Small businesses are buying security tools at an astonishing rate- EDR, SIEM, MDM, email filters, threat intel feeds, and anything else a vendor can demo in under 20 minutes.

But more tools don’t automatically mean more security. In fact, over‑tooling often creates the opposite: desensitisation, budget drain, no integration, analysis paralysis, and a false sense of safety.

This talk explores why so many organisations end up with a sprawling toolset that nobody has the time, skills, or processes to manage, and how to break that cycle. We’ll look at the common pitfalls, how to invest smartly, and how to ensure every tool you buy actually delivers value. Most importantly, we’ll explore a practical alternative: understanding your risks, assets, and requirements first, so you only buy tools that genuinely solve a problem.

Honest, practical, and free of sales buzz words, this session will help you get more security from fewer tools.

As 2026 marks a tipping point for traditional security, this session explores why the "Reset Password" button is becoming an expensive relic of the past. We demonstrate how transitioning to FIDO2 passwordless authentication slash helpdesk costs and eliminate phishing risks while creating a seamless, "one-touch" employee experience. Discover a proven roadmap to move your organization towards a more secure, efficient, and truly password-free future.

The threat landscape has evolved, and backup alone is no longer enough. Today’s cyberattacks are faster, more targeted, and costlier than ever. Organisations need to move beyond reactive strategies and embrace a full-circle approach to security: Detection, Protection, and Recovery, all unified in one platform.
 
The value of cyber resilience is no longer just about data recovery, it’s about business continuity and risk mitigation in real-time.

As the security perimeter dissolves into a borderless and identity-driven landscape, managed service providers face a dual challenge; defending customers against increasingly sophisticated "log-in" breaches while maintaining operational efficiency in the SOC. When attackers move with legitimate credentials, traditional siloed alerts often fail to provide the context required for a rapid response, leading to "swivel-chair" fatigue and extended dwell times.

This session is designed for MSSP and lean security teams looking to bridge the "Identity Gap," the lethal space between network telemetry and user behavior. We will explore how a more integrated architectural approach can transform service outcomes. By fusing Identity-aware Network Detection and Response with an open framework, and Autonomous SOCs, providers can move away from manually stitching together data toward a single, cohesive view of the threat landscape.

Supply chains have become the largest attack surface in cybersecurity — yet many organisations still rely on static, compliance-driven third-party risk management approaches that fail to reflect how modern ecosystems actually operate.

This session explores the shift towards Active Supply Chain Security (ASCS) — a continuous, network-driven model designed to deliver real-time visibility, proactive risk response, and collective defence across interconnected supplier ecosystems. Learn how organisations are moving from fragmented, point-in-time assessments to a collaborative approach that uncovers systemic risk, reduces supplier fatigue, and strengthens resilience across every link in the chain.

Key takeaways from the session:

• Why traditional TPRM no longer works: Static, compliance-driven approaches fail to address the complexity, speed, and interconnected nature of modern supply chains — leaving organisations exposed to systemic and nth-party risks.
• What Active Supply Chain Security looks like in practice: A shift towards continuous visibility, network-driven insight, and collaborative defence that enables organisations to detect emerging threats and respond proactively.
• How organisations can strengthen resilience across the ecosystem: Standardisation at scale, shared supplier intelligence, and collective action reduce supplier fatigue while giving CISOs and security teams a clearer, real-time view of risk across every link in the chain.

As networks expand and threats accelerate, the old divide between networking and security is no longer sustainable. This fast-paced session reveals how HPE’s AI-native, edge-to-cloud security architecture—powered by Integral Security, Unified SASE, and hybrid mesh firewalls—enables organisations to protect users, devices, and applications with unprecedented simplicity and precision.

You’ll see how identity-based Zero Trust, shared visibility, and AI-driven operations converge to deliver stronger protection, lower cost, and radically improved user experiences. Real-world results—like 60% cost reductions, faster deployments, and industry-leading threat efficacy—show what’s possible when security becomes integral to the network itself.

If you’re looking to modernise your security posture, streamline operations, or prepare your organisation for an AI-driven future, this session gives you the clarity and direction to take the first step.

Security awareness often ends up as a poster on the wall or a piece of mandatory training that people forget. It is frustrating when you put in the effort and the behaviour you hoped to influence doesn’t shift. Many teams feel stuck at this point, unsure how to make their programme truly matter.

AI is transforming the way we work, defend, attack, and innovate - but without the right guardrails, it can just as easily become our biggest liability. Join me for a fast‑paced, myth‑busting session that cuts through the hype and exposes the real security risks hidden behind the AI revolution. We’ll explore why good governance isn’t a blocker but the secret sauce for safe, scalable AI adoption. Whether you’re a techie, a business leader, or an academic, you’ll walk away with fresh insights, practical takeaways, and a few laughs - plus a sharper view of how to stay ahead in the age of intelligent machines.

When a cyber breach hits, the difference between control and chaos is measured in seconds.

Drawing on frontline investigative experience and surviving the 2004 Asian tsunami, this talk reveals how the same crisis behaviours that determined survival in the Indian Ocean determine outcomes when your business is on the line.

Phishing has always been the favoured gateway for advanced persistent threats — but AI has rewritten the rules. In this session, James Dyer exposes how a recent large-scale phishing APT leveraged deepfakes, cloned voices, and generative AI to create unprecedented levels of deception and persistence.

Attendees will see how threat actors are operationalising AI to automate reconnaissance, craft hyper-personalised lures, and deliver synthetic interactions that blur the line between human and machine. The talk will dissect the campaign's tactics, infrastructure, and social engineering methods, highlighting how traditional detection and awareness models are being outpaced.

Finally, Dyer will explore how organisations can adapt — from enhancing phishing resilience and deepfake detection to reshaping threat intelligence processes in an era where seeing and hearing are no longer believed.

Hackers today rarely "hack in" like the movies. More often, they phish, steal credentials, and log in through the front door. This presentation explains how modern attacks use deception, fake login pages, and compromised identities to gain access-proving that the biggest cyber risk is often trust, not technology.

Step inside the seedy underworld of cyber crime, where stolen identities, hijacked inboxes and VPN logins are traded like business leads. In Cyber Crime Unmasked, Huntress Sales Engineer Alex Hitchen goes undercover into the modern cyber crime economy - pulling back the curtain on how attackers really operate, and how you can shut them down before they cash out.

You’ll follow the money trail from that first “harmless” phishing email through Business Email Compromise (BEC), session token theft and Ransomware‑as‑a‑Service. Along the way, Alex will decode the roles of initial access brokers, affiliates and ransomware operators. This will include how the same playbooks that fuel their profits can be used against them with the right visibility and response.

Most businesses run IT and security through separate vendors, and that separation is exactly where breaches happen. This session makes the case that treating them as two different conversations was always the wrong model. ThreatSpike's Kevin Price explains what changes when the team running your infrastructure and the team defending it are the same.