2020 Keynote Agenda

We’re excited to share with you a snapshot of the hottest topics that will be discussed live in March. Hear from experts about the latest data scandals and the leading technologies, techniques and best practices from across the industry.

If you can relate to these subjects and want to stay up to date with this and other CCSE news...

Here's a snapshot of our 2020 speakers:

Andy Bates
Executive Director
Global Cyber Alliance
Becky Pinkard
Chief Information Security Officer
Aldermore Bank
David Deighton
Chief Information Security Officer
University of Birmingham
Helen Williams
Cyber Protect Officer
Organised Crime Unit
James McKinlay
Group Information Security Officer
Barbican Insurance
Kevin Brown
Managing Director
BT Security
Ros Smith
Senior Product Manager - IAM
BBC
Simon Legg
Chief Information Security Officer
Hastings Direct
Stu Hirst
Principal Cyber Security Engineer
Just Eat
Wendy Ng
DevSecOps Security Managing Advisor
Experian

Pentesting: So, you think you’re secure?

Many organisations find pentesting painful. Even if your hired hackers find a vulnerability to fix, you’re left uncertain whether all your weaknesses have been exposed or not. This session will give an overview of more holistic pentesting for a wide range of types of attacks – from social engineering to network and cloud breaches.

Using AI to respond to threats

There are only so many cyber threats that humans can discover and tackle – and many breaches go unnoticed for months. And that’s where AI comes in. An AI system could tirelessly scan for suspicious behaviour, alert you to problems and even provide fixes. This session will look at the potential – and limits – of using AI for cyber security.

Hacking and cybercrime – how the land lies in 2020

Make sure you are as informed as your peers about the latest hacking threats. Here our industry expert report from the frontline of cybercrime and walk us through emerging trends, including AI-enhanced breaches, IoT vulnerabilities and remote access attacks - and show how you can keep your organisation safe.

Fighting back with cloud: CounterAttacks 101

Attack is the best form of defense. The problem is, most organisations’ cyber security model focuses almost exclusively on building walls around on-premises systems. In our cloud-first era, this just doesn’t make sense. Attend this session to learn how to defend your assets in the cloud by constantly scanning the horizon and attacking the attackers.

Fostering a security culture from top to bottom

Organisations with a strong security culture have much lower chances of ‘human factor’ breaches – by far the most common cause of incidents. However, as any cyber security exec will tell you, fostering this kind of culture is extremely challenging. But it is possible, and this session will walk you through the practicalities of changing hearts and minds.

Security without sacrificing the customer experience?

Customers expect hassle-free online purchases and easy access to your products and services. They also demand the highest standards of security. How do you square this circle? Attend this session to learn how to balance safety with a smooth customer experience – and learn how your security credentials can become a competitive differentiator.

Is decentralised cloud the way to reduce vulnerabilities and risk?

Today an enormous amount of cloud computing runs through the central servers of a small handful of companies. While these service providers are certainly secure, there are still some well documented risks with this model. This session will explore how decentralised cloud computing could provide a novel alternative.

How self-learning machines can detect and defeat

Imagine a self-learning machine crawling your systems, seeking out and neutralising threats. Rather than human workers scanning entire environments, artificial intelligence solutions could do the leg work - without ever getting fatigued. This session will explore how this technology works.

Who will triumph? How Nation States weaponise intelligence to dominate

It’s the new arms race. Competing governments are increasingly weaponising intelligence to influence trade, news and even elections in foreign countries. But what are the underlying technologies and strategies that let them do this? Our expert will provide an insight into the technical and geopolitical factors at play.

API security – The cyber risks of seamless integration?

APIs underpin so much modern technology. But if you depend on a third-party API which gets broken, hacked, or simply isn’t updated, you could leak sensitive data. Attend this session to learn about the latest encryption methods, tokens, and other strategies to ensure the APIs you use are safe and secure.

Ensuring enterprise-level security in complex cloud environments

Many large businesses are adopting complex cloud environments which offer great flexibility, scalability and privacy - be that an entirely private cloud or some kind of hybrid. However, ensuring these environments are safe requires cloud security expertise that not every IT department can access. During this session we explore the essentials.

Creating value while managing risk and security

It is the major dilemma for CISOs and other security professionals: you don’t want to eternally be saying “no” to new initiatives yet must ensure security. This session will look at how to find a balance between these competing demands and how to manage them. We will also see how security can be a valued-added differentiator.

The year in breaches: Lessons learned from Capital One and more

When details of 106m people were stolen from the Capital One bank’s Amazon Web Services instance in 2019, it reopened many people’s concerns around cloud security. This session will explore the major cloud breaches of the past 12 months and look at what we have learnt about cloud security.

Are your employee devices the weakest link in your network?

More employees are using peripheral devices than ever. All those company-issued and BYOD smartphones, laptops and tablets are great for productivity but provide juicy opportunities for hackers too. We explore the best ways to manage these devices across your network and methods to contain any breaches.

The consequences to brand, finance and trust for BA, Marriott and Facebook

The EU’s GDPR regulation bared its teeth in 2019 with huge fines for BA, Marriott and Facebook. In this keynote we explore the implications of these penalties for the brands concerned. What can we learn from their experiences, and what does it mean for your company?

The role of the enterprise in averting cyberwarfare

In 2015 Sony was rocked by a cyber-attack believed to have emanated from North Korea in response to a film it produced. Aggressive foreign powers are increasingly weaponising cyberwarfare to target key industries and critical infrastructure in other countries. This session will look at the scale of the threat, how businesses can reduce their exposure and the role of the private sector in curtailing threats from abroad.

Is society growing numb to data breaches? The risk of breach normalisation

Barely a week goes by without newspaper headlines reporting another data breach. For many citizens these breaches feel abstract and distant, yet for the victims the consequences are very real. Are we at risk of normalising data breaches? Is this even a problem, and how might we counteract it?

Navigating the staffing challenge within security teams

There are huge shortages of skilled cyber security staff and many organisations are forced to outsource this work to expensive consultancies. This session will look at what the industry needs to do to develop cyber security skills in-house. We will also learn how successful CISOs attract, train and retain security personnel.

Automating security operations for best-in-class SIEM

Automated Security Information and Event Management promises to save IT departments countless tedious hours analysing security alerts. The benefits are clear but SIEM is not a silver bullet and must be deployed effectively. During this session we will explore the do’s and don’ts and best practice.

Is the future of cyber security Quantum?

While widespread quantum computing is still some way off, its cyber security potential is enormous. It could, for instance, make it nearly impossible for hackers to launch brute force attacks on a system. A quantum and cyber security expert will talk us through the implications of this new technology, its strengths and limits.

Maintaining confidentiality in the BYOD era

BYOD is the New Normal, but it introduces more access points to your network than ever before. While there is some risk, this model can still be managed securely and confidential data protected. We will be taking a deep dive into best practice and protocol from both a technical and business culture perspective.

Simplifying IAM in the age of cloud?

In the cloud era, employees are increasingly using cloud-based business apps and tools from different providers. This introduces the risk that they use short cuts such as simple (or written down) passwords to access all these systems. Attend this session to learn about best practice Identity and Access Management in the cloud.