Programme:

08:30
Registration and Networking
08:55
Chair's opening address

Colonel (Retd) John Doody FBCS FCMI CITP IISP MIOD

Security in 2022

  • The changing face of cyber crime: 2022 cyber threats and new methods to protect against them
  • The risks and costs of cybercrime to businesses
  • Cyber skills: The importance of education and hiring the right people
  • Outlooks on AI & IOT
09:00
The rise of social engineering

Hotel chain Marriott has been hit by another data breach through social engineering, which led to the exfiltration of 20GB of data from the firm. Social engineers are becoming more sophisticated and targeted in their approach, so how can firms prevent themselves from becoming a victim? Delivered by a seasoned “white hat” social engineer, this talk will look at:

  • How social engineering is changing: What to look out for
  • What kind of tricks do hackers use to get information?
  • Who in the business is most at risk?
  • What technical and policy based controls will help prevent these attacks?
  • How staff training can help
09:15
DDoS explained

DDoS attacks are often seen as rudimentary, but they can cause a lot of damage. DDoS attacks are also getting bigger, reaching 500mbps according to latest figures.

This talk will cover:

  • The Size of DDoS: Some stats demonstrating how big attacks have grown and why that matters
  • Why you shouldn’t ignore DDoS: the threat to your business
  • Who is at risk from DDoS and what’s at stake
  • How to protect from and mitigate DDoS attacks
09:30
Keynote Presentation
09:45
Spyware: What is spyware and who is at risk?

In July, it was revealed that Apple’s next operating system iOS 16 will include Lockdown Mode to protect iPhones from spyware. It follows a series of so called zero-click attacks that have hit targeted individuals over the last year – including the infamous Pegasus attack.

This talk will cover:

  • What is spyware: Its role in the murder of Jamal Khashoggi
  • Types of Spyware and signs it could be on a device
  • Which businesses are at risk, and how to include this in your security strategy
  • What can be done to protect against it: Is Apple’s Lockdown Mode an effective mitigation for at risk business users?
10:00
Security 101: Doing business in the Metaverse

The Metaverse is on its way, led by companies including Facebook. There are multiple predictions for the new technology, including benefits for businesses, but there are also cyber security and privacy risks. This session will cover:

  • What is the Metaverse and how will it impact businesses eg meetings in the Metaverse
  • What are the security risks for businesses?
  • The privacy risks: What you need to know about employees’ privacy in the Metaverse
  • What businesses should be doing now and when it arrives
10:15
Keynote Presentation

Nina Schick

10:40
AI in cyber security: A 2022 outlook

AI is already being used in cyber security, as part of systems able to catch and mitigate attacks. But what does the future hold for this technology? This session will examine:

  • What is AI in cyber security and how has it developed?
  • AI in cyber warfare: Future predictions
  • AI used by adversaries: As defenders use AI to protect, criminals are using the technology to attack businesses. What can businesses do to respond?
10:55
Coffee and Networking
11:25
Choose from one of two Seminar Sessions

Click HERE to view stream options
11:55
Seminar Change Over
12:00
Choose from one of two Seminar Sessions
12:30
Lunch and networking
13:30
Choose from one of two Seminar Sessions
14:00
Chairs Opening Address

Colonel (Retd) John Doody FBCS FCMI CITP IISP MIOD

14:05
When will passwords finally go away?

A future without passwords has been discussed many times, but how far away is it? This talk will look at:

  • Why passwords don’t work, but are still used by nearly everyone
  • The companies looking to scrap passwords altogether, and initiatives such as FIDO
  • What will replace passwords: Future tech such as biometrics, what’s currently being developed, what’s on the horizon?
  • The big picture: Realistically, when will passwords disappear altogether?

 
14:20
Keynote Presentation: Lisa Forte, Social Engineering and Cyber Security Expert

Lisa Forte

14:45
Supply chain security: How to manage and mitigate the risks

Supply chain security has never been more important as the area becomes a key part of a large number of cyber-attacks. The risks inherent in the supply chain were highlighted by the SolarWinds breach, as well as the Log4Shell vulnerability, and the Okta hack – which impacted hundreds of customers after an attack via a third-party provider.

Meanwhile, the NCSC has warned the public sector, critical infrastructure and similar organisations to consider the potential risks associated with Russian-controlled parts of their supply chain.

This talk will cover the supply chain risk including:

  • What is a supply chain cyber-attack
  • Examples of supply chain hacks, and how they happened
  • How do supply chain attacks penetrate defences?
  • What are the consequences of supply chain attacks, and how can these be avoided?
  • How to identify the risks in your supply chain
  • Tips to protect against supply chain weakness eg procurement processes and identifying weaknesses, technical and strategic defences.
15:00
Tackling the insider threat

The insider threat has never gone away, but 70% of organisations lack an insider risk strategy, according to Imperva and Forrester. According to the study, insider threats caused 59% of incidents impacting sensitive data in the past 12 months.

This talk will detail:

  • The insider threat: How insider breaches can be malicious or accidental
  • Examples of breaches that took place as a result of an insider
  • Tactics and tools to tackle the insider threat: Training, monitoring and encryption
  • Creating an insider risk strategy
15:15
What to do if you are breached: Incident response strategies and techniques

Security breaches are no longer a matter of if, but when. Companies are constantly advised of breach prevention techniques, but what about what happens if you are actually hacked?

Taking into account regulatory obligations such as reporting to the ICO, this feature will cover:

  • How the breach itself isn’t the biggest risk, it’s how the company handles it
  • Incident response: What is it, why firms need it, and how to do it (and how to budget for it). How to get everyone in the company on board
  • Regulatory challenges: What does regulation require you to do when you are breached?
  • PR in the event of a breach: How PR plays a key part of incident response
15:30
Coffee and Networking
15:45
Cybersecurity training in 2022: How to make it work for your business

Cyber security training is not a one-size fits all exercise. Although training modules can be useful, today’s threat landscape requires a more individualised approach. This talk will look at:

  • The evolution of cyber security training: What’s wrong with it, and what works
  • How hybrid and home working affects training
  • Increasing diversity in the workforce and the impact this has on training
  • Creating an approach that works for each individual employee
  • The importance of investment and the financial rewards
16:00
Live ‘Fireside Chat’ Q & A with Tim Peake

Tim Peake

Tim Peake is a former Apache pilot, flight instructor, test pilot and current European Space Agency astronaut. A veteran of 18 years military service, Tim has flown over 3,000 hours on operations worldwide.

In December 2015, Tim became the first British astronaut to visit the International Space Station and conduct a spacewalk during his six month mission. He also ran the London marathon from space.

Tim’s mission engaged more than two million students in outreach activities. He is an ambassador for STEM Education, The Prince’s Trust and the Scout Association. He is a best-selling author, with proceeds from his books donated to The Prince’s Trust.
17:00
Chairs Closing Remarks