top of page
Modern Bridge
SSW23 LOGO 3D.png

Scotland's Cyber Security for Business Conference with live keynotes, workshops and exhibition. 

Wednesday 11 September 2024
Hilton Hotel, 1 William Street, Glasgow

08:30 - 4.30pm
Free to attend (T&Cs apply)

Supporters

Cyber.png
SCOTLANDIS LOGO AUG 2020.jpg
FullColourLogo-StackedIcon.png
ISACA-Scotland-logo-e1408267320237.png
The Conference

Scot-Secure West

Now in its 10th year, Scotland’s largest annual cyber security summit will host a sister event in Glasgow, Scot-Secure West. The event brings together senior InfoSec personnel, IT leaders, academics, security researchers and law enforcement, providing a unique forum for knowledge exchange, discussion and high-level networking.

 

The programme is focused on improving awareness and best practices through shared learning: highlighting emerging threats, new research and changing adversarial tactics, and examining practical ways to improve resilience, detection and response.

 

This event is geared towards InfoSec & IT personnel and C-suite leaders.

 

About DIGIT

DIGIT has rapidly grown into the largest business technology community in Scotland. We host an extensive series of events focused on emerging technology and practical innovation. We also run Scotland's leading IT & Digital News Platform www.digit.fyi with over 50,000 page views per month.

The events provide a unique platform for knowledge exchange, drawing stakeholders together to explore challenges, best practice, and business impact. Our conferences attract a senior delegate following and have become renowned as an important forum for high-level networking and engagement.

About
3_edited.jpg
Speakers

2023 Speakers

SSW23 LOGO 3D.png
Agenda

2023 Agenda

MAIN LOGO.png

08.30      Registration desk and exhibition area opens. Light refreshments provided. 

 

SESSION 1 - Re-Watch on YouTube

The opening session will examine some of the key security landscape trends of 2023 and consider the biggest challenges currently facing practitioners. Speakers will explore: the problem with the security budget deficit, the need for more eyes and attention on detecting and fixing vulnerabilities, and ask what we can learn from recent attacks and ongoing industry research.

 

09:15     Welcome from the Conference Chair
 

Mark Stephen, Journalist & Broadcaster, BBC Scotland
 

09:25     Maximum Attention Minimum Budget

 

  • Research consistently shows cybersecurity at the top of business and IT challenges

  • Despite the high profile in organizations, security budgets are often being reduced

  • The business issues driving the attention towards security, both globally and regionally

  • The need for cyber-resilience as a component of organisational resilience

  • Making the case for better budgets to support the organisational scrutiny and provide security ROI

 

Maxine Holt, Sr Research Director, Omdia

09:50     Security Crossroads: Something Has to Change

 

  • It's easier to hack than ever before

  • Bugs are being found and weaponised at an alarming rate

  • The idea of data privacy is fast becoming a dream over a reality

  • Something has to give, and this is where you, and the community, need to act

  • This talk is inspired by Doc Brown, and if my calculations are correct, when this baby hits 88 miles per hour, you are gonna see some serious...

 

Daniel Cuthbert, Global Head of Cyber Security Research, Banco Santander

 

10:15     From Prey to Play: Think like an Attacker to Level up your Security

  • An overview of the threat landscape

  • Current trends and how to mitigate

  • Sentinel Labs: the engine behind SentinelOne's threat intelligence

  • How this research fuels technology

  • Real-world threat hunting case studies

 

Jonny De Silva, Solutions Engineer, SentinelOne

 

10:35     Combined Q&A

11:00     Refreshments & Networking

SESSION 2 - Re-Watch on YouTube

Session 2 will hone-in on a variety of key security topics in longer, individual slots. Presentations will be run across four parallel streams, providing delegates the opportunity to attend two options live. The alternative breakouts will be accessible on-demand post event via the DIGIT.FYI YouTube Channel.

 

11:30     First Breakout Option (A - D)


Breakout Options include:

 

A. Panel Session: Improving the Security Talent Pipeline

  • Jude McCorry, CEO, Cyber & Fraud Centre Scotland

  • Emma Mackenzie, InfoSec Governance Analyst, abrdn

  • Jackie Riley, Head of Department for Cyber Security, Glasgow Caledonian University

  • Scott Barnett, Head of Information and Cyber Security, NHS NSS

  • Grant Cairns, Cyber Security Manager, Tesco Bank

 

B. Cloud Security Architecture and Resiliency

 

  • Migration to Cloud

  • Cloud Security Architecture

  • Journey of Cloud to DevSecOps.

  • Future Architecture of Cloud

 

Akshita Nikude, Cloud Security Engineer, AWS
 

C. Drowning in Data; throw your SOC a life ring to improve security posture with efficient contextual awareness

  • Handling large volumes of data to your benefit; better threat hunting and supply chain security

  • Are there more efficient ways than a SIEM?

  • Balancing automation vs. human intervention

  • Compliance for deletion as well as retention

 

Nicio Ginestri, Sr Engineer, Crowdstrike

D. Secure SD-WAN and SASE: Bringing the Best of Converged Networking and Security Together

 

  • Secure SD-WAN and SASE have both revolutionized secure networking but have largely been adopted by organisations to serve two distinct communities

  • Secure SD-WAN for fixed locations including homeworking and SASE for remote access.  But this means managing two distinct environments

  • To reduce operational and vendor management complexity, the trend is now to leverage the best of both worlds, sometimes referred to as Single Vendor SASE

  • This session will focus on the convergence of SD-WAN and SASE, addressing the questions of What, Why, and How

 

Mark Mitchell, Security Engineer, Fortinet and Mark Robertson, Chief Commercial Officer,

Silver Cloud

12:05     Transition

12:10     Second Breakout Option (E - H) 

E. Improve Your Security Outcomes by Making it All About the People

 

  • The value of giving people empowerment, control, and responsibility 

  • Storyboarding security: showing people where they fit within the organisational jigsaw 

  • People often practice security without thinking, make them aware of what they are already doing 

  • Look at personal development, building certifications like CISP and ISO into every day use

  • Some people will be less interested or motivated, so find a reasonable minimum security standard

  • Some will be highly engaged and want to learn, leverage and encourage this learning 


Raymond Fenton, Head of InfoSec Programme & Culture, Ovo 

F. AI-m Sorry: The ‘Prose’ and Cons of Generative AI Chatbots 

  • Quick primer on GenAI language tools, like ChatGPT, and what they can do

  • The security dangers of using GenAI tools

  • How GenAI tools will make security more difficult

  • “The Future” of GenAI, and what security pros might need to prepare for

Jordan Schroeder, CISO, Barrier Networks

G. Mobile: the forgotten attack surface

 

  • How is a mobile a weak point in our defences?

  • How do Threat Actors use this neglected entry point to their advantage?

  • What can be done to harden our defences against these attacks?

  • How do you integrate this into the bigger picture and bring it together?

 

Ollie Sheridan, Senior Sales Engineer, Bitdefender

 

H.  Achieve Cyber Essentials and Accreditation Whilst Running Unsupported Apps

 

  • The impact of running legacy apps and servers in 2023

  • What’s new in Cyber Essentials v3, and how will it impact me?

  • How to easily address all your compatibility, security, and compliance challenges

 

Barry Daniels, Chief Operating Officer, Droplet Computing

12:40     Lunch, Exhibition and Networking

SESSION 3 - Re-Watch on YouTube

Building on the themes from the morning, the afternoon session will take a closer look at some of the most prominent threats and vulnerabilities organisations are dealing with, and what we can do to address them. Key areas of focus will include: the rise of crypto hacks, weak security posture, security by design, and the emerging threat posed by the advancement of quantum computing.

13:40    Breakout Selection (I-K)

I. I Spent 2 Years Down the Crypto Security Rabbit Hole so You Don't Have To

 

  • Crypto - the wild west of tech!

  • An insight into some of the bizarre goings-on that occur

  • Some of the ways crypto and blockchain is being weaponised and leveraged for criminality

  • From rug pulls and major hacks, to scams a-plenty, nefarious characters and more
     

Stu Hirst, CISO, Trustpilot

 

J. Your Organisation Through the Eyes of an Attacker
 

  • How easy it is for attackers to target your organization

  • Three key questions you need to ask yourself about your security posture

  • The common mistakes your organization can make when building cyber defenses

  • What do you do if you the proverbial stuff hits the fan

 

Holly Grace Williams, Pen Tester & Security Consultant, TechForce
Jai Aenugu, Founder, TechForce

 

K. Digital Security by Design: Why Care & Why Now

 

  • Transforming digital technology to create a more resilient and safer digital future

  • Cross-sector collaboration to create more secure semiconductor devices

  • Enabling a digital environment where only expected access to data + operations are permitted

  • Promoting a mindset change for cyber security, with the freedom to learn, trade, play & collaborate

  • Reducing the attack surface by default, and protecting operational integrity by design

  • The role of DSbD prototype Morello Boards for organisations and academics to explore

 

Nuala Kilmartin, Innovation Lead: Digital Security by Design, Innovate UK, UKRI

14:10     Transition to Main Hall

14:15      The Threats and Opportunities of Quantum Computing

  • How quantum computer systems work.

  • The cracking of public key encryption with Shor’s algorithm and in breaking symmetric key/hashing with Grover’s method.

  • The new public key encryption methods that will replace RSA and ECC (Elliptic Curve Cryptography) for encryption, digital signing and key exchange.

  • The migration path for businesses to cope with the threats and opportunities caused by quantum computers and associated methods.

  • The opportunities to create new models of cybersecurity detection using quantum computing methods and which integrate machine learning.

Bill Buchanan OBE, Professor of Cryptography, Edinburgh Napier University


14:45    Combined Q&A Panel

15:20    Closing Remarks

 

15:25    End of Session 3

---

15:30    Networking Drinks Reception

17:00    End of Summit

ON DEMAND: VIRTUAL KEYNOTE WATCH ON YOUTUBE

 

Your Technical Debt is my Bug Bounty

  • What is bug bounty hunting and how does it work?

  • Stories of real vulnerabilities in real software used by people every single day and how I found them

  • What is the future of software engineering, how can we reduce these vulnerabilities?

  • How can we implement all the new technology like AI and still remain secure

Katie Paxton-Fear, Hacker, Security Researcher & Lecturer, MMU 

*The conference agenda is provisional and subject to revision
 

2023 Sponsors

Headline

Sentinel One.png

Co-Sponsors

Barrier_edited.jpg
SilverCloud.png

Exhibitors

Sapphire.png
1200px-Rubrik_Logo.svg.png
Varonis.png
Arctic Wolf.png
Cloudflare Logo.png
SWORD_PING LOGO.jpg
Cynet Logo.png
Systal.png
Palo Alto.png
SCOTLANDIS LOGO AUG 2020.jpg
sponsor

Interested in speaking or exhibiting at
Scot-Secure West Summit 2024?

  • Twitter
  • LinkedIn
  • Facebook
  • Instagram
bottom of page