Trends in InfoSec: Data Minimisation, Autoclassification, and Ethical AI

Laws are changing around the world to require frequent disposal of high-risk information, to reduce the impact of (inevitable) breaches. As such, ‘records management’ is now cyber discipline, but one that has not previously been well enabled by technology. To address the new importance of records governance, and the growing challenges of managing data at scale, AI has entered the fray over the last five years, to automatically classify records against risk and retention rules. But there are pitfalls to be aware of when considering AI for data classification, not least of which relate to new legislation for Ethical AI. This talk provides a summary of the requirements for data lifecycle management, the technology approaches, and the risks, and includes a Data Minimisation Best Practice Checklist for cyber professionals.

Speaker

Rachael Greaves

CEO & Co-Founder @Castlepoint Systems, Australia's Most Outstanding Woman in IT Security, RegTech Female Entrepreneur of the Year, Women in Fintech Powerlist, Top 100 Innovator, CISM, CISA, CDPSE, & CIP

Rachael is a CIP, CISA, CISM, CDPSE, and is certified in project, change, and records management. With a cultural anthropology and linguistics background, Rachael brings ethical, global, and sustainable practices to the sector. She is Australia’s Most Outstanding Woman in IT Security and RegTech Female Entrepreneur of the Year 2022, and is listed on the Women in Fintech Powerlist. 
Read more
Find Rachael Greaves at:

From the same track

Session zero trust

A Zero Trust Future for Applications: Practical Implementation and Pitfalls

Wednesday Apr 10 / 10:35AM BST

If you are building applications which are critical for your organization's revenue than you would be looking at a zero trust future for most of the applications.

Speaker image - Ashish Rajan

Ashish Rajan

CISO @Kaizenteq Ltd, Host of "Cloud Security Podcast", and SANS Trainer for Cloud Security, 13+ Years Experience in the CyberSecurity Industry

Session

Poetry4Shellz – Avoiding Limerick Based Exploitation and Safely Using AI in Your Apps

Wednesday Apr 10 / 02:45PM BST

LLM based AI has introduced huge shifts in the technology landscape in a very short amount of time, a consequence of which has been the immense pressure on organizations of all types to adopt and/or develop any and all things AI.

Speaker image - Rich Smith

Rich Smith

Session

Beyond the Breach: Proactive Defense in the Age of Advanced Threats

Wednesday Apr 10 / 01:35PM BST

This talk will cover some of the most advanced attacks that are in the public domain, mostly attributed in public by commercial organizations.  This talk will give a whirlwind tour of some of the high end of threat activity to set out a context of changing cybersecurity landscape.

Speaker image - Michael  Brunton-Spall

Michael Brunton-Spall

Deputy Director Cyber Policy and Solutions @Cabinet Office

Session

From Anti-Patterns to Best Practices: A Practical Guide to DevSecOps Automation and Security

Wednesday Apr 10 / 03:55PM BST

In the modern DevSecOps landscape, teams often struggle to achieve more with fewer resources, leading to the development of counterproductive habits. These habits can significantly hinder the ability to establish effective security programs.

Speaker image - Spyros Gasteratos

Spyros Gasteratos

Founder @Ocurity, Principal Security Engineer, Maintainer of opencre.org & github.com/ocurity/Dracon, 15+ Years Experience in Security