SOCIAL


LATEST BLOGS


LATEST TWEETS

PROGRAMME

Session ONE – Defending against Risks and Vulnerabilities, Developing Resilience, Deterring Cyber-attacks

  • A review of the risk landscape and emerging vulnerabilities that pose a serious threat to business and government
  • Working in Partnership to reduce the attack surface and solve strategic security challenges
  • Understanding threat vectors and actors, trends and priorities
  • Building skills, capabilities, capacity and responsiveness

 

09:00
The Conference Chair’s Opening Remarks

Dan Raywood, ‎Contributing Editor, Infosecurity Magazine

09:20
Keynote Address: The National Cyber Security Strategy (2016-2020)

National Cyber Security Centre (invited)

The National Cyber Security Centre provides a hub of expertise for businesses and individuals to build resilience and respond to major incidents. This morning address covers the three key pillars of the latest cyber security strategy: defend, deter and develop. We also explore how the NCSC is developing relationships with new partners to protect key interests, what steps it has taken to address systemic vulnerabilities and providing leadership on key national cyber security issues.

09:40
Working in Partnership to Manage Risks

National Cyber Crime Unit (invited)

Cyber security is not just an IT issue. It presents a real and potent business risk. We look at:

  • The nature of the risks facing businesses
  • How companies are creating alliances and partnerships to deal with growing cyber risks
  • How businesses can stay ahead of the curve, and how they can outpace attackers
09:55
Cyber Security Imperatives for the Fourth Industrial Wave

Direct Line Group (invited)

Disruptive technologies like the IoT, mobile, cloud, big data and blockchain are expanding the cyber-attack surface. The Dyn attack in 2016 showed how exploiting connected devices can have a colossal impact on the internet. As our personal, professional and social lives become more interconnected – and dependent on cyberspace – we ask what emerging risks lie ahead of us and how we can prepare for them.

10:15
Combatting Cybercrime: Trends and Priorities

London Digital Security Centre (LDSC)

British businesses have reported a 22 percent increase in cybercrime in the past year, resulting in more than £1bn in losses. We consider what is being done to:

  • Develop a clearer picture of patterns and trends in cybercrime
  • Disrupt cybercriminal networks
  • Build capabilities to mitigate risks
  • Mitigate cybercrime through partnerships, aggregation and analysis of reported breaches
10:30
How to Respond to a Cyber Breach

Royal Bank of Scotland (invited)

This session will cover three considerations:

  • The basics of what would constitute a reportable breach, who do you report it to, and when do you report it by, will be considered in the context of national and international legislative requirements
  • Examples of what needs to be in place to enable a cyber breach to be reported in an accurate and timely way
  • Punitive actions, current levels of fines, versus likely future levels
10:50
Questions To The Panel Of Speakers
11:00
Morning Networking and Refreshments Served in the Exhibition Area
11:30
Cyber Insurance – Why it Matters

There are significant consequences attached to cyber breaches. These include among other things the loss of customer data, financial costs, penalties from regulators, disruption of services and reputational damage. What can be done to mitigate the fallout of any breach? Is cyber insurance worth considering?

11:45
Transport for London Case Study

Richard Bell, Interim Chief Information Security Officer, Transport for London

12:05
Questions to the Panel of Speakers and Delegates move to the Seminar Rooms
12:15
Seminar Sessions
13:00
Networking Lunch Served in the Exhibition Area

Session TWO – A New Approach to Cyber Security

Aligning cybersecurity objectives and strategy to the business imperative for growth. 

14:00
The Conference Chair Opens the Afternoon Session
14:05
Building your Security Function

Head of Information Security, Tesco (invited)

Numerous surveys have shown that executives and corporate boards are focused on emerging risks. This is not surprising given the sophistication and frequency of cyber-attacks. But, as ISACA’s ‘State of Cybersecurity’ report for 2016 shows, while four out of five cybersecurity and InfoSec professionals say their boards are concerned, only one in seven CISOs report to the CEO.

We look at the role of senior board management in developing a cogent corporate cyber security strategy.

  • How should senior management assess cyber risks and develop an appropriate strategy and controls?
  • What specific responsibilities should be given to Chief Risk Officers, Chief Information Security executives?
  • How can security professionals better communicate with business leaders, and align cyber security strategies with enterprise objectives?
14:20
The Human Factor in Security

National Health Service (invited)

User behaviour remains a critical security pitfall for many organisations. Targeted spear-phishing attacks which use social engineering techniques to maximise the chance of success have been correlated with data loss, stolen user credentials and breaches. What should your organisation be doing to mitigate the risks associated with users?

14.35
Case Study - Banking

Boris Taratine, Chief Cybersecurity Architect, Lloyds Banking Group

14.50
Case Study - Insurance
15:05
Questions to the Panel of Speakers
15:15
Afternoon Networking and Refreshments served in the Exhibition Area
15.45
Cyber-Threat, Risk and Harm

Detective Chief Inspector Vanessa Smith, Yorkshire and Humber Regional Cyber Crime Unit

DCI Smith’s presentation will provide insights into:

  • An awareness of cyber crime
  • An overview of the types of cybercrimes committed
  • Profile types of those who commit cyber crime
  • Recommendations of how to protect yourself from becoming a victim of cybercrime
  • Cyber-attacks on businesses and the impact caused
  • Traditional crime versus cybercrime
  • Cost of cybercrime
15:40
Cyber Security in the HE Sector

Steve Kennett, Security Director & Senior Information Risk Owner (SIRO), Jisc

15:55
Preparing your organisation for the European General Data Protection Regulation (EU GDPR)

Information Commissioner’s Office (invited)

Organisations now hold more data than ever before. And as the number of security breaches rises, so too do the penalties. One organisation received a fine of £250,000 from the UK regulator in 2013. But, based on its 2014 turnover, that same organisation could be fined up to £198m under the new EU GDPR set to come into force in May 2018.

This session explores best practice around:

  • Reviewing vendor contracts
  • The full data lifecycle from storage to destruction
  • Embedding consent, right to be forgotten in policies and procedures
  • Establishing data breach notification procedures
  • Appointing a data protection officer
  • Training staff to avoid malpractice
  • Compliance audits to identify and remedy issues
16:10
Keynote Closing Address: Managing Security at the Speed of Business

Europol (invited)

Our closing session explores:

  • What is being done across Europe to build greater collaboration between investigators, industry, government and academia
  • How intelligence is being pooled to disrupt rogue actors
  • What can be done to keep pace with evolving threats
  • New tools and technologies to ward off breaches, manage crises
  • Steps taken to build cyber defence capability and capacity
16:25
Questions to the Panel of Speakers
16:35
Closing Remarks from the Conference Chair
16:40
Conference Close, Delegates Depart

Please note:
Whitehall Media reserve the right to change the programme without prior notice.