Programme Day 1
- · The growing risks and costs of cybercrime to businesses
- · The importance of cyber skills and strategies
- · The threats to businesses and how to overcome them
- · The latest tools and technologies to fight cyber-attacks
The mystery behind the terms “AI” and “Machine Learning” to look at some key questions:
• Just how advanced are we with Artificial Intelligence?
• Some common misconceptions about AI
• Research around Machine Learning and how to break it
• How Machine Learning could be weaponised against us
• The role that humans still have to play in the Detection and Response lifecycle
AI and Machine Learning are not “magic”. This talk is designed to look behind the curtain and give you the insight you need to make more informed decisions as AI and ML become more commonplace in the cyber security industry.
Lights Out: How Hackers Target Critical Infrastructure
Cyber crime has surged up the news agenda and now presents a very real risk to our critical services: hospitals, political processes and the energy networks have all become targets.
Investigative journalist Geoff White has spent years researching the shadowy nexus of criminal hackers, state-sponsored cyber attackers and hacktivists movements behind this evolving threat.
In this talk he will discuss real-world examples of attacks on critical national infrastructure, and what they tell us about the increasing convergence of tactics, tools and psychology among previously disparate cyber threat groups.
Businesses are increasingly using video conferencing to stay in contact with employees and customers across the world. However, this makes the platform a bigger target for cyber-attacks.
This session will detail:
- Video conferencing: Which services are businesses using and what are the risks?
- Business apps via consumer: Why use cases aren’t the same
- End-to-end encryption: Is this a deal-breaker for businesses?
- To Zoom or not to Zoom: Is Zoom safe?
Please take time to visit our sponsors, and interact live with speakers and staff members within their booth.
As employees continue to work from home during the COVID-19 pandemic, a myriad of threats has emerged. Phishing emails utilising COVID-19 have become commonplace, and insecure working practices have been thrust into the limelight.
Six months into the pandemic, as some businesses consider if and when they will return to the office — at least part time — what has been learned? This session will cover:
- Threats when working from home
- What has been learned since lockdown first began?
- What security gaps still exist and how can these be addressed?
- Why regular training is the key to success
The cost of an attack is rising. According to Accenture and the Ponemon Institute, the average cost of a cyber-attack is now $13 million.
- The costs of attack, both financial and reputational
- What types of attacks are most common in 2019?
- Examples of high-profile attacks: big hacks and exposed data
- Is it possible to prevent an attack?
- The basic security measures that every business must have in place
- Why the board room must include security in overall business strategy
- Developing methods of monitoring the network for attack
Please take time to visit our sponsors and network in our lounge.
It’s even harder to implement tough data protection regulation such as the GDPR during a pandemic. However, with cyber-criminals going overboard during COVID-19, the GDPR is more important than ever.
This talk will cover:
- GDPR during COVID-19: What’s the problem?
- Examples of where things can go wrong, and the consequences
- How to help make your business more resilient to breaches of GDPR during COVID-19
- The human factor: Why staff need to be up to date on the data protection threats they face
Industry 4.0 is a massive digital transformation of manufacturing, supply chains and their relationships to product engineering processes and customers. While the economic benefits of this Industrial Digital Revolution are massive, so are the potential Cybersecurity threats. The first main vulnerability drivers will be access security to the industrial equipment and the interaction between OT & IT and Industrial applications. The presentation will cover a new way to approach industrial cybersecurity with 3 easy steps to reduce these vulnerabilities.
– Learn about the cybersecurity challenges of Industrial IoT
– Learn why and how to apply to principle of ZERO TRUST with technologies such as EPM and PAM to secure industrial environments
– Benefit from real use cases and industrial cybersecurity best practices
The most valuable IT assets in your organization are identities and the most vulnerable identities have privileged access.
Traditional approaches to privileged access management (PAM) focus on the account, vaulting the password, changing the password and recording who does what with the account. Often these controls to mitigate risk will introduce friction to agile automation and devops exercises, while creating a burden on operational costs.
In this webinar One Identity will talk about some of the trends that are driving the future of privileged access management and things to consider in your PAM strategy for increasing value from existing digital investment, mitigating risk from privileges in motion and removing friction from introducing next generation privilege management controls.
Security experts already know that the weakest link is the business’ employees. But hackers are also realising this and are constantly finding more innovative ways to attack. This session will cover:
- The rise of spear phishing and social engineering
- Examples of data breaches that started this way
- Educating employees: why real life scenarios help
- Managing access to data
- Password security: An essential factor that firms often get wrong
The insider threat: When employees go rogue
Famous for the WannaCry attack that hit the NHS, ransomware continues to target businesses and the public sector. The effect can be catastrophic: In the US a number of local governments were forced offline because of this malware. Meanwhile aluminium producer Norsk Hydro was forced to switch to manual operations after being hit with ransomware.
This session will cover:
- Why the malicious software is a particularly big threat – and who is at risk
- Why if the ransom is paid, there’s no guarantee that information will be released
- How to regularly back up data to avoid ransomware having an impact and other strategies
- Paying out: should you ever pay the ransom?
According to the government, 14 billion objects are connected to the internet and by 2020, it could be as many as 100 billion worldwide.
- How you might be using IoT but not know it
- Data privacy: coping with the information created by IoT
- Security by design: Is the UK government’s IoT strategy having an impact?
- An IoT security strategy
- 2020 predictions
Among rapidly evolving technological advancements, the emergence of AI-enhanced malware is making cyber-attacks exponentially more dangerous and harder to identify. In the near future, we will begin to see supercharged, AI-powered cyber-attacks leveraged at scale. To protect against offensive AI attacks, organizations are turning to defensive cyber AI, which can identify and neutralize emerging malicious activity, no matter when, or where, it strikes.
In this session, learn about:
- Paradigm shifts in the cyber landscape
- Advancements in offensive AI attack techniques
- The Immune System Approach to cyber security and defensive, Autonomous Response capabilities
- Real-world examples of emerging threats that were stopped with Cyber Al
Overview Coming Soon
Enjoy a catch up with speakers, sponsors & peers and join our after party and DJ Set.
Programme Day 2
Hacktivism has been around for some time, but the most famous of these hacker groups, Anonymous, has been laying low. That’s until recently, when the group re-emerged following protests after the death of George Floyd to call out police brutality and support the Black Lives Matter (BLM) cause.
The group often hacks in the name of good causes, but how can this impact businesses? This session will cover:
- Hactivism: What is it and how has it changed?
- The return of Anonymous: What are its aims?
- How can hacktivism affect your business, and what can you do about it?
Incident response can be tricky at the best of times, so how does it work during COVID-19 when the workforce is likely to be remote and separated? This session will cover:
- The increased risk of a cyber-attack during COVID-19: What are the biggest threats and why?
- Incident response best practices
- Remote incident response: How is it different?
- How to update your incident response playbook and keep the whole workforce up to date
Ransomware was devastating enough before the COVID-19 pandemic — and the threat is not going away. In fact, the damage could be even worse for firms already cash strapped as the UK economy continues to nosedive. So, what can be done? This session will cover:
- Examples of ransomware attacks during COVID-19
- What can be learned from incidents?
- Should you pay the ransom?
- Best practices and training to ensure ransomware can’t take down your business
Nation states have been using cyber-attacks and espionage for years. Now their arsenal ranges from website defacement and attacks on critical infrastructure such as power grids to disinformation and industrial espionage. This session will analyse which nations are the biggest threat to UK businesses, looking at the tools, tactics and techniques of the big four: China, Russia, Israel and North Korea.
As part of this, it will also examine the growing threat from countries such as Iran following escalations in tension between Iran and the U.S. Overall, it will assess which nation is the biggest threat to the U.K., revealing who is most at risk, asking what businesses can do to protect themselves.
Passwords alone as a form of security are not reliable. They are often revealed in breaches and employees choose insecure credentials which they reuse across services – which isn’t good for business. This talk will cover.
- Why passwords alone are not suitable to secure valuable business data and accounts
- Two factor and multi factor authentication: Best practices
- Biometrics: Are they good enough?
- The benefits of security keys
Many companies hire professional social engineers to try and infiltrate their business as a type of “penetration test.” This session will introduce a professional social engineer who will share their tips and tricks to entice employees into giving up their data or give access to buildings or systems. As part of this, the talk will offer some practical tips for businesses to help ensure their employees know what to look out for.