OLD TRAFFORD FOOTBALL STADIUM, MANCHESTER
6TH FEBRUARY 2025
HEADLINE SPEAKER DAVID WALLIAMS
A look back over the first half of 2025 - how attackers are evolving their tactics and techniques
The introduction of the Cyber Security and Resilience Bill to Parliament highlights that, despite the UK's departure from the EU, future regulations will likely follow international standards. The interconnected nature of global cyber threats makes it impractical to deviate from existing frameworks. By aligning with NIS2, DORA, and GDPR, UK organisations can better prepare for upcoming national regulations and enhance protection against cyber risks. This isn't about rewriting the rulebook—business continuity and data resilience remain central to all cybersecurity regulations. That’s why ensuring your organisation has tamper-proof backups and effective disaster recovery capabilities is key to surviving infrastructure and data threats. Join Kim Larsen, CISO at Keepit and seasoned cybersecurity advisor with experience in NATO, the EU, and international corporations, for insights on:
• Data governance
• Regulatory compliance
• Business continuity strategies
Jen will discuss how to discover the weakest link in your organisations security before attackers do.
Using gap analysis, risk assessment and building a dynamic and comprehensive culture of cybersecurity, find out how to identify the weak links and say goodbye to them before it’s too late.
Cybersecurity is not just about technology; it's fundamentally about human behaviour and what we now call Cyber security Culture. This talk will explore the critical role of cyberpsychology and criminology in understanding user behaviour and the motivations of attackers (and those who weaken security posture through insider risk). We'll delve into the impact of common cognitive biases on security decisions and discuss strategies for improving user education and awareness.
What's a 2025 talk without including AI? Let's also examine how the rise of Artificial Intelligence (AI) is transforming the cyber security landscape. Discussing the implications of AI-powered automation, the importance of trust and transparency in AI systems, and the emergence of new threats and how these are ultimately affecting cyber security 'culture'.
In this talk, we will explore the evolving landscape of cybersecurity threats as observed through Cloudflare's extensive network in 2024. Attendees will gain a deep understanding of emerging attack vectors and sector-specific threats, with a particular focus on the alarming year-over-year increase in DDoS attacks. By exploring key trends across Web Application Firewalls (WAF), bot management, threat hunting, and threat events, we will highlight the critical importance of tailored security strategies. Participants will leave equipped with actionable insights and strategies to fortify their defenses against the ever-changing cybersecurity challenges.
• Learn the art of prioritisation to ensure your team focuses on high-impact activities, protecting critical assets without burning out or overspending
• Explore the hidden costs in your security stack to determine what to keep, cut, or combine for maximum efficiency.
• Boost your defences without breaking the bank: What does it take to stay ahead of attackers and build better lines of defence with limited resources?
ThinkCyber’s CEO Tim Ward will delve into the reasons for implementing security awareness programs within organisations. Is it purely a matter of compliance or does it serve a deeper purpose of empowering employees to protect sensitive information and themselves?
Tim will explore the fundamental question: why invest in security awareness training? He will examine how to ensure these programs work—focusing on the science behind how people learn and retain security knowledge. By applying behavioural science principles, Tim will discuss how organisations can effectively change employee behaviours, reducing operational risks and enhancing overall security posture.
The session will also address key metrics for success. Tim will explore the importance of measuring not attendance or click rate, but the effectiveness of security awareness efforts. Are you measuring performance or real impact?
He will share real-world examples from some of ThinkCyber’s clients to illustrate how to assess the effectiveness of security training and discuss the best practices for ensuring lasting behavioural change.
Deepfakes are getting easier to make but how can they be used in crime? Are they the next tool in the social engineer’s toolkit? From hacked CCTV to cloned RFID cards and quality deepfakes, Jake will uncover what is currently possible when breaking into a business with a little help from AI. Plus learn what happens when you experiment the spread of misinformation and how it can be used in financial crime.
Developing a robust security culture within an organisation is a critical challenge in today's threat landscape. Traditional security awareness programs often struggle to drive lasting behavioural changes. This session explores the power and role of "nudges" – subtle environmental cues and design elements that can positively influence employees' security-related behaviours.
Changing behaviours is a challenging task, changing your organisational culture can be even more difficult. Understanding why social engineering works, or how errors are so frequently made needs a better understanding of oneself. Grounded in the principles of behavioural economics and mindsets, attendees will learn practical strategies to educate, inform, nudge, and ultimately influence the culture of their workforce towards better security practices.
We as an industry have been heavily focused on the ransomware threat. A loud and dramatic threat that commands the attention of security professionals, governments and CEO’s globally but has possibly diverted some of our resources away from another increasingly concerning threat.
Hacktivists seem like an old adversary that are the concern only of big banks and extractive industry organisations. This is a dangerous assessment. In this talk we will look at the rapid increase in their number, capability and motivation. Who are they? How do they select targets? How are they funded? Why do they pose a threat to you? What discussions do we need to have in 2025 to combat them?
Discover how to align your security investments with real-world threats. Amir Khan, Head of Sales at Zivver, presents exclusive insights from Zivver’s latest independent research revealing how IT leaders across industries perceive and prioritize email security. Gain a unique perspective on your peers' biggest challenges and plans for ensuring their email security strategies meets compliance and learn what’s driving their focus for 2025 and beyond. Amir shares practical steps to future-proof your organization with a holistic approach to email security.
A Kudelski Security Incident Response expert shares stories of what happens behind the scenes while learning tips from someone that sees these attacks happen on the daily.
The talk explored the transformative potential of AI in redefining how humans interact with technology, emphasizing the principle of AI-assisted human progression. Central to the discussion was the recognition that while we often refer to "artificial intelligence," AI is not truly intelligent in the human sense. Instead, it is a combination of advanced machine learning and automation, designed to process data, recognize patterns, and execute tasks at unprecedented speed and scale.
Picture this: You arrive at work, coffee in hand, only to find your screen frozen with a ransom note. The message is clear: “Pay up millions, or your data vanishes forever.”
It’s not a distant nightmare, it’s happening every day, and in 2025, the risks have never been higher. With growing reliance on technology, widespread cryptocurrency, and tougher economic times, ransomware is thriving.
In this session, we’ll uncover the dark history of ransomware, explore the anatomy of an attack, and look at what’s coming next in the threat landscape.
Most importantly, you’ll leave with practical tips, tricks, and tools to protect yourself, your team, and your organisation. Because when it comes to ransomware, preparation isn’t optional - it’s survival.
In the past, compliance efforts have largely centred around providing a snapshot of security at a specific moment. However, with evolving regulations like DORA, NIS2, CRA and others, this approach is becoming outdated. These new standards demand a more dynamic and continuous view of security.
If raw, thought-provoking conversations about the biggest challenges in global security sounds like your thing, we’ve got something brewing that you won’t want to miss. Join Lisa Forte and Sarah Armstrong-Smith for an exclusive session as they reveal what they've been working on in partnership with CNG.
Join cyber security leaders Sarah Armstrong Smith and Lisa Forte for an engaging fireside chat with renowned author and comedian David Walliams. The session begins with an exciting announcement from our hosts, leading into a lively discussion on creativity, resilience, and leadership.
Concluding with an interactive Q&A, this talk promises to inspire, inform, and entertain. Don’t miss it!