Agenda

How nation state and state-aligned cyber attacks have become the new normal, with attribution, accusations and retaliation now commonplace
How private companies should expect to be caught in the crossfire of state-sponsored cyber

How the security industry promotion of ‘Hollywood’ glamour hacks and zero days leads to CISOs and security teams feeling that nation-states simply can’t be defended against

But actually – the majority of state-sponsored activity can be defended by taking a pragmatic approach to cyber-defence

As the workforce rapidly shifts to remote work, the complexity of protecting IP and sensitive data has grown exponentially. Old models of locking down the perimeter no longer apply. Instead, a modern, people-centric approach to Insider Threat Management can complement existing information protection programs, while providing greater visibility and context into both user behaviour and data movement. In this talk, we’ll explore the unique risks of insider threats and how to combat them, including:

• The types of insider threat profiles and how to address them. For example, organizations may not know how that more than 60% of insiders are negligent.
• Why insider threats are unique, and require context into both user and data activity.
• How to reduce response time by accelerating investigations. The longer the response times, the costlier an incident can get.
• And more!  

Whatever the weather throws at you, be sure to have appropriate clothing. A look back at the cyber storms we’ve seen since the beginning of the pandemic

The “right” threat intelligence helps enterprises understand their attackers, their motives, and how best to defend against evolving attacker TTPs. Threat intelligence isn’t supposed to be one-size-fits-all.

Attackers consistently use current world events to their advantage by developing new exploits and techniques that bypass perimeter defences. We will discuss why organisations should move from a gateway-based single-pass inspection model to a layered security model that includes continuous email monitoring and detection at the inbox to effectively combat today’s phishing threats.

Learn more on how your security team can make your threat detection and response more effective by choosing the right threat intelligence solution

Zero trust is a regular topic of conversation for most CISO’s today. At its core, zero trust focuses on the principle of maintaining diligent access control for all users of network and systems resources. In itself, that sounds like nothing new, but with it comes a renewed focus to understanding and managing that access at a much finer level of detail. This is even more important when it comes to the current cloud platforms that have become so complex to manage due to the ultra-fine-grained access rights that most companies struggle to even understand who has access to what and if that access is being used or not.

In today’s world of constant breach and threat, a Zero Trust approach to secure your IT landscape makes a lot of sense. But in order to give Zero Trust any chance of success, Identity Governance has to become a critical core competency. In this session, SailPoint will show how Zero Trust and Identity Governance provide the much needed security we are all after and how we can achieve the best results with today’s technology.

With Covid-19 many IT strategies were forced to adapt within days. Having employees working from home or on their private devices, IT departments are encountering new opportunities, as well as new challenges. Keeping devices secure against theft or ransomware attacks is as important as giving the end-user the possibility to choose their own device. Quest KACE will show to you how you can easily:

• Enroll new devices
• Track, lock and wipe sensitive data
• Automate patch deployment
• Scan your system against vulnerabilities

This high-level talk will explore previous and current security risks associated with web applications before looking at the future and what challenges we need to tackle to make a better internet.

Why traditional vulnerability management has failed in keeping us secure
What it takes to deliver vulnerability management at scale and how can we keep pace with the speed of development
What is the trade-off between speed and accuracy and why is this acceptable?
We shall also cover off highlights of the Edgescan Vulnerability Stats report 2020 focusing on the most common vulnerabilities and what it means to deliver a robust cybersecurity programme for any enterprise.

At a time of heightened business risk, and in the face of an increasing tide of cybercriminals looking to cash in on the unusual circumstances, it is more important than ever to ensure you have the correct practices and security solutions in place to protect your organisation and users – no matter where they are.

In this session Richard Walters, Censornet CTO will be highlighting key industry standards, recommended architectures and controls to ensure your business can continue to operate effectively and securely with a remote working / hybrid model.

Richard will be joined by Giles Raeside, a Senior Sales Engineer at Censornet, to answer key audience questions around securing remote workers, with practical and actionable advice to help IT professionals tackle the issues and challenges they are facing

The cyber-threat landscape continues to evolve. Each year, attackers add new techniques and tactics to their arsenal, increasing their ability to evade detection and attack your systems. In this session, we will investigate evolving zero day and malware threats and discuss the best practice options for protecting your business from Endpoint to Network.

• Discover more about how zero day threats can evade traditional defenses
• Learn the tools, techniques and technologies needed to protect your entire security estate from endpoint to network
• Best practice advice to implement a multi-layered approach to protect your organisation

Did you know 99% of all threats are human-activated, and 96% of all data breaches start with people? [Source: Gartner.]

Despite this reality, most organisations rely on traditional cybersecurity tools that focus more on data and systems than on people. Whether the intent is negligent, malicious or criminal, it’s time to protect your business against data loss and brand damage. The best, most modern security solutions are designed to be people-centric.

Join Rob Bolton, Senior Director at Proofpoint Insider Threat Management, to learn about the four best practices to manage insider threats. Learn why it’s critical to blend people, process and technology to detect, investigate and respond to insider risk in today’s new [work] reality.

In this talk, you will learn:

• How distributed workforces and third-party workers access systems and data
• The unique risks of insider threats
• How to protect against data loss
• Why a people-centric approach is key to mitigating insider risk

UK Cyber Security – an Overview, and Challenges in a most Difficult Year!

As an alumnus of GCHQ, myself, I am delighted to introduce our final speaker today, Cieran Martin.

Until the end of last month, Ciaran was the first CEO of the UK National Cyber Security Centre. Having been appointed as Head of Cyber Security at GCHQ in December 2013, he recommended the establishment of a National Cyber Security Centre within the intelligence & security agency.

This was agreed by the Government & announced by then Chancellor George Osborne in November 2015. Cieran was announced as the first Chief Executive in February 2016, & it became operational in October of that year. On 14 February 2017, the NCSC's new headquarters in Victoria, London, were opened by Her Majesty the Queen.

Cieran is therefore singularly placed to understand both the cyber threats faced by the United Kingdom, and to outline some of the way’s threats can best be combated.

He is also deeply aware of trends, & future likely concerns in this highly important area of organisational & national security, and is well able to advise on the likely directions of attacks in the years ahead.

All of which is grossly magnified by the ‘Working from Home Culture’ necessitated by the current pandemic, which sadly is likely to be still with us for some time.

Over to you Ciaran….