Conference Day 2
9:00 am - 9:10 am CHAIRMAN’S RECAP OF DAY ONEBharat Thakrar - Head of Business And Cyber Resilience BT Global Services
9:10 am - 9:50 am THE IMPORTANCE OF TRUST THROUGH ACCREDITATION OF THREAT INTELLIGENCE PARTNERS
- Taking a positive step towards creating a security culture of partner trust
- Exploring the benefit to businesses of providing tangible confidence in their chosen suppliers through a standardisation agency
- It is essential that the industry works together and shares best practice and knowledge in order to counter the risk of cyber-attack
9:50 am - 10:30 am WHY IS THERE HESITANCY TO INVEST IN THREAT INTELLIGENCE?
- Hiring the right people to manage threat intelligence teams, and increasing head-count in addition to established security teams
- Educating the organisation as to how threat intelligence can supplement a cyber security team, and how they can best leverage the data gathered
- Future-proofing and maximizing the ROI of threat intelligence platforms to include other data feeds away from cyber
10:30 am - 11:00 am MORNING COFFEE AND NETWORKING
11:00 am - 11:40 am PEER-TO-PEER THREAT INTELLIGENCE: CREATING A CULTURE OF SHARING ACROSS AN INDUSTRY
- How can shared intelligence negate the need for threat intelligence feeds?
- How can enterprise organisations effectively share the threat landscape with one another?
- How can the benefits of cyber intelligence sharing be better promoted?
- What considerations need to be made to prevent sensitive information being made public?
11:40 am - 12:20 pm ESTABLISHING A CLEAR CAREER PATH INTO CYBER THREAT INTELLIGENCE
- Fundamentally understanding the difference between cyber security teams and the roles that Threat Analysts play, and moving away from the need for an IT background
- Overcoming a wider misunderstanding of the requirements of a cyber threat analyst
- Encouraging graduates into the industry with analytical degrees by highlighting the importance of historical data trend analysis and how they effect current cyber security strategies
12:20 pm - 1:20 pm NETWORKING LUNCH
1:20 pm - 2:00 pm ALL THAT NOISE: EFFECTIVELY LEVERAGING RAW THREAT INTELLIGENCE DATA TO RISK DETECTION
- Creating a culture of sharing between threat analysts and incident responders to create a cyclical strategy
- Using threat intelligence data to proactively respond to potential breaches
- Understanding how threat intelligence data can hasten and improve incident response after a breach
2:00 pm - 2:40 pm AUTOMATING INCIDENT RESPONSE: ADOPTING A CONTINUOUS RESPONSE MODEL
- How can we save time whilst performing manual investigations to reduce delayed response, and what opportunities might this create for attackers to roam freely across the network?
- Understanding what continuous response is and how to implement it within the enterprise (at a basic level)- and articulate to the value to leadership
- How can endpoint flight recording equivalent advanced analytics (moving past what your SIEM can provide) help to identify incidents?
2:40 pm - 3:10 pm AFTERNOON TEA AND NETWORKING
3:10 pm - 3:50 pm PROMOTING A CULTURE OF CONTINUOUS LEARNING
- Defining who is responsible for digesting and analysing an attack, and giving them the platform to share these lessons
- Giving your threat analysts scope to look at the outcome of incidents
- Feeding the data back to the threat intelligence teams, creating a cyclical security strategy
- Learning from each experience and sharing information both within and outside the organisation will likely help many organisations deal with weaknesses in their ability to discover and recover from attacks
3:50 pm - 4:30 pm RECOGNISING THE IMPORTANCE OF INCIDENT RESPONSE ‘FIRE DRILLS’
- Performing risk and scenario based assessments to improve your organisation’s situational awareness
- Preventing panic in the result of a Zero Day Attack by rehearsing incident response plans
- Improving decision making in the result of an attack, and ensuring key stakeholders know what their role will be in advance