Agenda

Presentations already confirmed include:


► Future Crimes: Emerging Threats from Cyber Malicious Innovators 

Robin Smith, CISO, Aston Martin

  • What can we tell about the future of cybercriminality from current trends, gross criminal revenue and attack by sector. How can this be used to build a profile of the attackers?
  • The global cost of crime is increasing: has ransomware changed the rules of the game for CISOs?
  • Drone Offences. Robot Attacks. Artificial Intelligence Plagues. Science Fiction or future threat? 
  • Moving towards the defences of the future. 

► Enhancing and future-proofing remote access security 

Ben King, Regional Chief Security Officer, Okta

  • The move to remote working has created the need to quickly implement and secure workforce remote access
  • Okta will look at a situational review on the current digital landscape
  • Observations from the cloud
  • A view on how to navigate what's important

► Proactive Threat Hunting to Combat Ransomware

Jason Steer, Principal Security Strategist, Recorded Future 

  • 2021 ransomware trends across Europe
  • Trends in ransomware extortion schemes
  • Learn how threat hunting can identify ransomware actors before the encrypt data
  • Learn how threat intelligence can accelerate threat hunting

 


► Leadership in Security 

For CISOs, an increase in the rate of large-scale attacks may have one prominent hidden benefit: their boards are now taking digital risk very very seriously. With cyber risk now considered one of the key risks a business should be wary of, how should cybersecurity professionals display leadership? How is talent sourced and retained ? How do we bridge the gap between security and 'the business'?

  • Lee Whatford, CISO, Dominoes 
  • Nick Truman, CSO, JATO Dynamics
  • Nihal Newman, Director of Network Security, Ofcom

 


► Education Seminar Session 1 

Delegates will be able to choose from the following sessions:

  • Smart Buildings Under Siege: How IoT brings need to Replan your InfoSec Strategy, Todd Carroll, CISO & Julia Osseland, Product Marketing Manager, CybelAngel
  • Cyber Defence Strategies That Work for Resource-Constrained Teams, William Munroe, VP of Marketing, CyGlass
  • The Future Is Cloud-y: It’s Time to Transform Your Security Operations, Nipun Gupta, Cybersecurity Specialist, Devo
  • Deterrence and response: the Cinderella of cyber security capability, Paul Brucciani, Head of Sales Enablement, Managed Detection and Response business & Tim Orchard, Executive Vice President, Managed Detection and Response, F-Secure Corporation
  • Measuring threat readiness: how to validate your security controls to quantify risk, Tim Ager, VP of Sales, EMEA, Picus Security 

 Fusing threat intelligence, hunting & emulation for Intelligent Risk Management

Keith Nicholson, Head of Cyber Threat Operations HM Revenues & Customs

  • Cyber-attacks can present an existential threat to organisations and it is imperative that executive boards are able to effectively manage their cyber risk. Traditional approaches assess technical controls and vulnerabilities to provide a measure of an organisation’s defences.
  • However, by focusing on the technical they can neglect the layered defences of an organisation fail to assess more holistic indicators of cyber resilience such as decision making and staff awareness.
  • In this session we present a model for building a Threat Operations capability.  We will show how combining threat intelligence, threat hunting and adversary emulation into an end to end process can provide a realistic assessment of the organisations threats and one capable of testing all layers of an organisation’s defences.  

► Building Cybersecurity Immunity to Ransomware with PAM 

James Maude, Lead Cyber Security Researcher, BeyondTrust

  • Explore ransomware attacks and how you can protect your environment by making it inhospitable to them
  • Learn 6 things to know about Ransomware
  • Takeaway realistic security practices you can implement to protect against ransomware 
  • Understand the role of PAM (privileged access management) in mitigating the risks of ransomware and other cyber threats with a powerful, blended defense 

► It's not all trucks and fish tanks - Supply chain attacks are the new high watermark

Thom Langford, Security Advocate, SentinelOne 

  • Supply chain-based attacks continue to be on the rise. Attackers always choose the easiest path. Today, it’s often done by first compromising one of the end targets suppliers and then abuse that trusted relationship that they have to target an organisation.
  • Put simply, what are you most likely to open; an unknown email from an unknown sender with an attachment, or an invoice from your favourite supplier?
  • In this session: See the vectors of attack and what makes supply chain attacks quite so devastating; Understand the scale of the supply chain and why attacks are an inevitability; Learn three simple tricks to help combat supply chain attacks (number two will astound you!)

 


► Zero-Trust and SASE: a natural partnership

Tom McVey, Solution Architect, Menlo Security

  • SASE – modernising detection and response
  • New visibility at speed and scale
  • Isolation – eliminating phishing and ransomware while driving productivity
  • How to combine Zero-Trust and SASE to transform end-user protection

Education Seminar Session 2

Delegates will have the opportunity to choose from the following sessions:

  • It’s time to confront your VPN, Kurt Glazemakers, CTO, Appgate
  • Presentation by Kenna
  • Leveraging IAM for Effective and Efficient Threat Mitigation, Lonnie Benavides, Head of Infrastructure and Application Security, OneLogin.
  • Revolutionising cybersecurity training for your enterprise defence teams – for ever, Rupert Collier, VP Sales, EMEA & APAC, RangeForce
  • Lessons from a Fraud: 5 tips on making better buying decisions, Rois Ni Thuma, Head of Cybersecurity Governance & Legal Partnerships, RedSift 

 


► Cybersecurity, Cyberwarfare and Global Cyber Risk 

Following a sequence of increasingly hubristic cyber-attacks from national adversaries, on June 3rd US President Joe Biden issued on open letter to American executives about cybersecurity. New regulation was also drafted and governmental departments vowed to treat cyber-crime with the same urgency with which they treat acts of terrorism. With the world reaching a zenith of digitisation, where does cybercrime and cybersecurity fit into the geopolitical matrix? Will there ever be a true act of cyber-terrorism?  Are reactions from the top part of a spin war? And what should CISOs be doing as the stakes rise?

  • Joseph Da Silva, CISO, Electrocomponents Plc
  • Nuno Teodoro, Cybersecurity and Privacy Officer, Huawei 
  • Moty Cristal, CEO, NEST Consulting 

► The Battle of Algorithms: How AI is beating AI at its own game

Toby Lewis, Head of Threat Analysis, Darktrace 

  • How cyber-criminals are leveraging AI tools to create sophisticated cyber weapons
  • What an AI-powered spoofing threat may look like, and why humans will not be able to spot them
  • Why defensive AI technologies are uniquely positioned to fight back

► Human Factor 2021 - Why People are Targets

Matt Cooke, Cybersecurity Strategist, EMEA, Proofpoint

  • The culmination of a year’s worth of threat research and insights drawn from more than 2.2 billion email messages, 35 billion URLs, 200 million attachments and 35 million cloud accounts. 
  • The latest techniques and tactics used in attack campaigns—and why they work 
  • The characteristics that make users vulnerable and lucrative targets 
  • How threat actors pivoted to leverage COVID-19 themes 
  • How ransomware activity has evolved 

► Education Seminar Session 3

Delegates will be able to choose from the following sessions:

  • Replace & Go Beyond the VPN. Reduce Your Attack Surface by Over 90%, Zoltan Kovacs, Principal Security Architect, Axis Security
  • Implementing ZTNA with the Bitglass Platform, Mike Schuricht, SVP Product at Bitglass
  • An Alert Has Fired, Now What?, Alex Kirk, Global Principle, Corelight

► Are you Cyber Insurance Friendly?

Laure Zicry, Head of Cyber Insurance Western Europe, Willis Towers Watson

  • State of the Cyber Insurance Market
  • Trends in claims
  • Be prepared for an underwriting meeting

►Securing the University 

Garry Scobie, Deputy CISO, University of Edinburgh 

  • Universities are unique entities. Comprised of disparate faculties, departments and campuses, they operate as a miniature city might. Furthermore, with the wealth of personal data they hold, their capacity to conduct cutting edge research, and their lack of funding when it comes to cyber defences, they are an attractive target for criminals.
  • For years institutions in the higher education sector have been being hit: what should information security professionals in universities be doing to improve their defences.
  • What can CISOs from different industries learn from the university challenge?

► Securing the Cloud 

Digitisation has occurred across all sectors, accelerated by the movement to remote operations and by higher consumer demand for agile services. What does this mean for information security professionals? How are data driven organisations approaching a security paradigm that is almost entirely off-prem? And what does our relationship with our cloud provider tell us about our security posture.

  • Danielle Sudai, Cloud Security Operations Lead, Deliveroo
  • Dr. Wendy Ng, Cloud Security Architect Lead, OneWeb
  • Asif Khadim Malik, Lead Solutions Architect, Capita

 

Education seminars


Revolutionising cybersecurity training for your enterprise defence teams – for ever.


Rupert Collier, VP Sales, EMEA & APAC, RangeForce

Continuous professional development is crucial to keeping technically focussed teams ahead of the game. CISOs, VPs and SOC Managers must also be able to monitor and assess skill levels within those teams, in order to identify any possible coverage gaps that could represent a threat to the organisation. They also need to ensure incident response best practices remain fit for purpose and that everyone can execute their role in the event of an emergency. In this seminar you will learn:

  • …how cyber-defenders can continue to acquire and hone their skills entirely through a browser but still in a hands-on fashion.
  • …how they can learn essential real-world skills, in real networks and real VMs. From security operations to forensics to secure DevOps, modules cover a breadth of mission-critical topics.
  • …how users learn to defend against advanced attacks, quickly recognise and fix vulnerabilities and develop muscle memory in how best to react when it happens in the real world.
  • …how actionable insights and metrics about performance and skill levels of team members can help identify the cybersecurity superstars, both already in your organisation and amongst those that may want to join.
  • …how a combination of self-paced learning together with pressurised group exercises is the best way to prepare your teams for every eventuality – at a fraction of the cost of traditional learning.

 


It’s time to confront your VPN


Presentation by Appgate 

Legacy business VPN remote access solutions weren’t designed to handle the security challenges of today’s distributed workforce and escalating threat landscapes. Zero Trust Network Access (ZTNA) is the new industry standard for secure access to anything, from anywhere, by anyone. Join this session to find out how you can easily migrate your business from VPN to ZTNA:

  • Best practises for moving from VPN to ZTNA
  • Explore a variety of use cases that can be addressed by ZTNA
  • How replacing VPN can strengthen security and reduce your attack surface

Cyber Defence Strategies That Work for Resource-Constrained Teams


William Munroe, VP of Marketing, CyGlass

Resource-constrained organisations do not have the luxury of running 20 tools in a 24/7 security operation, yet they still have to defend against the same cyber-attacks. Smaller IT and Cyber Teams must take a different approach to protect their environments.

Join industry veteran and CyGlass VP of Marketing Bill Munroe, for a look at a newly published mid-market peer-based delves into the cybersecurity strategies and processes that are working and failing for small teams including:

  • What organisational and defensive strategies are working best for smaller teams
  • What are the core defensive security tools a small organisation must have deployed
  • How organisations can determine the operational viability of a security tool for their environment
  • How technologies and delivery methods like AI and SaaS can be a positive and a negative for a small team

Replace & Go Beyond the VPN. Reduce Your Attack Surface by Over 90%.


Zoltan Kovacs, Principal Security Architect, Axis Security

VPNs and publicly accessible services are based are based on the same principle of enabling employees and third parties to have direct access to your network. A modern zero trust network access approach turns this upside down by removing all users off the network completely, and only brokers access to the apps they really need to do their job. In this session, Zoltan covers:

  • How ZTNA reduces the attack surface
  • Why ZTNA enables fast deployment
  • How to improve the user experience too
  • Why you can start with difficult use cases such as remote workers, contractors, mergers & acquisitions, high risk nation access.

Lessons from a Fraud: 5 tips on making better buying decisions


Rois Ni Thuma, Head of Cybersecurity Governance & Legal Partnerships, RedSift 

At the e-Crimes summit what could be more fitting than reviewing what happened in one of the most significant corporate crimes of our times?

On the face of it, Theranos is just another corporate scandal. But it only takes you to scratch the surface to find that this is a tale of high tech with big promises and serious under-delivery.

In this session Rois will cover what your business can do to avoid investing in vaporware, or worse, buying tech that not only doesn’t deliver as promised but instead creates a whole new world of problems. 

  • Consider your source
  • Rely on the experts
  • Don’t believe the hype!
  • Disruption might mean disaster
  • Keep your standards high

Measuring threat readiness: how to validate your security controls to quantify risk


Tim Ager, VP of Sales, EMEA, Picus Security 

On average, organisations use between 30 and 70 security tools. However, most have no idea how effective they actually are - making it difficult to understand the current state of their security posture, measure improvements and justify spending. Join this session, presented by Tim Ager of Picus Security, to learn how to validate the performance of security controls and obtain answers to important questions such as:

  • Are our defences providing the protection we need against the latest threats?
  • How can we assess our threat prevention and detection capabilities?
  • How can we achieve the best security outcomes and rationalise investments?
  • How can we evidence the impact of changes to the C-suite and demonstrate compliance?

The Future Is Cloud-y: It’s Time to Transform Your Security Operations


Nipun Gupta, Cybersecurity Specialist, Devo

Security operations teams desperately need a simpler way to successfully shift to the cloud. Limited visibility — due to shortcomings of legacy monitoring and security analytics technologies — handcuffs teams from making this crucial transition.

Security professionals know the value of digital and cloud transformation, but the fear, complexity and mysteries of migrating critical infrastructure and tools make them understandably reluctant to start the journey.

In striking a balance between risk mitigation and driving innovation, security leaders recognize that moving away from legacy solutions and to the cloud brings an array of benefits and opportunities, including improving cost efficiency, simplifying operational processes, and reducing staff burnout.

  • What are the challenges security operations teams face in their shift to the cloud?
  • Why is visibility important yet hard to achieve?
  • How can cloud-native technologies improve visibility for security operations?
  • What are the components of a futuristic SOC?

Smart Buildings Under Siege: How IoT brings need to Replan your InfoSec Strategy


Todd Carroll, CISO & Julia Osseland, Product Marketing Manager, CybelAngel

A blast furnace shut down in a German steel mill...

All production lines stopped in an American brewery...

Across all industries, connected buildings are becoming prime targets for cyber-attacks. Hackers are quicker than security leaders to recognize blindspots in intertwined IT/OT/IoT environments relying on third-party providers and outsourced systems.

By 2023, the financial impact of cyber-physical system attacks as a result of fatal casualties will reach over $50 billion, 10 times higher than 2013 levels of data security breaches. (Source: Gartner, 2020).

Good news is, your Digital Risk Protection solution can help you secure your operations against malware and ransomware attacks on smart technologies.

  • Understand the risk landscape created by the increasing interconnection of IT, operational technology (OT) and building automation system environments.
  • Learn how to integrate third-party providers’ techs and outsourced systems into your attack surface management strategy.
  • Discover how CybelAngel can help you bridge the gap between physical security and digital risk protection.

 


Deterrence and response: the Cinderella of cyber security capability


Paul Brucciani, Head of Sales Enablement, Managed Detection and Response business & Tim Orchard, Executive Vice President, Managed Detection and Response, F-Secure Corporation

30,000 websites around the world are hacked each day of which the FBI estimates that 4000 are ransomware attacks. 64% of companies worldwide have experienced at least one form of a cyber attack.

It is the most digitally advanced nations that are most vulnerable to cyber-attacks, so how can we defend ourselves more wisely?

If everyone is a target, there is little you can do to reduce the probability that you will be attacked, but there are things that you can do to reduce the impact of an attack and recover quickly. This presentation will:

  • propose 4 inexpensive ways to make yourself unattractive to attackers and how to respond if you are
  • reveal the upside of dealing effectively with cyber security incidents.

Implementing ZTNA with the Bitglass Platform


Mike Schuricht, SVP Product at Bitglass

Hear about Bitglass’ Zero Trust Network Access (ZTNA) product vision and how its integration into a single platform can simplify SASE while improving overall functionality. This session will include a deep dive into the core technology principles of zero-trust network access and how it can be applied in practice by leading security teams.

  • Find out what is ZTNA and how it has developed
  • How can you benefit from using single SASE platform to secure your cloud applications.
  • See practice examples of securing your cloud applications.  

Leveraging IAM for Effective and Efficient Threat Mitigation


Lonnie Benavides, Head of Infrastructure and Application Security, OneLogin.

There’s no question that the current cybersecurity landscape is constantly shifting and evolving as new threats and security solutions emerge. Increased cyber attacks and distributed workforces have created new challenges that require innovative solutions.

Faced with the challenge of managing identities and securing access to data and applications from a growing number of endpoints, what are the fundamental controls organizations need to maintain business continuity and secure their remote and hybrid workforce?

Hear from Lonnie Benavides – Head of Infrastructure and Application Security, Onelogin – for a discussion on practical information and advice regarding the utilization of identity and access management solutions to effectively mitigate modern cyber threats to your business.

Key Takeaways:

  • Understanding the key fundamentals of a strong cloud security posture
  • Why passwords alone are not enough
  • Best practices for building a cybersecurity strategy at scale

An Alert Has Fired, Now What?


Alex Kirk, Global Principle, Corelight

While the security industry spends a lot of time and energy getting more and/or better alerts, comparatively little investment has gone into helping analysts operationalize and contextualize those alerts. This session will discuss:

  • How a solid foundation of network telemetry can enable a high-velocity, high-confidence processing of alerts of all stripes.
  • How this can also a host of other critical security applications, from fundamentals like asset management to advanced techniques like proactive threat hunting. 
  • Real-world examples and code will be used throughout the talk, along with practical considerations for operating in an enterprise environment.