Programme List - Computing Cyber Security Live 2019
Menu

Programme

08.30 – 09.00

Registration
09.00 – 09.05

Opening Remarks
Stuart Sumner, Editorial Director, Computing and The Inquirer
09.05 – 09.20

Computing Research:
John Leonard, Technology Analyst, Incisive Media
09.20 – 09.50

Morning Keynote: We’re not a bank

When I came to the construction industry from a heavily regulated telecommunications and IT services company I was often confronted with the statement “We’re not a bank”, meaning we do not need the level of security of the financial industry, we’re a construction  company. This reminded me that the golden rule of cyber security is that it must be risk based, appropriate and balanced within the context of the business goals and objectives.  This presentation is about understanding the threat landscape that the construction industry exists in and looks at the cyber security challenges faced by a diverse and global construction group involved in everything from residential houses to Nuclear power stations, leading in digital construction, working in multiple countries with different cyber maturity levels, cultural requirements and language barriers. It’s about being realistic and pursuing a pragmatic approach to evolving a security posture appropriate to the risks, not trying to “boil the ocean”, and transforming the perception of cyber security from ‘blocker’ to ‘enabler’ to construction workers and civil engineers

Ian Hill, Global Director of Cyber Security, Royal BAM Group 
09.50 –10.20
Presentation:  How will YOU detect and respond to a data breach?

In the next two years, your company is likely to be the victim of a data breach. How can you be ready to respond successfully, decreasing the impact of the attack? And what have other organisations done to be as prepared as possible?  During this session we will explore Incident Response, the need for breach readiness from the boardroom down, and how this all relates to a 23 tonne truck.

Mike Spradbery, Senior Technical Leader, IBM Security UK & Ireland
10.20 – 11.00

Panel discussion: Who owns cyber-security in your organisation?
  • How to juggle sitting on the board, leading the security team and being responsible for the organisation’s security?
  • What is the scope of the SOC team’s responsibility?
  • How to create a security culture within the organisation and should staff be held accountable?

Jan Langham, Head of Security, Assurance Flutter
Mike Spradbery, Senior Technical Leader, IBM Security UK & Ireland
Graham Thomson, Chief Information Security Officer, Irwin Mitchell 
Erik Vynckier, interim CEO, Foresters Friendly Society

Workshop: You are the victim of a cyber attack, so what now? Effective management in a crisis. 

You are a member of an incident response team and you have 20 mins to decide how you are going to respond to a cyber attack. Good luck (you'll need it).

11.00 – 11.25

Morning break, networking and visit to exhibition area
11.25 – 11.45

How AI-based tools can tighten security
  • Defending against cyber-threats using AI and Machine learning, painting a picture of “normal” and detecting when things go wrong.
  • Detecting vulnerabilities in unseen parts of your network.
  • Using automation to prioritise the security team’s resources and lowering risk

Kit Kirby, Cyber Security Manager, Darktrace
11.45 – 12.05

Using automation to enhance security and keep up to date.
  • Digitally transforming the enterprise using automation without compromising security
  • Securing cloud assets and third-party services with continuous audits
  • Automating compliance

CHEF
12.05 – 12.25

Third-Party Risk Management: Overcoming Today's Most Common Security & Privacy Challenges

 

  • Review the drivers and challenges organizations face when managing third-party vendor risk
  • Identify priorities before, during and after vendor procurement
  • Takeaway a six-step approach for automating the third-party vendor risk lifecycle
  • Hear real case studies from privacy experts on how to practically tackle the third-party vendor risk

 

OneTrust
12.25 – 12.45

Incident response - how to manage security breaches?
  • Reducing detection and reaction time
  • Creating your incident response protocol
  • Damage control - containing the impact on the brand and business.

12.45 – 13.45

Lunch break, networking and visit to exhibition area
13.45 – 14.25

Ex-Hacker Keynote: malicios software developments

A look into recent major malicious software attacks for the lessons learned; looking at how recent malicious software spreads and how this might develop in the future. Holly will aim to link malicious software propagation techniques to those techniques used by penetration testers to allow security teams to focus their efforts.

Holly Grace Williams, Technical Director, Secarma
14.25 – 15.05

Panel discussion: Making security an integral part of digital transformation
  • How to go through digital transformation without compromising your security?
  • How to make sure service providers have covered all their (and your) bases?
  • How to make sure your apps and software are up to date and don’t clash?

Jonathan Freedman, Head of Technology & Security, Howard Kennedy
Luis Lancos, Senior Vice President for Technology, Elavon Financial Services
Megan Pentecost,Information Security & Data Compliance Manager, British Heart Foundation

15.05 – 15.25

Afternoon break, networking and visit to exhibition area
15.25 – 15.50

Case Study: Can employees ever become the strongest link in cybersecurity?

We often hear employees described as the ‘weakest link’ in security - but what if we listened to them instead, and tried to understand why security policies are violated or phishing links clicked? In this talk, Prof. Joinson will discuss how people’s security (mis)behaviour can be understood, how it can be changed, and why we need to rethink how cybersecurity is managed within organisations

Professor Adam Joinson, the University of Bath
15.50 – 16.30

Panel discussion: Securing the future - should the focus shift from defending to containing attacks?
  • Would perimeter defence and staff training be enough to secure your organisation?
  • Could new defence approaches and solutions - “Zero trust”, reverting to old tech – provide the required security?
  • Should attacks be accepted as business as usual? How could they be detected earlier and defended against with greater efficiency?

Richard Benham, EU Data Transfer Expert - Brexit, UK Research and Innovation
Lorenzo Grillo, Managing Director, Alvarez & Marsal
Latif Hussain, Lead IT Enterprise Architect, British Film Institute
16.30 – 17.00

Closing Keynote: Overview of Cyber Threat

More information to be anounced

Senior representative, NCSC (confirmed)
17.00 – 17.10
Closing remarks
Stuart Sumner, Editorial Director, Computing and the Inquirer
17.10

Drink reception