Programme

With all the uncertainty surrounding Brexit, Data Governance experts maintain that the UK will adopt similar stringent data protection regulations as proposed by the EU. The consequences of a data breach and the probability of experiencing a breach has never been greater. We have ensured a high quality agenda this year with the help of our VSEC Advisory Board, made up of leading VARs & MSPs who have selected the conference program. We aim to deliver sessions that are highly topical, relevant and of value to you and your business.

With more than 20+ sessions presented by international cybersecurity leaders, experienced CISOs and experts from our award-winning vendor portfolio, the conference is not to be missed!

Register to hear from Travers Smith Lawyers, US Secret Service, HSBC, Channel 4, HMRC, Pen Test Partners, Tripwire, Radware, Guidance Software plus many more, and protect you from the next data breach.
  • Room A
    Ken Munro Pen Test Partners
    11:15 - 11:45
    My friend Cayla, the hacked IoT doll that good taste forgot
    Ken Munro, Pen Test Partners
    The IoT is here to stay, with all its flaws, failings and frustrations. Even devices as innocuous as connected toys can be hacked and used for ‘evil’ purposes.
    Ken Munro revisits the infamous hack of the My Friend Cayla doll, as well as sharing some fascinating cautionary tales from the IoT.
    Dr Bernard Parsons Becrypt
    11:45 - 12:15
    Liability for Security Vendors
    Dr Bernard Parsons, Becrypt
    We hear so much about the liability of those organisations that lose data; how it affects their business, and even their individual jobs. But, what about the organisations who think they are protected? If an organisation has put sufficient, or so they think, security measures in place - who is liable when it goes wrong?
    David Storch AToS
    12:15 - 12:45
    If the Internet Were a Plane, It Wouldn't be Allowed to Fly
    David Storch, Atos, Radware DDoS Partner
    ‘Don’t tell me the mule is blind, just load her up.’ This pretty well summarises the attitude of people using the internet and all its associated applications, devices, technologies and ‘security.’ Businesses, individuals and even governments depend on the internet, and assume it is ‘safe enough’, yet very few people really understand it. What are the economics and risks of the internet, and possible ROI on some defensive technologies.
    Matt Callahan US Secret Service
    12:45 - 13:15
    International Cybercrime Investigations
    Matt Callahan, US Secret Service
    Coming Soon...
  • Room B
    Paul Schomo Guidance Software
    11:15 - 11:45
    Forensics Matters in Security: Full Breach Visibility, APTs and the Future of Investigations
    Paul Shomo, Guidance Software
    This session will re-examine the Cyber Kill Chain, illustrating how only forensics provides full breach visibility. We'll discuss attacks in recent news, and walk through the details of typical hacker activity by demonstrating popular Advanced Persistent Threats (APTs), detailing the forensic artefacts left at each stage of the Kill Chain, and discussing why it can be difficult to distinguish outside actors, whistleblowers, or insider threats.
    Keith Poyser Accellion
    11:45 - 12:15
    How to Mobilise Enterprise Content and Tackle Shadow IT
    Keith Poyser, Accellion
    More than 70% of businesses today are struggling with Shadow IT. The typical enterprise has on average 1,100 cloud services on its network, many of which put convenience ahead of security and may be employee provisioned for convenience versus approved by IT. Accellion works with clients as diverse as NASA, Facebook, Cartes Bancaire, Hilton and more to ensure secure productivity, collaboration and compliant content access from anywhere on anything.
    Chris Cassell Becrypt
    12:15 - 12:45
    The Russian Spy in HR
    Chris Cassell, Becrypt
    Insider threats are a constant and often underestimated issue today. Sure, there might not be a Russian spy in your office, but could your Insider Threat be someone who took employment legitimately, who's worked for a reasonable amount of time perfectly well, does their job and isn't a threat at all? Until something tips them over the edge. We will discuss the ways in which insider threats can damage your organisation, how to spot who might be a risk and how to stop them.
    Alistair Mutch MobileIron
    12:45 - 13:15
    Securely Consuming Cloud Services from Mobile Devices
    Alistair Mutch, MobileIron
    Mobility has moved from a simple desire to a fundamental capability. From the desire to consume data in those brief moments during travel into a requirement for staff productivity. The experience of using the superior UI and apps then drove further investment and productivity into business. Alongside this we see the adoption of Cloud services but how do we provide the same simple user experience and retain protection of our content with several distributed Cloud services. A simple username and password represents a bigger risk leading to the need for derived credentials to be extended to cloud services to defend distributed data yet retain central control.
  • Room C
    Ronny Wolf GFI Software
    11:15 - 11:45
    Revolutionising 2FA to Simplify the User Experience
    Andy Kemshall, SecurEnvoy
    Allowing remote access for only users you trust is key to preventing data breaches. Human behaviour drives users to reject or circumnavigate complex solutions. This presentation will discuss older authentication methods and why they failed. It will then look at current easier to use methods and finally it will predict future methods set to revolutionise the 2FA industry.
    Paul Edon Tripwire
    11:45 - 12:15
    Brace Yourselves, the EU GDPR is Coming
    Paul Edon, Tripwire
    With the new European Union General Data Protection Regulation (EU GDPR) on the horizon, businesses now have less than two years to evaluate their security gaps and address any issues to adhere compliance. But don't be misled by the GDPR's origin - this regulation has a global reach and will likely introduce new processes and considerations for many organizations. In this roundtable discussion, we invite participants to share how the GDPR will impact their organizations and their unique challenges of ensuring compliance. Together, we'll brainstorm essential steps that should be taken now to begin preparation for May 2018.
    Allen Walker Mojo Networks
    12:15 - 12:45
    Comprehensive Intrusion Protection for Mission Critical WiFi
    Allen Walker, Mojo Networks
    In enterprises today, WiFi is mission critical or set to become mission critical. The volume of wireless traffic and mix of wireless applications is growing exponentially. Add to it the growing volume of WiFi devices in the neighborhood whose traffic mixes up with your traffic in the air. So, how do you obtain visibility into your Wi-Fi airspace and identify threats and vulnerabilities lurking therein? Wi-Fi security rests on two important pillars: i) WPA2 protection for "managed devices", and ii) Wireless Intrusion Detection/Prevention (WIPS) protection from the activity involving "unmanaged devices", such as rogue APs, honeypots, misbehaving clients, spoofing, DoS and others.
    Andy Kemshall SecurEnvoy
    12:45 - 13:15
    Yet Another Insider Job
    Ronny Wolf, GFI Software
    It's not a secret anymore since Edward Snowden that employees can be a potential risk to your company's data. Sensitive data in wrong hands can be a hugely damaging for organisations - reputation or financial. To get the full transparency of data usage within an organisation IT administrators should use professional tools to prevent any threat prior to it happening. GFI Software is offering professional IT solutions to give companies back the control of their entire data.
  • Room A
    Paul Norris Tripwire
    15:15 - 15:45
    The Real Insider Threat
    PJ Norris, Tripwire
    Traditionally, the words “insider threat” invokes images of malicious employees hiding in the shadows of an organisation, attempting to steal company secrets or bringing down the entire system. In reality, this type of threat is not very common and actually quite infrequent at most companies. However, the real threat and the biggest risk to confidential company data is the inattentive employee. This session will discuss how to protect against the real insider threat, how to identify risk indicators with employee attitudes and behaviours, and effective ways to develop a sound security culture.
    Ronny Wolf GFI Software
    15:45 - 16:15
    Ransomware Will Be Back… Or is Still in My System?
    Ronny Wolf, GFI Software
    Ransomware was recently quite popular as one of the major attack types in Europe. But is this type of attack new? Certainly not. Ransomware evolves almost weekly; not being not in the press anymore doesn't mean that the danger is over. Attacking E-Mail servers is one of the major attack scenarios to obtain important company information. GFI Software is providing an unique offering to protect company's mail infrastructure.
    Ian Rainsborough Guidance Software
    16:15 - 16:45
    Elevating Data Risk Management to the Board Level
    Ian Rainsborough, Guidance Software
    According to the 2016 Cost of Data Breach Study from the Ponemon Institute, a loss of customer trust is the biggest financial consequence of a data breach. Trust is something businesses work to establish with customers every day and, once lost, it is very difficult to regain. Proactive data management policies, combined with the right technology solutions, will make it much easier to protect customer data, comply with the new regulations, and reduce digital risk for any business. The session will provide insights on how to control the surface area of sensitive data and why board-level visibility is critical operational success.
    Chris Cassell Becrypt
    16:45 - 17:15
    Securing the End User Environment Today
    Chris Cassell, Becrypt
    In a discussion about securing the endpoint today, we will discuss both the nature of fat clients and the ability to work locally, without network access. In an increasingly connected world, it is clear that our security boundaries need to 'keep up', to ensure that we are accounting for the increase in new, and sophisticated threats. We will discuss a possible new IT model, with secure operating systems by design, read only operating systems, the ability to transfer the user environment and resources to any terminal through 'hot desking'.
  • Room B
    James Billingsley Nuix
    15:15 - 15:45
    Rogue for Hire: Understanding the Insider Threat and What it Has in Common with the Dark Web
    Nick Pollard, Nuix
    With companies generating more and more data each day, controlling data with sensitive and high value content is proving more challenging. Insiders can pose a significant risk of compromising your data, which can damage your company's interests and reputation, resulting in significant financial losses. Join us for this session as we discuss specific types of threats that insiders can present, practical advice to prevent and address potential insider threats and why the rise of the dark web brings new risks to your critical value data.
    Tim Phipps HID Global
    15:45 - 16:15
    The Journey Towards Stronger Authentication
    Tim Phipps, HID Global
    The promise of moving beyond passwords continues to drive IT toward new innovations and technologies- both hardware and software. In this session we'll explore the evolution of authentication and credential management, and review several case studies illustrating the most significant trends impacting business. Factors like biometrics, devices such as smartcards and smartphones, as well as emerging standards such as FIDO, all have a role to play in supporting an exceptional user experience with a greater security posture.
    Julian Ansah Safend
    16:15 - 16:45
    Brexit Impact on GDPR: What Does it Now Mean to Your Data Protection Strategy?
    Julian Ansah, Safend
    The narrow majority decision of UK Public to leave the EU back in June raised many questions on the impact Brexit would have on EU GDPR. A hot topic in IT and Data Security, many questions have arisen ranging from how will UK companies need to comply with EU GDPR, headlines of high profile targeted attacks, data breaches, increasing mobile workforces and the complexity of protecting data, anytime, anywhere on any device. How prepared is your business or organisations Data Protection strategy for the new legislation? Come and gain best practice insights from the Safend Team of Data Protection security experts where they will present key considerations and approaches in reviewing and maturing your data protection strategy for EU GDPR and how Safend helps to simplify the challenge with industry leading Data Protection and Encryption solutions.
    Jie Chen Nuix
    16:45 - 17:15
    What Challenges Does Sensitive Data Pose for Organisations?
    Jie Chen, Nuix
    According to the IDC Digital Universe Study, the digital universe will reach 44 zettabytes in volume by 2020, doubling in size every 2 years. The IDC also estimates that more than 40% of the digital universe is sensitive, high-value, high-risk data that warrants protection, but more than half of that sensitive data is not properly protected. Many organisations have sensitive data contained in large, distributed, and difficult data sets. Often the data is in inappropriate locations due to poor information governance practices. This data is an easy target for cybercriminals, malicious insiders, and amateur hackers.
  • Room C
    Robert Farmer Ipswitch
    15:15 - 15:45
    In An Uncertain Era of Brexit and GDPR, What is the Best Approach for Data Transfers?
    Rob Farmer, Ipswitch
    As if things weren't complicated enough with the European Court ruling that the US 'Safe Harbor' data sharing pact was invalid, the issues with its replacement Privacy Shield and the General Data Protection Regulation are still being somewhat nebulous in their specifics. Now companies operating across US, UK and EU boundaries have to consider the implications of Brexit and what it means for data transfers.
    Richard Smith SecurEnvoy
    15:45 - 16:15
    Get Hands On With The Future Of User Authentication
    Richard Smith, SecurEnvoy
    User authentication is part of the fundamental building blocks of a good GDPR strategy. The user experience is key to the success of any strong authentication deployment. Users come with varying levels of technical capability, so is highly important that any solution selected provides a wide range of authentication options to ensure end user acceptance.
    Alistair Mutch MobileIron
    16:15 - 16:45
    Windows 10, Can You Take Back Control?
    Alistair Mutch, MobileIron
    Windows 10 represents a modern containerised operating system in the same manner as iOS and Android. It brings all of the value and capability of a flexible secure operating system which we have become comfortable with using iOS on our iPads. As we migrate to Windows 10 tablets and convertibles in our workplace do we really want to restrict them down to the old admin-lock master-slave model or do we want to enable them in the same model as our iPads. More importantly will the users accept this or simply go rogue around us as we suffered in the early days of our iPad deployments.
    Ipswitch
    16:45 - 17:15
    NHS Wales Chooses MOVEit for Secure Data Transfer
    Rob Farmer, Ipswitch
    The NHS in Wales needed a solution that would enable large data transfers of confidential and sensitive information. The MOVEit module of the Ipswitch FT allows NHS Wales to digitally transfer this information securely that would normally exceed email caps for attachments. It allows simplification of mail box configurations, the movement of data and secure transfer through firewalls. A number of employees in NHS Wales already depend on MOVEit to ensure secure managed transfer of confidential information from health boards to other health boards, and to social services, clinical trial sites, solicitors, police, health inspectorates and external commercial third-parties. By using MOVEit, the NHS Wales Informatics Service is able to properly track, manage and encrypt the transfer of files while at rest or in transit, and take protective precautionary measures when necessary.
VSEC Conference 2016