Agenda

Date and TimeTitle
Jan 26, 2021 (London)
9:00am - 9:30am
Managing Risk in the New World of Cyber Intelligence

Today Intelligence is key to fighting in Cyber Warfare. This must also be balanced with understanding the risks and how they are evolving. In this presentation we look at the changing landscape and where the major changes are evolving from. We also attempt to understand the cyber criminal organisations and their motivations and drivers. Then finally looking at the evolution of solutions and their ability to communicate and share this intelligence.

Jan 26, 2021 (London)
9:30am - 10:00am
Securing an Unpredictable Landscape

While the world has been adjusting to the ever-shifting new-normal, IT teams and security professionals have been diligently working in the background to make remote working a possibility for millions across the globe.

Jan 26, 2021 (London)
10:15am - 10:45am
Securely Connect Remote Users with Clientless Zero Trust Corporate Access

The Covid-19 pandemic has driven enterprise adoption of mass remote working for their global workforces, from 30% before the pandemic to 81% today. Seventy-four percent plan to enable large-scale remote working permanently.  However, many organisations overlooked critical aspects of security in the race to enable remote working, which significantly increased their exposure to cyber-attacks.

Join Noa Zilberman,  Product Manager and former co-founder and CPO of Odo Security, acquired by Check Point and Eytan Segal, Head of Product Management, SASE and learn how Check Point's acquisition of Odo Security, a clientless SASE technology, will provide your employees, partners, DevOps and admins with secure remote connectivity anytime, anywhere to any resource.

Join this talk to learn how to:

  • Secure access for diverse roles including users, admins, DevOps and third parties
  • Eliminate network-layer risks with granular application-specific policies
  • Deploy clientless ZTNA-as-a-service within minutes from the cloud

 

Speakers:

Noa Zilberman

Product Manager and former co-founder and CPO of Odo Security, acquired by Check Point

Prior to Odo Security’s acquisition by Check Point, Noa Zilberman was co-founder and Chief Product Officer of Odo’s revolutionary cloud-based zero trust network access (ZTNA) platform. Holding a double major in Computer Science and Mathematics, Noa graduated suma cum laude from Tel Aviv University. At Check Point, she heads product management for Check Point Corporate Access, which adds the world’s best threat prevention to the innovative remote access service she has pioneered.

Eytan Segal

Head of Product Management, SASE, at Check Point

Eytan Segal leads product management for Check Point’s entire portfolio of threat prevention products, playing a key role in driving the company’s cyber security vision, strategy and business. Over the past 17 years, Eytan has led engineering and product management teams for sandboxing, NGAV, EDR, Mobile Threat Defense, email security, SaaS security, VPN, remote access and more, helping grow Check Point’s threat prevention business from seven to nine digits.

Jan 26, 2021 (London)
10:45am - 11:15am
Securing a borderless enterprise

Today’s enterprise is truly borderless. The network perimeter is dissolving with digital transformations like SD-WAN, IoT, and hybrid cloud, complicating traditional security approaches. Securing evolving IT architectures is becoming one more challenge that short-staffed security teams are facing today. What’s needed is a foundational approach that is simple yet pervasive, cost-effective yet powerful and boosts the efficiency of security operations through automation. Attending this event gives you exclusive access to security experts who will explain how to: • Unleash the full power of your security stack • Improve incident response times through extensive integrations • Extend protection to support your digital transformations

Jan 26, 2021 (London)
11:30am - 12:00pm
Managing Cyber Risk from Infrastructure to Cloud

Adoption of the cloud is rapidly accelerating, one estimate of spend on cloud in 2022 is $360bn, agility and ability for business to innovate and keep pace is the key driver of this. Businesses are at a variety of stages on their journey, from digital natives born and formed in the cloud to the majority of businesses who are at some point on the journey of moving from traditional infrastructure to cloud to support the evolution of their business and business models. Today we are going to discuss some of the many challenges and areas for consideration around managing cyber risk from traditional infrastructure and into managing this risk in the cloud. What you will learn:

• How to mitigate common cyber risks and challenges of cloud migration

• Explosion of the edge and the impact of shifting to remote working

• The implications of the growing number of applications to enable workforces and support customers

• Recommendations on what to focus on given the pace of change as you migrate to the cloud.

Jan 26, 2021 (London)
12:00pm - 12:30pm
Keynote Presentation from Sarah Armstrong-Smith - Navigating a future-proof career in cybersecurity

Does your career sometimes feel like a game of snakes & ladders? Are you wondering what your next move will be, or where it will take you?
In this session, Sarah Armstrong-Smith provides some insights on how to navigate the ups and downs, and build a career that delivers real impact and longevity.

Jan 26, 2021 (London)
1:00pm - 1:30pm
The Realities of Ransomware

Ransomware attacker tactics are constantly shifting – sometimes drastically – In this session Greg looks at the evolution of this prolific and damaging type of attack. He'll share stories from the frontline, looking at how the criminals operate, their techniques and how you can lower your risk of becoming their next victim.

Jan 26, 2021 (London)
1:30pm - 2:00pm
State of Q4 2020 DDoS threat landscape

Learn about the evolving DDoS threat landscape from Cloudflare’s vantage point, as the product team shares Q4 2020 DDoS trends and observations. Omer Yoachimik, DDoS Product Manager at Cloudflare will showcase how Cloudflare is uniquely positioned to help protect you from DDoS attacks and cyber threats, helping businesses to manage the implications of the current crisis on their infrastructure.

Jan 26, 2021 (London)
2:00pm - 2:30pm
Keynote Presentation from Richard Parlour - Cryptocrime and cybersecurity

Cryptoassets are a fast growing new asset class. In the UK over the past year cryptoasset holders have increased from 3.5% to 5.35%, or 1.5 million to 2.6 million people. With increasing popularity comes increasing threats and increasing vulnerabilities. A few recent incidents have given cryptoassets a less than perfect perception, but there is a lack of understanding of this asset class. This short presentation aims to cut through the hype: • What exactly do we mean by cryptoassets? • The new approach to regulation • Threats and vulnerabilities • Criminal use of cryptoassets • Red flags • 2021 predictions

Jan 26, 2021 (London)
2:30pm - 3:00pm
SAP Security Threat Landscape 2021

In the past few years, 64% of organizations’ ERP systems have been breached, according to a research study by IDC. Are you aware how attackers have breached and can break into unprotected customer SAP landscapes? Attend this session to gain insights into: * What attacks on your SAP systems look like * What security challenges exist in SAP environments (e.g. S/4HANA) * Moving to the cloud with confidence — how to address security in hybrid landscapes * Ways to protect your organization.

Jan 26, 2021 (London)
3:30pm - 4:00pm
The Mind's Lie: How Our Thoughts and Actions Can Be Hacked and Hijacked

Discover the art and science behind deception, and why you may still fall for dirty tricks even after you understand how they work. From the slight-of-hand used by magicians, to the slight-of-tongue used for social engineering, we are all wired to deceive and to be deceived. See how threat actors use these techniques against your end-users and how security awareness training can help them spot deceptions before it's too late. Join Perry Carpenter, KnowBe4's Chief Strategy Officer, as he shows you how easily we can be deceived and how that relates to our understanding of social engineering scams that come our way. During this intriguing session, Perry will share his insights and answers to these questions: • Are we wired for deception? • Why are some more susceptible to manipulation than others? • How do hackers use these techniques to create scenarios to entrap your employees? • How can you ethically leverage these techniques to bring about desired behavior change?

Jan 26, 2021 (London)
4:00pm - 4:30pm
6 Risks Hiding Inside Your Cloud Estate

Public cloud providers like AWS, Azure, and GCP enable you to deliver new products and capabilities at breakneck speeds, but how do you balance speed to market against compliance mandates and risk – do you have to choose? Join Patrick Pushor, Technical Evangelist at Orca Security, for a fast-paced session as he takes you through best practices, and pitfalls to avoid in securing public cloud infrastructure. 6 risks hiding inside every public cloud estate How to get instant-on, workload-level visibility across 100% of your AWS, Azure, and GCP assets The power of addressing both the control plane and data plane at once Pros and cons of different cloud security tools: traditional agent-based tools and scanners, CWPP (cloud workload protection platforms), and CSPM (cloud security posture management).

Jan 26, 2021 (London)
4:30pm - 5:30pm
Live Keynote Presentation from Mike Jones and Brett Johnson - The Problem of Privacy: What Happens When They Know Everything

The Problem of Privacy: What Happens When They Know Everything

From the NSA to Facebook, Original Internet Godfather Brett Johnson and Founding Member of Anonymous Mike Jones sit down for a unique discussion on the positive and negative aspects of living in a world where the only thing of value is information.

Jan 27, 2021 (London)
9:00am - 9:30am
Insider Threats

2020, a year in which the world is turned upside down. Digitisation is therefore essential for many organisations. Now-a-days we work a lot from home, but we just want to be able to access all the information and manage crucial infrastructure remotely. To ensure that only the right person has access to the right information, you need to have a solid Identity & Access Management solution. Do you already have such a solution? Or how can you improve your Identity & Access Management?

Jan 27, 2021 (London)
9:30am - 10:00am
Mimicking Human Intuition: The Cyber AI Analyst

For over three years, Darktrace experts investigated whether they could teach AI to think like a cybersecurity analyst. It takes subtle, nuanced skills and implicit knowledge for an analyst to detect genuinely threatening activity, and this challenge took analysing over one hundred of the world’s top threat analysts and complex machine learning algorithms. During this presentation, Darktrace’s Director of Threat Hunting, Max Heinemeyer, will outline the capabilities this world-first technology, the Cyber AI Analyst, and discuss how automated investigation and triage is helping to uplift and augment human teams across the globe. He will also demonstrate how an APT using a zero-day was caught weeks before public attribution using cyber AI analyst technology.

Jan 27, 2021 (London)
10:15am - 10:45am
Cisco Secure: Umbrella and Duo – Better Together

In this session you’ll learn how you can secure access to the internet and protect the usage of cloud apps as part of an integrated zero trust model, with experts from Cisco Umbrella and Duo.

Speakers:

Josh Green

Technical Marketing Engineer, Duo Security, Cisco

Josh has worked in the security and identity management spaces for nearly 10 years, 3+ of those as a Solutions Engineer within the Enterprise space at Duo Security (part of Cisco). His areas of expertise are in multi-factor authentication, identity management, single-sign on, and zero-trust networking. He also dabbles in iOS and python development. He can also probably fix your malfunctioning Apple devices due to a previous life as a Mac Genius. In his spare time, he enjoys skiing, flying, and travel.

Chris Frost

Technical Solutions Architect, Cisco Umbrella

Chris joined the Cisco Cloud Security group via the OpenDNS acquisition back in 2015. Over the last five years, Chris has conducted hundreds of Cloud Security assessments with customers. Highlighting current security gaps and making recommendations based on those findings.

Jan 27, 2021 (London)
10:45am - 11:15am
Influence and Behaviour change – Securing the Human Factor

When 90% of cyber-attacks start with the human user, and technical controls can never be 100%, you need your people to be the last line of defence. In this talk, ThinkCyber explore how an understanding of influence, persuasion and behavioural science theory can be applied to security awareness. You’ll hear how leading organisations are realising we can influence behaviours for good. Learn about the importance of timely cues to drive behaviours. Explore examples of how cognitive psychology, behavioural and social science can and are being used to guide user behaviour. This talk will offer real world examples and ways that all organisations can apply the theories to drive secure behaviour change.

Jan 27, 2021 (London)
11:30am - 12:00pm
Keynote Presentation from Denis Onuoha - Leading Information Security in the 4th Industrial Revolution

Leading Information Security in the 4th Industrial Revolution, now places new challenges on leaders within Information Security within all sectors. Operating in a volatile, uncertain, complex and ambiguous world now requires enterprise leadership skills which start from leading self and evolves to coaching, managing and leading others. This comes at a price however, with 88% of CISO’s experiencing moderate or tremendous stress. This stress can occur following a security incident, perception of little progress in delivery of security improvements or failure to influence culture change, amongst many other reasons. With businesses now seeking efficiencies within their operations and the reported lack of skills within the industry we now find ourselves in a position where we have to become talent catalysts in order to break the cycle, empower others whilst empowering ourselves with the skills required to lead within an environment which is constantly evolving. This presentation will showcase tools & techniques which leaders can adopt to thrive while driving a culture of continuous maturity improvement as we evolve from a back room function to one of the key functions within the core of the enterprise.

Jan 27, 2021 (London)
12:00pm - 12:30pm
To Trust, or Not to Trust the Cloud; That is Your Compliance and Risk Question

Many organziations struggle with digital transformation and cloud computing particularly when implementing a framework to meet their compliance requirements. In this session, we will discuss a framework and operational approach to support you to move your business forward delivering quality services balancing cost and risk.

Jan 27, 2021 (London)
1:00pm - 1:30pm
The Kill Chain

This talk will use our experience as penetration testers and a case study to analyse the kill chain used by malicious threat actors when targeting an organisation. Attendees of this talk will understand the process used by hackers to target, exploit and retrieve assets.

Jan 27, 2021 (London)
1:30pm - 2:00pm
5 Active Directory Security Settings Admins Miss

Everyone knows Active Directory! It is a seasoned and known IAM, not to mention that nearly every organization in the world uses it. This being said, there are also many built-in configurations and processes that “just work” without the need for any manual configurations, that many administrators are not aware they are there. Unfortunately, the attacker does and leverages misconfigurations to move laterally and gain privileges. In this webinar, 16X MVP Derek Melber will guide you through the most common settings that attackers know about, but most AD administrators don’t. You will have a full list of items to verify and fix when you are done with this webinar! In this webinar you will learn:
- How an attacker can leverage the SDProp process
- Which service account configurations attackers look for
- How a old Unix attribute can cause an immediate privilege elevation
- How a migration related attribute can allow domain admin privileges
- What details you need to verify for your trusts

Jan 27, 2021 (London)
2:00pm - 2:30pm
Keynote Presentation: Prof Elhadj Benkhalifa - Addressing the Human Factor in Cybersecurity

Despite the technological advancements to combat cybercrimes, we continue to witness more and more sophisticated cyber breaches. Investigations of many major cybercrime incidents show that most cases are down to an employee error. Indeed, the majority of cybercrimes in the workplace can be prevented if employees develop basic cyber hygiene. In this talk, Prof Benkhelifa emphasises the human factor in cybercrimes, and the importance of considering a more holistic approach to cybersecurity involving technology, processes and people. He will show how some UK cybersecurity initiatives have failed or are failing to address this challenge, and how this links to deficiencies in the actual UK national cybersecurity strategy. He will also argue for the need of an interdisciplinary approach to achieve positive behavioural changes towards cyber safety in the workplace. Finally, he will introduce you to the Cyber Champion in the Workplace Initiative, which he is currently working on in partnership with Staffordshire Police and shed some light on future directions.

Jan 27, 2021 (London)
2:30pm - 3:00pm
Social Engineering & Phishing: Attacking Your People & What You Can Do About It

It is no secret that the easiest way into an organisation is not by cracking its technology, it is by cracking its people. Social engineering can take multiple forms and be delivered multiple ways but remains to this day mostly about email and phishing. Cybercriminals commonly marry email-borne threats with web sites to steal login credentials, deliver malware, grab intellectual property, or just loiter for reasons to be determined. And the rushed move to work from home last March with the pandemic has not made the security job any easier. Join Matthew Gardiner, Principal Security Strategist in this session where he will review some of the most common attack techniques and will provide some ideas for improving defence’s against them.

Jan 27, 2021 (London)
3:30pm - 4:00pm
How to Disrupt Adversaries With Security Intelligence

One of the biggest challenges organisations face today is the inability to detect and mitigate cyberattacks at scale. Adversaries are constantly improving their techniques and evading defences, leaving security teams scratching their heads. In this talk, Nour Fateen, presales manager for UKI & META at Recorded Future, will demonstrate how access to security intelligence empowers organisations to learn about these attacks proactively and take action, before they have the chance to cause real damage.

Jan 27, 2021 (London)
4:00pm - 4:30pm
How Modern Cyber Threat Intelligence Can Enrich System Security, Risk Measure, and Cybersecurity Regulations

Threat Intelligence is normally used to enrich the process of security assessment, providing proof on the enforcement of security controls required to be secure and compliant. As threat intelligence technology evolves, they have become more instrumental to security audit, providing valuable context to the process. During this session we will explore examples based on real world data where contextual threat intelligence can be applied directly to data security requirements to prioritize the assessment process and accelerate the measure to risk. During the presentation, you will learn the following: • What Cyber Threat Intelligence (CTI) is and why is it important for cybersecurity • How to use CTI to prioritize system security gaps and enhance security posture. • How to examine your Digital Footprint in order to help predict targeted threat patterns. • Understanding of how to use CTI findings to accelerating risk assessment.

Jan 27, 2021 (London)
4:30pm - 5:30pm
Live Q&A With Frank Abagnale
Frank Abagnale Jr.  is an American security consultant known for his career as a con man, check forger and impostor from when he was 15 to 21.
 
He became one of the most notorious impostors, claiming to have assumed nofewer than 8 identities, including an airline pilot, a physician, a US Bureau of Prisons agent, & a lawyer.
He escaped from police custody twice (once from a taxiing airliner and once from a US Federal Penitentiary) before turning 22. 
 
Frank served under 5 years in prison before starting to work for the US Federal Govt. He is currently a consultant and lecturer for the FBI academy and field offices. He also runs Abagnale & Associates, a financial fraud consultancy company.
 
Frank’s story inspired the Academy Award-nominated feature film, Catch Me If You Can in 2002, starring Leonardo DiCaprio as Abagnale, and Tom Hanks as the FBI agent pursuing him, as well as a 2011 Broadway musical of the same name, both of which are based on the 1980 autobiography Catch Me If You Can.
 
Interviewing Frank today will be veteran Cyber-Security expert retired ex British Army Colonel John Doody.
 
John progressed from Trainee Technician to becoming a senior officer in UK, Signals Intelligence, overseas govts.’ advisor and latterly an officer at the World-Famous GCHQ Electronic Intelligence Agency in Cheltenham, England.
 
He then became a consultant and long-time chair of PSBE Cyber Security Conferences.