Do we need to update our security strategies and speech? Most if the ordinary/traditional security talks strategies still approaching normal layers and missing the technology convergence and fast response needed by business
The objective of the session is helping CISO for updating their security strategies and approaching DevSecOps workflows or at least find a common ground for speaking with new IT/Development in the era of technology convergence and satisfying the business need for winning the market by fast Integrations and Developments (CI/CD).
Accordingly session will simplifying security thinking for approaching one of the DevOps components (Containers). Choosing the talk to start from Container security point view to ensure audience at least got out with proper foundation for speaking with IT/Dev team, Also choosing the core components to link the whole story to the audience from DevOps to CI/CD to Zero Trust, which are common words used these days as part of the digital transformation and high resiliency. the session will cover the containerisations concept and quick overview of NIST SP800-190 and surrounding container management tools, then will move to the view of Business to the security after the CI/CD and the impact of this on the security in a fast-base environment, and since losing the business is big impact we need to mention the remaining risks that are impacting the security specially with the convergence of IT/Dev layers which may need to converge the security layers as well and accordingly the whole mindset of think in security risks, security testing and compliance.
Ahmed is Cyber Security Consultant with 15 years of IT industry experience out of them 12 years focusing on Cyber Security, He is a BSc degree in Engineering from Cairo University and with professional Diploma in Cyber Security from ITI. During his career he has been consulting major enterprises and governments clients in Egypt, North Africa and Gulf. Currently Ahmed is a Managing Security Consultant at IBM, Prior to Joining IBM he occupied the Management positions at Etisalat Misr, RayaIT and SecurityMeter. During his share ownership in SecurityMeter he established the Professional Service department at the company, afterwards he supported in establishing Enterprise Security GRC & Architecture team at Etisalat Misr as part of Etisalat Misr Enterprise Security Department. Ahmed developed his core competencies in Security Assessments, Compliance, Incident Response, Security Control Evaluations and Implementations, for the last couple of years he got special focus on Telecom/OTSecurity, AI in Security and Threat Intelligence.