8.30 – 9.00 Registration Opens
9.00 - 9.15 Chairman’s welcome and opening comments: Professor Fred Pipe, University of London
9.15 – 9.45 Data breaches: Chris Potter, a partner at PricewaterhouseCoopers (PwC)
Until recently, the security policy of most financial institutions was mostly about keeping threats out, but increasingly
organisations are becoming more and more concerned about adequately protecting the internal customer data that they store.
The trend has been reinforced by the recent spate of data breaches at HSBC, Norwich Union and Skipton, amongst others, which
has focused public attention upon this issue. Chris will provide us with the latest figures and ideas from the ISBS 2008 survey.
9.45 – 10.15 Computer forensics: Adrian Culley, Head of Computer Forensics, Tenon Group
The ex-Scotland Yard detective and former head of PwC’s regional forensics team, who has undertaken projects with RBS and
other financial institutions, will talk about the importance of computer forensics in the fight against cyber-crime. He will illustrate
how to capture and analyse data on computers in cases of suspected fraud and identity theft and how it can be used to support
litigation or enhance business practice across an enterprise. Adrian will also highlight the importance of studying email records
and behavioural patterns.
10.15 – 10.45 Hardening the financial organisation: Maitland Hyslop, COO, Onyx Group
This presentation will seek to identify the major security risks facing financial institutions today, such as hacking and data loss,
and what can be done to protect organisations and strengthen procedures and practices.
10.45 – 11.15 Morning coffee
11.15 – 11.45 Policy and regulation: Dr John Meakin,Group Head of Information Security, Standard Chartered Bank
John has lead security teams at Reuters, RBS, Swiss Bank and Dresdner, before settling into his present role at Standard
Chartered Bank. He will bring that wealth of experience to bear in discussing the role of policy and regulation in the security space,
touching particularly on the importance of establishing clear procedures and how best to integrate regulatory requirements into
an overall policy. Practical examples from a financial institution will be included. John will also review the recent spate of data
loss events and how the reaction of the public and politicians to these events will shape the future regulatory environment.
11.45 – 12.15 Enterprise Data Protection - A platform approach: Phil Cracknell, PGP/Lumension
Failure to protect customer data and proprietary business information can lead to serious consequences. This session will address the
current problems faced by banks and financial institutions in particular, when it comes to securing sensitive corporate data. The
quantified implications of the cost of a data breach in the UK and US, has meant that financial organisations are looking closely at which
trends and strategies are emerging to defeat these threats. Participants will learn about the emergence of a platform approach to
encryption and endpoint security as part of an 'end to end' Enterprise Data Protection Strategy..
12.15 – 12.45 Creating clean, protected and resilient Email: Ian Moyse, Director, Webroot
Email continues to be a critical business application for financial institutions and its resilience and protection is a high priority for
everyone. This session will look at how to ensure appropriate access and control mechanisms and reference regulatory demands,
such as the FSA’s proposed rule that, from March 2009, firms will have to record all electronic communications relating to client orders,
and the conclusion of transactions, in the equity, bond and derivatives markets.
12.45 – 1.45 Lunch
1.45 – 2.15 New threats: David Alexander of the Institute of Information Security Professionals (iisp)
Social networking websites and Instant Messaging (IM) have changed the way that people interact and opened up new business
opportunities and work practices, but many security professionals are worried that people are giving away information about themselves
too freely and that important organisational data is leaking out too. This session will look at what companies can do to protect
themselves and their customers from these new threats.
2.15 – 2.45 The insider threat: Greg Stevens, Barclays Bank
What the best IT system in the world will not protect you against! A session that helps you understand that IT security, while vital,
can only work as part of a holistic system, and that in the words of Douglas Adams, people really are a problem. Greg will talk
about the insider threat with reference to famous cases where employees’ actions adversely affected the operations and
reputations of famous institutions, such as SocGen, Barings, Allied Irish and Sumitomo.
2.45 – 3.15 Ethical hacking: Paul Vlissidis, Head of Technical Research and Development, NCC Group
If you have ever wondered how your systems could be hacked, this is the session to attend. An experienced ethical hacker will
explain how every system has its vulnerabilities, and what can be done to improve an organisation’s security.
3.15 – 3.30 Conference summary followed by a drinks reception
Book Now
top 