Date and TimeTitle
Mar 8, 2021 (London)
9:00am - 9:30am
The Security Outcomes Study: a blueprint to enable growth and minimize risk

Many organizations have recently had to shift their security strategies to account for new threats, increased mobility, and rapid digitization. But how do you know exactly what works and what doesn’t in cybersecurity? Cisco has commissioned a study outlining which security best practices lead to the most impactful results. In this session we will share the key highlights affecting the UK, Europe and share how they compare to global findings.

Steve Caimi

Cyber Frameworks Specialist, Cisco

Steve helps organizations manage risk and improve security programs by advocating cyber best practices and frameworks.

Cindy Valladares

Head of Security Thought Leadership, Cisco

Cindy is an experienced marketing leader with a passion for delivering content and solutions to address the needs of cybersecurity professionals. She recently lead the creation of Cisco’s Security Outcomes Study. Please connect on LinkedIn.

Mar 8, 2021 (London)
9:30am - 10:00am
The Dangers of the Over Provisioned User and How to Identify Them

For many organisations, COVID-19 has prompted an unexpected and sudden migration to cloud and remote technologies. But the pandemic has accelerated everything both good and bad – leading to elevated risk for organisations trying to maintain business continuity amongst changing regulations and restrictions. While 80% of employees remotely working and organisations having to provision in a matter of days and weeks, organisation still need to manage and control access to their systems so as to avoid over provisioning and the dangers that this presents to companies. In this presentation SailPoint will discuss how Identity Security is the foundation to regaining control and managing the new way of working.

Mar 8, 2021 (London)
10:15am - 10:45am
Overcoming the blind-spots in Microsoft Office 365

With over 258 million users, Office 365 (O365) dominates the business application space, helping organisations form a new work-nucleus to enable remote working and collaboration that is vital to success in this ‘anywhere-work’ world.


But the cloud, and O365, carry risks. Despite its benefits, O365 cannot deliver the level of protection and availability that organisations truly need for advanced security and performance.


In this session we will share exclusive insights and actionable advice to help IT professionals like you overcome key challenges and deliver an uncompromising O365 experience.


We will cover:

  • How to secure your O365 environment against the most sophisticated of phishing attacks
  • How to protect your O365 users from cross-channel attacks that move from email to web or cloud
  • How to follow Microsoft recommended best practice without sacrificing security and deliver an uncompromising O365 user experience
  • Why analysts recommend having a third-party security solution to enhance app performance and ensure service continuity


"Decision-makers need to be aware that relying exclusively on the native capabilities in Office 365 can present challenges and business risks for their organisation." – Osterman Research


Join this session to hear real examples of the challenges organisations using O365 are facing, receive actionable advice, and discover a solution that will help you deliver enhanced security and compliance for your organisation's O365 environment.


Mar 8, 2021 (London)
10:45am - 11:15am
Faking It: Stopping Email Impersonation with AI

Today, 94% of cyber-threats still originate in the inbox. Impersonation attacks’ are on the rise, as AI is increasingly being used to automatically generate spear-phishing emails, or ‘digital fakes’, that expertly mimic the writing style of trusted contacts and colleagues. Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response.

Meanwhile, the emergence of AI-enhanced malware is making cyber-attacks exponentially more dangerous and harder to identify. In the near future, we will begin to see supercharged, AI-powered cyber-attacks leveraged at scale. In an era when thousands of documents can be encrypted in minutes, ‘immune system’ technology harnesses defensive AI to take action in seconds – stopping cyber-threats before damage is done. Find out how in this session and hear real-world examples of emerging threats that were stopped with defensive Cyber AI.

Mariana Pereira

Director of Email Security Products

Mariana Pereira is the Director of Email Security Products at Darktrace, with a primary focus on the capabilities of AI cyber defenses against email-borne attacks. Mariana works closely with the development, analyst, and marketing teams to advise technical and non-technical audiences on how best to augment cyber resilience within the email domain, and how to implement AI technology as a means of defense. She speaks regularly at international events, with a specialism in presenting on sophisticated, AI-powered email attacks. She holds an MBA from the University of Chicago, and speaks several languages including French, Italian and Portuguese.

Mar 8, 2021 (London)
11:30am - 12:00pm
Russia and the Next 10 Years in Cyber

In this talk we will address:

  • How Russian cyber is set to transform over the next decade
  • Why it may become (even more of) an unfair fight
  • How the Russian supply chain attack on SolarWinds is nothing new
  • Who is behind Russia cyber attacks today
  • Russian geopolitical objectives
  • What it means for us
Mar 8, 2021 (London)
12:00pm - 12:30pm
Keynote Presentation from Jean Carlos - 'What members of Exec really want to hear from CISO/Head of Information Security'

I usually hear CISO/Head of Information Security complaining that members of Exec don’t understand security or provide enough budget to the Information Security division, and then I ask the following question “How do you present your proposal and findings to Members Exec?”, and they usually present a 30+ page document containing all the threats against the organising, stopped attacks, latest IDS logs, number of virus identified etc, and here is where they are badly failing!

There’s a huge misconceptions of what a CISO/Head of Information Security should really be. This is not a technical role. This is a strategic position that focuses on the strategy of execution, it focus on the growth of the business while understanding the business objectives, finance, revenue and how they can incorporate cyber security into that. Join me for this session and learn how you should speak and present to your board of directors and members of executive team.

Jean Carlos

Group Head of Information Security, Nomad Foods


An experienced Information and Cyber Security leader that has operated across public and private sector organisations globally. Currently heading Nomad Foods global Cyber Security team and responsible for directing the Cyber Security strategy and technical solutions, playing a pivotal role advising members of Exec and ensuring the business achieve its goals by leveraging Cyber Security.

With extensive experience in delivering large-scale transformational projects in highly regulated and non-regulated environments. Delivered programs on a global scale such as ISO27001, NIST, CIS Controls, PCI DSS, COBIT, TOGAF, ITIL, Cyber Essentials, DSP Toolkit, SOX, and GDPR.​

Passionate about Cyber Security delivering tangible value, developing others and is also a regular guest speaker for industry events.

Mar 8, 2021 (London)
1:00pm - 1:30pm
Inside the Cybercrime Economy

Cybercrime is on the rise, costing the global economy trillions per year. With cybercrime-as-a-service and hacking tools readily available, critical data assets and company reputations are at risk. As threat campaigns evolve, understanding how your adversaries are working and what they are targeting can help you ensure a better cyber defence. Join Alex Jinivizian as he discusses how cybercrime has become an industry and shares insight into how phishing and ransomware campaigns work.

Key takeaways:

• Understand and identify your cyber risk

• How cybercrime organisations are operationalising and their preferred methods of choice

• Dive into recent incidents to explore threat scenarios that combine multiple tools and technique

Mar 8, 2021 (London)
1:30pm - 2:00pm
Ransomware – it’s not a matter of if, but when.

Ransomware today is a big concern of all organisations, costing over £15.6B per year. Especially now, with so much of our enterprise workforce remote, ransomware has increased by over 700% last year alone. Strong ransomware protection starts with data – protecting it, monitoring it, and shielding it from attacks. While the average cost of a ransomware attack is now topping £62k, with the right approach, ransomware protection, and if needed, recovery can cost less than £3.9K, and in most cases, nothing at all. Join this informative session with Veeam as we explore how, through modern protection, organisations can provide protection, and if needed, recovery from malware and never have to worry about ransoms or extended impactful downtime again.

Michael Leworthy

Director, Product Marketing

Michael Leworthy focuses on assisting customers in unleashing their potential using the data protection solutions that Veeam offers. As a director for the segment and solutions team, he helps enterprise customers transform their business through data management, driving more effective modern data protection and practices. Previously to Veeam, Michael worked for Microsoft, leading programs that included Azure Hybrid Cloud strategy and Azure management and security solutions.

Mar 8, 2021 (London)
2:00pm - 2:30pm
Keynote Presentation from Luigi Ritacca - 'The Time-Based Kill Chain Model'

Time matters, it governs our lives and we follow it with clocks and calendars. Yet when we look at Security Operations it rarely factors, this talk suggests putting time at the forefront of security. It takes a novel look at the time-based security philosophy and supplements it with the latest cyber advancements. Time can be a universal translator between risk, security and the business, as its simple concept that we all understand, and in this talk, we will break down the basic concepts of Time-Based Security and extend it out to the Cyber Kill Chain and show how measuring the time it takes for an attacker to breach your network and comparing that to the time it takes for your team to detect and respond to that threat, can drive smarter response choices and more effective tooling choices.

Mar 8, 2021 (London)
2:30pm - 3:00pm
Sandip Patel QC FCIArb, Managing Partner at Aliant, London - 'Rise in ransomware: are the criminals winning?'

Sandip Patel QC FCIArb, managing partner at Aliant, London, has been at the forefront of notable serious and organised cybercrime cases including ‘DarkMarket’, ‘the Facebook Hacker’, prosecution of members of ‘Anonymous’ for the hacking of PayPal, Visa, Sony, FBI, CIA, UK NCA, MoD etc, and ‘the boy who almost broke the Internet’.

Sandip is routinely asked to advise and assist in the creation, training, and implementation of cyber law enforcement programmes. For example, in Grenada, he devised and implemented a cybercrime training course for investigators, the A-G’s office and judges so as to give effect to new cyber legislation.

Sandip contributed to the leading textbook: Electronic Evidence, 3rd Edition, Stephen Mason

As head of Aliant’s Data Protection and Privacy Team, Sandip advises and assist organisations on data laws, privacy, protection and cyber security.

Sandip is Chairperson of the Cybercrime Practitioners’ Association.

Sandip is Chief Adviser to the OSP Cyber Academy.

Mar 8, 2021 (London)
3:30pm - 4:00pm
6 Active Directory security events that have hit the mainstream in 2020

1. Understanding the attack surface - how ML and AI can detect internal and external attacks.
2. Importance of Hybrid Active Directory and how ML helps in predicting user behavior.
3. Get to know when privileged users are under attack and re-mediate an action plan.
4. Importance of data security and the need for DLP.

Mar 8, 2021 (London)
4:00pm - 4:30pm
Achieving holistic, integrated and cloud-native security with Microsoft

Did you know that Microsoft is a giant in cybersecurity? Trusted by 90% of Fortune 100 organisations, it collects over 8 trillion security signals a day and analyses more than 4PB of data across AWS, Azure and more with its flagship SIEM solution Azure Sentinel. Discover how its leading range of holistic and cloud-native security solutions can protect your organisation against cyber threats and keep you compliant.

We’ll show you:

- Ways to manage and reduce security complexity within your infrastructure

- Integrated tools to increase security visibility and improve threat detection

- How cloud-native approaches to security ensure compliance, reduce ‘noise’ and improve efficiency

Taking a closer look at:

- Zero trust security

- Azure Sentinel

- Microsoft Defender

Mar 8, 2021 (London)
4:30pm - 5:30pm
Live Q & A – Geoff White & Annie Machon, ex MI5

Investigative journalist Geoff White has covered technology for BBC News, Channel 4 News, Audible, Forbes online & many others. Crime Dot Com, his book on cybercrime for Reaktion Books, was published on Aug. 10, 2020.

His exclusives reveal tech’s impact on our lives: the controversial police use of facial recognition; the failure of artificial intelligence therapy apps; hi-tech call centre scams that have cost victims their lives’ savings; fraud in the internet dating industry

Annie Machon & colleague David Shayler both resigned from MI5 in 1998, intending to blow the whistle on a series of alleged crimes committed by the service, such as secret MI5 files held on the very government ministers responsible for overseeing the intelligence services, illegal MI5 phone taps, lying to the government by MI5 & other very serious matters.

After being on the run for a month with Shayler, & giving evidence in a court case involving him, she is currently on the board of The Freedom Index Foundation, & also on the advisory board of the Courage Foundation.

Annie is an informed & highly articulate insider on privacy issues, and Geoff. is an accomplished writer on cybercrime & technology, so much of interest is expected to emerge!

Mar 9, 2021 (London)
9:00am - 9:30am
Detection and Response in 2021: Where to Focus for Effective Business Protection

With so many predictions, celebrity threats, and ransomware fiascos, it’s often forgotten that there are key fundamentals of Detection and Response that will help drive significant maturity in your organisation’s infosecurity programs. From knowing what assets and intellectual property you have, who may want it, and how attackers could access it, to what you’re doing as a business to prevent, detect, and respond to threats and breaches. Join Rapid7’s Chief Security Data Scientist, Bob Rudis and Head of Detection and Response for EMEA, Ellis Fincham as they discuss areas where businesses should be focusing their energy to effectively protect their employees and assets. They will also share a few war stories they’ve experienced when this focus lapses! What you will learn: • How to mitigate common cyber risks and challenges of cloud migration • Explosion of the edge and the impact of shifting to remote working • The implications of the growing number of applications to enable workforces and support customers • Recommendations on what to focus on given the pace of change as you migrate to the cloud

Mar 9, 2021 (London)
9:30am - 10:00am
Advanced Persistent Threats – What are They and Why Should I Care

Although ransomware captures most of the headlines, Advanced Persistent Threats, or APT, are the silent assassins in the hacker’s arsenal. With an objective to quietly infiltrate a target network and remain undetected for as long as possible, the impact of a successful APT is far greater than paying a ransom. This session will focus on the Who, What, Why and How of an APT and the steps organizations should be taking to protect themselves. Our two experienced presenters will share their knowledge during an engaging fireside chat.

Mar 9, 2021 (London)
10:15am - 10:45am
Top 6 MITRE ATTACK Techniques Identified in 2020, Defense Evasion Tactics Prevail

In this presentation, an experienced Recorded Future analyst outlines a high-level landscape of tactics and techniques tagged in our data sources as mapped to the MITRE ATT&CK framework over 2020. Viewers will gain familiarity with the MITRE ATT&CK framework, with particular relevance to security teams that rely on the framework to inform red and blue team exercises, penetration testing, threat hunting, and various security protocol prioritizations.

Mar 9, 2021 (London)
10:45am - 11:15am
The Mind's Lie: How Our Thoughts and Actions Can Be Hacked and Hijacked

Discover the art and science behind deception, and why you may still fall for dirty tricks even after you understand how they work. From the slight-of-hand used by magicians, to the slight-of-tongue used for social engineering, we are all wired to deceive and to be deceived. See how threat actors use these techniques against your end-users and how security awareness training can help them spot deceptions before it's too late. Join Perry Carpenter, KnowBe4's Chief Strategy Officer, as he shows you how easily we can be deceived and how that relates to our understanding of social engineering scams that come our way. During this intriguing session, Perry will share his insights and answers to these questions:

• Are we wired for deception?

• Why are some more susceptible to manipulation than others?

• How do hackers use these techniques to create scenarios to entrap your employees?

• How can you ethically leverage these techniques to bring about desired behavior change?

Perry Carpenter

Chief Evangelist & Strategy Officer

Perry Carpenter currently serves as Chief Evangelist and Strategy Officer for KnowBe4, the world's most popular security awareness and simulated phishing platform. Previously, Perry led security awareness, security culture management, and anti-phishing behaviour management research at Gartner Research, in addition to covering areas of IAM strategy, CISO Program Management mentoring, and Technology Service Provider success strategies. With a long career as a security professional and researcher, Mr. Carpenter has broad experience in North America and Europe, providing security consulting and advisory services for many of the best-known global brands. Perry holds a Master of Science in Information Assurance (MSIA) from Norwich University in Vermont and is a Certified Chief Information Security Officer (C|CISO).


Mar 9, 2021 (London)
11:30am - 12:00pm
API Security: Threats And Mitigation Strategies

APIs are the lifeblood of modern Internet-connected services and they are becoming an increasingly popular target for cyber attacks. Daniele Molteni, Firewall Product Manager at Cloudflare, will discuss the most common security threats for API traffic and what technologies can be deployed to identify vulnerabilities and defend critical infrastructure.

Mar 9, 2021 (London)
12:00pm - 12:30pm
Hi DevOps, I'm Security, I Love You!

Security and DevOps has historically been rather fraught. Why?! How can we make that relationship better and what impacts will it have? Stu discusses a raft of areas where Security can speed up DevOps.

Mar 9, 2021 (London)
1:00pm - 1:30pm
6 Risks Hiding Inside Your Cloud Estate

Public cloud providers like AWS, Azure, and GCP enable you to deliver new products and capabilities at breakneck speeds, but how do you balance speed to market against compliance mandates and risk – do you have to choose? Join Patrick Pushor, Technical Evangelist at Orca Security, for a fast-paced session as he takes you through best practices, and pitfalls to avoid in securing public cloud infrastructure.

- 6 risks hiding inside every public cloud estate

- How to get instant-on, workload-level visibility across 100% of your AWS, Azure, and GCP assets

- The power of addressing both the control plane and data plane at once

- Pros and cons of different cloud security tools: traditional agent-based tools and scanners, CWPP (cloud workload protection platforms), and CSPM (cloud security posture management)

Patrick Pushor

Technical Evangelist

Patrick is a serial startup technologist having played early and key roles in over six startups across four countries in the past 12 years including multiple cybersecurity and fintech companies. Previously, he worked as an independent consultant focused on infrastructure and integration projects in nearly every industry from national defense to agriculture. More recently, Patrick helped define the CSPM market as an early employee at Dome9 Security and is leveraging that experience at Orca Security to revolutionize how we think about and approach cloud workload protection.

Mar 9, 2021 (London)
1:30pm - 2:00pm
Risk-Based Vulnerability Management – Evolving to a Cyber Resilient Organisation

Improve security, lower costs, and become more efficient by evolving to a risk based vulnerability management approach.  This session will cover common mistakes made in cyber risk management and provide practical advice for becoming more effective. Move beyond basic resiliency with intelligence, machine learning, and effective prioritisation.  Learn how to align to the business and communicate the value of cyber risk reduction effectively.

  • Using risk-based prioritisation to improve resilience and become "anti-fragile"
  • Practical steps to achieving risk-based vulnerability management and a roadmap for achieving successful risk prioritisation
  • How to align cyber resilience goals with the business and improve management support for your security programme
Mar 9, 2021 (London)
2:00pm - 2:30pm
Live Q & A – Col. John Doody & Roland Cloutier, CISO of Tik Tok

Colonel John Doody is the Author of “From Stripes to Stars” & Director of Interlocutor Services,  a company established to promote Information Assurance & Cyber Security issues nationally & internationally Prior to this John served at CESG/GCHQ for 10 years in the role of Head of Information Assurance Customer Services.

Roland Cloutier, CISO of Tik Tok

As Global Chief Security Officer of ByteDance & TikTok, Roland Cloutier brings an unprecedented understanding and knowledge of global protection and security leadership to one of the world's largest leading media, social, and online technology companies. He oversees the company’s information protection, risk, workforce protection, crisis management, & investigative-security operations worldwide.Prior to joining TikTok in 2020, he was previously Chief Security Officer (CSO) at payroll-services firm ADP. Cloutier spent about 10 years at ADP, & before that served as CSO at data-storage vendor EMC (now owned by Dell). Also, he has over a decade of experience serving the USAF, & US Depts. of Defense, & Veterans Affairs. He is also the author of business book “Becoming a Global Chief Security Executive Officer,” published in 2015.

Many important Global Cyber issues will be covered in a wide-ranging live Q & A between Roland & Col. John Doody.

Mar 9, 2021 (London)
2:30pm - 3:00pm
Why Asset Management Matters for Cybersecurity

The line between IT and security is blurring. What was once a simple delineation between keeping information safe and providing the tools necessary to get work done is no longer clear. Seemingly overnight, a foundational understanding of what devices, users, and cloud instances exist in environments have jumped to the top of CISOs’ lists. In this new enterprise, why does asset management – once a pure IT play – matter for cybersecurity? How can both the IT and security teams benefit from cybersecurity asset management? Join this session with Nathan Burke of Axonius to learn:

– Why so many security frameworks consider asset management to be foundational

– The difference between asset management for IT and asset management for security

– Why the asset management problem hasn’t been solved yet — and what to do about it.

Mar 9, 2021 (London)
3:30pm - 4:00pm
Detecting and Responding to Threats at the Speed of Business

Bogged down by alert overload and manual processes, most security operations teams are unable to detect and respond to threats at the speed of business. This session will examine the main challenges facing security teams and what can be done to reduce response times using a combination of people, processes and tools.

Mar 9, 2021 (London)
4:00pm - 4:30pm
Do I Need a Threat Hunting Team?

Threat Hunting is a pro-active approach that doesn’t wait for alarms to go off. Today’s attackers are equipped with increasingly sophisticated methods that can breach even the most heavily protected IT infrastructure. In most cases, attackers understand the entire target supply chain and SOC tech stack before they begin. To keep your organization safe, you should consider building out the proactive parts of your security teams. Join Graylog to discuss the benefits of having a threat hunting team, including when and why you would want to put a threat hunting team in place.

Andy Grolnick

Chief Executive Officer

Grolnick has over 32 years of experience building, growing, and leading technology businesses focusing on software, security, and storage. As President, CEO, and Chairman of LogRhythm for 14 years, he led the company from its early days to become an award-winning global cybersecurity software leader acquired by Thoma Bravo in 2018. Earlier in his career, Grolnick was general manager of the Zip business at Iomega, where he played a key role in launching, building, and leading the Zip Drive division from its inception into a $1 billion entity in less than three years. He was also a founding executive and vice president of sales and marketing for open source startup OpenLogic. Grolnick currently serves on the boards of two startups, where he advises and mentors their leadership teams.

Mar 9, 2021 (London)
4:30pm - 5:30pm
Live Q & A – Col. John Doody & Robert Hannigan, ex Director, GCHQ

Colonel John Doody is the Author of new book “From Stripes to Stars” & Director of Interlocutor Services,  a company established to promote Information Assurance & Cyber Security issues nationally & internationally Prior to this John served at CESG/GCHQ for 10 years in the role of Head of Information Assurance Customer Services.

Robert Hannigan currently serves as a senior executive of Blue Voyant, a US-based cyber security services company, & as an adviser to a number of international companies. He was the Director of GCHQ & stepped down at the end of April 2017 to pursue a career in private sector cyber security & academia.

This encounter, between ex-Senior GCHQ Executives should be fascinating, as they discuss the cyber threats facing the world in 2021.