Agenda
08:00 - 09:00 |
Registration and Networking Break |
09:00 - 09:20 |
► Chairman’s welcome and opening remarks Simon Brady, Managing Editor, AKJ Associates
|
09:20 - 09:40 |
► Why Cloud should make us think differently about security Ryan Aldred, Head of Cloud Security, Lloyds Banking Group
|
09:40 - 10:00 |
► From Prey to Play: Think like an Attacker to level up your Security Elliot Went, Senior Security Engineer, SentinelOne Join Senior Security Engineer, Elliot Went as he delves into:
|
10:00 - 10:20 |
► The Misperceptions of the Cybersecurity Skills Gap Purvi Kay, Head of Cybersecurity Governance Risk and Compliance, BAE Systems PLC
|
10:20 - 11:00 |
► Education Seminar Session 1 Delegates will be able to choose from the following education seminars:
|
11:00 - 11:30 |
Networking Break |
11:30 - 11:50 |
► The Importance of Transparency Eleanor Fairford, Deputy Director Incident Management, National Cyber Security Centre (NCSC);
|
11:50 - 12:10 |
► Cyber breach walkthrough: How to build cyber resilience to prevent disruption Andy Lalaguna, Senior Solutions Architect, eSentire & Keith Archer, Commercial Director, Babble Defence An interactive cybersecurity breach presentation covering:
|
12:10 - 12:30 |
► The Top Ways Threat Actors Target Organisations from the Dark Web Jim Simpson, Director of Threat Intelligence, Searchlight Cyber
|
12:30 - 12:50 |
► Cyber threats and risk transfer through insurance Christie Jones, Cyber Underwriter & Marc Pujol, Cyber Security Specialist, Tokio Marine HCC
|
12:50 - 13:30 |
► Education Seminar Session 2 Delegates will be able to choose from the following education seminars:
|
13:30 - 14:30 |
Lunch and Networking Break |
14:30 - 14:50 |
► Getting ahead of generative AI risk Dr. Joseph Da Silva, CISO, RS Group PLC
|
14:50 - 15:10 |
► How to defend your workforce with phishing-resistant MFA Stephen Bennett, Senior Solutions Engineer, Okta
|
15:10 - 15:30 |
► You forgot you left the network on... Barry Johnson, Managing Director / CEO at PointWire - Security Engineering Specialists - on behalf of Corelight
|
15:30 - 16:10 |
► Education Seminar Session 3 Delegates will be able to choose from the following education seminars:
|
16:10 - 16:30 |
Networking Break |
16:30 - 17:10 |
► Senior Leadership Panel Discussion Simon Brady, Event Chairman & Moderator, AKJ Associates;
|
17:10 - 17:30 |
► Bypassing Multi-Factor Authentication (MFA) via Phishing Techniques
|
17:30 - 17:35 |
Chairman's Closing Remarks |
17:35 - 18:30 |
Drinks Reception and Networking Break |
Education seminars
2023 Phishing By Industry Benchmarking Report: How Does Your Organisation Measure Up
Javvad Malik, Lead Security Awareness Advocate, KnowBe4
As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to be a race between effective technology and ever evolving attack strategies from the threat actors. However, there’s an often-overlooked security layer that can significantly reduce your organisation’s attack surface: New-school security awareness training.
- Understanding who’s at risk and what you can do about it
- Actionable tips to create your “human firewall”
- The value of new-school security awareness training
How to Build a Resilient Human Firewall
Jason Price, Systems Engineer, Red Helix & Javvad Malik, Lead Security Awareness Advocate, Knowbe4
Most cyber-attacks begin with phishing and so your ‘human firewall’ can be either your strongest or weakest defence. But building a resilient human firewall involves changing behaviour, which is always a challenge. In this presentation we will equip you with the theory and real-world examples to:
- Grow a positive culture of personal responsibility for cyber hygiene.
- Teach your staff to spot clever phishing and spoofing emails for what they are.
- Empower people to signal when they think they’ve been scammed.
We will provide practical examples of how we improve cyber-vigilance for our clients so that you leave the session equipped with sure fire strategies to strengthen the security culture in your organisation.
3 New Ways Cybercriminals are Targeting your Email
Steven Wills, Senior Systems Engineer, UKIE
New types of impersonation. Better AI. Shifts to collaboration applications. Cybercrime is a business, and criminals are always looking for new ways to steal money.
Join us for this session where Steven Wills, Senior Systems Engineer, will discuss:
- How threat actors are shifting away from the CEO fraud of the past
- Why tools like ChatGPT could be incredibly dangerous
- What new threats are on the horizon
- And how you can better protect your organization from all of it
Your Path to Cyber Resilience
Jorge Montiel, Head of Sales Engineering - EMEA, Red Sift
Now is the time to delve into strategies for enterprise organisations to uncover, oversee, and safeguard vulnerabilities across their email, domain, and web attack surfaces. The Red Sift Pulse platform has capabilities that can be leveraged.
What attendees will learn:
- Detect both visible and concealed attacks on their domains proactively
- Protect against phishing and BEC attacks
- Streamline routine investigations and automate remedial actions
- Transition from project-based approaches to continuous processes to effectively combat evolving threats.
Breaking down Europe’s top InfoSec & Cybersecurity frameworks: Tips to evaluate your current state or next steps
Jorge Ferrer Raventos, Principle Solutions Engineering Specialist, OneTrust
Join us as we break down the ins and outs of ISO/IEC 27001 in comparison to SOC 2, the EU Cybersecurity Act, the NIS2 Directive, the Digital Operational Resilience Act (DORA) or the UK Cyber Essentials as other examples of standards to keep top of mind.
- Review the timelines, frequency, and scope of the latest updates across Europe’s most referenced frameworks.
- Understand what frameworks might be the best fit for your organisation based on business needs and resources.
- Identify framework overlap and program considerations to remove duplication, complexity, and effectively test once, comply many.
Frustrate Attackers, Not Users – Secure, Exceptional User Experience
Nilesh Halai, SASE Sales Acceleration EMEA, Cisco
Today’s digital landscape is constantly changing, and modern networks extend from the private datacenter to the cloud to the remote user, including their professional and personal devices. This complexity has led to larger attack surfaces, resulting in more threats and in response, more intrusive security measures. Traditionally, stronger security created more complex management, forcing administrators to manage an average of 76 different security tools, and this complexity can allow attackers to persist on the network longer without detection. It also creates a poorer end user experience, requiring users to login repeatedly and manage their VPN connection, which frustrates users and sometimes leads them to circumvent security practices.
In this presentation, we will cover the prevailing industry trends, pain points, and look at the roles of modern solutions like Secure Service Edge (SSE) and Extended Detection and Response (XDR) in countering and alleviating these pain points.
- Trends and Pain Points
- User Experience versus Security
- Admin Experience and Visibility
- Modern Solutions (SSE and XDR)
Evolution of attackers & the need for Red Teaming in modern cybersecurity
Zach Fleming, Head of Red Teaming, Integrity360
Join Integrity360’s Head of Red Teaming, Zach Fleming, for a deep dive into the constantly changing threat landscape and gain insights into how attackers have evolved, bypassing even the latest and most sophisticated tooling. Going beyond the tools and technology, Zach will also shed light on the often-overlooked element of human error. Learn how regular red teaming exercises can be the critical difference in ensuring robust cyber security in today's dynamic environment.
In this session:
- The Modern Attacker: An insight into how cyber adversaries have evolved over the years, now leveraging sophisticated tools to outsmart conventional defence mechanisms
- Beyond Technology: How the human element, often neglected in cyber security discourse, can become the weakest link, rendering state-of-the-art tools ineffective
- Workload Pressures: Understand how the stresses of increasing workloads can diminish the efficacy of security solutions, making organisations more vulnerable to breaches
- Red Teaming - Not Just a Luxury: Recognise that red teaming is no longer an optional exercise for large corporations but a necessity for businesses of all sizes in ensuring a resilient defence against evolving threats
- Marrying Tech & Talent: The realisation that even the best technologies are only as good as the professionals behind them, emphasising the importance of capacity and capability in tandem
The growing role of DFIR in resilient incident response strategies
Tim Thorne, Product Evangelist, Binalyze
How DFIR is disrupting the traditional digital forensics landscape and delivering forensic capability to the centre of the security stack.
What attendees will learn:
- Cybersecurity and the growing revolution powered by DFIR
- The benefits of speed and automation with DFIR
- Leveraging DFIR to reduce caseloads, dwell time, and alert fatigue
- Empowerment, resilience, and enhanced security posture thanks to DFIR
Data Awareness: A Three-Step Model to Mitigate Data Theft
Stephen Cavey, Co-Founder & Chief Evangelist, Ground Labs
Data theft continues to grow in both frequency and scale. There’s never been a better time for organizations to establish an evidence-based approach to data awareness for data security.
In this session, you’ll learn:
- How your company may be inadvertently enabling data theft and subsequent identity fraud through its data practices
- Why data awareness is crucial to effectively identifying and managing your risk of data theft
- How adopting a three-step model to enhance your data awareness with evidence-based discovery helps mitigate your risk of data theft amid emerging threats and increasing data regulation
A day in the life of 'YOUR' sensitive data
Ketan Pyne, Presales Technical Consultant, Thales
Today’s businesses and governments depend on the cloud, data, and software to deliver trusted digital services. That is why the most recognized brands and organizations around the world rely on Thales to help them protect sensitive information and software wherever it is created, stored or accessed – from the cloud and data centers to devices and across networks. As the global leader in data security and software licensing, Thales solutions enables organisations to move to the cloud securely, achieve compliance with confidence, create more value from their software, and deliver seamless digital experiences for millions of consumers every day.
Whether you’re looking to guard against abuse by privileged users, encrypt sensitive data in a database, or address your compliance mandates in the cloud, Thales can help. Key takeaways:
- What do you know about the data that you are unknowingly generating and disclosing?
- What are the responsibilities of the 3rd parties who acquire your data?
- Can you do anything about it?
- Learn good basic cyber security practices by managing your daily information disclosure and consumption
Bringing mobile intelligence to the fight against fraud
Clare Messenger, Commercial Strategy & Business Development Mobile Intelligence, JT Global
With fraud an ever present and rapidly evolving threat to individuals and businesses we look at how mobile intelligence data can be used to detect and prevent fraud, create better secure authentication experiences for customers, and add real-time value to KYC checks.
To successfully fight fraud demands an intimate understanding of how it’s perpetrated and how technology and social trends are driving it. Without the understanding of how cybercriminals are exploiting opportunities, organisations often fail to create robust and holistic fraud prevention measures that can detect and prevent fraud from happening in the first instance.
Mobile network operators hold a vast amount of real-time data that can be interrogated and leveraged to combat today’s most common and harmful frauds such as SIM swap fraud, Account Takeover and Authorised Push Payment fraud. Exposing the right data at the right time can and is having positive results for financial services battling a torrent of multiple attack vectors.
- Educating organisations about the threats from fraud
- The wealth of data from Mobile Network Operators
- Creating better customer experiences
- How greater collaboration will fight the war on fraud
Your Phone: The new Frontier of Malware, Scams and Fraud
Maurits Lucas, VP of Sales Engineering & Product Marketing, ThreatFabric
ThreatFabric has built their reputation by discovering over 80% of all mobile malware families. As the frontier of cyberthreats is increasingly shifting to mobile devices, we invite you to join us to learn about the latest updates on the mobile threat landscape, along with emerging trends and threats in the UK (and neighbouring countries). You’ll learn how the frontier is moving; and we’ll answer the most important questions: has it moved to the UK and what does this mean for your organization and customers?
What you’ll learn:
- The UK mobile threat landscape
- Latest methods of how victims are compromised
- Trends in Device TakeOver (DTO), droppers and distribution, most popular malware families and how they are operated
- What you can do to be proactive
Exploring the Cybercrime Ecosystem
Dave Gill, EMEA Channel Director, KELA
- Understand and simplify the complex world of the cybercrime ecosystem
- Gain insights into the motivations, tactics, and strategies of cybercriminals
- Learn how defenders can protect their organization's assets
The Future of the Human Risk Reduction
Petri Kuivala, Strategic Advisor, Hoxhunt
Cyber Security comes together in a holy marriage of People, Processes and Technology. CISO´s needs to engage people as their force multipliers as they will not survive alone in the constantly evolving world.
Join this interactive session to learn more about;
- The CISO veteran & start-up coach thoughts about the People role in Future with the Cyber Security context
- Be ready with your phone having www.menti.com open to donate your ideas back in to the conversation. “Hold on your chair as Texas is going bye bye….the Matrix”.
Thwarting the Barbarians: Gates, Guards and Governance
Malcolm Murphy, Senior Director, Sales Engineering, Mimecast
Let’s put the noise to one side for a moment. Most attacks start with an email, and that gives us great insight into what attacks are actually out there right now. Once we know that, we can determine how best to respond: what we need from technology and how to enable our people to play their part.
What you will learn:
- The nature of today’s threat landscape
- The role users play in maintaining security
- Where AI is useful, and why over-reliance is risky
- How to get the most out of your cyber-security investments
How do you know what to look for when Threat Hunting?
Ollie Sheridan, Senior Sales Engineer, Bitdefender
With an increasingly large amount of data being logged in to SIEMs, a treasure trove of data avails itself for both current and retrospective analysis. When approaching at this huge amount of data, where do you start? Having access to known threats and possible indications of compromise, you can equip yourself you with the tools needed to hunt down and eliminate known threats within our environment, resulting in more secure systems.
- How to automate threat hunting within the data you have collated
- How Bitdefender makes this high fidelity data available
- Understand the extent of C2C DNS requests, malicious IP connectivity and the existence of unwanted files within your environment
- Learn how this can improve your security posture and accelerate investigations by your SOC team
What is data lineage? (And how it’s transforming data security)
David Mole, Sales Engineer- EMEA, Cyberhaven
For over 20 years, data security technology has relied on content analysis to automatically classify data. Whether you’re using simple RegEx or complex machine learning, there are limits to what kinds of data you can classify by looking at the content alone. Enter, data lineage. Advances in graph database technology have made it possible to track all data within an organisation—where it originated, where it went, and who modified it. Whether client documents, source code, or product designs, data lineage is making it possible to protect a wider range of sensitive information with fewer false positives than ever before.
This session will cover an overview of data lineage and how it’s changing security with:
- Visibility into how data moves within your organisation
- Better data classification than content-based approaches
- Rich context to accelerate investigations