Date and TimeTitle
Mar 17, 2022
8:55am - 10:55am (London)
Morning Session 1


Chair's opening address

Colonel (Retd) John Doody FBCS FCMI CITP IISP MIOD


Security in 2022


The changing face of cyber crime: 2022 cyber threats and new methods to protect against them

The risks and costs of cybercrime to businesses

Cyber skills: The importance of education and hiring the right people

Outlooks on AI & IOT



Plan Smart: The Future is SASE

Today’s work environment has been fast-tracked along its journey to hybrid working. As this evolution has driven an increasingly digital landscape, workers are now using cloud-based applications on a daily basis, giving rise to new advanced threats. The transition of the modern workplace from a place to an activity has also made the traditional concept of a network perimeter redundant. We are now in an era where security needs to be designed around an entirely new perimeter, built on identity and context. This is where Zero Trust and ZTNA (Zero Trust Network Access) comes in, as part of the journey towards SASE.

Join Censornet’s CTO Richard Walters as he dispels the SASE one-size-fits-all myth, and instead explains how it can be adapted to serve the needs of a world where the perimeter is no longer “entombed in a box” but anywhere the enterprise needs it to be. Richard will also explore how the smart decisions you make today will optimise your future cloud and network security.



From Asset Management to Asset Intelligence: Crossing the CAASM presented by Axonius

As the sprawl of devices, device types, and solutions continues to skyrocket, environments only grow more complex. But there’s good news: asset management has evolved. Today’s “asset intelligence” moves from a spreadsheet approach to an API-driven, always up-to-date view into all assets via integrations of existing tools, data correlation at scale, and querying capabilities to find and respond to gaps. Join this session to learn how asset intelligence and the emerging Cyber Asset Attack Surface Management (CAASM) category improves security hygiene, reduces manual work, and remediates gaps.



Keynote Presentation: Sarah Armstrong Smith, 'Manipulating the masses in the Metaverse'

Sarah Armstrong-Smith


No sooner had we got used to the integration of IT, IoT and OT, along came the Metaverse, blurring the lines between the physical and digital worlds.


In this session, Sarah Armstrong-Smith will discuss the opportunities and risks of living and working in mixed reality, where potentially nothing is as it seems!




Fast and Furious Attacks: Using AI to Surgically Respond

Fast-moving cyber-attacks can strike at any time, and security teams are often unable to react quickly enough. Join Oakley Cox, Director of Analysis, to learn how Autonomous Response takes targeted action to stop in-progress attacks, without disrupting your business. Includes real-world threat finds, case studies and attack scenarios.  



Ransomware the Real Threat

Within the world of Ransomware as a service and the increase of these attacks we look into the goals and targets of these criminal organisations. This in turn while understanding the true perception of this threat within business is key to understanding the real risk of these attacks and their targets.



Keynote Presentation: Keren the Friendly Hacker - 'The Future of Cyber Security from A Friendly Hacker’s Perspective'

Keren Elazari – The Friendly Hacker


This talk will explore how our Digital universe has expanded and changed in the last 2 years, the emerging technology trends and the security challenges that come with them -   all from a hacker’s point of view. We’ll discuss how friendly hackers are stepping up, and how we can harness their help, and what we can learn from hackers about building our digital immune system



Security in an API-oriented world

In today's app-driven world, APIs are the cornerstone for growth and innovation. APIs power modern mobile, SaaS, web applications and drive IoT connectivity between connected devices. It is, therefore, no surprise that APIs are an increasingly popular target for cyber attacks.


This session will cover:


  • How APIs drive today’s businesses


  • Key API security trends and risks


  • Securing APIs with Cloudflare API Shield
Mar 17, 2022
11:25am - 11:55am (London)
Morning Session 2


Supply Chain Cybersecurity: Reduce Your Risk

Why supply chain attacks affect every business and protecting against them is everyone’s business - not just security. Best practice guide on how to minimise the software supply chain risk, without business impact.



Enhanced Threat Visibility - How to See More, But Respond with Lean resources

Threat visibility involves what seems like contradictory aims. On one hand, security teams need visibility into an ever expanding attack surface populated by new and evolving threats. That generally means more alarms. The second requirement for threat visibility is the ability to rank and filter alarms by importance. In that way, security teams need to know more but respond less – an inversion of the current situation.


We will analyse how any security team can affordably expand threat visibility while limiting false alarms to see cyberattacks earlier and more clearly.


In this session you’ll learn:

  • Real world survey results from CIO’s utilising small security teams
  • How traditional point solutions add complexity and cost
  • Ransomware is not a malware problem, it’s a visibility issue
Mar 17, 2022
12:00pm - 1:00pm (London)
Seminar 1 - Lower your cyber risk, without blowing your budget

Lower your cyber risk, without blowing your budget

 Understanding your risk

  • Getting the most value from your tooling
  • Do the right things, at the right time, to lower your risk
Mar 17, 2022
12:00pm - 12:30pm (London)
Seminar 2 - Security Through Maturity: Guidelines for a comprehensive cloud infrastructure security strategy

Security Through Maturity: Guidelines for a comprehensive cloud infrastructure security strategy

When securing your AWS, Azure or GCP environment, the stakes are high! With so many different variables to consider when designing and implementing a security strategy, you may find it difficult to organize or get started. You need a clear framework for setting priorities and building a plan of action.


Outlining best practices and compliance standards is a good place to start. But these alone don’t enable you to actually assess the maturity of your current cloud security practices and build a roadmap for continuous improvement.


We created a lightweight and easy to understand framework that defines the key guidelines for a comprehensive cloud security strategy. It serves as a guide for prioritizing and implementing security controls and procedures in a way that will make stakeholders open to collaborating with you.


In this session you will learn to:

  • Design a cloud security strategy for your enterprise with clear and practical milestones
  • Gain a clear picture of where your organization currently stands on its path to a secure cloud environment
  • Create a common language between various stakeholders in your organization
  • Leverage automated solutions to improve your security
Mar 17, 2022
12:00pm - 12:30pm (London)
Seminar 3 - Zero Trust Access: Steps for Securing the Enterprise

Zero Trust Access: Steps for Securing the Enterprise

Enforcing Zero Trust is not as simple as deploying a single technology as the silver bullet for all our cyber security woes. Instead, Zero Trust is a “mindset” that is a critical aspect of every step you take on the path to making your organization as secure as it can be in today's hybrid world. In this session, we will cover the essential steps to implementing Zero Trust from an identity perspective, in order to increase security while at the same time enabling the business.

Mar 17, 2022
1:30pm - 3:30pm (London)
Afternoon Session 1


Chairs Opening Address

Colonel (Retd) John Doody FBCS FCMI CITP IISP MIOD



The reason why ransomware is really HEATing up

When entire workforces went remote in 2020 because of the global pandemic, organizations pivoted quickly to new business models by migrating apps and services to the cloud to enable the anywhere, everywhere workforce. That’s resulted in business users spending an average of 75% of their workday working in a browser. These same digital enhancements, however, also ushered in widespread transformation that expanded attack surfaces and created new opportunities for cyber miscreants, giving rise to Highly Evasive Adaptive Threats (HEAT), which are used as beachheads for initiating ransomware, data theft, and account takeovers.

During this insightful session, Menlo Security Senior Director of Cybersecurity Strategy, Mark Guntrip, discusses why HEAT attacks are the next-class of browser-based attacks taking advantage of today’s remote and hybrid workforce.



Is the password dead yet? 2FA strategies and tools for a hybrid workforce

Passwords as a form of authentication are flawed. They are often forgotten, exposed in breaches and repeated across services. But despite a shift away from passwords towards more reliable forms of authentication such as biometrics and physical security keys, the password is still far from dead. So how should businesses be dealing with authentication when a hybrid COVID-19 workforce is working both in the office and from home? This session will cover:


Why passwords are flawed

Two-factor and multi-factor authentication: What is being used inside businesses?

The COVID-19 hybrid workforce and how to counter authentication risks

Choosing the best strategy for your business


Stop Chasing, Start Defending: Preventing Ransomware with Zero Trust

Join ThreatLocker Senior Solutions Engineer, Ben Jenkins, as we discuss endpoint evasion techniques that are undetectable by most EDR/MDR and antivirus solutions. Understand how businesses are enhancing their cyber resilience and significantly limiting the damage ransomware can inflict with a Zero Trust architecture





Keynote Presentation from Greg van der Gaast -

Shifting Security From Risk to Business

The focus of Information Security has historically been about risk. However, convincing businesses to invest in something so intangible with no visible business returns has made getting support for security a struggle in many organisations. But what if we made security a revenue supporting, and even generating, business activity, which just happens to bring risk assurance along for the ride?




Accelerating your secure digital transformation through SASE

As we find ourselves with an ever-expanding attack surface to protect, Check Point CISO and C-Suite Advisor for EMEA, Deryck Mitchelson, will explain why SASE should now be considered a critical enabler for digital transformation and Check Point’s vision for securing all workloads everywhere.



Ransomware: Top Threats and Best Practices

Ransomware attacks worldwide have gone up by a whopping 102% in 2021 as compared to 2020. The truth is when it comes to ransomware, no business is too big or too small. Don’t fall victim to ransomware. Gather actionable knowledge now to fortify your cyber resilience. Protecting your tenant requires strategies and tactics to reduce the frequency and severity of data loss events in addition to maintaining backup copies of your data. Unitrends and Spanning will show you how to have the best cybersecurity defences. Brought to you by Unitrends and Spanning



Cyber Security Predictions in a World of Phishing and Ransomware

Evolving threats and new tactics targeting the human element are forcing the cybersecurity market to change. Join Matt Aldridge, Principal Solutions Consultant at OpenText, to learn about upcoming trends and what's next. Get acquainted with data on phishing, ransomware and more.

Mar 17, 2022
4:00pm - 5:00pm (London)
Live ‘Fireside Chat’ Q & A – Col. John Doody &, Ciaran Martin, founding Chief Executive of the National Cyber Security Centre, part of GCHQ.


Colonel John Doody is the Author of the recent book “From Stripes to Stars,” & Director of Interlocutor Services,  a company established to promote Information Assurance & Cyber Security issues nationally & internationally.

Prior to this John served at CESG/GCHQ for 10 years in the role of Head of Information Assurance Customer Services.

Ciaran Martin is Professor of Practice in the Management of Public Organisations. Blavatnik School of Government, University of Oxford.

Prior to joining the School, Ciaran was the founding Chief Executive of the National Cyber Security Centre, part of GCHQ. He also has previously held senior positions in the Cabinet Office.

Ciaran led a fundamental shift in the UK’s approach to cyber-security in the 2nd half of the last decade. 

With both of their GCHQ connections, a memorable encounter is anticipated.