Agenda Highlights
- Enterprise Cybersecurity Roads Map for 2024
- Building Resilience Against Ransomware Attack
- Rethinking Cybersecurity for Banking
- API Security: New Battleground for CISOs
- New Methods of Authentication for Payments Security Risks
In 2025, the DCISO Awards explore “AI-Powered Cybersecurity Leadership,” focusing on the new challenges facing CISOs in an age where AI is both a defensive tool and a growing threat. Leaders will discuss the evolving landscape of non-human identities in cloud environments, AI governance, and strategies to mitigate deepfake-based social engineering attacks. As ransomware becomes increasingly targeted, the event will also delve into ransomware resilience and the importance of regulatory compliance. The awards ceremony honors visionary CISOs who are shaping the future of cybersecurity, recognized by a jury of industry experts.
Earn your CPE credits by attending the awards and conference.
Celebrate Excellence
Join us in celebrating the extraordinary achievements of CISOs across diverse industries, highlighting their pivotal role in safeguarding digital ecosystems.
Networking Edge
Connect with cybersecurity experts and industry leaders to boost your career and business.
Educational Platform
Our conference is a knowledge-sharing hub, offering profound insights from cybersecurity thought leaders, helping you stay ahead of the curve.
Cutting-Edge Insights
Gain access to in-depth discussions on cutting-edge technologies, game-changing strategies, and progressive trends that are shaping the future of enterprise security.
Our impartial and esteemed jury panel consists of subject matter experts with deep knowledge and experience in the cybersecurity field. They ensure that the awards are assessed objectively, maintaining the highest standards of fairness and credibility.
The conference advisory committee provides guidance and advice on programs that will best resonate with ISMG’s audience. The programs are created to ensure that attendees can apply the insights and learnings to their daily work. The final decision on the topics, tone and themes of the event will be taken by the editorial advisory committee, which comprises ISMG editors and experts from various industries.
An internationally recognized cybersecurity mentor, Lt. Gen. Nair serves as the National Cyber Security Coordinator in the National Security Council Secretariat, Government of India. He is responsible for coordinating all activities across multiple sectors to ensure a secure and resilient cyberspace within the nation.
Gen. Nair was commissioned into the Corps of Signals of the Indian Army in 1984. He held several key appointments at all levels of military hierarchy, including multiple tenures in the Kashmir Valley and North East India. He has used technology for deriving operational benefits in areas of intelligence gathering and information systems. He also was instrumental in steering several projects on AI, quantum, cryptology and cyber operations, while serving with the armed forces.
Thought leaders in the cybersecurity industry share their experience on how the role of a CISO has become indispensable across organizations. They share unique strategies and techniques used for fortifying defenses and how they have redefined leadership in making the organization cyber-resilient against catastrophic attacks.
Geetha Nandikotkur, VP-Conferences for Asia, Middle East and Africa, ISMG
Durga Prasad Dube, conference Chair
Kalpesh Doshi, Conference co-chair
Reports indicate that average ransomware attack payments over the past 10 months have amounted to nearly $1.54 billion, which has doubled since 2022. Experts emphasize the need for collaboration across countries to collectively combat this escalating threat. The cybersecurity road map should offer solutions to limit and mitigate these attacks.
The keynote will explore how enterprises should prepare to manage these growing threats, which could prove catastrophic without timely intervention, and develop a strategy that would build greater resilience.
Lt. Gen M. Unnikrishnan Nair, National Cyber Security Coordinator (NCSC), PMO, Govt. of India
The terms “data protection” and “Privacy” throws up ambiguities for practitioners to decipher the complexities of the Digital Personal Data Protection Act and understand its implications on information security.
How is India’s data protection and privacy policy defining the compromise of critical systems and information, targeted scanning or probing of critical networks, data breach reporting, and establishing privacy while enabling a secure ecosystem? What does DPDP Act mean for CISOs? What are the critical elements security leaders need to watch out for.
The session will cover:
Justice BN Srikrishna, former Judge, Supreme Court of India and Chairman, Data Protection Committee
Some believe that AI trends will drive the DevSecOps approach, emphasizing security integration throughout the development life cycle. How are CISOs leveraging the potential of artificial intelligence to analyze opportunities and threats?
The session will cover:
Lawrence Crowther, Head of Solutions Engineering APJ, Snyk
These devices lack robust security measures such as those found in other endpoints.
Some security leaders believe that implementing endpoint detection and response on IoT and OT devices is challenging due to lack of agent support and specific security features. While IoT risks are an enterprise-wide challenge, having right remediation tactics, techniques and measures to counter the risks is critical.
It is crucial to have these to ascertain the behavior of a threat actor and assess the structured framework for executing a cyberattack.
The session will cover:
Moderator: Sujit Christy, President, ISC2 Colombo Chapter, Sri Lanka
Dhananjay Rokde, Chief Digital and Security Officer, Ceinsys Tech. Ltd.
Jasbir Singh Solanki, CEO- Homeland & Cyber Security, Mahindra Defence Systems Ltd.
This session delves into the critical aspect of addressing insecure APIs, emphasizing the establishment of robust authentication and authorization standards. Recognizing the pivotal role APIs play in accessing systems, the mechanism for programmer access is dissected to underscore its importance in the broader cybersecurity landscape.
The session will cover:
Sanjeev Kaushik, Head Cybersecurity – CISO Adani Airport Holdings Ltd.
Ramesh Gurram, CISO, Multi Commodity Exchange of India
Mitish Chitnavis , CTO, iValue Group
There is also an increased vendor sprawl with workloads widely spread across the cloud and data centers, coupled with the invasion of multiple tools and solutions. This complexity makes management and communication difficult, resulting in increased vulnerabilities.
There is an absolute need for building a better simplified security posture to ensure organizations are protected from attacks, establish strict access controls to secure all endpoints, and source reliable solutions and tools to improve customer experience and establish frictionless security.
The session will cover:
Samir Mishra, Director, Cybersecurity, India and SAARC, Cisco
However, a chain is only as strong as its weakest link, and no cyber resilience strategy can afford to ignore a potential point of failure that can bring an organization to a standstill. For many organizations, Microsoft Active Directory is the weakest link.
Active Directory (AD) and Azure Active Directory (Azure AD) serve as repositories of a majority of organizations’ identity information: 95% of the Fortune 1000 have employed AD and 95% have Azure AD. These platforms span the full Microsoft ecosystem and provide single sign-on and a single source of authorization.
As the single source of truth for identities and permissions for systems, services and people, AD is the backbone of an organization’s IT infrastructure. This makes it an extremely attractive attack vector. However, many organizations are still treating AD as an indiscriminate feature – and struggling to treat it as a mission-critical application.
When AD is compromised – by malware, human error, machine failure or natural disasters – the organization’s entire IT environment comes to a halt. The workforce is prevented from logging in, applications cannot run, and all work comes to a dead stop until AD services are restored.
Microsoft has long warned that tens of millions of AD accounts are the target of cyberattacks every day. Multiple analyst firms caution that no business using AD can develop a robust cyber resilience strategy without taking steps to mitigate the business risks. It is imperative for CISOs to treat AD as a mission-critical application.
The session will cover:
Dilip George, Managing Director – India & SAARC, Quest
In 2023, ransomware attacks surged by more than 37%, with attackers persistently adopting new methods to bypass cybersecurity defenses.
As the stakes escalate, it becomes crucial for security leaders to take proactive measures to contain this growing threat, especially considering this year’s incidents where attackers wiped data and archives, demanding ransom. Some reports indicate that 77% of ransoms were covered by insurance, a practice that is becoming increasingly challenging and expensive. It’s time for security leaders to put their best foot forward in combating this expanding threat – with collaboration among security professionals being a key element.
The panel will discuss:
Saloni Vijay, Vice President & CISO, VOIS (Vodafone Intelligent Solutions), Vodafone Group
Jayant Gupta, Executive Director Information Systems, Hindustan Petroleum Corporation Ltd.
Mihirr P Thaker, CISO, Allcargo Group
How CISOs are shaping their enterprise security in 2024 and building cybersecurity resilience across the enterprise to protect digital assets and operations remain intriguing topics. How are CISOs complying with regulatory changes and digital innovations?
It would be interesting to understand how CISOs are exploiting the potential of artificial intelligence to analyze opportunities and threats. The question arises: Are they empowered enough to drive innovations and fully leverage AI and other tools in building cyber resiliency?
The session will cover:
Balsing Rajput, Officer of Special Duty, Chief Minister of Maharashtra
In response, security leaders are tasked with implementing comprehensive threat detection and response systems and processes. Organizations find it challenging to keep up with the dynamic nature of threats and need to constantly evolve and improve their threat detection capabilities.
Experts advocate using a multiscanning approach to enable organizations to increase detection rates and decrease incident detection times.
The session will cover:
Manish Gautam, Managing Director, OPSWAT
However, security leaders believe phishing – a key conduit for scams and other malicious cyber activities – poses an increased threat to organizations and individuals. There is an imperative need to go beyond traditional security methods to tackle these attacks by fostering a resilient and secure cyber environment. CISOs must turn their defense tactics into an offensive strategy that would help combat phishing attacks. Moving beyond the traditional security approach, they need to adopt modern authentication standards.
The session will cover:
Pranav Bhayani, Head – Presales, iValue Group
Alex Wilson, Director Solutions Engineering, Yubico
Geoff Schomburgk, Regional Vice President, Asia Pacific & Japan (APJ), Yubico
They believe that when deploying any technology or driving innovation, security and the developer experience need to be top of mind throughout the process. This involves security leaders getting buy-in from the C-suite and key stakeholders.
The session will cover:
Lalit Trivedi, Head of Information Security (Global), FlexM
Pradipta Patro, Head of Cyber Security & IT Platform, KEC International Limited (An RPG Group Company)
Pramod Kumar Dubey, Executive Director & CISO, GreenPoint Technology Services (I) Pvt Ltd.
Some common concerns include adversarial attacks, wherein attackers manipulate input data to cause the model to produce incorrect or harmful outputs; and data privacy, wherein LLMs may unintentionally memorize and output sensitive information from their training data, posing a risk to user privacy and breach of legal compliances like GDPR; and additional security concerns related to the leakage of sensitive data. Furthermore, issues related to safety, bias, misinformation, hallucinations, lack of transparency and explainability need to be addressed.
The session will delve into the common vulnerabilities and attacks on generative AI and the crucial role of CISOs in safeguarding organizations, including AI regulations and compliance requirements, establishing AI ethical guidelines, employee training, and conducting risk assessments to identify potential threats and vulnerabilities in AI systems, and putting in place security controls and guardrails.
Capt. Felix Mohan, Chief Executive Officer, CISO Cybersecurity
Yadav is a Special Inspector General of Police in the Maharashtra Cyber Department with 20 years of service experience. In his current role, Yadav oversees and manages cybersecurity and law enforcement activities, leveraging his extensive experience to combat evolving cyberthreats and ensure the digital security in the state. He has held various leadership positions, including Commissioner of Police in Aurangabad City and Joint Commissioner of Police in Traffic, Mumbai. Yadav is known for using innovative policing strategies and his expertise in cybercrime detection, converting cities into CCTV cities and pioneering the use of pepper-spraying drone-cameras as non-lethal weapons.
Oberoi Garden City, International Business Park, Goregaon,
Mumbai, Maharashtra
@ISMG_News
#ISMGSummits
ISMG Summits offer Continuing Education Credits. Learn informative and engaging content created specifically for security professionals.
RSVP here to attend our events. You can select for multiple or individual tickets.
Upcoming ISMG Events