vendors' security posture
  • How to streamline software bills of materials
  • 11:30 AM
  • 11:59 AM
Riding the 5G Security Wave: Sizing Up the Risks

With the evolution of IoT, enterprises are now riding on 5G security to achieve incredible speed, bringing in greater complexity. Experts say the high-bandwidth and low-latency 5G networks connect everything from health systems to self-driving vehicles and critical infrastructure. It is argued that the structure of 5G networks will be more complex than 2G, 3G or 4G, with the increased use of virtualization and software-defined networking. This will result in rising concerns around privacy and security challenges.

The session will cover:

  • What security challenges will 5G bring?
  • How to introduce 5G into security standards
  • How to protect the supply chain and establish third-party assurance of 5G network devices
  • 12:00 PM
  • 12:29 PM
State of Digital Payments Security: Response to Risks

The Parliament informed that 2.9 lakh digital banking and payments-related cyber security incidents that happened in the recent past were driven by phishing, ransomware attacks, cyber espionage, DDoS, viruses, spoofing and website hacking, among others. Organizations need to ramp up their authentication efforts in light of a 70% increase in cashless transactions, which has led to increases in attempted fraud.

The movement to cashless transactions and the surge in e-commerce have led to new fraud patterns, including growth in digital skimming of payment information from online checkout functions and an increase in fraud perpetrated through creating fake UPI real-time payment IDs.

The session will cover:

  • State of digital payments and security risks
  • New authentication standards
  • New tools and technologies used to mitigate and respond to risks
  • 12:30 PM
  • 12:59 PM
Panel Discussion: Critical Infrastructure Security: Protecting the Electrical Grid

It's one of the first   critical infrastructures one thinks of after a cybersecurity incident. The North American power grid has been described as "the world's largest connected computer." But how does it function, and what are some of the glaring myths and surprising realities about its cybersecurity capabilities and vulnerabilities? 


This expert panel discusses:

  • The grid's role as a critical infrastructure
  • The roles of threat intelligence, information sharing and incident response planning in grid security
  • Top threats and risks
  • 01:00 PM
  • 01:29 PM
Are You Cloud- Ready? A CISO's Manifestations

Organizations believe that cloud computing brings a whole new level of autonomy and functionality to organizations, besides enhancing performance, agility, productivity and scalability. The pandemic has created the urgency for enterprises to move to cloud, and enterprises are in a race to adopt the 'cloud-first' strategy to optimize the IT spend and secure their hybrid work environment. 

CISOs are tasked with building a cloud-first security strategy and mitigating risks arising from this.

The session will cover:

  • Ways to engage the stakeholders
  • A holistic approach to cloud security and compliance
  • Governance and risk
  • 01:30 PM
  • 01:59 PM
Panel Discussion: Cybersecurity Outlook 2023: The C-Suite's New Approach

The enterprises across India are encouraged to invest in the infrastructure needed to build a secure and robust platform for business transformation and support the digital economy.

Are they able to align their strategy with the business priorities and rise to the expectations in 2023?  What needs to change both tactically and strategically to build a cyber-resilient organization?

The C-suite panel comprising the CEO, CFO, CRO and CISO sets the goals for security in leveraging the right technologies, establishing the security culture and adopting a collaborative strategy in accomplishing the task for 2023.

  • 02:00 PM
  • 02:29 PM

As organizations are returning to the earlier trend of working from the office, the challenge for security teams in stopping cyberattacks and breaches in 2022 continues, providing no respite for the weary. The recent directives from India's Computer Emergency Response Team (CERT-In) to the organizations to report breaches or any incident within six hours of discovery have put more pressure on the enterprises to reset their cybersecurity strategy. As we progress into 2023, which is just a quarter away, CISOs from the region have the daunting task of building a cyber-resilient enterprise against the backdrop of the continuously changing threat landscape. The race now is against complexity, time, intelligence, speed and accuracy. India's policymakers and regulatory bodies articulate that we live in an AAJA world - Asthirata, which means volatility or a high rate of change; Anishchita, which means uncertainty and lack of clarity about the present and the future; Jatilata, which means complexity concerning multiple factors that impact critical decisions; and Aspashtata, which means ambiguity about the unprecedented and challenging times in the industry. Against growing chaos, what conversations do the security teams need to have, and what priorities and initiatives need to be established to tackle the threat challenges in 2023? To gain insights into how to address the present challenges and use the right technology and frameworks, attend ISMG's virtual cybersecurity summit as the global and regional cybersecurity thought leaders discuss critical aspects of cloud security, C-suite debate on the state of cybersecurity, data security and privacy, cryptocurrency, risk management, digital payments security, quantum threat to security, IoT, identity and access management, supply chain threats, and more. ISMG's events provide actionable education and exclusive networking opportunities with peers and subject matter experts. CPE credits are also available to all summit attendees .
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.

Mathan Babu Kasilingam
CISO & DPO
Vodafone Idea
Uday Despande (Conference Co-Chair)
CISO
Larsen & Toubro Group of companies
Amit Ghodekar
Vice President - Information Security
Axis Bank
Anuprita Daga (Conference Chair)
President, CISO
Yes Bank
Shivkumar Pandey
Group CISO
BSE

View Agenda
Welcome to ISMG's Cybersecurity Summit: Mumbai

The summit's objective is to provide education and exclusive networking opportunities to the participants with peers and subject matter experts. The program has been carefully designed with the support and guidance of the 'editorial advisory board,' including senior thought leaders from the region, to capture the regional security challenges that resonate with their current concerns. The summit editorial advisory board includes:

Conference Chair: Anuprita Daga, President, Chief Information Security Officer, Yes Bank

Conference Co-Chair: Uday Deshpande, CISO, Larsen & Toubro Group of companies

Advisory Members: 

  • Amit Ghodekar, Vice President - Information Security, Axis Bank
  • Mathan Babu Kasilingam, CISO & DPO, Vodafone Idea Ltd
  • Kapil Madaan, Global Head-Information Security, Risk and Compliance, Max Healthcare
  • Nikhil Chawla, Head - Global Information and Cybersecurity, Colgate-Palmolive
  • Shivkumar Pandey, Group CISO, BSE India
  • 09:00 AM
  • 09:14 AM
Plenary Session: Impact of the Hybrid Cyberwar on the Critical Infrastructure

The importance of operating in and protecting the cyber domain has gained considerable attention during this quasi-kinetic cyberwar. It’s obvious that cyberattacks on various geographies and government systems severely impact the global economy and particularly the critical infrastructure sector and the ability to execute in modern, network-centric warfare. The effort to secure the enterprises against cyberattacks has led to much debate about the question: Is cyber deterrence possible given the sophistication of the attacks and the extensive offensive nature of the adversary groups? 

The countries have witnessed a cyber spillover from the Ukraine and Russia conflict — DDoS, ransomware, wiper malware, and other attacks against critical infrastructure. 

The plenary session will cover how the critical infrastructure sector should prepare for and defend against the quasi-kinetic cyberwar.

  • 09:15 AM
  • 09:34 PM
Keynote: Enterprise Cybersecurity Resilience in 2022: Restructuring Your Cyber Plans

With the ongoing hybrid cyberwar, cyberattacks are at an all-time high and have become a permanent and persistent threat for cybersecurity teams. Cybersecurity leaders are under constant fear of how to fend off an attack by a well-equipped nation-state.  

Given the situation is “not if a cyberattack will happen, but when” anymore, the security leaders need to revisit their strategy and revise their action plans to build a resilient and agile digital organization and maximize resilience. There is a constant need to adopt new technologies to combat the inevitable threats. 

The keynote will cover: 

  • How to maintain cyber resilience in wartime
  • Understanding potential risks and enterprise preparedness as wartime CISOs
  • Accelerating response to growing threat activity
  • 09:40 AM
  • 10:09 AM
Fireside Chat: Are Detection Technologies Playing Harder on Privacy? The Balancing Act

Some experts say technology can promote accountability and anonymity. The computer systems and applications require 'proof' of identity - for every function within an organization - before allowing access to the user. The question it raises is whether the newly deployed technologies for threat detection in an enterprise will play hard on privacy?

The session will cover:

  • Defining privacy and technology landscape in 2022
  • Impact of increasing detection tools on privacy
  • A collaborative approach to fuel privacy and tech innovation
  • 10:00 AM
  • 10:29 PM
Cyber Insurance’s Response to Rising Ransomware Attacks: The Latest Hurdles

The cyber insurance industry has been challenged by the rising costs of cybercrime. The element of unpredictability of the cybercrime world does not work well for the industry. New coverage and rising renewal rates are major concerns. Premiums are rising by 10- to 20-fold. Recent research reports show that 70% of cybersecurity professionals believe insurance payments to companies that have paid a ransom exacerbate the problem and cause more attacks.  Moreover, cyber insurance companies are targets themselves. The question on everyone's mind is "to what extent is cyber insurance fueling ransomware attacks?"

The session will also cover:

  • Will ransomware ultimately lead to the fall of cyber insurance companies?
  • How the cyber insurance industry must approach the problem of ransomware
  • The growing influence of insurers on the security programs for enterprises
  • 10:30 AM
  • 10:59 AM
Unlocking the Value of Quantum Computing: A Cybersecurity Perspective

Large enterprises have started exploring quantum computing as a driver for business transformation and intelligent change because it allows organizations to accelerate digital transformation.

Experts say quantum-era cybersecurity will wield the power to detect and deflect quantum-era cyberattacks before they cause harm.

Security leaders say to unlock the value of quantum computing, two systemic risks - tech governance and cybersecurity - need to be overcome.

The session will cover:

  • Evolving a standardized process to address risks with the use of quantum
  • How to build crypto agility and manage cryptographic environment better
  • A tactical and strategic approach to mitigating quantum risks
  • 11:00 AM
  • 11:29 AM
Conquering Third-Party Insecurities: Lessons for CISOs

The industry has witnessed the largest breaches and security incidents related to third-party vendors. These include mishaps involving business associates, and vulnerabilities and exploits pertaining to third-party software and supply chain partners. Organizations have now started establishing departments focused exclusively on third-party vendor risk management to assess and mitigate third-party risks.

The session will cover: 

  • How to eliminate third-party risks by using the right tools
  • How to evaluate third-party vendors' security posture
  • How to streamline software bills of materials
  • 11:30 AM
  • 11:59 AM
Riding the 5G Security Wave: Sizing Up the Risks

With the evolution of IoT, enterprises are now riding on 5G security to achieve incredible speed, bringing in greater complexity. Experts say the high-bandwidth and low-latency 5G networks connect everything from health systems to self-driving vehicles and critical infrastructure. It is argued that the structure of 5G networks will be more complex than 2G, 3G or 4G, with the increased use of virtualization and software-defined networking. This will result in rising concerns around privacy and security challenges.

The session will cover:

  • What security challenges will 5G bring?
  • How to introduce 5G into security standards
  • How to protect the supply chain and establish third-party assurance of 5G network devices
  • 12:00 PM
  • 12:29 PM
State of Digital Payments Security: Response to Risks

The Parliament informed that 2.9 lakh digital banking and payments-related cyber security incidents that happened in the recent past were driven by phishing, ransomware attacks, cyber espionage, DDoS, viruses, spoofing and website hacking, among others. Organizations need to ramp up their authentication efforts in light of a 70% increase in cashless transactions, which has led to increases in attempted fraud.

The movement to cashless transactions and the surge in e-commerce have led to new fraud patterns, including growth in digital skimming of payment information from online checkout functions and an increase in fraud perpetrated through creating fake UPI real-time payment IDs.

The session will cover:

  • State of digital payments and security risks
  • New authentication standards
  • New tools and technologies used to mitigate and respond to risks
  • 12:30 PM
  • 12:59 PM
Panel Discussion: Critical Infrastructure Security: Protecting the Electrical Grid

It's one of the first   critical infrastructures one thinks of after a cybersecurity incident. The North American power grid has been described as "the world's largest connected computer." But how does it function, and what are some of the glaring myths and surprising realities about its cybersecurity capabilities and vulnerabilities? 


This expert panel discusses:

  • The grid's role as a critical infrastructure
  • The roles of threat intelligence, information sharing and incident response planning in grid security
  • Top threats and risks
  • 01:00 PM
  • 01:29 PM
Are You Cloud- Ready? A CISO's Manifestations

Organizations believe that cloud computing brings a whole new level of autonomy and functionality to organizations, besides enhancing performance, agility, productivity and scalability. The pandemic has created the urgency for enterprises to move to cloud, and enterprises are in a race to adopt the 'cloud-first' strategy to optimize the IT spend and secure their hybrid work environment. 

CISOs are tasked with building a cloud-first security strategy and mitigating risks arising from this.

The session will cover:

  • Ways to engage the stakeholders
  • A holistic approach to cloud security and compliance
  • Governance and risk
  • 01:30 PM
  • 01:59 PM
Panel Discussion: Cybersecurity Outlook 2023: The C-Suite's New Approach

The enterprises across India are encouraged to invest in the infrastructure needed to build a secure and robust platform for business transformation and support the digital economy.

Are they able to align their strategy with the business priorities and rise to the expectations in 2023?  What needs to change both tactically and strategically to build a cyber-resilient organization?

The C-suite panel comprising the CEO, CFO, CRO and CISO sets the goals for security in leveraging the right technologies, establishing the security culture and adopting a collaborative strategy in accomplishing the task for 2023.

  • 02:00 PM
  • 02:29 PM

Speaker Interviews

November 9 - 10, 2022

Cybersecurity Summit: Mumbai