RANT Radio - Adversarial Debate: The Role of InfoSec in the Remote World

If you are sat eyeballing the latest machine learning tool wondering if it can automate you into a job in retail, you are not alone.

Increased attacks and black swan induced digital transformation mean life in the SOC is now all about one thing: fast judgements on lots of attacks. This often leads to the obvious conclusion: more automation. Does this mean front-line teams are no longer relevant? What do humans bring that automation never can?

// Speaker Panel:
- Charlie Timblin - Vice President Cyber Strategy & Transformation at Refinitiv
- Rebecca McKeown - Chartered Psychologist and Director of Mind Science Ltd
- David Calder - Chief Product Officer at Adarma Ltd
- James Hanlon - Director, Security Specialization & Advisory, EMEA at Splunk Inc

As security continues its rise towards being a more strategic business function, we need to remember front-line teams. Working hard identifying, analysing and mitigating threats is challenging but vital work. Being on the sharp end of an endless barrage not only decreases effectiveness but impacts mental health and team culture.

Yet despite all their efforts, mean time to identify a security breach is still 197 days, and containment another 69. The reality is that with the current reactive approaches to cyber defence, there simply aren’t enough skilled professionals to analyse the volume of incidents that most organisations face. With limited resources, an ever-growing skills gap and an escalating volume of security alerts, organisations are left vulnerable to what is perceived to be unavoidable risk. This environment is demanding more of already resource-constrained CISOs.

So how can they further minimise risk from cyber threats without further increasing the workload?

/Agenda:/

17:00 - 17:10 Welcome Note and Introductions
17:10 - 17:45 Panel Discussion Begins
Speakers:
- Phil Davies - Director at Distilled Security
- Swati Singh - Head of Business Information Security at Close Brothers
- Jan Tietze - Director of Security Strategy, EMEA at SentinelOne
17:45 - 17:55 Closing Comments
17:55 - 18:00 Event Close
18:00 - 18:30 Continued Discussion on RANT's Virtual Pub - The Isolation Arms (Find a link in the attachments below)

/About our sponsor SentinelOne:/

SentinelOne is the only cybersecurity solution encompassing AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads and IoT devices in a single autonomous platform.

SentinelOne provides full transparency into everything happening across the network at machine speed – defeating every attack, at every stage of the threat lifecycle.

Join our outstanding panel of speakers as they discuss something that seems to be on a lot of peoples minds throughout lockdown; What more could I do to further my career? This could mean exploring an abundance of certifications, join a working group perhaps or take more training courses. We will delve into the world of compliance vs security and understand just how certain certifications are perceived by CISOs.

Our panelists will be covering:
- Certifications and the importance of standards
- Compliance vs security
- Audit vs compliance
- Shared responsibility model
- Maturity matrix - Evolution of roadmap to migrate securely to Cloud
- Buys vs build - when to buy externally or build internally
- How CSA resources have been or can be best used by CISOs
- Advantages of joining CSA
- CSA publications & active working groups

Speaker Panel:
- Francesco Cipollone- Chair CSA UK, Director NSC42 - Moderator of event
- Bob Rodger - CISO, Bank of N.T Butterfield group
- Chris Hodson - CISO, Tanium
- Jim Reavis - Co-founder and Chief Executive Officer, CSA
- Paul Simmonds - CEO of the Global Identity Foundation

Joining RANT again after far too long writing a book, we’ve got a great guest star speaker returning to the airwaves.

Our co-host for this 80s style radio show will be your well-known Geoff White who is an investigative journalist covering technology for BBC News, Channel 4 News, Audible, Forbes online and many others. His book based on cybercrime ‘Crime Dot Com’ covers full gamut, from Cold War-era fraudsters to today’s vote riggers. It will be published on 10th August 2020 and the whole RANT Community will be given a unique discount for pre-orders.

Key topics include:
- Tracking down the author of the LoveBug virus to a Filipino mark 20 yrs after he disappeared

- The raid on Bangladesh Bank that allegedly netted North Korea $81m

- Disinformation, hacking and journalism – the intersection between media and hackers and how that’s played out (there’s an interesting tale around coronavirus and Ukraine here)

- Evolution of the dark web towards encrypted apps

- Energy sector hacking (also a good story about Ukraine, but starting to happen in UK too)

- How cybercrime has responded to coronavirus

Crack open a beer for a tongue in cheek experience with live commentary from your peers and a very insightful discussion!

RANT has teamed up with Digital Shadows to try answer a number of cybersecurity related questions while raising money for Barnardo’s. This is not a webinar, but a chance to discuss big questions with big personalities, while hearing from genuinely interesting speakers.

Agenda:

16:00 - 16:10 BST- Welcome Note
- Tom Odams- RANT Events
- James Chappell- Co-Founder & Chief Innovation Officer, Digital Shadows

16:10 - 16:50 BST- First Panel Discussion:People of the dark web: A Digital Shadows researcher lifts the lid on the people, dramas and latest communities growing in popularity on the dark web – with a big picture perspective provided by an end-user and cyber academic.
- Becky Pinkard- CISO, Aldermore Bank PLC
- Rob Black - Deputy Director, National Cyber Deception Laboratory
- Kacey C.- Threat Researcher, Digital Shadows

16:50 - 17:30 BST- Second Panel Discussion:The psychology of being on the front lines – with a psychologist, CISO and SOC manager talking about the mental health impacts of working in a fast-advancing ‘always-on’ space.
- Thom Langford- Founder, (TL)2 Security
- Ros Taylor- CEO & Founder, RTC Leadership & Coaching
- Rick Holland- CISO & VP Strategy, Digital Shadows

17:30 - 17:45 BST- 15-minute talk: Fire questions at the someone who kicked down doors for a living: One-to-many interviews with an ex soldier talking about their history and career in cyber following it.
- Trevor Reschke- Head of Threat Intelligence, Trusted Knight

17:45 - 18:00 BST- Event Close: Final comments and continued discussion on RANT’s virtual pub – The Isolation Arms

The idea of Zero Days are pretty, but it’s distracting you from the real threats to your newly mobile workforce. This RANT event gives you the red team’s view on the world’s suddenly scattered perimeter….

The talk will highlight common misconfigurations and gaps in cloud working tools such as Microsoft 365, as well as covering the social engineering techniques used to help trick employees and get on the inside.

Speaker Panel:
- Solomon Gilbert- CEO & Head of Security Division, Ferox Security LTD
- Nish Gopal - Director of Governance, Risk and Compliance OmniCyber Security
- Ed Williams- Director SpiderLabs EMEA, Trustwave

Join us and Trustwave for another memorable RANT Radio Show! Grab a glass of wine and your RANT spirit, put your feet up, and join us for an engaging discussion with Trustwave. We will be donating £5.17 (the average cost of a beer in the City) to the Trussell Trust food banks for every person who joins us for the event. They are in need of our support at this time, more than ever. https://www.trusselltrust.org/

* Responsible investing in the cybersecurity space. Are cyber VCs starting to
factor the positive impact of the companies they invest in when deciding who should be the Tripwire’s of tomorrow?
Speaker:
- Maria Lewis Kussmaul - Head of Cyber Security Investment Banking Practice

15-minute Talk: What is it like to be on the sharp end of the industry’s famous ‘transparency’
- Arthur Barnes - Director of Security Operations at Software Company

Second Panel Discussion: Did the current crisis just redefine what comprises front line critical
national infrastructure from a cybersecurity point of view?

Speaker Panel:
- Cevn Vibert - CA Senior Cyber Compliance Manager, Public Sector
- Morgan Phillips - Global Manager of IT Risk Management, A Global Retailer
- Dean Ferrando – Lead Systems Engineer, Tripwire

This entire RANT Event will be dedicated on the ever-changing cybersecurity issues in this evolving world and on increasing the support for the British nurses through The Cavel Nurses Trust!

* Welcome Note:
- Tom Odams, RANT
- Cary Gibbs – Regional Director UK and DACH, Tripwire

* First panel discussion: The roots of cybersecurity: Altruism, community and collaboration
Speakers:
- Danny Dresner - Professor of Cybersecurity, University of Manchester
- Tee Patel - vCISO, Thought Leader, Keynote Speaker
- Paul Edon - Director of International Services, Tripwire

Ask anyone in cybersecurity about deception technology and one of the first words may use is ‘clever’. Throwing up near-infinite digital lures to appeal to an attacker is not simple. This RANT Radio show seeks to understand how the technology is rooted in military history, asking ex-servicepeople for their opinions on the technique. It will also dig into how forward-thinking organisations are using deception tech for a range of innovative approaches, including trapping malicious insiders and preventing SOC Teams from burning out.

Speaker Panel:
- Rob Black- Deputy Director, National Cyber Deception Laboratory
- Ivan Foreman- VP Sales EMEA, Illusive Networks

Join us for our very own RANT Radio Shows! Grab a glass of wine and your RANT spirit, put your feet up, and join us for an engaging discussion. We will be donating £5.17 (the average cost of a beer in the City) to the Trussell Trust food banks for every person who joins us for the event. They are in need of our support at this time, more than ever. https://www.trusselltrust.org/

Panel Discussion - Deception technology: more than just hoodwinking hackers

IAM (Identity Access Management) has been on most organisations priority lists, however with Active Directory playing a core part in IAM solutions, it can be argued that none are actually securing Active Directory.

Join us for our very own RANT Radio Shows! Grab a glass of wine and your RANT spirit, put your feet up, and join us for an engaging discussion. We will be donating £5.17 (the average cost of a beer in the City) to the Trussell Trust food banks for every person who joins us for the event. They are in need of our support at this time, more than ever. https://www.trusselltrust.org/

Join us for our very own RANT Radio Show in partnership with CloudHealth! Grab a glass of wine and your RANT spirit, put your feet up, and join us for an engaging discussion. We will be donating £5.17 (the average cost of a beer in the City) to the Trussell Trust food banks for every person who joins us for the event. They are in need of our support at this time, more than ever. https://www.trusselltrust.org/

As the world of remote work has become the norm, at least temporarily, the role of information security will either be the remote saviour or lockdown police.


With video conference risks, phishing upticks, and general “digital” risks, employees need to be safeguarded. But at what cost?



Join this discussion with a drink in hand. But, please, let’s try to keep the “security as an enabler” references to a minimum. Join us for our very own RANT Radio Shows! Grab a glass of wine and your RANT spirit, put your feet up, and join us for an engaging discussion with Digital Shadows. We will be donating £5.17 (the average cost of a beer in the City) to the Trussell Trust food banks for every person who joins us for the event. They are in need of our support at this time, more than ever. https://www.trusselltrust.org/

Even if your business has an incident response plan there’s a risk that it’s been filed away for a rainy day. But when that rainy day is actually a hurricane-force storm that means you’re struck by lightning and everything catches fire there’s a chance that we’d all wish we were a bit more familiar with how we’re supposed to respond.

So what are the best ways to make that happen? Can actual cyber crises really be prepared for? Who should be involved in making sure that businesses are both ready and resilient enough to carry on in the event of ransomware, a spear-phishing attack, or a data breach?

So, pour yourself a drink, pull up a stool and join Chris Pace & RANT Host Tom Odams for what promises to be an interactive, fun and informative discussion.

The story of Ted Bundy, Harley Street and the UK’s most prolific cybercriminal

The classic cyber security architecture relies on gathering huge amounts of information and using expensive technology and even more expensive people to find the occasional needle in digital haystacks. This cannot scale to match the exponential growth of tomorrow’s problems. There has to be another approach. Will today’s users be tomorrow’s knights in shining armour?

Deception has long been used in the physical realm to great success, especially by strategic thinking military commanders to win complex battles. During this talk, we’ll discuss some of the great applications of deception over the millennia in battles and how it’s become a common part of warfare. Today the cyber realm is also a domain that militaries acknowledge they must fight and defend to protect their countries. We’ll discuss how the fight though isn’t limited to militaries in the cyber domain and that CISOs have a globally interconnected enterprise that’s also under continuous attack from nation-states, organized crime, and other malicious actors. We’ll discuss how deception is broadly applicable in the cyber realm and how it can help CISOs be more strategic in their approach to help win battles against their adversaries.

The use of the knowledge and understanding of natural sciences, in particular the human body, applied to computer security is an appealing concept for two reasons. Firstly, the human immune system provides the human body with a high level of protection from invading pathogens, in a robust, self-organised and distributed manner. Secondly, current techniques used in computer security are not able to cope with the dynamic and increasingly complex cyber threat landscape of computer systems. It is hoped that biologically inspired approaches in this area, including, but not limited, to the use of immune-based systems will be able to meet this challenge.

Join this webinar to understand more about these ideas to further foster the need to design and develop naturally inspired and sustainable protection and defence systems.