Conference Day Two: Monday, 5 September 2016

08:30 AM - 08:50 AM Registration, refreshments and networking

08:50 AM - 09:00 AM Chair’s welcome and opening remarks

, ,


09:00 AM - 09:30 AM Organised E-crime: The new tool for stealing data, money laundering and conducting fraud

, ,
  • What should banks do to secure electronic payment gateways
  • Using contactless credit and smart cards to avoid physical contact with card holder and the merchant terminal as one of the techniques: Is this sustainable?
  • Teamwork between various stakeholders: Risk, information security, governance, forensics, electronic payments to isolate the e-crime

09:30 AM - 10:00 AM Digital fraud: Modernising cyber security to protect banks from evolving phishing and malware attacks

Jorge Sebastiao, Global ICT & Cyber Security Specialist, Independent Consultant, UAE
  • Defending information from unauthorised access and building a multi-tiered approach to improve defence mechanism
  • Balancing customer service excellence and fraud prevention using conventional and non-conventional methods
  • Using forensics tools to reduce risks of digital fraud and focus on threat protection operations

Jorge Sebastiao

Global ICT & Cyber Security Specialist
Independent Consultant, UAE

10:00 AM - 10:30 AM Building a centralised cyber security command centre: Intrusion detection, monitoring and risk mitigation in an evolving threat landscape

Mahmoud Yassin, Manager Data Center, National Bank of Abu Dhabi, UAE
  • Developing bio-metric ATMs to avoid cash money laundering and thinking beyond PINS and temporary digital Ids
  • System and security monitoring: Evolving smart banking security and using smart techniques to monitor intrusions and be prepared for sophisticated attacks
  • Working together as a team: Data centre, AML and IT security with risk management departments


Mahmoud Yassin

Manager Data Center, National Bank of Abu Dhabi

10:30 AM - 11:00 AM Networking coffee break


11:00 AM - 11:30 AM Cyber GRC: Getting the best out of ISO 27001, COBIT5 and UAE (IA) standards

  • Overview of the exisiting framework being used across the enterprise
  • Customising security objectives to fall in-line with the business processes
  • Securing the best from global practices to build a robust cyber GRC framework

11:30 AM - 12:00 PM Effective risk governance receipe for financial institutes

, ,
  • Understanding different lines of defences in the organisation with defined roles and responsibilities for each
  • The risk control framework embedded in key processes
  • Front to back risk views and enabling business decisions to align risk management strategy with organisation’s strategy

12:00 PM - 12:30 PM Cyber security assurance and framework: Driving it from the top

Alaa Nasrallah, Vice President – IT Audit, Arab Bank, Jordan
  • Cyber GRC: What’s the governance tone at the top?
  • Conducting periodic vulnerability assessments, penetration tests and improving the effectiveness of security controls to comply with the agreed cyber security framework
  • Using the “NIST” framework: Managing information security vendors and involving them in business continuity and IT disaster recovery plans to mitigate risks


Alaa Nasrallah

Vice President – IT Audit
Arab Bank, Jordan


12:30 PM - 1:00 PM Prayer and coffee break

1:00 PM - 1:30 PM BIG DATA: Using HADOOP tools to slow down financial data breachers

Tamer Al Ajrami, Head of Information Security, Capital Bank, Jordan
  • Transitioning from SIEM tools to HADOOP to manage size and complexity of data in organisations
  • Anticipating blind spots to ensure thorough preparedness and incorporating risk mitigation plans
  • Developing parallel HADOOP clusters in-line with the cyber security objectives of the organisation


Tamer Al Ajrami

Head of Information Security
Capital Bank, Jordan

1:30 PM - 2:00 PM What does data theft mean to different departments and what are the steps to minimise its subsequent impact

, ,
  • Bringing a level of consistency across data protection laws and legislations
  • I mmediate steps to be taken during a serious issue of data breach
  • Raising awareness of data security across deparments

2:00 PM - 2:05 PM Closing remarks by the Chair

, ,

2:05 PM - 11:59 PM Networking lunch and end of conference