In the first of two previews of Infosecurity Europe 2023, we look at our top picks for unmissable keynote sessions across the three days of the conference, held at ExCel in London from June 20-22.
By John E. Dunn
As the pivotal cybersecurity conference in the region, every Infosecurity Europe conference is oriented to topical themes. This year is no exception, with the speaker lineup covering everything from the on-going anxiety of cyberwar, how zero trust can be made to work once it leaves the drawing board, and the never-ending puzzle of assessing supply chain risk. The following is our pick of the keynote sessions that are essential viewing this year:
Session: A Catastrophic Cyber Storm is Brewing: Catalysing Global Action to Brace for Cyber Warfare
- Day 1, keynote stage, 11:15-11:45.
- If bad people succeed when good people fall short, recent history is not encouraging. For most of the last 20 years, governments have been outmaneuvered by successive generations of cybercriminals able to exploit a lack of global cybersecurity cooperation. However, as political conflicts are mirrored in cyberspace, this is evolving. Every war from now on will be fought digitally long before a gun has been fired. The challenge is that the traditional structures of government have yet to catch up with or acknowledge this reality.
- With speakers, Jen Ellis, founder of NextJenSecurity and Fene Osakwe, member of the Forbes Technology Council.
Session: The Great Disconnect: Dire Straits of Cyber Security Standards Feeding the Hand of Cyber-criminals
- Day 1, keynote stage, 15:10 - 15:40
- The theme of this session is that global cybersecurity standards are a mess worth sorting out. Currently, a lack of consistent standards creates the sort of gaps and confusion that makes compliance a complex and almost impossible job. The industry’s reaction has been to coalesce around de-factor standards as and when they appear. However, this approach is inherently slow and limiting and is being outpaced by cybercriminal innovations. This session will look at new and emerging ways of simplifying global cyber-regulation.
- With speakers, Emma Philpott, CEO of IASME and Munawar Valiji, CISO of Trainline.
Session: Instead of Thinking out of the Box, Get Rid of the Box — Supply Chain and Third-Party Risks
- Day 2, keynote stage, 12.45-13:15
- Organizations think they know how to protect themselves, but can they protect themselves from trusted partners? This is the risk nobody thought would become as significant as it has, namely third parties an organization has limited influence or visibility on. Addressing this issue will require a new way of understanding cybersecurity. This session will consider how to create cyber-resilience across the supply chain, the role of cyber-insurance, and how to protect critical infrastructure using the principles of zero trust.
- With speakers Bridget Kenyon, CISO of Shared Serviced Connected and Barry Coatesworth, director of risk, compliance and security at Guidehouse.
Session: IoT Devices and Big Data: A Boon and a Curse
- Day 2, keynote Stage, 15:20 - 15:50
- This session will cover the practicalities of defending the growing number of IoT devices which populate networks across business and critical infrastructure. The principles sound straightforward – regular patching, assessing the security state of devices before deployment, ensuring encryption and default security are up to standard – but putting this into practice can be demanding. Meanwhile, the advent of 5G will dramatically increase IoT capability and traffic in ways that hugely expand the attack surface. This could demand the use of AI to augment decision making in a world where the meaning of the phrase real time is rapidly evolving from denoting hours or minutes to fractions of a second.
- With speaker Madelein van der Hout, senior analyst – security and risk at Forrester Research.
(ISC)² at Infosecurity Europe
This year you can find (ISC)2 at stand A41. We will have personnel on site throughout the conference to answer queries, support members and help anyone interested in certifications and professional development. A member reception will be held on day two of the conference and (ISC)2 subject matter experts will be speaking as part of the conference program. Details of both will be in the next part of the preview.
Others to watch
Session: Case Study: Attack Surface Operations
- Day 2, keynote stage, 16:05-16:35
- David Boda, Nationwide Building Society’s chief security and resilience officer will discuss how the mutual society manages it attack surface.
Session: Innovative Deception Technologies for Proactive Cyber Defence Tactics — Implementing Guidelines
- Day 2, keynote Stage, 16:50 - 17:20
- The use of deception as a form of defense is now new but its time might have come. Defending Active Directory from ransomware, using decoys to protect critical data, turning the tables by social engineering attackers.
- With speakers, Lewis Woodcock, Head of cyber operations and global cyber defence at A.P. Møller – Mærsk and Erhan Temurkan, technology and security director at Fleet Mortgages.
Session: Will AI Open a Backdoor to Your Organisation that Attackers Can Use?
- Day 1, Strategy Talks, 12:15 - 12:40
- Dig deeper into the benefits and possible weaknesses of AI as a cyber-defense.
- With speaker, Jack Chapman, vice president of threat intelligence at Egress