Speaker:
Andy Bates, Executive Director, Global Cyber Alliance

U.K. PLCs are constantly under attack. There is no one solution that fits all, and if one did become available, it would need patching before lunchtime. Regardless of the threat, basic precautions and cyber hygiene processes are often neglected and seriously impact the security posture of your organization. This keynote examines these and asks:

• Are you taking all reasonable steps to secure your business?
• What has fallen by the wayside?
• What low-cost and no-cost tools could be adopted to improve your security posture?

Speaker:
Thom Langford, former CISO, founder, (TL)2

In an exclusive session, veteran CISO Thom Langford looks at what GDPR has influenced since its introduction, how this impacts security and privacy leaders across sectors, and where data protection regulation can go from here.

Langford is the founder of (TL)2 Security, a strategic Information security Consultancy. As Chief Information Security Officer of Publicis Groupe, he was responsible for all aspects of information security risk and compliance as well as managing the Groupe Information Security Programme.

Having successfully built security and IT programmes from the ground up, Langford brings an often opinionated and forward thinking view of security risk, both in assessments and management, but is able to do so with humour and pragmatism.

Speaker:
Teju Shyamsundar , Technical Manager, Product, Okta

The shift to cloud has made perimeter-centric view of security obsolete and led to the creation of Zero Trust. With users accessing corporate resources across a variety of devices, platforms and clients, organizations are seeing an increase in phishing, password spray, brute force and other identity based attacks. Learn how you can achieve more powerful outcomes by combining cloud security with identity, network and endpoint security - achieve holistic protection by implementing the Zero Trust model across your enterprise.

Speaker:
Ran Shahor, Brigadier General (Res.), CEO & Founder, HolistiCyber

Countries around the world are making significant investments in both cyber defense and cyber offense technologies. These sophisticated and advanced nation-state level attack capabilities are now being targeted to the private sector. In fact, these highly advanced mechanisms of cyber assault are continuously evolving and are available for sale in the Darknet, enabling hackers to become extremely powerful attackers. The question arises - How can organizations protect themselves in today's cyber reality? Good news is - It is possible.

In his presentation, Ran Shahor , IDF Brigadier General (Res.) will discuss the solutions, the holistic approach and the secret sauce needed in order for organizations to be protected and stay ahead of the attackers.

Speaker:
Barry McMahon, Sr. Intl Product Marketing Manager (IAM), LastPass by LogMeIn

Identity management is no longer a simple flash of a badge at an entry desk. The layers of complexity in password management and SSO are all deterrents in the speed of authentication at the user level.

Hear insights from new research:

• Business Departments presenting the highest risk exposure;
• What are key challenges and priorities when managing identity;
• Understand how identity risk can transfer from personal to business life.

Speaker:
Ameya Talwalkar, Co-Founder and Chief Product Officer, Cequence Security

Bulletproof Proxies have taken the concepts of anonymity and availability found in Bulletproof Hosting and extended them to the automated bot attack delivery infrastructure by using large networks of Residential Proxies that mask identity and location. Bulletproof Proxies allow bad actors to distribute their attacks across legitimate user locations making detection and prevention difficult. This session will cover the following topics:

• The rise of Bulletproof Proxies - how they came to exist
• The balancing act between legitimate and malicious use
• Techniques used to mask their identity and location
• Details on large scale attacks targeting financial services and retail sector

Speaker:
Martha Gray, Account Director, Darktrace

In this session, you will learn more about:

• Leveraging machine learning and AI algorithms to defend against advanced, never-seen-before, cyber-threats
• How new immune system technologies enable you to pre-empt emerging threats and reduce incident response time
• How to achieve 100% visibility of your entire business including cloud, network and IoT environments
• Why automation and autonomous response is enabling security teams to neutralize in-progress attacks, prioritize resources, and tangibly lower risk
• Real-world examples of subtle, unknown threats that routinely bypass traditional controls

Speaker:
Sudeep Venkatesh, Chief Product Officer, Egress

People cause data breaches every day. That simple statement hides layers of complexity, compliance issues, and stress for CISOs and their security teams. While we may be able to 'logically' explain malicious breaches by linking them to motivations such as financial gain, it's often more difficult to understand and anticipate incidents caused by well-intentioned employees. The staff member who, for example, has too many things to do and sends an email to the wrong person. Or the person who feels they need to share information just to get their job done, choosing not to apply security or using unapproved channels.

This session will look at the psychology behind these breaches, and what technology can do to prevent incidents caused by employees sharing sensitive data via email. In particular, the session will examine developments in machine learning and advanced DLP technologies that can determine the risk of a data breach in real time to prevent unauthorised disclosure and enforce security for assured compliance.

We will discuss:

• Why well-meaning employees cause data breaches
• The most common email data breach incidents
• How machine learning and advanced DLP technology can prevent breaches and improve protection for shared data

Speaker:
Mark Tibbs, Cyber Intelligence Director, MDR Cyber

Broadcasters invest billions of pounds in high-quality programming, but Illegal streaming is growing and global losses to piracy have been forecasted to reach over £35bn by 2022. Illegal streaming services are rife online. The operators behind these services share many of the same characteristics of early cybercriminals: They sell their services relatively openly using online platforms and marketing. There are even online communities which support sales of these services.

Mark Tibbs has worked in the field of cyber investigations and intelligence for nearly a decade before joining MDR Cyber, working within British law enforcement and a cyber threat intelligence start-up. This talk presents some of the findings from his research and recommendations about how to tackle this crime.

• What is illegal streaming and why is it so prevalent?
• How does the criminal economy look?
• How can fraud be tackled using both technical and legal options?

Speaker:
David Stubley, CEO, 7 Elements

What does a successful compromise of an organisation's email system look like, and what can we do to protect ourselves? This talk will use real-life case studies from recent incidents to dissect the anatomy of a modern Business Email Compromise attack. Attend this session for expert insight on:

• Current attack trends;
• Mailbox manipulation and exfiltration of sensitive data;
• Easy to implement mitigation strategies.

Speakers:
Mark Tibbs, Cyber Intelligence Director, MDR Cyber
Naina Bhattacharya, Director, Cyber Security, EMEIA, Ernst & Young LLP
Philip McInerney, Detective Inspector SCO7, Organised Crime Command, Cyber Crime Unit, Metropolitan Police
Polly Ralph, Barrister and Solicitor, UK Data Protection Strategy, Legal and Compliance Services, PwC

As threats and threat actors grow in number, sophistication and cross-channel schemes, it is increasingly important for organizations to have a clear picture of their potential attackers - whether they are nation-states, cybercrime gangs or lone actors.

Attend this session for first-hand insights from one of the City's top cybercrime experts, addressing:

• Today's most prevalent cybercrime schemes - and why they are successful
• Traits of the threat actors most commonly perpetrating these schemes
• Lessons learned from actual crime investigations - and how you can put these to work to improve your own defenses.

Speaker:
Martin Overton, Ethical Hacker, Forensics & Malware SME

Veteran security leader Martin Overton tackles cyber insurance with a review of case studies that illustrate genuine benefits ... and subtle pitfalls that may result in no coverage for costly incidents. Overton has over 30 years of hands-on security experience, along with several years working for a major international insurer. Attend this session and learn:

• Common pitfalls and genuine benefits that insurance policies have;
• How to avoid a situation where you are not actually covered for a specific incident;
• Ways the insurance industry can improve cyber coverage and services.

Speaker:
Sarb Sembhi, CTO/CSO, Virtually Informed

Enterprises have endured decades of security policies, programmes, plans, metrics and awareness training ... and yet little has improved. CISOs still complain that people are failing at the cybersecurity basics. This session will explore issues in user awareness training and offer a different approach, including:

• Why some of today's awareness programmes don't work;
• How CISOs and vendors can influence change;
• How to get started on a holistic approach to Digital Safety Skills.