Menu Close
2021_website_header_march

Programme Day 1

Investigative journalist Geoff White has covered technology for BBC News, Channel 4 News, Audible, Forbes online and many others. Crime Dot Com, his book on cybercrime for Reaktion Books, will be published on August 10, 2020. His exclusives reveal tech’s impact on our lives: the controversial police use of facial recognition; the failure of artificial intelligence therapy apps; hi-tech call centre scams that have cost victims their lives’ savings; fraud in the internet dating industry

Many organizations have recently had to shift their security strategies to account for new threats, increased mobility, and rapid digitization. But how do you know exactly what works and what doesn’t in cybersecurity? Cisco has commissioned a study outlining which security best practices lead to the most impactful results. In this session we will share the key highlights affecting the UK, Europe and share how they compare to global findings.

For many organisations, COVID-19 has prompted an unexpected and sudden migration to cloud and remote technologies. But the pandemic has accelerated everything both good and bad – leading to elevated risk for organisations trying to maintain business continuity amongst changing regulations and restrictions. While 80% of employees remotely working and organisations having to provision in a matter of days and weeks, organisation still need to manage and control access to their systems so as to avoid over provisioning and the dangers that this presents to companies. In this presentation SailPoint will discuss how Identity Security is the foundation to regaining control and managing the new way of working.

Please take time to visit our sponsors, and interact live with speakers and staff members within their booths.

With over 258 million users, Office 365 (O365) dominates the business application space, helping organisations form a new work-nucleus to enable remote working and collaboration that is vital to success in this ‘anywhere-work’ world.

But the cloud, and O365, carry risks. Despite its benefits, O365 cannot deliver the level of protection and availability that organisations truly need for advanced security and performance.

In this session we will share exclusive insights and actionable advice to help IT professionals like you overcome key challenges and deliver an uncompromising O365 experience.

We will cover:

  • How to secure your O365 environment against the most sophisticated of phishing attacks
  • How to protect your O365 users from cross-channel attacks that move from email to web or cloud
  • How to follow Microsoft recommended best practice without sacrificing security and deliver an uncompromising O365 user experience
  • Why analysts recommend having a third-party security solution to enhance app performance and ensure service continuity

“Decision-makers need to be aware that relying exclusively on the native capabilities in Office 365 can present challenges and business risks for their organisation.” – Osterman Research

Join this session to hear real examples of the challenges organisations using O365 are facing, receive actionable advice, and discover a solution that will help you deliver enhanced security and compliance for your organisation’s O365 environment.

Today, 94% of cyber-threats still originate in the inbox. Impersonation attacks’ are on the rise, as AI is increasingly being used to automatically generate spear-phishing emails, or ‘digital fakes’, that expertly mimic the writing style of trusted contacts and colleagues. Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response. 

Meanwhile, the emergence of AI-enhanced malware is making cyber-attacks exponentially more dangerous and harder to identify. In the near future, we will begin to see supercharged, AI-powered cyber-attacks leveraged at scale. In an era when thousands of documents can be encrypted in minutes, ‘immune system’ technology harnesses defensive AI to take action in seconds – stopping cyber-threats before damage is done. Find out how in this session and hear real-world examples of emerging threats that were stopped with defensive Cyber AI.

Please take time to visit our sponsors, and interact live with speakers and staff members within their booths.

In this talk we will address:

  • How Russian cyber is set to transform over the next decade
  • Why it may become (even more of) an unfair fight
  • How the Russian supply chain attack on SolarWinds is nothing new
  • Who is behind Russia cyber attacks today
  • Russian geopolitical objectives
  • What it means for us

I usually hear CISO/Head of Information Security complaining that members of Exec don’t understand security or provide enough budget to the Information Security division, and then I ask the following question “How do you present your proposal and findings to Members Exec?”, and they usually present a 30+ page document containing all the threats against the organising, stopped attacks, latest IDS logs, number of virus identified etc, and here is where they are badly failing!

There’s a huge misconceptions of what a CISO/Head of Information Security should really be. This is not a technical role. This is a strategic position that focuses on the strategy of execution, it focus on the growth of the business while understanding the business objectives, finance, revenue and how they can incorporate cyber security into that.

Join me for this session and learn how you should speak and present to your board of directors and members of executive team.

Cybercrime is on the rise, costing the global economy trillions per year. With cybercrime-as-a-service and hacking tools readily available, critical data assets and company reputations are at risk. As threat campaigns evolve, understanding how your adversaries are working and what they are targeting can help you ensure a better cyber defence. Join Alex Jinivizian as he discusses how cybercrime has become an industry and shares insight into how phishing and ransomware campaigns work.

Key takeaways: 

  • Understand and identify your cyber risk
  • How cybercrime organisations are operationalising and their preferred methods of choice
  • Dive into recent incidents to explore threat scenarios that combine multiple tools and techniques

Ransomware today is a big concern of all organisations, costing over £15.6B per year. Especially now, with so much of our enterprise workforce remote, ransomware has increased by over 700% last year alone. Strong ransomware protection starts with data – protecting it, monitoring it, and shielding it from attacks. While the average cost of a ransomware attack is now topping £62k, with the right approach, ransomware protection, and if needed, recovery can cost less than £3.9K, and in most cases, nothing at all. Join this informative session with Veeam as we explore how, through modern protection, organisations can provide protection, and if needed, recovery from malware and never have to worry about ransoms or extended impactful downtime again.

Time matters, it governs our lives and we follow it with clocks and calendars. Yet when we look at Security Operations it rarely factors, this talk suggests putting time at the forefront of security. It takes a novel look at the time-based security philosophy and supplements it with the latest cyber advancements. Time can be a universal translator between risk, security and the business, as its simple concept that we all understand, and in this talk, we will break down the basic concepts of Time-Based Security and extend it out to the Cyber Kill Chain and show how measuring the time it takes for an attacker to breach your network and comparing that to the time it takes for your team to detect and respond to that threat, can drive smarter response choices and more effective tooling choices.

Sandip Patel QC FCIArb, managing partner at Aliant, London, has been at the forefront of notable serious and organised cybercrime cases including ‘DarkMarket’, ‘the Facebook Hacker’, prosecution  of members of ‘Anonymous’ for the hacking of PayPal, Visa, Sony, FBI, CIA, UK NCA, MoD etc, and ‘the boy who almost broke the Internet’ .

Sandip is routinely asked to advise and assist in the creation, training and implementation of cyber law enforcement programmes. For example, in Grenada, he devised and implemented a cyber crime training course for investigators, the A-G’s office and judges so as to give effect to new cyber legislation.

Sandip contributed to the leading text book:  Electronic Evidence, 3rd Edition, Stephen Mason

As head of Aliant’s Data Protection and Privacy Team, Sandip advises and assist organisations on data laws, privacy, protection and cyber security.

Sandip is Chairperson of the Cybercrime Practitioners’ Association.

Sandip is Chief Adviser to the OSP Cyber Academy.

Please take time to visit our sponsors, and interact live with speakers and staff members within their booths.

  • Understanding the attack surface – how ML and AI can detect internal and external attacks.
  • Importance of Hybrid Active Directory and how ML helps in predicting user behavior.
  • Get to know when privileged users are under attack and re-mediate an action plan.
  • Importance of data security and the need for DLP.

Did you know that Microsoft is a giant in cybersecurity? Trusted by 90% of Fortune 100 organisations, it collects over 8 trillion security signals a day and analyses more than 4PB of data across AWS, Azure and more with its flagship SIEM solution Azure Sentinel. Discover how its leading range of holistic and cloud-native security solutions can protect your organisation against cyber threats and keep you compliant. We’ll show you:

– Ways to manage and reduce security complexity within your infrastructure

– Integrated tools to increase security visibility and improve threat detection

– How cloud-native approaches to security ensure compliance, reduce ‘noise’ and improve efficiency

Taking a closer look at:

– Zero trust security

– Azure Sentinel

– Microsoft Defender

Investigative journalist Geoff White has covered technology for BBC News, Channel 4 News, Audible, Forbes online & many others. Crime Dot Com, his book on cybercrime for Reaktion Books, was published on Aug. 10, 2020.

His exclusives reveal tech’s impact on our lives: the controversial police use of facial recognition; the failure of artificial intelligence therapy apps; hi-tech call centre scams that have cost victims their lives’ savings; fraud in the internet dating industry

Annie Machon & colleague David Shayler both resigned from MI5 in 1998, intending to blow the whistle on a series of alleged crimes committed by the service, such as secret MI5 files held on the very government ministers responsible for overseeing the intelligence services, illegal MI5 phone taps, lying to the government by MI5 & other very serious matters.

After being on the run for a month with Shayler, & giving evidence in a court case involving him, she is currently on the board of The Freedom Index Foundation, & also on the advisory board of the Courage Foundation.

Annie is an informed & highly articulate insider on privacy issues, and Geoff. is an accomplished writer on cybercrime & technology, so much of interest is expected to emerge!

 

Enjoy a catch up with speakers, sponsors & peers and join our entertainment from The Fanatics!

“They’re hot. They rock. They get the party started!” Highly recommended by the many clients whose events they have set off with a bang, The Fanatics are an award-winning band, and among the industry’s favourite crowd-pleasers. With a repertoire spanning funk, soul, rock & pop, with killer male and female lead vocals, The Fanatics are a party powerhouse guaranteed to rock your dancefloor.
Recent gigs include the 2019 Gymnastic World Cup, where they performed for 16,000 people at the NEC, and 2 million BBC viewers.

Programme Day 2

John Doody is the Author of “From Stripes to Stars” and Director of Interlocutor Services Limited, a company established in 2003 to promote Information Assurance and Cyber Security issues both nationally and internationally, the company offers a range of services including Marketing, Communications, Public Speaking, Strategy Reviews, Information Assurance, Cyber Security and Information Technology, these services are geared to the strategic level within government and industry.

Prior to this John served at CESG/GCHQ for 10 years in the appointment of Head of Information Assurance Customer Services. He has a wealth of knowledge across the whole spectrum of Cyber Security and Information Assurance. In this latter appointment he was a major contributor to CESG’s move to a commercial business footing. He also has had a role as a Non Executive Director to a security company as well as providing Strategic Advice to a number of major UK and US IT Security companies. John’s recent major role was as the Global Strategic Cyber Security Adviserto Ultra Electronics Limited where he reported directly to the CEO on Cyber Securitymatters. He also provided Strategic Advice to FireEye and Safenet, two large US Cyber companies.

He is currently a Deloitte Associate.

John is a retired officer of the UK Royal Corps of Signals, a Corps in which he served for 33 years to the rank of Colonel. He is a qualified engineer and has held a number of strategic engineering appointments in the UK Ministry of Defence including system support to PTARMIGAN and WAVELL, the army’s tactical communication and CIS systems, Director in the Procurement Executive as Project Director for Army Electronic Warfare, Battlefield Target Engagement System (BATES), Air Defence CIS system (ADCIS) and WAVELL managing £1B of programmes. John has also worked in the R&D environment working on Electronic Warfare Simulation. He has also served in various operational environments including Loan Service to the Trucial Oman Scouts in the Middle East.

John has chaired many international committees dealing with Cyber, Information Assurance, Communications and Interoperability. John is well known on the national and international Cyber/ Information Assurance Conference circuit where he has chaired many events and has given many talks on Cyber and Information Assurance. He is a renowned Evangelist for Cyber Security and Information Assurance.

He has held the position of an International Class Director for the Armed Forces Communications and Electronics Association (AFCEA) International (Fairfax Virginia USA). He is a past President and Vice-President of the AFCEA UK WEST Chapter and served as a Member at Large for AFCEA London in the early 90s. He was also also the Cyber Security Lead for the BCS Security Community of Expertise John was awarded the CESG/GCHQ Directors Medal in 2003.

He was elevated to the Infosecurity Europe Hall of Fame in 2012

With so many predictions, celebrity threats, and ransomware fiascos, it’s often forgotten that there are key fundamentals of Detection and Response that will help drive significant maturity in your organisation’s infosecurity programs. From knowing what assets and intellectual property you have, who may want it, and how attackers could access it, to what you’re doing as a business to prevent, detect, and respond to threats and breaches. Join Rapid7’s Chief Security Data Scientist, Bob Rudis and Head of Detection and Response for EMEA, Ellis Fincham as they discuss areas where businesses should be focusing their energy to effectively protect their employees and assets. They will also share a few war stories they’ve experienced when this focus lapses!

What you will learn:

• How to mitigate common cyber risks and challenges of cloud migration

• Explosion of the edge and the impact of shifting to remote working

• The implications of the growing number of applications to enable workforces and support customers

• Recommendations on what to focus on given the pace of change as you migrate to the cloud

Although ransomware captures most of the headlines, Advanced Persistent Threats, or APT, are the silent assassins in the hackers arsenal. With an objective to quietly infiltrate a target network and remain undetected for as long as possible, the impact of a successful APT is far greater than paying a ransom. This session will focus on the Who, What, Why and How of an APT and the steps organizations should be taking to protect themselves. Our two experienced presenters will share their knowledge during an engaging fireside chat.

Please take time to visit our sponsors, and interact live with speakers and staff members within their booths.

In this presentation, an experienced Recorded Future analyst outlines a high-level landscape of tactics and techniques tagged in our data sources as mapped to the MITRE ATT&CK framework over 2020. Viewers will gain familiarity with the MITRE ATT&CK framework, with particular relevance to security teams that rely on the framework to inform red and blue team exercises, penetration testing, threat hunting, and various security protocol prioritizations.

Discover the art and science behind deception, and why you may still fall for dirty tricks even after you understand how they work. From the slight-of-hand used by magicians, to the slight-of-tongue used for social engineering, we are all wired to deceive and to be deceived. See how threat actors use these techniques against your end-users and how security awareness training can help them spot deceptions before it’s too late. Join Perry Carpenter, KnowBe4’s Chief Strategy Officer, as he shows you how easily we can be deceived and how that relates to our understanding of social engineering scams that come our way. During this intriguing session, Perry will share his insights and answers to these questions:

  • Are we wired for deception?
  • Why are some more susceptible to manipulation than others?
  • How do hackers use these techniques to create scenarios to entrap your employees?
  • How can you ethically leverage these techniques to bring about desired behavior change?

Please take time to visit our sponsors, and interact live with speakers and staff members within their booths.

APIs are the lifeblood of modern Internet-connected services and they are becoming an increasingly popular target for cyber attacks. Daniele Molteni, Firewall Product Manager at Cloudflare, will discuss the most common security threats for API traffic and what technologies can be deployed to identify vulnerabilities and defend critical infrastructure.

Security and DevOps has historically been rather fraught. Why?! How can we make that relationship better and what impacts will it have? Stu discusses a raft of areas where Security can speed up DevOps.

Public cloud providers like AWS, Azure, and GCP enable you to deliver new products and capabilities at breakneck speeds, but how do you balance speed to market against compliance mandates and risk – do you have to choose?

Join Patrick Pushor, Technical Evangelist at Orca Security, for a fast-paced session as he takes you through best practices, and pitfalls to avoid in securing public cloud infrastructure.
-6 risks hiding inside every public cloud estate
-How to get instant-on, workload-level visibility across 100% of your AWS, Azure, and GCP assets
-The power of addressing both the control plane and data plane at once
-Pros and cons of different cloud security tools: traditional agent-based tools and scanners, CWPP (cloud workload protection platforms), and CSPM (cloud security posture management)

Improve security, lower costs, and become more efficient by evolving to a risk based vulnerability management approach.  This session will cover common mistakes made in cyber risk management and provide practical advice for becoming more effective. Move beyond basic resiliency with intelligence, machine learning, and effective prioritisation.  Learn how to align to the business and communicate the value of cyber risk reduction effectively.

  • Using risk-based prioritisation to improve resilience and become “anti-fragile”
  • Practical steps to achieving risk-based vulnerability management and a roadmap for achieving successful risk prioritisation
  • How to align cyber resilience goals with the business and improve management support for your security programme

Colonel John Doody is the Author of “From Stripes to Stars” & Director of Interlocutor Services,  a company established to promote Information Assurance & Cyber Security issues nationally & internationally Prior to this John served at CESG/GCHQ for 10 years in the role of Head of Information Assurance Customer Services.

Roland Cloutier, CISO of Tik Tok

As Global Chief Security Officer of ByteDance & TikTok, Roland Cloutier brings an unprecedented understanding and knowledge of global protection and security leadership to one of the world’s largest leading media, social, and online technology companies. He oversees the company’s information protection, risk, workforce protection, crisis management, & investigative-security operations worldwide.Prior to joining TikTok in 2020, he was previously Chief Security Officer (CSO) at payroll-services firm ADP. Cloutier spent about 10 years at ADP, & before that served as CSO at data-storage vendor EMC (now owned by Dell). Also, he has over a decade of experience serving the USAF, & US Depts. of Defense, & Veterans Affairs. He is also the author of business book “Becoming a Global Chief Security Executive Officer,” published in 2015.

Many important Global Cyber issues will be covered in a wide-ranging live Q & A between Roland & Col. John Doody.

The line between IT and security is blurring. What was once a simple delineation between keeping information safe and providing the tools necessary to get work done is no longer clear. Seemingly overnight, a foundational understanding of what devices, users, and cloud instances exist in environments have jumped to the top of CISOs’ lists. In this new enterprise, why does asset management – once a pure IT play – matter for cybersecurity? How can both the IT and security teams benefit from cybersecurity asset management? Join this session with Nathan Burke of Axonius to learn: – Why so many security frameworks consider asset management to be foundational – The difference between asset management for IT and asset management for security – Why the asset management problem hasn’t been solved yet — and what to do about it.

Please take time to visit our sponsors, and interact live with speakers and staff members within their booths.

Bogged down by alert overload and manual processes, most security operations teams are unable to detect and respond to threats at the speed of business. This session will examine the main challenges facing security teams and what can be done to reduce response times using a combination of people, processes and tools.

Threat Hunting is a pro-active approach that doesn’t wait for alarms to go off. Today’s attackers are equipped with increasingly sophisticated methods that can breach even the most heavily protected IT infrastructure. In most cases, attackers understand the entire target supply chain and SOC tech stack before they begin. To keep your organization safe, you should consider building out the proactive parts of your security teams. Join Graylog to discuss the benefits of having a threat hunting team, including when and why you would want to put a threat hunting team in place.

Colonel John Doody is the Author of new book “From Stripes to Stars” & Director of Interlocutor Services,  a company established to promote Information Assurance & Cyber Security issues nationally & internationally Prior to this John served at CESG/GCHQ for 10 years in the role of Head of Information Assurance Customer Services.

Robert Hannigan currently serves as a senior executive of Blue Voyant, a US-based cyber security services company, & as an adviser to a number of international companies. He was the Director of GCHQ & stepped down at the end of April 2017 to pursue a career in private sector cyber security & academia.

This encounter, between ex-Senior GCHQ Executives should be fascinating, as they discuss the cyber threats facing the world in 2021.

Enjoy a catch up with speakers, sponsors & peers and join our entertainment from The Fanatics!

“They’re hot. They rock. They get the party started!” Highly recommended by the many clients whose events they have set off with a bang, The Fanatics are an award-winning band, and among the industry’s favourite crowd-pleasers. With a repertoire spanning funk, soul, rock & pop, with killer male and female lead vocals, The Fanatics are a party powerhouse guaranteed to rock your dancefloor.
Recent gigs include the 2019 Gymnastic World Cup, where they performed for 16,000 people at the NEC, and 2 million BBC viewers.

Days
Hours
Minutes
Seconds
0
Delegates booked so far

Sponsors

Community Area

Books

Home Workouts

Recipe

spaghetti Bolognese
Days
Hours
Minutes
Seconds