LogicON 2024

In an era where cyber threats are becoming more sophisticated, the need for a robust organizational culture that prioritizes security alongside operations is paramount. This session explores effective strategies for driving cultural change within organizations to embed security into the core business processes. It addresses how training, strategic communications, and the evolving role of Business Information Security Officers (BISOs) can harmonize security priorities with business operations.

We will delve into practical methods for integrating continuous security training and awareness programs that engage employees at all levels, from the boardroom to the front lines. The discussion will emphasize the importance of communication strategies that effectively convey security policies and practices without causing disruption to daily operations.

Further, the session will explore the role of BISOs, a position increasingly recognized as crucial in bridging the gap between C-suite expectations and the operational realities of cybersecurity. By aligning security measures with business objectives, BISOs help ensure that security considerations are woven into the decision-making processes and operational workflows of the organization.

Attendees will learn how to foster a culture that not only understands the importance of cybersecurity but also actively participates in the security protocols necessary to protect organizational assets. The session will provide insights into balancing the need for robust security measures with the efficiency of business operations, creating a resilient and agile organization.

Technical debt remains a significant challenge for organizations striving to modernize their IT infrastructures amidst rapid technological advancements. This session will explore the evolution of technical debt from its inception to its current impact on infrastructure and asset management, and will look forward into potential future trends. By examining how past decisions influence present capabilities and future readiness, participants will gain a comprehensive understanding of the lifecycle of technical debt and its cumulative impact on organizational agility and efficiency.

We will discuss the origins of technical debt in the enterprise—how legacy systems, deferred maintenance, and early tech adoption have layered complexities within IT environments. The session will then transition to current strategies for managing and mitigating these debts, emphasizing the importance of proactive over reactive measures. Experts will share insights on implementing systematic upgrades, integrating scalable solutions, and employing robust governance frameworks to prevent the accrual of new debts while addressing existing ones.

Learning Outcomes:
• Understand the historical context of technical debt and its evolving implications on IT infrastructure and asset management.
• Learn practical strategies for assessing, managing, and reducing technical debt in a proactive manner.
• Explore future tech evolutions and prepare strategies to manage their impact on existing systems and processes.
• Discover how to foster an organizational culture that prioritizes long-term tech health over short-term gains, ensuring sustainable growth and innovation.

Artificial intelligence (AI) is transforming the business landscape, offering unprecedented opportunities for innovation and efficiency. This session focuses on preparing organizations for the successful implementation of AI solutions, addressing crucial aspects such as AI policy development, data management, and practical deployment strategies.

Attendees will gain insights into creating robust AI policies that align with organizational goals and regulatory requirements. We will explore effective data management practices that ensure data quality and accessibility, crucial for powering AI algorithms. The session will also provide guidance on evaluating AI readiness within your organization, identifying potential AI use cases, and establishing a roadmap for implementation.

Furthermore, we will demonstrate actionable applications of AI tools like Copilot in everyday tasks, showcasing how AI can enhance productivity and decision-making processes. Attendees will leave with a clear understanding of the steps needed to not only prepare for but thrive in an AI-enhanced business environment.

Learning Outcomes:

• Understand the foundational requirements for AI integration, including policy formation and data management.

• Learn to assess organizational readiness for AI and identify key areas for AI deployment.

• Explore practical examples of AI tools in action, such as using AI copilots for coding, enhancing customer service with AI chatbots, or optimizing operations with machine learning.

• Gain strategies for overcoming common challenges in AI adoption, from technical hurdles to change management.

As digital threats grow in complexity and frequency, cyber insurance emerges as a critical component in the cybersecurity strategy for organizations across all industries. This session will explore the evolution of cyber insurance, from its origins to its current state, and examine how emerging technologies are shaping insurance premiums and coverage strategies.

Participants will gain a comprehensive understanding of the cyber insurance market, including key players, the structure of policies, and the factors influencing the cost and coverage. We will discuss the pivotal role that technology plays in shaping these policies, particularly how advancements in security technology can mitigate risks and potentially lower premiums. The session will also highlight the critical importance of having cyber insurance as part of an organization's risk management strategy.

Additionally, attendees will receive a practical blueprint for action in the event of a cybersecurity breach. This guide will cover immediate steps to take following an incident, how to work with insurers during claims, and strategies for leveraging insurance resources to aid in recovery and minimize downtime.

Learning Outcomes:

• Understand the historical context and evolution of the cyber insurance market.

• Analyze how current technological advancements are influencing insurance premiums and what it means for policyholders.

• Recognize the importance of cyber insurance in risk management and how it fits into broader cybersecurity strategies.

• Learn practical steps to manage the aftermath of a cyber incident with the support of your insurance provider.

In today’s high-speed, high-stress work environments, striking the perfect balance between peak productivity and employee well-being has never been more crucial. This session delves into effective strategies for creating highly productive teams while managing mental health and fostering a culture of well-being. Participants will explore how to maintain work-life balance, enhance productivity without burnout, and recognize the critical moments to involve HR with empathy and understanding.

We will discuss the importance of empathetic leadership and its role in recognizing stress signals and mental health struggles within teams. The session will provide practical advice on integrating HR effectively, ensuring that interventions are timely, appropriate, and sensitive to individual needs. Moreover, we will address the often-overlooked aspect of generational differences in work habits and expectations regarding mental health and productivity, providing insights into how these can be harmonized within diverse teams.

Leaders, managers, and HR professionals will gain invaluable tools to not only boost productivity but also enhance the resilience and well-being of their teams, creating a more supportive and sustainable workplace.

In this session, we will dissect a detailed case study of a recent, significant cybersecurity incident response. The focus will be on the sequence of events, the decisions made, and the strategies implemented to mitigate the incident and recover. Attendees will gain a comprehensive understanding of how an effective incident response is conducted in real-world scenarios, including the roles of different teams and technology.

The case study will cover the initial detection of the incident, the swift actions taken by the response team, and the collaboration across departments to contain and eliminate the threat. We will explore the customer profile affected by the incident, detailing the specific vulnerabilities exploited and the lessons learned in safeguarding similar profiles in the future.

This presentation will also highlight the outcomes of the incident response, including the immediate steps taken to secure data and systems, the long-term preventive measures put in place, and the overall impact on the organization. Recovery costs and timelines will be analyzed to provide a realistic view of the resources required in such situations.

Learning Outcomes:

• Understand the critical components of a successful incident response through a detailed breakdown of a real incident.

• Learn about the coordination between technical measures and organizational policies in managing cybersecurity threats.

• Gain insights into calculating recovery costs and timelines, helping to better prepare for future incidents.

• Equip with knowledge on preventive measures that can be adapted to various customer profiles to avert similar incidents.

In today’s volatile business landscape, where disruptions range from cyber-attacks to natural disasters, robust business continuity planning (BCP) is more crucial than ever. This session dives deep into the strategies that ensure organizations can maintain critical functions during and after a disruption, minimizing downtime and ensuring a swift recovery.

Participants will explore the key components of an effective BCP, including risk identification, impact analysis, response strategy formulation, and recovery plan execution. The session will also highlight the importance of integrating emerging technologies and cybersecurity measures into continuity planning to address and mitigate modern threats.

Experts will share best practices for developing and implementing continuity plans that are not only comprehensive but also flexible and adaptable to changing circumstances. Attendees will learn how to conduct regular simulations and drills, integrate continuous improvement processes based on post-incident reviews, and ensure that all levels of the organization are engaged in the continuity strategies.

Learning Outcomes:

• Gain a thorough understanding of the essential elements of business continuity planning.

• Learn to identify and prioritize risks to develop a tailored response strategy that aligns with organizational needs.

• Explore innovative approaches to enhance traditional BCP with modern technology and cybersecurity protections.

• Acquire skills in testing and refining continuity plans to ensure they are effective when most needed.

In an era where digital transformation is omnipresent, understanding the evolving regulatory and compliance landscape is crucial for maintaining business continuity and protecting sensitive information. This session will delve into the latest policies and mandates impacting various verticals, with a special focus on healthcare, finance, retail, and state/local/education (SLED) sectors.

Attendees will gain insights into the recent updates to PCI DSS and HIPAA regulations, among others, and explore how these changes affect their specific industries. The session will discuss the newest trends auditors are focusing on, including how compliance expectations are shifting in response to emerging technologies and evolving cyber threats.

We will provide a comprehensive overview of what organizations need to know to stay compliant, including best practices for preparing for audits and navigating the complexities of multi-regulatory environments. Special attention will be given to practical strategies for implementing compliance measures that not only meet but exceed regulatory requirements, thereby enhancing overall cybersecurity posture and trustworthiness.

Front-line IT and InfoSec professionals often operate under high-stress conditions, dealing directly with the constant pressure of safeguarding digital infrastructures from ever-evolving threats. This unique environment can take a significant toll on mental health, making resilience and well-being critical issues that need proactive management. This session will provide critical insights into maintaining mental health and resilience amidst the relentless pace and pressure faced by IT and cybersecurity experts.

Attendees will explore strategies to recognize and manage stress, prevent burnout, and maintain high performance without compromising mental well-being. The discussion will focus on practical tools and psychological strategies to enhance resilience, including mindfulness techniques, stress management protocols, and the development of a supportive team culture that acknowledges and actively addresses mental health challenges.

We will also discuss the role of organizational support structures, the importance of professional mental health resources, and how to effectively utilize HR in supporting staff without stigma. Special attention will be given to the specific challenges faced by front-line personnel, including shift work, the pressure of constant alertness to threats, and the psychological impact of high-stakes responsibilities.

Learning Outcomes:
• Identify common mental health challenges specific to IT and InfoSec roles and effective coping mechanisms.
• Learn to implement stress reduction techniques and resilience-building practices suitable for high-pressure IT environments.
• Understand how to foster a team culture that supports mental health awareness and open communication.
• Gain knowledge on when and how to seek professional help or involve HR to support mental well-being in the workplace.

In today's interconnected digital world, understanding and mitigating cyber threats are paramount to organizational resilience. This keynote session delves into the insights gleaned from the Verizon Data Breach Investigations Report (DBIR), the authoritative source of cybersecurity breach information. You will hear from Chris Novak, founder of the Verizon Threat Research Advisory Center and an original author of DBIR going back to the first publication 17 years ago. Chris will explore the report's key findings, emerging trends, and actionable strategies distilled from real-world incidents spanning various industries and from around the globe.

As organizations expand their digital footprint, managing complex network infrastructures can become increasingly labor-intensive and prone to human error. Zero Touch Provisioning (ZTP) and Zero Touch Fabric offer transformative solutions by automating the deployment and management of network devices and services, streamlining operations and enhancing efficiency.

This session delves into the mechanisms and benefits of ZTP and Zero Touch Fabric technologies, which allow for the automatic configuration of network devices directly out of the box, without manual intervention. Attendees will learn how these technologies not only reduce deployment times and costs but also significantly mitigate configuration errors, enhancing network reliability and security.

The discussion will cover practical implementation strategies, including setting up the necessary infrastructure, integrating with existing systems, and managing security implications. Real-world case studies will illustrate how different organizations have successfully implemented ZTP and Zero Touch Fabric to achieve scalable, resilient, and secure network environments.

Learning Outcomes:
• Understand the foundational concepts of Zero Touch Provisioning and Zero Touch Fabric, including their operational and strategic benefits.
• Learn the technical requirements and step-by-step processes for implementing ZTP and Zero Touch Fabric in various network scenarios.
• Explore case studies demonstrating the impact of these technologies on network efficiency, scalability, and security.
• Discuss the challenges and considerations of automating network provisioning, including managing risks and ensuring compliance with industry standards.

As cybersecurity threats evolve, so do the frameworks designed to combat them. This session will delve into the most impactful contemporary security frameworks, including Zero Trust Network Access (ZTNA) and the updated NIST 2.0 framework, providing participants with a deep understanding of how to effectively implement these standards within their organizations.

Participants will explore the principles behind these frameworks and their practical applications in enhancing organizational security posture. The discussion will cover the foundational elements of ZTNA, which advocates for a 'never trust, always verify' approach, and the expanded guidelines of NIST 2.0, which provide a more holistic view of cybersecurity and privacy management.

This session aims to equip cybersecurity professionals with the knowledge to assess which frameworks are most applicable to their environments and how to customize these frameworks to meet specific organizational needs. We will also discuss common challenges in framework implementation, such as integration with existing systems, scalability issues, and managing stakeholder expectations.

Learning Outcomes:

• Understand the core components and strategic benefits of leading security frameworks like ZTNA and NIST 2.0.

• Learn practical steps for adopting and adapting these frameworks to your organizational environment.

• Discuss common implementation challenges and strategies to overcome them.

• Explore case studies demonstrating successful framework implementation and the measurable impact on organizational security.

The digital age has escalated not only the complexity and frequency of cyber threats but also their impact across various business operations. This session will provide an in-depth analysis of how the latest threats and vulnerabilities are reshaping business practices across different departments—from procurement and sales to marketing and customer service. Attendees will explore the broader implications of cybersecurity demands from third parties, customers, and within marketing strategies.

As businesses integrate more deeply with digital solutions, third-party vendors and customers increasingly mandate strict cybersecurity measures as prerequisites for engagement. This session will delve into how these requirements affect business negotiations, procurement processes, and customer trust. Specific focus will be given to how departments like sales are required to provide proof of robust security practices to close deals, and how marketing efforts are being recalibrated to address concerns over phishing and malicious links.

We will also discuss the direct impact of cybersecurity on departmental operations, emphasizing the necessity for tailored cyber training for each business function. This approach not only enhances security but also fosters greater department-specific adoption and understanding of cybersecurity practices.

In today's dynamic digital landscape, traditional network security models are no longer sufficient to protect against evolving cyber threats. Enter zero trust network access (ZTNA) - an innovative approach that shifts the focus from securing the network perimeter to verifying and securing each user and device access request, regardless of location or network.

Join our breakout session to dispel the myths of ZTNA, SSE, SASE and any other acronym you can think of. Learn how to ensure that only the right users and devices can connect to the right resources. See how you can enjoy seamless and secure access to the tools and information you need without the frustration of VPNs or the risk of compromised credentials.

We will help empower you to take a more active role in safeguarding your digital environment and boosting your cyber resilience.

The evolution from traditional on-premise solutions to cloud-based services marks a significant shift in the IT landscape. This session will explore the journey of cloud security from its inception to its current state and forecast future trends. Participants will delve into the advantages and challenges associated with cloud versus on-premise solutions, armed with historical insights and contemporary best practices.

As organizations increasingly adopt cloud services, understanding the nuanced security implications becomes paramount. We will discuss the scalability, flexibility, and cost-efficiency benefits of cloud services, while also addressing the potential risks such as data breaches, loss of control over data, and compliance complexities. The session will contrast these with the traditional on-premise setups, known for their robust control and physical security, but also characterized by high operational costs and complexity in scalability.

Attendees will learn successful strategies for securing cloud environments, including the implementation of rigorous access controls, encryption, and regular security assessments. Common pitfalls such as inadequate disaster recovery planning and misconfiguration will be examined to equip participants with the knowledge to avoid them.

Learning Outcomes:

• Gain a comprehensive understanding of the historical evolution of cloud computing and how it has reshaped business IT infrastructure.

• Analyze the benefits and risks associated with cloud and on-premise solutions to make informed decisions suitable for your organizational needs.

• Learn best practices for cloud security and common pitfalls to ensure robust protection of your digital assets.

• Equip yourself with strategies to leverage cloud advantages while mitigating potential security threats effectively.

This panel discussion brings together industry leaders to delve into the pressing challenges at the intersection of IT, cybersecurity, and artificial intelligence. As businesses increasingly rely on advanced technologies for their operations, the complexity of managing these systems and safeguarding them from emerging threats has never been more critical. This session will provide a platform for experts to explore and debate the major challenges facing professionals in these fields today.

Panelists will discuss a range of issues, from integrating AI into existing IT infrastructures and ensuring these systems are secure, to dealing with the rapid pace of technological change and the evolving landscape of cyber threats. The discussion will also cover strategies for addressing skills shortages, navigating regulatory environments, and maintaining resilience against a backdrop of sophisticated cyber-attacks.

Attendees will gain insights into how different organizations are tackling these challenges, with examples of successful strategies and lessons learned from failures. The session aims to equip participants with a broader understanding of how to approach the intertwined areas of IT, cybersecurity, and AI, fostering a proactive rather than reactive approach to technology management and security.