08:00

VIP Networking Breakfast in the Bistro Cafe Bar

(by invitation only, but further details here.)

With short speeches:

The Current Cyber Landscape

Dr Paul Thorlby, Chief Technology Officer - Security from the Cyber, Information and Training Division, QinetiQ

HCR security services

Richard Morgan, Partner and Head of Defence, Security and The Forces, Harrison Clark Rickerbys.

Update on the UK Cyber Security Forum

Dr Emma Philpott, MD UK Cyber Security Forum CIC

Co-hosted and sponsored by:

Clark Rickerbys is a leading law firm, with offices across the region as well as serviced offices in London, providing the full suite of business and client services, including advising defence and security companies.

@HCRlaw, @HCRDef_Sec

09:30

Registration & Exhibition opens

(Entrance Foyer, Main Foyer & Circle Bar)

Details of the exhibiting companies are shown on this page below the programme.

10:00

Welcome

(Auditorium)

Morning Keynote:

The Digital Effect

With 50 billion networked devices & connections expected online by 2020 it’s official: the world is going digital and there’s no turning back. As the Internet of Everything connects the unconnected, Security becomes the #1 priority for digital companies, cities, and countries.

@CiscoUKI

Phil Smith, Chief Executive, UK & Ireland Cisco International Ltd.

Phil leads around 5,500 Cisco people in the UK and Ireland. He is the Chairman of Innovate UK and Chairman of The Tech Partnership. He also sits on the board of The Business Disability Forum, the Foundation for Science and Technology (FST) and The National Centre for Universities and Business (NCUB). Phil also created Cisco's British Innovation Gateway (BIG). 

@PhSmithUK

10:45

The rise of the social network: Are cyber criminals planning their attacks on Facebook?

It’s likely that you’ll have an account on at least one of Facebook, Twitter, LinkedIn, YouTube, WhatsApp or Instagram. They’re all now commonplace in our modern online lives. We’re using these more recent means of conversing, sharing, collaborating, planning and generally communicating because they’re more effective than what we had previously, mainly email and the plain old telephony system. How do you think the groups and organisations behind cyber attacks are planning their campaigns? Email? Facebook?  Or something else? In this short talk, we’ll look at some of the options for building secure private social networks, particularly those that mirror the architecture of the Internet. 

@surevine

John Atherton, Founder & CTO, Surevine Ltd

With 25 years of software engineering experience, John has fulfilled most roles in the software engineering lifecycle; specialising in the disciplines of analysis, design and implementation. He is a Chartered Engineer, Skills Framework for the Information Age (SFIA) accredited consultant and has been a member of UK Government’s Cabinet Office’s Open Standard Board. 

@woodlark

11:00

Host Integrity Technology; how & why this complements an Enterprise Security Framework

Even with a relatively small footprint, judiciously applied security code has a positive benefit far beyond the initial consideration. This talk looks at a highly disruptive but pragmatic concept to manage risk in the real world. 

@AbatisUK

Christian Rogan, Vice President Sales at Abatis (UK) Ltd

Christian has 16 years Cloud & IoT related security technologies experience in multiple disciplines including Host Integrity Technology, Endpoint Security, Virtualisation, Multi-tenancy Platforms, SaaS, MSSP, Encryption (PKI), SOA across Asia, EMEA and North America. He works with NATO, UK, US Government, and has attended U.S Cyber Storm events as Trusted Advisor. 

11:15

How to identify invisible Cyber Attacks

After spending lots of money on security monitoring systems, many organisations have been thrown into turmoil as a new generation of cyber attacks emerges that is invisible to SIEM and Log monitoring products. With these attacks being launched from the Dark Net, from smart phones, or being plugged in by malicious users, they are causing chaos in SOCs all over the world. 

@PervadeSoftware

Jonathan Davies, Chief Technology Officer, Pervade Software

Jonathan is responsible for product development as well as support and installation services at Pervade Software. Before helping to form Pervade, Jonathan served as the head of EMEA for eIQnetworks, a Gartner ranked SIEM vendor based in the US. Before that, Jonathan worked in various technical roles in the security industry including penetration tester, head of security, security analyst and project architect.

11:30

Social Engineering - An Underrated Threat?

Security is only as strong as its weakest link. Social engineers attack the weakest link in a business process: people. This makes social engineering attacks one of the most dangerous threats for an organisation. 

@echosec_search, @echosec_uk

Ben Milsom, UK Business Development, Echosec

Ben, an experienced open source intelligence professional, leads the UK Office for software security start-up Echosec. He is an ex board member of the Newport Regeneration Taskforce (ReNewport) and is active in the Welsh tech and cyber community. 

@mil5om

11:45

Implementing the Security Data Lake in the Real World

The diversity of data generating security devices has led to an explosion in the volume of structured and unstructured data that form part of a security monitoring operation. Senior stakeholders of a business are starting to ask tough questions of their security teams, the answers to which often require a holistic analysis of security performance. This talk introduces the core concepts of a security data lake and provides use cases that help organisations open the way to data driven security. 

@panaseer_team

Mike MacIntyre, Chief Scientist, Panaseer

Mike has had a career in industry combining data analytics for both financial fraud and cyber security, working in the main for the world's largest commercial organisations. He is responsible for researching, experimenting and applying computational and analytical techniques to derive new insights in cyber security. Mike holds a PhD and MSc in Astrophysics, as well as a BSc in Physics.

12:00

Lunch & Networking in Exhibition

(Foyers & Circle Bar)

13:30

Afternoon Keynote:

Cyber Skills - A dampener on innovation?

A look at the current and growing skills gap, a view of the skills required against the image of the industry and finally a roundup of some of the current initiatives to attract people into the profession. 

@QinetiQ

Brian Lillie, Chief Technical Officer, Cyber Security QinetiQ

Bryan is Chief Technical Officer, Cyber Security for QinetiQ where he offers technical leadership in this fast evolving discipline. He has extensive experience in both the public and private sector where he has contributed to various programmes and clients. Bryan began his career in CESG as a graduate before leaving to join the private sector where he has held a number of roles (from System Engineer to Business Manager) both within the UK and abroad including a period living in the Middle East. The structure of Bryan’s career has given him a sound understanding of security principles combined with the experience of applying that knowledge into a number of different environments technically and culturally.

14:00

Walk in the Shadows

As businesses and people increasingly engage with new forms of online communication so their digital footprints are expanding. While much of this information is positive and benign, some of it directly relates to enterprise security and potential threats. However, businesses remain ignorant of the trails that they, and those who threaten them, leave behind because they lack the resources to both discover and manage them. This talk will show how businesses can learn about their weaknesses and the threats they face, and thus make smarter investment decisions about their defences. 

@digitalshadows

James Chappell, Chief Technology Officer

James has over twelve years’ experience of technical information security acting as an advisor to large private sector and government organisations. Much of his work has involved counteracting the growth of crime and fraud in computer networks and developing effective ways of measuring and managing the information security big picture. 

@jimmychappell

14:15

Bridging the Valley of Death - Cyber Style!

Many reports, studies and policies have been produced that have tried to suggest solutions to the innovation 'valley of death'. We suggest one way Crossword is helping cross this metaphorical valley. 

@crosswordcyber, @crosswordCTO

 Paul Lewis, Chief Technology Officer, Crossword Cybersecurity

Paul has over 15 years experience of working within IT and cyber security; in a range of technical and senior management positions. Paul chaired the Centre for the Protection of National Infrastructure SCADA and Control Systems information exchange (SCSIE), co-founded the Secure Software Development Partnership (now known as the Trustworthy Software Initiative (TSI) and is a founder member of the institute of Informational professionals. Paul also holds an M.Sc. in Information Security.

14:30

In today’s de-perimeterised environment, industry is set for a paradigm shift in information governance from on-premise solutions to the protection of high value and sensitive information in the cloud. With additional audit and compliance needs on the horizon in relation to the proposed EU GDPR legislation, the future of Information Governance is in multi-tenanted, linked cloud solutions that meet both standard regulatory data governance requirements but also offer protection of high value IP and sensitive information in disparate data silos – specifically the supply chain. 

 @GeoLangLtd

Debbie Garside, Chief Executive Officer, GeoLang

Debbie is the CEO of GeoLang Ltd a Wales based SME research lab, providing business resilience and cyber security solutions. Debbie is the named inventor on a Pseudo-Isochromatic CAPTCHA system and supporting patents for Ascema, the first recipient of a Prince of Wales Innovation Scholarship (POWIS) award, and is currently writing up her PhD in Human Visual Perception in Cyber Security. Debbie is also an Advisory Board member of HPC Wales, a £40 million project supported by UK and Welsh Governments, and a former member of the Wikimedia Foundation Advisory Board. For 10 years until June 2014, Debbie was the Principal UK Expert in Language encoding chairing both BSI and ISO Committees and Editor of two International Standards.  Debbie is also a Senior Visiting Research Fellow at Glyndwr University's Centre for Applied Internet Research. 

@debbiegarside

14:45

Tea / Coffee & Networking in Exhibition

(Foyers &Circle Bar)

15:15

Address

Harriett Baldwin MP, Member of Parliament for West Worcestershire. 

@HBaldwinMP

15:25

Thought provocation & debate:

Can networks ever be secure?

The current approach to network development is highly subjective. With security problems only becoming apparent once equipment has been bought and installed, the costs of fixing inadequate architecture can be considerable. This talk looks at some examples and highlights some problems and some potential solutions.

Nick Tudor, Business Director, D-RisQ

Nick had 20 years experience with the Royal Air Force followed by over a decade of experience within aerospace, defence and automotive industry. He has worked in QinetiQ and more recently with Tudor Associates, Aeronautique Associates as well as D-RisQ. Nick is an active supporter of the international effort to refresh DO178 and is now a member of the Forum for Aeronautical Software. As a director of D-RisQ, he has helped the company develop a technique that provides a fully exhaustive security analysis of a network architecture, enabling network owners to make informed investment decisions regarding the risks associated with a network architecture.

15:40

Software engineering the gangrene in your supply chain

Software engineering is a discipline that is concerned with all aspects of software production. Sadly for most products there challenges of delivery leave us open to all sorts of misalignment of expectation and deliveries. Security is full of these misalignments.

Paul Sherwood, CEO at Codethink

Paul studied Engineering Science at the University of Oxford whilst learning to code. He's helped mobile vendors, financial services organisations, and infrastructure providers to deliver advanced software technology projects since the mid 80s. If he went on Mastermind, his specialist subject would be "Where the Bodies are buried in international software engineering." 

@devcurmudgeon

16:00

Panel discussion

Chaired by Stuart Wilkes

Stuart is an IT professional with over 20 years experience. Working internationally he has worked with a wide range of organisations from financial institutions, publishing companies and educational establishments. An accomplished conference speaker, IT consultant, industry commentator and writer, he believes in the power of technology to enhance all aspects of life. 

@stuartjwilkes

Panellists Nick Tudor, Paul Sherwood and Edmund Sutcliffe, following their talks above, and David Bott.

After 26 years with BP, Courtaulds and ICI, spent in both their corporate centres and business units, David moved into start-ups 10 years ago, but was then diverted into 7 years setting up and directing the programmes of the Technology Strategy Board (now Innovate UK). He is now a non-executive Chairman of Flute Office and Oxford Biomaterials, a non-executive director of Oxford Advanced Surfaces, a Principal Fellow of WMG at Warwick University and has engaged in a wide variety of activities involving materials, design, sustainability and innovation.  

@david_bott

16:30

Bar & Networking in Exhibition

(Foyers & Circle Bar)

17:00

3SDL began life as a military data systems specialist and remains a leading advisor on many Command, Control, Communications and Computers (C4) programmes worldwide. They offer broad-ranging support to clients challenged by complex, multi-stakeholder projects, where evolving technology is often both the solution and the problem. Their cyber specialists support both government and business customers with identifying, prioritising and addressing their cyber risks. [Stand B13 (With Worcestershire Business Central)]

@3SDL

Accelero Digital's mission is simple: to use their extensive software development experience to deliver tangible business results enabling their clients to profit from the advanced use of technology and the implementation of software solutions that are specifically designed and developed to a company's unique business processes. [Stand A16]

@AcceleroDigital

AuraQ is an experienced professional services provider, specialising in the development of process solutions, the management of content and enterprise-wide systems integration. Their team of highly skilled architects and developers provide expertise in Business Process Management (BPM), Business Rules Management (BRMS), Enterprise Content Management (ECM), Customer Relationship Management (CRM) and application Platform as a Service (aPaas) web and mobile applications. [Stand A10]

@AuraQUK

Bob’s Business provides interactive, web-based Cyber Security Awareness Training that teaches your employees how to safeguard your organisation and protect your critical information. They treat each learning program like a marketing campaign, with internal communications to generate awareness, marketing materials to entice the workforce and reinforce your key learning messages. [Stand A7]

@BobsBusinessUK

Computer Network Defence (CND) was founded in 2004 and is a privately owned, organically funded Limited Company, offering a broad spectrum of Information Security services, from Professional Services to researching content for our Cyber Threat Intelligence feed. CND specialise in providing Information Security Consultancy services into Government and Defence, particularly around the development, implementation and manning of Secure Operation Centres (SOCs). [Stand A9]

@CND_Ltd

Dephrisk aid companies by providing low-cost assessments of their existing external IT systems and websites. They focus on delivering cost effective and reliable assessments for Small and Medium Enterprises to national and international standards. [Stand C2]

@Dephrisk

Digital Shadows provides cyber situational awareness that helps organisations protect against cyber attacks, loss of intellectual property, and loss of brand and reputation. Its flagship solution is Digital Shadows SearchLight™, a scalable and easy-to-use data analysis platform. [Stand B4]

@digitalshadows

E-Cycle provides  a complete ICT asset management process including data cleansing, repairing and refurbishing of end of use IT equipment. Assets can be data erased on the client site or taken by GPS tracked logistics partners to our processing location for data erasure, WEEE compliant disposal, donation, re-marketing or redeployment. Erasure can be done by a variety of methods that conform to Impact Level 5 by default, in accordance with CESG standards and potentially impact level 6 if required by the client. [Stand A14]

@EcycleLtd

Echosec provides advanced location-based search tools for professionals to apply in a number of areas including Law Enforcement, Corporate Security, Investigations, and Brand Engagement. The result is actionable knowledge in real time from aggregated social media and specialised content feeds. [Stand A5]

@echosec_search, @echosec_uk

Estatom Systems provide an operating system (OS) technology and a very high performance object database which together offer important benefits including security, speed, compact size, robustness and scalability. Their systems are suitable for numerous platforms including smart phones and Internet of Things devices. [Stand B3]

@EstatomSystems

Fresh Skies is a leading creator of comprehensive communication software products and solutions, committed to customer satisfaction, innovation and excellent return on investment. Their award-winning product mkryptorTM is The Cyber Security Solution of the Year, the first mass-market email encryption – it is scalable, flexible, real email and works on any device. Easy-to-use protection against identity theft, loss of business assets and reputational damage. [Stand A1]

@mkryptor

GeoLang was recently named the UK's Most Innovative Cyber Security Company 2015 by TechUK. Their core technical competence is based around a new technology for locating, securing and controlling the movement of sensitive data and intellectual property within cloud collaboration environments, email systems and more. [Stand A12]

@GeoLangLtd

IASME is one of the Cyber Essentials accreditation bodies appointed by the UK Government. Together with its Certification Body companies, it can certify you to the Cyber Essentials scheme required for many government tenders. IASME also assesses and certifies organisations against its own IASME standard. [Stand C1]

@IASME1

IDS INDATA works with organisations, worldwide to create a greater access to their information and communication regardless  of location or time zone, constantly and securely. They enable key stakeholders within the organisation to execute the implementation of new technologies, lead process, improve efforts, reduce business costs and enable innovation. Their capabilities include LAN and Data Centre Networks, Wireless, Network Security, Unified Communications, Video, Storage and Virtualisation. These capabilities are based around their key technology partners: Cisco, Alcatel-Lucent, EMC, VMware and Microsoft. [Stand B6]

@IDSINDATA

The Institute of Physics is a leading scientific society; a charitable organisation with a worldwide membership of more than 50,000, working together to advance physics education, research and application. [Stand B1]

@IOPMidlands, PhysicsNews

LuJam Internet Security are developing NetPicket, a low cost, non-invasive, network based, real-time Activity, Awareness and Alerting Service for SMBs, Homeworkers and Consumers. It complements existing productivity and security measures with a focus on zero-day attacks across all devices including "Internet of Things". [Stand A13]

@LujamSec

Lumeta provide a network situational awareness platform that is an authoritative source for enterprise network architecture, segmentation and cyber security analytics. Their ESI product offers real-time, context driven security intelligence for virtual, cloud, mobile & software-defined networks. IP Sonar gives continuous, on-demand or point-in-time situational awareness for audit, compliance & base-lining. [Stand A6]

@Lumeta

The Malvern Cyber Security Cluster is a group of small / medium cyber security companies centred around Malvern in Worcestershire, cooperating on a range of initiatives to grow their businesses. [Stand C1]

@MalvernCyber

The Malvern Small Business Forum meets monthly in Great Malvern to help small businesses and entrepreneurs to connect and share best practice. The forum is free to join and attend, offering opportunities to present and to listen to others experienced in different aspects of running a business. [Stand C3]

@MalvSBusF

The National Cyber Skills Centre (NCSC) delivers training in direct response to specific identified industry needs, supporting businesses both small and large. In terms of cyber security, the organisation offers a number of courses including training on Cyber Essentials and an introduction to cyber security called Cyber Bytes. [Stand B13 (With Worcestershire Business Central)]

@CyberSkillsUK

Panaseer cuts through the FUD by helping security leaders to answer the CEO's question, "How secure are we?" The Panaseer instrument provides the security insight needed to understand various components of cyber security risk. [Stand B9]

@panaseer_team

Pervade Software is the UK-based creator of OpViewTM and OpAuditTM. The company is a privately funded software vendor with strong roots in the capital of Wales. OpViewTM can collect, correlate and display every data type and OpAuditTM can track both technical and manual compliance evidence, all in a single configurable system. [Stand B8]

@PervadeSoftware

PrivacySolved is a Data Protection, Privacy, Technology and Information Security compliance consultancy based in London. PrivacySolved advises, solves problems and delivers projects for clients from a wide range of sectors in the UK, EU, USA, Asia Pacific and internationally. The company is based in the TechCity SiliconRoundabout area, where it supports Start-Ups, SMEs, international organisations and global companies. [Stand A4]

@PrivacySolved

QinetiQ comprises teams of dedicated people; experts in defence, aerospace, security and related markets, to draw on extensive technical knowledge and intellectual property to solve some of the world’s most challenging problems. [Stand B10]

@QinetiQ

Regency offers Security Consultancy and Managed Services to public and private sector clients from their secure premises in Cheltenham. Led by one of the UK’s most experienced and capable Information Security practitioners, augmented by one of the largest independent teams of CESG Listed Advisor Scheme (CLAS) registered consultants, their security team delivers the full spectrum of specialist Information Security support and managed services which have been certified to ISO/IEC 27001 by the British Standards Institution (BSI). [Stand A3]

@RegencyITC

Clients come to Sutcliffe & Co because they want honest, impartial insurance advice, a personal and professional service and quality insurance at competitive premiums. Services include cyber liability, business liability, directors, and premises insurance. [Stand C1 (with IASME)]

@sutcliffeCo

Tento are a cyber-security start-up offering strong, cost-effective 2 factor authentication using visual cryptography for website logins and online payments. They are now actively seeking trusted partners in the online security sector to help launch Tento Token Authentication.  [Stand A15]

@tento_uk 

The Friendly Nerd provides practical, jargon-free training in technology topics. In particular, they specialise in cyber security and information security training, both in person and online via their e-learning system. They can also help you to develop a security awareness programme for your organisation. [Stand A8]

@FriendlyNerdUK

Titania specialises in developing commercial software packages to enable organisations, auditors and consultants to undertake their own cyber security auditing and testing quickly and at low cost. [Stand B7]

@TitaniaLimited

The UK Cyber Security Forum represents small medium enterprises who are actively working in cyber security across the UK, helping to set up informal local "Clusters" for the industry. With over 350 members, the forum is developing a collaboration portal and other initiatives to benefit its members. [Stand C1]

@UKcyberforum

Unipart Security is part of the Unipart Group of companies and is an independent provider of cyber security services offering the accreditation and creative problem solving businesses need from their security partner. Their capabilities include penetration testing, vulnerability assessment, social engineering, training and consultancy; in addition to a wider suite of physical security solutions. [Stand B12]

@Unipartsecurity

Worcestershire Business Central is a service which provides support and access to funding helping businesses to start-up and grow. A dedicated website and helpline offer information on business start-ups, growth, skills development, property search, networking and finance. [Stand B13]

@WBCUpdates

Workspace Technology specialise in server room solutions and services. Their expertise includes UPS systems, Critical Power Distribution, Cooling and Monitoring of network critical physical infrastructure. Workspace Technology’s services also includes structured cabling, electrical installations and Building Systems technology. [Stand B11]

@WorkspaceTech

Winton is a global investment management business that was founded in 1997 and has grown from managing less than US$2 million with three employees to a global business currently managing in excess of US$30 billion, and employing more than 400 people. The company believes in the application of science and technology to the world of investment management. [Stand B5]

@WintonCapital

The Wyche Innovation Centre is a business accelerator and technology incubator situated in an Area of Outstanding Natural Beauty on the side of the Malvern Hills. It is home to over 40 businesses & organisations operating from serviced offices, hot desks or as a virtual office. [Stand C1]

@WycheInnovation