Agenda

Beyond Privileged Accounts: Identity Security for Today’s Dynamic World

Lee Elliott, Senior Director of Solutions Engineering, BeyondTrust

Even with growing budgets and stricter compliance mandates, cyber risk is still on the rise. Identities are a top target, with attackers exploiting hidden Paths to Privilege™ to gain access. Managing elevated permissions across hybrid environments is complex, and traditional PAM tools—focused only on privileged accounts—often leave gaps. This session will look at how modern, identity-focused PAM secures all users, reduces risk, and simplifies access to keep your organisation both protected and productive.

Attendees will learn:

• Uncover real-world attack paths: See how threat actors bypass traditional controls by exploiting overlooked identity vectors – even beyond privileged accounts
• See modern PAM in action: Learn how identity-first approaches simplify access and security across hybrid infrastructures, with live examples and use cases
• Bridge security and productivity: Discover how to protect all users – not just admins – without slowing down your workforce or partners
• Leave with actionable insights: Walk away with practical steps to evolve your PAM strategy and close critical gaps in your identity security posture

Your Forgotten Apps Are an Open Invitation: ADR or Incident Response — Your Choice”

John Wood, Senior Regional Sales Manager, Contrast Security

Here is the uncomfortable truth: most breaches do not start in your Tier 1 apps. They start in the forgotten corners of your estate, the expense tool, the vendor portal, the dusty middleware running on a server no one dares to touch. Attackers know this. They are not hacking your shiny new microservices; they are walking through the side door you left wide open. This talk is a wake-up call for CISOs, AppSec leads, and anyone still pretending “shift left” is enough. We will dismantle the myths, expose the blind spots, and show why ADR is the only control that can protect where you cannot patch, cannot test, and cannot even find the developer who wrote the code. 

Fast, sharp, and slightly dangerous — this session will make you laugh, make you sweat, and leave you with a battle plan that your board will thank you for (and your attacker will hate).

Attendees will learn:

• “Tier 1 is theatre, Tier 3 is reality.” Learn where breaches actually begin
• “Shift left is a fantasy, runtime is reality.” Why detection and defence have to live where the code runs
• “You have 90 days to act — or the attackers will.” A ruthless plan to deploy ADR across your long tail in one quarter

Foundations of GenAI Application Security: Understanding and Mitigating Risks

Donato Capitella, Principal Security Consultant, Reversec

GenAI applications introduce new cybersecurity risks that developers, security professionals, and architects need to address. Attackers exploit these systems primarily through prompt injection and jailbreaking, turning AI capabilities against their intended use. This session breaks down how these attacks work, where traditional security approaches fall short, and what practical strategies can mitigate these risks.

Attendees will learn:

• Core security challenges when integrating GenAI into software

• Common attack techniques and real-world exploitation examples

• What “good” looks like: securing GenAI applications in production

Inbox Infiltrated: One QR Code, One Near Miss, One Game-Changing Fix

John Flatley – Solutions Engineer, Abnormal AI

Email continues to be the most exploited vector in cyberattacks - now more dangerous than ever with the rise of AI-driven threats. In this session, John Flatley from Abnormal AI presents a real-world example of a novel QR code-based phishing attack that bypassed traditional security measures. The talk highlights how attackers exploit human behaviour and why legacy defences are failing. He then introduces a modern, behavioural AI approach that stops advanced threats before they cause damage.

Attendees will learn:

• AI is Empowering Attackers: Threat actors now use AI to create highly personalised and scalable email attacks that evade traditional detection methods

• The Human Element is the Weakest Link: Social engineering and mobile-based credential theft tactics are specifically designed to exploit human trust and unprotected devices

• Modern Problems Need Modern Defences: Abnormal's behavioural AI platform provides automated, API-based protection that adapts to evolving threats without manual rules or configurations

A simple, old-fashioned con”: How can we keep the bad guys out and limit the damage they cause?

John Gilbert, Director Red Lodge Consulting, OneSpan

Most data breaches and ransomware incidents continue to involve compromised credentials, as AI-enabled phishing techniques become more advanced. Identity-related cyberattacks are particularly difficult to defend against as they often occur when attackers log in using valid credentials rather than exploiting technical vulnerabilities. Cybercriminals employ social engineering to circumvent traditional multi-factor authentication, exploit vulnerabilities within helpdesk processes, and manipulate structured environments such as Privileged Access Management (PAM) systems and service accounts. Frequently, these gaps are only discovered after an incident has occurred—often due to inadequate user validation and ineffective access governance. Employees represent both a substantial asset and a key vulnerability in this context. The current trends observed across industries such as retail, manufacturing, and telecommunications underscore the urgent need for enhanced user validation procedures and the adoption of robust, low-friction MFA solutions and the critical importance of access visibility in understanding and managing risk associated with potential account compromise.

Attendees will learn:

• Why despite the $Millions spent on cybersecurity, do we still fall for a “simple old fashioned con” ?

• What can we do to better secure our user accounts and minimise the risk of a breach?

• What are the challenges associated with modern passwordless authentication and how do we address these?

Key findings from The Annual Cybersecurity Attitudes and Behaviors Report 2024/25

Suzie Dobrontei, Behavioural Scientist, CybSafe

Join us for a highlight into the key findings of the latest (fifth, to be exact) 'Oh, Behave!' report.

Attendees will learn:

• Global snapshot: We'll present a global snapshot of people's cybersecurity attitudes and behaviors, with a focus on generational differences and country comparisons
• Mindsets & motivations: What do people really think about cybersecurity, and what keeps them up at night? We'll explore who they rely on for protection and where they place the responsibility
• The AI challenge: AI use has exploded, but training hasn't. People are more confident, but also more vulnerable. In a world of shadow AI and deepfake scams, we'll discuss how to bridge the knowing-doing gap

Transforming Cybersecurity Strategies to Combat GenAI and Deepfake Threats

Charlie Mather, Commercial Account Executive, Ironscales

AI-driven technologies like GenAI and deepfakes are creating challenges that IT Security and MSP leaders can’t afford to ignore. The surge in AI-powered attacks means traditional defenses used by most organizations are no longer enough. Attackers are stepping up their game, crafting hyper-realistic, personalized attacks that are nearly indistinguishable from the real thing—and it’s only going to get more intense as these tools evolve.

So, how do we fight back? 

Attendees will learn: 

• We will explore how to rethink your approach, using AI to combat AI and keep pace with these threats 
• We will also touch on how a "red team/blue team" strategy can help you stay one step ahead, leveraging AI to anticipate future attacks, arm your defenses, and proactively mitigate them

Brand Impersonation: Why technical controls are a CISO’s best line of defence

Nadim Lahoud, SVP Operations, Red Sift

Brand impersonation is one of the biggest cyber risks facing CISOs today, yet it is one of the hardest threats to demonstrably mitigate. Attackers exploit multiple vectors including, domains, email, websites, social media, and even search engine manipulation—to deceive employees, customers, and partners. In this seminar, we introduce a clear framework that categorises the main forms of brand impersonation and highlight why technical controls deserve to be the first—and most cost-effective—line of defence. 
Participants will gain an actionable understanding of how modern security teams can assess the scope of impersonation risk, identify the right mix of controls, and deploy them with confidence. To ground these concepts, we will share real-world case studies of organisations that have successfully reduced impersonation attacks with Red Sift. Attendees will leave with both the strategic lens to communicate risk to stakeholders and the tactical guidance to strengthen their organisations against this pervasive and evolving threat.

Attendees will learn:

• An understanding of brand impersonation and why it is a leading cyber risk
• A framework that clearly categorises the main impersonation vectors and explains prioritising technical controls as the first line of defence
• A step-by-step playbook for deploying technical controls reliably at scale, supported by automation and operational best practices
• Customer case studies of organisations that have successfully solved brand impersonation challenges with Red Sift
• Practical insights to both communicate the risk to executives and apply effective solutions within existing security programs

Shining a Light on Shadow AI: The Hidden Risk to Data Security

Tom Rossdale, Sales Engineer Director, Varonis 

Shadow AI occurs when employees use tools like ChatGPT or Copilot without IT’s visibility or control—a trend now seen in nearly every organisation. While these tools can boost productivity, their unsanctioned or unmonitored use introduces serious risks, including data leaks, compliance violations, and loss of intellectual property. This session will reveal how shadow AI is infiltrating organisations and what you can do to regain visibility and control.

Attendees will learn:

• What shadow AI is, including the difference between unsanctioned and unmonitored AI, and why both are risky

• Real-world consequences, such as data leakage, regulatory breaches, and exposure of sensitive information—even with popular tools like Microsoft Copilot

• Why shadow AI happens, including the drivers behind its adoption and the challenges IT and security teams face

• Practical steps to detect, monitor, and manage shadow AI, from technical controls to employee education and streamlined onboarding of safe AI tools

From Control to Confidence: The New Era of Modern Infrastructure Access

Michael Hiscock, Solution Engineer, Sectona

Today’s enterprises operate across a vast and interconnected landscape, from on-premises infrastructure and cloud platforms and third-party networks. While this diversity offers unmatched flexibility, it also introduces complex privileged access challenges that traditional PAM solutions weren’t built to address. Join Sectona for an exclusive session where we unveil our Modern Infrastructure Access approach - designed to secure every connection, everywhere, without compromising operational efficiency. Explore how Sectona brings diverse user personas together on a single, powerful platform.

Attendees will learn:

• Achieving unified visibility and real-time control over privileged sessions
• Enforcing least privilege and regulatory compliance seamlessly across diverse infrastructures
• Securing access for internal teams, remote employees, and third-party users with minimal disruption
• Eliminating blind spots and mitigating risks in hybrid and multi-cloud setups

The AI Ecosystem from Bots to Hackers: A Look Inside Today’s LLM Exploits and the Risk from AI Scrapers

Richard Meeus, Senior Director Security Technology and Strategy, EMEA, Akamai

AI is a much discussed topic at the moment, with varying degrees of hope, hype and hyperbole. Large language models (LLMs) are prime targets for attacks that exploit their unpredictability, including prompt injection, AI jailbreaking, data exfiltration, and model theft. LLMs themselves are scraping every piece of knowledge in existence making them an integral part of how we use the Internet, or how they will change our use of the Internet.

This session will break down how these attacks work, why they are difficult to detect, and what defenders can do to stay ahead of adversaries targeting AI and LLMs.

Whether you're worried about visitor decline or referral traffic-drops to your site, or you are securing customer-facing apps, internal copilots, or proprietary models, this session will equip you with the knowledge to spot — and stop — these threats and challenges.

Attendees will learn:

• The anatomy of prompt injection attacks and how they bypass input filters
• How AI jailbreaking leads to toxic output, policy evasion, and reputational risk
• Why AI-specific DoS attacks don’t look like traditional DDoS
• Identify the bots visiting your site to determine whether they are beneficial to you

Fortify Your Cyber Resilience with Rubrik Identity Recovery

Ed Morgan, GTM Technical Lead EMEA & APJ, Rubrik

In today's dynamically evolving threat landscape, cyber attacks are becoming increasingly sophisticated and pervasive. As attackers continually target the core identity repositories of enterprises, it has become imperative for organisations to fortify their cyber resilience efforts by prioritising protecting their identity data. True cyber resilience means accepting that breaches will happen. A complete cyber resilience strategy hinges on the ability to promptly recover from security incidents and ensure the continuity of critical business operations. In this session we will be discussing how to ensure business continuity by rapidly recovering your Microsoft Active Directory and Entry ID environments, safeguarding your identity services from cyberattacks and operational failures.

Attendees will learn:

• Protect identity systems - maintain uninterrupted operations by continuously monitoring identity risks and policy violations
• Detect and Remediate Threats - rapidly identify compromised accounts and enforce remediation or rollback actions before they disrupt access
• Seamlessly Recover Identity Systems - orchestrate fast, reliable recovery of Active Directory and Entra ID to restore critical-business operations

Disconnect to Protect, on-Demand - Military-Grade Cybersecurity for a Connected World

Mark Pearce, Head of Global Sales & Channel, Goldilock Secure

In today’s hyperconnected world, the convergence of operational technology (OT) and information technology (IT) has created vast new vulnerabilities.  Cyberattacks on critical infrastructure from energy grids and water supplies to hospital networks and financial markets, are escalating not only in frequency but also in nation-state-level sophistication and destructive potential. Recent high-profile incidents have starkly demonstrated that the largest, most cyber-aware organizations are not 100% protected; their multi-layered, perimeter-based defences are simply proving inadequate against patient, evasive, and highly complex threats. 
One truth is becoming clear: no system is truly secure while it’s connected. NATO has reaffirmed a foundational cybersecurity principle; the only foolproof way to stop a breach is to eliminate the digital attack surface each time connection is not required, by disconnecting from the internet on demand. This principle forms the bedrock upon which Goldilock Secure was conceived, “Disconnect – To-Protect, on Demand”. This session explores how military-grade technology has been adapted into a practical cybersecurity control, enabling the physical disconnection of critical systems from the internet, instantly and remotely, reducing exposure and neutralizing threats at the root.

Attendees will learn:

• Discover how to instantly keep your systems truly invisible to online threats and cyber attackers, no software or complex configs needed
• Learn how to deploy a near-instant cyber kill-switch, enabling rapid containment of active threats like ransomware while ensuring uninterrupted business operations
• Understand how hardware-enforced segregation is the new gold standard for governance. You will gain the ability to meet and prove compliance with strict mandates (including NIS2, ISO 27001, and HIPAA) by generating irrefutable, physical evidence of network separation for simplified audit trails and maximum resilience

Untangling the supply chain problem

Justin Kuruvilla, Chief Cyber Security Strategist, Risk Ledger

As cybercrime becomes more systemic, supply chain attacks are evolving from isolated breaches into network-wide crises. In this session, Justin Kuruvilla, Chief Cyber Security Strategist at Risk Ledger, unpacks why traditional third-party risk management (TPRM) is failing to keep pace with today’s interconnected threat landscape. Drawing on lessons from history and real-world data from government and critical infrastructure communities, Justin explores how concentration risk, supplier dependency, and visibility gaps are creating new attack surfaces for threat actors to exploit. Attendees will learn how to move beyond static assessments toward a collaborative, network-based model of defence, one where organisations and their suppliers work together to identify vulnerabilities, share assurance, and Defend-as-One.

Attendees will learn:

• See the whole system, not just the supplier. Supply chain security isn’t about isolated vendors — it’s about understanding the interdependencies, fourth parties, and shared providers that create systemic risk
• Rethink TPRM for the threat era. Traditional, survey-based risk management is too slow and siloed to counter today’s fast-moving, networked attacks. Resilience requires live visibility and shared intelligence
• Defend-as-One. The future of cyber defence is collaborative. Organisations, suppliers, and regulators must work together to identify concentration risks and strengthen collective resilience across ecosystems