21st August 2017

Posted by Dr. Richard Ford, Chief Scientist, Forcepoint  The annual Black Hat USA conference last month was exactly what one would predict from a mashup of the world’s […]

Penalties proposed for flaws in laxed cyber security infrastructures

17th August 2017

In a bid to make the UK the safest place in the world for citizens and businesses alike, the Department for Digital, Culture, Media and […]



Session ONE – Defending against Risks and Vulnerabilities, Developing Resilience, Deterring Cyber-attacks

  • A review of the risk landscape and emerging vulnerabilities that pose a serious threat to business and government
  • Working in Partnership to reduce the attack surface and solve strategic security challenges
  • Understanding threat vectors and actors, trends and priorities
  • Building skills, capabilities, capacity and responsiveness


The Conference Chair’s Opening Remarks

Sarb Sembhi, Past President, ISACA London

How Leading European Banks are Improving IT Operations and Security with a New Communications Architecture

Mark Sparshott, Senior Director EMEA, Tanium

This session will discuss:
– 4 of the largest European banks have followed 10/10 largest US banks and implemented a new endpoint communications technology
– The technology provides live visibility and control over every endpoint in parallel, using a single management server instance
– During this session we will explore several transformation use cases around IT Operations and Security enabled by extreme speed at extreme scale


Keynote Address

Richard Bell, Former Interim Chief Information Security Officer, Transport for London

Using Network Intelligence to tackle evasive Insider Threats

Graham Ahearne, Director of Product Management, Corvil

81 percent of hacking-related breaches leveraged stolen and/or weak passwords (DBIR, 2017). Once an attacker gains a foothold within a network, with a compromised user account, tracking their activity such as lateral movement becomes challenging and the damage they can cause is severe. For security teams, network traffic tends to be understood as one of the most valuable sources of insight, but also one of the most difficult to extract those insights from. Based on over 10 years of experience analysing network traffic for the top 20 global banks, learn best practice on how to listen to your network to accelerate the time it takes to investigate and respond to such evasive attacks.

Enterprise Cyber Security Reference Architecture: How to Develop One and How to Use it for Your Benefit

Boris Taratine, Chief Cybersecurity Architect, Lloyds Banking Group

Fast evolving cyber threats are challenging cyber capabilities and agility to respond. The awareness of cyber has become unprecedented and must be a factor in future development. Holistic active collaborative approaches are required to build cyber resilient businesses. The benefits of a collaborative approach are many, and include the provision of a single joined-up view of the organisation’s target Cyber Capabilities aligning business and technology stakeholders; to drive best practice, synergies and operational efficiency across the organisation; to offer a holistic businesses planning  and maximise investment spend; to define a consistent framework to shape the change of cyber investment portfolio to meet defined risk profile and build cyber resilient businesses. 


What does a healthy Insider Threat Programme look like?

Mike Smart, Director for Products and Solutions, Forcepoint EMEA

Insider threat remains a topical and emotive point of discussion, and not just among technology and security professionals but across society in general. 
This session aims to share best practices and experiences gained from real world insider threat deployments and incidents.
This presentation will include:

  • Insider threat programme best practices
  • What constitutes acceptable monitoring of employees’ interaction with employer networks, systems & datalevels
Integrated Emergency Management – One of the tools for Cyber Resilience

Adam Bland, Head of Emergency Preparedness, Resilience and Response, NHS England (Yorkshire and Humber)

Integrated emergency management (IEM) is a doctrine which supports the effective planning and response to emergencies. It is a partnership model underpinned by 5 key principles (risk assessment, prevention, preparation, response, recovery).

It takes the approach of considering the consequence and not the cause which is intended to allow for a more adaptive and flexible response. With this in mind, Adam’s presentation will consider how parts of the NHS is looking at IEM as a tool for building capability in responding to cyber incidents whilst recognising the reliance on ICT in mobilising any emergency response.


User Behaviour Analytics in the Wild: A Case Study

Gabe Barrett, Information Security Consultant

Gabe will walk through the thought process behind utilising user behaviour analytics (UBA), the benefits to an organisation and why visibility over data and user behaviour is paramount. In addition Gabe will discuss what it’s like to deploy and outline key recommendations and considerations for future uses including bolstering compliance.

Questions To The Panel Of Speakers
Morning Networking and Refreshments Served in the Exhibition Area
Five Tips to Build an Effective Security Education Strategy

Richard Wright , Senior Officer – Security Education, National Crime Agency

This session will explore how organisations can deliver security education training.

Case Study
Seminar Sessions
Networking Lunch Served in the Exhibition Area

Session TWO – A New Approach to Cyber Security

Aligning cybersecurity objectives and strategy to the business imperative for growth. 

The Conference Chair Opens the Afternoon Session
How is the relationship between your Records Management and Security experts?

Martin Fletcher, Assurance and Information Management Consultant, The National Archives

The development of technology in data use and storage is faster than it has ever been before. Because of this it is vital that records management and cyber security experts work closely together to ensure that information is handled responsibly and all staff understand what is required of them.

But how often is this close relationship actually the case? What can be done to help facilitate communication of good practice across the business? The National Archives’ Martin Fletcher discusses his experiences talking to organisations across the public and private sector about boosting security through improved communication.

Partly Cloudy with a Chance of Mobile

Aaron Shelmire, Senior Security Researcher, SecureWorks Counter Threat Unit 

As IT infrastructure and our relationship with computing devices evolves, so does our threat profile. This session explores emerging areas where intrusions are occurring, exploring specific threats that SecureWorks Counter Threat Researchers have identified, as well as those areas where activity is declining. We will cover observed activity in:

  • Mobile platforms
  • Cloud Infrastructure
  • Traditional enterprise system exploitation.
Training your Employees to Be a Last Line of Defence Against Cyber-Attacks

John Hield, Information Security and Compliance Manager, Veolia

John’s role is to ensure that the 5,500 end users in the UK and Ireland that work for Veolia are able to work (cyber) safely and compliantly. After running five different phishing email tests on his employees earlier this year, John was worried to find that over 700 people fell victim to the tests. For this reason, he turned away from traditional methods of cyber security and awareness training, like in-person sessions, videos and blogs, embracing instead an interactive, gamified approach from Wombat Security Technologies.

Since the interactive training modules were launched within the company on June 12th of this year, as of the end of July, over half had completed compulsory modules, including all of the board. A further 2,000 end users completed voluntary training, with modules on mobile device security and the GDPR being the most popular modules to be voluntarily completed.

In this speaking session, John will explain why he thinks that interactive, gamified cyber security awareness has been so popular with Veolia’s end users, as well as the further benefits of such technology, such as rapid ROI and advanced auditing capabilities, which will be vital for the upcoming GDPR and its relevant legislation.

Cybersecurity Protection Solution ' PARANOID'

Ben Wheeler, Country Manager, NYOTRON

This session will outline NYOTRONS cybersecurity protection solution called PARANOID

Questions to the Panel of Speakers
Afternoon Networking and Refreshments served in the Exhibition Area
Managing Information Risk and Assurance in a Global Organisation – the British Council experience Two Years On

Ian Goodwin, Director of Information Governance and Risk Management, Global Information Services, British Council

Margaret Wookey, Head of Information Risk, Global Information Services, British Council

This presentation will explore the experience of the British Council in implementing better information governance across a global organisation 2 years on from a previous presentation at this conference. Areas covered include GDPR readiness plans, Cyber Security improvements, information risk approaches, 3 lines of defence and embedding practices into everyday work.

Case Study - London Digital Security Centre

John Unsworth, Chief Executive, London Digital Security Centre

Cyber-Threat, Risk and Harm

Detective Chief Inspector Vanessa Smith, Yorkshire and Humber Regional Cyber Crime Unit

DCI Smith’s presentation will provide insights into:DCI Smith’s presentation will provide insights into: 

  • An awareness of cyber crime
  •  An overview of the types of cybercrimes committed
  • Profile types of those who commit cyber crime
  • Recommendations of how to protect yourself from becoming a victim of cybercrime
  •  Cyber-attacks on businesses and the impact caused 
  • Traditional crime versus cybercrime
  • Cost of cybercrime
Protecting the Network at Jisc

Steve Kennett, Security Director & Senior Information Risk Owner (SIRO), Jisc

In this presentation, we explore:

– what Jisc does to protect its network
– how Jisc protects its members and customers
– how Jisc helps its members and customers protect themselves

Banking case study
Questions to the Panel of Speakers
Closing Remarks from the Conference Chair
Conference Close, Delegates Depart

Please note:
Whitehall Media reserve the right to change the programme without prior notice.