Cyber Symposium: Risks, Opportunities and Education
Thursday, 8 January 2015 from 09:00 to 16:30 (GMT)
San Francisco, California
London, United Kingdom
Aim and Scope of Symposium
This symposium aims to bring together knowledge from many different domains in order to create knowledge exchange and collaborative infrastructures, which address the key cyber risks that Scotland and the UK faces. Key focal points are:
- Education and Training within Cyber Education.
- Cybercrime Risks, Malware Analysis/Detection and Fraud.
- Security Data Gathering and Analytics.
- Cyber Risks, Resilience and Failover.
- Governance, auditability and accountability in the Cloud.
- Information Sharing across the Public and Private Sector.
- Critical Infrastructure and First Response.
- Real-time Analytics on Risks.
- Risks to privacy and identity theft.
There will be a special focus on key areas such as the skills gap in cyber education, law enforcement training, and in the provision of a range of training infrastuctures. The work is supported within the DFET EU project, which aims to train security professionals in key areas of malware, fraud and related areas.
Programme Draft (subject to change)
Refreshments available on arrival from 08:50
Session 1: Threat Landscape (09:20 to 11:00)
- Welcome and opening address, Professor Bill Buchanan, School of Computing, Edinburgh Napier University.
- Tackling cybercrime in the UK, Andy Archibald, Head of the National Cyber Crime Unit, National Crime Agency (UK)
- ISACA’s response to the threat: what are the challenges, what are we doing, what can you do? James Kwaan, ISACA
- Cyber Security – Art or Engineering?, David Calder – Security Managing Director of ECS Security
Session 2: Cyber Education (11:30 to 13:00)
- EDUFORS - a cloud-based platform for educational training in digital forensics, Professor Borka Jerman Blažič and Primoz Cigoj, Jožef Stefan Institute, Slovenia
- The Cybercrime Centres of Excellence Network for Training, Research and Education - current status, Cormac Callanan, CEO of Aconite Internet Solutions
- Gamification / gaming science, Jason McClay, G2G3
Session 3: Business Threats and Opportunities (14:00 to 15:00)
- Is business listening to cyber risk? Mandy Haeburn-Little, Director, Scottish Business Resilience Centre
- Evaluating cyber risk – why are we so bad at it?, Neil Anderson, Farrpoint
Session 4: Cyber Threats (15:30 to 17:00)
- Policing priorities - the change from an analogue to a digital society, Detective Superintendent Steven Wilson, Specialist Crime Division, Police Scotland
- The cyber risk landscape, Don Smith, Technology Director, Dell SecureWorks
- Cyber attacks – the price of doing business in the digital world? David Ferbrache OBE, Special Advisor Cyber Security, KPMG (UK)
The Symposium is sponsored by:
Farrpoint. Farrpoint provide services that cover all aspects of IT networking from strategic consultation, solution design and specification to sourcing, implementation and technology reviews and work with a variety of clients from across both the private and public sectors. The have been a strategic partner to the public sector in Scotland for many years, and are now involved in the development of SWAN. www.farrpoint.com
G2G3. G2G3 develops and licenses Simulation, Serious Gaming and Gamification technologies that drive learning, communications and benefit realization for enterprises. They have significant experience in developing and deploying contextual simulations for global enterprises, offering highly-interactive and immersive business experiences which create a holistic understanding of transformation and immediate realization of the benefits that best practices and technologies can offer organizations. This unique experiential learning approach uses gaming dynamics to mirror interactions between IT and the business, from both a strategic and operational perspective. G2G3 leverage Serious Games to ‘bring to life’ potentially complex concepts such as cloud, virtualization, transformation, ITIL and more, for the purposes of awareness, orientation, education and marketing. The virtual nature of serious games can provide an exciting way to communicate content, perform training, model infrastructures, visualize processes and much more. www.g2g3.com
ECS. Founded in 2008, ECS has quickly established itself as a fast growing IT consultancy and services company for enterprise clients. With a relentless focus on service quality and delivery that customers trust and depend upon, the company has experienced rapid and profitable growth year-on-year. ECS clients receive outstanding service with a personal touch, blending a positive customer experience with the expertise and professionalism that delivers remarkable value to some of the biggest, most demanding and heavily regulated businesses. www.ecs.co.uk
Prof.Borka Jerman-Blažič is a full professor at the University of Ljubljana, Department of Economics and is heading the Laboratory for Open Systems and Networks at Jožef Stefan Institute. The Laboratory under her leadership has been involved more than twenty years in European Union Framework Program projects in the area of ICT and security. Borka Jerman-Blažič is holding MSc in “Electrical Engineering” from University of Ljubljana and a PhD in “Natural and Computing Sciences” from University of Zagreb. She has spent her postdoctoral study at Iowa State University, Ames, USA and has worked as a project development officer for TERENA – The European Association of Academic and Research Networks. Currently she works as advisor to the Information Security Unite of Stockholm University, Department of Systems and Computer Science. At the University of Ljubljana she is teaching undergraduate courses in “Electronic Communications” and “Information Security” as a full professor.
Jason McClay, Head of Operations is Head of Operations with the Edinburgh based G2G3 Group and has been with the company since 2001. The G2G3 product portfolio includes G2G3’s Simulations, Serious Games and Gamification capabilities. He has designed experiential learning simulations for many of the world’s leading Enterprise Management Vendors including Microsoft, IBM, CA and HP. In addition, he has facilitated simulation events to blue chip clients attempting to drive organizational change through best practice process adoption including MOF, ITIL, PMBoK & BS25999. Prior to joining G2G3 Jason served a short career commission with the Royal Marines, leaving with the rank of Captain.
Andy Archibald is a Deputy Director within the National Crime Agency (NCA) with the responsibility for the UK’s National Cyber Crime Unit (NCCU), leading the UK’s Law Enforcement response to cyber crime. Andy established the Unit, bringing together the Serious Organised Crime Agency’s Cyber Department and the Metropolitan Police Central e-Crime Unit to create one unit with the national lead for cyber crime. On a national level, he chairs the UK’s multi-agency Cyber Strategic Governance Group and Chair’s the UK’s National Working Group for Counter-Terrorism and Organised Crime in relation to Cyber. Internationally he is leading the establishment of a Joint Cybercrime Action Taskforce (J-CAT) which, working with Europol, will coordinate a global law enforcement response to the most serious and organised cyber crime. Andy is also the UK Chair of the Cyber Crime Working Group for the Five Eyes Law Enforcement Group (FELEG) and has for a number of years been the UK’s representative for G8 Law Enforcement Group for cyber. In addition Andy works closely with the private sector, he Chair’s the Get Safe Online Steering Group and is a member of the Senior Cyber Advisory Panel for the Bank of England. Prior to the NCA’s inception, Andy was a Deputy Director of the Serious Organised Crime Agency, responsible for Strategy and Government Relationships and, more recently, Cyber and Forensics. Andy joined Lothian and Borders Police in 1984, where he held a variety of uniformed and detective roles, particularly in the field of Major Crimes, leading complex investigations and covert operations. He was the operational head of Special Branch from 1999-2000, where he led national operations.
Cormac Callanan is owner/manager of Aconite, Internet pioneer, winner of the Irish Internet Association Internet Visionary award in 2003 and Golden Spider Internet Hero award in 2005. Qualified in Computer Science he has over 20 years working experience on international computer networks and 10 years’ experience in the policy area of illegal content and cybercrime activities on the Internet. He has provided training at Interpol and Europol and to law enforcement agencies around the world on the subject of emerging and developing technologies. He provides consultancy services around the world and works on policy development with the Council of Europe. He is Board member of the Irish Safety Advisory Committee. Cormac was industry coordinator of the 2centre project – Centres of Excellence network for training research and Education which developed a network of centres of excellence across Europe based on collaboration between law enforcement, academia and industry. The focus of the network is to train law enforcement on cybercrime investigations. Cormac is past-president and CEO of INHOPE – the International Association of Internet Hotlines (www.inhope.org). During this time the network grew to 30 member hotlines in 27 countries around the world and he successfully achieved financial support of over €3m during this time. INHOPE facilitates and co-ordinates the work of Internet hotlines responding to illegal use and content on the Internet. Cormac was founding Chairman of the Internet Service Provider Association of Ireland (www.ispai.ie) in 1997 which he led for 5 years until February 2003 and served as Secretary General of the European Service Provider Association (www.euroispa.org). He was founding Director of the Irish www.hotline.ie service in 1998 responding to reports about illegal child pornography and hate speech on the Internet. In addition to representing INHOPE, he has represented the Irish and European Internet Service Provider’s at Irish government and at EU level.
Neil Anderson is Security Director at Farrpoint. Neil is a highly experienced security consultant, having specialised in network security for the last ten years. Throughout his career, Neil has worked with a wide range of public and private sector clients to pragmatically design, implement, and maintain secure systems, from single site deployments to global security strategy and architecture engagements. His main interests are next generation security platforms, data centre and cloud security, IPv6 and wireless networking.
Mandy Haeburn-Little became Director of the Scottish Business Resilience Centre (SBRC) at the end of 2011 and since then the organisation has undergone a complete transformation and strategic review. Under Mandy’s leadership, SBRC has established itself as a hub of innovation and business improvement in support of partners and the business community. SBRC has the objective of Creating a Secure Scotland for Business to Flourish in. In effect, creating a secure environment where business can trade and prosper securely, regardless of size and sector. Cyber is SBRC’s busiest workstream and provides an ongoing timetable of advice to businesses of all sizes including awareness campaigns, toolkit advice and subsidised services through a small team of ethical hacking students. SBRC is currently being modelled for The Mayor’s Office of Policing and Crime in London, where Mandy is currently setting up the London Digital Security Centre.
David Ferbrache OBE, is a Senior Civil Servant, currently on secondment to KPMG as their Special Adviser on Cyber Security. In this role David leads future service development on cyber issues, as well as supporting engagements with major clients. Before joining KPMG, David was the Head of Cyber and Space for the Ministry of Defence, leading a £90m programme to transform the way MOD approaches cyber security, covering policy, organisation, training and operational capabilities. David also led work during the UK’s Strategic Defence and Security Review on MOD’s cyber strategy; as well as being a major contributor to the UK’s national cyber security strategy. Over his 22 years in Government he has played a leading role in MOD’s industrial policy, operational analysis, intelligence programmes and acquisition reform. He was made an Officer of the British Empire for his work on intelligence support to operations in Afghanistan post 9/11.”
David Calder joined ECS in 2012 with over 17 years’ of professional experience delivering and managing enterprise IT Security services. He brings extensive experience from the financial services industry and has driven the establishment of IT security and risk capabilities for a number of well-known organisations. David uses strong business and leadership skills combined with his deep security knowledge to create services that bring value to ECS customers. He has a reputation for rapidly absorbing technical or business information and identifying pragmatic solutions that are operationally viable and reduce customer risk. David has taken a key role in many challenging tasks throughout his career. He established and ran the department responsible for providing all IT security services for a major high street bank. He also delivered and ran the global threat management function for a financial organisation with over 200,000 users across more than 50 countries. David has also led the creation and operation of Security Operations Centres for a number of global banking organisations. David’s brings an operational-reality and delivery focus to all engagements he is involved in and his wide-ranging knowledge of risk management, information security and IT security, means he is equally comfortable engaged at board level as he is with niche technologists. David is highly regarded as an asset to the company, and has been acknowledged for his continual supportive and professional manner when working with customers and internally.
When & Where
Bill Buchanan is a Professor in the School of Computing at Edinburgh Napier University, and a Fellow of the BCS and the IET. He has a long track record of success in innovation, teaching and research, including two successful spin-out companies.His current duties including leading Public Engagement activities winning Edinburgh Napier University.
He currently leads the Centre for Distributed Computing, Networks, and Security, and works in the areas of security, e-Health, Cloud Security, Web-based infrastructures, e-Crime, cryptography, triage, intrusion detection systems, digital forensics, mobile computing, agent-based systems, and security risk.
Bill has one of the most extensive academic sites in the World, and is involved in many areas of novel research and teaching in computing. He has published over 27 academic books, and over 250 academic research papers, along with several awards for excellence in knowledge transfer, and for teaching, such as winning at the Excellence Awards at Edinburgh Napier University in 2011, 2014 and 2015.
He is currently an external examiner at Royal Holloway (University of London) and has been an external examiner for many programmes, and for PhD examinations.
Presently he is working with a range of industrial/domain partners, including with the Scottish Police, the finance sector, and many large and small companies. He has a long track record in commercialisation activities, including being a co-founder of Zonefox and safi.re, which of which progressed from PhD work to a university spin-out, though the Scottish Enterprise funded Proof-of-Concept scheme. Over the past four years he has received direct funding of over £2.5million related to computer security, which has had a major impact on an international basis. Along with this he gives many keynote/endnote talks at conferences, including at NISC 2014 on Heartbleed.
Both spin-outs build on patented technology, including one which has patenting protection over three territories around the World. His current work includes a 500,000 Euro project which aims to build an advanced training infrastructure for Cyber Security and Digital Forensics. Previous projects have included collaboration of TSB Grants with Microsoft plc on a £2million project which aimed to improve the care of the elderly using Trusted Cloud-based services, and with Chelsea and Westminster Hospital on a next generation Health Care platform. This also matches up with other funded projects with the FSA and the Scottish Police.
He has created many innovations in teaching related to computer security, including being sole author on http://networksims.com (Cisco Simulators), and http://asecuritysite.com (one of the most extensive computer security site for academic material in the World) and in creating DFET (an innovative Cloud training infrastructure for security and digital forensics training). His lectures are online at http://youtube.com/billatnapier, with over 400 on-line lectures, and has over 2,500 subscribers, with more than one million minutes watched. He regularly appears on the BBC radio and TV talking about Cybercrime (see http://youtube.com/billatnapier).
Bill was also a member of the ICT in Education Excellence Group, which has been setup by the Scottish Government in 2012, and innovated the Christmas Cyber lecture for Schools in Scotland (attended by over 3,000 pupils in Dec 2013). He has done extensive work with Schools in promoting ICT, especially focused on computer security, and created the Bright Red Digital Zone, which now includes most of the subjects with the N5 (CfE) subjects in Scotland (bright-redbooks.net), and which has extensive coverage of areas such as computer security.