Workshop #1 – Securing a Smart Nation’s Critical Infrastructure with LogRhythm’s Threat Life cycle Management Platform
1. Introduction by LogRhythm
- Introduction to LogRhythm
- Why prevention alone approach will not work
- Real life examples of attacks on critical infrastructure
- What is the impact?
- What can be done?
2. Workshop begins:
*Break out to 5 – 6 groups assigned, led by a LogRhythm facilitator
- Think like an attacker – what would you do to the assigned critical infrastructure scenario?
- Think like a defender – What information would you need to detect and respond to an incident?
- How would you prepare for a possible security incident?
3. Presentation by groups
4. Closing Comments by LogRhythm
Workshop #2 – Data Analytics for Auditors
Benefits of attending:
Data is one of the most significant disruptors for the Internal Audit (“IA”) function. It’s impact will continue to be far reaching, ranging from the nature of your audits, the way you interact with your auditees, the IA lifecycle, your risk assessments, methodology, technologies, reporting and capabilities. Internal Auditors need an effective response.
This course will take you through the considerations of coming up with your vision and the steps you might take to bring it to fruition. This includes identifying where in the entire IA lifecycle data is relevant, through to the steps needed to build the data capability within your function. We will share with you experiences and case studies from SMEs to MNCs.
We will address questions such as:
- Where do I start?
- What’s ready for data in my IA plan?
- Which technologies are hot right now?
The benefits this will provide you are:
- Credibility with your stakeholders.
- More insight with less effort and more coverage, and greater likelihood of turning your insights into practical actions.
- Sustainability and agility –an IA function which can keep pace with your changing business. Data audit can be creative and forward looking.
- The ability to move to leading indicators of risk rather than lagging.
- Introduction to data analytics
- Use of data through the audit lifecycle
- Planning & Risk assessment
- Data strategy
Workshop #3 – Documentation Workshop for MAS, PDPA, PCI DSS Compliance & ISO 27001:2013 Certification- an integrated approach using smart tools and techniques
Creating and maintaining documentation for each type of audit-MAS, PDPA or PCI DSS Compliance audits & ISO 27001:2013 for Information Security, are often a key performance criteria for many auditors/information security or governance professionals. This workshop enables use a variety of tools and techniques to enable compliance and certification across key standards such as ISO 27001:2013 for Information Security. Document Checklists developed from ISO 27002 Code of Practice along with common tools and techniques that facilitate quick view integration for each type of audit. It examines a variety of best practices that save time and effort in documentation to stay compliant and certified. Use of smart tools for quick remediation of documentation gaps across job functions would also be shown at this workshop
Workshop #4 – Transforming Security Response with Splunk Enterprise Security (Part 1)
Operationalizing the CIS “Top 20” Critical Security Controls with Splunk Enterprise (Part 2)
- Learn how Splunk’s Adaptive Response Initiative helps security analysts to better handle threats by reducing the time it takes to make decisions and take action when responding and adapting to the ever evolving threats.
- Implementing all 20 CIS Controls increases the risk reduction to around 94 percent. Learn how Splunk software can help you operationalize and simplify bringing together the disparate data needed to monitor, report and alert on these critical controls.