The Summit
Scot-Secure is Scotland’s largest annual cyber security conference. The event brings together senior InfoSec personnel, IT leaders, academics, security researchers and law enforcement, providing a unique forum for knowledge exchange, discussion and high-level networking.
The programme is focussed on improving awareness and best practice through shared learning: highlighting emerging threats, new research and changing adversarial tactics, and examining practical ways to improve resilience, detection and response.
This Summit is geared for InfoSec & IT personnel and C-level leaders. This conference is fully booked weeks in advance each year, register ahead of time to avoid disappointment.
2024 Speakers
Ethical Hacker & Blue Team Specialist
Threat Hunter & Technical Lead, NBCUniversal
Principal Security Architect , BP
Cyber Researcher & Neurodiversity Champion
Senior Security Manager, A.P. Moller Maersk
Head of Cybersecurity Division, Abertay University
Sr Cyber Manager & Chapter President, ISC2
Principal Sales Engineer, BlackBerry
VP of Operations EMEA, ThreatLocker
Business Development Manager, Abertay cyberQuarter
Senior Sales Engineer. SentinelOne
CTO, boxxe
Director Solutions Engineering, SonicWall
Security Engineering Manager EMEA, Abnormal Security
Journalist & Broadcaster, BBC Scotland
2024 Agenda
Wednesday 27th March, Dynamic Earth
SESSION 1 - Re-watch on YouTube
The opening session will look at detecting and responding to threats; we will begin with a look at some of the biggest cyber-attacks in recent history, and ask what we can learn and implement from these past incidents. We will then look at the crucial role of threat hunting within our security function, and examine how we can mature and optimise the process, and advocate its value within the business.
​
09:15 Welcome from the Conference Chair
​
Mark Stephen, Journalist & Broadcaster, BBC Scotland
09:25 2024 Chart Countdown: Real Life Cyber-Attacks and the Response Lessons Learned
​
-
Hear first hand experience of managing cyber crises and destructive attacks
-
What are the lessons learned not carved out from the textbook
-
Hear what it’s like to manage cyber crises for global enterprises
-
Go on that emotional ride as you hear those stories being told
-
There will be actionability for everyone
​
Sonia Kumar, Global Head of Cyber Defence, Element
09:50 Why You Are Still Tomorrow's Next Security Breach!
​
-
Despite significant investment in cyber security, businesses are still falling victim to breaches
-
Despite all the new solutions, the top professionals, and the outsourced SOCs – attackers are still getting in
-
So what is going wrong?
-
Understanding why current cyber security strategies are failing and how we can improve them
​
Andy Brand, Principal Sales Engineer, BlackBerry Cybersecurity
10:10 Threat Hunting: From Bodging to Efficiency
​
-
Why threat hunting is so vital in today’s cyber landscape
-
Tips and tricks for starting out
-
How to mature your program to show value to management
-
Leveraging 16 years in the field to bring realism and ideas that can be actioned in your organisation
​
Melissa Goldsmith, Threat Hunter & Technical Lead, NBCUniversal
​
10:35 Combined Q&A
​
-
Mark Stephen, Journalist & Broadcaster, BBC Scotland
-
Sonia Kumar, Global Head of Cyber Defence, Element
-
Andy Brand, Principal Sales Engineer, BlackBerry Cybersecurity
-
Melissa Goldsmith, Threat Hunter, NBCUniversal
​
11:00 Networking & Refreshments
SESSION 2
Session 2 will explore a series of key topics in a longer presentation format. The session will be run in a breakout format across four parallel streams, providing delegates the opportunity to attend two options live. The alternative breakouts will be accessible on-demand post-event.
#
11:35 First Breakout Option (A-D)
12:10 Transition
12:20 Second Breakout Option (E-H)
Breakout options A-D:
​
A. Neurodiversity and How it Can Help You Address the Threat Landscape Re-watch on YouTube
​
-
The importance of having diverse teams is critical for solving complex problems
-
McKinsey research shows that the most successful companies have diverse teams
-
Some of the key challenges of creating a diverse workforce
-
Highlighting the unique skills which neurodivergent individuals bring to an organisation
​
James Kwaan, Sr Cyber Manager & Chapter President, ISC2
Holly Foxcroft, Cyber Researcher & Neurodiversity Champion
Natalie Coull, Head of Division: Cybersecurity, Abertay University
B. How Can the Scottish Cyber Industry Get Ahead of the Threat Landscape? Re-watch on YouTube
​​
-
Impactful R&D for the cyber industry to alleviate fire fighting
-
MAL, HAL & VAL
-
"The Bunker" - Scotland's first Sustainability and Security Operations Centre (S-SOC)
-
How can you get involved in Scotland's cyberQuarter
​
Cheryl Torano, Business Development Manager, Abertay cyberQuarter
C. Incident Response War Stories: Learning to Get the Most from Your Blue Team Re-watch on YouTube
​
-
Reflections on some key experiences, observations and learnings from past incidents
-
How it shapes my current thinking and blue team strategies
-
Advice on developing internal expertise and process
-
Actions & takeaways for improving infrastructure, monitoring and IR in practice
-
Tackling additional layers of difficulty within large complex CNI / regulated environments
​
Dave McKenzie, Ethical Hacker & Blue Team Specialist
D. 3 New Ways Cyber Criminals Are Targeting Your Emails Re-watch on YouTube
-
How threat actors are shifting away from the CEO fraud of the past
-
Why tools like ChatGPT could be incredibly dangerous
-
What new threats are on the horizon
-
And how you can better protect your organization from all of it
​
David Lomax, Senior Engineering Manager EMEA at Abnormal Security
​
12:10 Transition
12:20 Second Breakout Option (E-H)
​
Breakout Options E-H
​
E. What happens when you try to hack a security expert? Re-watch on YouTube
​
-
The attack that happened at boxxe
-
The actions we took
-
Lessons learnt
​
Tim Hall, CTO, boxxe
F. Building Cyber Resilience: Prioritization In A Rapidly Shifting Threat Landscape Re-watch on YouTube
​
-
Understanding the shifting nature of cyber threats and the importance of staying adaptive
-
Identifying priority areas for investment based on current threat trends and organisational vulnerabilities
-
Implementing a risk-based approach to budget allocation, focusing resources where they are most needed
​
Katie Ralph, Director, Solutions Engineering EMEA at SonicWall
G. Time to Say Goodbye to Ransomware Attacks. For Good. Re-watch on YouTube
​
-
How to swiftly counter ransomware attacks by restoring encrypted or altered files to their pre-attack state.just
-
Showcase first-hand the power of AI-driven technology as it detects and neutralises both known and unknown threats.
-
Highlight key integrations that will help your analysts make an informed decision.
​
PJ Norris, Senior Security Engineer, SentinelOne
H. How To Create Successful Malware and How to Defend with Zero Trust Re-watch on YouTube
In a world where anyone can create successful malware or have AI generate it for them, it's important to know how malware can be successful so you can better defend. Starting from a default-deny posture, learn how adopting Zero Trust principles can keep your data safe and operations running regardless of hacking attempts by man or machine.
​
Seamus Lennon, VP of Operations EMEA, ThreatLocker
12:50 Lunch and Networking
​
​
SESSION 3 Re-watch on YouTube
The afternoon session will focus on mitigating risk in two of the most challenging areas that are currently facing security practitioners. Whilst the importance of the human factor is clear, too often advice and process fails to address the root cause. We will look at how we can change that by applying the knowledge base from human science to move the needle on risk. Proactive security is equally difficult when it comes to threats posed by emerging technology. As organisations scramble to leverage the benefits from the new wave of LLMs and AI, we will consider how security leaders can begin to quantify, communicate, and respond to the risks.
13:40 Facts Not Fluff: A Practical Guide to Applying Psychology to Enhance Security and Mitigate Risk
-
Whether you consider people to be the weakest link or biggest opportunity in cyber security, most practitioners would agree that any approach that fails to take account of the human factor is unlikely to succeed
-
But what does this mean in practice? How do we utilise the human science knowledge base to move beyond blame and/or platitudes towards practical guidance and risk reduction?
-
Drawing upon 20 years of experience working at the intersection of human behaviour and technology to outline how we can translate theory to practice, and practice to results
-
Drawing on real-world use cases, I hope to show you that we can apply existing knowledge about human behaviour to enhance our security posture. I also hope to convince you that putting people at the heart of your security strategy is not just the nice thing to do, it’s the effective thing to do
​
Kathryn Pimblett, Senior Cyber Manager & Organisational Psychologist, AP. Moller Maersk
14:05 LLMs: Securing the Unknowable
​
-
No security team wants to be seen as the Department of ‘No’, especially when faced with peak hype over the potential benefits of Generative AI and LLMs
-
But how can we secure something which is so complex it’s impossible to understand and verify?
-
Highlighting the unique and surprising risks of LLM-powered systems
-
Some pragmatic approaches and frameworks that security leaders can leverage to empower their business teams to explore Generative AI safely.
​
Andy Smith, Principal Security Architect, BP & Security Instructor, SANS Institute
14:30 Combined Q&A
​
-
Kathryn Pimblett, Senior Cyber Manager, AP. Moller Maersk
-
Andy Smith, Principal Security Architect, BP & Security Instructor, SANS Institute
-
Dave McKenzie, Ethical Hacker & Blue Team Specialist
-
Holly Foxcroft, Cyber Researcher & Neurodiversity Champion
-
Mark Stephen, Journalist & Broadcaster, BBC Scotland
​
15:10 Closing Remarks
15:15 End of Session
​
15:20 Networking & Drinks Reception
17:00 End of Summit
*The conference agenda is provisional and subject to change
The Venue
The conference will be held live and in-person at the iconic Dynamic Earth in Edinburgh, a professional event space offering panoramic views of the city and Arthur's Seat.
The venue is centrally located in the old town, just 15 minutes walk from Waverley train station, making it easily accessible via public transport. We also offer discounted on-site parking to attendees if you wish to drive and provide light refreshments throughout the day.
​
About DIGIT
DIGIT has rapidly grown into the largest business technology community in Scotland. We host an extensive series of events focused on emerging technology and practical innovation. We also run Scotland's leading IT & Digital News Platform www.digit.fyi with over 50,000 page views per month.
​
The events provide a unique platform for knowledge exchange, drawing stakeholders together to explore challenges, best practice, and business impact. Our conferences attract a senior delegate following and have become renowned as an important forum for high-level networking and engagement.
​
You can contact us with any questions on events@digit.fyi