top of page
Modern Bridge
SSW23 LOGO 3D.png

2024 Event Summary

MAIN LOGO.png

2024 Agenda

Wednesday 11 September, Hilton Hotel Glasgow

08:20 - 08:55   Breakfast Briefing

Reducing Risk Through Automated Threat Profiling

  • Benefits of automated threat profiling - why we do it & why is it challenging

  • How can we prioritise threat actors & malware more dynamically and in real-time

  • How can we operationalise the output to further protect our organisation

Serge Palladino, Principal Consultant: Intelligence Advisory Services EMEA, Recorded Future 
& Jai Aenugu, Founder, TechForce Cyber

SESSION 1

With an ever-changing security backdrop and a constant pipeline of new threats and vulnerabilities, it can be hard just to keep up - let alone stay ahead. In the opening session, we will look at proactive measures that leaders can take to help their organisation adopt a more strategic approach to security, and improve their ability to anticipate and mitigate threats. 

09:15    Welcome and Introduction

Mark Stephen, Journalist & Broadcaster

09:25    Shifting to a Proactive Stance on Strategic Threat Intelligence

  • Cyber Security is inextricably linked to Geo Politics and Socio-technical trends

  • In order to effectively operationalise CTI, it is essential to be pro-active rather than re-active

  • Increasingly leadership is turning to strategic threat intelligence to identify trends & create long-term plans

  • This enables organisations to define their security posture and prioritise resources to priority threats

  • This requires strong collaboration across teams to ensure it informs and is informed by operational and tactical threat intelligence

Harriet Rogers, Strategic Cyber Threat Intelligence Specialist, BAE Systems

09:50    More than Monitoring: Proactive Security made Simple and Human

  • More than "Monitoring": security must be proactive and together you can de-silo

  • The carrot or the stick: get the business to clean up its tech debt

  • Communicating to "non-technical people"

  • Trickle up: cyber risk is business risk

  • Cyber beyond protection: security as an enabler

Celine Pypaert, Security Transformation Manager, Johnson Matthey

10:15    Unleashing AI for Effective Defence

  • Organisations must focus on addressing the dynamic and rapidly evolving nature of cyber threats.

  • Provide insight into the critical process of integrating artificial intelligence (AI) into cybersecurity operations.

  • Understand the practical steps and strategies to harness AI for enhancing your organisation’s cybersecurity posture in an ever-changing threat landscape

  • Real life AI relevant use cases

Elliot Went, Senior Systems Engineer, SentinelOne 

10:35    Q&A

11:00    Refreshments & Networking


SESSION 2

Session 2 will explore a series of key topics in a longer presentation format. The session will be run in a breakout format across four parallel streams, providing delegates the opportunity to attend two options.

11:35    First Breakout Option (A-D)

A. IT & OT: Collaborating to Protect Critical Infrastructure

  • Where can IT and OT bring experiences from their separate contexts to collaborate 

  • How can this ultimately improve how our critical OT assets are protected

  • How will this help us contend with an ever-changing and escalating set of external threats

Iain Dougan, Head of Operational Technology and Cyber, SSEN Transmission

B. Fraud Detection and Prevention: Leveraging Advanced Techniques to Safeguard the Marketplace 

  • Unique Fraud Challenges in Marketplaces

  • Common Fraud Types

  • Advanced Detection Techniques

  • Multi-Layered Prevention Strategies

  • Real-world Case Studies

Maxim Filatov, Data Scientist, Meta

C. Demystification of XDR

  • Quick evolution of XDR

  • What it is and what it does

  • Where XDR fits best

  • Examples of XDR operations

Ryan McConechy, CTO, Barrier Networks

D. How To Create Successful Malware and Defend with Zero Trust
 

  • Recognise the ease of creating or using AI-generated malware, highlighting the need for strong cybersecurity.

  • Implement a default-deny security posture, allowing only authorised connections and processes.

  • Apply Zero Trust principles to continuously validate and secure all users and devices.

  • Protect data and maintain operations even during cyber-attacks.

Eoin McGrath, Solutions Engineer, ThreatLocker

12:10    Transition
12:15    Second Breakout Option (E-H)

Breakout options include:

E. Proactive Risk Reduction in an Age of Exponential Vulnerabilities

  • What is the state of the threat landscape

  • Why is proactive risk reduction critical to keeping a secure environment in today's day and age

  • How can we implement safe automations to keep a baseline of compliance to continuously lower risk in our environments 

Katherine Chipdey, Director: Solutions Engineering and Alliances, Automox

F. From Quishing to Deepfakes: The latest phishing threat trends for 2024

  • The rise of Quishing and evolution of payloads

  • How AI is used in phishing attacks, including deepfakes

  • How multi-channel attacks play out

  • The threats that are getting through secure email gateways

James Dyer, Threat Intelligence Lead, Egress

G. How do you win at Cyber Security, a strategic approach.

  • Review of the technological trends over the last few decades and priorities heading into 2024

  • Taking a deeper dive into Visibility and Control - you cannot protect it if you cannot see it

  • Maintaining a good IT hygiene posture through Continuous Safeguarding

  • Do you have the right tools around Detection and Countermeasures

Ben Hall, Director of Technical Account Management, Tanium

H. Security Operations – Develop, not operate, your way to success

  • Detection quality over quantity

  • Why a flat structure beats tiers every time

  • Automate until you can’t. Then automate some more

  • But humans still win…

Kevin Robertson, Chief Operating Officer and Co-Founder, Acumen Cyber

12:45    Lunch & Networking

SESSION 3

The afternoon session will look at risk reduction in key areas that are currently impacting security practitioners, including: data protection, information governance, and AI. The programme will then conclude with a look at improving our response to a major attack, taking a CISOs walkthrough of what really happens in the trenches when a full-scale hack occurs at your organisation - and how you can better prepare to deal with it. 

13:35 Breakout Selection (I-K)

I. What are the odds of ....  Somewhere between 78 minutes and 8.5 million computers 

  • Context: A massive, recent, globe-spanning outage of IT systems 

  • A review of the incident and how it was handled

  • What happened in the world

  • The aftermath

  • What we can take from the issue to improve our own resilience, attitudes + controls.

David McKenzie, Ethical Hacker & Blue Team Specialist

J. Security & AI: Do We Really Need New Governance? 

  • Culture change, awareness, and shadow AI

  • Suppliers using AI: What you need to ask your vendors and why

  • Developing AI: Considerations to maximise the benefits while minimising the harm

  • We already have some good tools and process: we just need to know how to apply it to AI

Rachel Close, Senior Responsible AI Manager, BBC


K. Cybersecurity and the GDPR - Mission Impossible? 

  • How to embed good data governance into a digital strategy by default 

  • Some of the common challenges and vulnerabilities in managing / sharing data in enterprise environments

  • Proactive ways to address some of these issues – key learnings, best practice

Katharina West, Head of Information Governance, The Scottish Government

14:05    Transition to main stage

14:10    So You've Been Hacked - Now What?

  • Preparation and identification

  • Containment, eradication and recovery

  • Lessons learned… and now what

  • The psychological impact, helping your team, customer, partners

  • The bit no-one talks about

Lena Smart, CISO & Business Consultant

14:35    Combined Q&A

  • Katharina West, Head of Information Governance, The Scottish Government

  • Rachel Close, Senior Responsible AI Manager, BBC

  • Lena Smart, CISO & Business Consultant

  • David McKenzie, Ethical Hacker & Blue Team Specialist

  • Mark Stephen, Journalist & Broadcaster

15:10    Closing Remarks

15:15    End of Programme

15:15    Networking & Drinks Reception

16:30   Conference Close

 

*The conference agenda is provisional and subject to change

2024 Sponsors

Headline

SentinelOne.png

Co-Sponsors

Acumen.png
Tanium.png
Cyber Vigilance.png
ThreatLocker.png
Barrier_edited.jpg

Exhibitors

Droplet.png
Consider IT.png
Drata.png
Quest.png
Net-Defence.png
senseon.png
Quorum Cyber.png
SSW24 EXHIBITORS.png
NetSPI.png
automox.png
egress.png
Huntress.png
Hunters.png
Police Scotland.png
sword ping.png

Breakfast Briefing Sponsor

TechForce.png
SSW24 EXHIBITORS.png

Drinks Reception Sponsor

Droplet.png
bottom of page