08.30   Registration desk and exhibition area opens. Tea, coffee and pastries provided. 

 

SESSION 1 

The opening session will focus on improving the effectiveness of threat detection and response against a backdrop of increased organisational complexity. We will look at optimising internal process, prioritising high-risk attack paths, and addressing some of the persistent failings associated with behavioural security and culture.

​

09:15    Welcome and Introduction from the Conference Chair

Mark Stephen, Journalist & Broadcaster, BBC Scotland

​

09:25    Threat Detection and Response in a Product World

Marko Jung, Principal Engineer & Head of Counter Threat Unit, LEGO Group

​

09:50    Understanding and Prioritising Attack Paths Amid Growing Organisational Complexity

Elliott Went, Senior Enterprise Systems Engineer, SentinelOne

​

10:10    Why Are We Still Failing to Address the Human Factor? 

Robin Lennon Bylenga, Information Security Awareness, Education and Communications Lead, DWS Group

​

10:35    Combined Q&A

11:00    Networking & Refreshments

SESSION 2

Session 2 will explore a series of key topics in a longer presentation format. The session will be run in a breakout format across four parallel streams, providing delegates the opportunity to attend two options live. The alternative breakouts will be accessible on-demand post-event.

​

11:35    First Breakout Option
12:10    Transition
12:20    Second Breakout Option
12:50    Lunch and Networking

​

Breakout options include:

​

A. Threat Intelligence - Panel Session

Panellists include:

•    Mike Smith, Cyber Incident Response & Threat Intelligence Manager, Cyber and Fraud Centre – Scotland
•    Nick Leitch, Cyber Threat Intelligence, Technical Lead, Lloyds Banking Group
•    Jessica Amery, Group Threat Intelligence Analyst, The Weir Group

•    DC Kelly Thorburn, Specialist Crime Division: Cybercrime Investigations, Police Scotland

​

B. API Security: I will IDOR Myself In

•    How attackers could gain control of millions of devices by exploiting simple, yet critical API flaws
•    How these flaws allow attackers to control and use devices as an initial foothold in large networks
•    Exploring the types of devices affected - from routers and alarms to car chargers
•    How the era of “central platform” handling that solves a variety of problems backfired by re-introducing a number of old vulnerabilities

​

Vangelis Stykas, CTO, Tremau
   

C. Improving Diversity, Inclusion and Resourcing within the Cybersecurity Industry 

•    Background context on the diversity picture within the industry 
•    Key objectives of the CIISec D&I programme
•    Overview of the different streams and individual focus areas
•    The role of the programme in addressing skills and resourcing challenges
•    Next steps: opportunity to feedback and help shape future strategy and implementation

​

Grant Cairns, Cyber Security Manager, Tesco Bank
Durgesh Gaitonde, Technology & Cyber Risk Manager, Tesco Bank

Rory Alsop, Head of Cyber Security, Tesco Bank

D: Rethink your Cyber Resilience Strategy to address Emerging Threats

•    How is Cyber Crime & Attack emerging
•    Latest threat vectors in ever evolving landscape
•    What readiness should organisations have

​

Kunal V. Pradhan, Global Head of Cyber Security Practice, Business Transformation Group, TCS

---

12:10    Transition
12:20    Second Breakout Option

Breakout options include:

​

E. Responding to the Ever Evolving Threat Landscape

•    How threat actors’ tactics, techniques, and procedures have changed
•    The severity of ransomware and how to defend against it
•    First-hand experiences and best practices from cybersecurity experts 

​

Don Smith, Vice President, CTU, Secureworks

F. From XDR to CSR: Using Prevent as a Strategy to Protect your Organisation & the Environment

•    How mature AI modelling lessens the environmental burden 
•    More prepared does not equal more resource
•    Extend your defence and your lifecycles

​

Lee Beard, Director UK & Ireland Sales, BlackBerry Cybersecurity

G: Stem the Tide: Rise Above Alert Fatigue and Improve Your Security Posture with Limited Resources

•    How to maximise your security posture within your current resource set up
•    Whether it’s possible to manage large exposures with limited resources
•    What you can do to better develop your teams and raise cyber-awareness throughout your company

​

Brian Stewart, Senior Sales Engineer, Arctic Wolf

H: Introduction to Threat Modelling and its Benefits to Business

•    What is threat modelling and when it is useful?
•    Who can and should threat model?
•    Threat modelling tools and techniques
•    Threat Modelling as a risk management activity
•    Threat Modelling Diagram basics

​

Jen Williams, Director of IT and Operations, Secarma

12:50    Lunch and Networking

SESSION 3 

The afternoon session will look at embedding a proactive security mindset across your organisation. We will explore how to engage with developers and engineering teams to establish genuine buy-in; how applications can be built with a security-first approach by leveraging tools like anonymisation, and how we can communicate effectively with the board and positively engage C-level decision makers.

​

13:40    Bringing the Party to Security    

Gwen Diagram, Head of Engineering, Glean
 
14:05    Improving Privacy & Security Through Anonymisation

Leo Cunningham, CISO, Flo Health
Kajus Sestokas, Application Security Engineer, Flo Health

​

14:30    Talking to the Board

Lena Smart, CISO, MongoDB

14:55    Combined Q&A

15:25    Closing Remarks

15:30    End of Session

---

15:30    Networking Drinks

16:30    End of Summit

---

​

Virtual Keynote: On Demand WATCH ON YOUTUBE

An Overview of the 2023 Threat Landscape

Lindy Cameron CB OBE, Chief Executive Officer, NCSC

 

*The Conference Agenda is provisional and subject to change