Conference Day 2


Bharat Thakrar

Head of Business And Cyber Resilience
BT Global Services

9:10 AM - 9:50 AM THE IMPORTANCE OF TRUST THROUGH ACCREDITATION OF THREAT INTELLIGENCE PARTNERS

Ian Glover, President, CREST
  • Taking a positive step towards creating a security culture of partner trust
  • Exploring the benefit to businesses of providing tangible confidence in their chosen suppliers through a standardisation agency
  • It is essential that the industry works together and shares best practice and knowledge in order to counter the risk of cyber-attack

Ian Glover

President
CREST

9:50 AM - 10:30 AM WHY IS THERE HESITANCY TO INVEST IN THREAT INTELLIGENCE?

Crawford Thomas, Lead Technical Consultant and Head Threat Intelligence, Clydesdale and Yorkshire Bank
  • Hiring the right people to manage threat intelligence teams, and increasing head-count in addition to established security teams
  • Educating the organisation as to how threat intelligence can supplement a cyber security team, and how they can best leverage the data gathered
  • Future-proofing and maximizing the ROI of threat intelligence platforms to include other data feeds away from cyber

Crawford Thomas

Lead Technical Consultant and Head Threat Intelligence
Clydesdale and Yorkshire Bank

10:30 AM - 11:00 AM MORNING COFFEE AND NETWORKING

LOW LEVEL INVESTMENTS IMPROVING THREAT INTELLIGENCE CAPABILITY

11:00 AM - 11:40 AM PEER-TO-PEER THREAT INTELLIGENCE: CREATING A CULTURE OF SHARING ACROSS AN INDUSTRY

Nic Miller, CISO, Brevan Howard
  • How can shared intelligence negate the need for threat intelligence feeds?
  • How can enterprise organisations effectively share the threat landscape with one another?
  • How can the benefits of cyber intelligence sharing be better promoted?
  • What considerations need to be made to prevent sensitive information being made public?

Nic Miller

CISO
Brevan Howard

LOW LEVEL INVESTMENTS IMPROVING THREAT INTELLIGENCE CAPABILITY

11:40 AM - 12:20 PM ESTABLISHING A CLEAR CAREER PATH INTO CYBER THREAT INTELLIGENCE

  • Fundamentally understanding the difference between cyber security teams and the roles that Threat Analysts play, and moving away from the need for an IT background
  • Overcoming a wider misunderstanding of the requirements of a cyber threat analyst
  • Encouraging graduates into the industry with analytical degrees by highlighting the importance of historical data trend analysis and how they effect current cyber security strategies

LOW LEVEL INVESTMENTS IMPROVING THREAT INTELLIGENCE CAPABILITY

12:20 PM - 1:20 PM NETWORKING LUNCH

UTILISING THREAT INTELLIGENCE TO CREATE INCIDENT RESPONSE STRATEGY

1:20 PM - 2:00 PM ALL THAT NOISE: EFFECTIVELY LEVERAGING RAW THREAT INTELLIGENCE DATA TO RISK DETECTION

Sebastian Hess, Cyber Risk Engineer , AIG
  • Creating a culture of sharing between threat analysts and incident responders to create a cyclical strategy
  • Using threat intelligence data to proactively respond to potential breaches
  • Understanding how threat intelligence data can hasten and improve incident response after a breach

Sebastian Hess

Cyber Risk Engineer
AIG

UTILISING THREAT INTELLIGENCE TO CREATE INCIDENT RESPONSE STRATEGY

2:00 PM - 2:40 PM AUTOMATING INCIDENT RESPONSE: ADOPTING A CONTINUOUS RESPONSE MODEL

Anthony Fung, Head of Cyber Forensic and Threat Intelligence, Standard Chartered
  • How can we save time whilst performing manual investigations to reduce delayed response, and what opportunities might this create for attackers to roam freely across the network?
  • Understanding what continuous response is and how to implement it within the enterprise (at a basic level)- and articulate to the value to leadership
  • How can endpoint flight recording equivalent advanced analytics (moving past what your SIEM can provide) help to identify incidents?

Anthony Fung

Head of Cyber Forensic and Threat Intelligence
Standard Chartered

UTILISING THREAT INTELLIGENCE TO CREATE INCIDENT RESPONSE STRATEGY

2:40 PM - 3:10 PM AFTERNOON TEA AND NETWORKING

COMING BACK FROM THE BREACH: LEARNING FROM INCIDENTS

3:10 PM - 3:50 PM PROMOTING A CULTURE OF CONTINUOUS LEARNING

Pekka Riipinen, Senior Security Manager, Head of Cyber Intelligence, Telia Company
  • Defining who is responsible for digesting and analysing an attack, and giving them the platform to share these lessons
  • Giving your threat analysts scope to look at the outcome of incidents
  • Feeding the data back to the threat intelligence teams, creating a cyclical security strategy
  • Learning from each experience and sharing information both within and outside the organisation will likely help many organisations deal with weaknesses in their ability to discover and recover from attacks

Pekka Riipinen

Senior Security Manager, Head of Cyber Intelligence
Telia Company

COMING BACK FROM THE BREACH: LEARNING FROM INCIDENTS

3:50 PM - 4:30 PM RECOGNISING THE IMPORTANCE OF INCIDENT RESPONSE ‘FIRE DRILLS’

Benjamin Särkkä, Head of Nordea It-Security Incident Response Team, Nordea
  • Performing risk and scenario based assessments to improve your organisation’s situational awareness
  • Preventing panic in the result of a Zero Day Attack by rehearsing incident response plans
  • Improving decision making in the result of an attack, and ensuring key stakeholders know what their role will be in advance

Benjamin Särkkä

Head of Nordea It-Security Incident Response Team
Nordea

COMING BACK FROM THE BREACH: LEARNING FROM INCIDENTS

4:30 PM - 4:45 PM CHAIRMAN’S CLOSING REMARKS AND END OF MAIN CONFERENCE

Bharat Thakrar, Head of Business And Cyber Resilience, BT Global Services

Bharat Thakrar

Head of Business And Cyber Resilience
BT Global Services