An unmissable part of National Cyber Security Show, our high-level Cyber Conference features keynotes, interactive discussion panels and content sessions through which you'll uncover the new age of threats and strategies to mitigate upcoming threats to the UK's cyber security. Learn best practice guidance for managing and securing the digital supply chain.
Arup experienced a deepfake social engineering attack in 2023 which lead to the loss of 25 million GBP. In this session, learn about the incident at a high level and how it occurred. You can also learn about the key steps of the attack and how Arup responded, as well as an outline of what was learned and how others can learn from the mistakes made.
As cyber threats evolve at unprecedented speed, the greatest vulnerability - and the greatest opportunity - remains the human layer. This panel brings together leaders in security, workforce development and organisational culture to explore how the industry can overcome the persistent talent gap and build a resilient, future-ready workforce.
The discussion will examine the full talent pipeline: from inspiring early-career entrants and upskilling mid-career professionals to retaining experienced specialists in an increasingly competitive marketplace. Panellists will address the barriers preventing new talent from entering the sector, the skills most needed for tomorrow’s threat landscape, and the practical steps organisations can take to embed continuous learning.
Crucially, the session will shine a spotlight on culture - how businesses can foster environments that encourage curiosity, psychological safety and shared responsibility for security. With human behaviour often the deciding factor in breach prevention, the panel will explore why culture is not just a “nice to have”, but a foundational pillar of effective cyber resilience.
In a sector as competitive as cyber, technical expertise alone isn’t enough. Leaders need to communicate with clarity, build trust quickly, and stand out in a crowded marketplace. Yota’s talk shows cyber professionals how to leverage personal branding as a strategic business tool, one that drives visibility, strengthens client relationships, and opens doors to new opportunities.
Explore how the adoption of artificial intelligence is reshaping DevSecOps practices across the software development lifecycle. From automated code analysis and vulnerability detection to intelligent threat modelling and real-time incident response, AI is changing how security is embedded into development and operations. A look at how AI-driven tools can accelerate deployment, reduce human error, and improve security outcomes, as well as the new challenges they introduce around governance, trust, skills, and accountability.
This session looks at how changes in cyber law, the use of AI, emerging quantum technologies, and growing demands around digital sovereignty are starting to impact UK organisations in day-to-day decision-making. Drawing on experience working directly with boards, it highlights where senior leaders are increasingly accountable, where existing governance arrangements are under strain, and why these issues now sit firmly outside the IT function. The aim is to create an informed and practical discussion about what needs attention now to safeguard data, protect organisational credibility, and remain resilient in an increasingly complex operating environment.
While cyber security awareness is now important for almost everyone, it is often presented in a manner that struggles to engage a wider audience, with an uphill battle to promote a topic that they don’t necessarily want to know about in the first place. One means of addressing this is through gamifying the experience. However, while various cyber security games have been created, they sometimes require an investment of time that many people don’t have and/or need prior cyber knowledge to play or facilitate them. What may be preferable are short-form activities that can provide a foundation for later discussion. This session describes and demonstrates interactive activities that have been designed to provide such a provocation of interest, helping to make initial cyber engagement and awareness more fun. These include the fairground-style Hacker Whacker and the adversarial game of Cyber Defence Dice. The session will explain and demonstrate the games … and may even let you play them.
Traditional cyber security tools cannot keep up with today’s threats. We will explore why layered products fail – and how a unified platform, built on zero trust, least privilege and AI-powered automation, redefines modern defence. Learn how seamless access control, real-time threat response and machine-level protection come together to secure every user, device and session.
In Gray zone Warfare: From IT Systems to OT Effects, Ian Thornton‑Trump CD examines how modern cyber conflict operates in the space “between peace and war,” where adversaries pursue strategic advantage without crossing traditional thresholds of armed conflict. Using his established insights into hybrid warfare and cyber‑physical risk, Thornton‑Trump reveals how attacks that begin in enterprise IT environments increasingly cascade into operational technology (OT), critical infrastructure, and industrial control systems. This session presents cyber incidents as components of intentional Gray Zone campaigns that blend espionage, disruption, economic coercion, and psychological pressure. Thornton‑Trump demonstrates how weaknesses in identity systems, supply chains, governance, and security visibility are exploited to bridge IT and OT, turning digital access into real‑world consequences—including safety risks, service disruption, and national‑level instability. Ultimately, this presentation challenges leaders and security professionals to view cyber defence as a matter of operational safety and geopolitical reality—recognizing and countering Gray Zone activity before IT compromise becomes irreversible OT impact.
Cyber resilience is more than just a technology issue. Understand why cyber governance is key to becoming cyber resilient. This talk will cover:
The Cyber Landscape Governing Cyber Risk Cyber Governance Code of Practice IASME Cyber Assurance Standard Becoming Cyber Resilient and Demonstrating Compliance
- Mainframe history, prevalence, and status as critical national infrastructure silently powering the UK economy
- High-level overview of the mainframe attack surface
- Insight into common risks and impacts discovered as part of mainframe testing
- Suggestions for risk reduction via enhanced, comprehensive mainframe assessment regimens
.png)
.png){kind=logo}
)
)
)
)
)
)
)
)
)
)