We use cookies to personalize content and to analyze our traffic. Please decide if you are willing to accept cookies from our website.

The Second Annual Changing Landscape of Cyber Security in the Public Sector Event

The Kia Oval, London 24 March 2022, 8:00am - 4:00pm

Day 1
8:00am
Registration And Networking
9:00am
Chair’s Welcome Address
Ameer Al-Namrat, Reader in Cyber Security Director for the Cyber Security and Artificial Intelligence Centre – UEL School of Architecture, Computing & Engineering, University of East London
9:10am
Keynote Address: Working With Partners To Strengthen The UK Response To Cyber Crime And Ransomware
  • Participating in the Ransomware Task Force (RTF) and building on the engagement with a range of public and private sector partners to tackle the global ransomware threat
  • Developing new and innovative approaches to respond to the constantly evolving threat of cyber crime
  • Working together to produce a comprehensive framework for action and a public-private anti-ransomware campaign
  • Conducting an international investigation to lead to the takedown of DoubleVPN – the service used by cyber criminals around the world to mask their location and identities online
John Denley, Deputy Director for Cyber Crime, National Crime Agency
9:30am
A Proactive Approach To Cyber Defence – How DNS Can Help You Identify And Prevent Cyber Attacks At Scale
  • It’s always DNS: why DNS is such an important protocol for your organisation
  • What DNS can tell you about your organisation (it’s not just about blocking!)
  • How we can spot the interesting and malicious domains
  • Real life examples of where DNS has helped proactively prevent attacks
Steve Forbes, Global Cyber Product Manager, Nominet
10:00am
It's More Than Phishing; How to Supercharge Your Security Awareness Training

Tell people not to click a link, pat each other on the back, and ride off into the sunset. If only security awareness training was that simple.

In this session, Javvad Malik, Lead Security Awareness Advocate for KnowBe4, will explain how to take your security awareness to the next level and prevent it from going stale. Changing behaviours and creating a culture of security can only be achieved by adopting the right mindset and techniques.

In this session you will learn:

  • Why you need to brand the security department the right way
  • The psychological approach to getting your message across
  • Practical advice on building a strong security culture
Javvad Malik, Lead Security Awareness Advocate, KnowBe4
10:30am
Break and Networking
11:00am
Panel Discussion: What Next for the Future of Cyber Security?
Jim Little, National Crime Agency; Javvad Malik, KnowBe4; Steve Forbes, Nominet; Dr Saira Ghafur, Institute of Global Health Innovation
11:30am
Pandas, Bears, Kittens & Spiders – A View From The Frontlines And A Glimpse Into What’s Next

A brief review of some of the latest findings from the latest CrowdStrike Global Threat Report, what to expect next and how to protect our organisations, colleagues and customers.

Gareth Kitson, CISSP, CEH, Senior Sales Engineer, CrowdStrike
11:50am
Modern Business Cyber Security for Mobile Connectivity in Today's Cyber Threat Landscape

Mobile SIMs can be the gateway to disaster or freedom. Discover how a solid cyber resilience plan for mobile will boost and secure connectivity whilst protecting your public sector organisation against compromise and ransomware.

Akamai’s EMEA Director of Security Technology and Strategy Richard Meeus will outline cyber security best practices for public sector organisations in today's threat-filled landscape.

Attend the session to:

  • discover cyber security strategies that your UK public sector organisation can put in place to protect your data and estate.
  • learn how to build a solid cyber resilience plan for your organisation’s infrastructure and also for mobile assets and data.
  • hear about mobile security solutions that will safeguard workforce devices from attacks, whilst improving efficiency and enhancing experience.
  • understand how to fully protect your organisation from compromising risks such as ransomware.
  • uncover fundamental solutions should your organisation fall victim to an attack.


Richard Meeus, EMEA Director of Security Technology and Strategy, Akamai Technologies Ltd
12:15pm
Seminar A: Enabling Strong Passwordless Authentication At Scale
  • Understanding how passwords are fundamentally broken and are among the weakest forms of authentication.
  • How security and usability are critical to today's public sector agencies.
  • Learn about security protocol innovations to deliver trust at scale with strong, passwordless authentication.
  • How passwordless authentication supports Zero Trust strategies
Neil Webster CISSP, Solutions Engineer, Yubico
12:15pm
Seminar B: Protecting The Public Sector From Cyber Attacks

When it comes to securing their networks, what public institutions have at their disposable is far outweighed by the tooling and techniques of their adversaries. Due also to the prolonged pandemic, challenges such as remote work and learning, overloaded healthcare systems, and compromised security perimeters have been more commonplace than ever.

So what should the public sector consider to better navigate the complex security landscape? How can they keep their data safe while performing and facilitating often vital work for members of the public?

Steve Nurton, Senior Technical Account Manager at F-Secure will discuss the above questions in light of a recent case study. This will be followed by a brief overview of what flexible, cost-effective security should entail for organisations looking to maintain or build on their security posture.

Steve Nurton, Senior Technical Account Manager, F-Secure UK Ltd
12:45pm
Lunch And Networking
2:00pm
Harnessing The Crowd - Why Have 1 Tester When You Can Have 1,500?

Managing the ever-expanding threat landscape, especially given how busy security teams already are, is becoming increasingly difficult. As an innovative security leader you’re working hard to keep your organisation safe. But in order to do that, you need to be faster at finding the vulnerabilities that are most critical.
In this session you will learn:

  • Why the traditional model of penetration testing is dead
  • How to challenge your security using the world’s elite ethical hackers
  • How to give your organisation the best chance of finding every vulnerability that matters
Ross Asquith, Solution Architect, Synack
2:35pm
Stop Chasing, Start Defending: Preventing Ransomware with Zero Trust

Join ThreatLocker's Director of Cybersecurity, Ben Jenkins, as we discuss endpoint evasion techniques that are undetectable by most EDR/MDR and antivirus solutions. Understand how businesses are enhancing their cyber resilience and significantly limiting the damage ransomware can inflict with a Zero Trust architecture.

Ben Jenkins, Senior Solutions Engineer, ThreatLocker
2:55pm
Keynote Address: Working To A Clear Recovery Strategy In Response To A Complex And Sophisticated Cyber-Attack
  • Lessons learned from the WannaCry attack, reviewing the past 5 years
  • Horizon-scanning, what are the imminent threats to cybersecurity and data security in health, and how can we mitigate risk?
  • Minimising risk throughout complex supply-chains
  • Evaluating the NHS Incident Response Plan and NHS England Emergency Preparedness, Resilience and Response Framework
Dr Saira Ghafur, Lead for Digital Health, Institute of Global Health Innovation, Imperial College London
3:15pm
Zero to Full Domain Admin: The Real-World Story of a Ransomware Attack

Following in the footsteps of a cyber-criminal and uncovering their digital footprint. This is a journey inside the mind of an ethical hacker's response to a ransomware incident that brought a business to a full stop, and discovering the evidence left behind to uncover their attack path and the techniques used. Malicious attackers look for the cheapest, fastest, stealthiest way to achieve their goals. Windows endpoints provide many opportunities to gain entry to IT environments and access sensitive information. This session will show you the attacker's techniques used and how they went from zero to full domain admin compromise that resulted in a nasty CryLock ransomware incident.

In this session I will cover a real-world incident response to the CryLock ransomware showing the techniques used by the attackers. The footprints left behind and uncovering the techniques used.

• How attackers gained access to system

• Established staging

• What tools were used

• What commands were executed

• How the ransomware was delivered

• How AD elevation was achieved

Joseph Carson, Ethical Hacker, Delinea
3:35pm
Chair’s Summary And Close

*programme subject to change

Dr Ameer Al-Namrat, Reader in Cyber Security Director for the Cyber Security and Artificial Intelligence Centre – UEL School of Architecture, Computing & Engineering, University of East London

Unsupported Browser

The web browser you are using to access this website is unsupported, which means certain aspects of the site wont work properly.

To use the website we recommend upgrading to a modern web browser such as Edge, Safari, Chrome, or Firefox if possible.

Proceed anyway (not recommended)