Programme @

GOVSEC

Government IT Security

17 May 2022

London

Programme @ GOVSEC

Session One

defending the state, working with our allies, and ensuring the UK is safe and secure

  • Challenging the growing threat of state-backed actors
  • Designing, building and operating digital services which are cyber-secure
  • Developing cyber resilience
  • Facilitating the new normal in remote working
  • Take a risk-based approach to your online profile
  • Panel discussion and audience Q&A

09:00 (BST)

Conference Chair's Opening Address

09:05 (BST)

Challenging the growing threat of state-backed actors

Cyber-physical attacks orchestrated at the nation-state level have become the primary means by which adversaries who do not wish to engage in full scale warfare are disrupting their opponents critical national infrastructure.

The convergence of cyber and physical in line with the expansion of the IoT into our daily lives means that a response on a national scale is now needed to prevent local or regional instances of cyber-attacks becoming the starting point for major international incidents.

We address:

  • The foretelling of a cyber pearl harbour
  • The east versus west dynamic
  • Attacks on IoT devices have a domino effect
  • How to mitigate vulnerabilities

09:20 (BST)

Designing, building and operating digital services which are cyber-secure

The size, scale and complexity of the public sector makes it a uniquely vulnerable target.

As more and more services, many of them extremely valuable to millions of citizens, are delivered digitally, so too will the attack surface of the UK’s public-facing departments, agencies and authorities widen.

We address, the fallout when digital services are compromised, from the heavy cost to the taxpayer, the major disruption to the service provider and the consequences of mass public data loss.

09:35 (BST)

Developing cyber resilience

No organisation is immune to cyber-attacks or data breaches, but high-profile public sector organisations are particularly attractive to cyber criminals.

The serious nature of your operations and the sensitivity of the data you hold means that being resilient to such attacks is critical.

Join us as we map out what you need to do in order to become a more resilient, robust, flexible, and dynamic organisation.

09:50 (BST)

Facilitating the new normal in remote working

With over five million employees, government workers have been the most significant recipient of remote working in the UK.

Not only have IT leaders had to facilitate secure network access for exclusively remote workforces, but they’ve also had to increasingly rely on new tools and technologies to support mobile workers as the pandemic put a block on our ability to freely travel, communicate and collaborate.

Join us as we explore the major pain points experienced during the transition to increased remote working and whether a sustainable way forward is to be achieved.

10:05 (BST)

Take a risk-based approach to your online profile

Networks run by hostile states or organised criminals are being increasingly utilised in order to capture the private and highly sensitive data of senior government security and risk leaders.

The primary mode of attack is through the sending of seemingly innocuous connection requests dressed up as an offer for a lucrative job offer.

We address:

  • Caution when connecting with profiles you don’t know
  • One click can lead to being linked to malicious profiles
  • Impact on your organisation and colleagues
  • Threat may escalate to the level of national security

10:20 (BST)

Questions to the Panel of Speakers

10:35 (BST)

Refreshment Break Served in the Exhibition Area

11:05 (BST)

Panel discussion and audience Q&A

Historically, many within government preferred what they regarded as tailor made, individualised solutions designed to address a specific security issue. this has led to a crowded environment in which newly installed technology is overwhelming existing, and limited, resources due to the vast amount of data they produce.

Government departments need to put in place the right tools to create greater linkage between lone data outputs, provide IT departments with an unhindered view of its infrastructure in a streamlined way, and better understand the risk associated individual threats.

11:35 (BST)

Questions to the Panel of Speakers & Delegates move to the Seminar Rooms

11:50 (BST)

Seminar Sessions

12:30 (BST)

Networking Lunch Served in the Exhibition Area

Session Two

detect, deter and defend against new and emerging threats

  • Neurodiversity in action: how to address the cybersecurity skills gap
  • Improve CNI resilience: why wargames are important
  • Ethical AI as a key security asset
  • Panel discussion and audience Q&A
  • Identifying your greatest risk
  • A single sign-on for all citizens?
  • Centralised Security Visibility, Control and Remediation capabilities

13:30 (BST)

Conference Chair’s Afternoon Address

13:35 (BST)

Neurodiversity in action: how to address the cybersecurity skills gap

To even have a chance at closing the cybersecurity skills gap, we need people with a variety of different abilities and thought processes.

Addressing the skills gap and strengthening your own security team means bringing in different minds and perspectives.

We address:

  • Embracing neurodiversity
  • Build and improve your security team
  • The value of a variety of abilities and thought processes
  • Tapping into the pool of neurodivergent talent

13:50 (BST)

Improve CNI resilience: why wargames are important

The increasing degrees to which physical and cyber security are becoming more and more integrated has meant that for nation-states, regional and global alliances have taken on a renewed significance in recent years.

Wargaming, done correctly, can deliver better understanding and critical thinking, foresight, genuinely informed decision-making and innovation.

Join us as we demonstrate the value of wargames as a critical part of the UK’s national security defences.

14:05 (BST)

Ethical AI as a key security asset

Whether fact checking and detecting deepfakes, mapping international trafficking networks, or disrupting online grooming operations, the ability to analyse such activity at scale represents a power shift in favour of law enforcement agents and agencies.

We address, the cutting-edge role the ethical application of AI can play in assisting security analysts to manage vast volumes of complex data and improve decision making in the face of increasingly complex threats.

14:20 (BST)

Questions to the Panel of Speakers

14:35 (BST)

Afternoon Networking and Refreshments served in the Exhibition Area

15:05 (BST)

Panel discussion and audience Q&A

The volume, variety and veracity of today’s threat landscape means that human supervision and intervention must be supplemented by an automated security architecture.

Currently, external threats force IT professionals to abandon more strategic tasks in order to fire fight. This leaves teams overburdened and without the resources to effectively manage.

We address how to:

  • Eliminate data silos
  • Centralise data
  • Automate processes
  • Orchestrate workflows
  • Integrate & optimise security within organisational structures

15:35 (BST)

Afternoon Networking and Refreshments served in the Exhibition Area

16:05 (BST)

Identifying your greatest risk

In a world focused on external threats, from professional hackers to foreign intelligence services, what is often forgotten is the individuals and third-party organisations who already have a degree authorised many would be adversaries could only dream of.

Whether by accident or design, malicious damage carried out by such actors can have a devastating impact on operations, service delivery, reputation and budgets.

We address, how you can minimise the threat posed by internal actors, from programme and project management through to technical services, enterprise audit, analysis and permissions management.

16:20 (BST)

A single sign-on for all citizens?

The need for a more proactive, personalised, and joined-up service for end users is clear to anyone who has attempted to climb the Everest that is the government gateway.

Still, notable difficulties aside, how do we design an identity and access management solution which can provide the desired seamless experience whilst defending against the perceived weakness of single sign-on authentication and verification?

We address:

  • Why we need to unify civil service access control
  • Allowing for differentiation where necessary without compromising on experience
  • Identifying commonalities and creating linkage
  • GovPass as the answer to our disjointed ecosystem

16:35 (BST)

Centralised Security Visibility, Control and Remediation capabilities

Whilst the security measures in place for a government cloud solution are typically more advanced than a single government agency in-house solution, many public sector organisations are resistant to moving to the cloud due to concerns around security and compliance standards specific to the sector.

We address, why such resistance is misconceived, how legacy IT presents more of a security concern, the difficulties it presents when centrally monitoring, analysing, and defending, and why it is no longer acceptable to have to deal with difficult to defend IT.

16:50 (BST)

Questions to the Panel of Speakers

17:00 (BST)

Closing Remarks from the Conference Chair

17:05 (BST)

Conference Closes

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

Identity Transformation in the Public Sector
SailPoint talked to Jason Corbishley, CISO, Police Digital Service; and Kurt Frary, Deputy Director of Information Management & Technology / CTO Norfolk County Council, about what identity management means to them. Identity is at the heart of access controls. As more and more people choose to work from home, public sector organisations have had to...
Youtube, TikTok and Instagram Exposed in 223 Million Account Data Breach
In data breach news, this month saw a database of almost 235 million social media profiles exposed on the internet from such recognisable platforms as Youtube, Instagram and TikTok. The research undertaken has identified that information breached could open users up to phishing and impersonation scamming as well as unwarranted email usage. On August 1st,...
UK Charity Breaches via Ransomware
In recent data breach news, UK charities are continuing being hit hard with targeted attacks as a result of the Blackbaud ransomware attack earlier this year. In the last few weeks, Mines Advisory Group (MAG), a non-profit based in Manchester involved in clearances of landmines in war-torn countries had to inform their donors that a...