BSides Scotland 2019 Sponsors
A huge thanks to all our commercial sponsors who make this event possible - venues and catering are not cheap! Please visit our sponsors online, and in person at the event.
Platinum Sponsors:
Context is a leading cyber security consultancy with a comprehensive portfolio of advisory and advanced technical services, from network security monitoring, penetration testing and red teaming to rapid incident response and intrusion analysis, training and technical security research. Context is focused on helping clients avoid potential breaches and to deter, detect and respond to the most sophisticated cyber-attacks.
Established in 1998, Context is certified by CESG and CPNI for the Cyber Incident Response scheme and helped to establish the not-for-profit industry body CREST and its associated standards and accreditations.
Context’s client base includes some of the world’s leading blue chip companies, alongside public sector and government organisations, for technical assurance, incident response and investigation services. An exceptional level of technical expertise and detailed methodology underpin all Context services and help clients to attain a deeper understanding of security vulnerabilities, threats and incidents. With offices in the UK, Australia, USA and Germany, Context is ideally placed to work with clients worldwide.
JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.5 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small businesses, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of customers in the United States and many of the world’s most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands.
The world of cybersecurity involves adapting to a constantly changing world. JP Morgan Chase & Co invests $10.8B+ annually in technology and employs 50k+ technologists who innovate in how the firm builds initiatives like big data, machine learning, mobile/cloud development and cybersecurity
In Glasgow, J.P. Morgan Chase & Co. has established a strong technical hub and has been constantly investing in Scotland. In 2018, we hired 322 external individuals into our Scottish technical center, which is a 50% increase on external hiring volume compared to 2017. We have a laser focus on diversity in Glasgow through a combination of factors – junior talent including graduate apprenticeships and a partnership with CodeClan. We also have had successes with our re-entry program, closely working with local vendors and a dedicated resource in our recruitment team that is geared towards both events and diversity. One of our recruitment team won “Gender Aware Recruiter of the Year” award at last year’s SWIT awards. This has improved our diverse hiring volume by 85% in 2018 compared to 2017.
Investing in the advancement of women is a key focus for JPMorgan Chase & Co. That’s why we’re expanding our efforts on behalf of women inside and outside of the firm with Women on the Move. This is a global, firm-wide initiative that empowers female employees, clients, and consumers to build their careers, grow their businesses, and improve their financial health. Women on the Move is led by Samantha Saperstein and backed by the firm’s leadership team and Operating Committee – half of whom are women.
Gold Sponsors:
Pen Test Partners is a partnership of high-end consultants, cherry picked for their wealth of knowledge.
Pen Test Partners LLP is focused on delivering innovative and meaningful penetration testing. It’s a simple mandate, and one that we have built our business and reputation with.
PwC provide a comprehensive range of cyber security and data privacy services to help organisations assess, build and manage cyber security capabilities and respond to incidents. Our services are designed to help build confidence, understand and react to threats and vulnerabilities, protect what's important and secure Cyber Security environments. We advise senior management and Boards on shaping a strategic response to risk as well as providing detailed technical analysis. We help our clients address the legal issues around breaches and data privacy, and build a culture and environment where people understand how to behave securely and do the right thing. We help to manage risks and build confidence in a digital future.
Since 2014 we have invested heavily to created build an experienced team in Scotland, which can deliver the full range of services which we offer our clients and ranges from Graduates through to a dedicated Cyber Security Partner. We have worked with clients of all sizes and across all major industry sectors in Scotland, and have significant experience of support the Scottish Public Sector in assessing and improving their cyber security posture. We are currently building our pen testing team and have a number of open roles, please see https://www.pwc.co.uk/careers/experienced-jobs/job-search.html to apply.
Silver Sponsors:
Tenable®, Inc. is the Cyber Exposure company. Over 27,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies.
Learn more at tenable.com
Community Sponsors:
In addition to the essential funding our commercial sponsors provide, the community helps immeasurably in other ways, providing hardware, merchandise, information, speakers, communication, and sometimes just moral support! Thanks to the infosec, risk, assurance and audit community in Scotland in general, as well as the following specific community sponsors.
Car Hacking Village , Ian Tabor - mintynet.com and Bugcrowd
The primary goal of the Car Hacking Village is to build a community around discovering weaknesses and exposing vulnerabilities that could significantly impact the safety and security of all drivers and passengers on the road today. Educating security researchers on the functionality of vehicle systems coupled with providing them with the opportunity to gain hands-on experience working side by side with experts in this field is a plus for the attendees. Leveraging the vast amount of experience the security research community brings to the Village may increase the safety and security of vehicles on the road today and for generations to come.
Car Hacking Village plays an important role for researchers interested in the safety and security of the more than one billion vehicles on the road worldwide.
There will be two talks, Ian at 10am and Will at 11. And as you may have seen, the BSides Edinburgh badges this year become useful nano-canbus boards with the addition of about £5 worth of components. Ian will be selling them 1st come 1st served on the day. Check out his github repo for code.
Are you looking to help develop the future of cybersecurity graduate talent? Come talk to us about the potential to support our upcoming University CTF League.
This is a group for Cybersecurity & Information Security professionals in Scotland
All levels of experience are welcome; from those aspiring to enter the industry through to security experts. The purpose of the group is to provide regular, informal meetups where individuals can gather together to network with one another, as well as discuss the latest industry trends and hot topics within the cyber and information security sector.
We’re currently right at the start of our journey to become a community focused organisation and would value any relevant input or feedback, so please reach out.
Cyber Scotland Week, a joint initiative between the Scottish Government and ScotlandIS, will take place between 22nd April - 28th April 2019.
A first of its kind for cyber in Scotland, Cyber Scotland Week draws together events across the country to showcase the innovation taking place in the sector, while raising awareness of good cyber resilience practice and promoting a career within the industry. The Week will bring together influencers, experts and the next generation of talent to explore and learn about the potential rewards and challenges in this fast-changing threat landscape.
DIGIT (formerly Scot-Tech Engagement) is Scotland’s leading technology media & events company, dedicated to providing tech news, views, opinion for IT & Digital users & consumers We have developed partnerships spanning: industry, academia, government, membership groups, regulatory bodies and innovation centres. This ensures that our news and events are not restricted by the interests of a single perspective but instead reflect a balanced consensus, covering the core issues that are most relevant to the audience. Founded in October 2013, DIGIT.FYI and its network of events now reach nearly 20,000 business & technology users per week. DIGIT hosts major conferences and events in Scotland, including Oil & Gas ICT Leader, Scot-Cloud, Scot-Secure, IoT Scotland, Big Data Scotland, FinTech and, in 2018 the Digit Expo, all serving as community platforms for business user collaboration and networking.
Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with thousands of people in the security field.
For Individuals: A massive playground for you to learn and improve your pen-testing skills.
For Companies: Hack The Box provides a wealth of information and experience for your security team. Train your employees or find new talent among some of the world's top security experts using our recruitment system.
For Universities: Universities from all over the globe are welcome to enroll for free and start competing against other universities. We also offer discounts to educational institutions for many of our services.
The Institute of Information Security Professionals (IISP) is a not-for-profit membership organisation, dedicated to raising the standard of professionalism in information security. The IISP does this through accrediting skills and competence, by sharing best practice and by providing a network of support and guidance on individual skill development. It speaks with an authoritative voice and its competency based memberships are widely recognised in the information security industry.
Working closely with the Information Security community, the IISP represents over 8,000 individuals across private and government sectors and has over fifty Corporate Member Organisations and twenty-two Academic Partners.
At the heart of the Institute is the IISP Skills Framework©2018 which is widely accepted as the de facto standard for measuring competency of Information Security Professionals. NCSC, a part of GCHQ have taken this framework to underpin a range of certification schemes including the Certified Cyber Professional (CCP), for which the IISP is the leading certifying body and to develop syllabuses for Masters Degrees. The skills framework is used extensively by our corporate members to benchmark and develop capability of their employees it has also been adopted by e-Skills UK to develop a National Occupational Standard for Information Security. The IISP also accredits training courses offered by commercial training providers against the Institute's Skills Framework. This enables attendees to build knowledge in areas of the skills framework where they might have gaps and to gain hands-on experience.
More information about the IISP and its work can be found at www.iisp.org
The ISACA® Scottish chapter was formed in March 2002 to provide ISACA® members living and/or working in Scotland with the opportunity to network with fellow professionals. We also provide training and professional development opportunities in Scotland. Membership now stands at over 400 members. Our members come from both the public and private sectors, and include professionals and practitioners at all levels in Audit (both IT and business), Information Security, Risk and Compliance, IT Governance and IT.
Founded in 1989, the Information Security Forum (ISF) is an independent, not-for-profit organisation with a Membership comprising many of the world’s leading organisations featured on the Fortune 500 and Forbes 2000 lists. We are dedicated to investigating, clarifying and resolving key issues in information security and risk management, by developing best practice methodologies, processes and solutions that meet the business needs of our Members.
The ISF provides Members with a trusted and confidential environment within which their in-depth knowledge and practical experience can be shared. This approach enables the ISF to harness the collective insights and knowledge of its Members to deliver leading-edge solutions that are comprehensive, pragmatic and effective. By working together, Members avoid the major expenditure required to reach the same goals on their own.
ISF Consultancy Services further provide independent and objective guidance, support and training. They can better support global business leaders and information security professionals to build and embed cyber resilience in their organisational structure, planning processes, information risk management and information security initiatives.
The Open University (OU) was established 50 years ago with a clear purpose: to open up education to all. The OU has taught over two million students in 157 countries and is one of the largest providers of higher education in Europe. Currently, over 174,000 people are studying with the OU.
The OU has led the way in innovative, part-time distance learning education solutions for employers across multiple sectors. The University’s blended learning makes it the partner of choice for many employers in the UK and overseas, with 78 of FTSE 100 companies sponsoring their staff with the OU.
The OU has a strong pedigree in working with employers to facilitate innovative, integrated work-based learning. OU digital Graduate Apprenticeships in Scotland utilise the latest online learning technology to provide flexible, scalable programmes for new and existing staff. Graduate Apprenticeships on offer include both a BSc and MSc in Cyber Security and places are fully funded by Skills Development Scotland.
Whether you are looking for short courses, a traditional degree or Graduate Apprenticeship to develop your cyber skills, the OU can help.
Come and chat to us at today’s conference or contact us
White Hat Rally - Car Trek
A fun science fiction themed driving challenge through North-Western France, sees the InfoSec community again raising funds to support Barnardo’s work with vulnerable children. Join us 12-15 September 2019, sponsor the rally, or make a donation. No special vehicle or advanced driving skills required, just a sense of humour and an adventurous spirit to endure the weekend and enjoy the fun!
Hostile agents may not only look for short term gain, but undertake long term activities, infiltrating business systems and waiting; positioning themselves for maximum exploitation at a later date.
Being aware, prepared, responsive and staying ahead of the game is key to building digital resilience. This is where Xcina comes in.
Our services include assessing and analysing existing systems, processes, operations and the way you do things to determine the appropriate level of protection and compliance you need.