SANS CyberThreat: An Inside Track on Europe's Premier Cyber Security Conference

SANS CyberThreat: An Inside Track on Europe's Premier Cyber Security Conference

In January the eyes of the global cyber security community will turn to London as the CyberThreat conference gets under way. First launched in 2018, the event is a highlight in the cybersecurity calendar and a must-attend for cyber security intelligence professionals. Nowhere else can attendees get such a breadth and depth of insight and experience on the cyber security trends sweeping the world – whether that's from the teams at NCSCENISA, the Bank of England or one of the many individual security experts gracing the agenda.

As ThreatQuotient prepares to support the event as platinum sponsor, we caught up with Ollie Stebbings, Head of Summits and Events at organisers SANS Institute to get the inside track on why CyberThreat is such a unique event, and what we can look forward to this year.

What makes CyberThreat so valuable for the cyber security community?

CyberThreat was conceived in partnership with co-hosts NCSC to meet the need for an event with a strong technical focus that enables practitioners to build effective cyber threat intelligence capabilities. As Ollie explains: "Back in 2018 there was a real gap in having a truly technical conference for practitioners who really are on the front-line defending networks. Since then, CyberThreat aims to equip worldwide practitioners with the skills and knowledge required to defend against cyber threats and also addresses the cyber skills gap, by developing and growing talent."

This technical focus, with the opportunity to share advanced techniques and real-world case studies, is a key reason why ThreatQuotient is supporting the event as platinum sponsor, as Leon Ward, Vice President of Product Management explains: "There is a great energy around CyberThreat and attendees are keen to learn and share their experiences to develop stronger skills. In doing so, they boost the strength of cyber defence within the community as a whole, which can only be a good thing. Plus, there is the chance for delegates to get hands-on and test their expertise against some of the latest devices and products."

The Capture the Flag (CTF) events, team problem solving, hackable badge, and "Hackathon" challenges all add to the lively atmosphere, says Ollie: "The unique CTF competition provides an intense and entertaining experience and the high-quality networking opportunities ensure attendees thoroughly enjoy this event." There are also opportunities to relax in the retro and modern gaming area, while organisers haven't overlooked the importance of encouraging the next generation of cyber professionals. Schools are invited to tour CyberThreat so students will be inspired to join the community.

Ensuring the agenda is on point

The team at SANS works tirelessly to ensure that the agenda reflects the real and current challenges facing attendees, selecting case studies and real-life stories with the support of its advisory board. Such is the calibre of the event that it can call on world-renowned security experts alongside rising stars to share their experience.

Leon Ward says: "The beauty of the event is its immediate relevance. It brings home the fact that cyber security is facing big challenges, but that we have some of the best minds and a powerful community that we can bring to the table to address them."

CyberThreat also draws on the power of competition to get attendees thinking creatively about how to solve threat-related problems: "The challenges for the CTF and Hackathon are adapted to the most recent threats and techniques and differ every year to keep the audience engaged from the run-up to the event, all the way up until the last day of the event when our winners are announced," says Ollie.

This year's agenda includes presentations from CERT-UA, who will be giving an overview of the current attacks on Ukrainian infrastructure in 2022 and incident responses carried out. In addition, leading expert Katie Nickels will be giving her perspective on "The Clustering Conundrum: A Behind-The-Scenes Look at Creating Threat Groups".

Each session is designed to offer delegates immediate value with learnings they can put into action as soon as they get back to the office.

Events like CyberThreat are more important than ever

As cyber attacks continue to escalate and the prevailing geopolitical situation remains tense, it is essential that the cyber security community unites to share information and identify the best ways to combat sophisticated threats. Here, events like CyberThreat play an important role.

Ollie explains: "Experience is key to expanding your knowledge of cyber security skills and disciplines so attending events like CyberThreat will give you a new insight into the types of attacks, the systems under attack, the methods used and the adversaries you're likely to come across. Gaining insight from others and sharing your own experiences makes us stronger from a defensive point of view and provides us increased skills to improve our own infrastructures against modern cyber attacks."

Leon agrees: "We need to be collaborating at least as often and as effectively as our adversaries so we can mount better, more informed defence and really leverage the intelligence residing in our networks – both human and digital."

Today's top-of-mind challenges

As delegates gather, they will have some common concerns in mind, many of which are related to the big accelerations in tech adoption over the past few years, and the technical debt around security this has created. For Ollie, a big theme is public cloud adoption: "One of these big leaps is the increased adoption of public cloud and the risks associated with storing sensitive information on public platforms. Many organisations are now using public cloud infrastructures and without great security architectural oversight this often lends itself to poor visibility due to outdated techniques and the 'Lift and Shift' methodologies. These fallibilities in approach to modern security architecture increase ransomware and data leak events."

CyberThreat has this covered: "Knowing what tools, what security platforms and which vendors to trust is becoming increasingly difficult. CyberThreat puts you in the mix with people who have experienced this first-hand and made decisions to improve their cyber security posture."

ThreatQuotient is looking forward to sharing our own insight, with a session exploring the case for data-driven cybersecurity orchestration and automation based on our recent research into the topic and how it can drive efficiency and productivity.

We are honoured to be the platinum sponsor for this premier event and look forward to soaking up the atmosphere and learning about the challenges and solutions the industry is building to take us into the coming year and beyond.