7th Annual Cyber Security for Business Conference

Wed 24th & Thurs 25th March 2021 | 08:00 - 16:30 | Virtual Event
The must-attend online conference for the cyber security community with keynote talks, breakouts and an exhibition hall - all hosted live on a virtual platform. Free to attend for end users working in IT/ Security  - join us from anywhere in the world.
 

The national Scot-Secure Summit is the largest annual Cyber Security event in Scotland: however is now open to the world. The virtual event brings together senior IT leaders and Information Security personnel, providing a unique forum for knowledge exchange, discussion and high-level networking. 


The conference programme is focussed on promoting best-practice cyber security; looking at the current trends, the key threats - and offering practical advice on improving resilience and implementing effective security measures.

The conference is free* to attend for InfoSec & IT personnel.

The Summit

2021 Sponsors 

Co-sponsors

OneTrust Logo.png
Darktrace.png
Barrier_edited.jpg

Exhibitors

capito-logo.png
secopan-logo.png
5.png
OUiS logo.png
SBRC LOGO MAIN (002).png
6.png
mcnally.png
 
 
Participants

350

Topics

12

Sessions

8

Speakers

24

About DIGIT

DIGIT has rapidly grown into the largest independent business technology community in Scotland. We run an extensive series of virtual conferences and online events focused on core areas of emerging Technology, Digital and IT. We also run Scotland's leading IT & Digital News Platform www.digit.fyi with over 100,000 page views per month.

The virtual events provide a unique platform for knowledge exchange, drawing stakeholders together to explore best practice, technological innovation and business outcomes. Our conferences attract a senior delegate following and have become renowned as an important forum for high-level networking.

​We are delighted to announce that DIGIT will be running our conference programme in a virtual environment. Not only will you be able to enjoy our full events line-up, but you’ll be able to log-in remotely and join us from anywhere in the world.

2021 Speakers

 
Senior Research Director, Omdia
Principal Cybersecurity Threat Intelligence, Verizon
CISO, TrustPilot
Lead Security Engineer, Photobox
Professor, School of Computing, Edinburgh Napier University
Snr Director of Cyber Security and former European CISO of the Year
Ciaran Martin, Board Member, SBRC & Former CEO, NCSC
CISO, HM Courts & Tribunal Services
CISO, Digital Office, Scottish Local Government
CISO, Flo Health
CEO, th4ts3cur1ty.company & Founder, Ladies of London Hacking Society
Lecturer, School of Computing Science, University of Glasgow
Managing Director,
Secarma
CEO, SBRC
Managing CISO
Head of Communications EMEA, (ISC)²
Technology Security Manager, NatWest Group
EMEA Privacy Lead, Strauss Coffee
Product Lead, Adarma
Chief Creative Technology Officer, Ionburst
Head of Information Security, FreeAgent
Security Awareness Advocate, KnowBe4
Managing Director, Quorum Cyber
Policy Manager, Open Rights Group
Account Director, Darktrace
CEO, TechForce
Senior Engineer, Sophos
Digital Technologies Sector Skills Manager, SDS
Journalist and Broadcaster, BBC Scotland
Founder, DIGIT
Show More

Agenda 2021

Day 1, Wednesday 24th March


SESSION 1 - The Security Landscape

The last twelve months have been one of the most tumultuous periods in recent history, and has proved to be a hugely challenging time for cyber security practitioners. The opening session will contextualise the impact of recent disruptions on the security function, and discuss how we can reshape security to adapt effectively to new threats and organisational demands.  

   
09:15    Welcome from the Conference Chair
Mark Stephen, Journalist & Broadcaster, BBC Scotland


09:20    Building Sustainable Security in Reset Normality
Maxine Holt, Senior Research Director, Omdia


09:40    Protecting Today's Hyper-Distributed Digital Workspace
Ady Ringrose, Threat Prevention Specialist, Check Point


10:00    Dot to Dot: The Dangers of Siloed Solutions to Security
Ed Tucker, Snr Director of Cyber Security & Former European CISO of the Year


10:20    Combined Q&A
10:45    Break

SESSION 2 - Practical Security

Session 2 will hone-in on a variety of key security topics in longer, individual slots. Presentations will be run in 30-minute increments across three parallel streams, providing delegates the opportunity to attend three of the options live. The alternative breakouts will be accessible on-demand post event.

11:00     Breakout Option 1

11:30     Breakout Option 2

12:00     Breakout Option 3

 

11:00     Breakout Session: Choose one option from A, B or C


STREAM 1 (A) Understanding Threat Actors

  • What are Threat Actors, their motivations, and attack types?

  • Why are Threat Actors such a concern for new emerging businesses such as Startups?

  • How has Flo Health adapted to threats and what can other Startups learn from our experiences

Leo Cunningham, CISO, Flo Health

STREAM 2 (B) 3 Tips for Gaining Risk Insights​

  • Learn a new approach and benefits of a repeatable risk scoring method. ​

  • Maximize data collected from integrated business applications. ​

  • Identify improved methods for trusting your risk scores and creating meaningful data for the first line of defence. ​

  • Understand how identifying data relationships can identify and prioritize your most important risks

Scott Bridgen, Offering Manager, OneTrust

STREAM 3 (C) Addressing the Human Challenge of Cybersecurity 
•    2021 Cybersecurity Threat Landscape 
•    Driving efficiency and boosting your ROI with Cybersecurity as a System
•    Endpoint Detection Response and Firewall challenges

Jonathan Hope, Senior Engineer, Sophos

11:30     Breakout Session: Choose one option from D, E or F


STREAM 1 (D) Purple Teaming for Budget Analysis

  • How PurpleTeaming provides an insight into security weaknesses in infrastructure and applications

  • Where PurpleTeaming can be applied to shine a light on process failures, poorly utilized tools, and failings in people, processes, and procedures.

  • How the output of a budget optimization assessment can be employed to ensure security budgets are used in the most efficient way possible.

Eliza May Austin, CEO, th4ts3cur1ty.company

STREAM 2 (E) Changing Cyber Landscapes: The Battle of Algorithms 
•    Paradigm shifts in the cyber-threat landscape 
•    Advancements in offensive AI attack techniques 
•    How defensive AI can fight back  
•    Real-world examples of emerging threats that were stopped with Cyber AI

Georgia Bell, Account Director, Darktrace

STREAM 3 (F) Your Organization Through the Eyes of an Attacker

  • Why hackers are targeting your organization    

  • Three key questions you need to be able to answer about your network security

  • The common mistakes your organization can make when building your defences

  • How your end users can help you can defend against ever-evolving threats

Jai Aenugu, CEO, TechForce

Javvad Malik, Security Awareness Advocate, KnowBe4

12:00     Breakout Session: Choose option G

 

STREAM 1 (G) Implementing a Voluntary Security Assessment Scheme for Suppliers

  • Supplier security is a major risk, many recent high-profile attacks are the result of an initial third-party breac

  • With the introduction of GDPR through DPA 2018, it is no longer the sole responsibility of a supplier to manage their own security

  • See a case study into a voluntary supplier security assessment scheme for the digital telecare market, that demonstrates voluntary schemes can be effective

  • Hear the key elements that ensure both suppliers and customers benefit, and therefore maximum voluntary market participation is achieved

Andy Grayland, CISO, Digital Office
 


12:30    Lunch Break: Exhibition & Networking

SESSION 3 - Staying Ahead of the Threat

The final session of Day 1 will reflect on how the Cyber Security landscape is evolving, examining key trends, emerging threats and the future of the sector. The session will also consider how well positioned the industry is to respond to the challenges ahead, and explore opportunities for greater collaboration and increased international cooperation.


13:30    Fireside Chat with Ciaran Martin
Ciaran Martin, Former CEO, NCSC & Jude McCorry, CEO, SBRC


14:00    Cybersecurity Now and in the Future...Are we Ready? 
Bob Carver, Principal Cybersecurity Threat Intelligence, Verizon


14:30    Q&A Panel: Future Security – Trends, Threats & Collaborative Opportunity
•    Mark Stephen, Journalist & Broadcaster, BBC Scotland
•    Jude McCorry, CEO, SBRC
•    Bob Carver, Principal Cybersecurity Threat Intelligence, Verizon

•    Holly Grace Williams, Managing Director, Secarma


15:00    Close of Session


Day 2, Thursday 25th March

SESSION 1 - Building Effective Internal Process & Security Engagement

The opening session of Day 2 will consider practical steps to improve organisational security: examining the foundations of a straightforward and scalable security programme, looking at DevSecOps and embedding security within continuous delivery pipelines, and then examining the language that we use as practitioners, and how we can improve the effectiveness of our messaging and engagement.


09:15    Welcome from the Conference Chair
Mark Stephen, Journalist & Broadcaster, BBC Scotland


09:20    Security Never Just ‘Happens’: Building a Resilient Security Programme That Can Scale
Jordan Schroeder, Managing CISO


09:40    DevSecOps: Keep Calm and Secure Your CI/CD Pipeline
Sonya Moisset, Lead Security Engineer, Photobox


10:00    The Importance of Language in Effective Security Engagement
Ceri Jones, Technology Security Manager, NatWest


10:20    Q&A
10:45    Break

SESSION 2 - Security and Privacy in the Data Age

Technological advancements across mobiles, AI and IoT have brought huge benefits for individuals, businesses and society - but computing developments and the explosion in data generation also poses a wide array of privacy and security concerns. This session will explore some of the dangers, examine how we can align security and privacy functions, and discuss how we can better protect personal data in the age of ubiquitous computing.


11:00    Security and Privacy in the Age of Ubiquitous Computing
Mohamed Khamis, Lecturer, School of Computing Science, University of Glasgow


11:20    Cyber Security in Privacy Frameworks
Cristina Costache, Privacy Lead, Strauss Coffee


11:40    Promoting Privacy-Centric Technologies, Policy & Culture
Heather Burns, Policy Manager, ORG


12:00    Combined Q&A
12:30    Lunch Break: Exhibition & Networking


---


11:00    CSC Interactive Workshops (11:00 – 12:30)
In addition to the main hall session, two 90 min interactive workshops will be run in separate parallel streams, giving delegates the choice to participate in a practical discussion in a smaller group. The interactive workshops will be run by a moderator from Cyber Scotland Connect.

CSC Interactive Workshop A: Geopolitics of Hacking (Round Table and Q&A)

A panel discussion reviewing the latest nation-state cyber-attacks and their impact around the world for private and public organisations.

  • Federico Charosky, Managing Director, Quorum Cyber

  • Robert Hayes, former Head of the National Technical Assistance

  • Rami Shaath, Senior Intelligence Analyst, Crowdstrike & Founder, 971Sec

  • Ahmed Ali,  VP EMEA at Cyware

  • Don Smith, Director CTU-CIC, SecureWorks

CSC Interactive Workshop B: Securing the Estate (Round Table and Discussion)

  • Discussing all the risks

  • What do we do? People, Technologies, Remote, Cloud

  • What are we not doing? Threat Hunting? Dark web intelligence?

  • How do we prioritise and resource effectively?

  • What metrics can we provide - how do we know we are doing a good job?

Richard Grey, Head of Information Security, FreeAgent

SESSION 3 - Preparing for the Future

The final session will look at preparing the industry for the future, and ensuring that we have the skills, talent and depth within the workforce to respond to the increasing demands upon the sector. The main agenda will then conclude with the closing keynote, looking at one of the most politicised areas of cyber security, and considering whether encryption and cryptography is a force for good or ill within society.


13:30    The Cyber Security Workforce: Key Trends, Challenges and Opportunity
Chris Green, Head of Communications E
MEA, (ISC)² 


13:50    Q&A Panel - Skills & Development: Preparing for the Future of Cyber Security

•    Prof. Bill Buchanan OBE, Professor, School of Computing, Edinburgh Napier University
•    Claire Gillespie, Digital Technologies Sector Skills Manager, SDS
•    Mahbubul Islam, CISO, HM Courts & Tribunal Services & Director, The Security Institute

•    Chris Green, Head of Communications EMEA, (ISC)² 


14:25    Closing Keynote: Encryption and Cryptography: Saviours or Destroyers of Our Society
Prof. Bill Buchanan OBE, Professor, School of Computing, Edinburgh Napier University


14:55    Closing Remarks
15:00    Close of Session


---


13:30    CSC Interactive Workshops (13:30 – 15:00)

In addition to the main hall session, two 90 min interactive workshops will be run in separate parallel streams, giving delegates the choice to participate in a practical discussion in a smaller group. The interactive workshops will be run by a moderator from Cyber Scotland Connect.
 

CSC Interactive Workshop C: Training and Awareness (Round Table Discussion)

  • What approaches have proved most effective?

  • How do you target awareness/training to different areas of the business?

  • Has remote working changed how to approach Security education

  • What doesn’t work/what to avoid

Stu Hirst, CISO, Trustpilot & Co-Founder, CSC

CSC Interactive Workshop D: Modernising Security Operations (Presentation & Discussion)

Moderator - Harry McLaren, Product Lead, Adarma & Co-Founder, CSC

  • What are some of the common components of security operations

  • What we’re struggling with: analyst fatigue, false positives, low fidelity alerts, poor hygiene

  • What we can do about it: improving across people, process, technology and governance

Harry McLaren, Product Lead, Adarma & Co-Founder, CSC

---

15:30    Exercise in a Box (15:30 – 16:30)

A 60 minute non technical workshop organised by SBRC which helps organisations find out how resilient they are to cyber attacks and practise their response in a safe environment. Exercise in a Box can be best described as a tool that recreates real world business scenarios and tests your cyber resilience in each scenario. This session will be focusing on the "Phishing Attack Leading to a Ransomware Infection."

Declan Doyle, Head of Ethical Hacking, SBRC 
 

16:30   End of Session

--

End of event.

*The conference agenda is provisional and subject to revision
 

 

Catchpell House

Carpet Lane

Edinburgh

EH6 6SS

Tel: 0131 553 9381

https://digit.fyi/

  • Twitter Social Icon
  • LinkedIn Social Icon
  • Facebook Social Icon
  • Instagram Social Icon

#scotsecure

© 2020 by DIGIT