RESET

Description of talk: The UK Biometric Strategy, unveiled in June 2018, has been under consultation by an advisory board and is due to report to the public in June 2019. Currently, UK law only regulates the use of DNA and fingerprints for use by the police only, not by other branches of government and not by the private sector. Nor does the UK have any protections in law around the use of our face or voice data - both of which can be gathered without our consent or knowledge and used in ways that threaten our privacy, civil liberties and human rights. This talk assesses the shortcomings of the UK Biometrics Strategy and offers solutions so that the United Kingdom regulates the use of biometrics in ways that respects the rights of its citizens and residents. 

 

Biography: Stephanie Hare is a researcher focused on technology, politics and history. Selected for the Foreign Policy Interrupted Fellowship and the BBC Expert Women programme, she shares insights on television and radio and broadcasts on the BBC World Service and Radio 4. She has published in the Harvard Business Review, the Financial Times, Project Syndicate, the Herald, CNN and the Guardian. Previously she has worked as a principal director at Accenture Research, a strategist at Palantir, a senior analyst at Oxford Analytica, and a consultant at Accenture. Hare earned a PhD in International History and a MSc in Theory and History of International Relations from the London School of Economics, and a BA in Liberal Arts (French) from the University of Illinois at Urbana-Champaign. Her media work and publications are available at www.harebrain.co. 

 

Twitter: @hare_brain

 

Biography: Chi-en Shen (Ashley) is a senior researcher at FireEye, where she focuses on threat intelligence research. She specialises in threat hunting, malware analysis, reverse engineering, and targeted attacks analysis. For supporting women in InfoSec, Ashley co-founded "HITCON GIRLS" – the first security community for women in Taiwan. Ashley is also a regular speaker at global security conferences, including Black Hat, FIRST, HITB GSEC, CODE BLUE, Troopers, HITCO. etc. Ashley also serves as a review board member of Black Hat Asia, Blue Hat Shanghai and Hack in the Box conferences.

 

Description of talk: Uncovering malicious network campaigns is a major part of threat intelligence research. Alerted by victims, pursuing OSINT leads, or detecting new variations on known malicious behaviour, the results may end up as a complete unravelling of a national intelligence operation. Yet we are inherently limited in our understanding of the context around what we expose, and the results can be an escalating chain of uncontrollable consequences that have global significance. Exposing an operation may not just limit a country's intelligence efforts. It may hinder other ongoing efforts, put people at risk, eliminate a critical view into sensitive targets, alert and inform adversaries, or shake alliances. This talk will explore the many layers of context around network operations by looking at the whiplash effect of their exposure. By examining some key reveals from the last decade and beyond, we will see how the threat intelligence community has made itself a key player in global events, and therefore a threat in its own right. 

 

Biography: Daniel Moore is currently a teaching fellow at the War Studies Department in King's College London, from which he holds a PhD focused on cyber-warfare. He also works as a research and development team lead at Accenture Security, where he designs and builds threat intelligence platforms. Daniel has previously held several private and public positions in cyber-security and intelligence, dating back nearly fifteen years to when he served as an officer in Israeli military intelligence.

 

Description of talk: This talk will discuss the current state of the challenges posed to our cryptography by quantum computers and discuss options for the path forward. There are options to provide for a quantum safe future, but we need to choose wisely and start early. Organisations need to understand their crypto assets and plan ahead in order to bridge the gap between standards availability and implementation readiness. We will discuss a simple plan that everyone can use to start thinking about doing business in a post quantum era. 

Biography: Jaya Baloo the CISO of KPN Telecom in the Netherlands. She is recognised in 2017 as one of the top 100 CISOs globally. Jaya works with an amazing information security team of highly driven specialists.  Working in the information security arena for the past 18 years, she has worked mostly for global telecommunications companies such as Verizon and France Telecom. Jaya is also a frequent speaker at security conferences on subjects around lawful interception, mass surveillance, and cryptography.
 
Twitter: @jayabaloo

The NCSC is helping to make the UK the safest place to live and work online. It supports the most critical organisations in the UK, the wider public sector, industry, SMEs as well as the general public. When incidents do occur, the NCSC provides effective incident response to minimise harm to the UK, help with recovery, and learn lessons for the future.

Description of talk: Users rely more and more on mobile applications for every day tasks, from checking the weather forecast to consulting travel directions and managing their bank accounts. The average user has 20 to 40 applications installed on their phone. While the design and functionalities of mobile applications has grown significantly over the last decade, their security seems to have taken a step back. We sniffed our own mobile phone traffic and we were surprised with what we have found. This talk will walk you through some of our most important findings.

 

Biography: Veronica is a researcher and intelligence analyst from Argentina. Her research has a strong focus on helping people and involves different areas from wireless and bluetooth privacy issues to malware, botnets and intrusion analysis. She has presented her research on international conferences such as BlackHat, EkoParty, Botconf and others. She is the co-founder of the MatesLab hackerspace based in Argentina, and co-founder of the Independent Fund for Women in Tech. She is currently the director of the CivilSphere project at the Czech Technical University, dedicated to protect civil organizations and individuals from targeted attacks.

 

Twitter: @verovaleros

Description of talk: As organisations go more digital and move more key workloads into Internet and mobile platforms what impact does that have on cyber security? How do we need to evolve our cyber security strategy and approaches to deal with the "cloud first" model that many organisations are advocating. This talk will briefly cover some of the changes and the impact on security. 

 

Biography: Siân John MBE is Chief Security Advisor for EMEA in the Cybersecurity Solutions Group at Microsoft. She leads the EMEA security advisors who work with Microsoft’s customers as they evolve their security strategy and capabilities to support digital transformation and cloud adoption.  
She was awarded an MBE in the Queens New Year’s Honours List for 2018 for services to Cybersecurity. 

 

Twitter: @sbj24

Saher Naumaan is a Threat Intelligence Analyst at BAE Systems Applied Intelligence and a rising star in the industry. Her current research is on state-sponsored espionage operations with a focus on threat groups and activity in the Middle East. Saher specialises in analysis covering the intersection of geopolitics and cybersecurity, and regularly speaks at events and conferences around the world. Prior to working at Applied Intelligence, Saher graduated from King’s College London with a Master’s in Intelligence and Security, where she received the Barrie Paskins Award for Best MA dissertation in War Studies.