Programme:

08:30
Registration - coffee - networking
08:55
Chair's opening address

Geoff White

Security in 2022

  • The changing face of cyber crime: 2022 cyber threats and new methods to protect against them
  • The risks and costs of cybercrime to businesses
  • Cyber skills: The importance of education and hiring the right people
  • Outlooks on AI & IOT
09:00
Ransomware: Tackling the immediate threat

Ransomware is “the most immediate cyber threat” faced by UK businesses, according to NCSC CEO Lindy Cameron. The threat has already been demonstrated across the globe, with ransomware attacks such as the US’s Colonial Pipeline hack and the UK attack on Hackney Borough Council showing the damage that can be done. But most businesses aren’t as prepared as they need to be.

This session will cover:

  • How big is the threat from ransomware to UK organisations?
  • Examples of recent ransomware attacks and the damage caused
  • Who is most likely to be affected by ransomware and why
  • How incident response and the ability to test defences are key
  • Increasingly sophisticated methods: Ransomware-as-a-service and multi-extortion attacks
  • Paying the ransom—and how to avoid this
09:15
DDoS: Preventing and mitigating attacks

DDoS attacks are getting bigger. Microsoft reports it mitigated an attack on an Azure customer that came in at 2.4Tbps in 2021, beating the peak traffic volume of a 2.3Tbps attack that hit Amazon Webservices in 2020.

As DDoS attacks surge in scale and number, this talk will look at:

  • The size and scale of DDoS: Examples of attacks
  • Why attackers use DDoS
  • The risk of DDoS to businesses: Who will be targeted and what’s the impact?
  • Prevention and mitigation: How to prevent DDoS and mitigate attacks if they do happen
09:30
Cyberwarfare: The Russia threat

The threat from Russia has never gone away, but it is growing. According to Microsoft’s Digital Defense report, the majority of state-sponsored attacks over the past year were performed by Russia. The SolarWinds attackers dominated threat activity, according to Microsoft data. This session will look at:

 

  • The Russia threat: A historical look at the nation and how the cyber threat evolved
  • Examples of recent hacks and a breakdown of the SolarWinds attack
  • Russia’s aims: What does Russia want from the West and why does it target organisations?
  • Which industries are most likely to be targeted by Russia?
  • Indicators of compromise: Russia’s tactics, techniques and procedures
  • What firms can do to protect against and mitigate Russia-backed cyber attacks

 

09:45
BYOD: Managing complexity

As the workforce returns to the office, BYOD needs a complete overhaul. So much so that the NCSC has released updated guidance to help firms deploy and manage a “potentially difficult IT set-up” post-pandemic.

This session will cover:

  • Why pandemic “quick fix” BYOD strategies are not fit for purpose
  • How attackers take advantage of vulnerabilities and misconfigurations in devices and networks
  • Creating a BYOD policy that works for the current office/working from home environment
10:00
Supply chain security

Supply chain threats aren’t dying down, making it integral that organisations are able to protect themselves. This session will examine:

  • Examples of supply chain attacks and how these took advantage of vulnerabilities
  • Who is the most likely to fall victim to a supply chain attack
  • How to protect the supply chain: The importance of baking security into contracts
  • How to ensure your own foundational security is good enough to avoid being the “weakest link in the chain”
10:15
Inside the UK’s National Cyber Force

The UK government’s new National Cyber Force (NCF) will be located in Samlesbury in the North-West, drawing together personnel from GCHQ, the MoD, MI6 and the Defence Science and Technology Laboratory (DSTL), under one unified command for the first time.

This session will look at:

  • What is the NCF and what will it do?
  • Why offensive cyber capabilities are key in today’s threat landscape
  • The types of technologies being used by the NCF
  • The NCF’s roadmap and how the organisation will keep the UK secure

 

10:40
Headline Sponsor Cloudflare

 

 

10:55
Coffee & Networking
11:25
One of two streams to choose from

Click here to see the full schedule of streams on offer

11:55
Seminar Change Over
12:00
One of two streams to choose from

Click here to see the full schedule of streams on offer

12:30
Lunch and networking
13:30
One of two streams to choose from

Click here to see the full schedule of streams on offer

14:00
Chairs Afternoon Address

Geoff White

14:05
How Manchester is fostering a generation of cyber talent

Manchester is a well-established cyber security hub. GCHQ is now also in Manchester, and the area boasts digital security companies including Avecto, Hedgehog, NCC Group and Secarma, as well as established cyber divisions of global defence companies such as Raytheon, BAE Systems AI and Northrop Grumman.

This session will examine the thriving cyber security scene in Manchester including the Cyber Innovation Centre – an £10m programme to facilitate the growth of cyber security businesses in the region. It will also take an inside look at the GM Cyber Foundry – a £6m ERDF funded initiative, which four north west universities are collaborating on, to be run out of the Cyber Innovation Centre with the aim of encouraging engagement between a range of businesses on cyber innovation research.

 

14:20
Testing your defences

It’s widely agreed that it’s not a matter of if you are the victim of a cyber-attack, but when. At a time of surging threats from multiple vectors, businesses must test their defences. This session will examine:

  • Threat intelligence: Working out the type of attack that could affect your business
  • Testing defences: Red teaming and penetration testing
  • Incident response: A checklist
  • How technology such as AI and machine learning can help detect and mitigate attacks
14:35
The end of the password

The end of the password is nigh, at least according to tech giants Microsoft and Google, which have both made significant moves to reduce reliance on passwords. But how soon can we expect to see the password disappear altogether, and is this really that practical?

This session will cover:

  • What Microsoft and Google are doing to eliminate passwords
  • What can be used instead of passwords, or as well as them
  • Security vs functionality: Can you ever have both?
  • The work of the FIDO alliance and 2FA
14:55
Autonomous Breach Protection: A new way to address Advanced Threats

Anthony Roberts

This talk will highlight todays challenges caused by advanced threats, a look into some of the new threats identified and how Autonomous Breach Protection can help solve the challenge faced with today’s threats.

15:10
As inside look at vulnerability reporting

Hacking is not a crime. That’s the mantra of the army of ethical hackers finding and reporting vulnerabilities in software and keeping systems safer. This session will see an ethical hacker taking the audience through a typical day in their shoes including:

  • How vulnerability reporting works: Best practices for fixes
  • How the media reports hacking, and the reality
  • The good, the bad and the ugly: The best and worst parts of the job
  • Finding vulnerabilities: How ethical hackers find issues in software
  • Bug bounties: The huge payments on offer from the likes of Google and Microsoft
  • Fostering the new generation of hacking talent: Who can be an ethical hacker and how to find them
15:35
Coffee and networking
16:00
One hour Q&A with Tim Peake

Tim Peake

17:00
Chairs Closing Remarks

Geoff White

17:10
Drinks Reception & Tim Peake will be joining us for a drink or two