Day 1 - 25 April 2019

Developing Security Solutions

Gartner predicts that over $75 billion will be spent worldwide on infrastructure protection and security services in 2019.  As cloud computing takes a forefront for both consumer and enterprise computing, development of cloud security solutions is due to make up a large proportion of that spending.  With so much data now being stored in the cloud, the need for secure infrastructure is imperative.  On day 2, we then shift focus to discussing network security – hearing from industry professionals about their latest solutions, how they work and what results are being seen by the companies using them.

09:40AM

Andy Bates

Executive Director

Global Cyber Alliance

Associated Talks:

09:40AM - Day 1

View Developing security solutions: Chair’s welcome and opening comments

View Full Info

Developing security solutions: Chair’s welcome and opening comments

. Andy Bates, Executive Director, Global Cyber Alliance
Hide Details
More Details

10:00AM

Arash Ghazanfari

Field CTO | UK & Ireland Enterprise

Dell Technologies

Associated Talks:

10:00AM - Day 1

View Dell Technologies approach to Security Transformation

View Full Info

Dell Technologies approach to Security Transformation

During this session, we will explore how the Dell Technologies ecosystem of capabilities is providing a pathway to security transformation for next generation applications and multi-cloud platforms. We will discuss the need for intrinsically secure architectures and how Dell Technologies help organisations adopt a unified approach around aligning their attitude towards risk with their security spend.

. Arash Ghazanfari, Field CTO | UK & Ireland Enterprise, Dell Technologies
Hide Details
More Details

Cloud Security

10:20AM

Stu Hirst

Head of Cloud Security

Photobox Group

Associated Talks:

10:20AM - Day 1

View Securing a multi-brand e-commerce business in the Cloud

View Full Info

Securing a multi-brand e-commerce business in the Cloud

  • What Stu found when he joined Photobox and why he decided to take on the role (a lack of any ownership of Cloud Security, brands using differing processes, ineffective tooling, visibility and reporting, departing members of staff with considerable cloud knowledge, little automation, basic errors being made)
  • Implementing the Cloud ‘basics’ before doing the cool stuff! What did we do first? Why did we choose to do those things?
  • How we have worked to culturally change an already cloud-first business to become a cloud-first, security-first business
  • What problems we’re trying to solve; 3/6/12 months strategies/objectives and beyond
  • ‘Compliance As Code’ and our journey to get there. What we still have to do.
  • Challenges/Learnings – info the audience take away as tangible advice. What might we do differently?
. Stu Hirst, Head of Cloud Security, Photobox Group
Hide Details
More Details

10:50AM

Daniel Power

General Manager, Northern Europe

OneLogin

Associated Talks:

10:50AM - Day 1

View Keynote: Does Multi Factor Authentication (MFA) without Single Sign On (SSO) make sense

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Keynote: Does Multi Factor Authentication (MFA) without Single Sign On (SSO) make sense

  • Understanding the threat lansdcape from shadow IT
  • Delivering different MFA strategies for different user populations
  • Using machine learning and adaptive authentication to reduce friction whist maintaining a secure environment
. Daniel Power, General Manager, Northern Europe, OneLogin
Hide Details
More Details

11:20AM

Networking Break

11:50AM

Lisa Ventura

CEO and Founder

UK Cyber Security Association

View Full Info

Dave Barnett

Head of CASB

Forcepoint EMEA

Associated Talks:

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Francesco Cipollone

Director of Events - UK Chapter

Cloud Security Alliance

Associated Talks:

10:40AM - Day 2

View Is the Cloud secure? It’s easy if you do it smart

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Daniel Power

General Manager, Northern Europe

OneLogin

Associated Talks:

10:50AM - Day 1

View Keynote: Does Multi Factor Authentication (MFA) without Single Sign On (SSO) make sense

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Stephen Owen

Principal Cloud Security Architect & Data Protection Officer

Camelot UK National Lottery

Associated Talks:

11:50AM - Day 1

View Panel: Sharing responsibility for cloud security

View Full Info

Panel: Sharing responsibility for cloud security

  • Security in the cloud is – and always has been – a two-way street defined as the vendor being responsible for security ‘of’ the cloud – software and hardware – while the customer is responsible for security ‘in’ the cloud – data, OS, identity and access management, and so forth. So why do companies still struggle?
  • Which stakeholders throughout the business and beyond have to take responsibility for cloud security, and what education and training is required?
  • How do consumers fit into all this?
  • Discussing effective strategies for sharing this responsibility effectively from Enterprise.
Moderator: . Lisa Ventura, CEO and Founder, UK Cyber Security Association
. Dave Barnett, Head of CASB, Forcepoint EMEA
. Francesco Cipollone, Director of Events - UK Chapter, Cloud Security Alliance
. Daniel Power, General Manager, Northern Europe, OneLogin
. Stephen Owen, Principal Cloud Security Architect & Data Protection Officer, Camelot UK National Lottery
Hide Details
More Details

12:30PM

Case Study: Cloud access security brokers (CASBs) – the gatekeeper between on-prem and cloud infrastructure

  • What CASBs do and how they differ from more traditional cloud security solutions
  • How CASBs help with shadow IT policies and rising employee use of cloud apps
  • Combining visibility, compliance, data security and threat protection
Hide Details
More Details

12:50PM

Zero Trust Security – the next phase of cloud identity

The next wave of cloud identity is through Zero Trust Security (ZTS). With more apps being used ‘as a service’ in the cloud, and more employees working remotely, traditional identity and access management (IAM) doesn’t cut it today. What’s more, ZTS assumes there will be bad actors both inside and outside your company’s network. 

 This session will explore what Zero Trust Security is, how it relates to organisations today in an IoT-heavy landscape, and how technologies such as machine learning can make an even greater impact. 

Hide Details
More Details

01:20PM

Networking Break

Threat Detection & Response

02:20PM

Ben Russell

Head of Cyber Threat Response

National Crime Agency

Associated Talks:

02:20PM - Day 1

View Afternoon Keynote: Policing in cyber space – The Law Enforcement response to cyber crime

View Full Info

Afternoon Keynote: Policing in cyber space – The Law Enforcement response to cyber crime

  • How are cyber criminals currently targeting businesses?
  • What is law enforcement doing to tackle the threat?
  • How can Law Enforcement and business work together more effectively?
. Ben Russell, Head of Cyber Threat Response, National Crime Agency
Hide Details
More Details

02:50PM

David Atkinson

Founder & CEO

Senseon

Associated Talks:

02:50PM - Day 1

View AI: Positive forces at work, or false positives?

02:50PM - Day 2

View Panel: How artificial intelligence and blockchain are the battlegrounds for the next security wars

View Full Info

AI: Positive forces at work, or false positives?

False positives or ‘innocent anomalies’ are a huge distraction for over-stretched security teams who would be better off investigating genuine malicious activity. Join David Atkinson, Founder and CEO of Senseon as he shares insight into his unique AI approach that gathers context and triangulates threats across the entire digital estate. Find out how Senseon automates investigation, reduces false positives and simplifies the security stack to save you time and precious resource.

. David Atkinson, Founder & CEO, Senseon
Hide Details
More Details

03:10PM

Andy Bates

Executive Director

Global Cyber Alliance

Associated Talks:

09:40AM - Day 1

View Developing security solutions: Chair’s welcome and opening comments

View Full Info

Luke Potter

Operations Director (Cybersecurity)

SureCloud

Associated Talks:

03:10PM - Day 1

View Panel: Role of ethical hacking and penetration testing

View Full Info

Robin Fewster

Offensive Security Manager, Global Security

Sage

Associated Talks:

03:10PM - Day 1

View Panel: Role of ethical hacking and penetration testing

View Full Info

Paul McCourt

Head of Information Security

MADE.com

Associated Talks:

04:20PM - Day 1

View Breach and attack simulation

03:10PM - Day 1

View Panel: Role of ethical hacking and penetration testing

View Full Info

Panel: Role of ethical hacking and penetration testing

  • What role white and grey hat hackers can play in developing secure systems?
  • Discussing the challenges and opportunities in this field
  • Real life examples from enterprise of how pen testing and ethical hackers are improving their organisations cyber security.

 

Moderator: . Andy Bates, Executive Director, Global Cyber Alliance
. Luke Potter, Operations Director (Cybersecurity), SureCloud
. Robin Fewster, Offensive Security Manager, Global Security , Sage
. Paul McCourt, Head of Information Security, MADE.com
Hide Details
More Details

03:50PM

Networking Break

04:10PM

Andy Thomas

CEO

KYND

Associated Talks:

04:10PM - Day 1

View Understanding cyber risk and how to avoid being called “stupid”

View Full Info

Understanding cyber risk and how to avoid being called “stupid”

To follow soon…

. Andy Thomas, CEO, KYND
Hide Details
More Details

04:20PM

Paul McCourt

Head of Information Security

MADE.com

Associated Talks:

04:20PM - Day 1

View Breach and attack simulation

03:10PM - Day 1

View Panel: Role of ethical hacking and penetration testing

View Full Info

Breach and attack simulation

 – What is it and where is the value

 – Evolution of ‘pre-incident management’

 – The current state of technology tooling and platforms in this sector

 – Forging tooling and mitigations in an organisation

 – Prioritising efforts and resources

 – Future trends in this area

. Paul McCourt, Head of Information Security, MADE.com
Hide Details
More Details

04:50PM

Endpoint Detection and Response – future directions

  • Do current EDR systems address all the problems they were created to solve such as increased visibility for networks?
  • What can solutions providers do to address current shortcomings with EDR systems?
  • Real examples from key industries.
Hide Details
More Details

05:20PM

Session Close

Networking Party – 6pm – Pergola @ Olympia

An evening of networking on Thursday 25 April from 6pm. Access for Ultimate, Gold & Expo Plus holders in addition to speakers, sponsors, press and exhibitors. Taking place at the rooftop bar of Olympia with spectacular views across London,  join us for drinks and networking opportunities.

Day 2 - 26 April 2019

10:00AM

Jason Reed

Senior Analyst, Cyber Security

Frost & Sullivan

Associated Talks:

10:00AM - Day 2

View Developing Security Solutions Day 2 – Chair’s Welcome and Opening Comments

View Full Info

Developing Security Solutions Day 2 – Chair’s Welcome and Opening Comments

. Jason Reed, Senior Analyst, Cyber Security, Frost & Sullivan
Hide Details
More Details

Network Security

10:20AM

Kevin Fielder

CISO

Just Eat

Associated Talks:

10:20AM - Day 2

View Building a genuinely agile security team, enhancing productivity and visibility with minimal overhead

11:20AM - Day 2

View Panel: Implementing DevSecOps in Enterprise

View Full Info

Building a genuinely agile security team, enhancing productivity and visibility with minimal overhead

  • How to ensure security enables the business
  • Continuously delivering value and ensuring no / minimum wasted effort
  • Closely aligning to business needs
  • Not hiding behind SLAs
. Kevin Fielder, CISO, Just Eat
Hide Details
More Details

10:50AM

Keynote: Protecting your reputation – network security in action

As data is a key asset for all modern organisations,  securing the entirety of your network is of vital importance and a breach can have devastating consequences on all stakeholders involved, most importantly losing the trust of all those involved.  Hence securing your network, from applications, mobile and IoT devices, emails and messaging to data centres and infrastructure is vital.  This Keynote presentation will outline how a robust network security system can maintain the reputation of your business, giving real life examples from across verticals and give step by stpe practical advice on implementing E2E network security.

Hide Details
More Details

11:20AM

Jason Reed

Senior Analyst, Cyber Security

Frost & Sullivan

Associated Talks:

10:00AM - Day 2

View Developing Security Solutions Day 2 – Chair’s Welcome and Opening Comments

View Full Info

Robin Vann

Commercial Director | Non-Executive Director

Reliance ACSN | Blue Solutions

Associated Talks:

02:40PM - Day 2

View Defencing the SMB Supply Chain with Full Visibility in Real-Time

11:20AM - Day 2

View Panel: Implementing DevSecOps in Enterprise

View Full Info

Wendy Ng

DevSecOps Security Managing Advisor, Experian Global Security Office

Experian

Associated Talks:

11:20AM - Day 2

View Panel: Implementing DevSecOps in Enterprise

View Full Info

Miguel Ornelas

Head of Continuous Assurance

HSBC

Associated Talks:

11:20AM - Day 2

View Panel: Implementing DevSecOps in Enterprise

View Full Info

Kevin Fielder

CISO

Just Eat

Associated Talks:

10:20AM - Day 2

View Building a genuinely agile security team, enhancing productivity and visibility with minimal overhead

11:20AM - Day 2

View Panel: Implementing DevSecOps in Enterprise

View Full Info

Panel: Implementing DevSecOps in Enterprise

  • Discussing the need for DevSecOps for your security team?
  • Reconciling the goals and needs of your organisation with the ever shifting cyber security landscape.
  • Barriers to security: lack of security ‘culture’ in your organisation, getting C level buy in.
  • Examples of success from DevSecOps teams.
Moderator: . Jason Reed, Senior Analyst, Cyber Security, Frost & Sullivan
. Robin Vann, Commercial Director | Non-Executive Director, Reliance ACSN | Blue Solutions
. Wendy Ng, DevSecOps Security Managing Advisor, Experian Global Security Office, Experian
. Miguel Ornelas, Head of Continuous Assurance, HSBC
. Kevin Fielder, CISO, Just Eat
Hide Details
More Details

12:00PM

Mike Bursell

Chief Security Architect

Red Hat

Associated Talks:

12:00PM - Day 2

View It’s not all tech: cultural change for DevSecOps

View Full Info

It’s not all tech: cultural change for DevSecOps

  • Security shifting from an afterthought to critical, foundational and pervasive
  • The importance of automation for embedding and scaling security expertise
  • How governance models must be extended through the development and operations process to auditing and beyond
  • Some of the key organisational obstacles you will meet – and how to address them
  • The importance of tools and process, but how you will need culture and executive buy-in to succeed
. Mike Bursell, Chief Security Architect, Red Hat
Hide Details
More Details

12:20PM

Klaus McDonald-Maier

CEO

Metrarc

Associated Talks:

12:20PM - Day 2

View Case Study: Metrarc

View Full Info

Case Study: Metrarc

. Klaus McDonald-Maier, CEO, Metrarc
Hide Details
More Details

12:30PM

Networking Break

02:00PM

Lisa Ventura

CEO and Founder

UK Cyber Security Association

View Full Info

Deborah Haworth

Chief Information Security Officer

Penguin Random House UK

Associated Talks:

02:00PM - Day 2

View Panel: Breaking the static security approach to application security

View Full Info

Mostafa Siraj

Head of UK Application Security

Capital One

Associated Talks:

02:00PM - Day 2

View Panel: Breaking the static security approach to application security

View Full Info

Panel: Breaking the static security approach to application security

Gartner’s report on the app security hype cycle states that IT managers “need to go beyond identifying common application development security errors and protecting against common attack techniques.” With the influx of cloud computing, mobile and IoT device use, breaking the ‘static security approach’ has never been more important in expanding the boundaries of the enterprise network. This panel will address:

  • Where is the perimeter? What should companies secure, and at what stage along the SDLC?
  • Security testing tools vs. application shielding products
  • The challenges of securing apps – anticipating the changing needs of the business and who is responsible for securing apps
  • Trends in application security – virtualisation, DAST and vulnerability detection
  • Recommendations for app-focused security in your business
Moderator: . Lisa Ventura, CEO and Founder, UK Cyber Security Association
. Deborah Haworth, Chief Information Security Officer, Penguin Random House UK
. Mostafa Siraj, Head of UK Application Security, Capital One
Hide Details
More Details

02:40PM

Robin Vann

Commercial Director | Non-Executive Director

Reliance ACSN | Blue Solutions

Associated Talks:

02:40PM - Day 2

View Defencing the SMB Supply Chain with Full Visibility in Real-Time

11:20AM - Day 2

View Panel: Implementing DevSecOps in Enterprise

View Full Info

Defencing the SMB Supply Chain with Full Visibility in Real-Time

Humio, Blue Solutions, Reliance ACSN

“A SERIES OF HIGH PROFILE, VERY DAMAGING ATTACKS ON COMPANIES HAS DEMONSTRATED THAT ATTACKERS HAVE BOTH THE INTENT AND ABILITY TO EXPLOIT VULNERABILITIES IN SUPPLY CHAIN SECURITY. THIS TREND IS REAL AND GROWING. SO, THE NEED TO ACT IS CLEAR.” – NATIONAL CYBER SECURITY CENTRE (NCSC)

Supply chain risk challenges nearly all businesses, and whether you’re a SMB supplier or the enterprise buyer, you need to understand and mitigate cyber risks. Yet, despite enterprises spending millions on people and technology to fight cyber crime, cyber threats continue to travel down the supply chain. How do we protect and secure the entire supply chain when limited by systems observability, availability, and budget?

In this talk, Rob will discuss ways to defend the whole of the chain, bringing enterprise grade defences to the SMB supply chain. For the SMB, this mitigates your cyber risk and defends your business.

For the enterprise, this mitigates your supply chain cyber risk and defends your business.

. Robin Vann, Commercial Director | Non-Executive Director, Reliance ACSN | Blue Solutions
Hide Details
More Details

03:10PM

Case Study: Risk Management

Hide Details

03:30PM

Container Security

Hide Details

04:00PM

Session Close