Winter Gardens, GSK Building
Jubilee Campus,
University of Nottingham
30 October 2024
As part of Cyber Security Awareness Month, we invite you to attend our free one-day conference and exhibition, aiming to help organisations in the region to better understand cyber security and provide support in addressing key issues. The event is hosted by the University of Nottingham, with support from the CyCOS project.
The event is open to participants from organisations of all sizes and sectors, but will be of particular interest to small businesses interested in broadening their understanding of how cyber security affects them and what can be done about it.
The programme includes talks and panel sessions involving a wide range of cyber security experts, from the East Midlands and beyond. Topics covered will include:
- Insights into the nature and impact of cyber breaches experienced in the UK
- How to help ensure that cyber security gets the focus it needs, and the key issues to focus on
- What to look for in terms of cyber security skills, and where to find them
- Where to look for further support, and how we can expand it through a community-based approach
The event also includes an exhibition and extensive networking opportunities, with a chance to discuss issues, seek advice, and learn about what is on offer from the profession and from academic research.
See below for full details of the agenda and speakers.
The event is scheduled for a full day, but you may register to attend morning or afternoon segments only. Refreshments will be provided through the day, as well as a buffet lunch.
If you would like to attend, please follow the link below.
Agenda
Registration
9.00
9.30
Welcome and Introduction
Steven Furnell (University of Nottingham)
9.45
The Cyber Security Breaches Survey 2024
Nada El-Hammamy (Ipsos)
The Cyber Security Breaches Survey is an annual research study for the UK government that is primarily used to inform government policy on cyber security. The study explores the policies, processes and approach to cyber security, for businesses, charities and educational institutions. It also considers the different cyber attacks and cyber crimes these organisations face, as well as how these organisations are impacts and respond. The presentation will highlight the key findings of the 2024 research.
10.10
Cyber Essentials: Essential protection for businesses
Joe Checketts (IASME)
Cyber Essentials is a Government-backed security certificate which aims to protect organisations against the most common cyber attacks. The scheme has been running since 2014 and as well as providing a good baseline level of security, a Cyber Essentials certificate is a requirement when bidding for public sector work It consists of a set of technical controls which can be applied to any organisation to improve security posture. The presentation will outline the purposes of the scheme and the controls used along with the reasons they are important for preventing opportunistic and automated attacks.
10.35
Cyber Security: "Out of the server room and into the boardroom"
Haroon Malik (Senior Security Executive)
Cyber Security has become a critical issue for organisations around the world. As the cyber threat landscape evolves, cyber security must be treated as Board level risk, rather than an IT issue. In this brief talk, Haroon Malik will discuss why 'Cyber' has become critical issue at Board level. He will also discuss his experiences on how best to communicate the cyber security message to Executive Teams.
11.00
Refreshments and Exhibition
11.30
The Price of Silence
Daniel Tremayne-Pitter (Dark Matter)
Daniel will describe his journey into why business culture persistently shy away from discussing the realities of cybercrime. He talks about his experience creating a documentary drama about a small business crippled by a ransomware attack and its devastating impacts on the business and its people.
11.55
Panel: Cyber Skills in Short Supply?
Xavier Carpent (University of Nottingham)
Ram Herkanaidu (Independent Security Researcher
Maria Papadaki (University of Derby)
Nicholas Poyiadgi (CompTIA)
While there are plenty of voices to suggest that organisations need to address cyber security, one of the fundamental challenges can often be a lack of skills to do so, or a lack of understanding of what skills are needed. This panel session will discuss the situation, considering issues such as: the reality of the skills shortage, how to know what you need, what is being done to increase the pipeline of cyber professionals, and where support can be found if you don’t already have it.
12.30
Lunch and Exhibition
13.45
Cyber Resilience Centres: Educating and supporting SMEs
Colin Ellis (Cyber Resilience Centre for the East Midlands)
An overview of the online threats to UK SMEs and why securing every SME is integral to our nation’s financial health and security. The session discusses how the combined efforts of Policing, Academia and Business come together through regional Cyber Resilience Centres to deliver professional and affordable help and services to SMEs.
14.10
The Power of Cross-Sector Collaboration in Strengthening Cybersecurity in the UK
Ed Parsons (ISC2)
In today’s increasingly interconnected digital landscape, the threat of cyberattacks is a growing concern for all sectors—public and private alike. According to the ISC2 2024 Workforce Study, 74% of cybersecurity professionals report that the current threat landscape is the most challenging it has been in the last five years. However, no single organisation or industry can tackle these threats in isolation, highlighting the urgent need for new approaches to cyber resilience and growth in the field.
In this session, Ed Parsons, VP at ISC2, will highlight the pivotal role of the third sector in enhancing the UK’s cybersecurity posture, particularly through engaging diverse communities, promoting education and awareness initiatives, and contributing to policy development. He’ll provide real-world examples of successful collaborations that have addressed industry-wide practitioner challenges, including supply chain risks and emerging technologies, as well as limited resources within SMEs and the professionalisation of the field.
14.35
Cyber Security: As easy as ABC?
Amanda Finch (Chartered Institute of Information Security)
It is often challenging to know where to start with cyber security, and even when you have a sense of what areas need attention it can be hard to know what to do and how to get started. Recognising that this can affect organisations of different sizes across many sectors, CIISec has produced a series of practitioner-informed ‘ABC Guides’ as well as other guidance documents that seek to demystify key aspects of cyber security and provide a point from which to start the journey. This presentation looks at the role of the guides, the level of content they provide, and how they can be used to help in practice.
15.00
Refreshments and Exhibition
15.30
Responsible AI: Keeping AI safe and secure
Jon Longstaff (SAP)
The rapid adoption of AI technology has been breathtaking. However, Ai brings security challenges, both old and new. In this talk we will look at the new topic of Responsible AI and how we are tackling the latest security challenge.
15.55
Panel: A community approach to cyber security: Practical or pipedream?
Andy Cobbett (Crown Estate)
Neeshé Khan (University of Nottingham)
Rory Vorster (KryptoKloud)
Evidence shows a disparity between cyber security in larger organisations and SMEs, with smaller players often at a disadvantage in terms of understanding and resourcing the issues. However, cyber incidents affecting SMEs can still have knock-on impacts for others. To what degree can we take a more community-based approach to sharing cyber security experiences and expertise? Can larger organisations help to support those in their supply chain ecosystem? Can SMEs have a role in collectively supporting themselves?
Speakers and Panellists
Xavier Carpent
Xavier is an Assistant Professor at the University of Nottingham. He teaches computer security and algorithms/data structures modules, as well as supervising BSc, MSc and PhD students in various cyber security topics. His own academic research interests are centered around applied cryptography (that is, the use of cryptographic building blocks for designing secure systems), and include privacy, authentication, and protocols and algorithms for cybersecurity.
Joe Checketts
Joe spent 10 years coordinating a government green power scheme at one of the big utility companies, and then found his way to cyber security via the UKCSF’s cyber security training scheme in 2022. Off the back of that scheme, CEO, Emma Philpott invited him to come and work for IASME. He initially joined the Certification Technical Team and after six months began working with Head of Cyber Essentials, Neil Furminger. He was instrumental in creating the Cyber Essentials Knowledge Hub and has been closely involved with the development and delivery of the 2025 Cyber Essentials standard. In his spare time he enjoys creating music and recently celebrated the birth of his first child.
Andy Cobbett
Crown Estate
Andy is an experienced Chief Information Security Officer, with over 20 years of managing cyber risk within the Oil & Gas sector and Financial sectors. He is experienced at holding strategic responsibility for cyber security and privacy, as well as leading large complex security transformations across complex organisations. Among his many achievements Andy lead the global programme for a major international energy company to secure industrial process control systems (SCADA) and Operation Technology (OT/IoT) against cyber-attack. The transformation brought together over 400 disparate operational businesse, created a global Group-wide capability for cyber resilience and influenced a cross-industry response.
Nada El-Hammamy
Nada is a Research Manager at Ipsos UK, an independent market research agency. She has 10 years or primary research experience. Currently based within the Trade, Innovation and Enterprise team within Public Affairs, working on Government research with a focus on Cyber Security
Colin Ellis
Colin is the Managing Director of the East Midlands CRC and has been a police detective for 20 years. He has investigated serious Cyber, Fraud and Dark web criminality at local, regional and National levels, both within Policing and the National Crime Agency.
He has directly managed some of the most serious cyber crimes committed in the UK and has witnessed firsthand the devastating impact that they can cause to buisnesses.
His focus now with the East Midlands Cyber Resilience Centre is on crime prevention, helping to protect and prepare businesses against online crime, through a combination of education, training, and cyber security services.
Amanda Finch
Amanda Finch is the CEO of the Chartered Institute of Information Security (CIISec) and has specialised in Information Security management since 1991. She has always been an active contributor to the industry and for many years she has been dedicated to gaining recognition for the discipline to be recognised as a profession.
Over her career she has been engaged in all aspects of Information Security Management and takes a pragmatic approach to the application of security controls to meet business objectives. Through her work she has developed an extensive understanding of the commercial sector and its particular security needs. In her current role she works with Industry, Government and Academia, assisting all sectors in raising levels of competency and education.
Amanda has a Masters degree in Information Security, Full Membership CIISec and is a Fellow of the BCS. In 2007 she was awarded European Chief Information Security Officer of the year by Secure Computing magazine and frequently listed as one of the most influential women within the industry.
Steven Furnell
Steve is Professor of Cyber Security in the School of Computer Science at the University of Nottingham. His research interests include security management and culture, usability of security and privacy, and technologies for user authentication and intrusion detection. He has authored over 390 papers in refereed international journals and conference proceedings, as well as various books, book chapters, and industry reports. Steve is the UK representative to Technical Committee 11 (security and privacy) within the International Federation for Information Processing, and a board member of the Chartered Institute of Information Security, and a member of the Steering Group for the Cyber Security Body of Knowledge (CyBOK) and the Careers and Learning Working Group within the UK Cyber Security Council. Steve is the Principal Investigator on the CyCOS project, looking at enhancing cyber security support for small organisations.
Ram Herkanaidu
Independent Researcher
Ram Herkanaidu is an independent IT security researcher and educator with a PhD in computer science and extensive experience in the IT field as a technical support specialist, consultant, trainer, conference speaker and media spokesperson. He has created and delivered a number of courses/workshops both in a professional capacity and as a volunteer in Thailand and Russia where he took part in education camps for young people.
Neeshé Khan
Neeshé is a Research Fellow in Cyber Security in the School of Computer Science at the University of Nottingham. Her research interests include human factors in cyber security within organisational contexts through the lens of risk and safety engineering approaches. Her research investigates factors that influence unintentional insider threat to identify and limit accidental cyber security breaches, exposures and incidents. She has collaborated with higher education institutes globally, governmental bodies, private firms and worked on national level cyber security challenges concerning various aspects of the human element. Neeshé champions diversity and has engaged in interviews and TV appearances to encourage females and BAME in STEM.
Jon Longstaff
Jon has worked in the IT industry for over thirty years having started as a mainframe programmer with Boots and has worked as an Enterprise Architect, consultant, and IT manager. He joined SAP in 2022 and leads the EMEA Cloud Security and Compliance team. This is a group of security experts who work with customers across all industries looking at how SAP protects their data in cloud solutions. This includes cloud security, privacy, regulation and increasingly AI topics. He speaks for SAP on topics around Responsible AI which include AI Safety & Ethics, AI Security and AI Compliance.
Haroon Malik
Senior Security Executive
Haroon is an Industry Fellow and Senior Security Executive with over 15 years leading international teams and serving as a trusted advisor to Management boards. Haroon has spent a significant portion of his career with the Big 4 Consulting firms (Deloitte, KPMG and EY), playing a lead role in shaping and delivering security transformation programs. He is a strong believer in developing a connected, secure and safer world. Haroon enjoys coaching and mentoring, and is passionate about developing the next generation of cyber talent in schools, colleges and universities. He lives in the UK and enjoys cycling, swimming and travel.
Maria Papadaki
Dr Maria Papadaki is an Associate Professor in Cyber Security, leading the Digital Society research cluster at the Data Science Research Centre, University of Derby, UK. She has been an active researcher in the cyber security field for 20 years. Her research interests include incident response, threat intelligence, maritime cybersecurity, and human-centred security. Her research outputs include 80+ international peer-reviewed publications in this area. Dr Papadaki holds a PhD in Network Attack Classification and Automated Response, an MSc in Networks Engineering, a BSc in Software Engineering, and professional certifications in intrusion analysis and penetration testing.
Ed Parsons
Ed Parsons is Vice President for Global Markets and Member Relations at ISC2. Before joining ISC2 Ed led an international cyber security consultancy, renowned for research and technical expertise. As a cyber security professional Ed spent several years helping organisations investigate and respond to cyber threats from nation states and organised crime. He is a Certified Information Systems Security Professional (CISSP) and Chartered Cyber Security Professional.
Nicholas Poyiadgi
Nick Poyiadgi has been instrumental in delivering several high-profile, cyber-skills-related projects across the UK and EMEA. At CompTIA, he assists organisations in integrating learning solutions and certifications into their skills development pathways. As a champion for cyber skills, Nick has provided expertise to the UK Cyber Security Council, European Cyber Security Framework (ECSF), and the Cyber Role Map for Skills Development Scotland. In addition, Nick serves as a learning mentor for the multi-award-winning Cyber Ready programme, which breaks down barriers for diverse individuals to access cyber security careers.
Daniel Tremayne-Pitter
Daniel refers to himself as a ‘reformed marketer’ pushing aside the tech hype, he now leads Dark Matter to investigate the true impacts and opportunities of technology for global brands and government entities. Over the past 5 years he has travelled the world interviewing experts, academics, and business leaders on some of the sometimes-uncomfortable truths about technology and our behaviours.
Rory Vorster
Rory is a skilled cybersecurity and product leader with over a decade of experience in the tech sector. Currently Head of Product and Security Operations at KryptoKloud, he drives product strategy and business insights to safeguard organizations from cyber threats. Rory’s expertise spans global consulting, channel management, and technical consultancy, consistently delivering top-tier security solutions and exceeding expectations while building strong industry relationships.
© Copyright. All rights reserved.
We need your consent to load the translations
We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.