Conference Day 1

8:50 AM - 9:00 AM DEFENCE IQ WELCOME REMARKS


Bharat Thakrar

Head of Business And Cyber Resilience
BT Global Services

ESTABLISHING THREAT INTELLIGENCE AS A VIABLE ADDITION TO YOUR SECURITY STRATEGY

9:10 AM - 9:50 AM IMPLEMENTING AND INVESTING IN THREAT INTELLIGENCE SOLUTIONS

Aleksei Gornoi, Global Threat Intelligence & Operations Lead, Aviva
  • Collecting threat intelligence from internal and external sources
  • Correlation of the data and risk prioritisation
  • Distributing intelligence across multi-vendor security controls, across the enterprise
  • Gaining greater visibility into the IT landscape to enable appropriate and swift action

Aleksei Gornoi

Global Threat Intelligence & Operations Lead
Aviva

ESTABLISHING THREAT INTELLIGENCE AS A VIABLE ADDITION TO YOUR SECURITY STRATEGY

9:50 AM - 10:30 AM UNDERSTANDING THE INTELLIGENCE CYCLE AND ITS ROLE IN THE PRIVATE SECTOR

Jon Gray, Cyber Threat Intelligence Manager, British Army
  • Exploring how the military- specifically the Intelligence Corps- utilise the intelligence cycle to provide top level overview of threats
  • What lessons can the private sector learn from how the military uses intelligence?
  • What makes retired Intelligence Corps personnel so desirable in the private sector for threat intelligence roles?

Jon Gray

Cyber Threat Intelligence Manager
British Army

ESTABLISHING THREAT INTELLIGENCE AS A VIABLE ADDITION TO YOUR SECURITY STRATEGY

10:30 AM - 11:00 AM MORNING COFFEE AND NETWORKING

MAXIMISING THE POTENTIAL AND INVESTMENT OF THREAT INTELLIGENCE PLATFORMS

11:00 AM - 11:40 AM HOW TO EFFECTIVELY MAKE USE OF THREAT INTELLIGENCE ON A GLOBAL SCALE: THE CITI BANK EXPERIENCE

Colin Wetherill, Threat Intelligence Coordinator - EMEA, Citi Bank
  • Training and hiring the correct personnel for threat intelligence teams
  • Creating coherent threat intelligence feeds that avoid the sharing of millions of endpoints simultaneously
  • Building faith in the role of threat intelligence in the support of cyber security strategy by the rapid correction of false positives through automated feedback loops
  • Advanced analysis and meaningful data-driven visuals

Colin Wetherill

Threat Intelligence Coordinator - EMEA
Citi Bank

MAXIMISING THE POTENTIAL AND INVESTMENT OF THREAT INTELLIGENCE PLATFORMS

11:40 AM - 12:20 PM DEVELOPING ‘ACTIONABLE’ CYBER THREAT INTELLIGENCE

Confirmed Speaker, Senior Representative, National Cyber Security Centre
  • Availability of real-time intelligence can help organisations prevent and contain the impact of cyber attacks
  • Developing greater maturity in an organisation’s data gathering and processing capabilities and how automation can be leveraged to better filter and highlight information that is directly relevant to important risk areas
  • Developing a situational awareness of the threat environment and how continuous monitoring can help capture the risk signals and indicators across the ecosystem

Confirmed Speaker

Senior Representative
National Cyber Security Centre

MAXIMISING THE POTENTIAL AND INVESTMENT OF THREAT INTELLIGENCE PLATFORMS

12:20 PM - 1:20 PM NETWORKING LUNCH

UTILISING AND REPORTING THREAT INTELLIGENCE DATA INTERNALLY

1:20 PM - 2:00 PM CREATING DIGESTABLE THREAT INTELLGIENCE REPORTS FOR THE BOARD

Russell Kempley, Director Strategic Cyber Threat Intelligence, Prudential
  • Translating raw threat intelligence data into succinct reports
  • Providing concise and actionable intelligence to the board to advise cyber security strategy
  • Highlighting actions and the ROI of strategic decisions made on the back of threat intelligence data

Russell Kempley

Director Strategic Cyber Threat Intelligence
Prudential

UTILISING AND REPORTING THREAT INTELLIGENCE DATA INTERNALLY

2:00 PM - 2:40 PM ‘OPERATIONALISING’ THREAT INTELLIGENCE

  • Facilitating a manner in which enterprise SOCs are able to “operationalise threat intelligence” in order to get a full picture of attacks impacting their environments
  • Supporting the analysts sifting through massive amount of data by providing a platform to analyze, correlate, and prioritize threat intelligence, to determine what’s relevant for their industry, to their geography, and to their company
  • ‘Operationalising’ threat intelligence is critical, as 75% of attacks spread from one victim to the next within 24 hours, encouraging enterprises to close the gap between “sharing speed and attack speed”

UTILISING AND REPORTING THREAT INTELLIGENCE DATA INTERNALLY

2:40 PM - 3:10 PM AFTERNOON TEA AND NETWORKING

AN OVER-RELIANCE ON TECHNOLOGY?

3:10 PM - 3:50 PM PANEL DISCUSSION: ARTIFICIAL INTELLIGENCE & MACHINE LEARNING: CYBER SECURITY RISK VS OPPORTUNITY?

David Aubrey-Jones, Threat Readiness Team Leader, RBS Crawford Thomas, Lead Technical Consultant and Head Threat Intelligence, Clydesdale and Yorkshire Bank
  • Effectively leveraging disruptive technologies to provide supporting capability to organisations’ threat intelligence platforms
  • Negating the effect of false positives by removing the sense of alert fatigue and a decrease in sensing
  • Assessing the risks of AI when used alongside a network: Risk of insecure configuration, poor AI authentication leading to new attack vectors or, in the worse-case scenario, AI being directly compromised to turn against people and the services we rely on

David Aubrey-Jones

Threat Readiness Team Leader
RBS

Crawford Thomas

Lead Technical Consultant and Head Threat Intelligence
Clydesdale and Yorkshire Bank

AN OVER-RELIANCE ON TECHNOLOGY?

3:50 PM - 4:30 PM CYBER SECURITY, TERRORISM, AND BEYOND: ADDRESSING EVOLVING THREATS TO THE HOMELAND

Todd Renner, London Assistant Legal Attaché, FBI
  • Working with counterparts to predict and prevent attacks, rather than simply react after the fact
  • Using technical capabilities and traditional investigative techniques—such as sources and wiretaps, surveillance, and forensics—to fight cyber crime
  • Coordinating cyber investigations and address jurisdictional hurdles and differences in the law from country to country through overseas legal attaché offices
  • Understanding how government sponsored agencies can work with vulnerability industries to better provide intelligence
  • Promoting interaction and sharing between law enforcement and the private sector

Todd Renner

London Assistant Legal Attaché
FBI

AN OVER-RELIANCE ON TECHNOLOGY?

4:30 PM - 4:45 PM CHAIRMAN’S CLOSING REMARKS AND END OF DAY ONE