

14.09.23 | 8.30AM- 4.30PM | Glasgow



Scotland's Cyber Security for Business Conference with live keynotes, workshops and exhibition.
Thursday 14 September 2023
Technology and Innovation Centre at the University of Strathclyde. Glasgow
08:30 - 4.30pm
Free to attend (T&Cs apply)
Scot-Secure West
Now in its 9th year, Scotland’s largest annual cyber security summit will host a sister event in Glasgow, Scot-Secure West. The event brings together senior InfoSec personnel, IT leaders, academics, security researchers and law enforcement, providing a unique forum for knowledge exchange, discussion and high-level networking.
The programme is focused on improving awareness and best practices through shared learning: highlighting emerging threats, new research and changing adversarial tactics, and examining practical ways to improve resilience, detection and response.
This event is geared towards InfoSec & IT personnel and C-suite leaders.
About DIGIT
DIGIT has rapidly grown into the largest business technology community in Scotland. We host an extensive series of events focused on emerging technology and practical innovation. We also run Scotland's leading IT & Digital News Platform www.digit.fyi with over 50,000 page views per month.
The events provide a unique platform for knowledge exchange, drawing stakeholders together to explore challenges, best practice, and business impact. Our conferences attract a senior delegate following and have become renowned as an important forum for high-level networking and engagement.

Previous Speakers


Associate Director & Head of Clark.tech

CEO, Scottish Business Resilience Centre

Detective Sergeant, Cybercrime Operations, Police Scotland

Head of VISM Services, Secarma

CISO, Trustpilot

Senior Director of IT Security, Secureworks

Head of Cyber Detection & Response, Airbus

CISO, Scoutbee

Cyber Anthropologist and Security Transformation Leader

CISO, Domino’s Pizza

Senior Associate, CMS

Author & Sr Lecturer of Criminology, University of Surrey

Space Application Lead, Craft Prospect

Lecturer in Cybersecurity & HCI, Abertay University

Sr Product Manager, SenseOn

Senior Systems Engineer, Cohesity

Commercial Director, Darktrace

Managing CISO, Barrier Networks

Journalist & Broadcaster, BBC Scotland

Founder, DIGIT
Agenda

2023 agenda coming soon.
08.30 Registration desk and exhibition area opens. Light refreshments provided.
SESSION 1:
The opening session will look at what is driving the cybersecurity threat: examining the growth and evolution of the cybercrime economy; the key culprits and targets, how new tools and technologies are being exploited, and what is coming next. We will then consider why we need to rethink our approach and challenge the perception of the Cyber Security function within the business.
09:15 Welcome from the Conference Chair
Mark Stephen, Journalist & Broadcaster, BBC Scotland
09:25 The Cybercrime Economy and its Implications for Cyber Security
-
The emergence and characteristics of an increasingly significant ‘cybercrime economy’
-
Evaluating its scope and scale and providing estimates of the typical revenues generated
-
Identifying which kinds of perpetrator have been especially successful
-
Identifying which type of victim, both in the private and public sectors, are most at risk
-
Key implications for network security and for cybersecurity providers
-
How cybercrime is evolving into new and more challenging forms
Dr Michael McGuire, Author & Senior Lecturer - Criminology, The University of Surrey
09:45 The Cyber Landscape 2022
-
Re-rise of the Botnet
-
Ransomware everywhere and what to do
-
Trends for 2022 and beyond
Mark Mitchell, Security Engineer, Check Point
10:05 Shifting from Risk to Business
-
Shifting security from being about risk and perceived as a business cost to driving business value and being a competitive advantage.
-
Shifting security left to enhance IT quality rather than responding to IT defects, and driving business benefit in the process.
-
How transparent security creates not only trust, but business opportunities.
-
Why transferable skills aren’t a fallback for “lacking” security experience, but sometimes actually more valuable than security-specific experience
Greg van der Gaast, CISO, Scoutbee
10:25 Q&A
10:55 Refreshments & Networking
SESSION 2:
Session 2 will hone-in on a variety of key security topics in longer, individual slots. Presentations will be run in 30-minute increments across four parallel streams, providing delegates the opportunity to attend two options live. The alternative breakouts will be accessible on-demand post event.
11:30 First Breakout Option (A - C)
12:00 Transition
12:10 Second Breakout Option (D - G)
12:40 Lunch & Networking
Breakout Options include:
A. Incident Response Planning Panel: Practical Overview and Walkthrough
The panel will provide a practical walkthrough of incident response planning, with insight from law enforcement, legal and communications specialists.
-
Jude McCorry, CEO, SBRC
-
Bob Finlay, Detective Constable, Cybercrime Operations, Police Scotland
-
Catriona Garcia-Alis, Senior Associate, CMS
-
Kirsten Paul, Associate Director & Head of Clark.tech
-
Stuart Duncan, SBRC
B. The “New Normal” – Cybersecurity, COVID, and Future Challenges
-
How cyber-attacks changed during the onset of the COVID-19 pandemic
-
An overview of cyber-attacks taking place in the UK during lockdown
-
The impact on the workforce and the move to working from home
-
What the government and businesses can do to improve security
-
Considering the challenges going forward
Dr Lynsay Shepherd, Lecturer in Cybersecurity & Human-Computer Interaction, Abertay University
C. Fast and Furious Attacks: Using AI to Surgically Respond
-
Fast-moving cyber attacks can strike at anytime
-
Are reaction times of security teams quick enough?
-
Using Autonomous Response to take targeted action in stopping in-progress attacks
-
Real-world threat finds, case studies and attack scenarios
Finlay Hutchinson, Commercial Director, Darktrace
D. Fire drill, Loki drill, Ryuk drill: cyber preparedness that empowers the whole organisation
-
To misquote Luis Pasteur: “Fortune favours the prepared organisation”
-
A prepared and practiced response to cyber attacks can be the difference between chaos and calm when all else is equal
-
We are experiencing a huge increase in cyber attacks across all UK sectors that everyone should prepare for
-
A well-planned preparedness programme can empower the whole organisation while keeping disruption to a minimum
Jordan Schroeder, Managing CISO, Barrier Networks
E. Beyond Zero Trust with Threat Defence
-
Reasons to protect your data, maintain strict access controls and gain deep visibility to stay ahead of modern cybersecurity threats.
-
How and why cyber-criminals have evolved their tactics to become more aggressive
-
How to be prepared to recover if your organization falls victim to an attack
Richard Tilney, Senior Systems Engineer, Cohesity
F. Ransomware and Beyond: Evolution of the Threat Landscape
-
How cyber criminals have changed their tactics, techniques, and procedures
-
How your organization’s strategy can evolve with the threats and stay ahead of the curve
-
The severity of ransomware and how to defend against it
-
Frontline experiences and best practices from cybersecurity experts
Don Smith, Senior Director of IT Security, Secureworks
G. Risk Quantification – You are what you measure
-
Understand how you can use risk metrics as a planning tool beyond mitigation tactics.
-
Identify five simple steps to apply and guide your quantification strategy.
-
Account for the "new normal" businesses are navigating for today and tomorrow.
-
Take a mixed approach to quantification to help retain qualitative risk insights
Jorge Ferrer Raventos, Senior Solutions Engineer for OneTrust GRC
SESSION 3:
The session will focus on improving threat detection and response, considering how organisations can use the tools and resources at their disposal more effectively in practice. Starting with a look at getting the foundations right; establishing good governance practices, configuring tools and basic automation. We will then examine how to leverage the benefits of a Security Operations Centre and explore the key challenges and decisions that organisations face in managing SOC and CERT functions.
13:30 Getting the Basics Right for Monitoring & Detection
-
How to establish good governance practices
-
Setting up your systems to monitor and identify threats
-
Using the existing tools that you’ve got effectively
-
Leveraging automation to maximise output from smaller security teams
-
Getting buy-in from the board and the wider organisation
Jen Williams, Technical Assessor & Head of VISM Services, Secarma
13:50 SOC Stuff
-
Structuring an approach to building an effective and efficient SOC
-
Using the SOC to underpin board reporting
-
Hiring for a SOC – to outsource or not to outsource?
-
Some tips, tricks and learnings for improving outcomes
Lee Whatford, CISO, Domino’s Pizza UK&I
14:10 Detection and Response: The Last Barrier?
-
Airbus approach
-
Leveraging SOC and CERT
-
Current and future challenges of SOCs and CERTs
-
Options
Vincent Faye, Head of Cyber Detection & Response, Airbus
14:30 Combined Q&A
15:00 Break
SESSION 4:
To close the conference programme, Cyber Scotland Connect will host a reconnect session. This will be geared to re-energise activities within the security community; encouraging involvement and participation whilst ensuring that the activities of the group align with the priorities and needs of the wider security ecosystem.
15:05 Cyber Scotland reConnect: What's Next?
-
Who We Are: Personal and CSC introduction
-
CSC & 2020/21: Pandemic impact, ongoing challenges within our industry
-
What's Next: Our thoughts on what we could do
-
Call to Arms: Launch of survey and call for new mods and participants
Stu Hirst, CISO, Trustpilot & CSC Moderator
Harry McLaren, Sr Product Manager, SenseOn & CSC Moderator
16:00 Close of Session
16:00 Networking Drinks Reception
17:00 Close of Conference
---
On Demand – Virtual Keynotes
Tales of an Anthropologist in Cyber Security
-
The importance of storytelling and folklore to drive innovation and recruit colleagues to act as your early warning signal for a breach.
-
Why talking about grey areas can stimulate grey matter and highlight blindspots into your estate.
-
How to gain valuable insight into why other teams might be putting security on the bottom of the 'to do' list by using the anthropological research techniques.
-
When to use reciprocity to increase accountability, ownership, and oversight from other departments over your controls and processes without fighting over a RACI document.
Lianne Potter, Cyber Anthropologist and Transformation Leader
Global Quantum-enabled Security for a Post Quantum World
-
Why the rapid development of quantum computers has put current cybersecurity networks at risk
-
The role of Quantum Key Distribution as a method to future-proof security
-
How the space and satellite industry is a critical enabler to realise a global quantum network
-
The ROKS mission: due late 2022, the first mission to demonstrate satellite to earth quantum key distribution using a CubeSat
Dr Sonali Mohapatra, Quantum Developer & Space Applications Lead, Craft Prospect
*The conference agenda is provisional and subject to revision