Close
REGISTER NOW
See Who's Attending

Agenda

Day 1November 10, 2021
9:00 am - 9:10 am
Chair’s Welcome Address
9:10 am - 9:30 am
Keeping the UK public sector safe and secure
  • Developing the next phase of the UK’s comprehensive approach to cyber security beyond 2021 
  • Measuring the impact of the National Cyber Security Strategy (2016-2021) and how investment has driven change across government and society 
  • Analysing the Covid19 cyber threat landscape and shielding the UK from increased hostile state cyber attacks 
  • Positioning Britain as a leader in cyber technical authority and increasing resilience against attacks 
  • Making the technologies and critical infrastructure we depend on more trustworthy and secure 
  • Strengthening cooperation across sectors and developing the talent pipeline to meet national security demands

Speakers

Matt Warman MP
Parliamentary Under Secretary of State (Minister for Digital Infrastructure)
Invited
9:30 am - 9:50 am
Platinum Sponsor Session
9:50 am - 10:30 am
Prepare, Respond and Recover: Managing Risk and Business Continuity in the Public Sector

Cyber resilience is more than about securing technology. It encompasses preparedness for risks, continuous efforts to deter and defend against cyber-attacks, and remediating from crises. Our panel session explores: 

  • Government guidance, tools and resources to identify, mitigate and manage risks 
  • Implementing preventative measures which take account of services, people, technologies and processes 
  • Responding to cyber incidents through immediate and long term remedial actions 
  • Business continuity management and recovery mechanisms to lessen disruptions and maintain critical services 
  • Raising the profile of cyber security at strategic levels to ensure it is given high recognition, focus and resources

Speakers

Geoff Connell
Director of IMT & Chief Digital Officer
Norfolk County Council
Confirmed
Pete Cooper
Deputy Director for Cyber Defence
Cabinet Office
Confirmed
9:50 am - 10:20 am
Trends in ransomware

Speakers

Gareth Carrigan
Head of Cyber – Investigations Tech Lead
Information Commissioner’s Office
Confirmed
10:30 am - 10:50 am
Break, Virtual Exhibition Networking and Live Delegate Meet Ups 

During this break why not join one of our Fireside Chats & Roundtables? Our fireside chats and roundtable sessions are open to all attendees. The sessions will allow attendees to drive their own learning and share experiences with others on a number of different subject areas.

10:30 am - 10:50 am
Fireside Chat – Digital Identity and Government

This talk will consider the key aspects of a good online identity scheme: 

  • The purpose of a scheme 
  • Who is it for and ease of use 
  • How strong identity assurance needs to be to meet the purpose 
  • Who will pay for it, own the liability and offer redress  
  • Interoperability, sharing and updating identity  

Speakers

Dr Louise Bennett
Director, Digital Policy Alliance & Co-Chair of the Privacy and Consumer Advisory Group
Confirmed
10:50 am - 11:10 am
How the National Cyber Security Centre is tackling emerging threats

Exploring ways in which the National Cyber Security Centre is leading the response to the Covid19 pandemic, building a resilient nation, proactively engaging and partnering with key public sector bodies and driving cyber skills and innovation. 

Speakers

Ian McCormack
Deputy Director for National Resilience & Strategy
National Cyber Security Centre (NCSC)
Confirmed
11:10 am - 11:30 am
Gold Sponsor Session
11:30 am - 12:00 pm
Protecting the physical and digitally engineered world

The session will show the range of malicious threats facing the public and private sectors and the vulnerabilities of initiatives such as Building Information Modelling (BIM), Open Data and Smart City/Connected Places that can be mitigated by forethought and proportionate countermeasures that enable rather than inhibit the desired innovation. 

The Centre for the Protection of National Infrastructure (CPNI) is the UK Government’s National Technical Authority for Physical and Personnel protective security advice.  CPNI are part of the National Security apparatus and they have a long history of providing advice on securing critical infrastructure, sensitive technologies, digital engineering, open data initiatives, advanced manufacturing processes, automotive and intelligent transport system security and managing the security of smart city initiatives.

Speakers

Paul F
Head of Physical Security
CPNI
Confirmed
12:00 pm - 12:45 pm
Seminar Sessions
  • Endpoint protection 
  • Securing remote workforce  
  • Identity and Access Management (IAM) 
  • Cloud security 
  • Ransomware / Malware  
  • Advanced Persistent Threats (APTs) 
  • Social engineering and phishing techniques 
  • Security Awareness, Behaviour & Culture 
  • Supply chain security 
  • VPN resilience 
  • Incident response and management 
  • Network security 
  • Data loss prevention  
  • Secure digital transformation 
  • Third party risk management 
  • Breach prevention and management 
  • Threat intelligence, monitoring, detection  
  • Data protection impact assessments 
  • Data Protection Act 2018 / GDPR compliance and challenges 
  • Innovations in security and privacy 
  • Emerging technologies (IoT, Machine Learning, AI) and security  
  • Data processing and retention 
  • Disclosure requests 
12:45 pm - 1:50 pm
Break, Virtual Exhibition Networking and Live Delegate Meet Ups 

During this break why not join one of our Fireside Chats & RoundtablesOur fireside chats and roundtable sessions are open to all attendees. The sessions will allow attendees to drive their own learning and share experiences with others on a number of different subject areas 

1:20 pm - 1:50 pm
Fireside Chat – Industrial Control Systems and Emerging Technologies

The session will briefly cover: 

  • Risks from cybersecurity to safety and security of supply critical to national infrastructure 
  • Issues for managing risks from cybersecurity: proportionality, managing supply chain, creating the right culture, incident management and recovery 
  • Emerging applications using machine learning in safety applications 
  • Identifying and managing risks: determining ‘trustworthiness’

Speakers

Sarabjit Purewal
Cyber Security and Emerging Technology Lead
Health and Safety Executive (HSE)
Confirmed
1:50 pm - 2:20 pm
Seminar Session 1
1:50 pm - 2:20 pm
Seminar Session 2
2:20 pm - 2:40 pm
Building a cyber resilient culture
  • How a resilient cyber culture can help organisations improve their business resilience posture and mitigate risks more effectively 
  • Utilising your most valuable assets – your staff  
  • Enabling rather than preventing 
  • Removing barriers 
  • Identifying your most vulnerable and at-risk people 
  • Ways of nudging and effecting behavioural change 
  • Benchmarking and measuring effectiveness 

Speakers

Zakki Ghauri
Head of Cyber Security and Governance
Westminster City Council & Kensington Council
Confirmed
2:20 pm - 2:40 pm
Best practices for effective third party risk management

To be compliant with GDPR, organisations must take necessary steps to protect the data in their care, including data that is shared with third parties such as contractors, partners, suppliers and service providers. This session looks at effective strategies for managing third party risks, common gaps in contract management, and maturing your organisation’s security postures. 

Speakers

Madi McAllister
Information Governance and Data Protection Officer
National Church Institutions
Confirmed
Daniel Bagley
Information Security Officer
National Church Institutions of the Church of England
Confirmed
2:20 pm - 2:50 pm
Developing the cyber security profession

According to the Department for Digital, Culture, Media & Sport, 37% of all vacancies for cyber roles have been hard-to-fill with many businesses struggling to recruit employees with the necessary technical skills. The sector has made strides in diversity; the NCSC published its ‘Decrypting Diversity’ report in 2020 to benchmark and track levels of diversity and inclusion states that “improving diversity and inclusion will be crucial to the cyber security industry’s ability to address its well-documented skills gap.” Hear from industry insiders about: 

  • Building a talent pipeline that reflects the diversity of Britain 
  • Upskilling, measuring and improving cyber resilience with hands-on training for existing employees 
  • Benefiting from a more distributed workforce 
  • Non-traditional routes into the cyber security profession 
  • Standards and certifications, including the newly set up UK Cyber Security Council’s role and how it aims to become the ‘voice of the profession’ 

Speakers

Senior Representative
UK Cyber Security Council
Confirmed
2:50 pm - 3:20 pm
Defending your organisation against cyber attacks

Most organisations rely on users being able to spot phishing emails as a typical defence mechanism. A multi-layered set of mitigations is needed to improve an organisation’s resilience against phishing attacks. 

  • Protecting against phishing, ransomware and malware attacks 
  • How to make it difficult for attackers to reach your users 
  • Helping users to identify and report suspected phishing emails and breaches 
  • Responding to incidents quickly and effectively 
3:00 pm - 3:20 pm
Data Protection compliance in the public sector
  • What are the obstacles to compliance?  
  • Aligning your data protection strategy with your organisation’s overall IT and digital innovation agendas  
  • Influencing compliance through technological and behavioural change 

Speakers

Jonathan Craven
Head of Information Governance and Data Protection Officer
Central and North West London NHS Foundation Trust
Confirmed
3:00 pm - 3:20 pm
Procurement approaches to building and transforming cyber capability
  • What is cyber transformation? 
  • The challenges faced by the public sector 
  • Key benefits 
  • The steps to implementing an effective cyber security transformation 
  • Common pitfalls and mitigations 

Speakers

Elizabeth Giugno
Head of Category - Cyber Security
Crown Commercial Service
Confirmed
3:20 pm - 3:40 pm
Break, Virtual Exhibition Networking and Live Delegate Meet Ups 

During this break why not join one of our Fireside Chats & RoundtablesOur fireside chats and roundtable sessions are open to all attendees. The sessions will allow attendees to drive their own learning and share experiences with others on a number of different subject areas 

3:20 pm - 3:40 pm
Fireside Chat – Cookies and Consent: Realigning user privacy with marketing 
  • Key challenges for digital advertisers without 3rd party cookies 
  • Will 1st party cookies improve compliance with regulations governing data subject consent? 
  • Realigning data privacy and marketing: a data subject approach to cookie consent

Speakers

Stephen Breen
Principal Lecturer and GDPR Researcher
London Metropolitan University
Confirmed
3:40 pm - 4:10 pm
Managing and responding to cyber incidents
  • Developing and updating incident plans for better preparedness  
  • Risks of legacy systems amid growing cybersecurity concerns 
  • Technical guidance for analysing, containing/mitigating, remediating and recovering from breaches 
  • Digital forensics analysis and investigations 
  • Legal and regulatory requirements, working with relevant government bodies to navigate data protection during and post-crises 
  • Post-incident reviews and lessons learned 

Speakers

David Cowan
Head of ICT
Copeland Borough Council
Confirmed
Iain Harrison
Information Governance & Risk Manager
Leicester City Council
Confirmed
3:40 pm - 4:00 pm
Outcome and risk-based approaches for the energy sector

Speakers

Mohammed Zumla
Chief Cyber Security Architect – NIS Competent Authority,
Ofgem
Confirmed
3:40 pm - 4:10 pm
Case Study

Speakers

Dr Andy Grayland
Chief Information Security Officer at the Digital Office
Scottish Local Government
Confirmed
4:10 pm - 4:30 pm
How DevSecOps helps Government to be secure by design

DevSecOps involves building security as a culture with continuous and flexible collaboration between security and developer teams. For most organisations, DevSecOps does not happen all at once since it is iterative process that relates to a culture of change. We discuss: 

  • Key tools, what they are, how they can be introduced and matured 
  • Building a culture of shared responsibility in software development lifecycle 
  • Automation and building machine capabilities 
  • DevSecOps best practice for continuous improvement 

Speakers

Mahbubul Islam
Chief Information Security Officer
HM Courts & Tribunals Service (HMCTS)
Confirmed
4:10 pm - 4:40 pm
Keeping NHS data safe
  • Defending against cyberattacks  
  • Protecting sensitive and confidential information such as patient data, healthcare records and IT systems 
  • Security and data protection in health and care services, local authorities, and clinical commissioning groups 
  • The Data Security and Protection Toolkit (DSPT) and Better Security, Better Care programme

Speakers

Alex Harris
‎Cyber Security Policy Lead
NHSX
Confirmed
Steve Fenwick
Head of Security Operations, Data Security Centre
NHS Digital
Invited
4:10 pm - 4:30 pm
Squaring the Circle

Protecting mission critical assets while supporting the drive for accessible, self-serve data in modern digital government. 

Speakers

Andrew Bolton
Head of Data Practice and Data-as-a-service
DWP Digital
Confirmed
4:40 pm - 5:00 pm
A year in review: Emerging Cyber Trends in 2021
  • Current cyber threat landscape: example risks, threat actors, attack vectors, attack surfaces 
  • Key trends and advanced persistent threat actors exploiting the Covid19 pandemic 
  • Building strong and effective partnerships within government and across industry for better response and mitigation 

Speakers

Neil Sinclair
National Cyber Lead
Police Digital Security Centre
Confirmed
Gareth Carrigan
Head of Cyber – Investigations Tech Lead
Information Commissioner’s Office
Confirmed
4:40 pm - 5:00 pm
Securing Innovation and Future Technology
  • Balancing innovation and adoption of emerging technologies with security, risk management and data protection 
  • Reviewing top use-cases of emerging technologies, including IoT security 
  • Ethical and legal considerations around the use of IoT, AI, Machine Learning 
  • Evaluating the role of the UK as an emerging hub for innovation in technology

Speakers

Saj Huq
Director of Innovation
Plexal
Confirmed
4:40 pm - 5:00 pm
Cyber security: Being everything new under the sun

How universities can nurture innovation in the cyber security sector

A Cyber Security Ecosystem has evolved across Greater Manchester nurtured and grown through activities without boundaries and across disciplines. At the heart of this are Manchester’s Universities living the Turing legacy bringing innovation to underwrite a bright Digital Future. Professor Danny Dresner will explain how the Greater Manchester Cyber Foundry has changed cyber security to be a catalyst for growth, how the Centre for Digital Trust and Society is bringing people and technology together, and how the Digital Innovation Security Hub is set to launch at the centre of the cyber community. 

Speakers

Professor Daniel Dresner
Professor of Cyber Security
University of Manchester
Confirmed
4:50 pm - 5:00 pm
Chair’s closing remarks and the end of the conference