Agenda

2023 Phishing By Industry Benchmarking Report: How Does Your Organisation Measure Up

Javvad Malik, Lead Security Awareness Advocate, KnowBe4

As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to be a race between effective technology and ever evolving attack strategies from the threat actors. However, there’s an often-overlooked security layer that can significantly reduce your organisation’s attack surface: New-school security awareness training.

• Understanding who’s at risk and what you can do about it
• Actionable tips to create your “human firewall”
• The value of new-school security awareness training

How to Build a Resilient Human Firewall

Jason Price, Systems Engineer, Red Helix & Javvad Malik, Lead Security Awareness Advocate, Knowbe4

Most cyber-attacks begin with phishing and so your ‘human firewall’ can be either your strongest or weakest defence. But building a resilient human firewall involves changing behaviour, which is always a challenge. In this presentation we will equip you with the theory and real-world examples to:

• Grow a positive culture of personal responsibility for cyber hygiene.
• Teach your staff to spot clever phishing and spoofing emails for what they are.
• Empower people to signal when they think they’ve been scammed.

We will provide practical examples of how we improve cyber-vigilance for our clients so that you leave the session equipped with sure fire strategies to strengthen the security culture in your organisation.  

3 New Ways Cybercriminals are Targeting your Email

David Lomax, SE Director, Abnormal Security

New types of impersonation. Better AI. Shifts to collaboration applications. Cybercrime is a business, and criminals are always looking for new ways to steal money.

Join us for this session where David Lomax, SE Director at Abnormal Security, will discuss:

• How threat actors are shifting away from the CEO fraud of the past
• Why tools like ChatGPT could be incredibly dangerous
• What new threats are on the horizon
• And how you can better protect your organization from all of it

Your Path to Cyber Resilience

Jorge Montiel, Head of Sales Engineering - EMEA, Red Sift

In this session Jorge Montiel will  explore how enterprise organizations can discover, manage and protect vulnerabilities across their email, domain, and web attack surfaces. Drawing on the capabilities of Red Sift’s Digital Resilience Platform, he will cover how organisations can: 

• Detect seen and unseen attacks on your domain before they do any damage
• Simplify routine investigation and automate remediation
• Go from projects to process - attacks don’t work on a quarterly basis, so you can’t afford to either

What is data lineage? (And how it’s transforming data security)

David Mole, Sales Engineer- EMEA, Cyberhaven

For over 20 years, data security technology has relied on content analysis to automatically classify data. Whether you’re using simple RegEx or complex machine learning, there are limits to what kinds of data you can classify by looking at the content alone. Enter, data lineage. Advances in graph database technology have made it possible to track all data within an organisation—where it originated, where it went, and who modified it. Whether client documents, source code, or product designs, data lineage is making it possible to protect a wider range of sensitive information with fewer false positives than ever before.

This session will cover an overview of data lineage and how it’s changing security with: 

• Visibility into how data moves within your organisation
• Better data classification than content-based approaches
• Rich context to accelerate investigations

Cyber-Risk Demystified: Simplified InfoSec Compliance for a Complex World

Jorge Ferrer Raventos, Principle Solutions Engineering Specialist, OneTrust

InfoSec program management is too inefficient to support the real-time needs of CISOs and their teams as they address the growing complexity of internal and external risks. The status quo - which often relies on antiquated tools, siloed processes, and over-investment in third parties - must yield to a more flexible, scalable, cost-effective approach. In this session, OneTrust introduces a new approach to enterprise-wide program development and automation that can meet the modern complexity of today’s businesses.  

Join this session to:  

• Understand the limitations of InfoSec practices in today’s risk landscape
• Identify five key areas of automation prime for organisations across the maturity spectrum
• Translate program efficiencies into measurable benefits and results for the business

Frustrate Attackers, Not Users – Secure, Exceptional User Experience

Michael Fignon, Duo Security Leader, UK and MEA, Cisco

Today’s digital landscape is constantly changing, and modern networks extend from the private datacenter to the cloud to the remote user, including their professional and personal devices. This complexity has led to larger attack surfaces, resulting in more threats and in response, more intrusive security measures. Traditionally, stronger security created more complex management, forcing administrators to manage an average of 76 different security tools, and this complexity can allow attackers to persist on the network longer without detection. It also creates a poorer end user experience, requiring users to login repeatedly and manage their VPN connection, which frustrates users and sometimes leads them to circumvent security practices. 

In this presentation, we will cover the prevailing industry trends, pain points, and look at the roles of modern solutions like Secure Service Edge (SSE) and Extended Detection and Response (XDR) in countering and alleviating these pain points. 

• Trends and Pain Points 
• User Experience versus Security 
• Admin Experience and Visibility 
• Modern Solutions (SSE and XDR)

Exploring the Cybercrime Ecosystem

Dave Gill, EMEA Channel Director, KELA 

• Understand and simplify the complex world of the cybercrime ecosystem
• Gain insights into the motivations, tactics, and strategies of cybercriminals
• Learn how defenders can protect their organization's assets

Evolution of attackers & the need for Red Teaming in modern cybersecurity

Zach Fleming, Head of Red Teaming, Integrity360

Join Integrity360’s Head of Red Teaming, Zach Fleming, for a deep dive into the constantly changing threat landscape and gain insights into how attackers have evolved, bypassing even the latest and most sophisticated tooling. Going beyond the tools and technology, Zach will also shed light on the often-overlooked element of human error. Learn how regular red teaming exercises can be the critical difference in ensuring robust cyber security in today's dynamic environment.

In this session:

• The Modern Attacker: An insight into how cyber adversaries have evolved over the years, now leveraging sophisticated tools to outsmart conventional defence mechanisms
• Beyond Technology: How the human element, often neglected in cyber security discourse, can become the weakest link, rendering state-of-the-art tools ineffective
• Workload Pressures: Understand how the stresses of increasing workloads can diminish the efficacy of security solutions, making organisations more vulnerable to breaches
• Red Teaming - Not Just a Luxury: Recognise that red teaming is no longer an optional exercise for large corporations but a necessity for businesses of all sizes in ensuring a resilient defence against evolving threats
• Marrying Tech & Talent: The realisation that even the best technologies are only as good as the professionals behind them, emphasising the importance of capacity and capability in tandem

The growing role of DFIR in resilient incident response strategies

Tim Thorne, Product Evangelist, Binalyze

How DFIR is disrupting the traditional digital forensics landscape and delivering forensic capability to the centre of the security stack. Key takeaways: 

• Cybersecurity and the growing revolution powered by DFIR
• The benefits of speed and automation with DFIR
• Leveraging DFIR to reduce caseloads, dwell time, and alert fatigue 
• Empowerment, resilience, and enhanced security posture thanks to DFIR

Data Awareness: A Three-Step Model to Mitigate Data Theft

Stephen Cavey, Co-Founder & Chief Evangelist, Ground Labs

Data theft continues to grow in both frequency and scale. There’s never been a better time for organizations to establish an evidence-based approach to data awareness for data security.

In this session, you’ll learn:

• How your company may be inadvertently enabling data theft and subsequent identity fraud through its data practices
• We’ll share a three-step model to enhance your data awareness and mitigate your risk of data theft as you continue to receive and process new information against a backdrop of emerging threats and increasing data regulation

A day in the life of 'YOUR' sensitive data

Ketan Pyne, Presales Technical Consultant, Thales

Today’s businesses and governments depend on the cloud, data, and software to deliver trusted digital services. That is why the most recognized brands and organizations around the world rely on Thales to help them protect sensitive information and software wherever it is created, stored or accessed – from the cloud and data centers to devices and across networks. As the global leader in data security and software licensing, Thales solutions enables organisations to move to the cloud securely, achieve compliance with confidence, create more value from their software, and deliver seamless digital experiences for millions of consumers every day.

Whether you’re looking to guard against abuse by privileged users, encrypt sensitive data in a database, or address your compliance mandates in the cloud, Thales can help. Key takeaways:

• What do you know about the data that you are unknowingly generating and disclosing?
• What are the responsibilities of the 3rd parties who acquire your data?
• Can you do anything about it?
• Learn good basic cyber security practices by managing your daily information disclosure and consumption

Bringing mobile intelligence to the fight against fraud

Clare Messenger, Commercial Strategy & Business Development Mobile Intelligence, JT Global

With fraud an ever present and rapidly evolving threat to individuals and businesses we look at how mobile intelligence data can be used to detect and prevent fraud, create better secure authentication experiences for customers, and add real-time value to KYC checks.

To successfully fight fraud demands an intimate understanding of how it’s perpetrated and how technology and social trends are driving it. Without the understanding of how cybercriminals are exploiting opportunities, organisations often fail to create robust and holistic fraud prevention measures that can detect and prevent fraud from happening in the first instance.

Mobile network operators hold a vast amount of real-time data that can be interrogated and leveraged to combat today’s most common and harmful frauds such as SIM swap fraud, Account Takeover and Authorised Push Payment fraud. Exposing the right data at the right time can and is having positive results for financial services battling a torrent of multiple attack vectors.

• Educating organisations about the threats from fraud
• The wealth of data from MNO’s
• Creating better customer experiences
• How greater collaboration will fight the war on fraud