Our regular chairman, David Bicknell, welcomes all delegates, sponsors, and speakers to our conference and sets out the day’s agenda.
- David Bicknell, Principal Analyst, Technology Thematic Research, GlobalData
Paul McKay, Senior Analyst – Security and Risk at Forrester takes a look at Cybersecurity across the public sector from the outside in, comparing it with activity across the private sector and suggesting potential focuses and areas of concern for the years ahead.
- Paul McKay, Senior Analyst – Security and Risk, Forrester
GOVERNMENT KEYNOTE – PUBLIC SECTOR CYBERSECURITY
Erika Lewis, Director of Digital Identity and Cybersecurity at DCMS, will set out the current Cyber state of play across government, highlighting key areas of focus and the impact of the pandemic.
- Erika Lewis, Director of Digital Identity and Cybersecurity, DCMS
MANAGING YOUR HUMAN RISK: LESSONS LEARNT IN BUILDING A PEOPLE CENTRED SECURITY CULTURE
Security that doesn’t work for people doesn’t work. We know human error is the greatest vulnerability any organisation has to growing cyber- attacks and that our employees represent our greatest line of defence. But are we doing enough to understand how we collaborate and engage with our people so that safe habits and behaviours is the norm rather than the exception? Our people really are part of the solution and not the “weakest link”.
With many years of experience helping organisations adopt a more intelligence led approach to security education and behaviour change Nick will present key lessons he’s learnt together with some core principles to guide you in your journey.
- Nick Wilding, Chief Innovation Officer, Cyber Risk Aware
Morning Break 1
HOW THE PANDEMIC HAS EMPOWERED IT
During this session, Oliver Cronk, Chief IT Architect at Tanium, will illustrate how the pandemic has empowered IT. Oliver will share statistics from research conducted by Tanium plus show a case study, during lockdown within the UK Public Sector.
- Oliver Cronk, Chief IT Architect - EMEA, Tanium
WHY AN ECOSYSTEM-DRIVEN APPROACH TO CYBER INNOVATION IS NEEDED
This session is a fireside chat between the conference chair, David Bicknell and Saj Huq, director for LORCA: the London Office for Rapid Cybersecurity Advancement. Sam considers why and how startups can partner with enterprises and the government to achieve a closer product-market fit, prove their model and develop or adapt their technology to meet cybersecurity challenges in the real world. Using real-world examples from our work, we can share our insights into how this cross-pollination and collaboration drives innovation and how to make it work for all parties involved.
- Saj Huq, Director, LORCA
Morning Break 2
SECURING A REMOTE WORKFORCE TO PROVIDE CONTINUOUS SUPPORT TO CITIZENS
“To protect employees during the coronavirus outbreak, without disrupting our services to citizens, we’re having to do things differently. We’re holding council meetings virtually and via live stream, and 400 of us are working to support the public from home. With Okta, we’ll keep adapting with cybersecurity in mind.” Thanet District Council.
In this session you will hear from Jason Le-May, Okta’s Public Sector Sales Director, and Joe Brackenborough, Digital Transformation Manager at Thanet District Council. During this interview you will learn about the challenges that faced Thanet, from working remotely to lifecycle and identity management, and how Okta’s solutions simplified their digital transformation journey.
- Joe Brackenborough, Digital Transformation Manager, Thanet District Council
- Jason Le-May, Director, Public Sector, Okta
MANAGING YOUR LEGACY IT: WHAT’S THE COST AND HOW TO TACKLE THE ISSUE
Legacy IT can leave gaps in your security defences. What are these gaps and how can you manage them? Can the cost be offset against the use of, for example, managed services? Is there an ROI for cybersecurity investment?
- Rob Anderson, Principal Analyst - Central Government, GlobalData
- Paul Jackson, Head of Public Sector, Tanium
INTRODUCING THE UK CYBER SECURITY COUNCIL
Jessica Figueras gives an introduction to the role and remit of the new UK Cyber Security Council, which was announced by DCMS Minister Matt Warman in a February statement
- Jessica Figueras, Vice Chair, UK Cyber Security Council
NCSC – CYBERSECURITY UPDATE
This video is a pre-record of the presentation made earlier this week by Lindy Cameron at the RUSI Cybersecurity conference.
- Lindy Cameron, CEO, NCSC
LEARNING FROM THE DARKWEB
Is the darknet where all of the stolen data ends up? The darknet is the cybercriminals equivalent of Harrods. Cybercrime starts and ends in the darknet. From darknet marketplaces selling malware-as-a-service to hacker forums that build up intelligence on the weaknesses within a business; are there ways that we can use the darknet to help government fight back.
- Natalia Cerga, Cyber Intelligence Manager, Digital Shadows
BUILDING DIGITAL SKILLS AND AWARENESS FOR ALL GOVERNMENT EMPLOYEES: IS A GOVERNMENT WIDE INITIATIVE FEASIBLE?
A Proofpoint report found that 99% of cyber-attacks required human intervention. The human in the machine is used by the cybercriminal to make cyber-attacks successful. This is based on the manipulation of human behaviour. In the fight back against this most fundamental of vectors, comes Security Awareness Training. Can government take the best of awareness training packages and create a government wide program that covers all government employees and that is cost-effective and works?
- Dr Natalie Coull, Head of Division - Cyber Security, University of Abertay
- Chris Green, Head of PR and Communications EMEA, (ISC)2
- Lee Jones, Public Sector Digital Skills Lead, Microsoft
COMBATING ENTITLEMENT CREEP: HOW CAN YOU REALLY KNOW “WHO HAS ACCESS TO WHAT AND WHY”?
Over the past decade, the number, size, and cadence of data breaches, aimed at government targets has only accelerated. Compounding the problem is the longevity of government employees as they take on many different roles throughout their career which introduces entitlement creep. Organisations can no longer depend on legacy manually driven identity processes and solutions to identify these risky access entitlements that expose both internal and external attack vectors. Today government agencies must adopt artificial intelligence and machine learning in order to identify and remediate these vulnerabilities.
Join us to hear how AI-Driven identity governance can help government organisations to: – Understand who has access to what and assess what risk that poses – Mitigate security vulnerabilities – Reduce costs by expediting onboarding and role changes
- Matt Berzinski, Senior Product Management Director, ForgeRock
ARE MANAGED SECURITY SERVICES AN ANSWER FOR GOVERNMENT?
The management of cybersecurity threats is a costly game. It requires specialist personnel and specialist tools. Is the use of a third-party service in the form of a Managed Security Service Provider (MSSP) the way forward for government? What are the impediments to the use of an MSSP? Can an MSSP bridge the skills gap in government?
- Paul Heath, Enterprise Security Executive - UK Public Sector, Microsoft
- Simon Chappell, CEO, Assured Data Protection
- Bill McCluggage, Non-Executive Director, Digital, FCDO Services
HOW CAN GOVERNMENT BEST STEP UP TO THE CHALLENGES WE FACE FROM THE MODERN CYBERCRIMINAL?
A look at all of the various aspects of modern cybercrime and government. What parts of government are most at risk? As we build better and more omni-channel government services does the risk profile change? How can government use resources best to fit the ever-changing needs of the cybersecurity landscape?
- Sue Milton, Project Board Member, UK Cyber Security Council Formation Project
- Bill Mew, CEO, Crisis Team
- Lisa Ventura, CEO, UK Cyber Security Association
Chairs closing remarks
- David Bicknell, Principal Analyst, Technology Thematic Research, GlobalData