Programme:

Confirmed Keynotes Edward Snowden & Anonymous Scandinavia​

• Security in 2020: Cyber threats and new methods to protect against them
• The risks and costs of cybercrime to businesses
• Cyber skills: The importance of education and diversity in cybersecurity

The UK government’s National Cyber Security Strategy covers 2016 – 21. So what progress has been made over the last year? The strategy sets out how the UK will aim to be one of the most secure places in the world to do business in cyberspace.

This session will cover progress so far including:

• The work of the National Cyber Security Centre (NCSC), set to act as the UK government’s single authority on cyber security
• The Active Cyber Defence programme, which has successfully blocked more than 4.5 million malicious emails every month and taken down over 140,000 fraudulent phishing sites
• Strengthened regulation to improve our overall cyber security, including the Data Protection Act, the General Data Protection Regulation (GDPR), and the Network and Information Security Regulations

Set up to act as the UK Government’s authority on cyber security, the NCSC has made huge progress since its inception three years ago. This session, led by the NCSC, will detail the work of the centre including:

• How the NCSC is working with young people to direct their talent for good and prevent them from entering cybercrime.
• The types of threat impacting the UK and how the NCSC is working with businesses to counter them
• Intelligence sharing and how the NCSC is working with US organisations such as the NSA to help fight cyber-attacks from foreign actors

The EU Update to Data Protection regulation (GDPR) and the UK’s resulting Data Protection Act came into force in 2018. Now, one and a half years later, we are starting to see the impact on firms who have suffered breaches of personal data. This session will include:

• GDPR fines: British Airways (BA) is facing a record fine of £183 million – the biggest penalty the ICO has ever issued. Meanwhile Marriott hotel group faces an £99 million. Is this a sign of things to come, or is the ICO making an example of the first firms to be fined?
• Class action lawsuits: Why these can be an even bigger risk than the GDPR fine
• Examples of companies who are protecting data under the GDPR and how your company can learn from them

The cost of an attack is rising. According to Accenture and the Ponemon Institute, the average cost of a cyber-attack is now $13 million.           

• The costs of attack, both financial and reputational
• What types of attacks are most common in 2019?
• Examples of high-profile attacks: big hacks and exposed data
• Is it possible to prevent an attack?
• The basic security measures that every business must have in place
• Why the board room must include security in overall business strategy 
• Developing methods of monitoring the network for attack

Lauri Love, Gary McKinnon and many other young people falling foul of the Computer Misuse Act are autistic. But they are also talented coders whose talents could have been used by businesses to help stop cyber-attacks. Neurodiverse individuals have many skills that could be used in cyber security, including cognitive pattern recognition, outside-the -box thinking, attention to detail, logical and methodical thinking, and focus and integrity.

This session will explain:

• What is neurodiversity and how can it be useful to the cyber security industry?
• How firms need to adjust to accommodate neurodiverse individuals, and the benefits of doing so
• Changing the recruitment process: making your job ads as inclusive as possible to attract neurodiverse applicants

Choose to attend 1 of 2 industry expert sessions

Security experts already know that the weakest link is the business' employees. But hackers are also realising this and are constantly finding more innovative ways to attack. This session will cover:

• The rise of spear phishing and social engineering
• Examples of data breaches that started this way
• Educating employees: why real life scenarios help
• Managing access to data
• Password security: An essential factor that firms often get wrong
• The insider threat: When employees go rogue

The cyber security landscape is rocky. Attacks are utilising every method available, with volumes increasing at an alarming rate. What does this mean for the plethora of firms based in Birmingham? From an enterprise perspective, it's important to be able to monitor for attacks – keeping up with the hackers is the only way to survive in an era where data is king.

This session will see a Birmingham-based firm talk about how it secures its data, taking into account the sector it works in and the GDPR.

When credit monitoring firm Equifax was breached in 2017, the impact was huge. It was one of the biggest hacks of all time, exposing vast amounts of personal information including social security numbers, names and addresses of 143 million people. The impact is still being felt now, as Equifax faces class action lawsuits and tries to repair its damaged reputation.

But what often isn’t talked about is the people impact. What’s it like to work inside a company that suffers such a public and humiliating breach? How do people cope with the social media taunts, press attention and lack of communication within the company?

David Rimmer, former Equifax CISO for Europe, takes the audience through what happened. 

Famous for the WannaCry attack that hit the NHS, ransomware continues to target businesses and the public sector. The effect can be catastrophic: In the US a number of local governments were forced offline because of this malware. Meanwhile aluminium producer Norsk Hydro was forced to switch to manual operations after being hit with ransomware.

This session will cover:

• Why the malicious software is a particularly big threat – and who is at risk
• Why if the ransom is paid, there’s no guarantee that information will be released
• How to regularly back up data to avoid ransomware having an impact and other strategies  
• Paying out: should you ever pay the ransom?

TBC

This session will see Midlands Cyber, a government backed initiative supported by the Midlands Engine and Department of International Trade, talk about the region’s pedigree in cyber security. It will cover:

• How the Midlands, with its manufacturing focus and proximity to the government’s security HQ, has recently seen rapid growth in its cyber sector and development of digital data breach expertise
• How cyber security is now a leading catalyst of growth across the Midlands, with medium-sized businesses currently operating in the market are expected to continue to scale up as the global sector growth unlocks over $1 trillion of spending power by 2021
• The vision for the future of cyber in the region

According to the government, 14 billion objects are connected to the internet and by 2020, it could be as many as 100 billion worldwide.

• How you might be using IoT but not know it
• Data privacy: coping with the information created by IoT
• Security by design: Is the UK government’s IoT strategy having an impact?
• An IoT security strategy
• 2020 predictions

Connected cars promise to make the roads safer and more efficient, but they also come with security risks. This session will demo the hacking of a connected car live on stage.

In 2013, Birmingham City Council suffered a cyber-attack thought to have been perpetrated by renowned hacktivist group Anonymous. This session will cover what happened, how the scenario played out and what has been learnt six years later, including the mitigation steps the council has in place.