Expo Image 1_edited.png
SS21 LOGO 1200MM (1).png

8th Annual Cyber Security for Business Summit 
Free to attend 

Wed 23rd March 2022 | 08:30 - 17:00 |
Dynamic Earth, Edinburgh
Headline Sponsor 
checkpoint-logo.png

Supporters 2022

SBRC LOGO MAIN (002).png
SCOTLANDIS LOGO AUG 2020.jpg
FullColourLogo-StackedIcon.png
ISACA-Scotland-logo-e1408267320237.png
 

The Summit

Scot-Secure is Scotland’s largest annual cyber security conference. The event brings together senior InfoSec personnel, IT leaders, academics, security researchers and law enforcement, providing a unique forum for knowledge exchange, discussion and high-level networking.

 

The programme is focussed on improving awareness and best practice through shared learning: highlighting emerging threats, new research and changing adversarial tactics, and examining practical ways to improve resilience, detection and response.

 

The Summit will be planned as a hybrid event, with sessions hosted live at Dynamic Earth with an in-person audience and streamed via a virtual platform. This is FREE* to attend for InfoSec & IT personnel (see the registration page for full T&Cs)

 

You can also read our Health & Safety guidance around attending in-person events during the pandemic, here. 

 

2022 Sponsors 

Co-sponsors

Cohesity_2_Color_Black_Logo NEW.jpg
SW_logo_black.png
Darktrace.png
OneTrust.png
Barrier_edited.jpg

Exhibitors

capito-logo.png
NCC Group.png
mcnally.png
6.png
Occamsec.jpg
sbrc.jpg
blackberry-new.png
download.png
UKC3_Logo_PRIMARY_HI (002).png
cofense.png
vodafone busines.jpg
Sapphire logo png (1).png
Secarma.jpg

Reception Sponsor

1200px-Rubrik_Logo.svg.png
 

About DIGIT

DIGIT has rapidly grown into the largest business technology community in Scotland. We host an extensive series of events focused on emerging technology and practical innovation. We also run Scotland's leading IT & Digital News Platform www.digit.fyi with over 100,000 page views per month.

The events provide a unique platform for knowledge exchange, drawing stakeholders together to explore challenges, best practice, and business impact. Our conferences attract a senior delegate following and have become renowned as an important forum for high-level networking and engagement.

You can contact us with any questions on events@digit.fyi

 
Participants

350

Topics

12

Sessions

8

Speakers

24

 

Speakers 2022

SS21 LOGO 1200MM (1).png
 

Agenda 2022

SS21 LOGO 1200MM (2).png

Wednesday 23rd March

08.30      Registration desk and exhibition area opens. Light refreshments provided. 

 

SESSION 1:

The opening session will look at what is driving the cybersecurity threat: examining the growth and evolution of the cybercrime economy; the key culprits and targets, how new tools and technologies are being exploited, and what is coming next. We will then consider why we need to rethink our approach and challenge the perception of the Cyber Security function within the business. 

 

09:15     Welcome from the Conference Chair

Mark Stephen, Journalist & Broadcaster, BBC Scotland
 

09:25     The Cybercrime Economy and its Implications for Cyber Security
 

  • The emergence and characteristics of an increasingly significant ‘cybercrime economy’

  • Evaluating its scope and scale and providing estimates of the typical revenues generated

  • Identifying which kinds of perpetrator have been especially successful

  • Identifying which type of victim, both in the private and public sectors, are most at risk

  • Key implications for network security and for cybersecurity providers

  • How cybercrime is evolving into new and more challenging forms

 

Dr Michael McGuire, Author & Senior Lecturer - Criminology, The University of Surrey
 

09:45     The Cyber Landscape 2022

  • Re-rise of the Botnet

  • Ransomware everywhere and what to do

  • Trends for 2022 and beyond 

 

Mark Mitchell, Security Engineer, Check Point

 

10:05     Shifting from Risk to Business

  • Shifting security from being about risk and perceived as a business cost to driving business value and being a competitive advantage.

  • Shifting security left to enhance IT quality rather than responding to IT defects, and driving business benefit in the process.

  • How transparent security creates not only trust, but business opportunities.

  • Why transferable skills aren’t a fallback for “lacking” security experience, but sometimes actually more valuable than security-specific experience

 

Greg van der Gaast, CISO, Scoutbee

 

10:25     Q&A

10:55     Refreshments & Networking

SESSION 2: 

Session 2 will hone-in on a variety of key security topics in longer, individual slots. Presentations will be run in 30-minute increments across four parallel streams, providing delegates the opportunity to attend two options live. The alternative breakouts will be accessible on-demand post event.

 

11:30     First Breakout Option (A - C)

12:00     Transition

12:10     Second Breakout Option (D - G)

 

12:40     Lunch & Networking

 
Breakout Options include:

 

A. Incident Response Planning Panel: Practical Overview and Walkthrough

The panel will provide a practical walkthrough of incident response planning, with insight from law enforcement, legal and communications specialists.

  • Jude McCorry, CEO, SBRC

  • Bob Finlay, Detective Constable, Cybercrime Operations, Police Scotland

  • Catriona Garcia-Alis, Senior Associate, CMS

  • Kirsten Paul, Associate Director & Head of Clark.tech

  • Stuart Duncan, SBRC

 

B. The “New Normal” – Cybersecurity, COVID, and Future Challenges

 

  • How cyber-attacks changed during the onset of the COVID-19 pandemic

  • An overview of cyber-attacks taking place in the UK during lockdown

  • The impact on the workforce and the move to working from home

  • What the government and businesses can do to improve security

  • Considering the challenges going forward

Dr Lynsay Shepherd, Lecturer in Cybersecurity & Human-Computer Interaction, Abertay University

 

C. Fast and Furious Attacks: Using AI to Surgically Respond

 

  • Fast-moving cyber attacks can strike at anytime

  • Are reaction times of security teams quick enough?

  • Using Autonomous Response to take targeted action in stopping in-progress attacks

  • Real-world threat finds, case studies and attack scenarios

Finlay Hutchinson, Commercial Director, Darktrace

D. Fire drill, Loki drill, Ryuk drill: cyber preparedness that empowers the whole organisation

 

  • To misquote Luis Pasteur: “Fortune favours the prepared organisation”

  • A prepared and practiced response to cyber attacks can be the difference between chaos and calm when all else is equal

  • We are experiencing a huge increase in cyber attacks across all UK sectors that everyone should prepare for

  • A well-planned preparedness programme can empower the whole organisation while keeping disruption to a minimum

Jordan Schroeder, Managing CISO, Barrier Networks

E. Beyond Zero Trust with Threat Defence

 

  • Reasons to protect your data, maintain strict access controls and gain deep visibility to stay ahead of modern cybersecurity threats.

  • How and why cyber-criminals have evolved their tactics to become more aggressive

  • How to be prepared to recover if your organization falls victim to an attack

Richard Tilney, Senior Systems Engineer, Cohesity

F. Ransomware and Beyond: Evolution of the Threat Landscape

 

  • How cyber criminals have changed their tactics, techniques, and procedures

  • How your organization’s strategy can evolve with the threats and stay ahead of the curve

  • The severity of ransomware and how to defend against it

  • Frontline experiences and best practices from cybersecurity experts

Don Smith, Senior Director of IT Security, Secureworks

G. Risk Quantification – You are what you measure  

  • Understand how you can use risk metrics as a planning tool beyond mitigation tactics. 

  • Identify five simple steps to apply and guide your quantification strategy.

  • Account for the "new normal" businesses are navigating for today and tomorrow.

  • Take a mixed approach to quantification to help retain qualitative risk insights

Jorge Ferrer Raventos, Senior Solutions Engineer for OneTrust GRC 

SESSION 3:  

The session will focus on improving threat detection and response, considering how organisations can use the tools and resources at their disposal more effectively in practice. Starting with a look at getting the foundations right; establishing good governance practices, configuring tools and basic automation. We will then examine how to leverage the benefits of a Security Operations Centre and explore the key challenges and decisions that organisations face in managing SOC and CERT functions.

 

13:30    Getting the Basics Right for Monitoring & Detection

  • How to establish good governance practices

  • Setting up your systems to monitor and identify threats

  • Using the existing tools that you’ve got effectively

  • Leveraging automation to maximise output from smaller security teams

  • Getting buy-in from the board and the wider organisation

Jen Williams, Technical Assessor & Head of VISM Services, Secarma
 

13:50     SOC Stuff

  • Structuring an approach to building an effective and efficient SOC

  • Using the SOC to underpin board reporting

  • Hiring for a SOC – to outsource or not to outsource?

  • Some tips, tricks and learnings for improving outcomes

 

Lee Whatford, CISO, Domino’s Pizza UK&I
 

14:10     Detection and Response: The Last Barrier?
 

  • Airbus approach

  • Leveraging SOC and CERT

  • Current and future challenges of SOCs and CERTs

  • Options

 

Vincent Faye, Head of Cyber Detection & Response, Airbus

 

14:30     Combined Q&A

15:00     Break

 

SESSION 4:       

To close the conference programme, Cyber Scotland Connect will host a reconnect session. This will be geared to re-energise activities within the security community; encouraging involvement and participation whilst ensuring that the activities of the group align with the priorities and needs of the wider security ecosystem.

 

15:05     Cyber Scotland reConnect: What's Next?

 

  • Who We Are: Personal and CSC introduction

  • CSC & 2020/21: Pandemic impact, ongoing challenges within our industry

  • What's Next: Our thoughts on what we could do

  • Call to Arms: Launch of survey and call for new mods and participants

 

Stu Hirst, CISO, Trustpilot & CSC Moderator

Harry McLaren, Sr Product Manager, SenseOn & CSC Moderator

 

16:00     Close of Session

16:00     Networking Drinks Reception

17:00     Close of Conference

 

 ---

 

On Demand – Virtual Keynotes

 

Tales of an Anthropologist in Cyber Security

  • The importance of storytelling and folklore to drive innovation and recruit colleagues to act as your early warning signal for a breach. 

  • Why talking about grey areas can stimulate grey matter and highlight blindspots into your estate. 

  • How to gain valuable insight into why other teams might be putting security on the bottom of the 'to do' list by using the anthropological research techniques. 

  • When to use reciprocity to increase accountability, ownership, and oversight from other departments over your controls and processes without fighting over a RACI document.

Lianne Potter, Cyber Anthropologist and Transformation Leader

Global Quantum-enabled Security for a Post Quantum World

  • Why the rapid development of quantum computers has put current cybersecurity networks at risk

  • The role of Quantum Key Distribution as a method to future-proof security

  • How the space and satellite industry is a critical enabler to realise a global quantum network

  • The ROKS mission: due late 2022, the first mission to demonstrate satellite to earth quantum key distribution using a CubeSat

 

Dr Sonali Mohapatra, Quantum Developer & Space Applications Lead, Craft Prospect

*The conference agenda is provisional and subject to revision