What's happening on the day? Agenda
CHAIR’S WELCOMING REMARKS
Our regular chairman, David Bicknell, welcomes all delegates, sponsors, and speakers to our conference and sets out the day’s agenda.
INDUSTRY KEYNOTE
A respected representative from the cybersecurity industry will present an overview of the sector and reference the external view of public sector cybersecurity.
GOVERNMENT KEYNOTE – PUBLIC SECTOR CYBERSECURITY
A leading figurehead from government cybersecurity will set out the current Cyber state of play across government, highlighting key areas of focus and the impact of the pandemic.
PEOPLE MATTER: WHY PEOPLE MUST BE PART OF THE SOLUTION
Our people are central to the success of any organisation.
We have known for years that hackers target people before technology. For just as long, we have been repeating the mantra that a vigilant, cyber risk-aware workforce is our main defence against cyber-criminals. Yet despite all our efforts, we have still not cracked the problem.
Too many organisations still either ignore the ‘human factor’ in organisational resilience or apply out-dated or compliance, ’tickbox’ approaches to training their employees.
We need a fresh look.
This short panel discussion will discuss behavioural science and innovation that can transform the way organisations influence and sustain stronger security behaviours across their workforce.
CYBERSECURITY IN ACTION
This session is set aside for insight and discussion with some of the leading suppliers in cybersecurity product and services.
MORNING COMFORT BREAK
RANSOMWARE: BUILDING AN INTEGRATED RESPONSE
It’s recently been reported that the UK has encountered nearly 15 million ransomware attacks during 2021 alone. High profile ransomware attacks have highlighted how vulnerable our critical national infrastructure is and the impact that these types of attacks can have on society, business, government services and people at large.
Ransomware is as much about manipulating vulnerabilities in human psychology than it is about our adversary’s technological sophistication. It’s a fight we need to tackle together.
More can be done in reducing the likelihood of become infected by ransomware in the first instance, in reducing the spread of the ransomware malware through any organisation and in reducing the longer-term impacts of a successful attack. But we need greater collaboration and an integrated incidence response to succeed.
It’s a challenge that crosses political, geographical and technology borders. Dealing with its increasing volume and impact needs government and the private sector to collaborate in a public/private partnership to better understand and tackle the attackers.
This panel will assess the current situation and outline ideas for what an integrated response could look like and the role that government, the private sector and people should be playing to reduce both the threat and the impact of damaging ransomware attacks.
WHY CYBER RISK MANAGEMENT IS SO HARD
We live in a time of unprecedented political, cultural, social and climatic dangers. Hostile states and criminals are using cyber-tools to make each of these current issues even more intractable. Around a 100 countries are now actively involved in “cyber operations” that include espionage, political influence, sabotage and extortion. The international community has made some progress at the UN, but it has been painfully slow. Matters are made worse because the border between state cyber operations and criminal activity is increasingly blurred. Unfortunately this means that the ‘bad guys’ will very often succeed.
We all need to work hard to maximise our chances of keeping them out. We also need to ensure that we have adequate resilience, so that we can continue to function even if they penetrate our defences.
UNDERSTANDING THE EXECUTIVE CYBER CHALLENGE: SETTING THE RIGHT TONE FROM THE TOP
Driving transformation across government demands strong executive support. The same support is required in managing the threats that government departments and agencies face from cyber-criminals. Setting the right tone from the top – i.e., displaying effective and appropriate attitudes, beliefs and practices – is essential in establishing cultures where everyone understands the role they need to play in staying safe.
If government executives demonstrate a real commitment to protecting high-value, sensitive information and in upholding citizen trust then middle and lower ranking employees will naturally be inclined to display the same virtues.
Executives have a vital role to play in protecting their organisation. This involves communicating positive messages about how everyone can remain vigilant in the face of growing and varied attack techniques that target employees, understanding where the greatest cyber vulnerabilities lie, overseeing effective security technology investment, leading and being actively involved in incident response exercises, collaborating with all employees and the security team to manage people-centred security policies and designing and managing an integrated cyber resilience plan that balances technology, processes and people factors.
This session will illustrate what the government executive roles and responsibilities are and give practical examples of what can be done to ensure cyber security becomes an instrumental part of executive leadership and risk management.
LUNCH NETWORKING BREAK
UK CYBER SECURITY COUNCIL UPDATE
Jessica Figueras gives an update on projects and activities of the UK Cyber Security Council since it was launched earlier in 2021.
NCSC – CYBERSECURITY PRESENTATION
A presentation from one of the team at the National Cyber Security Centre on activity in 2021
CYBERSECURITY IN ACTION
This session is set aside for insight and discussion with some of the leading suppliers in cybersecurity product and services.
HOW TO ENSURE DIVERSITY IN CYBERSECURITY ACROSS THE PUBLIC SECTOR
WHAT CYBER LESSONS CAN GOVERNMENT LEARN FROM LISTENING TO THE PRIVATE SECTOR?
This session explores insight from the supplier community on lessons that have learned in their cybersecurity battles away from the public sector.
HOW CAN THE GOVERNMENT STEP UP TO THE CHALLENGES IT FACES FROM THE MODERN CYBERCRIMINAL?
A look at all of the various aspects of modern cybercrime and government. What parts of government are most at risk? As we build better and more omni-channel government services does the risk profile change? How can government use resources best to fit the ever-changing needs of the cybersecurity landscape?
CHAIR’S SUMMARY
Our chair, David Bicknell, summarises some of the of the sessions that you have heard throughout the event.