
AGENDA
Over the last 12 months cybersecurity has shot up the boardroom agenda to become one of the top priorities. The pandemic and a home based workforce has provided the opportunity for businesses to recognise the value of IT and cybersecurity teams. As we move forward to hybrid workforce, this will only continue to grow as businesses are reminded that whilst not revenue generating, cybersecurity is revenue protecting and securing function crucial for every business.
Hosted virtually across two days, the SC Annual Digital Congress 2022 will provide a platform for cybersecurity leaders to come together for a mixture of thought leadership and strategy sharing panel discussions, as well as workshop style sessions with actionable takeaways for you and your business.
SC Annual Digital Congress - 28/29 June
09:30 – 09:40 GMT
OPENING REMARKS – Chairperson’s opening comments
A welcoming introduction from the conference chairperson, providing a thematic overview of the day, as well as additional details for all attendees
Catherine Chapman, Journalist, Independent
09:45 – 10:15 GMT
PRESENTATION – The future of information security
Amid an ever-evolving threat landscape, keeping ahead of the curve remains paramount for all businesses. Against a backdrop of rising geopolitical tensions, hybrid security models and a global talent dearth, this keynote will address how you can stay prepared for the unknown.
Paul Ducklin, Principal Research Scientist, Sophos
10:20 – 10:50 GMT
PRESENTATION – Best Practices in Ransomware Response, Prevention & Negotiation
Increasingly sophisticated ecosystem attacks require a multi faceted response. Join our thought leaders and experts from CS, MC & Netskope for a discussion on how to stop threat actors in their tracks and ensure your organisation remains resilient amid an accelerating threat landscape
Quentyn Taylor, Director of Information Security, Canon Europe
10:50 – 11:20 GMT
INTERMISSION
11:20 – 12:00 GMT
CASE STUDY – The state of cyber-resilience in the UK
With the release of the annual UK government survey detailing the cost and impact of cyber breaches and attacks on businesses, charities and institutions, a number of questions arise as to the preparedness of businesses, and their ability to combat malicious attacks effectively. What sort of patterns does this survey demonstrate? Where are criminals having the most success?
Jayesh Shah, Researcher, Ipsos MORI
Sam Donaldson, Director, Perspective Economics
Steven Furnell, Professor of Cyber Security, University of Nottingham
12:05 – 12:35 GMT
PRESENTATION – Secure every step from Code to Cloud
The transformation of our businesses, the pandemic and remote working has accelerate the adoption of cloud technologies in all its forms. But each organisation has its own pace in this journey to the Cloud. Securing Cloud services requires reinventing yourself – ‘thinking differently’. Adapting the old tools and methods of traditional application security no longer works. You need solutions that are adapted to the level of maturity of this transformation. Today, security in the Cloud implies integrating it directly into the native application development cycle within the CI/CD pipeline, which is what DevSecOps is all about.
In this session we will cover:
- The evolution and maturity of Cloud adoption
- How to secure the Cloud infrastructure natively
- How to integrate these new tools into the vulnerability management cycle to have a global approach
Bernard Montel, EMEA Technical Director and Security Strategist, Tenable
12:40 – 13:10 GMT
PRESENTATION – Utilising Inherent Risk for More Efficient Vendor Management
Building an effective third party risk management (TRPM) program requires a keen understanding of which elements of your supply chain are most risk averse. Learn how you by understanding how best to prioritise your teams time on boarding key vendors, investing your teams time into performing due diligence car on the third parties that matter most and investing resources into these third parties can pay dividends in the future.
Nina Paine, Managing Director – Cyber Partnerships & Third-Party Security Risk Oversight, Standard Chartered Bank
13:15 – 14:00 GMT
ROUNDTABLE – Extending network security across the entire supply chain – SOPHOS
Most financial institutions are linked to a complex web of third party vendors, each of which must be measured and managed. What efforts are being used to manage downstream supplier cybersecurity? How can increased diligence and investment into networked security mitigate exposure risk? How can such protection be used in tackling both internal and external threats?
Paul Ducklin, Principal Research Scientist, Sophos
14:00 – 14:30 GMT
INTERMISSION
14:30 – 15:00 GMT
PRESENTATION – Tackling the widening cyber security skills gap
With the changing demands of the cyber skills market ever changing, how has the demand for professionals changed over the last few years? Where are the key barriers that exacerbating this issue? Is the issue recruitment or education? What can the industry do to tackle specific vacancy issues and attract the best potential talent?
Craig McEwan, CISO, Anglo American Cybersecurity Consultant, Sophos
15:05 – 15:50 GMT
PANEL – Decrypting the D&I dilemma – Nurturing future cyber generations
Cybersecurity has quickly become one of the most important functions for businesses globally, and as the demand for cyber professionals increases, so must the focus on diversity and inclusion. What challenges does the industry face in thid respect? How can a diverse team ensure greater securitisation and productivity? What can be done to redress the imbalance?
Alexandra Godoi, Senior Information Security Analyst, OXfam
Vidya Murthy, Chief Operating Officer, MedCrypt
Heather Francis, Digital and Technology Delivery Manager, Office of the Northamptonshire Police, Fire & Crime Commissioner
Moderator: Catherine Chapman, Journalist, Independent
15:50 – 16:00 GMT
CLOSING REMARKS – Chairperson’s closing comments
A closing address from the conference chairperson, briefing on all the outcomes from the day, and digesting tangible takeaways for the audience
Catherine Chapman, Journalist, Independent
09:30 – 09:40 GMT
OPENING REMARKS – Chairperson’s opening comments
A welcoming introduction from the conference chairperson, providing a summary of day one, a thematic overview of day two, as well as additional details for all attendees
Peter Jones MCIIS, CISO, The Cyber Badger
09:45 – 10:15 GMT
PRESENTATION – Passing the cybersecurity leadership test
With increasing cyber attacks globally, a security breach is tantamount to a breach of trust to stakeholders across your business. This session will explore how leadership playing an engaged, active and continuous role in the development of effective security measures, along with a consistent communication line between the CEO, CISO, CTO and CIO is imperative to for CEOs to ensure the trust in the business security is maintained
Agnigupta Sarkar, CISO, Biocon
10:20 – 10:50 GMT
ROUNDTABLE – How to Operationalize Threat Intelligence Affordably to Empower Your Security Teams
Threat intelligence has the power to combat malware, ransomware and all kinds of cyber threats. However for smaller teams who can’t afford expensive tools and resource they need a simplified and affordable approach to turn threat data from knowledge into meaningful actions. Attend this lively roundtable as Outpost24 and a panel of security experts discuss the practical steps you can take to quickly operationalize threat intelligence without breaking the bank. Discussions include:
- The explosive growth of cyber-attacks and how small security teams can work smarter
- The evolution of threat intelligence from fiction to practical science
- Real world use case from companies to prevent, detect and respond to the barrage of constant threats
- How to operationalize threat intel and minimize damage in the attack cycle through automation
- Best practice for keeping up with cyber threats without cutting corners or straining your resources
Vicente Martin, Head of Products, Outpost24
Trevor Crompton, VP of Threat Intelligence, Outpost24
10:50 – 11:20 GMT
INTERMISSION
11:20 – 12:00 GMT
PRESENTATION – Choosing the right security solution – what CISOs look for
Many surveys show that the average tenure of a CISO is 2 years, based on that how do and should CISO strategically plan and budget for tomorrow’s risks and threats? Should they put up with all the legacy solutions of yesteryear, how far should they rely on past solutions and what can they do to ensure that they are making good choices for the next person, or doesn’t it matter since most CISOs consult their peers? Are CISOs really in charge or is it the vendor budgets pulling the strings?
Jaspal Jandu, Deputy Group CISO, Toyota
Joe Hubback, MD – Global Academy, Istari
Sarb Sembhi, CISO, AirEye
Moderator: Mo Ahddoud, Cyber Industry Analyst
12:05 – 12:35 GMT
PANEL – The Risk Within: Protecting Against Insider Threats
What do you need to create an effective insider risk programme? How can you balance the need for a business to be flexible against the securitisation of networks? And what tools and platforms are required to maintain security?
Sergiu Sechel, Head of Cyber Security, EY
12:40 – 13:10 GMT
PRESENATION – Discover and Secure Your Unknown Internet Exposure with Continuous Attack Surface Management
Exploit public-facing applications is one of the most common attack vectors to gain initial access and launch ransomware attacks. The average enterprise runs 464 custom applications, however, the actual number is much higher due to shadow IT and making it difficult for security teams to secure the “unknown” and keep track of their evolving attack surface. With more external-facing applications than ever, traditional application scanning and pen test are imperative to identify runtime vulnerabilities. Still, there’s one problem – you’re only testing what you know, not what’s actually out there and at risk. What’s needed is a way to identify, measure and reduce the overall internet exposure – continuous attack surface management. Attend our talk to learn about the best practices for identifying and managing your external attack surface at scale.
John Stock, Product Manager, Outpost24
Stephane Konarkowski, Senior Security Consultant, Outpost24
13:15 – 14:00 GMT
PRESENTATION – The ‘New Normal’ of Email-Based Threats
Threats have changed over the years and so have the targets. It’s not just your data that is at risk in the traditional way, it’s your employees, your suppliers and your customers that are being targeted. If successful, just one accidental or intentional breach could easily tarnish your business’s reputation. In this session, we’ll cover email attacks directed at your organisation and what is needed to defend against them.
Harpreet Singh, Sales Engineer, Mimecast
14:00 – 14:30 GMT
INTERMISSION
14:30 – 15:00 GMT
PRESENTATION – Building Cybersecurity and Resilience across the UK Economy
Given the rise of state sponsored attacks and global geopolitical tensions, evaluating how the UK stacks ups as a global cyber power is paramount. What do cyber investment levels across the UK currently look like? Is its security climate sufficient to keep businesses protected? How can embedded digital awareness within organisations bolster this?
Simon Lacey, Principal Consultant, CRMG
15:00 – 15:10 GMT
CLOSING REMARKS – Chairperson’s closing comments and close of conference
A closing address from the conference chairperson, briefing on all the outcomes from the day, and digesting tangible takeaways for the audience
Peter Jones MCIIS, CISO, The Cyber Badger
In association with
Developing your capabilities & competency in cyber security


WHEN
28 - 29 June 2022
WHERE
Online via our virtual platform