GovSec

Government IT Security Conference

23 September 2020

Victoria Park Plaza, London

SOCIAL


LATEST TWEETS

Programme

Session ONE –  Creating a Cyber Secure Government and Society

  • How the UK is meeting policy objectives and securing citizens and business
  • Pan-European cooperation post Brexit
  • Are people the problem? Behavioural challenges for information governance and how to overcome them
  • The Next Generation Identity Governance Platform
  • How local government is building cyber resilience
  • Case Study – How to build Cloud security: moving from Iaas to Paas
  • The Mobility Pivot – Threat & Response in a Cloud-enabled front line workforce
09:00
Conference Chair’s Opening Address

Madeline Carr, Professor of Global Politics and Cybersecurity, UCL; Director, Research Institute for Science of Cyber Security (RISCS)

09:15
Keynote Address

Martin Sivorn, Head of Security, GDS

09:35
Pan-European cooperation post Brexit

The new partnership brought about by Brexit will need to be as integrated as it was prior to the UK’s departure; from the exchange of information on cyber incidents, attackers’ techniques, threat analysis and best practice, including when those target the correct functioning of democratic systems

We address:

  • How to build mutual trust and create a community across the industry
  • Discuss approaches to foster collaboration: The Cyber Growth Partnership (CGP) in conjunction with ENISA, Industry 100 and more
  • Partnering with the EU – how Brexit will reshape the partnership agreement landscape
09:55
Are people the problem? Behavioural challenges for information governance and how to overcome them

Jonathan Craven, Head of Information Governance / Data Protection, North West London NHS Foundation

At a time when increasing numbers of digital solutions are being offered for information governance and data protection problems, are we losing sight of the fact that the single biggest variable in compliance is the staff? However, rather than simply labelling any one variable as “the problem”.

This presentation will briefly look at what the issues are and how we may begin to address them, including:

  • What factors are influencing people to comply – or not – with information governance and data protection best practices?
  • How can we promote positive behavioural change?
  • How can technological solutions best support change?
10:15
The Next Generation Identity Governance Platform

One simple statistic tells an important story about cyber security: Almost half of data breaches originate from within an organisation—and most of those events result from a failure to govern the digital identities of employees and other users, such as contractors, partners and even software bots.  With the explosion of Data, Robotic Process, and organisations looking to transform to the cloud.  The continual rising demands of regulations and compliance, Identity is the critical fabric to ensuring a successful transformation in this digital age.

Come and listen to how The Next Generation of Identity Governance platform is helping Government agencies embrace the digital economy by managing ALL their data, apps and users both on premise and in the cloud.

10:30
How local government is building cyber resilience

Mary Umoh, Head of Information Security, London Borough of Tower Hamlets

The Information and Cybersecurity journey in the Local Authority has been painfully long, starting from being an obscure, outright invisible and isolated tick-box exercise, with no appreciable business benefits to becoming pivotal to innovation, business and service improvements. Having previously been looked upon as a blocker to progress, but now the vehicle to effective digital transformation, increased productivity, confidence in building trusts amongst partners and providing a seamless service across borders.

The journey so far:

  • Working in silos; no clear definition of what is expected
  • A more structured approach sponsored by the Central Government
  • We must collaborate if we are to survive
  • Zero Tolerance Approach
  • Digital Transformation and opportunities
  • The shift from being a blocker to becoming an enabler
  • Board level responsibility for Cyber Security
  • Genuine Risk-Based Approach
10:45
Questions to the Panel of Speakers
11:00
Refreshment Break Served in the Exhibition Area
11:30
Back To Basics: How to Avoid High Profile Cyber Attacks

Andrew Gogarty, Chief Security Evangelist, Secon Cyber

Everyone thinks they know what mistakes to avoid to prevent cyber attacks, but we’re still seeing high profile breaches every day. For example, people know how crucial email security is and yet over 90% of threats still enter organisations through an email.

In this talk, Andrew Gogarty, Chief Security Evangelist from Secon Cyber, will walk you through the basics of cyber security best practice and what methods are crucial for ensuring visibility and control of what happens in your organisation. Gogarty will highlight what bad practices are helping attacks happen, what actions organisations can take to stop them and how to reach cyber security maturity. He will use real life examples from multiple sectors to illustrate how organisations can ultilise the solutions they’ve already invested in to build a robust cyber security strategy and avoid becoming the next high profile breach.

11:45
The Mobility Pivot – Threat & Response in a Cloud-enabled front line workforce

Adam Gwinnett, Head of Strategy, Enterprise Architecture & Cyber Security, Metropolitan Police Service

The growth of mobility in workforce’s, moving access to sensitive and critical systems out of offices and to the front line, continues to dominate workforce planning and law enforcement is no different.

In response to this, we are seeing a steady increase in mobile targeting threats to exploit these platforms, both for consumers and for enterprise customers.

What are you doing to enable and protect your assets in an increasingly mobile world?

  • Law enforcement front line mobility is a key trend
  • Mobile targeted threats, trends and use cases
  • Defensive measures & deployment considerations
12:00
Questions to the Panel of Speakers and Delegates move to the Seminar Rooms
12:15
Seminar Sessions
13:00
Networking Lunch Served in the Exhibition Area

Session TWO – Boosting the Security of Your Organisation

  • Why Contracted Security Services Rarely Provide the Expected Assurance
  • A leader’s guide on how to integrate sustainability in IT
  • Creativity and Control in Biomedical Research Info Security
  • Panel discussion: how best can we foster and build upon cross-agency collaboration to better defend against new and emerging threats?
14:00
Conference Chair’s Afternoon Address
14:05
Falling Through the Cracks – Why Contracted Security Services Rarely Provide the Expected Assurance

Greg van der Gaast, Head of Information Security, University of Salford

From small individual vendors to massive MSPs, time and time again we see a failure to deliver the expected security services and we usually find out too late. Worse still, it’s often difficult to demonstrate any negligence or liability on the part of the provider. Further adding insult to injury, in many cases, businesses are then having to pay extra to get the coverage they thought they had already had.

Let’s review some spectacular contracting failures, why they happen, and what we can do to prevent them.

14:20
A LEADER’S GUIDE ON HOW TO INTEGRATE SUSTAINABILITY IN IT

Mattie Yeta, Sustainability Lead – Service Strategy, Defra

  • Global sustainable development challenges, global trends and compliance
  • How can technology save the world?
  • Opportunities to collaborate nationally and globally, on sustainable ICT
14:35
Big Data, Dark Data Privacy, Security, Integrity, and Survivability issues

Dariusz Glowinski, Senior Network Security Engineer, DWP

The main ‘Big Data’ issues of today are those of privacy, integrity, and availability. Big data is a relatively new phenomenon which has risen to prominence over the past 10-15 years. As with many things, the drivers for developing Big Data technologies outweighed a considered appreciation of the challenges that Big Data brings with it. One such challenge is the sheer volume of the data collected against the expected usability of that data, also known as Dark Data.

  • The resurgence of Homomorphic Data Encryption in co-located data warehouses
  • Attribute-Based Encryption (ABE) as a possible method for User Access Control (UAC) to specific, needs-based, Big Data elements, for security/compliance purposes
  • Big data survivability: Software Behaviour Encryption (SBE) vs Storage Dynamic Encryption (SDE) for cyber-security and cyber-resilience in the cloud
14:50
Questions to the Panel of Speakers
15:00
Afternoon Networking and Refreshments served in the Exhibition Area
15:30
Panel Discussion: how best can we foster and build upon cross-agency collaboration to better defend against new and emerging threats?

Bringing together the leading actors from the most cyber sensitive departments and agencies, we will address that most vexed of issues; increasing inter-agency collaboration and cooperation in order to best defend against new and emerging threats, both foreign and domestic.

Adam Gwinnett, Head of Strategy, Enterprise Architecture & Cyber Security, Metropolitan Police Service

Helen Williams, Operational Security Manager, Metropolitan Police Service  

Mary Umoh, Head of Information Security, London Borough of Tower Hamlets

Jonathan Craven, Head of Information Governance / Data Protection, North West London NHS Foundation 

Greg van der Gaast, Head of Information Security, University of Salford

16:15
Questions to the Panel of Speakers
16:25
Closing Remarks from the Conference Chair
16:30
Conference Closes

Please note:
Whitehall Media reserve the right to change the programme without prior notice.