Programme:

08:30
Registration - coffee - networking
09:00
Chair's opening address

Colonel (Retd) John Doody

Security in 2017

  • The changing face of cyber crime: 2017’s cyber threats and new methods to protect against them
  • The risks and costs of cybercrime to businesses
  • Cyber skills: The importance of education and hiring the right people
  • GDPR: The importance of compliance and timetable for success 
09:05
Hunting Security Bugs In Web Apps.

Suleman Malik

There are so many web applications that work in the background but it can be difficult to know about them. In this talk I’m going to show you some bug hunting techniques and how I exploited vulnerabilities in some major websites. I will cover some topics, which includes bypassing Content security policy (CSP), API endpoint vulnerability, PostMessage vulnerability, CSRF, XSS, Session/Authentication flaws and exploiting some other owasp vulnerabilities.

09:20
GDPR - a journey or a diet?

Daniel Selman

In this session Daniel Selman will reflect on his experience to date planning for and leading the implementation of GDPR in two FTSE 100 companies – Direct Line Group and Informa.  The common themes and challenges, the difference in approaches in other areas and sharing the lessons he has learned (so far) along the way.

09:50
What the results of the 2017 State of Security Operations Report tell us about organisational readiness for GDPR

Dr James Blake

Over the seven years the HPE Security Intelligence & Operational Consulting (SIOC) practice has performed assessments on the operational capability of over 137 discreet Security Operations Centres (SOCs) across 6 continents.  These assessments address the business & risk alignment, people, process and technological aspects of operating a incident detection, investigation and response capability.  Many of these organisations have invested millions in products and salaries, yet fail to even achieve a basic level of capability.  This presentation will look into the common factors causing this lack of maturity and provide guidance on the best practices HPE SIOC have seen implemented, as well as answer the question: are most organisation’s SOCs ready for GDPR?”

10:05
Using AI to stop Ransomware: A Real-Life Case Study on how the Enterprise Immune System Detected and Responded to Wannacry

Andrew Tsonchev

Using AI to stop Ransomware: A Real-Life Case Study on how the Enterprise Immune System Detected and Responded to Wannacry

In this session, learn about: 
•    The implications of ransomware and why traditional security tools are not sufficient to defend against it 
•    Using machine learning and artificial intelligence to identify the Wannacry attack before it was able to spread
•    How to achieve 100% visibility of your network 
•    Defending against subtle, novel attacks in the future using an ‘immune system’ approach

10:30
Coffee & Networking
11:00
Two one hour seminars will be available to choose from

Please Click here for seminar information.

12:00
Lunch and networking
13:00
Two one hour seminars will be available to choose from

Please Click here for seminar information

14:00
Chair's afternoon address

Colonel (Retd) John Doody

14:05
Conducting cyber security health checks to initiate a GDPR, NIS Directive or ISO 27001 compliance project.

Alan Calder

•             Identifying the critical risk areas and implementing security measures to reduce cyber risk.

•             The impact of and obligations imposed by the General Data Protection Regulation (GDPR) and Network and Information Systems (NIS) Directive.

•             The benefits of aligning an ISO 27001-compliant information security management system (ISMS) with the GDPR and NIS Directive.

14:20
GDPR: Wiggle’s journey

Jason Albuery

With a lot of focus around organisations being ready for the General Data Protection Regulation next year, this session is a brief look at the journey Wiggle has undertaken on its road to becoming GDPR compliant.

  • What we have done
  • What’s left to do
  • Some of the challenges we faced along the way
14:35
Machine Learning – Protecting Business Critical Data

Matt Little

We’ll deliver insights around the benefits Machine Learning can bring to an organization, as well as the limitations and advantages offered by alternative security solutions including UEBA, SIEM and DLP. We’ll also discuss the human element of cybersecurity and its essential role in protecting against threats.

This must-attend session will provide valuable understanding of what organizations should be thinking about when considering a Machine Learning solution, how best to prepare for implementation and where they can expect to reap the rewards - from gaining visibility on existing security gaps, to successful threat mitigation and meeting regulatory compliance.

14:50
Protecting your business from the threat of Online Crime

Jennie Williams

With cyber–crime in the news on an almost daily basis it is important to understand what steps you can take to protect both yourself and your business from these threats. This session will look at:

  • Biggest threats we are seeing in the North West
  • Where the threats come from
  • How to protect yourself & your business from these threats
15:05
Securing your Journey to the Cloud

Clive Gladwin

·        The security challenges for businesses when moving data to the cloud

·        Current data protection legislation and the impending GDPR: warnings and takeaways

·        Cloud architecture and information centric security as a critical consideration

15:20
Coffee and networking
15:50
Strategic view into GDPR journey.

Tarun Samtani, CISSP

A strategic view in GDPR journey: There are lot of myths and FUD around GDPR and fines. Let's once and for all clear them out. This session will look past the FUD into building a vision of GDPR journey. Some key points covered are as below:

a) Myths and Time considerations,

b) Assessment of your key areas of impact,

c) Build a strategy and work through

d) Key takeaways

e) Q & A

16:05
GDPR - A Game Changer

Junaid Farooqui

Is information security a new concept? Is personal data security a new one? Nothing is new and GDPR is not presenting any alien concept. Most of the rights given are same in DPA 1998 as in GDPR, however this regulation is coming up with lot of teeth as there are heavy fines and could cost huge reputational damage. GDPR is a good opportunity to improve information security posture across the organisation and change the culture of how personal data of customer, staff and other concern parties are handled. In this session I will try to highlight some of the IT Security areas which might need some risk assessment with GDPR lens to deploy new or alter existing controls.

16:20
Chair's closing remarks
16:30
Event Close
16:35
Exclusive Manchester United Tour for 200 Selected Delegates

Please make sure you have booked your place upon registration

Tour Includes:

  • Optimum viewing point of the stadium from the seating area
  • Players dressing rooms
  • VIP Lounge
  • Players Tunnel
  • Pitch side / dug outs

Followed by an exclusive drinks reception

Supported by: