On 30 October 2024 we hosted a free one-day conference and exhibition, aiming to help organisations in the East Midlands region to better understand cyber security and provide support in addressing key issues. The event was hosted by the University of Nottingham, with support from the CyCOS project.
The programme included talks and panel sessions involving a wide range of cyber security experts, from the East Midlands and beyond. Topics included:
The event also included an exhibition and extensive networking opportunities, with a chance to discuss issues, seek advice, and learn about what is on offer from the profession and from academic research.
See below for full details of the agenda and speakers.
The Cyber Security Breaches Survey is an annual research study for the UK government that is primarily used to inform government policy on cyber security. The study explores the policies, processes and approach to cyber security, for businesses, charities and educational institutions. It also considers the different cyber attacks and cyber crimes these organisations face, as well as how these organisations are impacts and respond. The presentation highlighted the key findings of the 2024 research.
Cyber Essentials is a Government-backed security certificate which aims to protect organisations against the most common cyber attacks. The scheme has been running since 2014 and as well as providing a good baseline level of security, a Cyber Essentials certificate is a requirement when bidding for public sector work It consists of a set of technical controls which can be applied to any organisation to improve security posture. The presentation outlined purposes of the scheme and the controls used along with the reasons they are important for preventing opportunistic and automated attacks.
Cyber Security has become a critical issue for organisations around the world. As the cyber threat landscape evolves, cyber security must be treated as Board level risk, rather than an IT issue. In this brief talk, Haroon discussed why 'Cyber' has become critical issue at Board level. He also discussed his experiences on how best to communicate the cyber security message to Executive Teams.
Steve examined the challenges that can be faced when trying to understand the landscape of cyber security skills and how these can support different cyber roles. The cyber sector is awash with different qualifications and certifications, and while all can have a valid part to play, it can be difficult to work out what is relevant to support a particular cyber role. Moreover, the roles themselves are often categorised in different ways, posing another potential barrier to working out what is actually needed.
While there are plenty of voices to suggest that organisations need to address cyber security, one of the fundamental challenges can often be a lack of skills to do so, or a lack of understanding of what skills are needed. This panel session discussed the situation, considering issues such as: the reality of the skills shortage, how to know what you need, what is being done to increase the pipeline of cyber professionals, and where support can be found if you don’t already have it.
An overview of the online threats to UK SMEs and why securing every SME is integral to our nation’s financial health and security. The session discusses how the combined efforts of Policing, Academia and Business come together through regional Cyber Resilience Centres to deliver professional and affordable help and services to SMEs.
In today’s increasingly interconnected digital landscape, the threat of cyberattacks is a growing concern for all sectors—public and private alike. According to the ISC2 2024 Workforce Study, 74% of cybersecurity professionals report that the current threat landscape is the most challenging it has been in the last five years. However, no single organisation or industry can tackle these threats in isolation, highlighting the urgent need for new approaches to cyber resilience and growth in the field.
In this session, Ed Parsons, VP at ISC2, highlighted the pivotal role of the third sector in enhancing the UK’s cybersecurity posture, particularly through engaging diverse communities, promoting education and awareness initiatives, and contributing to policy development. He provided real-world examples of successful collaborations that have addressed industry-wide practitioner challenges, including supply chain risks and emerging technologies, as well as limited resources within SMEs and the professionalisation of the field.
It is often challenging to know where to start with cyber security, and even when you have a sense of what areas need attention it can be hard to know what to do and how to get started. Recognising that this can affect organisations of different sizes across many sectors, CIISec has produced a series of practitioner-informed ‘ABC Guides’ as well as other guidance documents that seek to demystify key aspects of cyber security and provide a point from which to start the journey. This presentation looked at the role of the guides, the level of content they provide, and how they can be used to help in practice.
The rapid adoption of AI technology has been breathtaking. However, Ai brings security challenges, both old and new. In this talk, Jon looked at the new topic of Responsible AI and how we are tackling the latest security challenge.
Evidence shows a disparity between cyber security in larger organisations and SMEs, with smaller players often at a disadvantage in terms of understanding and resourcing the issues. However, cyber incidents affecting SMEs can still have knock-on impacts for others. To what degree can we take a more community-based approach to sharing cyber security experiences and expertise? Can larger organisations help to support those in their supply chain ecosystem? Can SMEs have a role in collectively supporting themselves?
Xavier is an Assistant Professor at the University of Nottingham. He teaches computer security and algorithms/data structures modules, as well as supervising BSc, MSc and PhD students in various cyber security topics. His own academic research interests are centered around applied cryptography (that is, the use of cryptographic building blocks for designing secure systems), and include privacy, authentication, and protocols and algorithms for cybersecurity.
Joe spent 10 years coordinating a government green power scheme at one of the big utility companies, and then found his way to cyber security via the UKCSF’s cyber security training scheme in 2022. Off the back of that scheme, CEO, Emma Philpott invited him to come and work for IASME. He initially joined the Certification Technical Team and after six months began working with Head of Cyber Essentials, Neil Furminger. He was instrumental in creating the Cyber Essentials Knowledge Hub and has been closely involved with the development and delivery of the 2025 Cyber Essentials standard. In his spare time he enjoys creating music and recently celebrated the birth of his first child.
Andy is an experienced Chief Information Security Officer, with over 20 years of managing cyber risk within the Oil & Gas sector and Financial sectors. He is experienced at holding strategic responsibility for cyber security and privacy, as well as leading large complex security transformations across complex organisations. Among his many achievements Andy lead the global programme for a major international energy company to secure industrial process control systems (SCADA) and Operation Technology (OT/IoT) against cyber-attack. The transformation brought together over 400 disparate operational businesse, created a global Group-wide capability for cyber resilience and influenced a cross-industry response.
Nada is a Research Manager at Ipsos UK, an independent market research agency. She has 10 years or primary research experience. Currently based within the Trade, Innovation and Enterprise team within Public Affairs, working on Government research with a focus on Cyber Security
Colin is the Managing Director of the East Midlands CRC and has been a police detective for 20 years. He has investigated serious Cyber, Fraud and Dark web criminality at local, regional and National levels, both within Policing and the National Crime Agency.
He has directly managed some of the most serious cyber crimes committed in the UK and has witnessed firsthand the devastating impact that they can cause to businesses.
His focus now with the East Midlands Cyber Resilience Centre is on crime prevention, helping to protect and prepare businesses against online crime, through a combination of education, training, and cyber security services.
Amanda Finch is the CEO of the Chartered Institute of Information Security (CIISec) and has specialised in Information Security management since 1991. She has always been an active contributor to the industry and for many years she has been dedicated to gaining recognition for the discipline to be recognised as a profession.
Over her career she has been engaged in all aspects of Information Security Management and takes a pragmatic approach to the application of security controls to meet business objectives. Through her work she has developed an extensive understanding of the commercial sector and its particular security needs. In her current role she works with Industry, Government and Academia, assisting all sectors in raising levels of competency and education.
Amanda has a Masters degree in Information Security, Full Membership CIISec and is a Fellow of the BCS. In 2007 she was awarded European Chief Information Security Officer of the year by Secure Computing magazine and frequently listed as one of the most influential women within the industry.
Steve is Professor of Cyber Security in the School of Computer Science at the University of Nottingham. His research interests include security management and culture, usability of security and privacy, and technologies for user authentication and intrusion detection. He has authored over 390 papers in refereed international journals and conference proceedings, as well as various books, book chapters, and industry reports. Steve is the UK representative to Technical Committee 11 (security and privacy) within the International Federation for Information Processing, and a board member of the Chartered Institute of Information Security, and a member of the Steering Group for the Cyber Security Body of Knowledge (CyBOK) and the Careers and Learning Working Group within the UK Cyber Security Council. Steve is the Principal Investigator on the CyCOS project, looking at enhancing cyber security support for small organisations.
Ram Herkanaidu is an independent IT security researcher and educator with a PhD in computer science and extensive experience in the IT field as a technical support specialist, consultant, trainer, conference speaker and media spokesperson. He has created and delivered a number of courses/workshops both in a professional capacity and as a volunteer in Thailand and Russia where he took part in education camps for young people.
Neeshé is a Research Fellow in Cyber Security in the School of Computer Science at the University of Nottingham. Her research interests include human factors in cyber security within organisational contexts through the lens of risk and safety engineering approaches. Her research investigates factors that influence unintentional insider threat to identify and limit accidental cyber security breaches, exposures and incidents. She has collaborated with higher education institutes globally, governmental bodies, private firms and worked on national level cyber security challenges concerning various aspects of the human element. Neeshé champions diversity and has engaged in interviews and TV appearances to encourage females and BAME in STEM.
Jon has worked in the IT industry for over thirty years having started as a mainframe programmer with Boots and has worked as an Enterprise Architect, consultant, and IT manager. He joined SAP in 2022 and leads the EMEA Cloud Security and Compliance team. This is a group of security experts who work with customers across all industries looking at how SAP protects their data in cloud solutions. This includes cloud security, privacy, regulation and increasingly AI topics. He speaks for SAP on topics around Responsible AI which include AI Safety & Ethics, AI Security and AI Compliance.
Haroon is an Industry Fellow and Senior Security Executive with over 15 years leading international teams and serving as a trusted advisor to Management boards. Haroon has spent a significant portion of his career with the Big 4 Consulting firms (Deloitte, KPMG and EY), playing a lead role in shaping and delivering security transformation programs. He is a strong believer in developing a connected, secure and safer world. Haroon enjoys coaching and mentoring, and is passionate about developing the next generation of cyber talent in schools, colleges and universities. He lives in the UK and enjoys cycling, swimming and travel.
Dr Maria Papadaki is an Associate Professor in Cyber Security, leading the Digital Society research cluster at the Data Science Research Centre, University of Derby, UK. She has been an active researcher in the cyber security field for 20 years. Her research interests include incident response, threat intelligence, maritime cybersecurity, and human-centred security. Her research outputs include 80+ international peer-reviewed publications in this area. Dr Papadaki holds a PhD in Network Attack Classification and Automated Response, an MSc in Networks Engineering, a BSc in Software Engineering, and professional certifications in intrusion analysis and penetration testing.
Ed Parsons is Vice President for Global Markets and Member Relations at ISC2. Before joining ISC2 Ed led an international cyber security consultancy, renowned for research and technical expertise. As a cyber security professional Ed spent several years helping organisations investigate and respond to cyber threats from nation states and organised crime. He is a Certified Information Systems Security Professional (CISSP) and Chartered Cyber Security Professional.
Nick Poyiadgi has been instrumental in delivering several high-profile, cyber-skills-related projects across the UK and EMEA. At CompTIA, he assists organisations in integrating learning solutions and certifications into their skills development pathways. As a champion for cyber skills, Nick has provided expertise to the UK Cyber Security Council, European Cyber Security Framework (ECSF), and the Cyber Role Map for Skills Development Scotland. In addition, Nick serves as a learning mentor for the multi-award-winning Cyber Ready programme, which breaks down barriers for diverse individuals to access cyber security careers.
We need your consent to load the translations
We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.