Presentations @

ECS uk

Enterprise Cyber Security

19 September 2024

Victoria Park Plaza Hotel, London

Presentations @ ECS uk

Morning Session

Building the team, acquiring the tools and sourcing the technologies you need

  • Building Resilient Teams and Humans
  • Practical Approach to Cloud Security Assessment
  • Navigating the Labyrinth of Logging: From Collection to Retention
  • Zero Trust in Action
  • All-source threat intelligence
  • AI in Cybersecurity
  • Fixing the future with new solutions to old problems
  • How to run an apprenticeship programme targeting non-technical background

08:00 (BST)

Registration and Exhibition Opens

Refreshments will be available in the Exhibition area.

09:00 (BST)

Conference Chair's Opening Address

Ian Brown
Group CISO, Spectris plc
view profile

Ian Brown, Group CISO, Spectris plc

09:10 (BST)

Risky Business - The Prejudices and Pitfalls of Cyber Risk Planning

Jonathan Mattey
Head of Cyber Security, Forge Holiday Group
view profile

Jonathan Mattey, Head of Cyber Security, Forge Holiday Group

A talk on the psychological considerations required when assessing the likelihood and impact of cyber risk, how to avoid common fallacies associated with qualitative assessments, and using financial quantification to more effectively reduce business uncertainty and improve board communication. 

 

09:30 (BST)

Retail Case Study

Marcin Roth
Senior Cyber Security Manager, Currys
view profile

Marcin Roth, Senior Cyber Security Manager, Currys

09:45 (BST)

AI in Cybersecurity

Nadezda Demidova
Data Scientist, Cyber Crime Security Researcher, Ebay
view profile

Nadezda Demidova, Data Scientist, Cyber Crime Security Research, eBay

This presentation explores the dual role of Artificial Intelligence in cybersecurity, showcasing both its application in enhancing cyber defense mechanisms and its utilization in the cybercrime world. We’ll discuss how AI-powered tools can automate attacks and exploit vulnerabilities, while also improving threat detection and predictive capabilities for defense. The session aims to provide a balanced view, highlighting real-world applications, ethical considerations, and future trends in AI for cybersecurity.

10:00 (BST)

Zero Trust in Action

  • Demonstration of policies and controls to strengthen your security
  • Highlighting the ease of implementing and managing security policies to enhance overall security posture
  • Explaining how organisations can prevent ransomware, zero-day exploits, and unauthorized applications from compromising their systems and data

10:15 (BST)

All-source threat intelligence

It is of vital importance that you build, support and sustain a culture of building your own in-house solutions instead of always having to rely on third parties.

Same relates to your CTI programme.

The presentation will take you through the process of building a cyber threat intelligence programme from scratch in the company based on cloud infrastructure.

It will also address the importance of having the in-built ability to identify sources of collection, extract valuable data and convert it to actionable insights.

By combining manual and in-house built automated techniques you can better ably identify and counter the threats surrounding your business and our customers.

10:30 (BST)

Practical Approach to Cloud Security Assessment

Zechariah Akinpelu
Chief Information Security Officer, Unity Bank Plc
view profile

Zechariah Akinpelu, Chief Information Security Officer, Unity Bank Plc

A cloud security assessment (CSA) evaluates the cloud infrastructure for vulnerabilities, configuration weaknesses and potential threats. It analyzes the configuration of cloud service provider accounts or subscriptions and reviews the possible threats from the internet and within the cloud infrastructure itself. The organization gets a breakdown of potential gaps in design and controls implementation, as well as the potential attackable surface area and its risks. So, in this session, we’ll be looking at proactive approach to Cloud Security Assessment:

* We’ll discuss the best practices for assessing the security of your cloud environment.

* We’ll cover topics such as identifying potential threats, assessing the security of your cloud infrastructure, and implementing security measures to protect your data.

* We’ll also discuss the importance of regularly monitoring your cloud environment for any changes or vulnerabilities.

By the end of the session, you’ll have a better understanding of how to assess the security of your cloud environment and ensure that your data is safe.

10:45 (BST)

Questions to the Panel of Speakers

11:00 (BST)

Refreshment Break Served in the Exhibition Area

11:25 (BST)

Welcome to Session Two

Ian Brown
Group CISO, Spectris plc
view profile

Ian Brown, Group CISO, Spectris plc

11:30 (BST)

Fixing the future with new solutions to old problems

Why are we still not achieving the basics when it comes to data security? Achieving the Principle of Least Privilege or compliance with GDPR is almost impossible without modern solutions and automation. This presentation will dive deeper into how two very similar real-world organisations approached data security and how the outcomes were very different.

11:45 (BST)

How to run an apprenticeship programme targeting non-technical backgrounds

How to bridge the cyber talent gap but also to expand to non-academic backgrounds to expand opportunities. In this presentation, we detail the how, the pros, and the cons.

  • How hiring from a non-academic background can be beneficial
  • Apprentices with no academic and non-corporate backgrounds are brilliant but need help in unexpected areas
  • Small apprenticeship programmes are just as valuable as massive ones; scale them for your organisation

12:00 (BST)

From Prevention to Recovery: Protecting Critical National Infrastructure

With a ransomware attack every 11 seconds, it’s becoming increasingly difficult to secure, defend and recover critical applications and data. In this session learn how one of the UK’s largest Critical National Infrastructure providers strengthened its ransomware and security posture and gained control with an effective data protection platform to recover applications rapidly and securely in an isolated location.

12:15 (BST)

Questions to the Panel of Speakers & Delegates move to the Seminar Rooms

12:30 (BST)

Seminar Sessions

13:15 (BST)

Networking Lunch Served in the Exhibition Area

Afternoon Session

Sourcing, implementing the tools, technologies and techniques needed to master enterprise cybersecurity

  • AI versus AI: How to Avert a Cyber Disaster
  • Improving Diversity in Cyber and Audit Teams
  • From Secure Foundations to Resilient Futures
  • Cyber and the City: Securing London’s Banks in the Computer Age
  • AI & Deception in Cyber Security
  • Leveraging Cyber Threat Intelligence to prevent eCrime

14:00 (BST)

Conference Chair’s Afternoon Address

Ian Brown
Group CISO, Spectris plc
view profile

Ian Brown, Group CISO, Spectris plc

14:05 (BST)

AI versus AI: How to Avert a Cyber Disaster

The rise in sophisticated chatbots is a very real cyber threat to organisations, and will just add to the overall complexity of maintaining the ability to be resilient against Cyber threats. Recent research found that nearly half of UK IT decision makers believe we are less than a year away from a successful cyberattack being credited to AI technology, however as an IT manager; are your defences in order, and can they come together to thwart attacks. This session will explore how fighting fire with fire – AI with AI – is the best form of defence within the context of an attack lifecycle.

Key takeaways:

  • How AI can also boost cyber protection – but be careful, not all AI is not created equally
  • Why attacks are progressive, and how they can be prevented or contained early in the chain.
  • Why prevention and detection continues to rule supreme in combatting threats
  • What should be on your cyber technology tools wish list for 2024

14:20 (BST)

Improving Diversity in Cyber and Audit Teams

Aarti Ajay
IT Audit Manager, Just Group Plc
view profile

Aarti Ajay, IT Audit Manager, Just Group Plc

  • How to identify the right resources for cyber roles
  • Addressing cyber skills gaps
  • Being open minded when recruiting
  • Common mistakes that companies are making in recruitment

 

14:35 (BST)

From Secure Foundations to Resilient Futures

Nuala Kilmartin
Digital Security Innovation Lead, InnovateUK, UKRI
view profile

Nuala Kilmartin, Digital Security Innovation Lead, InnovateUK, UKRI

Digital Security by Design is a UK government supported initiative to help catalyse the transformation of digital technology creating a more resilient and secure foundation for a safer digital future.  

The DSbD programme was set up in 2019, to unlock research and enable industry with the objective to fix the foundations of computing and realise technical developments, the size of which computing has not seen for 50 years or more. With collaboration between academia, industry and government delivering more secure semiconductor devices to pave the way for business and people to safely use and maintain trust in technology.  

 While some of the fundamental market failures have been overcome, it is still imperative that UK Government, industry, academia and international partners continue to work together to maintain and develop this ecosystem further by driving forwards adoption of this ground-breaking approach to protecting the digital world. DSbD is promoting a mindset change for cyber security, giving the freedom to learn, trade, play, automate and collaborate safely through cyber best-practices, reducing the attack surface by default, and protecting operational integrity by design. 

 

14:50 (BST)

Questions to the Panel of Speakers

15:05 (BST)

Afternoon Networking and Refreshments served in the Exhibition Area

15:30 (BST)

Welcome to Session Five

Ian Brown, Group CISO, Spectris plc

15:35 (BST)

Cyber and the City: Securing London's Banks in the Computer Age

Ashley Sweetman
Senior Manager, Cyber Stakeholder and Government Engagement, Standard Chartered Bank
view profile

Ashley Sweetman, Senior Manager, Cyber Stakeholder and Government Engagement, Standard Chartered Bank

15:50 (BST)

AI & Deception in Cyber Security

This talk will discuss the interplay between AI and deception as a powerful means for adaptation in both attack and defence from 4 different important aspects: Deception against users, Deception against AI, AI-based deception, and AI-based defence.

Based on different fully referenced academic research on technology and human behaviour – susceptibility of human traits, machines, and algorithms to deception.

It is about the manipulation of user-computer interfacing with the purpose to breach a computer system’s information security through user deception and the “other way around”.

  • Discuss 4 different important aspects: Deception against users, Deception against AI, AI-based deception, AI-based defence
  • Shows that technical defences can’t cope with the large and diverse deception surface. Provides examples of how to recognise and build reliable defences against different forms of deception
  • Discusses the user as “weakest link” vs. “strongest link” paradox in relation to the Human-as-Sensor defence concept
  • Illustrated with lots of visuals and examples that are easy to follow and to keep the audience awake even after lunch or keep the crowd in the room before the BEvERage is ready to be served

16:05 (BST)

Leveraging Cyber Threat Intelligence to prevent eCrime

This presentation will cover:

  • A few common types of eCrime and their attack vectors
  • Early signs of e-Danger
  • Setting up a Threat Intelligence program
  • Preventing eCrime and risk mitigation

16:20 (BST)

Questions to the Panel of Speakers

16:40 (BST)

Closing Remarks from the Conference Chair

Ian Brown
Group CISO, Spectris plc
view profile

Ian Brown, Group CISO, Spectris plc

16:45 (BST)

Conference Closes

Delegates depart.

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

Enterprise Security
Incognito Mode Won’t Protect Your Enterprise Security
Many enterprises have set a precedent that online browsing within IT departments or other company-based computers should be performed under incognito windows, such as those offered by Google Chrome browsers and other providers. While online search and work activity may feel secure with your identity and preferences set to a private mode, according to research...
Defence Against Ransomware: Where Businesses Should Be Standing
Not a week goes by when the business world does not see fresh attacks of newer instances of ransomware in every sector. As far as cybersecurity, it is one of the longest and most persistent hurdles to stay updated on, with newer and more sophisticated attacks many steps ahead of the required defences. Ransomware has...
Enhancing Cyber Hygiene with Business-Focused Vulnerability Management
Blog By: Cyberproof In the digital age, where cyber threats loom large and businesses navigate increasingly complex landscapes, ensuring robust cybersecurity practices is paramount. A critical component of this defense is effective vulnerability management. The blog post “How Business-Focused Vulnerability Management Can Improve Cyber Hygiene” from CyberProof delves into the importance of aligning vulnerability management...