top of page
SS24 Logo (1).png

Scotland's 10th Annual Cyber Security for Business Summit with live keynotes, workshops and exhibition. 

March 2025
Dynamic Earth, Edinburgh
08:30am - 4.30pm

Free to attend (T&Cs apply)




The Summit
Modern Bridge

Scot-Secure West - Glasgow Event

DIGIT also run a 2nd Cyber Security Conference in Glasgow with 300+ attendees, live keynotes and networking.

The Summit

Scot-Secure is Scotland’s largest annual cyber security conference. The event brings together senior InfoSec personnel, IT leaders, academics, security researchers and law enforcement, providing a unique forum for knowledge exchange, discussion and high-level networking.


The programme is focussed on improving awareness and best practice through shared learning: highlighting emerging threats, new research and changing adversarial tactics, and examining practical ways to improve resilience, detection and response.


This Summit is geared for InfoSec & IT personnel and C-level leaders. This conference is fully booked weeks in advance each year, register ahead of time to avoid disappointment. 


2024 Speakers


2024 Agenda

Wednesday 27th March, Dynamic Earth

SESSION 1 - Re-watch on YouTube

The opening session will look at detecting and responding to threats; we will begin with a look at some of the biggest cyber-attacks in recent history, and ask what we can learn and implement from these past incidents. We will then look at the crucial role of threat hunting within our security function, and examine how we can mature and optimise the process, and advocate its value within the business.

09:15    Welcome from the Conference Chair

Mark Stephen, Journalist & Broadcaster, BBC Scotland

09:25    2024 Chart Countdown:  Real Life Cyber-Attacks and the Response Lessons Learned

  • Hear first hand experience of managing cyber crises and destructive attacks

  • What are the lessons learned not carved out from the textbook

  • Hear what it’s like to manage cyber crises for global enterprises

  • Go on that emotional ride as you hear those stories being told

  • There will be actionability for everyone

Sonia Kumar, Global Head of Cyber Defence, Element

09:50    Why You Are Still Tomorrow's Next Security Breach!

  • Despite significant investment in cyber security, businesses are still falling victim to breaches

  • Despite all the new solutions, the top professionals, and the outsourced SOCs – attackers are still getting in

  • So what is going wrong?

  • Understanding why current cyber security strategies are failing and how we can improve them

Andy Brand, Principal Sales Engineer, BlackBerry Cybersecurity

10:10    Threat Hunting: From Bodging to Efficiency

  • Why threat hunting is so vital in today’s cyber landscape

  • Tips and tricks for starting out

  • How to mature your program to show value to management

  • Leveraging 16 years in the field to bring realism and ideas that can be actioned in your organisation

Melissa Goldsmith, Threat Hunter & Technical Lead, NBCUniversal

10:35    Combined Q&A

  • Mark Stephen, Journalist & Broadcaster, BBC Scotland

  • Sonia Kumar, Global Head of Cyber Defence, Element

  • Andy Brand, Principal Sales Engineer, BlackBerry Cybersecurity

  • Melissa Goldsmith, Threat Hunter, NBCUniversal

11:00    Networking & Refreshments


Session 2 will explore a series of key topics in a longer presentation format. The session will be run in a breakout format across four parallel streams, providing delegates the opportunity to attend two options live. The alternative breakouts will be accessible on-demand post-event.


11:35    First Breakout Option (A-D)

12:10    Transition

12:20    Second Breakout Option (E-H)

Breakout options A-D:

A. Neurodiversity and How it Can Help You Address the Threat Landscape Re-watch on YouTube

  • The importance of having diverse teams is critical for solving complex problems

  • McKinsey research shows that the most successful companies have diverse teams

  • Some of the key challenges of creating a diverse workforce

  • Highlighting the unique skills which neurodivergent individuals bring to an organisation

James Kwaan, Sr Cyber Manager & Chapter President, ISC2 
Holly Foxcroft, Cyber Researcher & Neurodiversity Champion
Natalie Coull, Head of Division: Cybersecurity, Abertay University

B. How Can the Scottish Cyber Industry Get Ahead of the Threat Landscape? Re-watch on YouTube

  • Impactful R&D for the cyber industry to alleviate fire fighting

  • MAL, HAL & VAL

  • "The Bunker" - Scotland's first Sustainability and Security Operations Centre (S-SOC)

  • How can you get involved in Scotland's cyberQuarter

Cheryl Torano, Business Development Manager, Abertay cyberQuarter

C. Incident Response War Stories: Learning to Get the Most from Your Blue Team Re-watch on YouTube

  • Reflections on some key experiences, observations and learnings from past incidents

  • How it shapes my current thinking and blue team strategies 

  • Advice on developing internal expertise and process

  • Actions & takeaways for improving infrastructure, monitoring and IR in practice

  • Tackling additional layers of difficulty within large complex CNI / regulated environments

Dave McKenzie, Ethical Hacker & Blue Team Specialist

D. 3 New Ways Cyber Criminals Are Targeting Your Emails Re-watch on YouTube


  • How threat actors are shifting away from the CEO fraud of the past

  • Why tools like ChatGPT could be incredibly dangerous

  • What new threats are on the horizon

  • And how you can better protect your organization from all of it

David Lomax, Senior Engineering Manager EMEA at Abnormal Security

12:10    Transition

12:20    Second Breakout Option (E-H)

Breakout Options E-H

E. What happens when you try to hack a security expert? Re-watch on YouTube

  • The attack that happened at boxxe

  • The actions we took

  • Lessons learnt

Tim Hall, CTO, boxxe

F. Building Cyber Resilience: Prioritization In A Rapidly Shifting Threat Landscape Re-watch on YouTube

  • Understanding the shifting nature of cyber threats and the importance of staying adaptive

  • Identifying priority areas for investment based on current threat trends and organisational vulnerabilities

  • Implementing a risk-based approach to budget allocation, focusing resources where they are most needed

Katie Ralph, Director, Solutions Engineering EMEA at SonicWall

G. Time to Say Goodbye to Ransomware Attacks. For Good. Re-watch on YouTube

  • How to swiftly counter ransomware attacks by restoring encrypted or altered files to their pre-attack state.just

  • Showcase first-hand the power of AI-driven technology as it detects and neutralises both known and unknown threats.

  • Highlight key integrations that will help your analysts make an informed decision.

PJ Norris, Senior Security Engineer, SentinelOne

H. How To Create Successful Malware and How to Defend with Zero Trust Re-watch on YouTube


In a world where anyone can create successful malware or have AI generate it for them, it's important to know how malware can be successful so you can better defend. Starting from a default-deny posture, learn how adopting Zero Trust principles can keep your data safe and operations running regardless of hacking attempts by man or machine.

Seamus Lennon, VP of Operations EMEA, ThreatLocker

12:50    Lunch and Networking

SESSION 3 Re-watch on YouTube

The afternoon session will focus on mitigating risk in two of the most challenging areas that are currently facing security practitioners. Whilst the importance of the human factor is clear, too often advice and process fails to address the root cause. We will look at how we can change that by applying the knowledge base from human science to move the needle on risk. Proactive security is equally difficult when it comes to threats posed by emerging technology. As organisations scramble to leverage the benefits from the new wave of LLMs and AI, we will consider how security leaders can begin to quantify, communicate, and respond to the risks. 

13:40    Facts Not Fluff: A Practical Guide to Applying Psychology to Enhance Security and Mitigate Risk


  • Whether you consider people to be the weakest link or biggest opportunity in cyber security, most practitioners would agree that any approach that fails to take account of the human factor is unlikely to succeed

  • But what does this mean in practice? How do we utilise the human science knowledge base to move beyond blame and/or platitudes towards practical guidance and risk reduction?

  • Drawing upon 20 years of experience working at the intersection of human behaviour and technology to outline how we can translate theory to practice, and practice to results

  • Drawing on real-world use cases, I hope to show you that we can apply existing knowledge about human behaviour to enhance our security posture. I also hope to convince you that putting people at the heart of your security strategy is not just the nice thing to do, it’s the effective thing to do

Kathryn Pimblett, Senior Cyber Manager & Organisational Psychologist, AP. Moller Maersk

14:05    LLMs: Securing the Unknowable

  • No security team wants to be seen as the Department of ‘No’, especially when faced with peak hype over the potential benefits of Generative AI and LLMs

  • But how can we secure something which is so complex it’s impossible to understand and verify? 

  • Highlighting the unique and surprising risks of LLM-powered systems

  • Some pragmatic approaches and frameworks that security leaders can leverage to empower their business teams to explore Generative AI safely.

Andy Smith, Principal Security Architect, BP & Security Instructor, SANS Institute 

14:30    Combined Q&A

  • Kathryn Pimblett, Senior Cyber Manager, AP. Moller Maersk

  • Andy Smith, Principal Security Architect, BP & Security Instructor, SANS Institute 

  • Dave McKenzie, Ethical Hacker & Blue Team Specialist

  • Holly Foxcroft, Cyber Researcher & Neurodiversity Champion

  • Mark Stephen, Journalist & Broadcaster, BBC Scotland

15:10    Closing Remarks

15:15    End of Session

15:20    Networking & Drinks Reception

17:00    End of Summit

*The conference agenda is provisional and subject to change

DE Image.jpg

 The Venue 

The conference will be held live and in-person at the iconic Dynamic Earth in Edinburgh, a professional event space offering panoramic views of the city and Arthur's Seat.


The venue is centrally located in the old town, just 15 minutes walk from Waverley train station, making it easily accessible via public transport. We also offer discounted on-site parking to attendees if you wish to drive and provide light refreshments throughout the day. 




DIGIT has rapidly grown into the largest business technology community in Scotland. We host an extensive series of events focused on emerging technology and practical innovation. We also run Scotland's leading IT & Digital News Platform with over 50,000 page views per month.

The events provide a unique platform for knowledge exchange, drawing stakeholders together to explore challenges, best practice, and business impact. Our conferences attract a senior delegate following and have become renowned as an important forum for high-level networking and engagement.

You can contact us with any questions on


2024 Sponsors & Exhibitors

Headline Sponsor



Sentinel One.png
Cyber Vigilance.png


Varonis_Logo_Black (002).png

Drinks Reception Sponsor


Interested in speaking or exhibiting at Scot-Secure Summit?

  • X
  • LinkedIn
  • Facebook
  • Instagram
  • Youtube
bottom of page