Home workers require a new approach to cyber security
COVID-19 has changed the workplace forever, with many firms saying they will implement more home working even after the pandemic is over. It can increase efficiency, but this approach also requires a greater focus on cyber security.
As businesses continue to realise the benefits of remote working, cyber security has never been more important, which is why we have decided to run the Future of Cyber Security as a virtual event.
Following hot on the heels of Cyber News Group’s highly successful 2020 and 2021 events, the Future of Cyber Security’s virtual conference will be better than ever. Attracting an exclusive audience of senior industry executives, the conference will feature topics relevant to the current COVID-19 working environment as a huge number of employees across all industries continue to work from home.
There is no doubt that cyber-criminals are jumping on opportunities to exploit employees working remotely during coronavirus, and the number of cyber-attacks will continue to increase, according to Europol.
Indeed, cyber-criminals are already profiting from the pandemic, with email phishing campaigns designed to steal employees’ credentials and compromise business systems, the agency has warned.
Ransomware is still a major threat to today’s businesses. Interpol’s Cybercrime Threat Response has detected a “significant increase” in the number of attempted ransomware attacks against key organisations around the world.
The cost of a breach can be huge, often reaching millions of pounds. According to Accenture and the Ponemon Institute, the average cost of a cyber-attack is $13 million.
The Annual Cost of Cybercrime study found that criminals are adapting their attack methods by targeting the human layer — the weakest link in cyber defence — through increased ransomware with phishing and social engineering attacks as a path to entry.
This is especially relevant in today’s climate, which has never been riskier for businesses as the work from home ethos opens new avenues for attack. With this in mind, the Future of Cyber Security and Virtual Conference will include sessions on the risks associated with a remote workforce and how to resolve them.
For example, many businesses and their employees are using video conferencing apps such as Zoom to communicate. This is attracting more hackers to the platform, exposing businesses that use video conferencing to an increased number of threats.
With this in mind, the Future of Cyber Security will examine the risks posed by video conferencing, especially when using consumer-grade apps, and outline how best to stay secure.
One of the greatest threats to businesses is email phishing, which sees employees targeted with malicious emails when they are working from home. The conference will address this and also look at how hackers use social engineering to track and lure victims in.
As part of this, The Future of Cyber Security Virtual Conference will include a professional social engineer who will share their tips and tricks to entice employees into giving up their data or give access to buildings or systems.
The Future of Cyber Security Virtual Conference will examine the general threat landscape during COVID-19 and assess the nation state threat to UK businesses.
The Future of Cyber Security Virtual Conference aims to help businesses to stay one step ahead of attackers through a number of insightful sessions not available at any other security conference.
In just one day, the event will provide essential intelligence that enables senior personnel to stay one step ahead of cyber criminals as the attack surface expands amid COVID-19.
Covering business security during COVID-19 and video conferencing in the morning, and password security, social engineering and the threat landscape in the afternoon, the conference covers today’s cyber security trends and threats across Europe – as well as those of the future – equipping delegates with the strategies, tools and technology needed to cope in an increasingly complex landscape.
It follows the huge success of our events in London. This educational one-day exclusive conference brings senior decision-makers face to face with leading cyber security specialists. Covering the strategic needs of all enterprises, the conference provides delegates with a unique opportunity to learn from thought leaders in the field and gain new knowledge and skills to manage the latest technology.
Election hacking, money laundering, billion-dollar cyber heists… author and investigative journalist Geoff White has covered it all.
His work’s been featured by BBC News, Audible, Sky News, The Sunday Times and many more.
His new book, The Lazarus Heist – From Hollywood to High Finance: Inside North Korea’s Global Cyber War was adapted from the hit BBC podcast and will be published by Penguin Random House on 9 June 2022.
His first book, Crime Dot Com, took readers inside the murky world of the digital underground, uncovering cybercrime’s emergence as today’s global threat. His podcast series for Audible, The Dark Web exposed the shadow internet created by the US military and now home to hackers, crooks and freedom fighters.
The twists and turns of his investigations have informed and entertained audiences from music festivals to political party conferences, and his live phone-hacking stage show was a sell-out hit at the Edinburgh Fringe Festival.
Fast-moving cyber-attacks like ransomware can strike at any time, and security teams are often unable to react quickly enough. Join Mariana Pereira, Director of Email Security, to learn how Autonomous Response uses Self-Learning AI’s understanding of ‘self’ to take targeted action to stop in-progress attacks, without disrupting your business.
- Learn how Autonomous Response knows exactly the right action to take, at the right time, to contain an in-person attack
- How AI takes precise action to neutralize threats on the behalf of security teams
- Use of real-world threat finds to illustrate the workings of Autonomous Response technology
Securing your devices can be challenging, especially when some of your employees are working remotely. All endpoints, both on- and off-network, must be patched and secured on an ongoing basis.
Join us for a hands on presentation where we will provide live training on these critical processes:
- Performing a security assessment
- Setting up a secure VPN for remote workers to access applications
- Developing a Bring Your Own Device (BYOD) policy that specifies security requirements
- Automating software patch management and vulnerability management
The inevitability of Organisation Transformation in Financial Sectors through Technology drivers.
Why you should transform:
- A new sector competitors providing financial services
- The other drivers behind transformation & intended outcomes
How?
- Internally in the organisation – Pillars within Transformation
- External alliance: Fintech alliances and collaborations
What next?
- Transformation completion is not the END!
Soheyl is an all-round Strategic, Transformational Technology Leader with 24 years of Executive and Hands-on experience in various Industries. He has worked for major international organizations such as IBM, ING bank, KLM airline, and Emirates group.
He is experienced in shaping and executing Long-term technology strategies and Road maps aligning key initiatives with Business Strategy.
He has shown deep expertise in advising Senior leadership in Digital transformation, Innovations, Emerging Technologies, Agile transformation and upgrading IT-Landscapes.
He is Specialized in Agile / DevOps, Software Engineering Practices, IT Governance, Design thinking, and LEAN / Six Sigma
When securing your AWS, Azure or GCP environment, the stakes are high! With so many different variables to consider when designing and implementing a security strategy, you may find it difficult to organize or get started. You need a clear framework for setting priorities and building a plan of action.
Outlining best practices and compliance standards is a good place to start. But these alone don’t enable you to actually assess the maturity of your current cloud security practices and build a roadmap for continuous improvement.
We created a lightweight and easy to understand framework that defines the key guidelines for a comprehensive cloud security strategy. It serves as a guide for prioritizing and implementing security controls and procedures in a way that will make stakeholders open to collaborating with
you.
In this session you will learn to:
● Design a cloud security strategy for your enterprise with clear and practical milestones
● Gain a clear picture of where your organization currently stands on its path to a secure cloud environment
● Create a common language between various stakeholders in your organization
● Leverage automated solutions to improve your security
Three billion phishing emails are sent around the world every day. If even one gets through, your organization is in big trouble.
Even with technical protections in place, employees still fall for phishing expeditions every day. Hackers only need to get it right once. Staff need to be right every time. But they’re busy, distracted and disinterested in security. How can we overcome this – before the hackers are in?
Join us as we share advice from top experts in the field on how to build a strong security culture. We’ll show you how to achieve these and provide practical examples you can use in your workplace.
Attend this session to listen Gil Vega, Veeam’s Chief Information Security Officer, being interviewed by Jeff Reichard, Veeam’s Senior Director of Enterprise Strategy. They will discuss ransomware issues in UK&I today, other malware and security threats and what cyber security trends we can expect going into 2022.
Regardless of your current capabilities and level of readiness, ransomware is an evolving threat you can better address by gaining a deeper understanding of the tactics and methods used by attackers.
During this session, Tenable explores the anatomy of a ransomware attack and discusses protective measures you can take to better secure your organization.
Concepts and topics covered will include:
- Ransomware from the attackers perspective
- Lessons learned from high-profile attacks
- Protective measures for disrupting and preventing successful exploitation
Threats have changed over the years and so have the targets. It’s not just your data that is at risk in the traditional way, it’s your employees, your suppliers and your customers that are being targeted. If successful, just one accidental or intentional breach could easily tarnish your business’s reputation. In this session, we’ll cover email attacks directed at your organisation and what is needed to defend against them.
Enforcing Zero Trust is not as simple as deploying a single technology as the silver bullet for all our cyber security woes. Instead, Zero Trust is a “mindset” that is a critical aspect of every step you take on the path to making your organization as secure as it can be in today’s hybrid world. In this session, we will cover the essential steps to implementing Zero Trust from an identity perspective, in order to increase security while at the same time enabling the business.
With the cost of living increasing, people navigating a post-covid world, and other uncertainties in business, there is a potential that we, the security function, could see a surge in risky behaviours that would be detrimental to the security of the organisations we serve. Because when people are under stress, mistakes happen, and people take short cuts, which leads to them becoming one of the hardest advisories to build resilience against – insider threats.
In this talk I will discuss how exciting research using Glassdoor for OSINT purposes can be applied to help you predict if your organisation is likely to engage in risky cyber activities, how to embrace grey area thinking to illuminate your blindspots, and how the tools and methodologies of anthropology can give us a strong foundation to build antho-centric security cultures within your organisation that will enable you to be proactive, not reactive to insider threats.
When 95% of cybersecurity breaches are caused by human error, we as security practitioners need to, and can do better to create a culture that enables all of us to build up our resilience against cyber threats inside and out.
Lianne is an award-winning cyber anthropologist and security transformation leader with experience in the healthcare, finance, private and non-profit sectors.
Her consultancy, The AnthroSecurist, enables teams in complex organisations to understand each other’s motivations, identify barriers that have prevented good security practices in the past, and provide practical steps and insights to increase collaboration between the security team and the rest of the organisation.
As a respected speaker, Lianne has delivered talks across the globe to share her vision for a new type of security function. Drawing upon her expertise as an anthropologist, her practical experience as a security-focused software developer and her time in NHS Digital’s SOC as a SIEM analyst overseeing 1.5 million endpoints; Lianne combines the human and the technical aspects of security to evangelise a cultural security transformation.
Outside of work, she is on the advisory board for two community enterprises aimed at encouraging diversity in tech and on the board for a cybersecurity startup. She is a published author, podcast host, and recently won Computing.com‘s Security Specialist of the Year for her work on human-centric approaches to security, Security Leaders of the Year 2021 and Woman of the Year in the Enterprise category In the Women in Tech Excellence awards.
When entire workforces went remote in 2020 because of the global pandemic, organizations pivoted quickly to new business models by migrating apps and services to the cloud to enable the anywhere, everywhere workforce. That’s resulted in business users spending an average of 75% of their workday working in a browser. These same digital enhancements, however, also ushered in widespread transformation that expanded attack surfaces and created new opportunities for cyber miscreants, giving rise to Highly Evasive Adaptive Threats (HEAT), which are used as beachheads for initiating ransomware, data theft, and account takeovers.
During this insightful session, Menlo Security Senior Director of Cybersecurity Strategy, Mark Guntrip, discusses why HEAT attacks are the next-class of browser-based attacks taking advantage of today’s remote and hybrid workforce.
Please visit our exhibition area and network with our sponsors
Employees are the first and primary line of defense against online crime. Equip them with the knowledge and skills they need to protect their business from cyber-attack with BullPhish ID.
By providing regular, evolving security & phishing awareness training, you’ll educate them on potential security threats and encourage behavior change. Preparing employees for the inevitable attack, whether they are working in the office, on the road, or from home will provide peace of mind, shore up security, and fulfill and document compliance. BullPhish ID provides user-friendly, regular training in bite-size pieces, so employees are more likely to retain what they learn.
This 15-minute presentation includes:
• How BullPhish ID simulates phishing attacks so all employees become trained to spot and stop phishing attacks.
• Why you’ll love the freedom of the choice between plug-and-play phishing kits or fully customizable content
• What you can do to start benefiting from security awareness training right away
Ed Vaizey will be interviewed by Geoff. White, an Investigative Journalist Covering Technology & Technology Author. This should prove a fascinating encounter.
Ed Vaizey was the UK’s longest-serving Minister for Technology, working for UK Prime Minister David Cameron from 2010-16. Ed now advises numerous high-level clients around the world on technology policy, and writes and broadcasts regularly on politics.
During his time as a Minister, Ed was responsible for attracting the Star Wars franchise to film in the UK, and consequently received a credit in Star Wars: the Force Awakens. Ed regularly features in “most influential” lists, such as the Evening Standard’s London 1000, The Times Film 100, and Business Insider’s Tech 100.
Ed oversaw the world’s most successful rural broadband programme, a £1bn expansion project, as well as the £2 billion 4G spectrum auction. He has made a major contribution to help the UK become a world leader in technology and during his time as a Minister, the UK’s creative industries – film, television and video games- grew three times faster than the economy as a whole, thanks to his introduction of tax credits for these industries.
Recent speaking engagements include addressing the Global Institute at the personal invitation of former prime minister Tony Blair; interviewing Vice-
President Al Gore at LionTree’s prestigious media conference; interviewing the editor of the Economist at FTI’s Davos event; and discussing technology trends as part of the Leaders in Technology program at CES in Las Vegas.
The headlines and ever-increasing data breach numbers are all the evidence needed to confirm that current security ecosystems are failing to protect modern organisations. Now the third most targeted nation by hostile states, the UK is under cyber-attack. Two in three mid-market organisations suffered an outage in 2021 and one in five paid a ransom – it’s time to start fighting back. But how? The answer is unquestionably not more point products, nor more layers of products on top of existing products.
This session will cover the emerging trends and technologies that will ultimately enable security teams to secure their networks. It’s time to move beyond the reactive, responsive approach that has defined the last 35 years and realise there is another way – and it’s not as far away as analysts and large enterprise would have you believe.
Tune in to find out how to locate all the missing information you have on your customers without having to manually cross-check numerous documents or rely on employee knowledge.
The webinar will cover:
• How to achieve zero degrees of separation and link all customer information together
• How you can make better business decisions by identifying knowledge gaps and plugging holes
• How flexible asset tracking will instantly enable improved efficiency
The session will guide you through the following features:
• Relationship Mapping
• Completion Profile
• Flexible Assets / Asset Tracking
What’s it like to start as a CISO at a tech company? And more importantly, how does such a role affect your decision making in infosec?! In this talk, Stu describes his journey so far at Trustpilot and how the job is challenging some previous thoughts or ways of working.
Stu is currently CISO at leading consumer review website Trustpilot.
He was instrumental in building Skyscanner’s Security team from 2015-2017, having led them to the final of SC Magazine’s Security Team Of The Year 2017.
He has previously worked in security at The Trainline, was part of the Cyber Leadership Team at Capital One UK, Photobox Group and Interim Director at Just Eat Takeaway.com
He has twice been nominated as a finalist for Cyber Evangelist Of The Year at the Scottish Cyber Awards and is one half of Cyber Scotland Connect.
Stu has key-noted at numerous leading Security events such as InfoSec Europe, Cloud Expo Europe, BSides (various) and Future Of Cyber Security.
For years, organizations have struggled to meet the requirements of regulatory compliance, incident response, security and best practice for their critical data.
And now, with the huge upsurge and modernization of business applications and the pressure to migrate to the cloud or to manage a hybrid solution, data security and compliance requirements are evolving to the point where traditional solutions are no longer enough to provide every answer, and the demand for a modernized data security solution is growing .
Modern Data Security requires:
- Support for any location, Multi-cloud, on-prem, both.
- Coverage for any data type
- Simplified monitoring through agents or agentless
- Building Data security into Business Processes
Join Imperva’s Terry Ray to learn how to take the critical steps required to modernize your data security solutions to meet the constantly changing security challenges of the modern enterprise.
The challenge for CISOs in their digital transformation journey is to understand the right strategy required for their business to secure the remote endpoints. The question would arise on what you need to focus on endpoint security
in terms of strategy. Engage an effective layered security approach for the endpoints to ensure business as usual.
IT professionals are looking for additional ways to reduce risk as the threats of today’s cyber world grows daily. Without regular vulnerability scanning, your probability of being exploited and compromised increases considerably. While the scan itself does nothing to prevent threats from the outside world, it is proven to be the best way to identify the weaknesses that can be exploited. New vulnerabilities from the outside are reported every day, while changes that happen with internal user behaviors can also create new vulnerabilities.
In this webinar, VulScan General Manager Max Pruger will review why vulnerability management is so essential, and present some best practices and helpful tips that will guide you in the use of vulnerability scanning products and how to get the most out of the scan results in less time.
With threat actors constantly evolving their tactics, techniques and procedures (TTPs), it is important that organizations are aware of the latest TTP trends to protect themselves.
Alert Logic has dedicated SOC analysts, data scientists and security researchers to continuously hunt for the latest and emerging threats and campaigns. This human-led process has complimented automated detection and helped stop threat actors from evading.
During this webinar Alert Logic will share understanding of distinctive threat actor groups it has amassed and how it has been keeping track of TTPs used.
Josh Davies, product manager at Alert Logic, will explore the process and benefits behind activity clustering. The former threat hunter will share information on the favored tactics used by threat groups, uncovered from real-life examples within the Alert Logic customer base.
Join this session to learn:
- The process and benefits behind activity clustering
- Which TTPs are favored by threat groups and what that tells us about them
- Real-life examples of identifying compromises from Alert Logic’s research
Witness how easy it can be to back up your Office 365 data using Spanning Backup for Office 365. Spanning backs up your user’s Mail, Calendar, and OneDrive data, and your tenant’s SharePoint data.
Ever wondered what DPOs do all day? Join me as I explore what a typical day looks like in the world of a DPO. We will explore the different characteristics of DPO roles, what DPOs are actually trying to achieve, the problems DPOs face and the issues they navigate on a daily basis. Plus some useful tips on engaging with your DPO and how to make your life as a DPO a little bit easier.
Joseph is a UK based DPO with experience in building data protection functions from the ground up. He has held consultant and in-house DPO roles and is used to working with diverse groups of companies operating in different markets with unique data protection challenges. He currently works in the betting and gaming industry at William Hill overseeing the company’s global privacy and data protection programme.
We’ve experienced a change in the recent year in application development that has never happened before; traditional security tools are not able to secure and integrate with new technologies like serverless and containers. In this session, we will explore how to safely deploy a modern, adaptive, and automated runtime security strategy to your applications, built on your container, serverless, and other computing platforms.
Please visit our exhibition area and network with our sponsors
In this presentation, an experienced Recorded Future analyst will share insight into stealer malware and how credential harvesting affects also your Organization. This is a deep dive into the different credentials which get harvested and how they are influencing cyber attacks. The presentation will further look at:
- Credential Harvesting and Initial Access
- Raccoon, Redline and Beyond
- Modern Threats Require Modern Solution
Confirmed Speakers
Sponsors
