Category: Events

International Cyber Expo has announced the members of this year’s event Advisory Council. Chaired by former CEO of the National Cyber Security Centre (NCSC), Professor Ciaran Martin, CB, the Advisory Council combines 30 of the cybersecurity’s most well-respected industry figures from government, private and academic sectors. The council is united by their shared passion and commitment to combating the issues of tomorrow’s interconnected world. They will also shape the event’s agenda, drawing on their expertise and insights from within the field of cybersecurity. 

Taking place on the 27th – 28th September 2022 at Olympia London, the Expo endeavours to be an event for the community, by the community. Every effort has been made to form a diverse and esteemed panel of experts from all disciplines to provide an array of perspectives; from insurance, legal and vocational considerations to law enforcement and academia. Moreover, the Council has been intentionally created with an even split of gender representatives, while Nicola Whiting MBE has been engaged to offer a voice to the neurodiverse community. 

Members of International Cyber Expo’s Advisory Council 2022 include:

  • Alison Wakefield, Professor of Criminology and Security Studies, University of West London
  • Alonso Jose da Silva II, Head of Cyber Threat Intelligence, KPMG UK
  • Angela McLaren, Commissioner, City of London Police
  • Berta Pappenheim, Managing Director, CyberFish
  • Chris Greany, Director of Security, Pay.UK
  • Chris White, Head of Cyber and Innovation, The South East Cyber Resilience Centre (SECRC)
  • Professor Ciaran Martin CB, Oxford University and Former Chief Executive Officer, National Cyber Security Centre (NCSC)
  • David Mudd, Global Head for Digital Trust Assurance, BSI Group
  • Dr. David Scholefield, Chief Information Security Officer, Flexys Solutions
  • Don Randall, Senior Advisor, Don Randall Associates
  • Dr. Emma Philpott MBE, CEO, IASME
  • Flavia Kenyon, Barrister, The 36 Group
  • Gareth Wharton, Cyber CEO, Hiscox
  • Graham Ingram, CISO, University of Oxford
  • Jessica Figueras, Vice Chair, UK Cyber Security Council
  • John Davies, Co-founder and Chair of Cyber Wales, Board Director and Skills Growth Lead for UKC3, and CEO at Pervade Software
  • Lisa Forte, Partner, Red Goat Consulting
  • Professor Lisa Short, Director and Co-founder, P&L Digital Edge Limited
  • Lisa Ventura, Founder, Cyber Security Unity
  • Mahbubul Islam, CISO, HM Courts and Tribunals Service (HMCTS)
  • Matt Horne, Deputy Director, Investigations, National Crime Agency
  • Matthew Evans, Director, Markets, TechUK
  • Michelle Ohren, Head of Cyber and Innovation, The West Midlands Cyber Resilience Centre (WMCRC)
  • Nicola Whiting MBE, Chief Strategy Officer, Titania Group
  • Paul Chichester, Director of Operations, National Cyber Security Centre
  • Professor Richard Benham, Global Expert in Data Management, Artificial Intelligence and Cyber Security, Foreign, Commonwealth and Development Office
  • Simon Newman, Head of Cyber and Business Services, Police Digital Security Centre, Police Crime Prevention Initiatives (PDSC/PCPI)
  • Tracy Buckingham, Deputy Director Security and Cyber Security Exports, Department for International Trade
  • Vicki Gavin, Head of Information Security and Compliance, and Former Chair, Kaplan International and The Women’s Security Society
  • Professor Vladlena Benson, Professor of Cybersecurity Management, Director of Cyber Security Innovation Centre, Aston University
  • Zak Doffman, CEO, Digital Barriers

“The current threat landscape means it is more important than ever for the cybersecurity community to come together and support each other. Continued collaboration across all sectors, whether public or private, and our peers will help us overcome the issues we face as we become more dependent on technology,” comments Ciaran Martin CB, Professor at Oxford University and Chair of International Cyber Expo’s Advisory Council. “I’m honoured to be the Chair of the Cyber Advisory Council and look forward to supporting, adding value, and sharing knowledge to help shape the future of this essential cyber event.”

“International Cyber Expo’s mission is to create an inclusive event that brings together the cybersecurity community to learn and explore the issues, challenges and topics that are specifically relevant to them. We strive to make sure our agenda is compiled from listening to that community and that is why we have a high-level team of advisors from various backgrounds and disciplines in the field,” adds Bob Rose, Advisory Council Lead and Government Liaison for International Cyber Expo. “We’re thrilled to have these remarkable individuals on board, and look forward to producing a quality show for visitors and exhibitors alike.”

Registration for the event is now open, and free tickets can be found here: https://ice-2022.reg.buzz/e1

The post International Cyber Expo Invites Esteemed Advisory Council to Shape Event Agenda appeared first on IT Security Guru.

“We have never been closer to a cataclysmic cyber event,” warns Nicole Perlroth, New York Times’ cybersecurity journalist, at this year’s KB4-Con in Orlando, Florida.

Perlroth begins her talk by painting a picture of today’s sombre reality, highlighting the threat of Russian cyberattacks on our critical infrastructure and the latest discovery of Pipedream – the seventh known malware developed to disrupt industrial control systems.

When she first joined NYT in 2010, Perlroth was hired to be a cybersecurity business journalist, covering the latest mergers and acquisitions within the industry. Little did she know that the world would face the monumental Stuxnet worm attack that same year. In an attempt to curb World War III and halt the Iranian nuclear programme, Stuxnet showed just what code was capable of. It was a watershed moment for offensive cybersecurity by nation-states.

At the time, Russia was considered to have the most sophisticated cyber capabilities but such prowess was generally engaged in cybercrime as opposed to nation-state activity. China did not necessarily pose an immediate threat either, as they were primarily focused on stealing IP. Then there were some like Iran that did hold a grudge towards countries like the United States but did not have the cyber skills. In a very short span of time, that landscape shifted markedly and countries around the world began to heavily invest in their cyber arsenal. Russia’s aims quickly changed, and the world underestimated how fast Iran would catch up skills-wise. In fact, nothing demonstrated this better than the Shamoon virus they unleashed in 2012, which wiped data from tens of thousands of computers owned by Saudi Aramco.

It wasn’t until three years later though – when the New York Times itself fell victim to Chinese hackers seeking to uncover the publication’s confidential sources – that Perlroth, personally, experienced a wake-up call. As Perlroth waited for a cavalry that would never appear and a conviction that would never come, it dawned on the journalist that the organisation itself had to learn to fend for itself. She quickly realised that cyber warfare is not a military exercise, but a societal and organisational problem. Therefore, it is critical that greater awareness is raised among the public about the threats that exist. Equally important, the language we use to communicate this should be ‘dumbed down’, with all jargon removed.

It is often easy for individuals and organisations to think: what would any nation-state want with me? Particularly, when the business does not operate directly within critical national infrastructure. Yet, Nicole has seen first-hand how a mom-and-pop welding shop out in the country had put Fortune 500 companies at risk. She reiterated that, while the affiliations may not be apparent, critical national infrastructure is an ecosystem and most attacks are enabled by the weakest link. With that said, building a strong cybersecurity culture is incredibly important.

The post KB4-Con: This is How Nicole Perlroth Tells Us the World Ends appeared first on IT Security Guru.

KB4Con 2022 ended on a high point as it involved an individual many of the attendees had been excited to hear from – someone who is widely considered to have coined the term hacking. It was none other than computing security consultant, author, “one-time world-most wanted hacker” and Chief Hacking Officer at KnowBe4, Kevin Mitnick.

Kevin, who attend virtually via Zoom, was joined on stage by Colin Murphy, Chief Information Officer at KnowBe4. The talk was in the form of a Q&A with Colin asking Kevin questions that varied from his early hacking experiences, recommendations for today’s hybrid workforce as well as his thoughts on vigilante hackers from America that want to provide support to Ukraine. 

Kevin’s interest in hacking came from his love of magic. He was fascinated by the tricks that could be played on the mind and individual which eventually evolved into pranking friends and family. He then applied what he learned to computing which was a new and unexplored world. However, he was met with an obstacle. As someone who didn’t study the required subjects to enter a computing class, he was initially turned down by his teacher. Disgruntled but determined not to give up, Kevin wrote a phishing program that stole the credentials of 80% of the staff and students in the 1970s – the first piece of code he had ever written. Astonished, the teacher allowed Kevin to study in the class (and unknowingly gave birth one of the world’s most formidable hackers).  

Fast forward to present day and Kevin has a long list of achievements, warrants, items hacked, and media appearances. Yet, he is still a security professional that wants to help the many and parted with helpful advice to those in the audience who were hanging onto his every word.  

For example, when Colin asked, “What are your recommendations for today’s hybrid workforce?” Kevin stated that organisations must assume a breach on the network has already occurred, with all devices connected to the network continuously scanned and secured using Endpoint Detection & Response (EDR). He continued explaining the importance of MFA (multi-factor authentication) and education to help train users, and the wider workforce, about popular cyberattack methods like phishing. Enabling the individual at home to be more secure must be a priority for every business that has a remote workforce was his message.   

Kevin also noted the importance of prevention to the security of an organisaton, especially given the tactics adopted by modern day ransomware groups are not too dissimilar to those witnessed when he first started hacking himself. The objective, put plainly, is to keep all sensitive credentials safe and to transform the organisation’s security culture and reduce human risk at every level. 

The talk also included a live demonstration of a vishing attack that Kevin had created to obtain mobile numbers using the automated voice attendant at AT&T – a familiar voice to those in the US.  

It was a fascinating talk and closed an incredible 3 days of KB4Con 2022, where positive connections were made to help us make smarter security decisions for the future.   

The post KB4Con 2022 – The Latest in Hacking Techniques with the World’s Most Famous Hacker appeared first on IT Security Guru.

Humanity has always embraced technology and, today, we are seeing increased IoT integration, cloud adoption and vast wave of remote workers who are connecting to more online infrastructures. However, this is leading many to question the cyber resiliency of organisations, particularly at a time when cyber-attacks are at an all-time high. In fact, according to respected engineer and technology author Peter Diamandis, “over the next ten years, we are going to see roughly 100 years of technological change.”

This was how Dr. Lydia Kostopoulos, SVP Emerging Tech Insights, and James McQuiggan, Security Awareness Advocate at KnowBe4, opened their KB4Con 2022 talk Implementing Cyber Resilience Utilization for the Fourth Industrial Revolution.  

The discussion first delved into our past interactions with technology; because if you don’t know where you’ve come from, you don’t know where you’re going. And this famous quote held significance in this discussion as Lydia and James stated we had entered the fourth industrial revolution.  

However, to understand this, the audience were walked through the previous three industrial revolutions (from the 1800s to present day) to see how each brought about changes that moulded society, from our technological innovations to our education habits which would define the generations that came after. 

Lydia and James then explained how the fourth revolution has given birth to IoT, Automation, Machine Learning, Quantum, the Metaverse and cyber-physical systems. Human interaction with these technologies is growing because most things have become electrified or digitised.  

These systems are even being found in our homes in the form of Siri, Alexa and Google Home. While they are designed to aid us when called upon, there are instances where such AI IoT devices are being creepily invasive by listening to our conversations.  

Yes, there are issues to iron out but the convergence of technology, like AI, has benefited society in many ways, from healthcare to transportation.  Furthermore, the use of IoT devices is well documented within SCADA and Industrial environments as they help connect individuals to enterprises. The critical point though is human intervention will always be required to oversee these systems as the lack of security is becoming more apparent.  

The talk then moved onto quantum technology, cryptocurrency and blockchain. Quantum computing is a hot topic with many nations and enterprises claiming to have reached quantum supremacy. However, both commented the fear that Quantum will have the ability to break encryption (using Qubits) and so building quantum resistant encryption must be a priority.  

Furthermore, Lydia noted the rise in blockchain, cryptocurrency and NFT attacks. She stated that banks “are not as targeted and so threat actors are turning their attention to cryptocurrency because of the lack of security.” Indeed, in 2022 alone, a report found that users had lost crypto-assets worth over $700m in security breaches at exchanges and storage providers. This didn’t deter approximately 70% of the talk’s audience who raised their hands in stating they owned some form of cryptocurrency.  

With the creation of these new technologies, building cyber resilient cultures will be the lynchpin in organisational and societal growth and security. Lydia explained how organisations needed to achieve cyber resiliency built through effective, open and clear technology communication channels. This includes adopting a mindset that allows the workforce to understand what malicious attackers think, and therefore build a culture, so it becomes second nature – akin to a red-teaming mindset. Have education be the foundation by following a security culture playbook which embeds security into the organisation’s culture, from top to bottom – this is the next evolution that must be taken as we enter the fourth technological revolution.  

The post KB4Con 2022 – Cyber Resilience and the Fourth Industrial Revolution appeared first on IT Security Guru.

“How strong is your security culture… and are you controlling it?” This is the question posed by Kai Roer, chief research officer and Perry Carpenter, chief strategy officer at KnowBe4 during their session entitled Security Awareness, Behaviour and Culture – The Key to Making it Work at KB4-Con in Orlando. The pair posited to the attendees of both partners and customers that security culture is widely regarded as a good thing by 94% of organisations surveyed by Forrester, though the term itself has too many definitions in its current state to be meaningful. Indeed, good and bad security culture is something that can be embedded into an organisation. Therefore, a new approach is needed that takes into account the ideas, customs and social behaviours of an organisation that influence its security.

 

Perry noted a reckoning in the industry, where once security awareness programmes started with limited goals and bare minimum checklists set merely on achieving compliance requirements, we’ve moved on to shaping behaviours to stem the tide of breaches that come from phishing – but there is so much more we can do, he said. “We need to start viewing the human as an endpoint that could potentially control thousands of other endpoints (IoT); if you can deal with the one who controls the many, it’s more effective.”

 

Kai and Perry moved on to talk about the maturation of the industry and how CISOs can more easily earn themselves a spot at the table. “The way to do this is for CISOs to be able to give relevant metrics on how people play into the security profile of the organisation. People are a critical layer – not the only layer but a critical one – so this is all part of a defensive security posture. We need to up-level this traditionally ignored part of the security stack,” Perry explained.

 

To help with this, Kai said that meaningful data is necessary, because most existing models for security culture maturity lack precision. As part of the pair’s research, they analysed billions of data points to come up with the seven dimensions of security culture that allow organisations to breakdown their own security culture and adapt accordingly. The full playbook is available to buy here: https://www.amazon.com/Security-Culture-Playbook-Executive-Developing/dp/1119875234

The post Live from KB4-Con: Security Culture in the Spotlight appeared first on IT Security Guru.

Nineteen Group, organisers of the International Cyber Expo, today announces it has partnered with Queen’s Award for Enterprise winning technology PR agency, Eskenzi PR to help spread the word about the industry’s newest cybersecurity event.  

 

Eskenzi PR has been a pillar within the industry for nearly three decades and brings a wealth of experience and expertise to the Nineteen Group team. The agency currently offers PR support for over thirty tech companies worldwide.  

  

In recent years, the UK government has set its sights on cultivating the country’s cybersecurity sector and, as announced in December 2021, they aim to “solidify its position as a global cyber power”. As a result, the industry has flourished; bringing in a record level of investment amounting to £10.1 billion in the last financial year. Naturally, the next step would be to make the UK home to the industry’s most rewarding and unmissable event. Nineteen Group, together with Eskenzi PR, endeavour to lead that effort.   

  

Taking place at the Olympia London on 27-28 September 2022, the International Cyber Expo intends to disrupt the status quo by producing a dynamic and inclusive annual event where business, innovation and education converge. Over the two days, cybersecurity veterans and newcomers can attend CISO roundtables, informative talks by experts in the field, as well as delve into immersive demonstrations of the latest cutting-edge technologies. The space will serve as a networking hub for everyone from government officials and entrepreneurs, to venture capitalists and software developers.   

  

“Eskenzi PR is the cybersecurity PR agency. They have turned hundreds of companies into household names over the years and were pivotal to making Infosecurity Europe into the success it is today. There was no doubt who we wanted to take on board to guide us through this exciting venture,” said Rachael Shattock, Group Event Director at Nineteen Group. “We are thrilled to work alongside Yvonne Eskenzi and team to deliver a phenomenal event for the cybersecurity community.” 

  

“I founded Eskenzi PR when the cybersecurity industry was still in its infancy, allowing us to establish ourselves within the heart of the community and get to the crux of what they want and need. And what we have long-needed is an event for the community, by the community,” said Yvonne Eskenzi, co-founder and director at Eskenzi PR and Marketing. “Nineteen Group has convened an Advisory Council made up of cybersecurity all-stars, and they are making significant investments to do right by us. They are all in, and I could not think of a better partner to bring this vision to life.” 

  

To find out more about the International Cyber Expo, visit: https://www.internationalcyberexpo.com/welcome 

 

< <  END > >  

 

About International Cyber Expo 

 

Launched as the first dedicated event to bridge the gap between physical and cyber security industries, the International Cyber Expo is now one of the key cybersecurity events on the industry’s calendar. The event is overseen by a top-level Advisory Council made up of credible Government, industry and leading academic stakeholders to help shape its agendas and maintain the top-level content that includes the high-level two-day Global Cyber Summit.  

 

It also features a large exhibition area with International Pavilions, a Government Zone and Immersive Cyber Demonstrations that focus on technology and services that protect businesses’ digital and physical future. For more information visit: https://www.internationalcyberexpo.com 

 

About Nineteen Group 

Nineteen Group is a rapidly expanding, dynamic and ambitious events business, which like our portfolio has a clear focus. Our corporate vision is to become the most successful events business in the UK. 

 

At the heart of Nineteen Group lies over 100 years of industry experience and an unrelenting commitment to deliver customer satisfaction. 

 

Following substantial investment from Phoenix Equity Partners, a leading growth-focused private equity firm, Nineteen Group is delivering major-scale trade exhibitions within the retail, security, cyber security, fire, emergency services, health and safety, facilities management, engineering and manufacturing sectors. www.nineteengroup.com 

 

 

About Eskenzi PR  

With over 26 years of experience, Eskenzi PR is an award-winning PR and Marketing agency that specializes in cybersecurity. Founded by Yvonne Eskenzi and Neil Stinchcombe, Eskenzi PR is at the forefront of the industry and is renowned for building startups into household names and creating global brands. With a presence in the U.K., US, Singapore, Australia, France and Germany no time zone is left unmanned. Eskenzi PR is also the creators and host of industry-renowned events like the European Cyber Security Blogger’s Awards, Security Serious Week, IT Security Analyst & CISO Forum as well as founding the highly regarded news site itsecurityguru.org. To learn more visit https://www.eskenzipr.com 

The post NINETEEN GROUP APPOINTS QUEEN’S AWARD WINNING ESKENZI PR TO PROMOTE UK’S NEWEST CYBERSECURITY EVENT appeared first on IT Security Guru.

The IT Security Guru has teamed up with Synopsys, a recognised leader in application security, to bring you the webinar, Secure Your Cloud Environment from Evolving Threats.

As the migration to the cloud continues at an unabated pace, the threats in the cloud are also increasing proportionally and evolving constantly. Data breaches, misconfiguration risks, weak identity and access management controls, insider threats, multi-cloud infrastructure, and increasing complexity are just a few of the many challenges that are common in cloud computing.

Adding to the complexity of today’s cloud landscape are multiple cloud providers with different ecosystems and myriad services offering unique security controls. Migrating on-premises/private cloud IT infrastructures onto the public cloud only increases the challenge of ensuring cloud security.

In this webinar, learn the essential elements required to ensure the security of your cloud environments.

  • Setting the right cloud security strategy that suits your organisation
  • Deploying and operating cloud-based applications with adequate security controls in a secure infrastructure
  • Ensuring container-level security
  • Maintaining a good cloud security posture

In addition, hear success stories of how Synopsys helped tackle some clients’ cloud security challenges.

The webinar will be live online at 11.30 am BST on the 28th of April 2022 and henceforth, available on demand.

Don’t miss out! Register HERE

 

The post Webinar: Secure Your Cloud Environment from Evolving Threats appeared first on IT Security Guru.

Now in its ninth successive year, the much-anticipated annual European Cyber Security Blogger Awards, sponsored by KnowBe4 and Qualys, is now open for nominations. The awards have always been committed to celebrating the cybersecurity industry’s most coveted bloggers, vloggers, podcasters and social media influencers. Previous award winners have included renowned blogging and podcast stars such as Troy Hunt, the creator of Have I Been Pwned, Graham Cluley, Carole Theriault and Geoff White.  

To be part of the awards, nominate yourselves or blogs, vlogs and podcasts that you’ve seen become truly influential among the cybersecurity community or rapidly grown a dedicated following. The nominations include categories for bloggers, vloggers, podcasters and social media influencers alike in commercial and non-commercial categories.

We’ll be awarding worthy recipients titles such as The Noobs for best new blog/podcast, the Teacher for the best educational blog, the Tech Whizz for the best technical blog and the Influencer for the person who uses their social media platforms for inspiring and having a positive impact on the community.  

To get nominating your favourites, head over to the nomination page for the first stage of the awards process: https://forms.gle/4D4PygUVcNxFQ6iFA 

After all nominations are received by the 6th of May 2022, we will open the next stage for people to vote for their top picks. We’ll tally these results and combine them with the judge’s picks and determine the winners to be revealed at the live European Cybersecurity Blogger Awards 2022 event. 

This year, the event will be held in person following two years as a virtual event during the pandemic. It will take place on the first evening of Infosecurity Europe (21st of June) at Tapa Tapa restaurant, just next door to the ExCel Conference Centre. 

Get the date in your diaries and start nominating now! 

The post Nominations for 2022’s European Cybersecurity Blogger Awards NOW OPEN! appeared first on IT Security Guru.