SESSION 1 - Re-watch on YouTube

The opening session will look at detecting and responding to threats; we will begin with a look at some of the biggest cyber-attacks in recent history, and ask what we can learn and implement from these past incidents. We will then look at the crucial role of threat hunting within our security function, and examine how we can mature and optimise the process, and advocate its value within the business.

​

09:15    Welcome from the Conference Chair

​

Mark Stephen, Journalist & Broadcaster, BBC Scotland

09:25    2024 Chart Countdown:  Real Life Cyber-Attacks and the Response Lessons Learned

​

• Hear first hand experience of managing cyber crises and destructive attacks

• What are the lessons learned not carved out from the textbook

• Hear what it’s like to manage cyber crises for global enterprises

• Go on that emotional ride as you hear those stories being told

• There will be actionability for everyone

​

Sonia Kumar, Global Head of Cyber Defence, Element

09:50    Why You Are Still Tomorrow's Next Security Breach!

​

• Despite significant investment in cyber security, businesses are still falling victim to breaches

• Despite all the new solutions, the top professionals, and the outsourced SOCs – attackers are still getting in

• So what is going wrong?

• Understanding why current cyber security strategies are failing and how we can improve them

​

Andy Brand, Principal Sales Engineer, BlackBerry Cybersecurity

10:10    Threat Hunting: From Bodging to Efficiency

​

• Why threat hunting is so vital in today’s cyber landscape

• Tips and tricks for starting out

• How to mature your program to show value to management

• Leveraging 16 years in the field to bring realism and ideas that can be actioned in your organisation

​

Melissa Goldsmith, Threat Hunter & Technical Lead, NBCUniversal

​

10:35    Combined Q&A

​

• Mark Stephen, Journalist & Broadcaster, BBC Scotland

• Sonia Kumar, Global Head of Cyber Defence, Element

• Andy Brand, Principal Sales Engineer, BlackBerry Cybersecurity

• Melissa Goldsmith, Threat Hunter, NBCUniversal

​

11:00    Networking & Refreshments

SESSION 2

Session 2 will explore a series of key topics in a longer presentation format. The session will be run in a breakout format across four parallel streams, providing delegates the opportunity to attend two options live. The alternative breakouts will be accessible on-demand post-event.

#

11:35    First Breakout Option (A-D)

12:10    Transition

12:20    Second Breakout Option (E-H)

Breakout options A-D:

​

A. Neurodiversity and How it Can Help You Address the Threat Landscape Re-watch on YouTube

​

• The importance of having diverse teams is critical for solving complex problems

• McKinsey research shows that the most successful companies have diverse teams

• Some of the key challenges of creating a diverse workforce

• Highlighting the unique skills which neurodivergent individuals bring to an organisation

​

James Kwaan, Sr Cyber Manager & Chapter President, ISC2 
Holly Foxcroft, Cyber Researcher & Neurodiversity Champion
Natalie Coull, Head of Division: Cybersecurity, Abertay University

B. How Can the Scottish Cyber Industry Get Ahead of the Threat Landscape? Re-watch on YouTube

​​

• Impactful R&D for the cyber industry to alleviate fire fighting

• MAL, HAL & VAL

• "The Bunker" - Scotland's first Sustainability and Security Operations Centre (S-SOC)

• How can you get involved in Scotland's cyberQuarter

​

Cheryl Torano, Business Development Manager, Abertay cyberQuarter

C. Incident Response War Stories: Learning to Get the Most from Your Blue Team Re-watch on YouTube

​

• Reflections on some key experiences, observations and learnings from past incidents

• How it shapes my current thinking and blue team strategies 

• Advice on developing internal expertise and process

• Actions & takeaways for improving infrastructure, monitoring and IR in practice

• Tackling additional layers of difficulty within large complex CNI / regulated environments

​

Dave McKenzie, Ethical Hacker & Blue Team Specialist

D. 3 New Ways Cyber Criminals Are Targeting Your Emails Re-watch on YouTube

 

• How threat actors are shifting away from the CEO fraud of the past

• Why tools like ChatGPT could be incredibly dangerous

• What new threats are on the horizon

• And how you can better protect your organization from all of it

​

David Lomax, Senior Engineering Manager EMEA at Abnormal Security

​

12:10    Transition

12:20    Second Breakout Option (E-H)

​

Breakout Options E-H

​

E. What happens when you try to hack a security expert? Re-watch on YouTube

​

• The attack that happened at boxxe

• The actions we took

• Lessons learnt

​

Tim Hall, CTO, boxxe

F. Building Cyber Resilience: Prioritization In A Rapidly Shifting Threat Landscape Re-watch on YouTube

​

• Understanding the shifting nature of cyber threats and the importance of staying adaptive

• Identifying priority areas for investment based on current threat trends and organisational vulnerabilities

• Implementing a risk-based approach to budget allocation, focusing resources where they are most needed

​

Katie Ralph, Director, Solutions Engineering EMEA at SonicWall

G. Time to Say Goodbye to Ransomware Attacks. For Good. Re-watch on YouTube

​

• How to swiftly counter ransomware attacks by restoring encrypted or altered files to their pre-attack state.just

• Showcase first-hand the power of AI-driven technology as it detects and neutralises both known and unknown threats.

• Highlight key integrations that will help your analysts make an informed decision.

​

PJ Norris, Senior Security Engineer, SentinelOne

H. How To Create Successful Malware and How to Defend with Zero Trust Re-watch on YouTube

 

In a world where anyone can create successful malware or have AI generate it for them, it's important to know how malware can be successful so you can better defend. Starting from a default-deny posture, learn how adopting Zero Trust principles can keep your data safe and operations running regardless of hacking attempts by man or machine.

​

Seamus Lennon, VP of Operations EMEA, ThreatLocker

12:50    Lunch and Networking

​

​

SESSION 3 Re-watch on YouTube

The afternoon session will focus on mitigating risk in two of the most challenging areas that are currently facing security practitioners. Whilst the importance of the human factor is clear, too often advice and process fails to address the root cause. We will look at how we can change that by applying the knowledge base from human science to move the needle on risk. Proactive security is equally difficult when it comes to threats posed by emerging technology. As organisations scramble to leverage the benefits from the new wave of LLMs and AI, we will consider how security leaders can begin to quantify, communicate, and respond to the risks. 

13:40    Facts Not Fluff: A Practical Guide to Applying Psychology to Enhance Security and Mitigate Risk

 

• Whether you consider people to be the weakest link or biggest opportunity in cyber security, most practitioners would agree that any approach that fails to take account of the human factor is unlikely to succeed

• But what does this mean in practice? How do we utilise the human science knowledge base to move beyond blame and/or platitudes towards practical guidance and risk reduction?

• Drawing upon 20 years of experience working at the intersection of human behaviour and technology to outline how we can translate theory to practice, and practice to results

• Drawing on real-world use cases, I hope to show you that we can apply existing knowledge about human behaviour to enhance our security posture. I also hope to convince you that putting people at the heart of your security strategy is not just the nice thing to do, it’s the effective thing to do

​

Kathryn Pimblett, Senior Cyber Manager & Organisational Psychologist, AP. Moller Maersk

14:05    LLMs: Securing the Unknowable

​

• No security team wants to be seen as the Department of ‘No’, especially when faced with peak hype over the potential benefits of Generative AI and LLMs

• But how can we secure something which is so complex it’s impossible to understand and verify? 

• Highlighting the unique and surprising risks of LLM-powered systems

• Some pragmatic approaches and frameworks that security leaders can leverage to empower their business teams to explore Generative AI safely.

​

Andy Smith, Principal Security Architect, BP & Security Instructor, SANS Institute 

14:30    Combined Q&A

​

• Kathryn Pimblett, Senior Cyber Manager, AP. Moller Maersk

• Andy Smith, Principal Security Architect, BP & Security Instructor, SANS Institute 

• Dave McKenzie, Ethical Hacker & Blue Team Specialist

• Holly Foxcroft, Cyber Researcher & Neurodiversity Champion

• Mark Stephen, Journalist & Broadcaster, BBC Scotland

​

15:10    Closing Remarks

15:15    End of Session

​

15:20    Networking & Drinks Reception

17:00    End of Summit

*The conference agenda is provisional and subject to change