Agenda
We're still working on the 2021 programme. In the mean time here's a look at last year's agenda for a taste of what to expect.
19th November 2020
The events of 2020 have highlighted and exacerbated pre-existing challenges around remote workers, supply chains and external cloud services provision. The complexity of access to systems and data has dramatically increased; the growth in staff working remotely from insecure networks, differing levels of security within the supply chain, and Shadow IT are all examples of the challenges faced. In this session we will share examples of how organisations have taken proactive steps to address the remote challenge, to ensure trusted friends do not become exploited weaknesses.
With the dramatic increase in distributed workforces and the growing adoption of cloud applications, companies face unprecedented levels of IP, data, and identity sprawl beyond the enterprise firewall. Every endpoint is an entry into your business, cybercriminals have more ways to break in than ever before, and human error on the inside is a constant risk. Historically, endpoint security has been a zero-sum game—with the odds inevitably stacked against IT. But rather than protect devices, what if you could just control the security of them?
In this presentation, see how Chrome OS and Chrome Browser are secure by design—embedding security into every workflow to provide proactive protection for users, devices, applications, and data, wherever work happens. This is cloud-first security control in the hands of the modern businesses that will thrive moving forward.
This session will focus on the role of The UK Cyber Security Council, which is to champion the cyber security profession across the UK, provide broad representation for the industry, accelerate awareness and promote excellence. As Co-Chair of the Council Formation Project, Budgie will provide updates on the Council’s vision, aims, and objectives and how it will become the ‘voice of the profession’.
The risks and importance of your third parties vary drastically. To build an efficient third-party risk management (TPRM) program, its critical to prioritize which vendors and suppliers present the most risk, as well as which ones are essential to your operations. Insight into your third parties’ inherent risks can change the way you run your TPRM program, helping to increase security and performance. By understanding where to prioritize your time, you can onboard key vendors faster, spend the right amount time performing due diligence, and invest the most resources assessing and monitoring the third parties that matter most.
Today, you’ll learn how inherent risks can help you:
- Determine the type, depth, and level of validation for vendor assessments
- Tier your third parties by criticality
- Build workflows across teams and involve the right stakeholders at the right time
- Streamline and scale your TPRM program
When your IT is under cyberattack, every second counts. In a digitally connected organization, the impact of business outage can multiply by the second. Manual, siloed approach to cyber recovery may lead not only to prolonged downtime, lost business and high recovery costs but also compliance failure and damage to your reputation.
Combining security, business continuity and risk management practices including right cyber culture can help organizations transform their business resilience posture and mitigate risks more effectively. In this session, watch the story of an organization suffering cyber outage and learn from their experience how public sector organizations can be prepared for any cyberattacks by taking a fresh approach to risk assessment and deploying the right programs, expertise and technologies.
- What is PAM and why is it mission critical?
- The Modern Privileged Attack Surface: Where is your data at risk?
- How global government & public orgs are using PAM in their strategies?
2020 has been quite the year for unrest. The rapid transition to a remote workforce as a result of the COVID-19 pandemic has given rise to a slew of cybersecurity challenges. Organisations must deal with securing their data across both company-supplied and employee-owned devices, as cybercriminals leverage the crisis to launch new attacks. If that wasn’t enough of a problem, add into the mix the 150% increase in targeted and e-crime intrusion attacks being executed by these cybercriminals. The security professional in 2020 is not only dealing with an unpredictable infrastructure challenge but is having to work twice as hard in combatting the sheer multitude of attack scenarios. It seems neither the adversary or the security professional is taking any rest!
Key Takeaways:
- Recommendations for how you can protect your organisation’s data and network across both corporate-supplied and employee-owned devices, regardless of where they are located
- What the trends are in the attacks of today and who is being targeted, including a dissection of key examples
- Why ransomware that leverages the fear and uncertainty around the pandemic is on the rise and what can be done to combat it
- Latest findings from the 2020 OverWatch report, including analysis on key adversary activity
Join key members of ITGL’s award winning Security Practice for an engaging panel discussion focusing on effective cyber defence against criminal and nation state sponsored threats.
- Hear about the value that early sight intelligence on the Dark Web can help you better prepare for an imminent attack.
- Gain an insight into how the industry’s broadest and deepest threat intelligence can be applied to mitigate risks.
- Understand how we can enhance your organisations capability to analyse, detect and respond to threats far more efficiently.
According to EY, consumers, regulations, and business concerns are driving UK public and private sector industries to re-examine their data disposition processes, particularly for sensitive and personal information. We’ll show how UK enterprises can ensure data security at data end-of-life, comply with data protection laws, and align data disposal policies with both the National Data Strategy and environmental goals.
- An overview of the UK National Data Strategy as it relates to data disposal
- Adequate and inadequate disposal methods for active data and end-of-life IT assets
- How many UK organisations are putting data at risk with current practices
- Ways to adjust data disposal practices for the hybrid work environment
- How data erasure supports environmental stewardship and social responsibility policies
Data Sanitization – Ask the Expert
Following the presentation, Blancco will be hosting an interactive Q&A session. The 10-minute session will give attendees an opportunity to meet with data sanitisation subject matter experts and have a more detailed conversation about their data pain points, or concerns around their data security posture.
- How the procurement process is key to enabling security
- The role of contracts in managing cyber security risks
- The common challenges faced by the public and private sector
Public Sector organisations planning for 2021 are looking, more than ever, to ensure that their transition to remote working didn’t send them one step forward and two steps back in terms of security, compliance, and usability. We have found that many Public Sector organizations are in the process of reviewing security gaps and identifying improvements that can be made to their technology and processes – many of which were implemented quickly due to the sudden changes to the workplace this year.
In addition to this, many of the security threats that existed pre-COVID (remember then?) have not changed or gone away. If anything, the attack surface that Privilege Access Management (PAM) tools help secure has become even larger. Threats are more difficult than ever for organizations to manage with native tools, and the traditional desktop and server estate has become a thing of the past.
Join this session to learn how Secure Remote Access and Privilege Management solutions can be implemented to solve PAM challenges quickly, across entire estates. You will also find out how to provide your users (and third parties) with a secure, compliant platform from which to work remotely – via an on-premises or SaaS deployment – in just weeks, not months or years.
- Evaluating how the UK is emerging as a global cyber power and what it means
- Discussing the continued growth of IoT and reviewing current legislation around IoT security
- Investing in high level thinking and uncovering big ideas around smart cities and the connectivity of places
- Embedding the right level of skills and digital awareness within the workforce
The WannaCry attack in 2017 left the NHS with a £92m bill. Learn how the NHS is aggressively improving health and care security posture, tackling the challenges presented by Covid-19 through:
- Bolstering cyber security during the outbreak and implementing a system wide monitoring, threat intelligence and incident response strategy
- Better support and guidance for local organisations
- Better cyber training and greater awareness and engagement among NHS staff and organisations
According to new research from the Department for Digital, Culture, Media & Sport 50% of UK businesses have a basic cyber skills gap: Hear how the UK plans to sustain a cyber security sector fit for the future by:
- Building a robust cyber security talent pool and attracting a diverse and wide range of talent to the world cyber security
- Fostering better retention and recruitment of staff
- Raising the standard of cyber security practice to meet the demands of an increasingly digital economy in both the public and private sector
- The National Cyber Security Strategy: the new direction?
- Ensuring all organisations implement effective cyber risk management and reviewing what behavioural changes and market norms will be needed across the UK Economy
- Analysing how effective current standards are for cyber risk management and a critical look at the accountability mechanisms needed
- A review of the current regulatory environment and ensuring that this is coherent across different sectors
- Best practise tips for supplier risk management- what standards need to be in place from the onset?
