Registration and Networking
Chair's opening address

Colonel (Retd) John Doody FBCS FCMI CITP IISP MIOD

Security in 2023

  • The changing face of cyber crime: 2023 cyber threats and new methods to protect against them
  • The risks and costs of cybercrime to businesses
  • Cyber skills: The importance of education and hiring the right people
  • Outlooks on AI & IOT
Security Automation - It's not if I Automate, It's When I Automate

Toby Van de Grift

In this session, you will learn about how the challenge of a constantly changing attack surface, ever increasing volume of alerts and tedious manual tasks have shaped the security automation market into what it is today.
In today's security market, the need for automating has never been more important. This session will go through how life was before and after security automation, the challenge we currently face with automation, what the future of security automation looks like, how you can assess your organisation's readiness for security automation and how Swimlane helps large enterprises in this journey.

Protecting your identity: Is MFA Enough?

Nour Fateen

For years, security practices were structured around protecting a company’s critical infrastructure and assets by working to secure the perimeter. The assumption was that if you prevented someone from accessing your network with robust controls, then you could trust the people on the network to perform privileged actions. This was the model of a castle - where you construct a moat and strong walls - but this model does not scale to the distributed and often cloud-based applications that are used within enterprises today.

As organizations face an expanding threat landscape, unprecedented level of attacks, and have countless devices all connected to each other without clear perimeters, verifying user identities and controlling access to sensitive data is both critical and difficult to achieve. The rapid growth in remote work and digital interactions in recent years, compounded by dynamic ecosystems of employees, customers, and partners, has introduced new challenges for security and IT teams responsible for securing identities.

Stolen corporate data, such as user credentials, regularly ends up on paste sites and dark web channels. Cybercriminals often purchase leaked credentials from these sources in hopes of gaining a foothold into organizations, so they can install ransomware or exfiltrate intellectual property. Unable to monitor the dark web for sensitive information on their own, organizations are not able to be proactive and left exposed to financial, legal, and reputational consequences.

In this brief talk we will cover:
So what can we do about this?
• What does the ecosystem actually look like? (Infostealer malware and cookie theft)
• Some methods of MFA bypassing
• How we could improve account takeover detection and prevention

2022 Threat Roundup – The emergence of mixed IT/IoT Threats

Daniel dos Santos

Forescout’s Vedere Labs has analyzed data gathered in 2022 about millions of attacks, hundreds of exploits and thousands of malware samples to share with the community insights that can help organizations to prepare for the 2023 threat landscape. Learn where attacks are coming from, what are their top targets, what vulnerabilities they exploit, what attackers do after initial access, what is the most common type of malware dropped, what are the trends in malware evolution and what they forecast for the future. Most importantly, learn strategies and actions that you can take to prepare for this evolving threat landscape.

Mind the Gap…Skills, gender and allyship.

Bronagh Healey

It is no secret the existing culture and perceived stereotypes within cybersecurity is a contributing factor to the gender gap our industry is facing and that the gender gap massively reinforces the ever growing skills gap.
How do we start to close these gaps, to create a more diverse, inclusive and skilled workforce?
It can start with you!
This session will include:
- An overview of the cyber security skills gap,
where we will look at the often over looked softer skills sets needed for the cybersecurity industry to thrive.
- How the gender gap reinforces the skills gap and how creating a more diverse and inclusive workforce will benefit our industry.
- Insights into how government are tackling these issues
- Could Allyship be the key to help start closing the gap?
- Why creating change and transforming the current culture is crucial to attract and retain the right people and skills.

Beyond Human: Exploring the Power of Automation in the New Age of Cybersecurity

Drew Perry

Get ready to join the battle of the bots! We'll explore the cutting-edge world of AI and Low Code technologies. The era of human effort in daily job functions is over, and we're on the brink of an arm's race between tech giants. Who will come out on top? Can we really replace our human SOC analysts with bots?
Join me as I reveal the art of the possible, using everyday tools and tech. You'll discover how to leverage AI to become your very own cyber security force multiplier and learn how to rapidly operationalize your ideas with Low Code tools. And the best part? We'll see how a bot can replace an L1 SOC Analyst!

• Unleashing the power of AI to automate daily job functions.
• Leveraging Low Code tools to rapidly operationalize your ideas.
• Understanding what can be automated and what still requires the human brain.
• Exploring the cutting-edge technologies that are changing the face of cybersecurity forever.

How criminals think

Jamie Bartlett

Drawing on over a decade investigating some of the world's most notorious online communities - including 4 years hunting down the FBI's Most Wanted cyber-criminal - Jamie will take you on a whistle-stop tour around the hidden world of digital scammers, virtual con-artists and criminals. He will suggest lessons and tips to keep people and business safe from the ever-evolving threat.  

External Reconnaissance - Why We Need More Information but Less Administration?

Chris Roberts

A quick fire drive through why understanding what is happening on the dark web and across the internet can help decrease both risk and admin effort.
Participants will :
• Understand the latest summary of threats being seen across the industry as well as some critical predictions for 2023 and their potential impact
• Understand the key elements of reconnaissance - its value, delivery, usage and process
• Gain context on why less effort can result in a better security posture through the application of more information

Coffee and Networking
Choose from one of three Seminar Sessions

Click HERE to view stream options

Lunch and networking
Chairs opening address

Colonel (Retd) John Doody FBCS FCMI CITP IISP MIOD

Can we change behaviours in real-time? A behavioural science approach

Tim Ward

• Explore what’s not working about current approaches to security awareness and the human factor in security
• Unpick the science behind behaviour models to help us understand why risky behaviours happen, and more importantly how to stop them.
• Explore how a real-time approach can allow awareness to form part of incident response and actively prevent incidents.
• Offer real-world examples and ways that all organisations can apply the theories to drive secure behaviour change.

Identity-Centric Security & the SOCs to Match: Improve Malware Response for Better Ransomware Prevention

Neill Cooper

Enterprises have ransomware prevention basics covered – from data backups, EDR, and user training, to phishing detection, and threat intel. But there’s a significant blind spot lurking: lack of visibility into malware compromises (especially when the infected devices are unmanaged or under-managed) and the resulting passwords, web session cookies that have been siphoned. Without immediate knowledge of this data that criminals are using to target the enterprise for ransomware and other costly cyberattacks, SOC teams have become accustomed to a machine-centric malware infection response. The result is exposed employee, contractor, and partner identities, exploitable until the affected users, applications, and devices are properly remediated. It’s been a challenge for most organizations – until now.

Join this session to learn about a new, more complete and more effective approach to preventing ransomware called Post-Infection Remediation. We’ll cover:

● Trends in malware-infected user data including common third-party application exposures (spoiler alert: SSO!)
● Seven common blind spots in today’s malware infection response
● Seven steps of Post-Infection Remediation to truly reduce your enterprise's exposure to ransomware

It's Human Nature

Kevin Fielder

Security is a people problem.  People are the solution.  Human nature dictates and influences so much of our lives.  However the security 'industry' and expectations around behaviour, awareness training etc. fail to recognise this.  Lets talk about how we need to understand people, instincts and behaviours in order to deliver security and make people our greatest asset.

How to Optimize your Security Data and reduce SOC TCO with Data Pipelines

Chris Morris

Securing your organisation no longer comes down to acquiring the right tools and building the best policies. Additionally, managing the flood of noisy, high volume security data means the difference between detecting a breach and missing a critical alert. Join this session to learn how data pipelines put choice and control over data back into the hands of security teams, helping get the right data, in the right formats, to the right places, all while reducing your SOC TCO.

Leading Trends in Application Security and how to deal with them

Adam Brown

We asked what major organisations with significant software security initiatives are doing for application security so you don't have to!

• Want to know what are the leading trends in application security in 2023?
• Want to know what you should keep your eyes open for?
• Want to know what the experts are saying?

Find out what you should be prioritizing in 2023 from over 130 leading firms which participate in the Building Security in Maturity Model (BSIMM) study.

Based on real data from the latest BSIMM 13 study, in this presentation, you will find out how to address these trends with scalable solutions.

We'll bring the data, you bring the popcorn

Best Practices for Infrastructure and Data Security

Josh Davies

Organisations are tasked with maintaining operational resilience while being faced with an ever changing threat and compliance landscape. Against this backdrop, Security, IT and Compliance teams are being tasked with protecting an ever increasing set of infrastructure and sensitive data.
Using a layered approach to our infrastructure and data security still makes a huge amount of sense, even as we move more of our data to the cloud. By using different detection and mitigation techniques, we provide resilience for those instances when a system or manual process becomes compromised, because we have other systems there to catch and prevent the breach.
This session will cover best practice approaches to:
• Mitigating infrastructure and software risks before they become an issue
• Reducing the risk of threats to your operational resilience
• Minimising the impact of attacks and mistakes by employees

Fixing the future with new solutions to old problems

Nicholas King

Why are we still not achieving the basics, when it comes to data security? Achieving the Principle of Least Privilege or compliance with GDPR is almost impossible without modern solutions and automation.
In this presentation, Nicholas King will dive deeper into how two very similar real-world organisations approached data security and how the outcomes were very different.

How Sage empowers teams to deliver customer-centric security

Sophia Adhami

Lisa Minogue-White

During this session, Pluralsight will share insights from their latest research into tech skill development, which highlights cybersecurity and cloud as the areas with the largest skills gap, and why you need to be people-first if you want to be cloud-first.

Sage will then share their upskilling journey, when leaders took on an ambitious goal to build a culture of trust in which every colleague, particularly those in engineering teams, felt empowered and confident when it comes to security.

Hear how Sage, with the help of Pluralsight, upskilled employees and sparked a culture of security across their engineering teams, which has led to an 82% reduction in the time taken to address security vulnerabilities.

Coffee and Networking
Live ‘Fireside Chat’ Q&A with Steven Bartlett
Chairs Closing Remarks

Colonel (Retd) John Doody FBCS FCMI CITP IISP MIOD