September 2025 | Glasgow
Scot-Secure West
Now in its 11th year, Scotland’s largest annual cyber security summit will host a sister event in Glasgow, Scot-Secure West. The event brings together senior InfoSec personnel, IT leaders, academics, security researchers and law enforcement, providing a unique forum for knowledge exchange, discussion and high-level networking.
The programme is focused on improving awareness and best practices through shared learning: highlighting emerging threats, new research and changing adversarial tactics, and examining practical ways to improve resilience, detection and response.
This event is geared towards InfoSec & IT personnel and C-suite leaders. Previous events have gone to a waiting list weeks in advance so we recommend registering early to avoid disappointment.
About DIGIT
DIGIT has rapidly grown into the largest business technology community in Scotland. We host an extensive series of events focused on emerging technology and practical innovation. We also run Scotland's leading IT & Digital News Platform www.digit.fyi with over 50,000 page views per month.
The events provide a unique platform for knowledge exchange, drawing stakeholders together to explore challenges, best practice, and business impact. Our conferences attract a senior delegate following and have become renowned as an important forum for high-level networking and engagement.
2024 Speakers
Director of Technical Account Management, Tanium
Founder, TechForce Cyber
Journalist & Broadcaster, BBC Scotland
Founder, DIGIT
2024 Agenda
Wednesday 11 September, Hilton Hotel Glasgow
08:20 - 08:55 Breakfast Briefing
Reducing Risk Through Automated Threat Profiling
-
Benefits of automated threat profiling - why we do it & why is it challenging
-
How can we prioritise threat actors & malware more dynamically and in real-time
-
How can we operationalise the output to further protect our organisation
Serge Palladino, Principal Consultant: Intelligence Advisory Services EMEA, Recorded Future
& Jai Aenugu, Founder, TechForce Cyber
SESSION 1
With an ever-changing security backdrop and a constant pipeline of new threats and vulnerabilities, it can be hard just to keep up - let alone stay ahead. In the opening session, we will look at proactive measures that leaders can take to help their organisation adopt a more strategic approach to security, and improve their ability to anticipate and mitigate threats.
09:15 Welcome and Introduction
Mark Stephen, Journalist & Broadcaster
09:25 Shifting to a Proactive Stance on Strategic Threat Intelligence
-
Cyber Security is inextricably linked to Geo Politics and Socio-technical trends
-
In order to effectively operationalise CTI, it is essential to be pro-active rather than re-active
-
Increasingly leadership is turning to strategic threat intelligence to identify trends & create long-term plans
-
This enables organisations to define their security posture and prioritise resources to priority threats
-
This requires strong collaboration across teams to ensure it informs and is informed by operational and tactical threat intelligence
Harriet Rogers, Strategic Cyber Threat Intelligence Specialist, BAE Systems
09:50 More than Monitoring: Proactive Security made Simple and Human
-
More than "Monitoring": security must be proactive and together you can de-silo
-
The carrot or the stick: get the business to clean up its tech debt
-
Communicating to "non-technical people"
-
Trickle up: cyber risk is business risk
-
Cyber beyond protection: security as an enabler
Celine Pypaert, Security Transformation Manager, Johnson Matthey
10:15 Unleashing AI for Effective Defence
-
Organisations must focus on addressing the dynamic and rapidly evolving nature of cyber threats.
-
Provide insight into the critical process of integrating artificial intelligence (AI) into cybersecurity operations.
-
Understand the practical steps and strategies to harness AI for enhancing your organisation’s cybersecurity posture in an ever-changing threat landscape
-
Real life AI relevant use cases
Elliott Went, Senior Systems Engineer, SentinelOne
10:35 Q&A
11:00 Refreshments & Networking
SESSION 2
Session 2 will explore a series of key topics in a longer presentation format. The session will be run in a breakout format across four parallel streams, providing delegates the opportunity to attend two options.
11:35 First Breakout Option (A-D)
A. IT & OT: Collaborating to Protect Critical Infrastructure
-
Where can IT and OT bring experiences from their separate contexts to collaborate
-
How can this ultimately improve how our critical OT assets are protected
-
How will this help us contend with an ever-changing and escalating set of external threats
Iain Dougan, Head of Operational Technology and Cyber, SSEN Transmission
B. Fraud Detection and Prevention: Leveraging Advanced Techniques to Safeguard the Marketplace
-
Unique Fraud Challenges in Marketplaces
-
Common Fraud Types
-
Advanced Detection Techniques
-
Multi-Layered Prevention Strategies
-
Real-world Case Studies
Maxim Filatov, Data Scientist, Meta
C. Demystification of XDR
-
Quick evolution of XDR
-
What it is and what it does
-
Where XDR fits best
-
Examples of XDR operations
Ryan McConechy, CTO, Barrier Networks
D. How To Create Successful Malware and Defend with Zero Trust
-
Recognise the ease of creating or using AI-generated malware, highlighting the need for strong cybersecurity.
-
Implement a default-deny security posture, allowing only authorised connections and processes.
-
Apply Zero Trust principles to continuously validate and secure all users and devices.
-
Protect data and maintain operations even during cyber-attacks.
Eoin McGrath, Solutions Engineer, ThreatLocker
12:10 Transition
12:15 Second Breakout Option (E-H)
Breakout options include:
E. Proactive Risk Reduction in an Age of Exponential Vulnerabilities
-
What is the state of the threat landscape
-
Why is proactive risk reduction critical to keeping a secure environment in today's day and age
-
How can we implement safe automations to keep a baseline of compliance to continuously lower risk in our environments
Katherine Chipdey, Director: Solutions Engineering and Alliances, Automox
F. From Quishing to Deepfakes: The latest phishing threat trends for 2024
-
The rise of Quishing and evolution of payloads
-
How AI is used in phishing attacks, including deepfakes
-
How multi-channel attacks play out
-
The threats that are getting through secure email gateways
James Dyer, Threat Intelligence Lead, Egress
G. How do you win at Cyber Security, a strategic approach.
-
Review of the technological trends over the last few decades and priorities heading into 2024
-
Taking a deeper dive into Visibility and Control - you cannot protect it if you cannot see it
-
Maintaining a good IT hygiene posture through Continuous Safeguarding
-
Do you have the right tools around Detection and Countermeasures
Ben Hall, Director of Technical Account Management, Tanium
H. Security Operations – Develop, not operate, your way to success
-
Detection quality over quantity
-
Why a flat structure beats tiers every time
-
Automate until you can’t. Then automate some more
-
But humans still win…
Kevin Robertson, Chief Operating Officer and Co-Founder, Acumen Cyber
12:45 Lunch & Networking
SESSION 3
The afternoon session will look at reducing risk by focusing on a few prominent areas that are currently impacting security practitioners, including: data protection, business resilience, and AI governance. The programme will then conclude with a look at improving our response to a major attack, taking a CISO's walkthrough of what really happens in the trenches when a full-scale hack occurs at your organisation - and how you can better prepare to deal with it.
13:35 Breakout Selection (I-K)
I. What are the odds of .... Somewhere between 78 minutes and 8.5 million computers
-
Context: A massive, recent, globe-spanning outage of IT systems
-
A review of the incident and how it was handled
-
What happened in the world
-
The aftermath
-
What we can take from the issue to improve our own resilience, attitudes + controls.
David McKenzie, Ethical Hacker & Blue Team Specialist
J. Security & AI: Do We Really Need New Governance?
-
Culture change, awareness, and shadow AI
-
Suppliers using AI: What you need to ask your vendors and why
-
Developing AI: Considerations to maximise the benefits while minimising the harm
-
We already have some good tools and process: we just need to know how to apply it to AI
Rachel Close, Senior Responsible AI Manager, BBC
K. Cybersecurity and the GDPR - Mission Impossible?
-
How to embed good data governance into a digital strategy by default
-
Some of the common challenges and vulnerabilities in managing / sharing data in enterprise environments
-
Proactive ways to address some of these issues – key learnings, best practice
Katharina West, Head of Information Governance, The Scottish Government
14:05 Transition to main stage
14:10 So You've Been Hacked - Now What?
-
Preparation and identification
-
Containment, eradication and recovery
-
Lessons learned… and now what
-
The psychological impact, helping your team, customer, partners
-
The bit no-one talks about
Lena Smart, CISO & Business Consultant
14:35 Combined Q&A
-
Katharina West, Head of Information Governance, The Scottish Government
-
Rachel Close, Senior Responsible AI Manager, BBC
-
Lena Smart, CISO & Business Consultant
-
David McKenzie, Ethical Hacker & Blue Team Specialist
-
Mark Stephen, Journalist & Broadcaster
15:10 Closing Remarks
15:15 End of Programme
15:15 Networking & Drinks Reception
16:30 Conference Close
*The conference agenda is provisional and subject to change