9.10am Keynote Speaker - Neil Sinclair, London Digital Security Centre
9.25am Session one - Beyond compliance - Avoiding Fines & Achieving Security
Regulatory best practice, from GDPR and Safe Harbour to post-Brexit UK Law, how do you comply with conflicting regulation?
Moderator: Tony Morbin, SC Media UK
Speaker: Peter Brown, ICO
Speaker: Ailidh Callander, Privacy International
Speaker: Marco Cunha, Google Cloud
Speaker: Tim Hickman, White & Case
Speaker: Jeremy King, PCI DSS
10.05am Session two - What's really going on on your network?
What's really going on on your network - who and what does suspicious look like?
Prevent, detect, and remediate - minimise the impact of intruders and malicious insiders.
Moderator: Sarb Sembhi
Speaker: Tony Collings, ECA Group
Speaker: Philip James, Sheridans'
Speaker: Neil Sinclair, London Digital Security Centre
Speaker: Ed Tucker, DP Governance
10.50am Break out session A
Session 1: 4 Tips to Fight Insider Threats - Matt Lock, Varonis
Practical advice from industry experts on steps you can take to reduce your exposure to insider threats, one of the main sources of data breaches and cyber crime. Delivered by Varonis, an innovative data security platform that allows enterprises to manage, analyse and secure their data.
Session 2: Why email security is no-longer enough - David Staunton, Mimecast
The reality today is that email remains the #1 attack vector, threats are rapidly evolving, the world is moving to the cloud and regulation is strengthening. Learn why cyber resilience for email must be the backbone of your ability to defend and recover.
Session 3: How to Tackle the GDPR: A Typical Privacy & Security Roadmap - Kevin Kiley, OneTrust
As a new era of privacy regulations approaches, security and compliance professionals need to make GDPR a top priority. It is essential to build a roadmap with both privacy and security in mind. In this session, we’ll discuss the importance of privacy management within the context of your existing security and compliance ecosystem –– how it fits into the larger puzzle, why it has been precariously overlooked in the past, and how it can be seamlessly integrated as a function among the information security, information technology, risk management, audit and compliance, as well as legal areas in your organization. We’ll address the importance of demonstrating on-going compliance with privacy regulations like GDPR, and how privacy management software can support security and GRC teams.
11.20am Expo floor opens // Coffee break
12:00pm Break out session B
Session 1: How to Combat Email Attacks & Identity Fraud - Lars Postma, Agari UK
Email is the primary infiltration mechanism for the majority of cyber-attacks. To effectively combat these attacks, organisations need to understand the types of identity deception attackers typically prefer, the relative risk and cost of attacks to businesses and the likelihood of their success.
Session 2: Are You Ready for a Breach? - Jeroen Herlaar, FireEye
Breaches are inevitable, and their impact can be significant, as we are seeing on almost a daily basis. It is therefore important to be prepared for such an event. 14 years of being on the front lines of incident response has learned us valuable lessons we would like to share with organisations who wish to mature their resilience against today’s cyber threats.
Session 3: Managed Detection and Response. You know what it is… Or do you? - Joe Nelson, eSentire
• MDR - what it is and what it isn't • How MDR can assist with overcoming regulatory requirements such as GDPR • Why MDR is so effective when dealing with an ever-evolving cyber threat landscape as well as never before seen threats • Review of real-world cybersecurity attacks and how MDR stopped them in their tracks
12.30pm Masterclass - Recovering from Ransomware
Your ransomware defences failed - what now? Expert advice on remediation strategies to implement if the worst happens and you fall victim.
Speaker: Raj Samani, NoMoreRansom; McAfee
Keynote two: 1.00-1.30pm - Hacking demonstration - Is anything connected still safe?
The IoT is much more than many of us imagine, and as it continues to expand so do the routes for hackers and attackers to abuse and subvert all things connected.
In this session you’ll see how the lessons we learned hacking the humble IoT kettle can lead us to hacking much bigger aquatic ‘vessels’. Maritime industry systems are more vulnerable than you think. Learn how to make prawn espresso and much more.
Speaker: Tony Gee, Pen Test Partners
Keynote three: 1.30-2.00pm - The case for the defence - A pre-enactment of a courtroom drama coming soon after GDPR
How would you fare in the dock, defending your action in a data breach? A live role play simulation of a court case in the wake of a data-breach post-GDPR.
Judge: Gilly Crichton, TriTectus
Prosecution: Jeff Little, TriTectus
2.00pm Session three - Putting infrastructure on a war-footing
Our critical infrastructure is already under attack. From energy and transport to voting and hospitals, we are under attack by hostile governments. Should the state put us on a war footing and lead the defence? If so, what does that mean and how do we do it, and if not, what are the alternatives?
Moderator: Khaled Fattal, MLi Group
Speaker: Ian Glover, CREST
Speaker: Dr Kevin Jones, Airbus
Speaker: Pat Larkin, Ward Solutions
Speaker: Mike Loginov, IOTSA group / Ascot Barclay Group
2.40pm Break out session C
Session 1: Zero Trust Security – Never Trust, Always Verify! - Barry Scott, Centrify
As traditional network perimeters dissolve, we must discard the “trust but verify” model, which relied on a well-defined perimeter. Strengthen your security by implementing an “always verify” Zero Trust approach for users, endpoints, networks, servers and applications.
Session 2: Proactive data defence for digital transformation - Ian Greenwood, Thales
Digital transformation is business enhancing and fraught with danger. With services moving online and into the cloud, the result is a faster, more agile and open service for consumers and enterprises. However, this digital transformation is taking place in an increasingly precarious environment, more and more your corporate attack surface is being exposed.
With data breaches at an all-time high and incidents of identity theft risen by 57% in a year, consumers are questioning the security of their personal data held by organisations. The rise of cloud and the Internet of Things, has forced companies to take control of their data – regardless of where it resides and in addition, reputational damage caused by public breach is firmly on the agenda of the board.
This interactive session will consider: Key security considerations for a digital transformation strategy and why a proactive data defence strategy is crucial as well as the benefits of maximising the level of control over data irrespective of where it is created, store or shared.
Session 3: How a military concept can help build your Incident Response programme - Andrew Yeates, IBM Resilient
In the current cyber threat landscape, organisations are looking at ways to respond as effectively as possible. This session will look at the role that can be played by OODA loops, a military concept developed to improve fighter pilots' abilities to respond in combat, it stands for Observe, Orient, Decide & Act. Companies can build these concepts into their Incident Response (IR) process to aid clarity of thinking and improve their ability to respond quickly and effectively to cyber attacks.
3.10pm Expo floor opens // Coffee break
4.00pm Masterclass - Best practice incident response plans under GDPR
What should you consider and include when putting your breach response plan together? This interactive session will allow delegates to contribute and share best practice.
Speaker: Dai Davis, Percy Crow Davis & Co
4.35pm Session four - Cyber-Security 2020 - a diverse workforce for a diverse threat
How do we tap into the talent pools that we are missing? From women who turn up their nose at tech, to the traditional 'home team' of teenage boys flirting with criminality, and the security pros and MBAs who want to manage information risk while avoiding code, how does cyber-security become inclusive and understandable to everyone else?
Moderator: Tom Reeve
Speaker: Adrian Davis, (ISC)²
Speaker: Amanda Finch, IISP
Speaker: Jane Frankland, KnewStart
Speaker: Colin Lobley, Cyber Security Challenge
5.15pm Expo floor: Drinks Reception
5.40pm Passport to prizes
Collect stamps at each exhibitor to enter a free draw for exciting prizes - winners announced on the day.
6.30pm Doors close