Introduction
The world is moving towards Big Data, with Cyber Security and the tracking of network events one of its leading applications. Threats to organisations increase by the day, and many have responded by moving towards the integration of SIEM (Secure Incident and Event Management) to detect malicious activity.
Our conference brings together industry, academia and law enforcement to share insights, ideas, expertise and resources in responding to current security challenges, and in particular to look at the opportunities and challenges in managing and using big data in a cyber security context.
This event is hosted by The Cyber Academy, in collaboration with Hewlett Packard Enterprise, and will investigate best practice in industry and look to future Big Data infrastructures for the benefit of organisations in monitoring security events, and in automated generation of audit information and business analytics.
The application of SIEM is now being applied in many areas including security monitoring, incident response and Cyber Crime investigation. The event aims to showcase best practice in industry and in network investigations.
Pictures from the day
Scope
The areas covered include:
- insights into current high profile security incidents, their impact, and how they are reported
- key threats and risks associated with losing business critical data
- leading tools, techniques and insights in network threat analysis, detection and investigation
- best practice in implementing SIEM strategy
- developing and testing effective incident response
- evolution of the Security Operations Centre (SOC) and its emerging future requirements
- the need for skills, knowledge and awareness across an organisation
Programme
The conference started at 9:15am.
| Time | Riady Theatre |
Lindsay Stewart Theatre |
PGCS Symposium Room 2/05 |
| 09.15-09.30 | Welcome and Opening Address, Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3) | ||
| 09.30-10.00 | Conference Keynote Address: Swimming in the Tsunami of Data - “think like the bad guy” - Industry Trends and disrupting the adversary, Tim Grieveson, Chief Cyber & Security Strategist, EMEA, Hewlett Packard Enterprise [Presentation] | ||
| 10.00-10.30 | Bare Metal Forensics, Douglas Carson, Solutions Consultant, Keysight Technologies [Presentation] | JAKU - Analysis of a Botnet, Andrew Settle, Head of Special Investigations, Forcepoint [Presentation] | Big Data: Machine Learning, Heuristic Methods and the Future of Cybersecurity in HPC Environments, Dr. Matthew Craven - Plymouth University |
| 10.30-11.00 | Big Data Analytics and Innovation, Simon Arnell, Chief Technologist, Security Services, HPE [Presentation] |
Security Analytics, Ben Fountain, Senior Consultant, NCC Group [Presentation] |
Incident Response, Vincent Lamb - IT Security Training Ltd |
| 11.00-11.30: Coffee (Foyer) | |||
| 11.30-12.00 | Why Big Data Shouldn’t be Big, Dr Jamie Graves, CEO, ZoneFox [Presentation] | Security Operations in Financial Services, Stephen Livingston, Security Operations, Lloyds Banking [Presentation] |
Session 1 (see below)
Investigation of Virtual Network Isolation Security in Cloud Computing: Data Leakage, Haifa Al Nasseri, St. Andrew University, PDF DNS in Botnets and Advanced Persistent Threats, Peter Mclaren, Edinburgh Napier University, PDF |
| 12.00-12.30 | Large-scale Log Analysis, David Stubley, 7elements. [Presentation] | Data Protection & Privacy, Peter Ridley, UKI Practice Leader, Data Protection and Privacy Practice, HPE |
Session 2 (see below)
Introduction to Security Onion, Ross Heenan, Abertay University, PDF Very Large Scale Digital Forensics (VLSDF), Vassilios Manoussos, Strathclyde Forensics, PDF |
| 12:30-13.30: Lunch (Chapel and Rivers Suite) | |||
| 13.30-14.00 | Large-scale digital forensics, Ian Rainsborough, Guidance Software | Overview of Data Lab, Brian Hills, Head of Data, The Data Lab |
Mobile Authentication, Dr. Ron Poet - University of Glasgow |
| 14.00-14.30 | Splunk User Behavioural Analytics - Machine Learning for Threat Detection, Harry McLaren, Security Consultant, ECS [Presentation] | Big data the next generation of cyber security, James Kwaan. ISACA | Intelligent IDS, Dr. Naghmeh Moradpoor, Edinburgh Napier University |
| 14.30-15.00 | Cyber Security, Eamonn Keane, Detective Inspector, Cyber Crime Unit, Police Scotland [Presentation] | Using big data to create engagement agility, Jason McClay, Operations Director, G2G3 | Session 3 (see below)
CyberSecurity for the Unbanked, Stephen Ambore, Bournemouth University, PDF TCloud: Availability at Zero Downtime, Elochukwu Ukwandu, Edinburgh Napier University, PDF A Survey of Intrusion Detection System technologies, Ross Heenan,Abertay University, PDF |
| 15.00-15.20 Coffee (Foyer) | |||
| 15.20-15.40 | Securely Networking Big Data Environments’, Stephen Hampton, Chief Technology Officer, Hutchinson Networks [Presentation] | ||
| 15.40-16.00 | Cyber Hunting, How to Catch Your Prey, Rashmi Knowles, RSA, The Security Division of EMC | ||
| 16.00-16.20 |
Closing Address: Mandy Haeburn-Little, Director of the Scottish Business Resilience Centre |
||
| 16.20-16.40 |
Q & A Panel | ||
| 16.40-16.55 |
Concluding Remarks/The Cyber Academy | ||
Capture The Flag
The Cyber Academy and RSA will be hosting a cyber ‘capture the flag’ competition in room 0/09, 11:00 – 13:00. We invite 6 teams of 3 to take part in this challenge; measuring skills, tactics and professionalism. Spaces are limited - sign up at the CTF desk in the Foyer between 08.45 – 09.15.
Research Sessions
Research Session 1 and 2:
- Investigation of Virtual Network Isolation Security in Cloud Computing: Data Leakage, Haifa Al Nasseri and Ishbel Duncan, St. Andrew University. PDF
- DNS in Botnets and Advanced Persistent Threats, Peter Mclaren, Dr Gordon Russell and Prof Bill Buchanan, Edinburgh Napier University. PDF
- Introduction to Security Onion, Ross Heenan and Naghmeh Moradpoor, Abertay University and Edinburgh Napier University. PDF
- Very Large Scale Digital Forensics (VLSDF), Vassilios Manoussos, Strathclyde Forensics. PDF
Research Session 3:
- CyberSecurity for the Unbanked, Stephen Ambore, Christopher Richardson, Huseyin Dogan, Edward Apeh and David Osselton, Bournemouth University. PDF
- TCloud: Availability at Zero Downtime, Elochukwu Ukwandu, Prof Bill Buchanan and Dr Gordon Russell, Edinburgh Napier University. PDF
- A Survey of Intrusion Detection System technologies, Ross Heenan and Naghmeh Moradpoor, Abertay University and Edinburgh Napier University. PDF
Speakers
The bios are here Conference Speakers
The bios are here PGCS-symposium Speakers
Sponsor of the PGCS-symposium:
Book for the event
Contact
Partnership
This conference is being delivered in partnership between Hewlett Packard Enterprise and The Cyber Academy: