2025-10-30 –, Main Hall
If a zombie outbreak started today, would your organisation be ready—or would you be the first to fall? In this fast-paced introduction to threat-informed defence, we’ll walk through how to build a cyber survival kit that actually helps when the dead start walking (or, more realistically, when ransomware hits at 2 a.m.). You’ll learn how to use frameworks like MITRE ATT&CK to understand what your adversaries are doing, map defences to real-world threats, and stop relying on guesswork. Expect a few laughs, a few scares, and a lot of practical advice.
Threat-informed defence is one of the most effective strategies a security team can adopt, but too often, it’s buried under buzzwords and theory. This talk strips it down to the essentials, using the theme of a zombie apocalypse to make the concepts stick.
Over 25 minutes, we’ll walk through a beginner-friendly framework for thinking about cyber defence the way you’d plan to survive a zombie outbreak: knowing the enemy’s behaviour, assessing your vulnerabilities, and putting the right tools in the right hands before it’s too late.
This talk will cover:
How to use MITRE ATT&CK to understand and prioritise threats
Why some security tools fail when it matters most
What makes a strong defensive stack (aka your survival kit)
How to use threat actor data to drive better detection and response
Why threat-informed defence beats checkbox security every time
This talk is aimed at security professionals who want to level up their defensive strategy, especially those in SOCs, DFIR, or security leadership. No prior knowledge of MITRE ATT&CK is needed.
Come for the zombies. Stay for the survival strategy.
Kade Morton (he/him or they/them) is the co-founder of Arachne Digital, a cyber threat intelligence company dedicated to providing actionable intelligence to security teams worldwide. With a background spanning security operations, open-source intelligence, and critical infrastructure protection, Kade has worked across government, finance, and managed service providers, helping organizations anticipate and defend against cyber threats.