Over the last 12 months cybersecurity has shot up the boardroom agenda to become one of the top priorities. The pandemic and a home based workforce has provided the opportunity for businesses to recognise the value of IT and cybersecurity teams. As we move forward to hybrid workforce, this will only continue to grow as businesses are reminded that whilst not revenue generating, cybersecurity is revenue protecting and securing function crucial for every business.
Hosted virtually across two days, the SC Annual Digital Congress 2021 provided a platform for cybersecurity leaders to come together for a mixture of thought leadership and strategy sharing panel discussions, as well as workshop style sessions with actionable takeaways for you and your business.
In association with
Developing your capabilities & competency in cyber security
Event accredited by the CPD
4 reasons you should have been there
This SC Annual Digital Congress provided a platform for cybersecurity leaders to come together for a mixture of thought leadership and strategy sharing panel discussions, as well as workshop style sessions with actionable takeaways for you and your business.
The Congress focussed on:
Premium partners included
(ISC)² is an international, nonprofit membership association for information security leaders like you. We’re committed to helping our members learn, grow and thrive. More than 150,000 certified members strong, we empower professionals who touch every aspect of information security.
Sophos makes IT security simple. Focused on innovation in next-generation protection, Sophos solutions are simple to deploy, maintain, and manage, enabling organisations to protect and defend their networks, their information, and their people. Sophos – Cybersecurity evolved.
ExtraHop, the leader in cloud-native network detection and response, is on a mission to arm security teams to stop breaches. Our Reveal(x) 360 platform combines the power of cloud intelligence with the simplicity of SaaS to help security teams eliminate blind spots and detect threats other tools miss. Built on cloud-scale AI, Reveal(x) 360 decrypts and analyzes all network and cloud traffic in real time to expose risks, from internal threats to external attacks. Bad actors can’t hide on the network, but ExtraHop can, giving security teams a secret weapon to stop breaches84% faster.
Okta is the leading independent identity provider. The Okta Identity Cloud enables organisations to securely connect the right people to the right technologies at the right time. With more than 6,500 pre-built integrations to applications and infrastructure providers, Okta provides simple and secure access to people and organisations everywhere, giving them the confidence to reach their full potential. More than 9,400 organisations, including JetBlue, Nordstrom, Siemens, Slack, T-Mobile, Takeda, Teach for America, and Twilio, trust Okta to help protect the identities of their workforces and customers.
KnowBe4 is the world’s largest integrated platform for new-school security awareness training and simulated phishing. KnowBe4 was created to help organisations manage the ongoing problem of social engineering through a comprehensive new-school awareness training approach. Organisations leverage KnowBe4 to enable their employees to make smarter security decisions and create a human firewall as an effective last line of defence.
CTM360 is a leader in Digital Risk Protection, trusted by 150+ banks and financial institutions globally. Offered as a fully managed Digital Risk Protection Platform, CTM360 detects, manages and responds to threats and vulnerabilities across the Surface, Deep & Dark web. Subscribers of the CTM360 platform get access to external attack surface management, cyber threat intelligence, cybersecurity risk scorecards, third party vendor assessments, brand protection / anti-phishing, data leakage protection, social media monitoring, and takedowns on an unlimited basis.
Associate Partners included
Mimecast was established in 2003 with a focus on delivering relentless protection. Each day, we take on cyber disruption for our tens of thousands of customers around the globe; always putting them first and tackling their biggest security challenges together. We are the company that built an intentional and scalable design ideology that solves the number one cyberattack vector – email. We continuously invest to thoughtfully integrate brand protection, security awareness training, web security, compliance and other essential capabilities. Mimecast is here to help protect large and small organizations from malicious activity, human error and technology failure.
eSentire, Inc., founded in 2001, is the category creator and world’s largest Managed Detection and Response (MDR) company, safeguarding businesses of all sizes with the industry-defining, cloud-native Atlas platform that removes blind spots and enables 24×7 threat hunters to contain attacks and stop breaches within minutes. Its threat-driven, customer-focused culture makes the difference in eSentire’s ability to attract the best talent across cybersecurity, artificial intelligence and cloud-native skill sets. Its highly skilled teams work together toward a common goal to deliver the best customer experience and security efficacy in the industry.
Think Cyber Security deliver secure behaviour change for their customers.
The company’s multi-award winning Redflags™ Real-time Security Awareness product applies behavioural and learning science theory to deliver context-sensitive, just-in-time guidance. For example when users are about to click links, visit certain web pages, enter their username into a web page, handle attachments, etc.
Redflags™ offers the toolkit organisations need to: manage operational risk from cyber-attacks directed at staff; meet compliance goals; keep content refreshed and relevant; target specific behaviours and specific users; all whilst allowing staff to get on with their jobs, to achieve business goals.
The Speakers were
*Please Note all timings are in GMT and are subject to change.
9:25am – 9:30am
Welcome Remarks & Explanations of the Features of the Platform
Emerging Threats & Trends
9:30am – 9:55am
Stats & Facts Presentation: Insights from the Cyber Security Breaches Survey 2021 – Where are UK Businesses and Charities?
- Long term trends – have organisations become more aware and resilient over time?
- Cyber security under COVID-19 – what has changed under the pandemic and how have organisations reacted?
- Room for improvement – what broad areas do organisations need to focus on or review, to raise their game?
Jayesh Navin Shah, Researcher, Ipsos MORI
10:00am – 10:45am
Panel Discussion: Cyber Resilience – Emerging Threats and Trends: What Should Be Keeping You Up At Night?
Irfan Hemani, Deputy Director, Department for Digital, Culture, Media & Sport
Craig McEwen, CISO, Anglo American
Darren Argyle, Group CISRO, Standard Chartered Bank
Sarb Sembhi, CTO, CISO, Virtually Informed Limited
Ronnen Brunner, Vice President EMEA, ExtraHop
11:00am – 11:30am
Presentation: How Can We Stop Our Team from Being Our Own Worst Enemy?Javvad Malik, Security Awareness Advocate, KnowBe4
11:35am – 12:20pm
Ask the Experts: Building a Wall Together: The Relationship Between IT & Cyber Security
James Wilison, Founder, Unified Security Ltd
Dr. Richard Diston, Director, The Security Doctor
Prof. Paul Dorey, Visiting Professor, Royal Holloway
Screen Break & Lunch
1:30pm – 2:15pm: Live Demonstration with Ken Munro from PenTest Partners
Ken Munro, Partner, PenTest Partners
Ransomware & Malware
2:15pm – 2:45pm: Presentation – External Attack Surface Management: Protect your Presence in Cyberspace
Threat actors regularly perform reconnaissance on organizations by understanding their external attack surface. These activities leverage data-points already residing on the internet and enable most modern-day attacks. This session will explore how you may gain complete visibility and control over your organization’s digital assets. Key talking points include:
External Attack Surface Management (EASM): Introduction
Data-points commonly targeted in the External Attack Surface
Understanding the Hacker’s View
Developing a winning strategy in EASM
Arsalan Iqbal, Director, CTM360
- Waiting too long to react
- Declaring “mission accomplished” too soon
- Relying on complete visibility
- Assuming you can handle your issues on your own
- Where audits leave AD exposed
- Why SIEMs and AD Monitoring solutions are not enough to secure AD
- Why uncovering existing threats in AD is crucial
- What can be done to continuously secure AD
- How attacks can be detected in real-time
Close of day 1
Cybersecurity & Governance
9:30am – 10:15am
Panel Discussion: Building On the Positives From the Last 12 months: Success Stories & Future Strategies
For the cybersecurity industry Covid-19 was not the disaster that had been imagined. The industry was able to transition quickly and provide benefits to huge numbers of people. Now as it becomes a keystone in the future of working life what successes can we build on?
Quentyn Taylor, Director of Information Security, Canon Europe
Ian Lowe, Head of Industry Solutions – EMEA, Okta
Professor Alison Wakefield, Co-Director, Cybersecurity and Criminology Centre, University of West London
Karl Knowles, Global Head of Cyber, HFW
Skills & Diversity in Cybersecurity
10:20am – 10:55am
Presentation – Tackling the Cyber Security Skills Gap
- Changing demands – how has the demand for cyber professionals changed under the pandemic? How have skills needs evolved?
- The understanding gap – do organisations fundamentally know what they need and who they are looking for in recruitment?
- Spreading best practice – is a mix of poor awareness and suboptimal recruitment approaches holding organisations back?
- Equal standing – how do we support smaller cyber businesses as well as large ones to fill their skills needs?
Jayesh Navin Shah, Researcher, Ipsos MORI
Sam Donaldson, Director, Perspective Economics
11:00am – 11:40pm
Panel Discussion: Mind The Skills Gap: How Can you Ensure You and Your Team Have the Skills You Need?Confirmed speakers: Erika Lewis, Director of Cyber Security & Digital Identity, Department for Digital, Culture, Media & SportNina Paine, Global Head, Cyber Stakeholder & Government Engagement, ChimeSam Donaldson, Director, Perspective Economics Steven Furnell, Professor of Cyber Security, University of NottinghamDr. Sanjana Mehta, Head of Market Research and Public Policy EMEA, (ISC)2
11:45am – 12:15pm
Presentation: Cyber Breach Response: Building Your Playbook!
Phil Cracknell, CISO, Board Advisor, IP Performance
Screen break & lunch
1:40pm – 2:10pm
Ask The Experts: Containment: How Can You Prevent Further Penetration When Most Communication is Online and Digital?
Annick O’Brien, Senior Consultant, Cybsafe
Joelle H. Dvir, Attorney, McDonald Hopkins
2:15pm – 2:45pm
Changing risky habits: Research and real-world examples of driving secure behaviours
ThinkCyber unpick the science and theory behind behaviour models to help us understand why risky behaviours happen, and more importantly how to stop them. From research that questions the efficacy of teaching at the point of failure in phishing tests, to behaviour models that highlight the need for timely cues. Looking at examples of how cognitive psychology, behavioural and social science can and are being used to guide user behaviour. This talk will offer real world examples and ways that all organisations can apply the theories to drive secure behaviour change.
Tim Ward, CEO & co-Founder, ThinkCyber
2:50pm – 3:20pm
Thought Leadership Presentation: What can you do to protect your supply chain?
Sophie Hunt, Consultant, Insignia
Panel Discussion: How Should I Be Using Intelligence to Protect My Business?As businesses look at the hybrid working model and hot desking, this session looks at the new risks and what you do to protect your business.Confirmed Speaker
Prof. John Walker, Editor in Chief, International Journal of Cyber Forensics and Advanced Threat Investigations
Sarb Sembhi, CTO, CISO, Virtually Informed Limited
Steven Furnell, Professor of Cyber Security, University of Nottingham