Cyber Resilience

Date:
Thursday 12 May 2016

Time:
5.30pm - 9.00pm

Venue:
Anglia Ruskin University, Cambridge Campus, East Road, Cambridge, CB1 1PT
The meeting will be held in the Lord Ashcroft Building, Room LAB003 (Breakout Room LAB107 for networking & refreshments).
Please enter through the Helmore Building and ask at reception.

Hosted by the Department of Computing & Technology, Anglia Ruskin University,

Organised jointly by

ISC(2), IISP, OWASP (Open Web Application Security Project) Cambridge Chapter. Cambridge Chapter, ISC(2) East of England Chapter and Institute of Information Security Professionals - Eastern Region, BCS Cybercrime Forensics SG and Anglia Ruskin University

Agenda

  • 5:30pm - 5:45pm Welcome from the OWASP Cambridge Chapter Leader, Adrian Winckles, Course Leader in Information Security & Forensic Computing, Anglia Ruskin University
  • 5:45pm - 6:35pm Talk from Raman G head of Private Sector Advice Delivery for Centre for the Protection of National Infrastructure CPNI.
  • 6:35pm - 7:25pm Talk from Dr. Pagna Disso, Head of Research & Development at Nettitude on SCADA (Supervisory Control And Data Acquisition) industrial security.
  • 7:25pm - 8:15pm Talk from Phil Cobley of the Regional Cyber Crime Unit (Part of ERSOU) on local and regional responses to Cyber threats.
  • 8:15pm - 8:30pm Open Forum Q & A to the Presenters
  • 8:30pm - 9:00pm Refreshments & Networking (coffee, tea, juice) in LAB107

Cyber Resilience - Surviving CyberTerror, CyberCrime and CyberActivism Cyber Resilience: Identifying and responding to security breaches will become a critical survival trait in the future. CyberTerror, CyberCrime and CyberActivism means security professionals need to be aware of the changing landscape of cyber security. Creating a culture of cyber security awareness will assist security professionals in defending against such threats.

Guest speakers/Biography:

Phil Cobley seconded to the Regional Cyber Crime Unit responsible for the East of England. With 10 years’ experience working in numerous roles, Phil has been involved in many major investigations and operations. Previously Phil managed Bedfordshire’s Digital Forensics Unit, and has both experience in forensics examinations, as well as experience in implementing strategic developments and projects. Phil both sits on and chairs a number of working groups, and is now developing partnerships with business and academia to further improve both local and regional responses to Cyber threats, and help better protect victims.

Jules Pagna Disso - Head of Research and Development Dr. Pagna Disso has over 15 years’ experience working in cyber security. Previously the head of EADS Innovation Works’ cyber security research lab in the UK, he was the technical lead for all cyber security related projects. Dr. Pagna Disso provides ongoing consultancy services for various organisations on critical infrastructure security and also advises SMEs on security strategies. He holds a PhD in Intrusion Detection Systems as well as a number of cyber security related qualifications.

His research interests include cyber security for Industrial Control Systems, honeypots, botnets, malware analysis, cloud security, cyber forensics, threat analysis, and vulnerability identification. In addition to developing and executing research projects into a wide range of areas relating to cyber security, including Industrial Control Systems, Dr. Pagna Disso is also responsible for supervising MSc and PhD students from a number of Academic Centers of Excellence for Cyber Security within the UK. Dr Jules Pagna Disso is responsible for developing, building, and running the day-to-day R&D operations at Nettitude. He also architects and engineers a comprehensive set of technologies and processes to provide superior situational awareness for clients.

Raman G is the head of Private Sector Advice Delivery at the Centre for Protection of National Infrastructure. The Centre for the Protection of National Infrastructure (CPNI) protects national security by providing protective security advice. Protective security is 'putting in place, or building into design, security measures or protocols such that threats may be deterred, detected, or the consequences of an attack minimised'.

Background

OWASP (Open Web Application Security Project is a 501(c)(3) not-for-profit worldwide charitable organization focused on improving the security of application software. Their mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks.

The Institute of Information Security Professionals (IISP) is a not-for-profit organisation, owned by its members and dedicated to raising the standard of professionalism in information security and the industry as a whole. The IISP does this through accrediting skills and competence, by sharing best practice and by providing a network of support and guidance on individual skill development. It speaks with an authoritative voice and its competency based memberships are widely recognised in the information security industry.

(ISC)²® is the largest not-for-profit membership body of certified information security professionals worldwide, with over 93,000 members in more than 135 countries. The (ISC)2 East of England Chapter is committed to the growth and advancement of Information Security Professionals within the region, development of the information security Industry and promotion of Information Security Standards across industry. We will do this by holding events, collaborating with the companies, professionals and academia within the region to strengthen networks and provide members with opportunities to grow professionally, share knowledge and experience, educate others, support new entrants to the industry and collaborate on projects focused on Information Security Enhancement

The Department of Computing & Technology at Anglia Ruskin University is enhancing its curricula and capabilities in information security following its successful BSc(Hons) Information Security and Forensic Computing pathway. Establishing a joint professional networking group with OWASP concentrating on aspects of computing and application security is a key part of this enhancement. A key aim the department is working towards is developing a MSc Information Security specialising in Application Security and as part of this activity looking to develop and a local Information Security Student Society.