SC Congress 2019 Agenda – SC Congress UK

Day 1

21 Feb 2019

08:15 - 09:00

Morning refreshments and delegate registration

09:00 - 09:05

Chairperson’s Welcome

09:05 - 09:35

Keynote: Building a more resilient digital economy

09:35 - 10:05

John Scott

How to build a security-conscious culture in your organisation

Does using fake phishing emails and the gamification of training deliver results.
Engagement tactics that will hold colleagues’ attention alongside their day job.
How to prevent heightened awareness after training from dropping off.
Exploring the key metrics for measuring the success of a Security Awareness Training Programme.

View full session details

John Scott123

10:05 - 10:45

Leveraging GDPR and global legislation to enhance your security capability

Advice for ongoing GDPR strategies.
Why GDPR & global legislation is an cyber security enabler and not a blocker.
Assessing the results of GDPR- the unintended consequences and the various approaches cyber-security teams in different companies have taken in implementing the legislation.
Navigating how the new and changing data privacy and cyber-crime laws in the US, the Far East and across Europe affect your cyber-security function.

View full session details

Rowenna Fielding123

Hayley Jaffrey123

Adrian Leung123

Tarun Samtani123

10:45 - 11:00

Morning refreshments

11:05 – 12:10 Streamed Sessions

Strategy & Business

Day 1

21 Feb 2019

11:40 - 12:10

Nina Paine

Diverse Recruitment strategies to bridge the skill and gender gap

The best ways to target certain audiences and garner the interest you are looking for.
Creating diversity through recruiting from a more diverse pool of talent: Strategists and policy makers, Apprentices & University graduates.
Programmes you can get involved in to promote females entering the cyber-security profession.

View full session details

Nina Paine123

Nina Paine

Defending Against Risk

Day 1

21 Feb 2019

11:05 - 11:35

Ben Bulpett

The taming of the Bots and defending the Industrial Internet of Things

Human or AI digital identities - are they different?
How to ensure your bots do not go “To the Dark Side”.
Meet Siri & Alexa your new work colleagues.
The latest threats and management principles for the Industrial Internet of Things.

View full session details

Ben Bulpett123

Ben Bulpett

11:40 - 12:10

Dave Horton

Vendor Risk Management – Mitigating 3rd Party risk while ensuring GDPR compliance

Explore the common concerns associated with 3rd party vendor risk management.
Identify privacy and security priorities before, during and after vendor procurement.
Learn how to mitigate 3rd party vendor risk through threat assessments.
Prioritise privacy and security “by design” to streamline and operationalise vendor risk management.
Review GDPR regulation, scope, and the new legal obligations it presents.

View full session details

Dave Horton123

Dave Horton

Leveraging Technology

Day 1

21 Feb 2019

11:05 - 11:35

Alex Teteris

Secure your business in a Cloud, Mobile World

Staying relevant to your business in a fast paced, disruptive IT environment.
Finding the right mix for your On-Prem DC & Cloud Strategy.
How to access your apps and data, irrespective of where they are.
Securely giving your users the experience they want.

View full session details

Alex Teteris123

Alex Teteris

Day 1

21 Feb 2019

12:15 - 12:45

Hacker presentation: Hacking Transport system

The business risks of IOT.
How to spot the weakness in devices and choose products carefully in order to reduce risk.
The most recent IOT horror stories and how to add IOT devices safely.
Developing a solid mitigation plan.

View full session details

12:45 - 13:45

Lunch Break

13:50 – 15:05 Streamed Sessions

Day 1

21 Feb 2019

13:50 - 14:20

Nick Jones

Case study: Framing cyber security risk to the board/senior management- cyber security in the context of business risk

Articulating cyber security risk in financial terms the board will understand.
Understanding the KPIs and dashboard information that should be presented to senior management.

View full session details

Nick Jones123

Nick Jones

14:25 - 14:55

Jane Frankland

Increasing staff retention in the face of high attrition

Challenging the traditional methods of employee interaction to facilitate the next generation of cyber security professionals.
Adapting your staff development and progression model to enable female cyber security professionals.
Offsetting the cyber skills shortage through a flexible working programme.

View full session details

Jane Frankland123

Jane Frankland

Day 1

21 Feb 2019

13:50 - 14:20

Matthew Lock

Managing access and defending against insider attacks

Learn why it is essential to identify and locate where your sensitive data is, who has access to it, and where it is over-exposed.
Know why securing your perimeter alone won’t protect you.
Understanding where your vulnerabilities lies and the steps you need to take to protect your organisation from a data breach.
Looking towards intelligent security analytics as the future solution to alert inundation in SOCs.

View full session details

Matthew Lock123

Matthew Lock

14:25-14:55

Chris Morgan

Is legacy PAM enough for the expanded Threatscape?

Understanding the behaviour & tactics of a hacker. Why a legacy PAM approach is not enough – growth of data centres to Cloud, Big Data & DevOps. How to prevent, detect and report these attacks. A pragmatic approach to adoption...

View full session details

Chris Morgan123

Chris Morgan

Day 1

21 Feb 2019

13:50 - 14:20

Ian Johns

Prioritising patching in Higher Education: A guide to developing a holistic framework for large, complex organisations

Governing principles to encourage good patching behaviour.
Exploring the implications for the operating model.
Understanding the impact on business developers (shadow IT).

View full session details

Ian Johns123

14:25 - 15:05

Panel: End-point perimeter defence versus user- behaviour analytics

Is endpoint protection no longer enough to keep up?
The benefits and drawbacks of implementing UBA.
The best UBA approaches.
In defence of end-point protection.

View full session details

Mary-Jo de Leeuw123

Mary-Jo de Leeuw

Jon Hawes123

Jon Hawes

Hans Stiles123

Hans Stiles

Day 1

21 Feb 2019

15:05 - 15:25

Afternoon break

15:30 – 16:10 Streamed Sessions

Day 1

21 Feb 2019

15:30 - 16:00

Dai Davis

Reconciling innovation with present day cyber security issues: How can the law inform spend on cyber security?

Information Commissioner view on GDPR breaches.
Understanding how many breaches will translate into fines.
The methods through which the Information Commissioner enforces the legislation.
Exploring how and why GDPR and it’s enforcement translates into logical spend on security.

View full session details

Day 1

21 Feb 2019

15:30 - 16:10

Mary-Jo de Leeuw

Nick Ioannou

Panel: Prioritising the main threats to your organisation – and what should you be doing about them?

Understanding your adversaries.
What are the tell tale signs that your organisation is under attack?
What are the main threat types, and which are the most important to defend against?
Learning from recent attacks to create a more robust defence.
Why identifying crypto mining on your network is important.

View full session details

Mary-Jo de Leeuw123

Mary-Jo de Leeuw

Nick Ioannou123

Nick Ioannou

Day 1

20 Feb 2020

16:15- 16:55

Panel discussion: ‘An attack on one of us in an attack on all’- Learning from how the banking industry shares intelligence and applying it to your own industry

Why cyber intelligence sharing should be a collective business aim regardless of sector and industry.
Learn from case studies of Cyber Defence Alliance Initiatives that are having a direct impact on proactive defence/fighting cyber crimes and/or early warning systems.
Methods of secure inter-business cyber collaboration and information sharing within legal parameters.
Overcoming the emotional and psychological obstacles to collaboration and information sharing that do not involve legal.
How to build and manage circles of trust within your industry and know what to share.

View full session details

Sharon Barber123

Sharon Barber

Mandy Haeburn-Little123

Mandy Haeburn-Little

Maria Vello123

Maria Vello

Cheri F. McGuire123

Cheri F. McGuire

Day 2

21 Feb 2019

16:55 - 17:35

Dee Deu

Jon Hawes

Paul Watts

Leaders Panel Discussion: How does the CISO add value to a business?

Adding value to the business through more closely aligned strategies.
What are the new skills needed - finding the balance between technical competence and management skills in a more risk-based role.
The challenges and opportunities associated with elevating the CISO into a business critical partner.

View full session details

Dee Deu123

Dee Deu

Jon Hawes123

Jon Hawes

Paul Watts123

Paul Watts

17:10

Close of Conference

17:35 - 17:40

Tony Morbin

Chair’s Closing Remarks

View full session details

Tony Morbin123

Tony Morbin