top of page
SS24 Logo (1).png

Scotland's 10th Annual Cyber Security for Business Summit with live keynotes, workshops and exhibition. 

Wednesday 27 March 2024
Dynamic Earth, Edinburgh
08:30am - 4.30pm

Free to attend (T&Cs apply)




The Summit

The Summit

Scot-Secure is Scotland’s largest annual cyber security conference. The event brings together senior InfoSec personnel, IT leaders, academics, security researchers and law enforcement, providing a unique forum for knowledge exchange, discussion and high-level networking.


The programme is focussed on improving awareness and best practice through shared learning: highlighting emerging threats, new research and changing adversarial tactics, and examining practical ways to improve resilience, detection and response.


This Summit is geared for InfoSec & IT personnel and C-level leaders.


2024 Speakers


2024 Agenda


The opening session will look at detecting and responding to threats; we will begin with a look at some of the biggest cyber-attacks in recent history, and ask what we can learn and implement from past incidents. We will then look at the crucial role of threat hunting within our security function, and examine how we can mature and optimise the process, and advocate its value within the business.

09:15    Welcome from the Conference Chair

Mark Stephen, Journalist & Broadcaster, BBC Scotland

09:25    2024 Chart Countdown:  Real Life Cyber-Attacks and the Response Lessons Learned

  • Hear first hand experience of managing cyber crises and destructive attacks

  • What are the lessons learned not carved out from the textbook

  • Hear what it’s like to manage cyber crises for global enterprises

  • Go on that emotional ride as you hear those stories being told

  • There will be actionability for everyone

Sonia Kumar, Global Head of Cyber Defence, Element

09:50    Why You Are Still Tomorrow's Next Security Breach!

  • Despite significant investment in cyber security, businesses are still falling victim to breaches

  • Despite all the new solutions, the top professionals, and the outsourced SOCs – attackers are still getting in

  • So what is going wrong?

  • Understanding why current cyber security strategies are failing and how we can improve them

Andy Brand, Principal Sales Engineer, BlackBerry Cybersecurity

10:10    How to Mature and Optimise Your Threat Hunting Program

  • Why threat hunting is so vital in today’s cyber landscape

  • Tips and tricks for starting out

  • How to mature your program to show value to management

  • Leveraging 16 years in the field to bring realism and ideas that can be brought back to your organization for actioning

Melissa Goldsmith, Threat Hunter & Technical Lead, NBCUniversal

10:35    Combined Q&A

  • Mark Stephen, Journalist & Broadcaster, BBC Scotland

  • Sonia Kumar, Global Head of Cyber Defence, Element

  • Andy Brand, Principal Sales Engineer, BlackBerry Cybersecurity

  • Melissa Goldsmith, Threat Hunter, NBCUniversal

11:00    Networking & Refreshments


Session 2 will explore a series of key topics in a longer presentation format. The session will be run in a breakout format across four parallel streams, providing delegates the opportunity to attend two options live. The alternative breakouts will be accessible on-demand post-event.


11:35    First Breakout Option (A-D)

12:10    Transition

12:20    Second Breakout Option (E-H)

Breakout options A-D:

A. Neurodiversity and How it Can Help you Address the Threat Landscape

  • The importance of having diverse teams is critical for solving complex problems

  • McKinsey research shows that the most successful companies have diverse teams

  • Some of the key challenges of creating a diverse workforce

  • Highlighting the unique skills which neurodivergent individuals bring to an organisation

James Kwaan, Sr Cyber Manager & Chapter President, ISC2 
Holly Foxcroft, Cyber Researcher & Neurodiversity Champion
Natalie Coull, Head of Division: Cybersecurity, Abertay University

B. Understanding Human Aspects of Cybersecurity

  • Too often cybersecurity is seen as a technical problem with a technical solution but that is a very limited view of both the problem and the solution

  • Understanding the role that technology and humans jointly play in securing cyberspace is crucial

  • We need to explore how technology and humans best fit together to provide protection

  • Current security products have not been designed in a way that matches human capabilities

  • This has resulted in cybersecurity fatigue, stress and even burn out

  • There is a need to shift the focus to designing usable, accessible and acceptable security tools

Prof Lynne Coventry, Director of Abertay cyberQuarter

C. Incident Response War Stories

  • Reflecting on past experience, observations and learnings and how it shapes my current thinking

  • Currently building blue team efforts at National Gas

  • Developing the expertise and improving infrastructure, monitoring, response in practice

  • Additional layer of difficulty with the CNI angle

Dave McKenzie, Ethical Hacker & Blue Team Specialist

D. 3 New Ways Cyber Criminals Are Targeting Your Emails


  • How threat actors are shifting away from the CEO fraud of the past

  • Why tools like ChatGPT could be incredibly dangerous

  • What new threats are on the horizon

  • And how you can better protect your organization from all of it

David Lomax, Senior Engineering Manager EMEA at Abnormal Security

12:10    Transition

12:20    Second Breakout Option (E-H)

Breakout Options E-H

E. What happens when you try to hack a security expert?

  • The attack that happened at boxxe

  • The actions we took

  • Lessons learnt

Tim Hall, CTO, boxxe

F. Building Cyber Resilience: Prioritization In A Rapidly Shifting Threat Landscape

  • Understanding the shifting nature of cyber threats and the importance of staying adaptive

  • Identifying priority areas for investment based on current threat trends and organisational vulnerabilities

  • Implementing a risk-based approach to budget allocation, focusing resources where they are most needed

Katie Ralph, Director, Solutions Engineering EMEA at SonicWall

G. Time to Say Goodbye to Ransomware Attacks. For Good. 

  • How SentinelOne swiftly counters ransomware attacks by restoring encrypted or altered files to their pre-attack state.

  • Showcase first-hand the power of SentinelOne's AI-driven technology as it detects and neutralises both known and unknown threats.

  • Deep dive into how SentinelOne’s unique rollback feature works, in real-time. 

  • Highlight key integrations that will help your analysts make an informed decision.

PJ Norris, Senior Security Engineer, SentinelOne

H. The Purpose & Future of Endpoint Security: How Successful Malware is Created & How Zero Trust Protects


  • Understand the evolution of technology over the years and how cybersecurity has need to adapt

  • Understand the access points and vulnerabilities of modern day networks

  • Understand the difference between a reactive and proactive approach to cybersecurity

  • Understand why companies should implement a proactive Zero Trust approach to cybersecurity

Seamus Lennon, Senior Solutions Engineer, ThreatLocker

12:50    Lunch and Networking


The afternoon session will focus on improving our understanding in two of the hardest areas that are currently facing security practitioners, human behaviour and AI. Whilst the importance of the human factor is clear, too often advice and process fails to address the root cause. We will look at applying the knowledge base from human science to move the needle on risk reduction. Security engagement is equally difficult when it comes to the threat posed by emerging technology. As organisations scramble to leverage the benefits from new wave of Generative AI, we will consider how security leaders can begin to quantify, communicate, and respond to the risk. 

13:40    Facts Not Fluff: A Practical Guide to Applying Psychology to Enhance Security and Mitigate Risk


  • Whether you consider people to be the weakest link or biggest opportunity in cyber security, most practitioners would agree that any approach that fails to take account of the human factor is unlikely to succeed

  • But what does this mean in practice? How do we utilise the human science knowledge base to move beyond blame and/or platitudes towards practical guidance and risk reduction?

  • Drawing upon 20 years of experience working at the intersection of human behaviour and technology to outline how we can translate theory to practice, and practice to results

  • Drawing on real-world use cases, I hope to show you that we can apply existing knowledge about human behaviour to enhance our security posture. I also hope to convince you that putting people at the heart of your security strategy is not just the nice thing to do, it’s the effective thing to do

Kathryn Pimblett, Senior Cyber Manager & Organisational Phycologist, AP. Moller Maersk

14:05    LLMs: Securing the Unknowable

  • No security team wants to be seen as the Department of ‘No’, especially when faced with peak hype over the potential benefits of Generative AI and LLMs

  • But how can we secure something which is so complex it’s impossible to understand and verify? 

  • Highlighting the unique and surprising risks of LLM-powered systems

  • Some pragmatic approaches and frameworks that security leaders can leverage to empower their business teams to explore Generative AI safely.

Andy Smith, Principal Security Architect, BP & Security Instructor, SANS Institute 

14:30    Combined Q&A

  • Kathryn Pimblett, Senior Cyber Manager, AP. Moller Maersk

  • Andy Smith, Principal Security Architect, BP & Security Instructor, SANS Institute 

  • Dave McKenzie, Ethical Hacker & Blue Team Specialist

  • Prof Lynne Coventry, Director of Abertay cyberQuarter

  • Mark Stephen, Journalist & Broadcaster, BBC Scotland

15:10    Closing Remarks

15:15    End of Session

15:20    Networking & Drinks Reception

17:00    End of Summit

*The conference agenda is provisional and subject to change

DE Image.jpg

 The Venue 

The conference will be held live and in-person at the iconic Dynamic Earth in Edinburgh, a professional event space offering panoramic views of the city and Arthur's Seat.


The venue is centrally located in the old town, just 15 minutes walk from Waverley train station, making it easily accessible via public transport. We also offer discounted on-site parking to attendees if you wish to drive and provide light refreshments throughout the day. 




DIGIT has rapidly grown into the largest business technology community in Scotland. We host an extensive series of events focused on emerging technology and practical innovation. We also run Scotland's leading IT & Digital News Platform with over 50,000 page views per month.

The events provide a unique platform for knowledge exchange, drawing stakeholders together to explore challenges, best practice, and business impact. Our conferences attract a senior delegate following and have become renowned as an important forum for high-level networking and engagement.

You can contact us with any questions on

2024 Sponsors & Exhibitors

Headline Sponsor



Sentinel One.png
Cyber Vigilance.png



Drinks Reception Sponsor


Interested in speaking or exhibiting at Scot-Secure Summit?

Modern Bridge

Scot-Secure West - Glasgow Event

DIGIT also run a 2nd Cyber Security Conference in Glasgow with 300+ attendees, live keynotes and networking.

  • Twitter
  • LinkedIn
  • Facebook
  • Instagram
bottom of page