Agenda

Presentations already confirmed include:


►  Why Cloud should make us think differently about security

Ryan Aldred, Head of Cloud Security, Lloyds Banking Group

  • Firstly, is Cloud secure?
  • The realities of a shared responsibility model.
  • Continuous deployment, failing fast & agile.  How does security keep up?
  • Do we understand our new perimeter? What perimeter?
  • Infrastructure-as-Code, Security-as-Code, Everything-as-Code!
  • Are you ready?

 


► The Misperceptions of the Cybersecurity Skills Gap 

Purvi Kay, Head of Cybersecurity Governance Risk and Compliance, BAE Systems PLC

  • The fast-paced growth of digitalisation and rising demand for cyber professionals only increases the cyber skills gap.  
  • Or have we created an ‘artificial skills gap’ due to some misperceptions? 
  • This talk focuses on addressing some of these misperceptions that will help widen the cyber talent pool and improve the recruitment and retention of skilled professionals. 

► Getting ahead of generative AI risk

Dr. Joseph Da Silva, CISO, RS Group PLC

  • Why generative AI isn't going away.  
  • How emerging AI regulation is going to impact all businesses.  
  • How we (a FTSE100 company) are currently approaching the risk/benefit case.  
  • What we are saying to our employees.  

► Senior Leadership Panel Discussion 

Simon Brady, Event Chairman & Moderator, AKJ Associates;
Punit Bafna, Information Security Engineering Principal, BP;
Victor MurineanuInformation Security ManagerChelsea Football Club;
Stephen Cavey
, Co-Founder & Chief Evangelist, Ground Labs;
Matthew Kay, Data Protection Officer, Metro Bank;
Jason OzinCISOPIB Group

  • Integrating cybersecurity into wider enterprise risk management frameworks.  
  • Becoming a more strategic partner to the business? 
  • Building resilience against third-party security threats.  
  • Web 3.0 and the next generation of the internet: securing new technologies and service.

► The Importance of Transparency  

Mihaela Jembei, Director of Regulatory Cyber, Information Commissioner’s Office (ICO);
Eleanor FairfordDeputy Director Incident ManagementNational Cyber Security Centre (NCSC)

  • Why it’s in everyone’s interests to be more open about cyber-attacks.   
  • Exploring and dispelling the myths around responding to cyber-attacks.
  • How cybercriminals prey on misconception.  
  • Your regulatory responsibilities and beyond.
  • What we do and how we can help.

► From Prey to Play: Think like an Attacker to level up your Security

PJ Norris, Senior Security Engineer, SentinelOne

In any conflict, competitive situation or attack, it pays to think like your adversary. From troops on the battlefield calculating their next move to birds in the wild protecting their nests. Vital intel about your weaknesses or how your enemy might prevail can often be the difference between survival and compromise. Cybersecurity is no different. By gaining intelligence into the Tactics, Techniques and Procedures used by the adversary, we can predict how best to upscale our toolkits to thwart attackers from striking our systems. Join Solutions Engineer, PJ Norris as he delves into:

  • An overview of the current Threat Landscape: Current trends and how to mitigate
  • Sentinel Labs: The engine behind SentinelOne's threat intelligence and how their research fuels technology
  • Real world Threat Hunting case studies
  • How to take S1 for a test drive - Threat Hunting Workshops

► The Top Ways Threat Actors Target Organisations from the Dark Web

Jim Simpson, Director of Threat Intelligence, Searchlight Cyber

  • The top cybercriminal activity that can be observed on the dark web, including: initial access brokers, insider threats, and supply chain reconnaissance.
  • How organisations monitoring the dark web can identify this activity and enhance their defences.
  • Case study examples of how early warning on the dark web has been used to identify and stop cyberattacks in their tracks.

► Building A Culture Of Cybersecurity: The Pervasive Password Problem  

Jennifer Bell, Senior Solutions Consultant, LastPass

  • The pervasive password problem today
  • Current state v future state of passwords today
  • Cognitive dissonance and human behaviours in cybersecurity
  • 6 actionable steps for you to follow today, to help you build a solid culture of cybersecurity

► Cyber breach walkthrough: How to build cyber resilience to prevent disruption

Andy Lalaguna, Senior Solutions Architect, eSentire & Ash Hussain, Sales Director, Babble Defence, Babble

An interactive cybersecurity breach presentation covering:

  • The most disruptive emerging cyber threats currently being tracked by eSentire
  • How you can build cyber resilience to prevent business disruption
  • How eSentire and Babble work together to deliver cyber resilience in real-world use cases

► How to defend your workforce with phishing-resistant MFA

Okta

  • Even with a high cost of failure, why do organisations continue to fall for credential-based phishing attacks? 
  • Is it time to reevaluate the reliability of traditional MFA methods?
  • Find out how leading companies are leveraging advanced, secure alternatives to deliver phishing-resistant authentication

Education seminars


2023 Phishing By Industry Benchmarking Report: How Does Your Organisation Measure Up


Javvad Malik, Lead Security Awareness Advocate, KnowBe4

As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to be a race between effective technology and ever evolving attack strategies from the threat actors. However, there’s an often-overlooked security layer that can significantly reduce your organisation’s attack surface: New-school security awareness training.

  • Understanding who’s at risk and what you can do about it
  • Actionable tips to create your “human firewall”
  • The value of new-school security awareness training

How to Build a Resilient Human Firewall


Jason Price, Systems Engineer, Red Helix & Javvad Malik, Lead Security Awareness Advocate, Knowbe4

Most cyber-attacks begin with phishing and so your ‘human firewall’ can be either your strongest or weakest defence. But building a resilient human firewall involves changing behaviour, which is always a challenge. In this presentation we will equip you with the theory and real-world examples to:

  • Grow a positive culture of personal responsibility for cyber hygiene.
  • Teach your staff to spot clever phishing and spoofing emails for what they are.
  • Empower people to signal when they think they’ve been scammed.

We will provide practical examples of how we improve cyber-vigilance for our clients so that you leave the session equipped with sure fire strategies to strengthen the security culture in your organisation.  


3 New Ways Cybercriminals are Targeting your Email


David Lomax, SE Director, Abnormal Security

New types of impersonation. Better AI. Shifts to collaboration applications. Cybercrime is a business, and criminals are always looking for new ways to steal money.

Join us for this session where David Lomax, SE Director at Abnormal Security, will discuss:

  • How threat actors are shifting away from the CEO fraud of the past
  • Why tools like ChatGPT could be incredibly dangerous
  • What new threats are on the horizon
  • And how you can better protect your organization from all of it

 


Your Path to Cyber Resilience


Jorge Montiel, Head of Sales Engineering - EMEA, Red Sift

In this session Jorge Montiel will  explore how enterprise organizations can discover, manage and protect vulnerabilities across their email, domain, and web attack surfaces. Drawing on the capabilities of Red Sift’s Digital Resilience Platform, he will cover how organisations can: 

  • Detect seen and unseen attacks on your domain before they do any damage
  • Simplify routine investigation and automate remediation
  • Go from projects to process - attacks don’t work on a quarterly basis, so you can’t afford to either

What is data lineage? (And how it’s transforming data security)


David Mole, Sales Engineer- EMEA, Cyberhaven

For over 20 years, data security technology has relied on content analysis to automatically classify data. Whether you’re using simple RegEx or complex machine learning, there are limits to what kinds of data you can classify by looking at the content alone. Enter, data lineage. Advances in graph database technology have made it possible to track all data within an organisation—where it originated, where it went, and who modified it. Whether client documents, source code, or product designs, data lineage is making it possible to protect a wider range of sensitive information with fewer false positives than ever before.

This session will cover an overview of data lineage and how it’s changing security with: 

  • Visibility into how data moves within your organisation
  • Better data classification than content-based approaches
  • Rich context to accelerate investigations

Cyber-Risk Demystified: Simplified InfoSec Compliance for a Complex World


Jorge Ferrer Raventos, Principle Solutions Engineering Specialist, OneTrust

InfoSec program management is too inefficient to support the real-time needs of CISOs and their teams as they address the growing complexity of internal and external risks. The status quo - which often relies on antiquated tools, siloed processes, and over-investment in third parties - must yield to a more flexible, scalable, cost-effective approach. In this session, OneTrust introduces a new approach to enterprise-wide program development and automation that can meet the modern complexity of today’s businesses.  

Join this session to:  

  • Understand the limitations of InfoSec practices in today’s risk landscape
  • Identify five key areas of automation prime for organisations across the maturity spectrum
  • Translate program efficiencies into measurable benefits and results for the business

Frustrate Attackers, Not Users – Secure, Exceptional User Experience


Michael Fignon, Duo Security Leader, UK and MEA, Cisco

Today’s digital landscape is constantly changing, and modern networks extend from the private datacenter to the cloud to the remote user, including their professional and personal devices. This complexity has led to larger attack surfaces, resulting in more threats and in response, more intrusive security measures. Traditionally, stronger security created more complex management, forcing administrators to manage an average of 76 different security tools, and this complexity can allow attackers to persist on the network longer without detection. It also creates a poorer end user experience, requiring users to login repeatedly and manage their VPN connection, which frustrates users and sometimes leads them to circumvent security practices. 

In this presentation, we will cover the prevailing industry trends, pain points, and look at the roles of modern solutions like Secure Service Edge (SSE) and Extended Detection and Response (XDR) in countering and alleviating these pain points. 

  • Trends and Pain Points 
  • User Experience versus Security 
  • Admin Experience and Visibility 
  • Modern Solutions (SSE and XDR)

Exploring the Cybercrime Ecosystem


Dave Gill, EMEA Channel Director, KELA 

  • Understand and simplify the complex world of the cybercrime ecosystem
  • Gain insights into the motivations, tactics, and strategies of cybercriminals
  • Learn how defenders can protect their organization's assets

Evolution of attackers & the need for Red Teaming in modern cybersecurity


Zach Fleming, Head of Red Teaming, Integrity360

Join Integrity360’s Head of Red Teaming, Zach Fleming, for a deep dive into the constantly changing threat landscape and gain insights into how attackers have evolved, bypassing even the latest and most sophisticated tooling. Going beyond the tools and technology, Zach will also shed light on the often-overlooked element of human error. Learn how regular red teaming exercises can be the critical difference in ensuring robust cyber security in today's dynamic environment.

In this session:

  • The Modern Attacker: An insight into how cyber adversaries have evolved over the years, now leveraging sophisticated tools to outsmart conventional defence mechanisms
  • Beyond Technology: How the human element, often neglected in cyber security discourse, can become the weakest link, rendering state-of-the-art tools ineffective
  • Workload Pressures: Understand how the stresses of increasing workloads can diminish the efficacy of security solutions, making organisations more vulnerable to breaches
  • Red Teaming - Not Just a Luxury: Recognise that red teaming is no longer an optional exercise for large corporations but a necessity for businesses of all sizes in ensuring a resilient defence against evolving threats
  • Marrying Tech & Talent: The realisation that even the best technologies are only as good as the professionals behind them, emphasising the importance of capacity and capability in tandem

The growing role of DFIR in resilient incident response strategies


Tim Thorne, Product Evangelist, Binalyze

How DFIR is disrupting the traditional digital forensics landscape and delivering forensic capability to the centre of the security stack. Key takeaways: 

  • Cybersecurity and the growing revolution powered by DFIR
  • The benefits of speed and automation with DFIR
  • Leveraging DFIR to reduce caseloads, dwell time, and alert fatigue 
  • Empowerment, resilience, and enhanced security posture thanks to DFIR

Data Awareness: A Three-Step Model to Mitigate Data Theft


Stephen Cavey, Co-Founder & Chief Evangelist, Ground Labs

Data theft continues to grow in both frequency and scale. There’s never been a better time for organizations to establish an evidence-based approach to data awareness for data security.

In this session, you’ll learn:

  • How your company may be inadvertently enabling data theft and subsequent identity fraud through its data practices
  • We’ll share a three-step model to enhance your data awareness and mitigate your risk of data theft as you continue to receive and process new information against a backdrop of emerging threats and increasing data regulation

A day in the life of 'YOUR' sensitive data


Ketan Pyne, Presales Technical Consultant, Thales

Today’s businesses and governments depend on the cloud, data, and software to deliver trusted digital services. That is why the most recognized brands and organizations around the world rely on Thales to help them protect sensitive information and software wherever it is created, stored or accessed – from the cloud and data centers to devices and across networks. As the global leader in data security and software licensing, Thales solutions enables organisations to move to the cloud securely, achieve compliance with confidence, create more value from their software, and deliver seamless digital experiences for millions of consumers every day.

Whether you’re looking to guard against abuse by privileged users, encrypt sensitive data in a database, or address your compliance mandates in the cloud, Thales can help. Key takeaways:

  • What do you know about the data that you are unknowingly generating and disclosing?
  • What are the responsibilities of the 3rd parties who acquire your data?
  • Can you do anything about it?
  • Learn good basic cyber security practices by managing your daily information disclosure and consumption

Bringing mobile intelligence to the fight against fraud


Clare Messenger, Commercial Strategy & Business Development Mobile Intelligence, JT Global

With fraud an ever present and rapidly evolving threat to individuals and businesses we look at how mobile intelligence data can be used to detect and prevent fraud, create better secure authentication experiences for customers, and add real-time value to KYC checks.

To successfully fight fraud demands an intimate understanding of how it’s perpetrated and how technology and social trends are driving it. Without the understanding of how cybercriminals are exploiting opportunities, organisations often fail to create robust and holistic fraud prevention measures that can detect and prevent fraud from happening in the first instance.

Mobile network operators hold a vast amount of real-time data that can be interrogated and leveraged to combat today’s most common and harmful frauds such as SIM swap fraud, Account Takeover and Authorised Push Payment fraud. Exposing the right data at the right time can and is having positive results for financial services battling a torrent of multiple attack vectors.

  • Educating organisations about the threats from fraud
  • The wealth of data from MNO’s
  • Creating better customer experiences
  • How greater collaboration will fight the war on fraud