In our opening keynote we look at the ongoing fight against ransomware. As 2024 has seen the takedown of the Lockbit infrastructure, the FBI offer decryption keys, and more discussion on whether to pay or not. This timely discussion will look at the state of cybersecurity's fight against ransomware.

Key takeaways: 

• What is the right decision to make in the payment debate?
• Does the takedown of one operation really make a difference? 

This subject has been the hot topic over the past couple of years, but what are we learning about that we did not know previously? What is new to practitioners in this revolution, is this just an advancement on machine learning, or is this the biggest change in more than a decade?

Key takeaways:

• How is AI being used in the security suite?
• Are we in a position where this is a threat to compliance or even data loss?

Whilst still an emerging trend, cyber insurance has become one of the most popular options to better protect your business against the likelihood of an attack. We will look at what the coverage areas are, what the common reasons for being declined? What sort of processes and technologies do you need to have to get coverage? 

Key takeaways:

• How not to get coverage
• What you need to do and change about your policies and processes to ensure you’re protected

Take a chance to process your learning from the morning, with some information from our sponsors, including on-demand videos and whitepapers offered for your consumption.

We talk with our lead sponsor on their concept for security, research and the current state of cybersecurity.

According to this year’s Verizon report, some vulnerabilities can remain unpatched for up to a year, so why is there a challenge in patching and what are the common reasons for delays? Also, what is the bigger threat: zero day or unfixed flaw?

Key takeaways:

• Why being delayed in applying a patch could be good, or bad, for your business
• Looking at examples of missed patches and resulting incidents
• Top tips in ensuring a regular patch management strategy that works for you

There are a number of options here, from ISO 27001 to NIST to Cyber Essentials, so which is the best one for you to follow and comply with, and what are the differences between them? Also, what are the consequences of not complying, and what are the associated costs of complying? Key takeaways: How do the more specific frameworks affect you if you don’t deal with payment or healthcare data? What are the costs of complying and not?

Key takeaways:

• How do the more specific frameworks affect you if you don't deal with payment or healthcare data?
• What are the costs on complying or not?

We wrap up the day with a discussion on a key subject affecting cybersecurity, and where we need to focus our attention for the remainder of the year.