Complete programm of cybersecurity connect UK

DAY 1: Wednesday 13 November

5:30 PM - 6:45 PM: OPENING KEYNOTE PRESENTATION

"The concept of cyber resilience as a model for moving forward"

Opening by Dominic Fortescue, Director-General Government Security Group and Government Chief Security Officer, Cabinet Office

Chair: Martin Smith MBE, Chairman and Founder, The SASIG

Cyber security protects our systems, networks and data from the threats in cyberspace. But the dangers are now omnipresent – it’s when not if our organisations are attacked. Forward thinking opinion is now migrating towards cyber resilience, which includes not only the ability to protect but also embraces the need to prepare for, respond to and recover from cyberattacks.

We must continue to defend, of course, but we must also now actively plan to limit the severity and impact of attacks and put in place coordinated, converged measures across all business functions to ensure our organisation’s continued post-incident survival and growth.

Panellists :

A senior representative of the National Cyber Security Centre
Graham Bastin, Group Head of Resilience, Barclays
Peter Goodman QPM, Chief Constable Derbyshire Constabulary and National Police Chiefs' Council (NPCC) National Lead for Cyber Crime
Paddy McGuinness CMG OBE, Senior Adviser, Brunswick Group and former Deputy UK National Security Advisor for Intelligence, Security, and Resilience
Stuart Frost BEM, Deputy Director, Head of Enterprise Security & Risk Management, Department for Work & Pensions

8 PM ONWARDS - WELCOMING COCKTAIL RECEPTION AT MARCHÉ DE LA CONDAMINE BY ZSCALER

DAY 2: Thursday 14 November

9 AM - 9:30 AM: KEYNOTE BY PROOFPOINT

Why Cybercriminals Know More About Your Employees Than You Do

Cybercriminals aren’t focused on infrastructure and don’t view the world in terms of a network diagram. They care about identifying who in a company has access to the information they want and are laser-focused on targeting them directly. These targets are known as VAPs (Very Attacked People) and they may not be who you would expect.
Adenike Cosgrove, Cybersecurity Strategist at Proofpoint discusses how attackers are leveraging two of the most powerful information tools—LinkedIn and Google—to conduct reconnaissance on potential individuals to target. Armed with this social media-based research, attackers often know more about the employees than the security team does.

Speakers :

Adenike Cosgrove, Cybersecurity Strategy, EMEA, Proofpoint

Andrew Rose, Senior VP, Chief Security Officer, Mastercard

9:30 AM - 6 PM: FORUM, ONE-TO-ONE AND WORKSHOPS

5 PM - 5:45 PM: THE SASIG WORKSHOPS

#1 - Benchmarking the CISO by The SASIG

Chair: Martin Smith MBE, Chairman and Founder, The SASIG

Panellists :

Alain Bouillé, Director of Information Systems Security, Groupe Caisse des Dépôts and President, Le Cesin (Club of Experts of the Security of Information and Digital)
Robert Coles, Visiting Professor, Royal Holloway College University of London
Professor Denis Fischbacher-Smith, Research Chair in Risk and Resilience, University of Glasgow
Olivier Ligneul, Directeur Cybersécurité du Groupe, EDF
Helen Rabe, CISO, Abcam
Joseph Wise, Community Maker, The SASIG

SASIG is a subscription-free networking forum, its membership is drawn from UK CIOs, CISOs and their staff. Le Cesin is the major networking forum for CISOs in France, a place for the exchange of knowledge, sharing of experiences, and cooperation between security professionals. Both organisations work to develop, promote and professionalise the CISO function in France and the UK.

Together, SASIG and Le Cesin are carrying out a joint study of our two communities. We will be considering and comparing the CISO role, what governance is in place, and what budgets do CISOs have (overall and as a portion of the overall IT budget). How does the position and profile of the CISO in each country compare with (for example) reporting lines and reaching the boardroom, and how do levels of qualification differ? Last but by no means least, what about the money - how do salaries stack up against each other? We will announce the results of this exercise at the second edition of Cyber Security Connect UK.

Panellists:

Robert Coles, Visiting Professor, Royal Holloway College University of London
Olivier Ligneul, Group Cybersecurity Director, EDF
Helen Rabe, CISO, Abcam

#2 - Securing the Supply Chain

Every organisation is part of the supply chain, up and down. There is huge interest within the supply, procurement and security communities to mitigate risk exposure for client organisations whilst maintaining effective supplier relationships.

SASIG is working with the National Cyber Security Centre (NCSC) and the Chartered Institute of Procurement and Supply (CIPS) to investigate the challenges being faced by organisations across the board in providing assurance to their clients/prospects about their adherence to adequate security standards to everyone’s benefit. This workshop is an opportunity for interested parties from both sides of the supply and purchase divide to share their experiences, to declare their requirements, and to work closely with all key stakeholders.

Co-Chairs:

Nathan Hayes, IT Director, Osborne Clarke
John Lenkart, Managing Partner, Cyber Team Six and former Chief of the FBI’s Intelligence Operations Section

Panellists:

Richard Rafferty, Global Head of Vendor Risk Control, Deutsche Bank
Mike Seeney, Head of Supply Chain Information Risk, Pinsent Masons LLP
Senior Representative, NCSC

7:30 PM - BUSINESS FORMAL DINNER-COCKTAIL AT THE SALLE EMPIRE, HOTEL DE PARIS BY PALO ALTO NETWORKS

Friday 15 November

9 AM - 9:30 AM: KEYNOTE BY ARUBA, A HEWLETT PACKARD ENTERPRISE COMPANY

Zero Trust: Hype, or the Future of Networks?

The phrase “Zero Trust” appears everywhere these days in cybersecurity, to the point that cybersecurity practitioners have become rightly skeptical about the legitimacy of this topic. Are vendors simply whitewashing “zero trust” onto existing solutions as a marketing gimmick, or do we truly have a shift in how we build systems? In this session we’ll first attempt to define what Zero Trust is – itself a task fraught with controversy. Then we’ll look at common Zero trust architectures and discuss when it can and can’t deliver. You should leave this session equipped with the knowledge to sort through your next vendor presentation and decide: Zero Trust or Zero Reality.

Speaker:

Jon Green, VP and Chief Technologist for Security, Aruba, a Hewlett Packard Enterprise Company

9:30 AM – 4 PM: FORUM, ONE-TO-ONE AND WORKSHOPS

3 PM - 3:45 PM The SASIG WORKSHOPS

#3 - Developing the next generation of cyber talent

Surveys consistently show that the cyber security skills shortage is worsening. It is directly affecting organisations of all sizes across all sectors. We are all fishing in the same restricted pool of talent for our skilled staff.

So, how do we attract such talent from the whole range of diverse backgrounds to our own organisation, and then retain it? How important is investment in training, and how do we develop high performing and stable teams? Is there a place for a formal mentoring scheme? How important are contractors to the industry, and what is their future role?

Chair:

Cian Galvin, Policy Lead for Cyber Security Skills and Professionalisation, Department of Digital, Media, Culture and Sport (DCMS)
Rory Alsop, Head of Technology and Cyber Risk, HSBC

Panellists:

Clare El Azebbi,Head of Cyber Resilience Strategy, Safer Communities Directorate, Scottish Government
Ameet Jugnauth, Head of IT Risk & Governance, Lloyds Banking Group
Ed Rogers, Chair, SASIG Gateway

#4 - Cyber incident management

It is no longer a case of "if" an organisation suffers a cyber security breach, but rather a case of "when”. But recent studies consistently show that many organisations do not feel they are properly prepared to manage a cyber incident. This vulnerability is caused mainly by the complexity of the modern business and its IT infrastructure, combined with a lack of proper and thorough planning.

Incident response is the core of every cyber security organisation. Get this wrong and reputation, confidence and stock price will be hard hit. This workshop explores the processes of discovery, triage, communications, remediation and recovery.

Co-Chairs:

Peter Goodman QPM, Chief Constable Derbyshire Constabulary and National Police Chiefs' Council (NPCC) National Lead for Cyber Crime
Graham Wright CISO, Inmarsat