prepare for a breach, detect intrusion, and defend against hostile actors
- A new cold war: the geo-politics of cyber security
- What is your talent strategy? Addressing the skills gap
- Cognitive diversity: tackling algorithmic biases
- Remote working: supporting security control and user access
- AI-led deception: deep fakes
- Endpoint security: working with suppliers
- User vulnerabilities: cloud-initiated attacks
Conference Chair's Opening Address
A new cold war: mapping the digital divide between east and west
The new cold war is increasingly being fought along the cyber frontier. As the political divide between east and west intensifies, the major players within this arena are separating their intelligence and technology in a race to secure regional supremacy and global influence.
State-sponsored attacks will continue to encourage proxy conflicts between neighbouring states, cultivate dissent and misinformation in competitor nations and look to disrupt a range of key events and critical infrastructure, from national elections to electricity supply.
In our opening address, we look at the global cybersecurity landscape, how it is changing and what the UK approach to this evolving environment should be.
Understanding the cyber skills gap: what is your talent strategy?
It is clear that the government sector has not yet managed to address the gap in security technology investment and organisational needs.
It’s not that there is a lack of a talent, either in wider society or unrecognised within the sector, but rather a lack of an appropriate talent pool strategy.
The experience of IT recruitment in Government is the reoccurring dilemma of employees knowing they do not have the skills to complete a task, a lack of opportunity to upskill, and the need to get a specialist in without knowing what that specialist looks like.
We address, how best to approach talent recruitment.
Cognitive diversity: tackling algorithmic biases
As the 2020 schools’ results fiasco showed us, trust in an algorithm to provide a set of instructions in order to achieve an outcome which is fair and balanced can lead to a highly flawed, biased, and disruptive outcome.
Effectively managing and monitoring for potential bias requires a team which is diverse enough to spot the blind spots which produce unfair results. One of the ways in which to establish cognitive diversity is to have a representative mix of computer scientists developing the algorithm, the data feeding it and the security teams influencing it.
We address, how diversity of opinion and backgrounds compliments algorithmic modelling and avoids biased results.
Remote working: what added threats does it pose?
The 2020 pandemic has meant that more and more of us have had to work from home. This is particularly true for government employees, which already had a significant percentage of its workforce operating remotely.
Such growth has led to an increase in potential attack vectors as sensitive information and critical systems move outside of the traditional network setting in order to support user access from multiple locations and devices.
We address, what you can do to support security controls and user access.
AI-led deception: deep fakes
At a time when public trust in officials is in seemingly terminal decline, and all of the serious consequences that brings, hostile attackers are taking advantage of this lack of trust by deploying deep fakes in order to deceive the public and disrupt governments around the world.
Beyond domestic politics, deep fakes have the potential to undermine diplomacy and threaten national security.
- Who is using this technology and why?
- Which platforms are they deployed on?
- What safeguards are in place?
- Building tools to combat sophisticated deep fakes
- The role of blockchain in authentication
Questions to the Panel of Speakers
Refreshment Break Served in the Exhibition Area
Endpoint security: consolidating your third-party risk management
Ensuring the integrity and security of outsourced IT models for national and local government bodies is of vital importance.
The public sector handles some of the most sensitive information imaginable. From concerns of national security, email exchanges between senior ranking officials, to the private details of a citizen’s health records being held to ransom.
- Targeted breaches and data loss incidents
- Increasing reliance on suppliers
- Data management and infrastructure
- Handling and processing sensitive data
- Managing the volume and variety
User vulnerability: cloud-initiated attacks
Whilst email phishing attempts are still successful, with many victims falling foul of these types of attacks, there is another method which seeks to target users’ perceptions of what they can and cannot trust. As a result, phishing attempts are now being increasingly launched through cloud apps as users still maintain high levels of trust in them.
We address, the threat posed by workplace cloud apps and what you can do to defend against this growing concern.
Questions to the Panel of Speakers and Delegates move to the Seminar Rooms
Networking Lunch Served in the Exhibition Area
aligning technology with your needs, deploying where necessary, moving together as one
- Matching identities: aligning your digital and real identity
- Simplicity over complexity: adopting a lean technology environment
- Analytics-driven security: supporting your security team
- Vulnerability patching: securing long term solutions
- Reducing data sharing risks: best-practice approach
- Connecting with confidence: supporting greater IoT convergence
Conference Chair’s Afternoon Address
Matching identities: aligning your digital and real identity
Given the size and complexity of the public sector, the number of employees, which stands at 5.44 million, and the number of interactions between government officials and the public, authenticating and verifying identities is a challenge unique in its scale.
- Achieve automation
- Enable single sign on
- Improve operational efficiency
- Application connecters
- API based modelling
- SSO & password management
Simplicity over complexity: adopting a lean technology environment
Historically, many within government preferred what they regarded as tailor made, individualised solutions designed to address a specific security issue. this has led to a crowded environment in which newly installed technology is overwhelming existing, and limited, resources due to the vast amount of data they produce.
Government departments need to put in place the right tools to create greater linkage between lone data outputs, provide IT departments with an unhindered view of its infrastructure in a streamlined way, and better understand the risk associated individual threats.
Analytics-driven security: supporting your security team
The volume, variety and veracity of today’s threat landscape means that human supervision and intervention must be supplemented by an automated security architecture.
Currently, external threats force IT professionals to abandon more strategic tasks in order to fire fight. This leaves teams overburdened and without the resources to effectively manage.
We address how to:
- Eliminate data silos
- Centralise data
- Automate processes
- Orchestrate workflows
- Integrate & optimise security within organisational structures
Questions to the Panel of Speakers
Afternoon Networking and Refreshments served in the Exhibition Area
Vulnerability patching: securing long term solutions
Outdated operating systems and software are the most common attack vector that highly increase your organisations attack surface.
In 2019 alone, 60% of breaches happened as a consequence of unpatched vulnerabilities.
Keeping your organisation safe while using disjoined patch management software can be challenging.
We address, how a unified platform handles software updates and removes the burden of management, regardless of the number of endpoints you need to manage.
Reducing data sharing risks: best practice approach
Government is, at its heart, there to serve the needs of the public. In order to do so efficiently and effectively, it requires vast amounts of data to be shared across a wide range of departments, agencies, and bodies.
Sharing enables new insights from existing data, and lets government make full use of this core resource.
We address, how to put data to use in multiple re-use cases across different contexts in the hands of various teams and organisations in a security conscious and risk averse way.
Connecting with confidence: supporting greater IoT convergence
Across government, there is a growing number of connected devices. Sadly, the speed at which usage has expanded has not been met by an equal degree of security.
Since the start of the year, over 1 million connected devices have been shown to have been compromised globally.
As IoT diversifies from personal devices to critical infrastructure, it is vital that the UK protects its industrial control systems and operational technology.
We address, how to handle the management, deployment, and cost of IoT security.
Questions to the Panel of Speakers
Closing Remarks from the Conference Chair
Whitehall Media reserve the right to change the programme without prior notice.