ISACA Central UK Members' Meeting and AGM

12.00 Lunch

13.00 AGM

13.30 The OSPAs Learn about the OSPAs and how to submit a nomination

13.45 Mind the (Cyber Security Gap) - Getting Your Board to Understand the Growing Cyber Threat, Lisa Ventura MBE

14.30 So you think you know where your egress points are?, Keith Hayes

15.00 Break

15.20 OSINT Workshop, learn about some of the tools you can use, including Google! Keith will also provide an OSINT digital footprint of your network, together with a domain breach report (if you want it!)

Please note, this event is free to attend for ISACA Members. If you book a place, please commit to attend, as we have had an incresing number of no-shows to events, but have had to pay the venue for their place. ISACA Central UK reserves the right to invoice you the non-member fee, in the event of a no-show, without 7 days notice.

Mind the (Cyber Security Gap) - Getting Your Board to Understand the Growing Cyber Threat - Lisa Ventura MBE

Lisa will talk about how cyber threats are evolving rapidly, and cyber-crime against organisations is massively on the rise, posing significant risks to organisations worldwide. In the UK alone, 7.78 million cyber attacks were conducted on UK businesses in the first half of 2024 alone, with 50% of UK businesses experiencing a cyber-attack. Despite this, only 31% of UK businesses undertook a cyber risk assessment this year, and the average cost of a cyber-attack to a UK business is £3230*.

A critical gap in understanding and awareness of these threats at the board level still exists, so how do we communicate the risks to boards in an insightful and meaningful way that incites action against the growing cyber threat?

Key Takeaways:

· A brief overview of the current cyber threat landscape – why should boards care about cyber security?

· Understanding the cyber security gap that boards today face.

· Getting the board on board with cyber security – strategies for board engagement.

· How to build a cyber resilient organisation and foster a proactive approach to cyber security

* stats from Action Fraud.

Lisa is an award-winning cyber security specialist, writer, and speaker. She is the Founder of Cyber Security Unity, a global community organisation that is dedicated to bringing individuals and organisations together who actively work in cyber security to help combat the growing cyber threat. Lisa is also a mindset and mental health coach and offers help and support to those affected by stress, burnout, bullying/abuse and mental health issues in cyber security and Infosec.

The OSPAs Learn about the OSPAs and how to submit a nomination

The Cyber Outstanding Security Performance Awards (Cyber OSPAs) are different. The overall aim is to recognise and highlight outstanding performance by companies, people, products and initiatives across the cyber security sector globally. However, there is an important additional feature of the Cyber OSPAs in that they have been designed to be ,">span>, and based on #Values">span> of being independent, credible, transparent and respectable. For example, we as organisers do not appoint the judges, they are nominated by our supporting ;">span>; all the judges agree to mark to an ethics policy; the judges mark independently against published criteria; and we have an ethical sponsorship policy. The Cyber OSPAs are based on equivalent awards; the ,">span>, for the physical and corporate security sector, and the ,">span>, both of which are renowned in their fields.

If you are a cyber association and want to be involved please do ,">span>, likewise if you are interested in sponsorship. And please sign up here for subscribe?u=d9da6eb428e0edd7758cd0f74&id=791f7e5280,">span>, and follow us on Social Media to be kept updated on our progress.

Recognising outstanding performers is important. Understanding who they are can serve as examples others can emulate and inspire excellence across the sector. Cyber security is not a ’nice to have’, it is a fundamental need and doing it well has never been so important.

So you think you know where your egress points are? Keith Hayes

Keith will talk about some of his cyber- frustrations over the years, and how OSINT techniques have helped with them. As we navigate an increasingly complex cyber landscape, OSINT is emerging as a powerful tool in the Cyber defenders toolbox.

Somewhat refreshingly for an, ahem, “seasoned’ cyber professional,” Keith has found

that good old instinct and experience are critical to extracting the correct conclusions

from all of the increasingly sophisticated collation and analysis tools out there, and he will share some real-world experience.

By integrating OSINT into your proactive cybersecurity toolkit,

you can gain a 3D (and sometimes x-ray vision!) view of your organisations digital

presence, using it’s ability to transform raw data into actionable intelligence to fortify

defences against even the most sophisticated bad actors.

Keith has over 25 years experience delivering information security, risk and compliance governance services - not only through the consultancy floors of blue-chip companies such as Siemens and IBM, but also as an end-user CISO for many major enterprise brands. Having recently visited the national museum of computing (and been graphically reminded just old his IT whiskers are), he is nevertheless going to prove you can teach an old dog new tricks. Recently a chance encounter with an inspiring OSINT trainer led Keith to realise how useful it is to have OSINT techniques in your toolbox.