S4S Club

I've been in London to meet up with fellow cybersecurity professionals this week, and what a week it has been! On Tuesday I attended an event hosted by S4S Club that gathered about 200 security professionals primarily from UK and Ireland (with the occasional visiting Scandinavian). The opening keynote from former GCHQ executive Ciaran Martin discussed both geopolitical tension and looming threats of more sophisticated supply chain attacks. Little did we know at the time how relevant his musings was, as later in the same day(!) pagers, walkie-talkies and radios started blowing up in Lebanon. Hybrid warfare isn't new to us anymore but this operation certainly took things to the next level. Throughout the day we touched upon many different topics but there were especially two that got through to me this time: ✔ Effective use of threat intelligence as integral part of designing and implementing security controls. Palo Alto Networks Unit 42 had an interesting approach to this on how to build "Sustainable Cyber Resilience". ✔ Quantification of cyber risks to get a better idea of where to spend your money to get the best return on investment. Working in security for more than 20 years I will be the first one to admit we have an opportunity to improve in this area, and I got a few ideas through two very interesting presentations from Qualys and Verizon on this topic. Huge thanks to Mark Walmsley and the rest of the team at S4S Club for running the community and putting together the conference. Meeting up and sharing information like this is so important and makes us all better and more resilient. Looking forward to the next one! #community #resilience #security

It was an honor to speak to cybersecurity leaders at the S4S Club event in London, UK, earlier this week on “Protecting your critical assets: How to best spend your money by managing ‘actual’ risks.” Special thanks to Justin Shaw-Gray for MCing what turned out to be a very interactive conversation with industry leaders. Some key areas we touched on during the conversation: (1)  Many organizations are asking the question “Are we doing enough?”, yet the question we should be asking is “Are we doing enough of the right things to move the dial?” – More often than not, organizations are unable to confidently answer that question. (2)  Organizations are faced with three key challenges when dealing with managing cyber risk: (a) Scalability of Approaches (b) Effectively Communicating on Cyber Risk, and (c) Data-Confidence. Another obvious challenge is budgets of course. (3)  Organizations need to shift their approach to Cyber Risk Management. We need to move to (a) People, Process, Technology approach (b) Persona-based Communication Strategies, and (c) Evidence-based, programmatic approach. (4)  Cyber Risk Quantification is not a destination, but rather a journey. The key is to improve data-confidence, apply a programmatic approach, and communicate effectively such that key business decision makers can make informed cyber risk decisions. Leveraging nearly two decades of cybersecurity thought-leadership through Verizon’s Data Breach Investigations Report insights as well as nearly three decades of Verizon Cyber Risk Programs offerings, Verizon Business is uniquely positioned to help organizations bridge the data gap in intelligence needed to make informed cyber investment decisions. More information on Verizon’s Cyber Risk Programs and Cyber Risk Quantification offerings can be found here: https://vzbiz.biz/3z7roH8 Chris Novak Ashish Khanna Mike K. Sam Junkin Alistair Neil Ray Ottey Stuart Whitehouse CMgr MCMI Andrew Roth Anastasia Hansen #cyberrisk #cybersecurity #cyberriskquantification #crq #s4sclub #s4s #verizon #security #grc #riskmanagement

We want to extend our heartfelt thanks to everyone who made yesterday’s event such a great success. Your continued support makes all the difference! A special shout-out to those who went the extra mile (literally) to attend despite the challenges—whether it was the fire that closed London Bridge or the transport disruptions on various other lines. Your dedication to being there truly speaks volumes about the value this event brings. We’re incredibly grateful to each and every one of you who made it. Once again, the feedback has been overwhelmingly positive. The day was filled with thought leadership, new connections, and a shared sense of collaboration. It’s clear we are all in this together. We are proud to say that this is what it set out to be, a disruptive security event where partners and delegates meet as equals. It’s incredibly humbling to hear that for many of you, this is the only event you attend. We truly appreciate your loyalty and commitment to building something different and special with us. We will take the rest of this week to reflect on all the feedback before beginning to plan the next Club X event. Stay tuned for more details! #S4SClub #Collaboration #Equals #CyberSecurity #Networking #Innovation #StrategyBuilding #Connections #Securty4Security

I had the joy of attending two events yesterday. S4S Club and ISC2 London Chapter. Huge thanks to Monzo Bank for hosting the ISC2 London Chapter. Conference season is truly upon us but more importantly both events were incrediblely informative. Some great speakers and some really great insights. Sorry Ciaran Martin for scaring you before you did the keynote at S4S Club but you did a fantastic job. Great to see Ritesh Patel, Deborah Saffer, Craig Goodwin, Craig H., ☁️ Francesco ☁️ Cipollone, Lee Whatford, Regina B., .Baldev Dhillon., Ian D, Liz Banbury, CISSP to name a few. Apologies for all the other names and tags that I might have missed.

Busy room for Michael McPherson yesterday! Good conversation about the need to be proactive in acting against threat actors. Thanks for having us S4S Club, looking forward to the next one!

Yesterday Harry Potter Katie Maxted and Toby Butler represented at the S4S Club event in London. Thank you to Mark Walmsley, Lisa Hughes and the whole organisers for welcoming us into a great community.

Transform compliance into a business driver! 🚀 Join us at #S4S2024 in London on Sept 17 for a strategic discussion with Tim Grieveson, Bitsight’s Senior VP and Global Cyber Risk Advisor, and Tom Ascroft, Global Chief Information Security Officer at Unit4 Discover how to align cybersecurity with business outcomes. Save your spot today: https://ow.ly/5SEy30sGuxS #S4S2024 #NIS2 #PS21 #Bitsight

Very much looking forward to attending S4S Club on Tuesday with Trend Micro. Connections, will be a great opportunity to catch up! And...most importantly, prospective customers, come and see us and our speakers with Lewis Duke and one of our trusted customers Rob Rice as he shares best practices, lessons learned in risk management, and tips for communicating risk to the board. We listen to our customers, and what they say and what they do matter. I personally love hearing customer success stories and the knowledge that has been gained along the way! Let's drive some new partnerships, whereby we work with a strategic approach to cybersecurity, empower security operations and ensure the right balance is made with proactive protection and alignment with business objectives! 16:15-16:45 SLOT Trend Micro I Optimising Security Strategies with Threat Intelligence and Risk Insights #infosec #security #cybersecurity #ciso #trendmicro #newbusiness

Tomorrow we'll be at S4S Club in London! Excited for this event, it's different to many other security conferences - it's designed by security professionals for security professionals. No swag, no handouts or gimmicks, it's based on workshops and meaningful conversations where partners and delegates are equal. Still time to come along! If you are there please say hi to the team tomorrow Chris Eves Jelena Begena and our friend Trude Palmer. Big thanks to Mark Walmsley.