Anticipatory governance in cybersecurity refers to proactive, forward-thinking strategies for managing cyber risks and enhancing resilience. It involves identifying potential threats, vulnerabilities, and future opportunities and challenges within the cybersecurity landscape, then preparing for them in advance. Rather than reacting to security incidents after they occur, anticipatory governance focuses on predicting and mitigating risks before they materialise. This talk will explore the key elements of anticipatory governance in cybersecurity, offering actionable insights for security practitioners. By embracing anticipatory governance, organisations can strengthen their security posture and navigate the increasingly complex digital ecosystem with agility, resilience, and trust.
Join a seasoned SecOps lead as they dig beyond the financial & reputational impacts of cyber incidents and explore the often overlooked emotional toll, cultural shifts, and stresses that happen when they hit.
Discover the far-reaching consequences, from sleepless nights and anxiety to organisational trauma, and go home with practical strategies to build resilience and protect your people before, during, and after attacks.
Do you trust the embedded devices around you? Perhaps you shouldn't! Even industry giants make significant mistakes. In this presentation, we will analyse Cisco's VoIP phones, that can be found in offices, governmental buildings, and even the White House. These devices were found to have critical vulnerabilities, including easily exploitable flaws.
Fun Fact: Did you know that President Biden and Trump used these phones?
Among the vulnerabilities discovered was unauthenticated packet capture, allowing attackers to intercept and listen to any phone call made or received on the device. We'll demonstrate live how simple it is to intercept, reconstruct, and listen to a phone call.
This presentation will dive into other issues uncovered during the blackbox testing of these devices. We'll also discuss what Cisco could have done differently to prevent these vulnerabilities and provide guidance on how to avoid similar pitfalls. Additionally, we are going explore the challenges and importance of thorough blackbox testing.
Join us for a comprehensive look at the security flaws in trusted devices and learn how to protect against them.
You have probably heard of the move to professionalise the cyber security industry, but why should you care? Whether your focus is on red teaming, pen testing, vulnerability scanning or threat intelligence, you need to understand the shift in the industry that will, at some point in your career, have a fundamental effect on the way that you record achievement, demonstrate competence and define your experience. I'll talk you through the changes and how to align your career pathway with them.
In today’s world cryptocurrency is becoming an area of interest for just about anybody. We constantly hear about it in the headlines, the thousands to billions being stolen, made or gone missing. In most cases, the seed phrase is the master key to all of this news. But how secure is it, really? From phishing scams and malware to sophisticated supply chain attacks, hackers, insiders and that shy teenager in their mom’s basement, are constantly evolving their tactics to hijack seed phrases and drain wallets.
This talk provides a brief overview about how Large Language Models (LLMs) work, with a detailed explanation & live demonstration about how you can gather sensitive information from LLMs. This simulates how an attacker could gain information from new and emerging technologies.
A 20-minute presentation on my journey from working in oil & gas into becoming a Senior CTL APP Pentester and all the challenges I have faced since moving into cyber 3 years ago.
This will be aimed at encouraging people to explore their soft skills, and that technical skills aren’t all you need. Key points in the talk will include self-development, tips on resources to use, things I’d do differently and my goals going forward. It is aimed at students/graduates/people looking to transition into cyber security.
The talk will be interactive and will contain some technical information, however this is considered a careers talk, not a technical talk.
This case study, explained by 2 master's students, dives into the Spectre and Meltdown vulnerabilities, which were exploited to target the CPU architecture design aimed at enhancing performance.
Retrospectively, the system had failsafes in place to address this issue, but they were not deployed quickly enough, to prevent this exploit.
Attackers leveraged the "Least Recently Used" logic to breach the hardware layer from the software layer, leading to one of the most significant threats in history.
Major companies were hesitant to release information until they had a firm solution to ensure public safety.
This talk will showcase how the attack was carried out and what countermeasures were implemented to stop this exploit from being carried out in today's world.
In the dark shadowy depths of auditing, you can see a plethora of nonconformities lurking - relentless, chaotic and recurring. Time and time again, these common pitfalls can catch companies off guard, undermining their Information Security Management System (ISMS). Whether you're an auditor, implementer or just a curious soul looking to unravel the mysteries of an ISMS, we'll take a look at the top five nonconformities (personally rated by me) and more importantly, the best mitigations and methods you can employ to prevent these devious traps from recurring!
This paper will look at reasons why organisations use approved software lists, and why users (with little real understanding of security) find such lists increasingly frustrating, once they have found that they can do the job quicker and more effectively using their own apps.
It also examines the role of BYOD in expanding this headache for managers of organisational systems, and how best practice of a hybrid approach to BYOD/organisation systems that embraces security issues can in turn reduce the more general problem of "Shadow IT".
The follow on from this would be an academic paper examining the relationship between type of organisation culture and extent of Shadow IT.
Karate is a martial art focused primarily on improving self-defence, recognising different types of attacks and being prepared to react to them in an efficient way. Sound familiar? Its enduring legacy offers us many lessons that we can bring into our workplaces to strengthen our security. Also, Cobra Kai has made it cool all over again, so tie on a patterned headband, grab a bonsai tree, and join me to explore how karate can help us improve security. Please note that no previous experience is necessary, and no audience members will be "volunteered" for demonstrations.
A beginner-friendly session aimed at running through common pain-points within the penetration testing process and how automation and scripting can be introduced to help alleviate these issues using Python and Bash. This session explores automating web requests, managing and manipulating large datasets, and generating customer-appropriate outputs to help testers improve efficiency without advanced coding knowledge. Attendees will leave with practical techniques and examples to build custom scripts that streamline workflows and improve testing consistency.
The 'Art of Threat Modelling' covers a high level overview of the what, why, how of threat modelling and how we all can threat model pretty much..... anything
Cyber incidents can affect organisations of any size or sector, at any time, so it’s crucial that you have a plan in place to ensure you can respond, recover and continue operating. This session will highlight some of the current best practices in incident response based on cyber crime investigations here in the South West as well as nationally recognised guidance.
Modern manufacturing relies heavily on highly integrated IT systems. While various terms -- such as Industry 4.0, Cyber-Physical Production Systems, and the Industrial Internet of Things (IIoT) -- describe these systems, they all share a common characteristic: the fusion of enterprise software with sensors and actuators. This creates a complex IT landscape comprising devices with diverse computational capabilities, operating systems, and software versions. Additionally, many manufacturing environments must integrate legacy systems that were never designed to be connected to the internet, further complicating security efforts.
Beyond the inherent challenges of securing such heterogeneous environments, cyberattacks on manufacturing systems can have severe real-world consequences, extending beyond data breaches to physical disruptions and costly damages.
In this talk, I will first provide a brief introduction to modern manufacturing systems. I will then explore key cybersecurity threats, with a particular focus on attacks targeting process logic vulnerabilities that can be exploited by both external threat actors and insiders. As far as possible, identified threats will be illustrated by real world attacks. I will conclude the talk with a brief outlook on ongoing research developing tools to detect (and mitigate) cybersecurity threats in modern manufacturing.
In this talk we'll dive into the world of Open Source Intelligence (OSINT), exploring how public information from online sources can be used to uncover personal (and sometimes private) details about yourself. You'll learn what a digital footprint is, how every action online contributes to your digital identity, and the potential risks associated with using social media. Most importantly, we’ll also go through actionable steps to help you safeguard your privacy and protect yourself from potential online threats. Whether you’re a beginner or want to deepen your understanding about your digital footprint, this session will help equipped you with the tools to stay safe in today’s social media driven world.
Jack Hughes a leader of the Unit 42 Digital Forensics and Incident Response team will provide insight into the often-overlooked world of incident recovery. This talk draws on real-world experience and lessons from the front line of cybersecurity. Jack will discuss commonly observed mistakes that derail containment and recovery efforts based on the experience of leading hundreds of incidents globally.
The session will walk through case studies, lessons learnt the hard way and methodologies for incident recovery that reduce the current and future risk of incident recurrence.
Whether you're a seasoned incident responder or new to the field, this session will equip you with the insights and practical guidance to transform your approach to incident recovery.
Despite HTTP Request Tunnelling's resurgence in recent years with the advent of HTTP/2 Desync Attacks, its much bolder big brother HTTP Request Smuggling has stolen the limelight, leaving cases of desync-powered tunnelling buried for all but the most dedicated tunnelling enthusiasts.
In this session I will reveal the discovery of wide-spread cases of request tunnelling in applications powered by popular servers including IIS, Azure Front Door and redacted
including the creation of a novel detection technique that combined the recently popularised "Single-Packet Attack" with our ever-trusty HTTP desync techniques.
Throughout the presentation I will also explore the complexities of navigating security research for the first time, drawing parallels from the advice given in so you want to be a web security researcher and illuminate the ease through which existing tooling from industry leading researchers can be adapted in order to rapidly test your own ideas even with a rudimentary understanding of programming.
Should a three-year-old have their own phone?
Children face numerous dangers online, from cyberbullying and predatory behaviours to data privacy risks. This talk explores the key challenges kids encounter on the internet and the evolving threats they face. We'll discuss the importance of building awareness among parents, educators, and IT professionals, and look into strategies to protect children in a connected world.
We as an industry have been heavily focused on the ransomware threat. A loud and dramatic threat that commands the attention of security professionals, governments and CEO’s globally but has possibly diverted some of our resources away from another increasingly concerning threat.
Hacktivists seem like an old adversary that are the concern only of big banks and extractive industry organisations. This is a dangerous assessment. In this talk we will look at the rapid increase in their number, capability and motivation. Who are they? How do they select targets? How are they funded? Why do they pose a threat to you? What discussions do we need to have in 2025 to combat them?
Cobalt Strike started as a legitimate red team tool for simulating adversarial attacks; however, its powerful capabilities have made it a frequent target for abuse by APT groups, hacktivists, and cybercriminals. This talk outlines an automated, large-scale approach to harvesting Cobalt Strike payloads from VirusTotal and de-obfuscating them to extract key Indicators of Compromise (IOCs). By analysing these beacons at scale, we transform raw malware data into actionable threat intelligence—helping defenders stay one step ahead of adversaries who exploit Cobalt Strike for malicious gain.
Successful DevSecOps transformation is much more then putting tools in pipelines and declaring "shift left". The hardest shift to pull off is when it comes to nudging values towards digital safety, and in this talk I walkthrough the techniques and literature I use to do this at scale. We will cover theories from Organisational Change Management, Leadership and Influence, and how we can apply these social tools in the context of DevSecOps to help you make an impact.
We tend not to pay too much attention to things which are so familiar that we don't always see their true potential or value... like the faithful dog that guards the house or goes to get help if their owner is injured.
The good news is that something is already in every corporate and home environment, but do we leverage it to enhance our security posture... not very often, instead favouring the new shiny tools or latest marketing must have, but yet we still see breaches, ransomware and scams... whether you know it or not we all have a super pet or hero dog in our houses and it can help!
Think slaying vamps is tough? Try battling ransomware. This talk flips the script, proving Buffy's not just awesome at slaying demons – she's a cybersecurity guru in disguise. We'll dissect her tactics: threat modeling, rapid response, training and awareness, security tools and techniques, and the crucial power of the Scooby Gang. Forget silver bullets, we're talking firewalls and threat intel. Learn how Buffy's intuition and experience translate to real-world cyber defense, and why even The Chosen One needs a team. Because in cybersecurity, just like in Sunnydale, you're never fighting alone.
Cybersecurity is one of the fastest growing industries, and with that growth comes competition. You’re not only competing with other graduates from your university, but you’re also competing with passionate, self-driven individuals from the rest of the world who have been honing their skills inside and outside the classroom.
If you want to stand out and land your first cybersecurity job, you need more than just a degree or certification. Employers are looking for passion, initiative, commitment and adaptability, all those things that can’t be taught in a classroom.
As a manager for an Application Security (AppSec) team, I have reviewed hundreds, if not thousands of applications and conducted several hundred interviews. I’ve seen firsthand what makes a candidate stand out and outshine other candidates. Our recruitment is heavily focused on junior roles out of necessity, as we are located far from metropolitan areas and can’t easily attract already established senior professionals. However, my insights might be useful for more senior roles and even roles outside AppSec and Cybersecurity as well, but again, my target group for this paper is junior roles in Ethical hacking.
In this talk, I’ll share my real-world insights from hiring and mentoring cybersecurity professionals and show you how to differentiate yourself.
I'll share what I look for in candidates, the mistakes to avoid, and hopefully share what makes someone to truly standout and be more hirable.
By the end of this talk, you’ll have a clear action plan for building your skills, personal brand, and network so you can land that first job with confidence. It’s a lot of hard work, but trust me, it will make a difference, not just in the short run, what you do from today, will impact the rest of your career.
For over 11 years the final two iPod nano models somehow managed to evade the best efforts of even the most tenacious hackers to subvert - something which I took personally. The first public jailbreak of an Apple device was a prize simply too enticing to ignore. In this talk I'll explain how I went from zero access to full, persistent and unobstructed control over the entire device. Join me on this tale of ancient font formats and blindly trying to leak bits out of the darkness....
Malware is constantly evolving, much like biological viruses that adapt over time in response to our defenses. I like to analyze malware as if it were a living entity, driven by the ultimate goal of survival. Just as Evolutionary Game Theory (EGT) is used to study biological evolution, what if we applied it to malware evolution as well?
In this talk, I’ll explore how EGT can help us understand why malware behaves the way it does and how different strategies shape its evolution. From one-shot viral outbreaks like the ILOVEYOU worm, to stealthy shape-shifters like Simile, adaptive threats like Emotet, and symbiotic threats like CrackedCantil, we’ll examine how attackers develop survival tactics—some aggressive, some deceptive, and some even collaborative.
And just like in nature, where species must adapt or go extinct, I’ll discuss how defenders can use EGT principles and lessons from nature to anticipate future malware threats and build stronger defenses.