Agenda

2023 Phishing By Industry Benchmarking Report: How Does Your Organisation Measure Up

Javvad Malik, Lead Security Awareness Advocate, KnowBe4

As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to be a race between effective technology and ever evolving attack strategies from the threat actors. However, there’s an often-overlooked security layer that can significantly reduce your organisation’s attack surface: New-school security awareness training.

• Understanding who’s at risk and what you can do about it
• Actionable tips to create your “human firewall”
• The value of new-school security awareness training

How to Build a Resilient Human Firewall

Jason Price, Systems Engineer, Red Helix & Javvad Malik, Lead Security Awareness Advocate, Knowbe4

Most cyber-attacks begin with phishing and so your ‘human firewall’ can be either your strongest or weakest defence. But building a resilient human firewall involves changing behaviour, which is always a challenge. In this presentation we will equip you with the theory and real-world examples to:

• Grow a positive culture of personal responsibility for cyber hygiene.
• Teach your staff to spot clever phishing and spoofing emails for what they are.
• Empower people to signal when they think they’ve been scammed.

We will provide practical examples of how we improve cyber-vigilance for our clients so that you leave the session equipped with sure fire strategies to strengthen the security culture in your organisation.  

3 New Ways Cybercriminals are Targeting your Email

Steven Wills, Senior Systems Engineer, UKIE

New types of impersonation. Better AI. Shifts to collaboration applications. Cybercrime is a business, and criminals are always looking for new ways to steal money.

Join us for this session where Steven Wills, Senior Systems Engineer, will discuss:

• How threat actors are shifting away from the CEO fraud of the past
• Why tools like ChatGPT could be incredibly dangerous
• What new threats are on the horizon
• And how you can better protect your organization from all of it

Your Path to Cyber Resilience

Jorge Montiel, Head of Sales Engineering - EMEA, Red Sift

Now is the time to delve into strategies for enterprise organisations to uncover, oversee, and safeguard vulnerabilities across their email, domain, and web attack surfaces. The Red Sift Pulse platform has capabilities that can be leveraged.

What attendees will learn:

• Detect both visible and concealed attacks on their domains proactively 
• Protect against phishing and BEC attacks 
• Streamline routine investigations and automate remedial actions 
• Transition from project-based approaches to continuous processes to effectively combat evolving threats.

Breaking down Europe’s top InfoSec & Cybersecurity frameworks: Tips to evaluate your current state or next steps

Jorge Ferrer Raventos, Principle Solutions Engineering Specialist, OneTrust

Join us as we break down the ins and outs of ISO/IEC 27001 in comparison to SOC 2, the EU Cybersecurity Act, the NIS2 Directive, the Digital Operational Resilience Act (DORA) or the UK Cyber Essentials as other examples of standards to keep top of mind.  

• Review the timelines, frequency, and scope of the latest updates across Europe’s most referenced frameworks.  
• Understand what frameworks might be the best fit for your organisation based on business needs and resources.  
• Identify framework overlap and program considerations to remove duplication, complexity, and effectively test once, comply many.  

Frustrate Attackers, Not Users – Secure, Exceptional User Experience

Nilesh Halai, SASE Sales Acceleration EMEA, Cisco

Today’s digital landscape is constantly changing, and modern networks extend from the private datacenter to the cloud to the remote user, including their professional and personal devices. This complexity has led to larger attack surfaces, resulting in more threats and in response, more intrusive security measures. Traditionally, stronger security created more complex management, forcing administrators to manage an average of 76 different security tools, and this complexity can allow attackers to persist on the network longer without detection. It also creates a poorer end user experience, requiring users to login repeatedly and manage their VPN connection, which frustrates users and sometimes leads them to circumvent security practices. 

In this presentation, we will cover the prevailing industry trends, pain points, and look at the roles of modern solutions like Secure Service Edge (SSE) and Extended Detection and Response (XDR) in countering and alleviating these pain points. 

• Trends and Pain Points 
• User Experience versus Security 
• Admin Experience and Visibility 
• Modern Solutions (SSE and XDR)

Evolution of attackers & the need for Red Teaming in modern cybersecurity

Zach Fleming, Head of Red Teaming, Integrity360

Join Integrity360’s Head of Red Teaming, Zach Fleming, for a deep dive into the constantly changing threat landscape and gain insights into how attackers have evolved, bypassing even the latest and most sophisticated tooling. Going beyond the tools and technology, Zach will also shed light on the often-overlooked element of human error. Learn how regular red teaming exercises can be the critical difference in ensuring robust cyber security in today's dynamic environment.

In this session:

• The Modern Attacker: An insight into how cyber adversaries have evolved over the years, now leveraging sophisticated tools to outsmart conventional defence mechanisms
• Beyond Technology: How the human element, often neglected in cyber security discourse, can become the weakest link, rendering state-of-the-art tools ineffective
• Workload Pressures: Understand how the stresses of increasing workloads can diminish the efficacy of security solutions, making organisations more vulnerable to breaches
• Red Teaming - Not Just a Luxury: Recognise that red teaming is no longer an optional exercise for large corporations but a necessity for businesses of all sizes in ensuring a resilient defence against evolving threats
• Marrying Tech & Talent: The realisation that even the best technologies are only as good as the professionals behind them, emphasising the importance of capacity and capability in tandem

The growing role of DFIR in resilient incident response strategies

Tim Thorne, Product Evangelist, Binalyze

How DFIR is disrupting the traditional digital forensics landscape and delivering forensic capability to the centre of the security stack.

What attendees will learn:

• Cybersecurity and the growing revolution powered by DFIR
• The benefits of speed and automation with DFIR
• Leveraging DFIR to reduce caseloads, dwell time, and alert fatigue 
• Empowerment, resilience, and enhanced security posture thanks to DFIR

Data Awareness: A Three-Step Model to Mitigate Data Theft

Stephen Cavey, Co-Founder & Chief Evangelist, Ground Labs

Data theft continues to grow in both frequency and scale. There’s never been a better time for organizations to establish an evidence-based approach to data awareness for data security.

In this session, you’ll learn:

• How your company may be inadvertently enabling data theft and subsequent identity fraud through its data practices
• Why data awareness is crucial to effectively identifying and managing your risk of data theft
• How adopting a three-step model to enhance your data awareness with evidence-based discovery helps mitigate your risk of data theft amid emerging threats and increasing data regulation

A day in the life of 'YOUR' sensitive data

Ketan Pyne, Presales Technical Consultant, Thales

Today’s businesses and governments depend on the cloud, data, and software to deliver trusted digital services. That is why the most recognized brands and organizations around the world rely on Thales to help them protect sensitive information and software wherever it is created, stored or accessed – from the cloud and data centers to devices and across networks. As the global leader in data security and software licensing, Thales solutions enables organisations to move to the cloud securely, achieve compliance with confidence, create more value from their software, and deliver seamless digital experiences for millions of consumers every day.

Whether you’re looking to guard against abuse by privileged users, encrypt sensitive data in a database, or address your compliance mandates in the cloud, Thales can help. Key takeaways:

• What do you know about the data that you are unknowingly generating and disclosing?
• What are the responsibilities of the 3rd parties who acquire your data?
• Can you do anything about it?
• Learn good basic cyber security practices by managing your daily information disclosure and consumption

Bringing mobile intelligence to the fight against fraud

Clare Messenger, Commercial Strategy & Business Development Mobile Intelligence, JT Global

With fraud an ever present and rapidly evolving threat to individuals and businesses we look at how mobile intelligence data can be used to detect and prevent fraud, create better secure authentication experiences for customers, and add real-time value to KYC checks.

To successfully fight fraud demands an intimate understanding of how it’s perpetrated and how technology and social trends are driving it. Without the understanding of how cybercriminals are exploiting opportunities, organisations often fail to create robust and holistic fraud prevention measures that can detect and prevent fraud from happening in the first instance.

Mobile network operators hold a vast amount of real-time data that can be interrogated and leveraged to combat today’s most common and harmful frauds such as SIM swap fraud, Account Takeover and Authorised Push Payment fraud. Exposing the right data at the right time can and is having positive results for financial services battling a torrent of multiple attack vectors.

• Educating organisations about the threats from fraud
• The wealth of data from Mobile Network Operators
• Creating better customer experiences
• How greater collaboration will fight the war on fraud

Your Phone: The new Frontier of Malware, Scams and Fraud

Maurits Lucas, VP of Sales Engineering & Product Marketing, ThreatFabric

ThreatFabric has built their reputation by discovering over 80% of all mobile malware families. As the frontier of cyberthreats is increasingly shifting to mobile devices, we invite you to join us to learn about the latest updates on the mobile threat landscape, along with emerging trends and threats in the UK (and neighbouring countries). You’ll learn how the frontier is moving; and we’ll answer the most important questions: has it moved to the UK and what does this mean for your organization and customers?

What you’ll learn:

• The UK mobile threat landscape
• Latest methods of how victims are compromised
• Trends in Device TakeOver (DTO), droppers and distribution, most popular malware families and how they are operated
• What you can do to be proactive

Exploring the Cybercrime Ecosystem

Dave Gill, EMEA Channel Director, KELA 

• Understand and simplify the complex world of the cybercrime ecosystem
• Gain insights into the motivations, tactics, and strategies of cybercriminals
• Learn how defenders can protect their organization's assets

The Future of the Human Risk Reduction

Petri Kuivala, Strategic Advisor, Hoxhunt

Cyber Security comes together in a holy marriage of People, Processes and Technology. CISO´s needs to engage people as their force multipliers as they will not survive alone in the constantly evolving world.

Join this interactive session to learn more about;

• The CISO veteran & start-up coach thoughts about the People role in Future with the Cyber Security context
• Be ready with your phone having www.menti.com open to donate your ideas back in to the conversation. “Hold on your chair as Texas is going bye bye….the Matrix”.

Thwarting the Barbarians: Gates, Guards and Governance

Malcolm Murphy, Senior Director, Sales Engineering, Mimecast

Let’s put the noise to one side for a moment. Most attacks start with an email, and that gives us great insight into what attacks are actually out there right now. Once we know that, we can determine how best to respond: what we need from technology and how to enable our people to play their part.

What you will learn:

• The nature of today’s threat landscape
• The role users play in maintaining security
• Where AI is useful, and why over-reliance is risky
• How to get the most out of your cyber-security investments

How do you know what to look for when Threat Hunting?

Ollie Sheridan, Senior Sales Engineer, Bitdefender

With an increasingly large amount of data being logged in to SIEMs, a treasure trove of data avails itself for both current and retrospective analysis. When approaching at this huge amount of data, where do you start? Having access to known threats and possible indications of compromise, you can equip yourself you with the tools needed to hunt down and eliminate known threats within our environment, resulting in more secure systems.

• How to automate threat hunting within the data you have collated
• How Bitdefender makes this high fidelity data available
• Understand the extent of C2C DNS requests, malicious IP connectivity and the existence of unwanted files within your environment
• Learn how this can improve your security posture and accelerate investigations by your SOC team

What is data lineage? (And how it’s transforming data security)

David Mole, Sales Engineer- EMEA, Cyberhaven

For over 20 years, data security technology has relied on content analysis to automatically classify data. Whether you’re using simple RegEx or complex machine learning, there are limits to what kinds of data you can classify by looking at the content alone. Enter, data lineage. Advances in graph database technology have made it possible to track all data within an organisation—where it originated, where it went, and who modified it. Whether client documents, source code, or product designs, data lineage is making it possible to protect a wider range of sensitive information with fewer false positives than ever before.

This session will cover an overview of data lineage and how it’s changing security with: 

• Visibility into how data moves within your organisation
• Better data classification than content-based approaches
• Rich context to accelerate investigations