FILLING THE CYBERSECURITY SKILLS GAP
8.30 – 9.30 Opening Session
- Seán Kyne TD, Minister of State for Digital Development at the Department of Communications, Climate Action and Environment.
- Carmel Somers, IBM, Chair of the Cybersecurity Skills Initiative (CSI)
- Una Fitzpatrick, Director, Technology Ireland
- Paul Healy, CEO, Skillnet Ireland
9.30 – 10.30 Facing the Challenge
Where’s the Risk? Examining the Threat Landscape
Brian Honan, CEO, Irish Reporting & Information Security Service
Brian Honan is recognised as an industry expert on information security providing consulting services to clients in various industry segments. In 2008 he founded the Irish Reporting and Information Security Service (IRISS www.iriss.ie) which is Ireland’s first CERT (Computer Emergency Response Team). He will address the current state of the cybersecurity threat for industry and suggest ways in which a broad based skills initiative can help in reducing the impact of cyber crime.
Criminals Follow the Opportunities – Big or Small
Detective Supt Michael P Gubbins, Head of the Garda National Cyber Crime Bureau
Detective Superintendent Gubbins estimates that less than 5 per cent of cyber crime is reported in Ireland. “Ransomware is rampant but people don’t report cyber attacks,” he says. With one third of Irish and Northern Irish businesses suffering a data security breach in 2017 the threat to every business is significant and immediate.
10.30 – 11.30 Creative Ways To Fill The Skills Gap
Build from the Inside Out
James B Alvilhiera, World Wide Sales Leader & Cyber Security Expert, IBM Watson Talent
Rather than trying to fill vacancies with new hires solving cybersecurity talent shortages with internal mobility is seen as a more viable option with better long-term returns. People from non-technical and non-cybersecurity backgrounds could bring new perspectives to what is as much a people problem as a computer one. Bringing people with broad business backgrounds into the security team strengthens team performance. The concept of lateral mobility is being replaced by the concept of career constellation based on experience, exposure, education and environment. Jim Alvilhiera is a thought leader in this space and will highlight successful examples of how this new concept is working in practice.
Challenges for Higher Education in delivering on the cybersecurity skills agenda
Dr Anthony Keane, Head of School Informatics and Computing, IT Blanchardstown
Higher Education Institutions face many challenges in keeping pace with the rapidly changing technology-dependent industries. This talk will focus on the Cyber Security industry and show how many HEIs are adapting in this area to address the needs of businesses for a skilled graduate workforce.
Using the Power of e-learning
Pluralsight is one of the world’s leading online technology learning providers which has recently opened its EMEA HQ in Dublin. It has developed a broad based and comprehensive series of online courses in cybersecurity ranging from security awareness to security basics right though threats, cloud security, and all the way to a deep dive into topics such as: penetration testing, digital forensics, secure by design, security auditing, ethical hacking and more—all authored by security experts like Troy Hunt, Dale Meredith, Jason Helmick, Dr. Jared DeMott and others.
11.30 – 12.00 Coffee Break
A chance to grab a coffee and network with your peers
12.00 – 1.00 Panel Discussion – AI is the future of cybersecurity for better or worse!
AI is being used to defend and attack cyber infrastructure. It offers the criminal scalability – the number of ways hackers can get into a system. But it also offers ways to defend against attack that are faster, smarter and better than humans. It’s important for business leaders to understand how the future with AI will dramatically change what we focus on and how we manage cybersecurity.
Panel Moderator: Paul Hearns, Editor TechPro
Panel Members: Robert McArdle (Trendmicro) Padraig O’Brien (Vectra) and (Integrity 360)
Running concurrently with the conference are three workshop sessions as follows:
Workshop A Cybersecurity Primer for CEO’s – what to know so you know what to do
Companies are either too confident or underprepared to deal with security breaches and cyber attacks – and these can cause enormous damage. One third of Irish and Northern Irish businesses suffered a data security breach last year, causing damage to their businesses.
An overwhelming majority (93%) of companies believe the complexity of threats they will face over the next 12 months will increase and nearly half (46%) admit they will either struggle to deal with this or that threat defence will be impossible.
Irish companies mirror the global picture reporting a surge in requirements for enhanced cybersecurity due to increased regulation on data privacy (GDPR) cited by 73% of respondents to a Deloitte study, more sophisticated scamming and phishing (59%), and growth in identify theft (53%).
This workshop will explore –
- Why cybersecurity is a business issue not just an IT issue
- Necessity of investing in security awareness training
- What cybersecurity technologies to deploy
- Cost-benefit analysis of investing in cybersecurity prevention measures
- Outsource or build in-house capability
- Encouraging vulnerability reporting by staff at every level
- How to manage recovery after an attack and adapt future processes
- Risk of being too slow to detect and respond
Target Group: C-level executives, managers, and owners and managers of small and medium companies. Any sector – any size.
Workshop B Risk Assessment for Companies
Understand, list, assess, grade and plan how to fix cybersecurity vulnerabilities
Most computer defences are so weak and poorly managed that they can be relatively easily breached. But if individuals and organisations took some simple steps, they could quickly and dramatically reduce the impact of cyber crime. The problem for most companies is the absence of rent accurate and meaningful data to make good decisions. Because of this some organisations may be applying resources in the wrong places to defend against the wrong threats. Without an analysis of how well the organisation is geared to defend against breaches we cannot implement remedial actions or make good management and investment decisions.
This workshop will explore these issues and use a structured tool to enable participants make an initial assessment of their cybersecurity preparedness. This is a tailored example that gives a flavour of what is involved in risk assessment. It will examine areas as complex as cloud security and business continuity management after a breach, down to issues like Passwords, Patching: Phishing, Protecting against Ransomware and Malware, Device Configuration, Backups and having an effective Business Continuity Plan.
The aim is to help participants identify any weakness in your defensive strategy and operational procedures and maximise the chances of effective recovery from a disaster.
Target group: C-level executives, managers, owner-managers, practitioners and technical staff with ICT responsibilities. Any sector – Any Size.
Workshop C Capture the Flag (Become a cyber hacker for the day!)
Teams of 4 ‘greenhorns’ (non-cybersecurity specialists) from different companies competing to defend against cyber attacks in real time.
This session running continuously over three hours (with unlimited coffee!) in the main Conference Hall will introduce complete beginners to cyber hacking. They will learn how to hack a website, break into servers and steal computer files. Capture the Flag is a fun and safe environment to learn what hackers do and the tools they use. It will also demonstrate how vulnerable computer technology is and help participants to become more aware and skilled at securing and defending against attacks.
Participants will be formed into teams of 4 which are posed a series of problems that increase in difficulty. Teams attempt to earn the most points, but do not directly attack each other. Rather than a race, this style of game play encourages taking time to approach challenges and prioritise the quantity of correct submissions.
Target Group: The workshop is aimed at non-security technicians. A company may send their own team of 4 participants. If you have less than four then your participant(s) will be teamed up with participants from other companies. No cybersecurity skills are required – in fact we really do want ‘greenhorns’ with no prior cybersecurity skill, so anyone with basic computing knowledge (how to surf and search, etc) and who enjoys solving puzzles will be welcome. All that is required is to bring your own laptop. You must pre-register and you will then be given some online examples to look at before you come. The top 3 teams will be awarded prizes.