Amanda Finch
CEO
Chartered Institute of Information Security

Amanda Finch is the CEO of the Chartered Institute of Information Security and has specialised in Information Security management since 1991. She has always been an active contributor to the industry and for many years she has been dedicated to gaining recognition for the discipline to be recognised as a profession. Over her career she has been engaged in all aspects of Information Security Management and takes a pragmatic approach to the application of security controls to meet business objectives. Through her work she has developed an extensive understanding of the commercial sector and its particular security needs. In her current role she works with Industry, Government and Academia, assisting all sectors in raising levels of competency and education.

Amanda has worked within the retail and banking sectors as well as with the Information Security Forum. She has a Masters degree in Information Security, holds Full Membership of CIISec with Founder status and is a Fellow of the BCS. In 2007 she was awarded European Chief Information Security Officer of the year by Secure Computing magazine and frequently listed as one of the most influential women within the industry.

How to Best Manage your Career

A look at how the profession and skills requirements have been evolving, how organisations are meeting the skills deficit and more importantly, what you should be thinking about to take charge and frame your own career development.

Professor Steven Furnell
Professor of Information Security
University of Plymouth

Steven Furnell is a professor of information security and leads the Centre for Security, Communications & Network Research at the University of Plymouth. He is also an Adjunct Professor with Edith Cowan University in Western Australia and an Honorary Professor with Nelson Mandela University in South Africa. His research interests include usability of security and privacy, security management and culture, and technologies for user authentication and intrusion detection. He has authored over 320 papers in refereed international journals and conference proceedings, as well as books including Cybercrime: Vandalizing the Information Society and Computer Insecurity: Risking the System. Prof. Furnell is the current Chair of Technical Committee 11 (security and privacy) within the International Federation for Information Processing, and a member of related working groups on security management, security education, and human aspects of security. He is also a board member of the Chartered Institute of Information Security and chairs the academic partnership committee and southwest branch.

Cyber Skills... and what they look like

This presentation considers where we are going as a profession and what we need for the future. The discussion will consider the current state of cyber security skills, including how we recognise them, whether we have them and how this positions us for the future.

Federico Charosky
Managing Director
Quorum Cyber

Federico is a Cyber Security executive with 20 years of experience, specialised in cyber security risk management, strategy creation and deployment, and security operations.

Federico is Managing Director of Quorum Cyber; with headquarters in Edinburgh, Quorum Cyber provides managed cyber defence services for customers across multiple industries.

Previous roles include VP Group Head of Security Projects at a Middle Eastern bank, Head of Consulting and Company Director for a UK cyber security firm, and Senior Advisor for several FTSE100 companies.

Rory Alsop
Head of Technoloy & Cyber Risk
HSBC

Rory Alsop, F.CIISec, CRISC, CIPM, CISM, C|CISO has been heavily involved in information security and risk since last century, building security teams for Ernst & Young and PwC in Scotland, as well as founding two security consultancies. In addition to his role as Head of Technology and Cyber Risk at a global bank, he is currently a member of the Board of the Information Security Forum, Chair of the Scottish branch of CIISec, a Past President of ISACA Scotland and a member of the National Cyber Resilience Advisory Board.

He is a security mentor and evangelist, hosting security events across Scotland, as well as co-founding the B-Sides Scotland community security conferences, moderating the Security Stack Exchange Q&A site and being a Defcon SOC Goon.

You are the future of cyber security
I will outline things you, as the next generation of cyber talent, can do to help you have a successful entry to the industry, and to help grow Scotland as a centre of excellence in infosec and risk. I'll look at expectations and reality, industry and community, with a helping of experiences from my career so far.

Harry McLaren
Product Lead
Adarma

Multi-award-winning cybersecurity professional whose attention to problem-solving, building relationships and supporting the community has guided him to his current role as a Product Lead for Adarma. Focused on building lasting products which enable customers to understand risk, map threats and build capabilities to defend against adversaries. His specialities include big data, security operations and is currently an industry representative for Skills Development Scotland, ScotlandIS and a reviewer for the Journal of Cyber Security Technology. He is also the co-founder of Cyber Scotland Connect and welcomes anyone to join this awesome community! Keen climber, sailor and consumer of craft IPAs!

Becoming a Defender: Common Security Roles & Fundamental Competencies
This session will outline common roles for cyber defenders, including areas like Security Operations, Engineering and Consultancy. It will focus on the fundamental competencies (skills/behaviours) expected of entry level applicants getting into cybersecurity and how to build yourself into a confident professional working to defend your employer and their customers.

Owanate Bestman
Head of Interim Information and Cyber Security
Barclay Simpson

Owanate spent 15 years recruiting Technology and Operational Risk specialists, during which he was successful in staffing a number of high profile banking regulatory programmes.

Owanate has spent the last 7 years recruiting specifically in the Cyber Security field and has secured individuals and teams that meet specific technical and/ or leadership requirements for some of the world’s largest companies, to the mutual benefit of individuals’ career progression and the needs of the company.

Today, he advises CISO’s, Heads of Security and HR on hiring trends, market movements, and of course staffing needs. Working with technical security specialists and non-technical security specialists - Owanate assists professionals throughout the entire security spectrum.

Paul Livingstone
Constable
Police Scotland

PC Paul Livingstone has been a police officer for 14 years, and is an Associate Member of the Chartered Institute of Information Security.

Paul, has carried out a number of policing duties, including uniform response and community policing, as well as CID and Intelligence Officer roles.

For the past 8 years, Paul has been engaged in Communication and Internet based investigations with Police Scotland and partner agencies, including a 3 year secondment to the National Crime Agency (NCA) in London. This has included investigations relating to Serious & Organised Crime, Counter-Terrorism and Public Protection.

Paul is currently part of Police Scotland’s Safer Communities - Cyber Harm Prevention Team.
Safer Communities is the Force lead for cyber-crime prevention / internet safety and co-ordinates cyber-crime prevention activities in partnership with key internal and external partners.

Bill Buchanan is a Professor in the School of Computing at Edinburgh Napier University, and a Fellow of the BCS and the IET. He was appointed an Officer of the Order of the British Empire (OBE) in the 2017 Birthday Honours for services to cyber security. Currently he leads the Centre for Distributed Computing, Networks, and Security and The Cyber Academy (http://thecyberacademy.org). Bill has also published 28 academic books and over 250 academic papers.

He has been named as one of the Top 100 people for Technology in Scotland since 2012, winner of the “Cyber Evangelist of the Year” at the Scottish Cyber Awards 2016 and was also included in the FutureScot 2016 “Top 50 Scottish Tech People Who Are Changing The World”. His expertise includes security, next generation user interfaces, Web-based infrastructures, e-Crime, intrusion detection systems, digital forensics, e-Health, mobile computing, agent-based systems, and simulation.

Dr Jamie Graves
Vice President, Product Management - Security Analytics
Fortinet

Jamie is a data security and enterprise software entrepreneur and is the CEO at ZoneFox. He attended the prestigious Ignite course at Cambridge University’s Judge Business School, and the Entrepreneur Development Programme at MIT.

Jamie has a PhD in Computer Science, extensive security and digital forensics experience and was recently recognised as the 'Champion of Champions' at the inaugural Scottish Cyber Security awards for his contribution to the industry.

Lessons from growing a tech start-up

Jamie founded ZoneFox in 2010 after spinning it out of Edinburgh Napier University where he invented the background technology during his PhD. ZoneFox helped customers across the globe to protect their intellectual property from theft, and was acquired by Fortinet in October 2018. 

In this talk he'll cover some of the lesson he learned from starting, growing and exiting a cyber security technology company.

Magda de Jager
Cyber Security Manager
Scott-Moncrieff

Magda is an experienced information security specialist, with a focus on risk management and a special interest in privacy. She has a background in finance and internal audit, and is a professional member of the Institute of Internal Auditors and ISACA. She completed a Post(Dip) in Information Security through Royal Holloway (University of London).

Magda is passionate about developing people, as a manager and as a mentor. She is particularly interested in women in technology and often attend conferences, meetups and workshops.