You are a CEO - Programme 2021

Introduction - A look on the 2022 Global Digital Trust Insights Survey
Koen Maris, Partner & Cybersecurity Leader, PwC Luxembourg

Information security is up against weaponized psychology
Christina Lekati, Social Engineering Trainer & Consultant, Cyber Risk GmbH

Social Engineering has become one of the most effective and efficient attack methods used to initiate and enable attacks. We read in the news about large-scale security violations, where investigators are not able to understand the phase of initiation. In other cases, an insider threat was involved. These are often social engineering-initiated attacks. By design, this is the type of attack that moves in the shadows, delivered by criminals and state-sponsored agents that are able to blend in multiple environments and often leave no trace, making it very difficult to identify the point of initial compromise. Similar to warfare operations, these threat actors strive to create an asymmetrical advantage based on a carefully planned strategy.

Cybersecurity today is not only a technical challenge. It is also a behavioural challenge. As long as executives, managers and employees can provide access to critical assets, systems, and data, attackers will be targeting them through social engineering schemes in order to acquire this access. Those who have access to technology and organizational assets have also become responsible for protecting those assets. Do you or your colleagues make the perfect target?

Weaponized psychology has started becoming a tool employed to infiltrate organizations in the public and private sectors, steal sensitive information, recruit insiders, and help attackers breach organizational security. 

This talk provides insights on the mechanisms and the methodology of today’s social engineering attacks and explains the increasingly growing threat of weaponized psychology. It will also discuss how attackers elicit information that assists them in initiating or delivering an attack. The talk will include case studies and lessons learned on the use of weaponized psychology from the fields of business and human intelligence operations (HUMINT) in social engineering and in recruiting insider threats, as well as what makes some targets more attractive than others.

Committed to each-other! The CEO, CISO and DPO triangle
Paul Oor, Security and Data Protection Consultant, Shared Experiences

ICT has become a crucial factor for the sustainability, growth and success of organisations. Processing priceless business data and information.

Simultaneously the value of data attracts a wide variety of malicious actors, the complexity of data-processing, supply-chains and business networks is rapidly increasing as is the legislation and regulation...

Policies, guidelines and procedures i.e. compliance are still an important factor in this volatile landscape. Nowadays however, the effectives of security and data-protection measures and controls is an essential business requirement.

This requires a new, agile approach and close cooperation between the Board and the security and data protection professionals. 

CISO's and DPO's are adapting to these changes to ensure the resilience of your business but they do need, now more than ever, your active interest and support to ensure the success of your business. 

Technology is a big help, yet in his introduction Paul Oor will propose and discuss with you - no disrespect intended -The 10 commandments for CEO's - to put CISO's and DPO's in an effective position in your organisation.