The rise of cyber technology has transformed the nature of work, creating new job opportunities, but also widening the income and talent gap. As automation replaces many traditional jobs, the demand for tech skills has increased. We will explore the future of cybersecurity professionals and how to stay ahead of the curve.

• The central premise of sustainable security is that we cannot successfully control all the consequences of insecurity, but must work to resolve the causes.
• It derives from the broader focus on Environmental, Social and Governance (ESG) standards that aim to measure a business's impact on society, and the environment, and how transparent and accountable it is.
• In a world that has never been so interconnected - and not just by the Internet - what does this mean for how we operate to protect and deliver value to our business/organisation, its outputs and customers?
• By aiming to cooperatively resolve the root causes of threats using the most effective means available, sustainable security is inherently preventative in that it addresses the likely causes of conflict and instability well before the effects are felt.
• Prevention is better than cure but keep an eye on the cost vs benefit gained to ensure value is delivered.

The UK is a leader in cybersecurity innovation, with a thriving industry that boasts world-class talent and cutting-edge technologies. The country's robust legal framework and government support for cybersecurity initiatives provide a strong foundation for businesses looking to protect themselves and their customers from cyber threats. This session will highlight the commercial and security advantages of working with the UK cyber industry.

• How can we get a better understanding of the security skills gap and its causes? 
• Are we creating an artificial skills/talent gap by putting an excessive focus on technical skills?
• What role does Neurodiversity play in creating and developing a robust talent pipeline of security professionals to tackle today's security issues?
• What's been done so far and what can we do to make things better?

• The developing UK Cyber Security Network
• Bridging the skills gap and promoting innovation in cyber
• UKC3: super connector to your regional cyber cluster

• What are the key cybersecurity risks facing telecoms? Supply chain complexity and backdoor threats
• The importance of transparency in the telecoms supply chain and making cybersecurity integral to decision-making of products and services
• How risk-management services can be leveraged within the telecoms industry to promote transparency, establishing a secure-by-design best practice for complying to security standards

• Cyber Essentials controls the update process.
• What has changed in the 2023.
• Future plans for the controls.

In this session, we will discuss the growing threat of cyber attacks and their impact on businesses. We will explore examples of recent attacks and their devastating consequences. We will also discuss the impact of cyber attacks on daily business operations and reputation. Find out the basic steps that businesses can take to improve their cybersecurity posture and protect themselves against these threats.

From a CISOs perspective, what are the priorities companies and individuals should be focusing on. What are the current and emerging threats and why haven’t we suffered from global Cyber meltdown through Cyber War on the back of Ukraine?

This session will delve into the integration of AI in the security industry, exploring whether it is a cure-all solution or merely overhyped. We wil examine how AI can be assimilated into security culture and the advantages and obstacles it presents to the industry.  Learn about the current state of AI in the security industry, how it can augment security measures, and the expected AI adoption and advancement in the future.

This session will focus on defining trust and trustworthiness in cybersecurity. Attendees will learn about the reasons why efforts to build trust often fail to produce positive outcomes, as well as specific trust drivers that can be used to build or repair trust bonds. Gain valuable insights into how to effectively build trust with customers and partners, ultimately enhancing their organisation's reputation and success in the industry.

Are you interested in learning more about the legal implications of employee monitoring in the workplace? Join Sarah Lee and Steve Conlay from BPE Solicitors for this 30 minute talk to learn more about how to navigate the legal landscape of employee monitoring and ensure compliance in the workplace. Topics include;
 

• Different forms of employee monitoring 
• The legal and ethical considerations associated with employee monitoring 
• The impact of employee monitoring on the employee-employer relationship 
• Best practice for employers

Individually, we’re strong but together we’re stronger. While a startup has exciting new ideas, government and industry possess insights and resources.
 
So, what happens when you throw them together and blend up their respective expertise?
 
This session will provide the audience with lessons from Dave’s experience of building collaborative ecosystems, which has required strategically closing the gap between startups, government and industry.
 
Expect to understand: 
•    How private and public innovation has reinforced national security and economic impact, with commitments from the likes of the National Cyber Security Centre and the Department for Science, Innovation and Technology
•     Why global tech companies such as Amazon Web Services are looking to SMEs for solutions in areas such as healthcare and defence
•    Where the value lies in startups across industries, like cyber, sharing a mission with large organisations to test solutions together 

This session will analyse the return on investment (ROI) of cyber safety measures by comparing the cost of a potential cyber attack against the cost of implementing safeguards. We will explore the benefits of being cyber safer, such as mitigating financial losses and protecting your reputation, to help you make informed decisions about cyber security spending.

Running a red team exercise can be extremely helpful to highlight gaps in controls and weaknesses in detection and response capability.  It's a complicated undertaking, however, and can be fraught with risk.  When red teaming goes wrong, it can go wrong in the ways you least expect.
Gemma Moore discusses some of the lesser-considered pitfalls in red teaming, and how businesses using adversary simulation to enhance their security can avoid the bear traps.

The digital transformation was significantly accelerated by the pandemic, without society being adequately prepared with the necessary digital/cyber culture or even conscious of the need. Cyber security and awareness training in the majority of workplaces will continue to be generally ineffective where the necessary foundational digital culture does not exist. Any degree of online safety and security for the populace can only be achieved through a holistic collaborative approach to the development of digital/cyber culture.

Advanced Persistent Threat (APT) groups continue to be one of the most damaging threats facing the cyber landscape. Whilst many different detection and defence mechanisms have been used for protection, often the most effective method can be through our understanding of the landscape.

This case study follows my investigation into one of the most prolific ATP groups known as Trickbot, who are based in Russia. Within this research, I was able to uncover the fundamentals of Trickbot’s cybercrime operations through their leaked internal communications. This included their internal processes, management structures, and custom tooling. Using this, I will explore the key place that APT analysis holds within cybersecurity and how by gaining a deeper understanding of threat groups, a complete and effective defensive stance can be built"

Our reliance on technology as the fix for cybersecurity problems has left gaps in our resilience. In this session, veteran FBI agent, Miguel Clarke, will talk about his experience of leading counterintelligence investigations and his work as a member of the National Infrastructure Protection Center, and will tell us why he believes we must put the ‘human factor’ at the centre of creating a truly resilient environment. 

This session will cover the 2023 threats observed in the cybersecurity landscape and their potential impact on businesses. The speakers will discuss ways to improve internal visibility on malicious activity, profile hacking activity to understand its risk to your business, and add context to available information inputs to optimise resources. Learn how to decrease detection and remediation time while increasing readiness for evolving attack types.