Stream B - Networking roundtable discussions

This roundtable discussion session will be an opportunity for attendees to hear from and share insights with their peers from across the public sector – in a private, Chatham House rules environment. Spaces are limited to no more than 10 participants per table, so register your interest if you would like to secure your place to join the conversation. There will be a choice of two roundtable topics (with 10 spaces per table):

1. Learning from attacks: is the public sector doing enough to share information? Cyber incidents are an inevitability; organisations across the breadth of the public sector are targeted by attackers every day – to say nothing of the perennial risks of human error and insider threats. But all this is often kept behind closed doors, severe limiting the opportunity for the sharing of intelligence and the chance to gain insights from the experiences of others. This discussion will allow cyber leaders to explore: · The extent to which threat intelligence and insights gained from attacks is currently shared · How policies to information exchange differ between organisations · Barriers that prevent information-sharing and the potential impact of overcoming these · What frameworks and measures could support a more open cyber culture

Hosted by Sam Trendall, Editor, PublicTechnology

2. Will employees ever see cyber training as more than a tick-box exercise? It is a truth universally acknowledged that an organisation’s biggest attack surface is its people. Consequently, many cyber leaders now dedicate a significant part of their focus to human-layer security initiatives that seek to empower employees to engage with and embrace their data-protection and security responsibilities. But, whatever the best effort and intentions of cyber professionals, do their co-workers across the broader organisation actually see security training exercises as more than an inconvenience? This discussion will allow cyber leaders to explore: · Organisations’ current training and awareness programmes – and their effectiveness · How to measure and understand impact · Lessons learned as to what works – and what doesn’t? · How to handle employees that simply won’t engage

Hosted by Dan Patefield, Head of Programme, Cyber and National Security, techUK