We are excited to announce ‘Life’s a breach’, a comprehensive day dedicated to demystifying cyber security.
You will meet leading specialists in their field, ready to share their knowledge and experiences in governance, incident response, technical system testing and cyber insurance. Each session is crafted to provide insights and practical knowledge, ensuring you’re better equipped to navigate the cyber landscape.
Life’s a breach will be a fun day bringing some enjoyment into our learning. We’ll have optional hands-on exercises, interactive simulations and opportunities to use Kennedys Client room for collaborative discussions.
Please join us to network, learn and have fun with fellow ALARM members.
Registration and refreshments
Registration
Registration and refreshments
9.30am – 10am GMT, 19 March 2024 ‐ 30 mins
Registration
1: The practical implications of cybersecurity laws
Session
1: The practical implications of cybersecurity laws
10.15am – 10.45am GMT, 19 March 2024 ‐ 30 mins
Session
Joel will discuss the obligations and compliance with local and international laws (in particular busting the myth that China has no laws for cyber security). He will also explore the legal consequences of data breaches, not just GDPR, but litigation issues that could arise from losing sensitive data or not being able to deliver on contracts.
Speakers
2: Robust Cybersecurity: Ensuring you have the breadth of security for the depth you need
Session
2: Robust Cybersecurity: Ensuring you have the breadth of security for the depth you need
10.45am – 11.30am GMT, 19 March 2024 ‐ 45 mins
Session
In this session we will open the day by exploring how to understand and safeguard your digital assets. We’ll help you to pinpoint what data is truly precious to your organisation. How to apply layers of protection that are adequate for you and also to acknowledge, in order to operate and not disconnect yourself from the world you will need to accept some cyber risk. Having accepted that risk, how will you be vigilant to detect incidents, respond to them adequately and ensure that you can quickly recover should the worst happen?Speakers
Refreshments
Refreshments
Refreshments
11.30am – 11.45am GMT, 19 March 2024 ‐ 15 mins
Refreshments
3A: Life’s a breach: Effectively detecting and responding to cyberattacks
Session
3A: Life’s a breach: Effectively detecting and responding to cyberattacks
11.45am – 12.30pm GMT, 19 March 2024 ‐ 45 mins
Session
Unfortunately, in the current cyber climate, it is a matter of ‘when’ rather than ‘if’ an organisation will be affected by a cyberattack. Our Security Operations Centre (SOC) sees over 16,000 indicators of compromise a month, ranging from phishing emails to ransomware detections, so have a valuable insight on how to mitigate the damage or likelihood of a successful attack.Although this may seem like a dreary outlook, there are key steps and protections that organisations of all sizes can put in place - without the six-figure budget.
This session will cover common incidents that affect all sizes of businesses, key preventative measures and response best practices to give you peace of mind.
Speakers
3B: Ongoing GDPR compliance: Privacy by design
Session
3B: Ongoing GDPR compliance: Privacy by design
11.45am – 12.30pm GMT, 19 March 2024 ‐ 45 mins
Session
Organisations that hold and process personal data gave a lot of thought to how they protect it, and how they respect peoples’ rights, when GDPR came into force in 2018. Six years later, many are asking whether they’re still doing everything necessary to ensure compliance. A particular area where understanding remains somewhat shrouded in mystery is ‘privacy by design’ both in terms of what it means in practice, as well as how risk managers can determine whether it’s true of systems used within their organisations.This session looks at how you can establish whether your organisation is still complying with the legal requirements of GDPR, taking the two areas where organisations struggle most, and proposes pragmatic solutions to them. We’ll then zoom in on privacy by design, demystifying some of the core principles of secure coding, and give risk managers a checklist of questions for development teams and software providers.
Speakers
Lunch
Refreshments
Lunch
12.30pm – 1.30pm GMT, 19 March 2024 ‐ 1 hour
Refreshments
4A: Little and often so as not forgotten: Importance of vulnerability management and pentesting
Session
4A: Little and often so as not forgotten: Importance of vulnerability management and pentesting
1.30pm – 2.15pm GMT, 19 March 2024 ‐ 45 mins
Session
One of the most challenging things for organisations is to stay one step ahead of the ever-evolving threat landscape. Particularly for organisations with legal and regulatory requirements to maintain (like cyber essentials, insurance obligations, ISO27001 and GDPR), there is often a costly, annual pre-audit scramble to ensure they still meet the minimum standard.
This talk will showcase how organisations can successfully manage those tasks throughout the year in a little and often approach, ensuring they are protected in real time, not just at one point each year, reducing the burden on staff and vastly minimising spiralling unbudgeted costs.
This session will also demonstrate, in the form of a live demo, just how easy it can be for an attacker with little skill or knowledge to successfully infiltrate an organisation that has been operating blissfully unaware of their risks.
4B: Don’t trust the robots? Using AI safely
Session
4B: Don’t trust the robots? Using AI safely
1.30pm – 2.15pm GMT, 19 March 2024 ‐ 45 mins
Session
Artificial Intelligence (AI) refers to the computer systems that are capable to perform the cognitive functions we usually associate with human minds. AI has been around since the 1950s, but the pace of AI innovation has accelerated in the past several years.
Organisations are using AI technologies in many ways - to enhance their products, create services that provide human-readable answers and so much more. It is important to understand the scope and context of AI technologies, and how they can be used. At the same time, organizations should be aware about the risks of using AI services. It is also important to continue to review the risks of emerging AI tools.
Azad will explore key risks associated with AI with focus on cyber security risks and how these risks can be mitigated.
Speakers
Refreshments
Refreshments
Refreshments
2.15pm – 2.30pm GMT, 19 March 2024 ‐ 15 mins
Refreshments
5A: Cyber Resilience: Using the Cyber Assurance Framework (CAF) to build proportionate cyber defences
Session
5A: Cyber Resilience: Using the Cyber Assurance Framework (CAF) to build proportionate cyber defences
2.30pm – 3.10pm GMT, 19 March 2024 ‐ 40 mins
Session
Core to the UK Government's National Cyber Strategy is the CAF, a framework that is objectives led and tailored to specific sectors.
Critical National Infrastructure (CNI), as well as Central and Local Government are increasingly being encouraged to adopt the CAF as their cyber standard, due to its wealth of supporting literature, making it ideal for companies in all sectors to adopt.
In this session you gain insight as to how the CAF could work for your organisation, and what this means for Local Government through 2024 as CAF becomes increasingly encouraged in public sector.
Speakers
5B: Got Net Zero on your risk log? An insight to managing environmental risks
Session
5B: Got Net Zero on your risk log? An insight to managing environmental risks
2.30pm – 3.10pm GMT, 19 March 2024 ‐ 40 mins
Session
Speakers
6: Cyber claims and underwriting
Session
6: Cyber claims and underwriting
3.10pm – 3.45pm GMT, 19 March 2024 ‐ 35 mins
Session
James will host a cyber insurance session with a core focus on coverage available within a policy, the underwriting criteria and what minimum cyber security standards insurers are looking for. James will also talk about the current claims landscape and a full market update summarising how the cyber insurance market landscape has developed in the last five years.Speakers