Cyber Security 2025 | FutureScot
25 February 2025 | Session One: Building a Cyber Resilient Scotland
8:15 AM – 9:10 AM
Registration & refreshments
9:10 AM – 9:20 AM
Chair’s opening remarks
Alison McLaughlin, (Chair), Digital Transformation Strategist
Alison is a recognised digital leader in Scotland with a wealth of experience of many ground-breaking digital programmes across the public sector. She has worked with many organisations across the Justice sector including Disclosure Scotland, Scottish Prison Service, Scottish Courts and Crown Office. Her experience also includes a 2.5 year secondment as Head of the Digital Transformation Division of the SG Digital Directorate, during which she was involved in the Digital Justice DESC programme.
Alison is a former Chair of ScotlandIS and now works as a digital transformation strategist working with public and private sector to drive digitally enabled change.
9:20 AM – 9:35 AM
Understanding the threat
Key take-aways to support resilience building activity
Senior Representative, National Cyber Security Centre
9:35 AM – 9:50 AM
Improving Scotland’s cyber resilience
Building partnerships and strengthening defences across the public, private and third sectors
Alan Gray, Head of National Cyber Security and Resilience,
Scottish Government
Alan Gray is the Head of National Cyber Security and Resilience for The Scottish Government. A Security leader with over 15 years of experience within government, professional and public sector organisations, Alan has managed a wide range of security activities from strategic capability development to operational response. Previously as Chief Information Security Officer for the Foreign, Commonwealth and Development Office, with responsibility for the cyber security of all core technologies and services both at home and across posts and embassies worldwide, he was also a member of the Government Security Board as representative for the CISO community across government. Drawing on past experience in National Security, academia, central government and the private sector, Alan has joined the Scottish Government to drive the consolidation and expansion of Scotland’s cyber security and cyber resilience activities, and to lead the Scottish Cyber Coordination Centre (SC3).
9:50 AM – 10:05 AM
Responding to a cyberattack
Building back better from a major digital incident
Eddie Hawthorne
Arnold Clark
Eddie joined the Audit department of Arthur Young, Glasgow in 1986 and qualified as a chartered accountant in 1989. In 1990, he joined Arnold Clark Automobiles Limited as Group Financial Controller, and worked closely with Sir Arnold Clark on managing the company’s acquisitions. In 1998 he was promoted to Group Managing Director; since then, he has overseen the national expansion of the Group. In 2015 Eddie received an honorary fellowship of the Institute of the Motor Industry. He became Chief Executive and Group Managing Director of the Group in 2017 and was awarded the Motor Trader Outstanding achievement award in 2020 by motor industry peers.
10:05 AM – 10:15 AM
10:15 AM – 11:00 AM
Five Eyes Panel: Cyber perspectives
Evolving online harms and how to combat them through global and regional partnerships
DCI Andy Maclean
Police Scotland
Detective Chief Inspector Andy Maclean oversees Police Scotland’s Cybercrimes Team and has 23 years police service, predominantly as an investigator. Andy has a background in Major Investigations and Review and as SIO he has overseen complex investigations and directed teams in a number of Policing areas, Serious and Organised crime, Public Protection and Homicide. Overseeing the Cyber Investigations and Digital Forensics has allowed him to break new ground in investigative and support capabilities to increase resilience for policing and communities. “Effective partnerships have been key to success in every investigation and positive outcome I have achieved as an SIO. Three plus years within Cybercrime has afforded me the opportunity to build new relationships and develop Police Scotland’s response to cybercrime which brings unique challenges to policing and industry, we can only achieve success by working together to effectively tackle this ever increasing threat.”
Wanda Mizell
FBI London
Wanda Mizell has been with the FBI since 2004, working multiple programs to include Cyber and Counterterrorism matters. During her time with the FBI, Intel ALAT Mizell helped build the geospatial program in the FBI, worked major cyber threats out of the Atlanta and Washington Field Offices, and was a member of the Evidence Response Team, working several high profile investigations such as Pulse Night Club and the Chattanooga shootings.
In 2016, Intel ALAT Mizell was assigned to Legat Pretoria where she helped build intelligence and investigative collaboration with over 13 African countries. Prior to coming to Legat London, Intel ALAT Mizell was the Supervisory Intelligence Analyst for the FBI’s intelligence personnel throughout Europe and the lead of the global partnership strategy team for the FBI. In 2021, SIA Mizell became the Intel ALAT in the FBI’s Legat office in London, where she focuses on Cyber and Criminal intelligence collaboration between the FBI and international partners.
Colin Paul
Royal Canadian Mounted Police
Colin is Canada’s Cyber Liaison Officer for the United Kingdom. With nearly two decades of service with the Royal Canadian Mounted Police (RCMP), he began his law enforcement career in a small rural town before transitioning to the federal investigations team where he specialized in transnational organized financial and cyber-related crime.
In his current role, Colin collaborates with international partners to identify, dismantle, and prosecute criminals who leverage technology to commit their crimes.
Michael Ford
New Zealand High Commission
Before assuming his current role as Counter Terrorism Liaison Officer, Michael served as Officer in Charge for several high-profile homicide investigations and critical incidents, including shootings and fatal vehicle crashes involving police. His portfolio also includes investigations into alleged criminal conduct by Members of Parliament, as well as fatal maritime and aviation incidents and joint organised crime investigations related to drug importation.
In March 2019, Michael was promoted to Detective Inspector, where he oversaw Major and Organised Crime. During this time, he was appointed Senior Investigating Officer (SIO) responsible for managing the initial investigation following the Linwood Mosque incident during the March 15 terror attack.
Following this experience, he was designated as the Canterbury District National Security Lead, tasked with overseeing the detection, investigation, and prevention of terrorist threats.
Currently, Michael serves as the New Zealand Counter Terrorism Liaison Officer at the New Zealand High Commission in London.
DS Tyson Pickavance
Australian Federal Police
Detective Sergeant Tyson Pickavance began his policing career with the AFP in 2013 as a uniformed officer at Sydney Airport. In 2015 Tyson moved into plain clothes policing, working in and leading investigations across numerous crime types, including organised crime, fraud and money laundering and cybercrime. In 2022, Tyson assumed leadership of the AFP’s ransomware target development and disruption team, which included responsibility for Operation Orcus, a multi-government task force brought together to fight ransomware. He also led the AFP’s involvement in Europol Operation Cronos – the international operation targeting the LockBit ransomware group. In January 2025, Tyson was appointed as the AFP Cybercrime Liaison Officer based in London.
11:00 AM – 11:25 AM
Networking & refreshments
25 February 2025 | Session Two – Cyber Security Masterclasses
11:25 AM – 11:55 AM
Security Operations: Detecting and Defending Against Insider Threats
This session discusses how business leaders and security operations teams can proactively detect and defend against complex insider threats, which pose an often-underestimated risk to organisations. From disgruntled employees to accidental data breaches, insider threats are difficult to detect and can be incredibly damaging. Explore how to proactively identify early warning signs, deploy defence mechanisms, and strengthen your organisation’s security posture from within.
Andrew Sinclair
Brightsolid
Andy Sinclair has over 15 years of experience delivering complex technical solutions, driving innovation and leading successful teams. As CTO of Brightsolid, Andy is responsible for shaping and overseeing the company’s technology and product strategy, developing innovative solutions that address our customers’ diverse and dynamic needs. Andy leads Brightsolid’s team of cloud, cyber security, network and solution engineers, ensuring that the company leverages the latest technological innovations to deliver desirable value to our market.
11:25 AM – 11:55 AM
Transforming NCSC guidance on secure data import and export into action
We all know that data is ‘worth its weight in gold’ when it comes to unlocking critical insights and strategic advantage. But data transfer without cybersecurity creates risk. So where is the happy middle ground? Sam Black, Technical Director of 4Secure, will share experience of working according to NCSC guidance to create secure data transfer that goes beyond zero trust and creates value within the public sector.
Sam Black
4Secure Ltd
Sam Black is a seasoned cybersecurity professional with a specialty in high level network defence, data-centric security and cross-domain solutions. He leads the Engineering and Development teams at 4Secure in delivering secure data transfer solutions that unlock strategic insight and critical advantage.
11:25 AM – 11:55 AM
From Reactive to Resilient: Understanding Your Cyber Posture and Early Detection Capabilities
In an ever-evolving threat landscape, understanding your cyber exposure is critical to building resilience. This masterclass explores how organisations can transition from reactive responses to proactive, comprehensive cyber protection, showcasing the importance of early detection. Gain insights into threat intelligence, and discover strategies to fortify your cyber posture. With real-world examples and actionable takeaways, this session equips you with the tools to identify vulnerabilities, mitigate risks, and enhance overall security to stay one step ahead of cyber adversaries.
Mohammad Waqas
Armis
Mohammad Waqas is the Chief Technology Officer (CTO) for Healthcare at Armis. He is an information security professional with over a decade of experience in the healthcare cybersecurity industry. Currently Mohammad helps healthcare organizations across the globe with medical device security and works on aligning the value of the Armis platform to the specific use cases that exist in healthcare. Mohammad not only looks at the security threats of cyberattacks on healthcare delivery organizations but also has a passion for protecting patient privacy and the implications of the two on clinical risk management.
11:55 AM – 12:05 PM
12:05 PM – 12:35 PM
Protecting the nation today and tomorrow
A panel discussion covering how we secure the nation’s critical infrastructure, The Scottish Wide Area Network and run best in class Security Operations Centres (SOCs). What can we do today to be prepared for local, national and international threats
Hayden Edwards
SWAN Framework at BT Business
Hayden Edwards is the Director of the Scottish Wide Area Network (SWAN) for BT Business, with accountability for all aspects of BT performance including service, delivery, contract performance, service evolution and innovation. Before this, he led Business Development in Scotland for BT, including go to market strategy and leading strategic major business deals, across Health, Government, Emergency services, Local Councils and Universities.
Hayden has been at BT since 2009 and has worked in a variety of roles covering Major Deal Architecture, Programme Delivery, Contract Management, IT transformation and as Chief Technology Officer for Local Government. Having worked in public sector for over 20 years, he has developed significant insight into the challenges of transforming citizen experiences using technology and communication solutions. A creative and innovative thinker, he enjoys bringing practical thinking to customer challenges, and firmly believes in not just doing the same things differently – but doing different things.
Hayden is a Community Councillor for his local Ward in East Lothian, taking a particular interest in digital inclusion and how technology can support education and place based transformation. An undergraduate and recent Masters graduate from the University of Aberdeen Business School, he now lives in Aberlady with his wife and two children. Oustide of work, he is a lifelong rugby fan, having played and refereed at all levels of the game. Any other spare time is spent on his home golf course at Craigielaw.
John McGowan
Palo Alto Networks
Ellie Chambers
BT Business
12:05 PM – 12:35 PM
A Cyber Pro’s Worst Day: Crisis Simulation
Are you ready for a cyber crisis? Do you have the knowledge, skills, and judgement to save the day? Can you prove it? In this intense Immersive Crisis Simulation, you’ll be confronted by a realistic threat scenario ripped from the headlines that will pressure-test your decision-making. At each phase of the attack, your responses will determine whether the crisis grows larger and more destructive or can be effectively resolved for a mock organisation you’re responsible for protecting.
Dave Spencer
Immersive Labs
With a diverse background in physical & cyber security, and attack simulation, Dave brings a unique perspective to product development, combining technical expertise with a deep understanding of customer needs and market dynamics. Dave started his infosec career as a penetration tester and he joined Immersive in 2023 after 18 years tenure at one of the largest pure play cyber security companies in the world where he was the co-founder and global head of attack simulation.
Throughout his career, Dave has been at the forefront of developing innovative methodologies for simulating real-world attacks to identify vulnerabilities in organisations’ security posture. His extensive knowledge allows him to provide comprehensive assessments and recommendations to help organisations protect their critical assets.
12:35 PM – 1:30 PM
25 February 2025 | Session Three – Leadership Streams on Threat Intelligence, Incident Response & Security Operations & Cyber Innovation, Sectoral Resilience and Workforce Skills
1:30 PM – 2:50 PM
Threat Intelligence, Incident Response and Security Operations
Working together to respond to the growing threat of cybercrime
Alison McLaughlin, (Chair), Digital Transformation Strategist
Alison is a recognised digital leader in Scotland with a wealth of experience of many ground-breaking digital programmes across the public sector. She has worked with many organisations across the Justice sector including Disclosure Scotland, Scottish Prison Service, Scottish Courts and Crown Office. Her experience also includes a 2.5 year secondment as Head of the Digital Transformation Division of the SG Digital Directorate, during which she was involved in the Digital Justice DESC programme.
Alison is a former Chair of ScotlandIS and now works as a digital transformation strategist working with public and private sector to drive digitally enabled change.
Keith McDevitt
Scottish Cyber Coordination Centre
Following a 32 year career in policing which included leading cyber investigations in 2013 Keith joined the Scottish Government to support the development of cyber policy and strategy. In November 2015 the Scottish Government launched Safe, Secure, Prosperous a Cyber Strategy for Scotland which was followed in 2021 by The Strategic Framework for a Cyber Resilient Scotland.
Keith was responsible for establishing the Cyber Scotland Partnership a collaborative leadership approach to focus efforts on improving cyber resilience across Scotland. Keith is the Response Lead within the newly formed Scottish Cyber Co-ordination Centre (SC3), a collaborative function supporting combatting the accelerating threat of cyber attack to Scotland.
DI Derek Laird
Police Scotland
Derek has almost 20 years of police service working in a variety of roles from frontline policing in the East-End of Glasgow through to Specialist National Departments. Having a significant amount of service in national intelligence and investigatory roles including online child protection investigations.
Derek currently leads three cybercrime departments including Cyber Investigations for the West of Scotland. With a passion for training, Derek has supported the Scottish Police College to develop better training for police to get the best outcomes for victims of cyber enable and dependant crimes
Scott Barnett, Chief Information Security Officer,
NHS National Services Scotland
From the public to the private sectors and back again, Scott has worked in information and cyber security for over 20 years. Having held CISO positions in the private sector, he joined NHS NSS in 2020 and leads the mission to deliver a world class cyber security operations capability for Scotland’s Health Sector. He is excited by the opportunities that new technologies and ways of working bring to society and an advocate of cohesive security strategies to exploit these opportunities safely.
Lee Rendell
Recorded Future
Lee Rendell is a seasoned CISSP-certified Sales Engineer with over 16 years of experience in the cybersecurity industry. Representing a globally leading vendor in Threat Intelligence, Lee has a proven track record of driving high-value sales engagements and empowering teams to exceed revenue targets. An accomplished public speaker, they have delivered over 150 impactful presentations, including for high-profile organisations such as the European Union and UK law enforcement agencies. Recognised for thought leadership, Lee has also been featured in cybersecurity documentaries, offering insights on critical industry challenges.
1:30 PM – 2:50 PM
Cyber Innovation, Sectoral Resilience and Workforce Skills
Harnessing cutting-edge technologies to improve cybersecurity, strengthening resilience through supply chains and ensuring workforces are equipped with the latest cyber skills
Beverly Bowles
ScotlandIS
As the Head of Cyber for ScotlandIS, Bev’s role involves developing initiatives aimed at fostering growth and innovation, addressing challenges posed by the dynamic cyber threat landscape and cultivating the skills pipeline within Scotland’s cybersecurity industry, playing the role of facilitator between, industry, academia and public sector.
Bev initially joined the ScotlandIS team to lead the IT Managed Service Provider Programme which aimed to create a network within this community that actively shares best practices and lessons learned. The culmination of this effort was the launch of the ScotlandIS ITMSP Best Practice Charter on September 28th, demonstrating a commitment to elevating standards and fortifying cyber resilience throughout the supply chain.
Before her role at ScotlandIS, Bev served as a police officer for 28 years, in front line and community roles. She contributed significantly to the role of the cybercrime harm prevention team and played a crucial part in implementing Police Scotland’s Cyber Strategy through the “Policing in a Digital World” programme. This transition underscores her adaptability and commitment to positioning Scotland at the forefront of global cybersecurity endeavours.
Murat Dilek
Stirling Council
I am passionate about keeping organizations secure in the face of ever-evolving cyber threats. With years of experience in the industry, I have developed a deep understanding of the complex nature of enterprise network and cyber security, and the importance of staying one step ahead of potential risks. As a leader, I believe in fostering a collaborative and supportive environment for my team, where open communication, creativity, and innovation are encouraged. I prioritize the ongoing professional development of my team members and empower them to take ownership of their work, while providing guidance and support as needed. In my role, I am committed to working closely with stakeholders across the organization to ensure that security policies and procedures are aligned with business goals and objectives. I understand the critical role that security plays in enabling business success, and I am dedicated to delivering solutions that meet both security and operational requirements.
Katie O’Neill
Cyber and Fraud Centre Scotland
Cyber Innovation & Skills Leadership: Educating, Empowering, and Strengthening Organisational Cyber Resilience
Katie O’Neill has recently been appointed as Head of Skills Academy at the Cyber and Fraud Centre – Scotland as part of the organisation’s efforts to further develop on and offline resilience training for organisations of all sizes. Katie has extensive experience in cybercrime training and educational strategy, having worked with Police Scotland for 17 years, delivering advanced training programmes to equip law enforcement personnel with the critical skills required to investigate cybercrime, analyse digital evidence, and address emerging cyber threats. The Cyber Skills Academy is a dedicated resource within The Cyber Fraud Centre Scotland, designed to strengthen cyber resilience across all levels of workforce. Offering a range of educational and skills-based sessions, the Academy provides practical and strategic insights into managing cyber threats and fraud.
Justin Kuruvilla
Risk Ledger
Justin joins Risk Ledger after a career supporting the US Government in cyber security. He worked as a technical director for cyber security operations at the US Department of Defense (DoD), which included a secondment to the UK National Cyber Security Centre. Most recently, he advised senior executives of top global corporations and investment firms on enhancing their management of cyber risk.
Professor Bill Buchanan OBE
Edinburgh Napier University
In order to continue the advancement towards digitization, Scotland perhaps needs to develop a roadmap for the integration of digital trust, identity and wallets, and in how data is shared across the public sector, especially in areas of health and social care. This, as much as possible, should be focused on the citizen, and aim to integrate with other evolving systems around the world, and respect privacy. Along with this, the evolution of new methods such as with homomorphic encryption could provide the public sector with the opportunity to better understand the demographics of the population, while supporting privacy-aware machine learning.
William (Bill) J Buchanan OBE FRSE is a Professor of Applied Cryptography in the School of Computing, Edinburgh and the Built Environment at Edinburgh Napier University. He is a Fellow of the BCS and a Principal Fellow of the HEA. Bill was appointed an Officer of the Order of the British Empire (OBE) in the 2017 Birthday Honours for services to cybersecurity, and, in 2024, he was appointed as a Fellow of the Royal Society of Edinburgh (FRSE). His social media tagline reflects his strong belief in changing the world for the better: “A Serial Innovator. An Old World Breaker. A New World Creator.” Bill also has a strong belief in the power of education and in supporting innovation from every angle and currently leads the Blockpass ID Lab and the Centre for Cybersecurity, IoT and Cyberphysical. Bill works in the areas of cryptography, blockchain, trust and digital identity. He has one of the most extensive cryptography sites in the World (asecuritysite.com), and is involved in many areas of novel research and teaching. He has published over 30 academic books and over 450 academic research papers. Along with this, Bill’s work has led to many areas of impact, including a number of highly successful spin-out companies (including Zonefox, Symphonic Software and Cyan Forensics), along with awards for excellence in knowledge transfer and for teaching. He recently received an ”Outstanding Contribution to Knowledge Exchange” award and was included in the FutureScot “50 Scottish Tech People Who Are Changing The World”, along with being a regular keynote speaker at a range of conferences. Bill’s true academic passion is building, analysing and breaking cryptographic methods.
2:50 PM – 3:10 PM
Networking & refreshments
25 February 2025 | Session Four – Cyber Horizons
3:10 PM – 3:40 PM
Global cybersecurity threat landscape
What we need to do differently to respond to evolving online harms
Admiral Michael S. Rogers
Commander, US Cyber Command
Mike Rogers retired from the U.S. Navy in 2018 after nearly 37 years of naval service rising to the rank of four-star admiral.
He culminated his career with a four plus year tour as Commander, U.S. Cyber Command and Director, National Security Agency – creating the Department of Defense’s (DoD) then newest large war-fighting organization and leading the U.S. government’s largest intelligence organization. In those roles, he worked with the leadership of the U.S. government, the DoD, and the U.S. Intelligence community, as well as their international counterparts in the conduct of cyber and intelligence activities across the globe with a particular emphasis on cyber security. He also assisted in the development of national and international policy with respect to cyber security, intelligence, data, privacy and technology – including extensive work with corporate leadership in the Finance, IT, Telecommunications and Technology sectors.
Admiral Rogers is currently supporting companies in the private sector, serving as a member of various Boards of Directors or Advisory Boards or acting as a Senior Advisor – primarily in the areas of cyber security, geopolitics, quantum technology, robotics, space, and advanced technologies. He also speaks globally to various business and academic groups and is working internationally in the cyber security, technology and national security arenas.
He is a Senior Fellow and Adjunct Professor with Northwestern University’s Kellogg Executive Leadership Institute and a member of the advisory boards of the Australian American Leadership Dialogue, Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security, and Sandia National Laboratory’s National Security Programs Division. He is also a member of the United States Naval Institute Board of Directors and works with the Joint Staff and National Defense University in the mentoring and professional development of DoD Flag and General officers.
3:40 PM – 3:55 PM
The anatomy of a cyberattack
A compelling case study on recovering from a major digital incident
Jess Amery
Weir Group
With over 10 years’ experience in IT, Jessica is responsible for all Operational Security Services at FTSE 100 member, The Weir Group. Having graduated Abertay University in 2020 with a first-class honours degree in Ethical Hacking Jessica has delivered security transformation in global organisations and has experience across both offensive and defensive cyber roles, all with an underlying focus on threat intelligence.
3:55 PM – 4:30 PM
Cyber Horizons: Panel Discussion
Admiral Michael S. Rogers
Commander, US Cyber Command
Mike Rogers retired from the U.S. Navy in 2018 after nearly 37 years of naval service rising to the rank of four-star admiral.
He culminated his career with a four plus year tour as Commander, U.S. Cyber Command and Director, National Security Agency – creating the Department of Defense’s (DoD) then newest large war-fighting organization and leading the U.S. government’s largest intelligence organization. In those roles, he worked with the leadership of the U.S. government, the DoD, and the U.S. Intelligence community, as well as their international counterparts in the conduct of cyber and intelligence activities across the globe with a particular emphasis on cyber security. He also assisted in the development of national and international policy with respect to cyber security, intelligence, data, privacy and technology – including extensive work with corporate leadership in the Finance, IT, Telecommunications and Technology sectors.
Admiral Rogers is currently supporting companies in the private sector, serving as a member of various Boards of Directors or Advisory Boards or acting as a Senior Advisor – primarily in the areas of cyber security, geopolitics, quantum technology, robotics, space, and advanced technologies. He also speaks globally to various business and academic groups and is working internationally in the cyber security, technology and national security arenas.
He is a Senior Fellow and Adjunct Professor with Northwestern University’s Kellogg Executive Leadership Institute and a member of the advisory boards of the Australian American Leadership Dialogue, Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security, and Sandia National Laboratory’s National Security Programs Division. He is also a member of the United States Naval Institute Board of Directors and works with the Joint Staff and National Defense University in the mentoring and professional development of DoD Flag and General officers.
Jess Amery
Weir Group
With over 10 years’ experience in IT, Jessica is responsible for all Operational Security Services at FTSE 100 member, The Weir Group. Having graduated Abertay University in 2020 with a first-class honours degree in Ethical Hacking Jessica has delivered security transformation in global organisations and has experience across both offensive and defensive cyber roles, all with an underlying focus on threat intelligence.
Alan Gray, Head of National Cyber Security and Resilience,
Scottish Government
Alan Gray is the Head of National Cyber Security and Resilience for The Scottish Government. A Security leader with over 15 years of experience within government, professional and public sector organisations, Alan has managed a wide range of security activities from strategic capability development to operational response. Previously as Chief Information Security Officer for the Foreign, Commonwealth and Development Office, with responsibility for the cyber security of all core technologies and services both at home and across posts and embassies worldwide, he was also a member of the Government Security Board as representative for the CISO community across government. Drawing on past experience in National Security, academia, central government and the private sector, Alan has joined the Scottish Government to drive the consolidation and expansion of Scotland’s cyber security and cyber resilience activities, and to lead the Scottish Cyber Coordination Centre (SC3).
4:30 PM
Source link
