Cyber security professionals, regardless of our area of expertise, currently find themselves cast as firefighters who are in the middle of an out of control forest fire with only a water pistol to try and put it out. Across the industry we are seeing unprecedented rates of burnout, breach after breach hitting the news and a volatile landscape of risk that allows you just enough time to familiarise yourself with it before it shifts again. The balance of power, money and control is shifted in the attackers favour and there isn’t enough coffee coming across the channel to keep us fighting fit. So what is the answer? How can we work more closely together to cause disruption for these criminal enterprises? How should we think differently about cyber and threat intel? How can diversity help us problem solve the tough issues? This talk will hopefully leave you with more questions than answers but highlight the need for some healthy debate on how we change the trajectory of this fight.

Vulnerability prioritisation calculations and scoring systems have been dominated by proprietary cyber security companies that want to sell their products with little explanation to how their systems work. By discussing and publishing openly available approaches and methodologies for everyone to source and calculate the risk of their vulnerabilities, the cyber security space will greatly benefit from further collaboration and access to affordable vulnerability management software. This talk aims to cover the current state of vulnerability risk scoring, highlighting its flaws, and then presenting an open methodology for empowering everyone to build their own bespoke vulnerability risk scoring systems.

We all know the benefits of Generative AI but how do we secure its use? This talk will be based on my experience over the past 9 months looking at ways to use Generative AI Securely in an enterprise setting.

In this talk I will be talking through the lifecycle of a DevSecOps transformation, starting with how I assess the software and engineering maturity, build a plan, prioritize and a make case for change. I will also talk about my key principal of “Build a capability, don’t be the capability” and how I build self sustaining teams, where we will touch on getting the right people, growing self organizing teams and developing new leaders so that the change is sustainable. I will also talk through several organizational change management practices that have helped me make an impact. DevSecOps transformation is not for the feint hearted and I want to show those who wish to change the SDLC what skills and values have helped me to make an impact.

AI appears to be the buzzword for the year, and the rapid improvements associated with AI models have seen a surge in use in a short space of time. Many businesses are jumping into AI for a variety of use cases, but can security professionals even hope to keep up with the rapidly changing features and capabilities to provide advice and guidance for the uninitiated? With the aim of sharing tried and tested wisdom from secure software engineering, this talk will show the overlap of risks with AI and any other business application, while highlighting some of the unique risks inherent with AI models. Sorting through these differences, professionals can start to apply secure design principles through sensible analysis of new and emerging technologies. This talk will go through existing operational and technical controls through an AI lens, using notable public examples of good and bad uses of AI to propose key principles for securing these projects. This will include guidance for understanding AI model limitations and suitability for projects, as it is not always the magic wand businesses hope for. Attendees will be able to use these principles to offer robust advice and guidance on the use (and potential misuse) of AI models, without having to reinvent the wheel.

Anyone can pretend to be anyone else online with the right tools. From spoofing websites to creating images on non-existent people to interactive videos to deepfakes, we will show the ways people (and in particular scammers) abuse technology old and new to trick people into thinking they're another person as well as the ways to spot them. The presentation will have practical demonstrations of the software and methods used to perpetrate these cons where possible.

Cloud services are often deployed without realising what assets are publicly being exposed. This has led to data breaches in the past, such as in 2017 where 198 million voter records were exposed through a public s3 bucket. However, as companies move more security critical components of their infrastructure to the cloud this risk constantly grows. This talk will give attendees a methodology for finding exposed cloud assets, as well as a new technique which can be used to find instances of most AWS services. It details current cloud asset enumeration techniques and uses AWS Cognito as a case study to show how an exposed cloud asset could allow an attacker to gain a foothold into an AWS environment or gain unauthorised access to an application. It concludes with a new technique which can identify millions of exposed cloud assets at scale using certificate transparency logs.

Join the SWRCCU as they explore real life case studies of operations that the unit have worked on. This presentation will highlight lessons that can be learned from these incidents, along with current trends and best practices within cyber security. A Protect officer will also go through how to prepare and plan your response to a cyber attack, and cover technical and socio-cultural practical advice that can be used by both individuals and organisations in the fight against cyber crime. The key takeaways for the audience include; gaining an insight into the work of the South West Regional Cyber Crime Unit and the crimes that they investigate with key lessons that could be learned from these incidents, as well as practical steps that can be taken to reduce their cyber risk, whether as an individual, an employee, or an employer.

In today's rapidly evolving digital landscape, the struggle for robust cyber security is more pressing than ever. Our speaker, Ryan Pullen, aims to shed light on this ever-changing and never-ending battlefield. Drawing upon the thought-provoking concepts presented in Simon Sinek's 'The Infinite Game,' the talk will explore how organisations must adopt a long-term, sustainable approach to cybersecurity - and how that starts with our people. Ryan will explore:
· Human behaviours and emotional intelligence
· Performance Vs Trust when working in cyber security
· The hiring process and the qualities of the ideal team player
· How to maintain productivity and retention in teams under pressure

This presentation is a must-attend for decision-makers and cybersecurity professionals who aspire to not just survive, but thrive in this ongoing chase of cat and mouse. It offers valuable insights into strategy, team dynamics, and the never-ending journey towards optimal cybersecurity.

In today's fast-paced digital age, children are introduced to the wonders of technology at an astonishingly young age. But with the rapid rate of technological advances, how aware and prepared are these children - and their guardians - in terms of cybersecurity and privacy? What's Little Timmy Doing With the Computer? delves into the challenges and opportunities that the current generation of children encounter as they navigate the virtual world. From the innocuous games and learning apps to the more dubious corners of the internet, the presentation will explore the inherent risks present and the potential measures we can employ to protect our younger cybernauts. Emphasizing the importance of early cyber education, we'll discuss practical approaches parents and educators can utilize to cultivate a culture of security mindfulness in children. The presentation will also shed light on age-specific threats, the vital role of ongoing cyber awareness and what you can do to help.

Do you find that security issues relating to configuration and design are only found once the product has been built? Are your cloud accounts alerting multiple failed best practice checks? This talk will look at how you can build your own template for Microsoft's Threat Modeling Tool to help ensure the right configurations and hardening are identified at the architectural design stage. The talk will also cover sources for threat information and best practice for different environments.

This talk demonstrates a large hole in internal security, based on tests performed on a wide variety of clients. Too often, DNS is overlooked, and improper logging and monitoring leads to a plethora of attack vectors. This talk will also demo a new tool, which abuses DNS lookups of arbitrary (none attacker controlled) domains to prove dangerous exfiltration attacks are possible against even the most secure of networks. Better, it also shows some novel ways of fixing this issue on large scale networks. Hopefully usefully for red and blue alike.

Secure protocol design is tricky – to say the least. There are seemingly unlimited possibilities for a motivated attacker to ruin your day: by forging messages, replaying packet captures, or interleaving sessions. The same, of course, is true for the cryptographic algorithms themselves which underlie these protocols. Thankfully, cryptographers have an exciting solution to such challenges: formal methods. In a perfect world, all protocols would be subject to the same rigorous approach, currently found in few places outside academia and avionics. But if yours isn’t, you can probably be forgiven (assuming you don’t have a postgraduate degree, three months of spare time, and a pathological devotion to pedantry). Even so, certain formal techniques do lend themselves particularly well to practical protocol analysis by engineers and defenders of all stripes. In this talk, we will give a whirlwind introduction to formal methods for security protocols. Our focus will be on those aspects which you can apply day to day, for example, to nail down a concrete threat model and challenge your trust assumptions. And we’ll show how our back-of-the-napkin approach can be used to discover flaws in a real-world protocol. All without giving a single mathematical proof (probably).

The talk will cover the current laziness in the cyber security industry to attribute cyber security breaches to human error. We will discuss why we currently have such problems, we will cover the importance of building resilience into our cyber security programs and how we should model our tools and processes to avoid modelling it for the perfect human behavior as this is not sustainable because human will make errors, but how we can continue business operations without disruption despite human making errors?

Machine learning comes in a myriad of different flavours, designs, and approaches. During this talk we'll explore a common classification task of spotting a needle in a social media haystack. Approaching threat intelligence from a different angle, this talk will explore James' PhD research into identify and understanding the world of ideologically motivated cyber crime and far-right extremism on the Parler social network. Come to this talk if you're interested in where machine learning intersects with understanding threat actors, and on how ideologically motivated cyber crime originates. We'll cover: - Machine learning techniques - Why exploring ideologically motivated cyber crime is important - Understanding online extremism on the Parler social network

Aerospace is a highly regulated sector, rich in standards and heritage. A Critical National Infrastructure, innovation spans evolution (planes) trending to revolution (drones to space). Things are known, things are managed. So what happens when you include cybersecurity into the mix? How can you take enough people with you to have enough practical understanding, and quickly enough? Is that an interesting enough and important challenge? (Yes obviously !). With hundreds of pages of cyber standards, guidance and frameworks, how can you cut through, and bridge the culture gap? In less than one day…This talk sets out an innovative Bowtie-based workshop method which uses regulatory material in a mash up with blue and red teaming that has great cut through (and meets good EDI principles too). It’s only a first step so the talk will set out a roadmap to including broader cybersecurity with IT/OT interactions, systems of systems, ground and air/space and the pitfalls to avoid, and challenges you may face. At the end of the talk you’ll (hopefully!) be able to connect better with serious minded safety specialists (who may not believe that cyber is their problem) and have some ideas to take back to your day jobs. You’ll have some fun getting people to ‘get’ cyber, and be better placed to work in Critical National Infrastructure industries. Topics covered Governance, risk, compliance and management Careers.

Port scaning with powershell - James Conlan

Have you tried booking into the Bristol Lido? It seems like they are fully booked for when you want! The plagued the speaker until she noticed the API behind the front end… come and see the interesting and nerdy journey she undertook to (finally) book her trip to the Lido. This talk will outline the basics of API scraping, the code written to grab and parse results, and setting up a lambda function to execute code.

How to bypass million dollar cyber security solutions - War Stories of a Social Engineer It feels like in cyber security these days, we're all about spending the big bucks to buy the latest next gen firewall, or the best EDR (Endpoint Detection and Response) solution, or the newest Web Application Firewall because someone in compliance said it was required for an audit. As a result, it feels like we're missing the most crucial part of our cyber security defences, the human. This talk is a collection of war stories of how I was able to bypass all the expensive cyber security solutions, using social engineering techniques and targeting the humans/employees. Each story highlights the weakness, and demonstrates why technical products and solutions shouldn't be the be all and end all of protecting the business. Showing problems and weaknesses without offering advice isn't much use, so the last section of talk is dedicated to helpful suggestions and sharing experiences of what's worked in the past, and what hasn't.

In the rapidly evolving landscape of cybersecurity, the emergence of artificial intelligence (AI) has introduced a paradigm shift in how threats are identified, mitigated, and defended against. This presentation delves into the profound impact of AI on revolutionizing cyber defense strategies. This presentation explores the synergy between AI and cybersecurity, highlighting how machine learning algorithms, neural networks, and natural language processing are being harnessed to predict, detect, and respond to an ever-expanding array of cyber threats. By analyzing vast volumes of data at unprecedented speeds, AI equips cybersecurity professionals with the ability to identify patterns and anomalies that may evade traditional security measures. The talk will delve into real-world applications where AI-driven systems not only augment human decision-making but also autonomously respond to potential breaches, reducing response times and minimizing damage. Additionally, ethical considerations surrounding the use of AI in cybersecurity will be addressed, emphasizing the need for transparency, accountability, and ongoing human oversight. As the boundaries of cyber threats continue to blur and attacks grow in sophistication, we will examine the evolving role of human expertise in conjunction with AI, underscoring the importance of collaboration in creating a secure digital environment. Cognitive Defenders: How AI Transforms Cyber Security provides a comprehensive overview of the AI-driven cybersecurity landscape, offering insights into how these cognitive defenders are reshaping the industry's approach to safeguarding sensitive information and digital assets.

In this talk Dan and Ben will go over their experience of dealing with their neurodiversity in the ever changing cyber landscape. They will cover their experiences, Ideas and coping mechanisms to always stay on the forefront of their active cyber careers. This talk will highlight how 2 people can use a skill that most view as a disability to adapt and overcome the challenges with opposite approaches. Both approaches resonate with us each as individuals as they complement the difficulties that neurodiversity can present.