9th Annual Cyber Security for Business Summit 
Free to attend 

Thursday, 30th March 2023
Dynamic Earth, Edinburgh

Supporters 2022

Scot-Secure is Scotland’s largest annual cyber security conference. The event brings together senior InfoSec personnel, IT leaders, academics, security researchers and law enforcement, providing a unique forum for knowledge exchange, discussion and high-level networking.

The programme is focussed on improving awareness and best practice through shared learning: highlighting emerging threats, new research and changing adversarial tactics, and examining practical ways to improve resilience, detection and response.

The Summit will be held live at Dynamic Earth, Edinburgh on Thursday, 30th March 2023. This is free to attend for InfoSec & IT personnel, see the registration page for full T&Cs.

​

Speakers 2022

Call for Speakers 2023
We are currently inviting speaking proposals from individuals that would like to put themselves forward to present at the 2023 event. Presentations options include: keynotes, breakout sessions, technical demos and workshops, giving a broad range of formats to suit presenter preferences and experience levels.
 

To apply to speak, please email a brief abstract or bullet outline on your proposed presentation topic, along with a short biography paragraph to events@digit.fyi
 

 The Venue 

The conference will be held live and in-person at the iconic Dynamic Earth in Edinburgh, a professional event space offering panoramic views of the city and Arthur's Seat.

The venue is centrally located in the old town, just 15 minutes walk from Waverly train station, making it easily accessible via public transport. We also offer discounted on-site parking to attendees if you wish to drive and provide light refreshments throughout the day. 

​

Agenda

2023 coming soon.

​

08.30      Registration desk and exhibition area opens. Light refreshments provided. 

SESSION 1:

The opening session will look at what is driving the cybersecurity threat: examining the growth and evolution of the cybercrime economy; the key culprits and targets, how new tools and technologies are being exploited, and what is coming next. We will then consider why we need to rethink our approach and challenge the perception of the Cyber Security function within the business. 

09:15     Welcome from the Conference Chair

Mark Stephen, Journalist & Broadcaster, BBC Scotland
 

09:25     The Cybercrime Economy and its Implications for Cyber Security
 

• The emergence and characteristics of an increasingly significant ‘cybercrime economy’

• Evaluating its scope and scale and providing estimates of the typical revenues generated

• Identifying which kinds of perpetrator have been especially successful

• Identifying which type of victim, both in the private and public sectors, are most at risk

• Key implications for network security and for cybersecurity providers

• How cybercrime is evolving into new and more challenging forms

Dr Michael McGuire, Author & Senior Lecturer - Criminology, The University of Surrey
 

09:45     The Cyber Landscape 2022

​

• Re-rise of the Botnet

• Ransomware everywhere and what to do

• Trends for 2022 and beyond 

Mark Mitchell, Security Engineer, Check Point

10:05     Shifting from Risk to Business

​

• Shifting security from being about risk and perceived as a business cost to driving business value and being a competitive advantage.

• Shifting security left to enhance IT quality rather than responding to IT defects, and driving business benefit in the process.

• How transparent security creates not only trust, but business opportunities.

• Why transferable skills aren’t a fallback for “lacking” security experience, but sometimes actually more valuable than security-specific experience

Greg van der Gaast, CISO, Scoutbee

10:25     Q&A

10:55     Refreshments & Networking

​

​

SESSION 2: 

Session 2 will hone-in on a variety of key security topics in longer, individual slots. Presentations will be run in 30-minute increments across four parallel streams, providing delegates the opportunity to attend two options live. The alternative breakouts will be accessible on-demand post event.

11:30     First Breakout Option (A - C)

12:00     Transition

12:10     Second Breakout Option (D - G)

12:40     Lunch & Networking

 
Breakout Options include:

A. Incident Response Planning Panel: Practical Overview and Walkthrough

​

The panel will provide a practical walkthrough of incident response planning, with insight from law enforcement, legal and communications specialists.

​

• Jude McCorry, CEO, SBRC

• Bob Finlay, Detective Constable, Cybercrime Operations, Police Scotland

• Catriona Garcia-Alis, Senior Associate, CMS

• Kirsten Paul, Associate Director & Head of Clark.tech

• Stuart Duncan, SBRC

B. The “New Normal” – Cybersecurity, COVID, and Future Challenges

• How cyber-attacks changed during the onset of the COVID-19 pandemic

• An overview of cyber-attacks taking place in the UK during lockdown

• The impact on the workforce and the move to working from home

• What the government and businesses can do to improve security

• Considering the challenges going forward

​

Dr Lynsay Shepherd, Lecturer in Cybersecurity & Human-Computer Interaction, Abertay University

C. Fast and Furious Attacks: Using AI to Surgically Respond

• Fast-moving cyber attacks can strike at anytime

• Are reaction times of security teams quick enough?

• Using Autonomous Response to take targeted action in stopping in-progress attacks

• Real-world threat finds, case studies and attack scenarios

​

Finlay Hutchinson, Commercial Director, Darktrace

​

D. Fire drill, Loki drill, Ryuk drill: cyber preparedness that empowers the whole organisation

• To misquote Luis Pasteur: “Fortune favours the prepared organisation”

• A prepared and practiced response to cyber attacks can be the difference between chaos and calm when all else is equal

• We are experiencing a huge increase in cyber attacks across all UK sectors that everyone should prepare for

• A well-planned preparedness programme can empower the whole organisation while keeping disruption to a minimum

​

Jordan Schroeder, Managing CISO, Barrier Networks

​

E. Beyond Zero Trust with Threat Defence

• Reasons to protect your data, maintain strict access controls and gain deep visibility to stay ahead of modern cybersecurity threats.

• How and why cyber-criminals have evolved their tactics to become more aggressive

• How to be prepared to recover if your organization falls victim to an attack

​

Richard Tilney, Senior Systems Engineer, Cohesity

​

F. Ransomware and Beyond: Evolution of the Threat Landscape

• How cyber criminals have changed their tactics, techniques, and procedures

• How your organization’s strategy can evolve with the threats and stay ahead of the curve

• The severity of ransomware and how to defend against it

• Frontline experiences and best practices from cybersecurity experts

​

Don Smith, Senior Director of IT Security, Secureworks

​

G. Risk Quantification – You are what you measure  

​

• Understand how you can use risk metrics as a planning tool beyond mitigation tactics. 

• Identify five simple steps to apply and guide your quantification strategy.

• Account for the "new normal" businesses are navigating for today and tomorrow.

• Take a mixed approach to quantification to help retain qualitative risk insights

​

Jorge Ferrer Raventos, Senior Solutions Engineer for OneTrust GRC 

​

SESSION 3:  

The session will focus on improving threat detection and response, considering how organisations can use the tools and resources at their disposal more effectively in practice. Starting with a look at getting the foundations right; establishing good governance practices, configuring tools and basic automation. We will then examine how to leverage the benefits of a Security Operations Centre and explore the key challenges and decisions that organisations face in managing SOC and CERT functions.

13:30    Getting the Basics Right for Monitoring & Detection

​

• How to establish good governance practices

• Setting up your systems to monitor and identify threats

• Using the existing tools that you’ve got effectively

• Leveraging automation to maximise output from smaller security teams

• Getting buy-in from the board and the wider organisation

​

Jen Williams, Technical Assessor & Head of VISM Services, Secarma
 

13:50     SOC Stuff

​

• Structuring an approach to building an effective and efficient SOC

• Using the SOC to underpin board reporting

• Hiring for a SOC – to outsource or not to outsource?

• Some tips, tricks and learnings for improving outcomes

Lee Whatford, CISO, Domino’s Pizza UK&I
 

14:10     Detection and Response: The Last Barrier?
 

• Airbus approach

• Leveraging SOC and CERT

• Current and future challenges of SOCs and CERTs

• Options

Vincent Faye, Head of Cyber Detection & Response, Airbus

14:30     Combined Q&A

15:00     Break

​

SESSION 4:       

To close the conference programme, Cyber Scotland Connect will host a reconnect session. This will be geared to re-energise activities within the security community; encouraging involvement and participation whilst ensuring that the activities of the group align with the priorities and needs of the wider security ecosystem.

15:05     Cyber Scotland reConnect: What's Next?

• Who We Are: Personal and CSC introduction

• CSC & 2020/21: Pandemic impact, ongoing challenges within our industry

• What's Next: Our thoughts on what we could do

• Call to Arms: Launch of survey and call for new mods and participants

Stu Hirst, CISO, Trustpilot & CSC Moderator

Harry McLaren, Sr Product Manager, SenseOn & CSC Moderator

16:00     Close of Session

16:00     Networking Drinks Reception

17:00     Close of Conference

 ---

On Demand – Virtual Keynotes

Tales of an Anthropologist in Cyber Security

​

• The importance of storytelling and folklore to drive innovation and recruit colleagues to act as your early warning signal for a breach. 

• Why talking about grey areas can stimulate grey matter and highlight blindspots into your estate. 

• How to gain valuable insight into why other teams might be putting security on the bottom of the 'to do' list by using the anthropological research techniques. 

• When to use reciprocity to increase accountability, ownership, and oversight from other departments over your controls and processes without fighting over a RACI document.

​

Lianne Potter, Cyber Anthropologist and Transformation Leader

​

Global Quantum-enabled Security for a Post Quantum World

​

• Why the rapid development of quantum computers has put current cybersecurity networks at risk

• The role of Quantum Key Distribution as a method to future-proof security

• How the space and satellite industry is a critical enabler to realise a global quantum network

• The ROKS mission: due late 2022, the first mission to demonstrate satellite to earth quantum key distribution using a CubeSat

Dr Sonali Mohapatra, Quantum Developer & Space Applications Lead, Craft Prospect

​

​

*The conference agenda is provisional and subject to revision
 

DIGIT has rapidly grown into the largest business technology community in Scotland. We host an extensive series of events focused on emerging technology and practical innovation. We also run Scotland's leading IT & Digital News Platform www.digit.fyi with over 50,000 page views per month.

​

The events provide a unique platform for knowledge exchange, drawing stakeholders together to explore challenges, best practice, and business impact. Our conferences attract a senior delegate following and have become renowned as an important forum for high-level networking and engagement.

​

You can contact us with any questions on events@digit.fyi

2022 Sponsors 

Co-sponsors

Exhibitors

Reception Sponsor