Registration and Networking
Chair's opening address

Sarah Armstrong-Smith

Reflections on the current cyber threats in the era of AI’ 

Software Supply Chain Security and a Spherical Chicken in a Vacuum

Grant Robertson

Imagine a chicken in a vacuum, perfectly spherical. Physicists use this joke to describe the effects of simplifying external factors. Removing them may make a problem easier to solve, but the solution has to work in the real world. The goal for a physicist is to build a model of the real world which works to solve the problem it was designed to address.
So, how does this relate to software supply chain security?    
Discussions around how to secure the supply chain often overlook real-world practicalities, instead considering an ideal world. But oversimplification can lead to oversight. Or worse, tedious manual work no reasonable developer would agree to undertake. Chickens aren't spherical and don't exist in vacuums. And software supply chains operate in complex, real-world environments. By focusing on these critical external factors, we can build a realistic software supply chain security program. One that will work for the real world - without requiring placing any spherical chicken in a vacuum.

 Join Grant Robertson as he discusses the realities of software supply chains. As well as the practicalities of how to secure them. In this talk, he will discuss: 
• How to practically address software supply chain vulnerabilities through automation,    
• How to navigate the legislation and regulations landscape,     
• How to think like a physicist and focus on addressing the key elements of software supply chain risk.

National Cybersecurity Strategies

Richard Parlour

This session will cover the national cybersecurity strategies of a number of key countries, in order to help delegates with international operations in designing and operating their cross border cybersecurity strategy.

Jen, we have a problem…

Jennifer Williams

Your worst day at work, you’re the person responsible for security and you learn that your organisation has been hit by a cyber attack impacting client data. It’s all very well and good being told that you should have had policies, security controls etc but what should you do right now?
This talk will look at what you should do in the moment including..

• Preparing for a cyber incident
• The changing expectations of insurers
• Executing the plan under pressure
• Returning to normal

Beyond the Buzzwords: How Security Automation Can Transform Your Program into a Force Multiplier

Peter Draper

Imagine a security program where threats are neutralized in an instant, where analysts are freed from mundane tasks, and where your entire security posture takes a quantum leap forward. This isn't a futuristic dream, it's the reality promised by security automation.
Join us as we dissect the "what" and "why" of automation, going beyond the buzzwords and hype to reveal its transformative power. We'll map out the automation journey, charting a course from your current state to a future of lightning-fast response, proactive defense, and empowered teams.

Cyber Security in Outer Space: The Final Frontier?

Amanda Crossley

A quick introduction into cyber security in outer space before flying off to discuss what is happening within this increasingly expanding industry and why we should all look up to the stars more.

Building Cyber Resilience through Automation and Intelligent Architectures

Richard Meeus

Gain Control Of Your Network And Reduce The Chance of Ransomware
Ransomware attacks continue to evolve as threat actors refine their tactics to infiltrate systems, encrypt files, exfiltrate data, and demand ransom payments. In this session, we will examine the latest ransomware attacks trends gleaned from our global view of the internet. Understanding the nuances of these attacks is crucial for businesses to bolster their defence strategies.
Ransomware poses a significant risk, with perpetrators motivated by financial gain and the disruption of critical assets. Attackers will often begin by compromising non-critical, soft assets before targeting high-value data, employing sophisticated techniques to evade detection.
Through a solid understanding of ransomware tactics and procedures, organisations can enhance their defence mechanisms and effectively safeguard data and applications.

Coffee and Networking
Choose from one of three Seminar Sessions

Click HERE to view stream options

Lunch and networking
Choose from one of three Seminar Sessions

Click HERE to view stream options

Chairs opening address

Sarah Armstrong-Smith

Optimizing Business Resilience: Reducing Risk and Boosting Productivity with a Zero Trust Approach to Network, Data Security, and AI

Simon Eappariello

Discover how implementing a well-defined zero trust approach to network and data security can swiftly diminish your organization's vulnerability and potential data breaches through the application of contemporary principles and technology.

The Influence Of Neurodiversity In Cyber Security Posture

Holly Foxcroft

Discover how neurodiversity impacts cyber security posture in this insightful presentation. Explore the unique cognitive strengths of different neurotypes, like pattern recognition and innovative problem-solving—that can fortify organisational defences against cyber threats. Learn practical strategies for recruiting, retaining, and empowering neurodiverse talent within cybersecurity teams, fostering inclusive cultures and tailored accommodations. Debunk common misconceptions and unlock the untapped potential of neurodiversity to enhance cyber security resilience in an ever-evolving digital landscape. Join us for a concise exploration of the intersection between neurodiversity and cyber security posture, shaping a more inclusive and secure future.

It's more than phishing - how to supercharge your security awareness program

Javvad Malik

Tell people not to click a link, pat each other on the back, and ride off into the sunset. If only security awareness training was that simple.

In this session, Javvad Malik, Lead Security Awareness Advocate for KnowBe4, will explain how to take your security awareness to the next level and prevent it from going stale. Changing behaviours and creating a culture of security can only be achieved by adopting the right mindset and techniques.

In this session you will learn:
● Why you need to brand the security department the right way
● The psychological approach to getting your message across
● Practical advice on building a strong security culture

In the moment nudges – What? How? Applying nudge theory to awareness

Lucy Finlay

What would it be like to be “there”, just when you were needed, to offer a tap on the shoulder and steer your colleagues in the right direction when they were about to do something risky? Click a link, plug in a USB, upload a file, and give away their credentials…? This takes nudge theory to its logical conclusion – timely, in the moment and even measurable. In this talk, Lucy will touch on why we should be looking at nudge theory, what makes a good nudge and why, how to run a campaign to steer behaviours, and the potential impact this approach can have. Lucy will share her 8+ years as a practitioner offering some takeaways on how to apply nudge theory, behavioural and learning science to your awareness campaigns as you build up towards real-time nudges.

Risky Business - The prejudices and pitfalls of cyber risk planning.

Jonathan Mattey

A talk on the psychological considerations required when assessing the likelihood and impact of cyber risk, how to avoid common fallacies associated with qualitative assessments, and using financial quantification to more effectively reduce business uncertainty and improve board communication.

Cyber Threat management and mitigation in a forever moving and growing threat landscape.

Lida Rragami

Join us for an insightful exploration into the readiness of companies and cyber vendors to combat the relentless rise of automated cyber threats. We'll examine the spectrum of cyber maturity across enterprises, large and small, and evaluate whether we're operating in reactive or proactive modes, and the related risks. We’ll recommend solutions to enhance preparedness and delve into how Artificial Intelligence (AI) and Machine Learning (ML) are pivotal in fortifying our cyber defences. 

Risk Prioritisation and the Evolution of Pen Testing

Rahim Jina

Finding and fixing vulnerabilities can be seen as one of the basic tenants of a modern security function. While supposedly basic, given the ever-increasing frequency of data breaches, managing vulnerabilities across an organisation is far from straightforward. How organisations approach vulnerability management and penetration testing in the past simply does not work with today’s technology stack and development methodologies.

Organisations face a minefield of vulnerabilities with limited resources, where does one even start! We delve into risk prioritisation, with a focus on more practical metrics such as exploitability and also explore vulnerability triaging. We look at why metrics of the past may have meant that we have been focusing on and fixing the wrong issues.

Cyber Security Trends in the 2020's

Ciaran Martin

Former Head of UK Cyber Security Centre and UK Chair of Cyber CX Ciaran Martin looks at the major trends in Cyber Security that have defined the first half of the 2020's and looks ahead to those that will drive tech security in the second part of this decade. 

Coffee and Networking
Live ‘Fireside Chat’ Q&A with Dara O Briain

Dara O Briain

Comedian & TV Presenter Dara O Briain
Stand-up comedian TV presenter Dara O Briain is best known in the UK for hosting
BBC’s ‘Mock the Week’, ‘BlockBusters’, ‘Robot Wars’, ‘Stargazing Live’,
‘Dara & Ed’s Great Big Adventure’ & ‘Dara O Briain’s Go 8Bit’, & most recently
Channel 4 quiz ‘One & Six Zero’s.’
Dara’s latest show, ‘Voice of Reason’ has been performed across the globe, touring
in UK & Ireland, Scandinavia, mainland Europe, Australia & the Middle East.
It was filmed & released as a BBC special in 2019.
In Sept. 2017, Dara released his 1st children’s book ‘Beyond the Stars’
(Scholastic), a hilarious journey through the solar system & our galaxy, it has
been nominated for the ‘Blue Peter Book Award for Best Non Fiction.’ In 2018 the
follow up ‘Secret Science – The Amazing World Beyond your Eyes’ was released to
great critical acclaim. 2020 saw the release of Dara 3rd children’s book ‘Is There
Anybody Out There’
Dara has also released 5 best-selling DVD’s with Universal Pictures. He was
on a world tour in 2022 & 2023 with his new show, ‘So Where Were We?’
Sarah Armstrong-Smith
Microsoft Chief Security Advisor, Independent Board Advisor, Best-Selling
Author, Keynote Speaker, & Fellow of the British Computer Society (BCS).
Sarah is Chief Security Advisor in Microsoft’s Cybersecurity Solutions Area.
She principally works with customers across Europe to help them evolve their
cybersecurity strategy to support digital transformation & cloud adoption, to build
stronger defences against cyberattacks.
Sarah’s latest book ‘Understand the Cyber Attacker Mindset’ explores the
psychology of cyber warfare & how organisations can defend themselves from
Prepare for a fascinating hour!


Chairs Closing Remarks

Colonel (Retd) John Doody FBCS FCMI CITP IISP MIOD

Drinks reception