Scot-Secure is Scotland’s largest annual cyber security conference. The event brings together senior InfoSec personnel, IT leaders, academics, security researchers and law enforcement, providing a unique forum for knowledge exchange, discussion and high-level networking.
The programme is focussed on improving awareness and best practice through shared learning: highlighting emerging threats, new research and changing adversarial tactics, and examining practical ways to improve resilience, detection and response.
The Summit will be planned as a hybrid event, with sessions hosted live at Dynamic Earth with an in-person audience and streamed via a virtual platform. This is FREE* to attend for InfoSec & IT personnel (see the registration page for full T&Cs)
You can also read our Health & Safety guidance around attending in-person events during the pandemic, here.
DIGIT has rapidly grown into the largest business technology community in Scotland. We host an extensive series of events focused on emerging technology and practical innovation. We also run Scotland's leading IT & Digital News Platform www.digit.fyi with over 100,000 page views per month.
The events provide a unique platform for knowledge exchange, drawing stakeholders together to explore challenges, best practice, and business impact. Our conferences attract a senior delegate following and have become renowned as an important forum for high-level networking and engagement.
You can contact us with any questions on firstname.lastname@example.org
Cyber Anthropologist and Security Transformation Leader
CISO, Domino’s Pizza
Senior Associate, CMS
Detective Sergeant, Cybercrime Operations, Police Scotland
Associate Director & Head of Clark.tech
Head of Cyber Detection & Response, Airbus
Space Application Lead, Craft Prospect
Lecturer in Cybersecurity & HCI, Abertay University
CEO, Scottish Business Resilience Centre
Author & Sr Lecturer of Criminology, University of Surrey
Sr Product Manager, SenseOn
Senior Systems Engineer, Cohesity
Commercial Director, Darktrace
Senior Director of IT Security, Secureworks
Managing CISO, Barrier Networks
Head of VISM Services, Secarma
Journalist & Broadcaster, BBC Scotland
Wednesday 23rd March
08.30 Registration desk and exhibition area opens. Light refreshments provided.
The opening session will look at what is driving the cybersecurity threat: examining the growth and evolution of the cybercrime economy; the key culprits and targets, how new tools and technologies are being exploited, and what is coming next. We will then consider why we need to rethink our approach and challenge the perception of the Cyber Security function within the business.
09:15 Welcome from the Conference Chair
Mark Stephen, Journalist & Broadcaster, BBC Scotland
09:25 The Cybercrime Economy and its Implications for Cyber Security
The emergence and characteristics of an increasingly significant ‘cybercrime economy’
Evaluating its scope and scale and providing estimates of the typical revenues generated
Identifying which kinds of perpetrator have been especially successful
Identifying which type of victim, both in the private and public sectors, are most at risk
Key implications for network security and for cybersecurity providers
How cybercrime is evolving into new and more challenging forms
Dr Michael McGuire, Author & Senior Lecturer - Criminology, The University of Surrey
09:45 The Cyber Landscape 2022
Re-rise of the Botnet
Ransomware everywhere and what to do
Trends for 2022 and beyond
Mark Mitchell, Security Engineer, Check Point
10:05 Shifting from Risk to Business
Shifting security from being about risk and perceived as a business cost to driving business value and being a competitive advantage.
Shifting security left to enhance IT quality rather than responding to IT defects, and driving business benefit in the process.
How transparent security creates not only trust, but business opportunities.
Why transferable skills aren’t a fallback for “lacking” security experience, but sometimes actually more valuable than security-specific experience
Greg van der Gaast, CISO, Scoutbee
10:55 Refreshments & Networking
Session 2 will hone-in on a variety of key security topics in longer, individual slots. Presentations will be run in 30-minute increments across four parallel streams, providing delegates the opportunity to attend two options live. The alternative breakouts will be accessible on-demand post event.
11:30 First Breakout Option (A - C)
12:10 Second Breakout Option (D - G)
12:40 Lunch & Networking
Breakout Options include:
A. Incident Response Planning Panel: Practical Overview and Walkthrough
The panel will provide a practical walkthrough of incident response planning, with insight from law enforcement, legal and communications specialists.
Jude McCorry, CEO, SBRC
Bob Finlay, Detective Constable, Cybercrime Operations, Police Scotland
Catriona Garcia-Alis, Senior Associate, CMS
Kirsten Paul, Associate Director & Head of Clark.tech
Stuart Duncan, SBRC
B. The “New Normal” – Cybersecurity, COVID, and Future Challenges
How cyber-attacks changed during the onset of the COVID-19 pandemic
An overview of cyber-attacks taking place in the UK during lockdown
The impact on the workforce and the move to working from home
What the government and businesses can do to improve security
Considering the challenges going forward
Dr Lynsay Shepherd, Lecturer in Cybersecurity & Human-Computer Interaction, Abertay University
C. Fast and Furious Attacks: Using AI to Surgically Respond
Fast-moving cyber attacks can strike at anytime
Are reaction times of security teams quick enough?
Using Autonomous Response to take targeted action in stopping in-progress attacks
Real-world threat finds, case studies and attack scenarios
Finlay Hutchinson, Commercial Director, Darktrace
D. Fire drill, Loki drill, Ryuk drill: cyber preparedness that empowers the whole organisation
To misquote Luis Pasteur: “Fortune favours the prepared organisation”
A prepared and practiced response to cyber attacks can be the difference between chaos and calm when all else is equal
We are experiencing a huge increase in cyber attacks across all UK sectors that everyone should prepare for
A well-planned preparedness programme can empower the whole organisation while keeping disruption to a minimum
Jordan Schroeder, Managing CISO, Barrier Networks
E. Beyond Zero Trust with Threat Defence
Reasons to protect your data, maintain strict access controls and gain deep visibility to stay ahead of modern cybersecurity threats.
How and why cyber-criminals have evolved their tactics to become more aggressive
How to be prepared to recover if your organization falls victim to an attack
Richard Tilney, Senior Systems Engineer, Cohesity
F. Ransomware and Beyond: Evolution of the Threat Landscape
How cyber criminals have changed their tactics, techniques, and procedures
How your organization’s strategy can evolve with the threats and stay ahead of the curve
The severity of ransomware and how to defend against it
Frontline experiences and best practices from cybersecurity experts
Don Smith, Senior Director of IT Security, Secureworks
G. Risk Quantification – You are what you measure
Understand how you can use risk metrics as a planning tool beyond mitigation tactics.
Identify five simple steps to apply and guide your quantification strategy.
Account for the "new normal" businesses are navigating for today and tomorrow.
Take a mixed approach to quantification to help retain qualitative risk insights
Jorge Ferrer Raventos, Senior Solutions Engineer for OneTrust GRC
The session will focus on improving threat detection and response, considering how organisations can use the tools and resources at their disposal more effectively in practice. Starting with a look at getting the foundations right; establishing good governance practices, configuring tools and basic automation. We will then examine how to leverage the benefits of a Security Operations Centre and explore the key challenges and decisions that organisations face in managing SOC and CERT functions.
13:30 Getting the Basics Right for Monitoring & Detection
How to establish good governance practices
Setting up your systems to monitor and identify threats
Using the existing tools that you’ve got effectively
Leveraging automation to maximise output from smaller security teams
Getting buy-in from the board and the wider organisation
Jen Williams, Technical Assessor & Head of VISM Services, Secarma
13:50 SOC Stuff
Structuring an approach to building an effective and efficient SOC
Using the SOC to underpin board reporting
Hiring for a SOC – to outsource or not to outsource?
Some tips, tricks and learnings for improving outcomes
Lee Whatford, CISO, Domino’s Pizza UK&I
14:10 Detection and Response: The Last Barrier?
Leveraging SOC and CERT
Current and future challenges of SOCs and CERTs
Vincent Faye, Head of Cyber Detection & Response, Airbus
14:30 Combined Q&A
To close the conference programme, Cyber Scotland Connect will host a reconnect session. This will be geared to re-energise activities within the security community; encouraging involvement and participation whilst ensuring that the activities of the group align with the priorities and needs of the wider security ecosystem.
15:05 Cyber Scotland reConnect: What's Next?
Who We Are: Personal and CSC introduction
CSC & 2020/21: Pandemic impact, ongoing challenges within our industry
What's Next: Our thoughts on what we could do
Call to Arms: Launch of survey and call for new mods and participants
Stu Hirst, CISO, Trustpilot & CSC Moderator
Harry McLaren, Sr Product Manager, SenseOn & CSC Moderator
16:00 Close of Session
16:00 Networking Drinks Reception
17:00 Close of Conference
On Demand – Virtual Keynotes
Tales of an Anthropologist in Cyber Security
The importance of storytelling and folklore to drive innovation and recruit colleagues to act as your early warning signal for a breach.
Why talking about grey areas can stimulate grey matter and highlight blindspots into your estate.
How to gain valuable insight into why other teams might be putting security on the bottom of the 'to do' list by using the anthropological research techniques.
When to use reciprocity to increase accountability, ownership, and oversight from other departments over your controls and processes without fighting over a RACI document.
Lianne Potter, Cyber Anthropologist and Transformation Leader
Global Quantum-enabled Security for a Post Quantum World
Why the rapid development of quantum computers has put current cybersecurity networks at risk
The role of Quantum Key Distribution as a method to future-proof security
How the space and satellite industry is a critical enabler to realise a global quantum network
The ROKS mission: due late 2022, the first mission to demonstrate satellite to earth quantum key distribution using a CubeSat
Dr Sonali Mohapatra, Quantum Developer & Space Applications Lead, Craft Prospect
*The conference agenda is provisional and subject to revision