Report Incident


Icon representing 44CON - Cyber Security
44CON - Cyber Security

April 28th 2015
Icon representing Gloucestershire Business Show - Cyber Security Theme
Gloucestershire Business Show - Cyber Security Theme

May 13th 2015 to May 14th 2015

44CON - Cyber Security

ILEC Conference Centre, London 
April 28th 2015
ILEC Conference Centre, London
44CON Cyber Security is a new annual one day Information Security Conference that took place in London, on the 28th April 2015.

Along with a number of Workshops and Demonstrations, the day included several notable presentations:

Presentation and Communication Skills for Security Professionals (Alternative Title: Hacking the Conversation)
Presented By: Jerry Gamblin
How you communicate in meetings, emails, presentations and hallway talks can make the difference between running a successful security program and a struggling one.
Jerry has spent the better part of the last 10 years working on being a better communicator and will share some of the tactics that have (and haven’t) worked for him with you. track: Technical

Law Enforcement and Technology, how is the future looking?
Presented By: Ian Maxted
As law enforcement deals with the ever increasing complexities of technological growth, necessary skillsets, technical implementation and legislation can be a stumbling block not just for industry.
It is widely considered that law enforcement are typically well behind the curve when it comes to cyber criminality. Ian will look at how that appetite has changed and how industry becomes pivotal to helping the police service fulfil its guardianship status, now that the Internet is firmly in our daily lives.

Cyber Myths and Monsters: how to raise awareness and change behaviour
Presented By: Jessica Barker
Cyber insecurity often feels like a horror story, and the idea of cyber security an out-of-reach myth. The last year has seen breaches that are bigger, and of a higher profile, than ever before. When we trace these breaches back to their cause, we often find that attackers took advantage of human behaviour, via social engineering, poor password management, gaps in physical security or malicious insiders. Organisations are increasingly focused on raising cyber security awareness, and the UK government has spent millions of pounds on the Cyber Streetwise campaign, and yet we seem to be making little (if any) progress when it comes to changing behaviours.
Jessica’s talk argues that, in lots of ways, we are making fundamental mistakes when it comes to our attempts to raise awareness. Combining sociological and psychological research with mythology and classic horror fiction, this talk highlights lessons we can learn in our approach to raising cyber security awareness. Emphasising ways we can positively engage with users to change behaviours for the better, this talk aims to provoke ideas and discussions that will lead to awareness-raising programmes that are focused on what the user needs to know, and how we should be telling them, to achieve the most impact and make cyber security less of a monster.

Not following the herd – how to make your voice matter in the corporate world
Presented By: Quentyn Taylor
First Quentyn will look at how to make your voice heard and relevant to a modern fast paced business. He will look at building a security message and making it count, challenging commonly held perceptions in risk and always being aware of the echo chamber.

Pitfalls of Public Cyber Data
Presented By: Phil Huggins & Ernest Lee
There are increasingly many data-driven cyber reports published and these are being relied upon to support strategic cyber decision-making in organisations. In order to conduct a meta-analysis of reported cyber data to support the development of a strategic cyber threat assessment at Stroz Friedberg we reviewed the quality of available data and reports. Here we will highlight some of the pitfalls inherent in these sources that should be considered when using them and makesome recommendations for the publication of data-driven cyber reports.

Legal Drivers in Cyber Security: Many or None?
Presented By: Dai Davis
What are the real drivers for Cyber Security? Certainly not the Data Protection legislation, which, while theoretically being enforceable with a fine of up to £500,000, is rarely enforced. Most breaches of that legislation go unnoticed, let alone invoke a sanction. Most businesses will retort that they are concerned about their reputation, but does the truth match the perception? Dai explores the dangers of lack of security and what businesses can and do suffer as a result of lack of security. Criminal sanctions in the form of the Computer Misuse Act, 1990 are examined as is the civil fining regime of the Data Protection legislation. There is also the possibility under this latter data protection legislation for an aggrieved individual to claim damages, but as Dai shows, this also is a theoretical rather than a practical remedy. Dai examines the purely economic risk of “loss of reputation” as well as the special case of businesses falling under the remit of the Financial Conduct Authority. Dai will also examine the implications of lack of security in the Internet of Things and whether there are legislative or other drivers to make the Internet of Things secure.