An unmissable part of National Cyber Security Show, our high-level Cyber Conference features keynotes, interactive discussion panels and content sessions through which you'll uncover the new age of threats and strategies to mitigate upcoming threats to the UK's cyber security. Learn best practice guidance for managing and securing the digital supply chain.
In a world where anyone can create successful malware or have AI generate it for them, it's important to know how malware can be successful so you can better defend. Starting from a default-deny posture, learn how adopting Zero Trust principles can keep your data safe and operations running regardless of hacking attempts by man or machine.
As the world of cybercrime evolves, threat actors will look to utilise any methods at their disposal to gain an advantage within the cybercriminal landscape. This, however, does not preclude them from utilising the same developing technologies as legitimate businesses; in an effort to gain an advantage. The number of “as-a-service” offerings has exploded over the last decade, with many of these mechanisms being implemented throughout businesses across the globe due to their numerous benefits. Cybercriminals have noticed this also, and as such, “as-a-service” has become a core part of the cybercrime landscape.
This talk will explore how Cybercrime-as-a-Service fits into the larger cybercriminal toolkit; detailing the numerous offerings, from Malware-as-a-Service to DDoS-as-a-Service and how these benefit the groups that use them. It will also aim to investigate the unique threats that the “as-a-service” offerings pose, and the wider effect this has on the tactics, techniques, and procedures of the threat actors utilising them
Local government systems and data cover the widest range of applications and present an attractive target to the whole range of threat actors. This presentation explores the approaches taken to achieve security and resilience in the sector.
• Attorney Mark Lefkow discusses a litigation method he engineered in United States courts that has produced surprisingly positive results in recovering proceeds of fraudulent wire transfers and ACH transfers, even where law enforcement and client bank efforts failed.
• Discovery obtained in these cases sheds light on how perpetrators of cyber breaches recruit money mules and other participants, and how they secret funds beyond the reach of court process.
• The presentation will provide insights for security professionals and cyber liability insurers for mitigating losses from cyber beaches.
A lot has changed in the technology and business landscape since the first NIST Cybersecurity Framework was introduced, for the NIST CSF 2.0, these changes have been incorporated into the language so that cybersecurity challenges in the context of the current world of business are taken into account. A whole new function, Govern, is also a strong sign of ushering more maturity for the cybersecurity function as it moves from the realm of the reactive and even the proactive to becoming continuous operations that are part of every business. While there are still areas that would be valuable to be highlighted even more from this framework, it’s solid ground to establish one’s cybersecurity operations on top of and a valuable mirror, to be honest about an organization’s cybersecurity posture.
The presentation will cover current global challenges being faced by organisations due to cyber security skill deficits. Saurabh will explore case studies to determine the roles of enterprises, academia, and the Government to foster collaboration in bridging the skill gap.
In today's interconnected world, the resilience of supply chains stands as a linchpin for business continuity. However, the escalating frequency and sophistication of cyber threats pose a substantial risk to these crucial networks.
This presentation delves into the imperative of bolstering supply chain security against evolving cyber threats. By exploring real-world case studies and industry insights, we will dissect the vulnerabilities inherent in supply chains and unveil strategies to fortify them.
From identifying weak links to implementing robust risk management frameworks, this session will provide actionable approaches for organizations to safeguard their supply chains.
Emphasizing collaboration, best practices, and innovative technologies, we will navigate the intricate landscape of supply chain security to ensure the uninterrupted flow of goods and services while mitigating cyber risks.
Attendees will be equipped with a comprehensive understanding of the growing threat landscape and practical solutions to fortify their supply chains against cyber threats.
Just like the Titanic didn't prepare for icebergs, thinking it was unsinkable, many businesses fail to prepare for the relevant cyber security threats they could face. This talk will focus on Cyber relevance, ensuring that when you are buying services and tools from vendors, they are relevant for your business, and how to communicate to the board to ensure you secure the budget you need, to ensure you have the lifeboats you need in the event of icebergs.
Professionalism and people development in the cyber sector is important for everyone's success and recognition of excellence is paramount. The Chartered Institute of Information Security is one of only two bodies licenced by the UK Cyber Security Council to award individuals Chartered Cyber Security Professional status. Join this session to find out about the charter specialisms, the process to apply and the benefits of chartership for both individuals and organisations.
Tom Egglestone, using data from Resilience’s October 2023 claims report, would discuss the finding that third-party attacks were the biggest cause of claims in Q2 2023, going ahead of phishing for the first time following the MOVEit breach. This allows malicious actors to scale their attacks and impact more companies – a return to ‘big-game hunting’ tactics that prioritise bigger targets for maximum impact. Tom will highlight how to properly manage third-party vendor risk in today’s evolving threat landscape, and how this continues to shape cybersecurity trends in 2024.
In a rapidly advancing landscape of cyber and physical security, the presentation explores the evolution of attackers and raises a critical question: Have our defenders adapted accordingly? Delving into the intricacies of modern threats, the talk aims to dissect the dynamic nature of attacks, emphasising the urgency for organisations to relook at their security measures. Through a comparative analysis of evolving attack methodologies and defence strategies, the presentation navigates the complex intersection of cyber and physical security, offering insights to empower defenders in the face of increasingly sophisticated threats.
• During this presentation Katie will look at the intricacies of modern threats.
• Katie will explore the practical challenges organisations face when it comes to security.
• Katie will share actionable advice on adapting and strengthening your defence strategies to protect yourself and your organisation.
In a world where anyone can create successful malware or have AI generate it for them, it's important to know how malware can be successful so you can better defend. Starting from a default-deny posture, learn how adopting Zero Trust principles can keep your data safe and operations running regardless of hacking attempts by man or machine.
Society forced onto technology without being empowered to be safer online, the societal oversight which has evolved into the society failing which is fuelling and facilitating a trillion dollar economy.
• Current Board make-up
• Skills on Boards
• Common perceptions of Boards
• How not to try and persuade Boards
• More successful approaches
• Where to get helps
Street infrastructure is now being fitted with sensors that gather data about traffic, pedestrians, and the environment within which the public services operate. This smart street ecosystem is also referred to as connected places. This research initially explored how the integrated smart infrastructure services rolled out by local authorities (through private operators) are changing the criminal and security landscape. It then deep dived using smart EV charging case study, into whether the current procurement process enables the local authorities to utilise NCSC connected place principles for cybersecurity to minimize cyber risks of the connected place ecosystem. The research highlights the gap in national policy to protect national essential services and local implementation for systemic events.
This presentation presents a new framework for analysing the cognitive effects of cyber operations. It establishes what is meant by cognitive in a cyber context, how different cognitive functions and processes might be affected by cyber operations, and potential impact of UK cognitive cyber operations on malicious state actors. The presentation will highlight the potential for cognitive cyber operations to enhance cyber deterrence and associated ethical and normative concerns around cognitive manipulation.
The presentation will explore the vital principles of integrating security into the fundamental structure of SMEs. Embracing a 'Secure by Design' approach, attendees will gain insights into tangible examples of improved cybersecurity measures and a deeper comprehension of the consequential impacts on social and economic dimensions. The emphasis will be on equipping SMEs with the tools to fortify their resilience against evolving threats, including those posed by AI, and understanding how these efforts contribute to the overall societal and economic welfare.
As generative AI proliferates across business applications, we must first understand how it can be exploited by malicious actors. This discussion dives into techniques for subverting and extracting sensitive data from LLM-enabled applications, frameworks for understanding these risks, and adapting security teams' skillsets to tackle these new risk vectors.
This talk will provide a general overview of cybercriminal forums, how they work, what’s on them, and why cybercriminals like to use them. There will be a particular focus on the Russian-language scene, and how it differs from its English-language counterpart. Roman will also cover how cybercriminal forums fit into the ransomware-as-a-service scene.
This talk will provide a general overview of cybercriminal forums, how they work, what’s on them, and why cybercriminals like to use them. There will be a particular focus on the Russian-language scene, and how it differs from its English-language counterpart. I will also cover how cybercriminal forums fit into the ransomware-as-a-service scene.
In 2022 a group of suspected North Korean hackers broke into a Vietnamese video game. At $625m, the haul was a serious contender for the largest single theft in history. It was certainly the fastest - the money was spirited away in under two minutes. As the thieves raced to launder the loot, they inadvertently triggered a battle royale between financial regulators, law enforcement, free speech advocates and crypto bros.
If the internet is the new high seas of commerce are cyber criminals sheltering within nation-states borders the 20th century brethren of their 18th century ancestors? There are some startling parallels between the emergence and development of Pirate culture, nation state rivalries of long ago and the modern cyber-crime or advanced persistent threat groups of today. Join Ian Thornton-Trump, CISO for Cyjax as he charts a historical and likely hysterically funny look at piracy on the high-seas and how nation states hunted those scallywags to extinction. Arr.
Drive action and change in the security world. Changing technology and processes starts with energising and inspiring your stakeholders to take action.
In this session, we'll cover how to build relevant, compelling, and emotionally engaging content that sparks action from your message. Learn how to make the complex simple, tell stories, and lead the charge for change in the cyber world.
- You face more risks to your business than ever before – how can you measure those risks and understand where they are? - You have to work with your board on risk – how can you improve your communication with them to reduce risk effectively? - You have to eliminate risks faster – how can you automate your remediation processes to achieve this in practice?
Over the last year, the professionalisation of the cybersecurity industry has progressed in leaps and bounds as the UK Cyber Security Council continues to develop Chartership pathways for individuals. But what does that mean for someone entering the industry? How can we join the dots so that graduates can see a clear pathway instead of a confusing mess of certs, training, and inaccurate recruitment ads? And how will professionalisation help to encourage more people into this industry, providing a solution instead of yet another problem?
.png){kind=logo}
.jpg)
.png)
)
.jpg/fit-in/120x9999/filters:no_upscale())
)
)
)
)
)
)
)
)
)
)
)
)
)
)
)
)
)
)
)
)
)
)