Here’s what you can expect at Big SASIG 2023…

Opening panel discussion: The vendor value proposition

“Buyer fatigue” is widespread and sales techniques can be aggressive, persistent and intrusive (and therefore counter-productive). But products and services are vital to the CISO’s security strategy, and vendors are an essential element of the solution.

Clearly, the best relationship between vendor and customer is one of trust and understanding built up over time. Since Big SASIG is designed to bring vendors and users together as equals, both Partners and delegates are equally encouraged to attend this opening panel session where we will start the day by considering:

• What makes a CISO buy? What puts a CISO off? Which sales styles work and which don’t.
• How do CISOs draw up their wish-lists, and then how do they prioritise? CISOs are inundated with sales and marketing material, so how do they filter through all the noise? How do CISOs view vendor meetings and what are they looking for?
• Suppliers are frequently viewed by the CISO community as the enemy. How has this happened and what can we do to reverse this trend?

Chaired by:
Helen Rabé CISO, BBC

Jim Mulheron Chief Risk Officer Transformation, Technology and Innovation, Standard Chartered Bank
Mark Hughes President of Security, DXC Technology


10.25am – 4.10pm – Partner workshops, one-to-one meetings and networking forum

Identity-centric security & the SOCs to match: Improve malware response for better ransomware prevention

Enterprises have covered the basics of ransomware prevention – from data backups, EDR and user training, to phishing detection and threat intelligence. But there’s a significant blind spot: lack of visibility into malware compromises (especially when the infected devices are unmanaged or under-managed). SOC teams have become reliant on machine-centric malware infection responses without direct knowledge of the data criminals are using to target the enterprise, such as syphoned passwords and web session cookies. The result is exposed employee, contractor, and partner identities which remain exploitable until the affected users, applications, and devices are appropriately remediated. It’s been a challenge for most organisations – until now.

Join this session to learn about a new, more complete, and more effective approach to preventing ransomware called Post-Infection Remediation. We’ll cover the following:
• Trends in malware-infected user data, including common third-party application exposures (spoiler alert: SSO!)
• Seven common blind spots in today’s malware infection response
• Seven steps of Post-Infection Remediation to truly reduce your enterprise’s exposure to ransomware.

Presented by:
Filip Wijnholds Senior Investigator, SpyCloud


Threats, threats, and more threats! What’s the latest, and how do we stop them?

Most organisations today understand the concept of threats, and the risks they pose. Threats could be global disruption to your network, a leak of crucial data, or a simple mistake that leads to a regulatory fine. Each of these puts your organisation at risk.

This session will take a look into current threats, how we can interpret them within our business, and how we can make threat-informed decisions to not only prevent them, but limit them. We will discuss all things threat landscape, threat detection, threat response, and threat-informed risk.

Presented by:
Zeki Turedu CTO EMEA, CrowdStrike


Using behavioural data to drive end-to-end human risk management

Are you tired of feeling like you’re in the dark when it comes to managing human risk? Imagine being able to see the whole picture and having the tools to navigate it successfully.

In this presentation, we’ll take you on a journey to uncover the hidden treasure trove of behavioural data and show you how to use it to change behaviour at scale. But we don’t stop there; we’ll also equip you with strategies for when change efforts hit a roadblock, and show you how data can give your employees the power to be their own risk management heroes.
We’ll provide the tools and knowledge you need for end-to-end human risk management.

Presented by:
James Moore Founder & CEO, CultureAI


Why your security awareness isn’t working and what to do about it

Traditional approaches to security awareness aren’t resulting in behaviour change, so say the UK’s National Cyber Security Centre. Evidence would seem to agree, with 85% of cyberattacks still starting with the human user, despite the eLearning and Phishing Simulations organisations have been using for years.

Join Tim Ward from Think Cyber to discover why traditional approaches aren’t working, through a learning science and psychology lens. Tim explores the behavioural science models that can tell us what we should be doing, and offers actionable insights to apply to your organisation’s approach – be it large or small.

Presented by:
Tim Ward CEO & Co-Founder, Think Cyber


How to build a human-centric insider risk program

Gartner predicts 50% of organisations will adopt formal insider risk programs by 2025 – up from just 10% today. Recent breaches have demonstrated the need for critical infrastructure industries to put humans at the center of their cyber strategy, but for most organisations, it’s an uphill battle.

In this presentation, DTEX will share practical insights on how executive leaders (from CIOs and CISOs to HR, risk and legal) can work together to proactively defend against data loss incidents by fostering a risk-aware culture based on trust and bi-directional loyalty.

Discover programmatic steps on how to build an insider risk program that bridges the gap between people, processes and technology, referencing MITRE’S Insider Threat Framework and real-world examples across energy, financial services and health verticals as well as government and defence.

Presented by:
Darren Jones Sales Engineer, DTEX Systems


Leveraging regulatory compliance and technology to reduce risk

Regulatory compliance is often seen as a blocker and nuisance but can also be an enabler of improvement. With new regulations and challenges in Europe and UK, Nuno will discuss how these challenges can be addressed, aligned with the business and Suppliers, and using technology as a communication and assurance enabler.

Join BitSight to discover aspects of regulations such as resilience, third-party risk, and how to leverage people, processes and technologies around the underlying elements outlined by regulations and IT risk challenges.

Presented by:
Nuno Almeida Silva Manager, Consulting Engineering EMEA, BitSight


People-based metrics – which measures & insights create a secure human firewall?

We all aspire to create a positive security culture within our organisations. However, we commonly track progress with marginal measurements, such as attendance statistics and click rates.

Join Andrew Rose, Resident CISO at Proofpoint, to understand:
• The possible metrics you can capture as you move forward on your journey through ABC (Awareness, Behaviour, Culture)
• How you can represent ‘culture’ on a chart the Board can understand
• How this data can provide true ‘actionable intelligence’ that allows targeted responses to decrease risk

Presented by:
Andrew Rose Resident CISO, EMEA, Proofpoint


Cybersecurity – a hopeless utopia, breach resilience is the new operating norm

For decades, cybersecurity professionals have requested budget to increase cyber defences. But is the investment worth the money? No matter the technologies procured, or security programs initiated, breaches continue to happen. Is 100% security of 100% of data, 100% of the time, simply an impossible utopia?

Cybersecurity professionals struggle to convey their message to business stakeholders. A focus on technology and “silver bullet promises” have undermined efforts of the CISO, often resulting in a culture of malaise and a litany of failed projects as CxOs question why cybersecurity investment is required when breaches continue. Pivoting to a business-first risk management approach focused on prevention where possible, as well as monitor, detect and respond, will resonate with CxOs looking for digital trust and breach resilience in the modern digital society.

Presented by:
Mark Brown Global Managing Director, Digital Trust Consulting, BSI Digital Trust


Closing panel discussion: Geopolitics, cybersecurity and the lessons of history               

Napoleon is credited with saying: ‘to know a nation’s geography is to know its foreign policy’, while the geologist and author Andrew C Katen said ‘history rhymes, but geography endures’.
This is something we in the West appear to have forgotten. As we have found out to our significant cost, what happens in “far off” countries can have direct impact on us as individuals and as societies.

The Russo-Ukraine War is a reminder of this, if one is needed. But it could be argued that the West, particularly Europe, has for too long shown a naïve refusal to acknowledge the lesson of geopolitics: that countries “of trivial inherent importance to the world” (Dominic Cummings on Ukraine), can affect us in ways we should have anticipated but did not.

Is geopolitics making a comeback? And, if so, are we now learning that lesson?

Chaired by:
Tarquin Folliss OBE Vice Chairman, The SASIG

Professor Paul Cornish Visiting Professor, LSE Ideas, London School of Economics
Tim Willasey-Wilsey CMG Visiting Professor, King’s College London
Juliette Wilcox UK Cyber Ambassador, Department for International Trade, HMG


Conference networking drinks reception

The post-conference networking opportunity, where end-users and vendors meet as equals.

Sponsored by:

Conference Dinner

In the true SASIG tradition, we will gather to enjoy good company, good food, fine wine and excellent networking, all strictly under the Chatham House Rule and by invitation only.

A perfect end to a perfect day.