OPENING PLENARY – LONDON SUITE
We live in a connected world, and many organizations have responded with business transformation programs encompassing cloud, remote endpoints, shared networks, and more. How long can these connected systems and processes survive in a world of next generation, increasingly stealthy and complex cyber threats?
This keynote will consider the threats facing digitally-powered businesses today and in the coming years – and how the security industry can help them address these threats. Not just through multi-layered, machine-learning and intelligence-based protection, but, equally importantly, through collaboration – with each other and with the business community – to share intelligence, build skills, and ensure security is built in from the very start of every new product and service.09:35
Cybercrime continues to grow; it cost the global economy more than $450 billion in 2016. On average companies face in excess of 200,000 security events on a single day. The people carrying out these attacks are becoming more organised and aggressive, while those defending against them struggle to grow their ranks.
The skills shortage is well documented, and whilst there a long overdue focus on bridging the skills gap for the future we address what can be done today to ensure your business is attracting and retaining the limited talent on offer.11:30
The average time elapsed between the initial breach of a network by an attacker and the discovery by the victim is 146 days and only 19% are identified by internal security processes. The threat is evolving at such a pace that internal security processes are no longer able to keep up. This presentation looks at some of those other methods of cyber-attack detection and offers advice on steps organisations can take to shorten the gap between attack and detection.14:00
Should you spend your budget on training or technology? Which has a greater chance of mitigating incidents? Which has a better ROI?
This head-to-head will champion the two approaches to identify the best areas of cyber security investment.14:25
An end-to-end process is required for true security. Google has developed its model based on over 15 years of experience keeping customers safe on applications ranging from Gmail to Search and Google Cloud. These services are used by over a billion users every month from almost every country in the world. In this session, Tom Salmon will share lessons Google has learned doing this work, providing audience members with a clear understanding of the processes, software and hardware they can use to deter even the most advanced threats.13:35
The risks from the digital era have changed. We should now expect attacks on enterprise physical assets as well as the deliberate undermining of data-driven strategic decisions aimed to cause damage in the long term. AI and machine learning developments offer new opportunities for resilience across the whole digital business but will how will these same developments by used by digital criminals?14:00
The demand for machine learning (ML) in security is growing fast. There are countless approaches, but there’s also a lot of hype. This talk provides a frank assessment of the strengths and weaknesses of static analysis, decompilation, detonation, in-context analysis, and other emerging approaches, all grounded in real-world examples and specific algorithmic details.16:25
In the near future IoT devices will carry a white goods equivalent rating scale, similar to washing machines and refrigerators. Instead of energy usage, manufacturers will be measured on the number and type of security controls they have implemented. To begin the journey on IoT control standardisation, this presentation lists 12 IoT controls to provide a simple method to audit IoT devices which focuses on the device’s environment of use.13:35
IoT allows instrumentation of environments with sensors and actuators, which improves situational awareness and real-time remote control of systems. Data-driven automation based on relatively cheap IoT devices improves convenience and reduces costs, but it also introduces new risks arising from diminished robustness and increased attack surfaces. Moreover, automated collection of massive amounts of data raises serious privacy concerns, when data relates to identifiable people.14:00
In this talk, Dr. Garcia-Morchon will provide an overview of challenges and considerations for a secure IoT, including:
• the relevance of considering (resource) constraints of devices and IoT systems when deploying security
• requirements for a secure development process
• challenges arising from the heterogeneous nature of IoT systems
• problems to perform secure bootstrapping
• the importance of software updates, testing and bug hunting
• quantum-computers and long-term security
• trustworthy operation
• risks of data leakage
Cybersecurity is a vast and daunting topic. Getting the fundamentals right is critical. BS10010 (Information Classification, Marking and Handling) is a pragmatic standard approach to understanding what data and Information is, and is not, valuable or sensitive in your organisation and how to manage it securely.
Implementing the standard can:
This presentation introduces and positions BS10010 as part of your overall Cybersecurity initiatives, shows how it positively affects your organisation and gives an overview of how simply it can be implemented, even post GDPR.
Why focus on potential zero day attacks, when the vast majority of successful attacks use known vulnerabilities? This short presentation includes a brief analysis of a successful attack on the US Government and then describes a number of common cyber security myths and their real world solutions. It ends by recommending a standard set of security controls that have been developed over many years by the US Department of Defense.
2017 has seen escalating cyber attacks which commoditised cybercrime into the next ‘as-a-service’, and huge data breaches involving millions of citizens have become the new norm. Despite the volume of cyber attacks, we are experiencing low attacker capability. Alongside this, many organisations are trying to understand how the Internet of Things can be used to increase productivity and reduce costs. As attacks evolve, what happens when we add IoT to the mix? What will future attacks look like and how can we defend against them?10:05
The explosive growth of cloud adoption, “cloud first” initiatives and BYOD have created security and compliance blind spots. Forcepoint’s session examines at the growing popularity of the Cloud Access Security Broker as a means to assist security leaders to support business innovation and manage cloud risk including:
– Identify and assess risk from your cloud supply chain
– Help maintain data residency and sovereignty
– Protecting cloud user identities by identifying high-risk user behaviour
– Managing the flow of personal data
– Control how sanctioned cloud apps are used (O365, Salesforce, Dropbox etc), so you can prevent the loss of critical data and intellectual property11:15
Can you truly know if your organization has been compromised? How easily can you identify the extent of the breach? We’ve all heard of the nightmare scenario of an attack already in the environment – spreading out and waiting to exfiltrate data from the network. This discussion will focus on an arms race between indicators of compromise with a limited half0life and an attacker looking to bypass technologies and hunt teams.
Cylance believes artificial intelligence (AI) can be a great force multiplier. This session will break attendees into groups to walk them through key parts of a simulated security incident. Participants will discuss their ideas of a course of action at each stage in groups facilitated by Cylance practitioners, who will in turn, provide insight into how the Cylance® Consulting uses machine learning and AI to search for behavioural indicators of compromise at a scale, while maintaining smaller human resourcing requirement.11:15
CLOSING PLENARY – LONDON SUITE
Conference delegates will be given a first glimpse of a selection of the innovative nominated entries13:30
Real life hacking case examples from the front line of incident response and investigations into data breaches. Benn will take you through the findings of his more interesting forensic incident response investigations to help you learn from others’ mistakes, and give you some tips to hopefully keep the hackers away from your data or at least help you react more efficiently if you’re faced with responding to a computer incident.14:40