Attend & Schedule

Stream 1 – Penetration Testing

09:00 – 09:40   Welcome and CREST Overview, Ian Glover, President of CREST

09:45 – 10:15   Keynote – Tracy Buckingham, Deputy Director Security and Cyber Security Exports, Department of International Trade. UKDSE

Stream 2 – Threat Intelligence

09:00 – 09:40   Welcome and CREST Overview, Ian Glover, President of CREST

09:45 – 10:15   Keynote – Tracy Buckingham, Deputy Director Security and Cyber Security Exports, Department of International Trade. UKDSE

10:20 – 11:05    Intelligence-Enriched Threat Hunting and Incident Response, AON, Ana Pereu, Intelligence Consultant; Julia Buckingham, Intelligence Consultant; Alisa Wood, Digital Forensics and Incident Response Senior Consultant.

This presentation looks at the key benefits of intelligence-gathering including helping to determine an initial attack vector and point of entry; identifying indicators of compromise via proactive research and pivoting; determining attack attribution and threat actor analysis; and understanding the threat landscape in a certain industry or country overall. These details can guide and focus the threat hunter’s or IR investigator’s work on certain types of activity and indicators, making the process far more efficient and effective.

11:05 – 11:20    Coffee Break

11:20 – 12:05    TBC

12:10 – 12:55    I Can’t Get No Stakeholder Satisfaction: Optimizing Feedback in the Intelligence Lifecycle, FireEye Mandiant, Dr Jamie Collier and Rebecca Simpson

Cyber threat intelligence (CTI) can be utilised by stakeholders across an organisation, ranging from security operation centre analysts to senior leadership. This is no easy task and few CTI functions will realistically satisfy the needs of all their stakeholders from day one. With time, however, a CTI function can provide essential insight across the entire security function. Active and regular engagement with those consuming intelligence represents one of the most effective ways to increase the value of CTI. This talk will explore the role and value of feedback before offering actionable advice to help security functions optimise feedback within the intelligence cycle.

12:55 – 13:30    Lunch

13:30 – 14:15    Sponsor Slot

14:20 – 14:50    “The use of Threat Intelligence in Incident Response – a case study on how TI can help support a more effective IR process and help speed up recovery” – Bence Horvath, Leanne Salisbury, Sergiu Sechel, EY

This talk aims to present an anonymized case study the EY Team has recently worked on and to discuss the use of Threat Intelligence within the Incident Response process. They will discuss how TI can be used to – predict infection patterns, assess the possibility of re-infection and how the analysis provided by TI providers can help with containment and to accelerate recovery.  A key focus of the presentation will be a showcase on how simplifying telemetry information helped cut through the initial confusion of the early response process, and avoided the risk of forming incorrect conclusions. A demo of part of a toolset for central daily reporting and risk mitigation, and show how we pulled together information from all relevant parties (e.g. external providers, incident managers, legal, business units, technology, and 3^rd parties) to a “single source of truth”, to provide a quick, easy, flexible and visual representation of the current state to key stakeholders.

14:55 – 15:25    TBC

15:30 – 16:00    TBC

16:00 – 16:15    Coffee Break

16:15 – 16:45    ‘The Nuances of Threat Modelling Across Regions & Continents’ – Robert A. Moody, cyber threat intelligence and digital forensics expert; Brenda Zikonda, cybersecurity expert and advocate

Leveraging cultural and business perspectives gained over their careers, the challenges organizations and security teams face when performing threat modeling assessments of Multinational organizations across their operating regions. Brenda’s multinational, consulting and SME  background, as well as her cultural experience as a cybersecurity advocate in her home country of Zambia poises her to share her experiences on modeling cybersecurity threats that arise based on cultural nuances. Robert will share his perspective on how the threat landscape differs between North America, Africa, and Europe. The speakers will then pivot to discuss the best approach for security teams to identify the most relevant cyber-adversaries for their organization’s region and sector. The speakers will discuss how differing cultural beliefs as they pertain to risk can affect an organizations appetite for risk as well as their risk classifications, and selection criteria for potential attack scenarios. Lastly, the speakers will address the topic of regulations and compliance and how they shape an organization’s threat landscape.

16:50 – 17.00    Closing Address, Ian Glover, President of CREST

Stream 3  Incident Response Stream & Awareness

09:00 – 09:40    Welcome and overview: Ian Glover, President, CREST

09:45 – 10:15    Keynote: A UK Government Perspective on Cyber Security, Tracy Buckingham, Deputy Director Security and Cyber Security Exports, Department for International Trade. UKDSE

 Tracy will give the audience the perspective of someone working in central government on the UK Government’s approach to cyber security and provide some insight into the UK’s approach to cyber policy.

Tracy Buckingham joined the Ministry of Defence in 1985 and spent her early career covering a  range of roles including Assistant Private Secretary to MOD’s Permanent Under Secretary; developing the ‘Policy for People’ and developing and implementing new performance management and corporate governance regimes based on use of the Balanced Scorecard.  In 2003 she became responsible for military operations in support of the UK’s civil emergency services, and in 2006 she moved to the Defence Equipment and Support organisation where she helped to set up the Future Submarines (now Dreadnought) Programme.

Tracy joined the UKTI Defence and Security Organisation (DSO) in 2011 where she has undertaken a range of roles including leading on exports to North America, Australia and New Zealand.  She is currently a Deputy Director in DIT Defence and Security Exports leading on Security and Cyber Security Exports.