Driving Cybersecurity conversations into a new decade

Our regular chairman, David Bicknell, welcomes all delegates, sponsors, and speakers to our conference and sets out the day’s agenda.

Paul McKay, Senior Analyst – Security and Risk at Forrester takes a look at Cybersecurity across the public sector from the outside in, comparing it with activity across the private sector and suggesting potential focuses and areas of concern for the years ahead.

Erika Lewis, Director of Digital Identity and Cybersecurity at DCMS, will set out the current Cyber state of play across government, highlighting key areas of focus and the impact of the pandemic.

Security that doesn’t work for people doesn’t work. We know human error is the greatest vulnerability any organisation has to growing cyber- attacks and that our employees represent our greatest line of defence. But are we doing enough to understand how we collaborate and engage with our people so that safe habits and behaviours is the norm rather than the exception?  Our people really are part of the solution and not the “weakest link”.  

With many years of experience helping organisations adopt a more intelligence led approach to security education and behaviour change Nick will present key lessons he’s learnt together with some core principles to guide you in your journey.

In this fireside chat we speak with Oliver Cronk, Chief IT Architect, EMEA at Tanium, about Cybersecurity implementation, strategy and the lessons learned from projects across the public sector.

This session is a fireside chat between the conference chair, David Bicknell and Saj Huq, director for LORCA: the London Office for Rapid Cybersecurity Advancement.  Sam considers why and how startups can partner with enterprises and the government to achieve a closer product-market fit, prove their model and develop or adapt their technology to meet cybersecurity challenges in the real world. Using real-world examples from our work, we can share our insights into how this cross-pollination and collaboration drives innovation and how to make it work for all parties involved.

“To protect employees during the coronavirus outbreak, without disrupting our services to citizens, we’re having to do things differently. We’re holding council meetings virtually and via live stream, and 400 of us are working to support the public from home. With Okta, we’ll keep adapting with cybersecurity in mind.” Thanet District Council.

In this session you will hear from Jason Le-May, Okta’s Public Sector Sales Director, and Joe Brackenborough, Digital Transformation Manager at Thanet District Council. During this interview you will learn about the challenges that faced Thanet, from working remotely to lifecycle and identity management, and how Okta’s solutions simplified their digital transformation journey.

Legacy IT can leave gaps in your security defences. What are these gaps and how can you manage them? Can the cost be offset against the use of, for example, managed services? Is there an ROI for cybersecurity investment?

Jessica Figueras gives an introduction to the role and remit of the new UK Cyber Security Council, which was announced by DCMS Minister Matt Warman in a February statement

This session is a public sector cybersecurity case study presentation.

Is the darknet where all of the stolen data ends up? The darknet is the cybercriminals equivalent of Harrods. Cybercrime starts and ends in the darknet. From darknet marketplaces selling malware-as-a-service to hacker forums that build up intelligence on the weaknesses within a business; are there ways that we can use the darknet to help government fight back.

A Proofpoint report found that 99% of cyber-attacks required human intervention. The human in the  machine is used by the cybercriminal to make cyber-attacks successful. This is based on the manipulation of human behaviour. In the fight back against this most fundamental of vectors, comes Security Awareness Training. Can government take the best of awareness training packages and create a government wide program that covers all government employees and that is cost-effective and works?

Over the past decade, the number, size, and cadence of data breaches, aimed at government targets has only accelerated. Compounding the problem is the longevity of government employees as they take on many different roles throughout their career which introduces entitlement creep. Organisations can no longer depend on legacy manually driven identity processes and solutions to identify these risky access entitlements that expose both internal and external attack vectors. Today government agencies must adopt artificial intelligence and machine learning in order to identify and remediate these vulnerabilities.

Join us to hear how AI-Driven identity governance can help government organisations to: – Understand who has access to what and assess what risk that poses – Mitigate security vulnerabilities – Reduce costs by expediting onboarding and role changes

The management of cybersecurity threats is a costly game. It requires specialist personnel and specialist tools. Is the use of a third-party service in the form of a Managed Security Service Provider (MSSP) the way forward for government? What are the impediments to the use of an MSSP? Can an MSSP bridge the skills gap in government?

A look at all of the various aspects of modern cybercrime and government. What parts of government are most at risk? As we build better and more omni-channel government services does the risk profile change? How can government use resources best to fit the ever-changing needs of the cybersecurity landscape?

Our chair, David Bicknell, summarises some of the of the sessions that you have heard throughout the event.