• Day 1 Session 2 Workshop 1
  • Day 1 Session 2 Workshop 2
  • Day 1 Session 2 Workshop 3
  • Day 1 Session 2 Workshop 4

Day 1 Session 2 Workshop 1

Ransomware - staying out of the Headlines
Matt Cooke, Senior Product Marketing Manager, Sophos

Ransomware is an old topic in information security circles, yet it has still grabbed a fair share of headlines so far in 2017. Some might expect that a majority of people are well aware of the threat by now and that they are taking the appropriate precautions. But the headlines suggest otherwise.Phishing and ransomware remain the most pressing security threats for UK business, according to a government-backed survey in April 2017.

The survey, commissioned by the Department for Culture, Media and Sport, found that the most common types of breaches are related to staff receiving fraudulent emails (in 72% of cases where firms identified a breach or attack). The next most common related to viruses, spyware and malware (33%), people impersonating the organisation in emails or online (27%) and ransomware (17%). As reported in the Cyber Security Breaches Survey 2016, 65% of large UK firms detected a cyber security breach or attack in the past year.

In this talk and round table session Matt introduced the methods attackers are using to deliver ransomware inside an organisation, building a billion £ industry from organisations’ data.  Delegates discussed why traditional security products are frequently being proven ineffective, and examined the most effective controls and tools you can adopt to prevent the devastating events a ransomware attack brings.

Back to Day 1

Day 1 Session 2 Workshop 2

Data Protection in a Cloud-first World
Neil Thacker, Deputy CISO, Forcepoint

With the dramatic shift in strategy over the past few years to adopt a Cloud-first approach to IT services, public sector organisations are continually identifying new requirements for both technical and organisational controls to both deliver IT services whilst managing and reducing risk. With the impending General Data Protection Regulation (GDPR) to further support rights of data subjects and improve data protection, a fine balance must be observed to ensure the most appropriate of services and data protection controls are in place. The Forcepoint discussion topics were:
- Why data protection is critical in a cloud-first world
- How to mature a data protection strategy with shared ownership
- Apply a mature GRC model to manage cloud processing activities

Back to Day 1

Day 1 Session 2 Workshop 3

Active Defence in Cyber Security
Andy Taylor, APMG Lead Assessor, APMG

This workshop offered an understanding of where the “traditional” ways of assessing cyber security using frameworks, accreditation, standards and penetration testing are failing to meet the demands of today’s threats. Also, how Active Defence can be delivered and assessed to ensure an appropriately high level of cyber security within an organisation and down their supply chain.

Back to Day 1

Day 1 Session 2 Workshop 4

Securing Privileged Access Inside the Perimeter
Scott Walker, Solutions Engineer, Bomgar

The continuing increase in cyber-security attacks has exposed the weaknesses in traditional perimeter security strategies. They provide little protection against sophisticated attacks for today’s extended enterprise architectures and the proliferation of privileged accounts that has significantly grown the attack surface.

Implementing a privileged access management solution as a foundational layer of an IT security ecosystem can help establish a zero trust approach to protecting your critical assets. It enables the implementation of multiple security boundaries and for organisations to manage and control all access to their systems, providing full visibility of activity and quickly shrinking the attack surface.

Back to Day 1

Find Out More

Get a Quote

Call Me Back

Enquiry Form