• David Holmes
    Principal Threat Research Evangelist
    F5 Networks
    Date: 21 September 2017
    Time: 1440 – 1520 hrs
    Venue: MR 324, Level 3

    David Holmes is the world-wide security evangelist for F5 Networks. He writes and speaks about hackers, cryptography, fraud, malware and many other InfoSec topics. He has spoken at over 30 conferences on all six developed continents, including RSA Europe in Amsterdam, InfoSec in London and Gartner Data Center in Las Vegas.

    David is one of F5 Labs' primary authors, writes a bi-weekly column at SecurityWeek, and has had the good fortune to write for DarkReading, SC Magazine, Network World and many other computer security magazines and websites. He has three patents pending for F5 and still contributes code to open-source projects such as OpenSSL.


    In February 2017, both Chrome and Mozilla telemetry reported that the majority of page requests were now happening over HTTPS. This is a significant difference from seven years ago when only financial sites and login pages required TLS. The implications of encryption everywhere are subtle but ever more important as more and more traffic funnels into TLS.

    F5 Networks has been taking a census of the TLS sites around the world since the summer of 2014. In this session, David Holmes, former Principal TLS Engineer presents some the results and analysis of the 2016 TLS Census. He will look at the real adoption rates for perfect forward secrecy and propose ideas why strict transport security never really took off. At close he will share his predictions about adoption rates for new TLS extensions, such as multi-stapling, the encrypted SNI extension, NPN and ALPN.

  • Stanley Hsu
    Regional Director
    Date: 19 September 2017
    Time: 1340 – 1420 hrs
    Venue: MR 308 - 309, Level 3

    Stanley has more than 22 years of experience in the enterprise software and cyber security industry in the Asia Pacific region, where he has held numerous management positions at Fuji Xerox, EMC, Actuate and McAfee Intel Security. Stanley is responsible for laying the business foundation and growth of Darktrace in South East Asia, Hong Kong and Taiwan with its award-winning Enterprise Immune System. He has a degree in Computer Engineering from the University of South Australia.


    With machines fighting machines and increasingly sophisticated human attackers, we are now entering a new era of cyber-threats. The battle is no longer at the perimeter but inside of our organizations, and no security team can keep up with its speed. Cyber-attackers are quickly becoming silent and stealthy, and cyber defence has turned into an arms race.

    This new wave of cyber-threats has seen skilled attackers that may lie low for weeks or months. By the time they take definitive steps, their actions blend in with the everyday hum of network activity. These attacks call for a change in the way we protect our most critical assets.

    Self-learning and self-defending systems are now being deployed to continually assess business environments. Known as ‘immune system’ defence, this approach is used to uncover threats that have already penetrated the network border, and then automatically fight back. Unlike legacy approaches, which rely on rules or signatures, these technologies work autonomously, enable the security team to focus on high-value tasks, and can counter even fast-moving, automated attackers.

    In this session, learn about:

    • The new age of silent, stealthy attacks that lie low in networks for weeks and months
    • Why legacy approaches, like rules and signatures, are proving inadequate on their own
    • How new ‘immune system’ technologies based on advanced mathematics and machine learning are being deployed today

  • Mark Hughes
    BT Security
    Date: 21 September 2017
    Time: 1320 – 1400 hrs
    Venue: Auditorium, Hall 406, Level 4

    Mark is accountable for all elements of BT’s own security activity globally.

    He makes sure that BT has the right policies and procedures in place to keep the company’s assets – whether physical, logical or information - secure from attack.

    BT’s security team counter fraud and minimise disruption to BT in the event of an incident.  This includes BT's UK civil resilience obligations.
    Mark is responsible for ensuring that BT’s security market offer, the BT Assure portfolio, capabilities and customer experience, are carefully developed in order to protect BT’s customers’ data and assets, to drive substantial global profitable revenue growth and to develop and harness security talent.

    Mark is a member of the World Economic Forum’s (WEF’s) global future council on cybersecurity.  Mark and a small group of globally renowned experts from business, government, academia and civil society collaborate to develop new insights and perspectives on cybersecurity.


    Organisations throw money at cyber security like never before, but the global scale of the recent ransomware attacks has shown the astonishing speed at which even the most unsophisticated of attacks can spread around the world. But how is it possible to spend millions on cyber security, and still get caught out? And what good are the latest solutions, if you haven’t fixed the basics?

    Those questions are what Mark Hughes, President BT Security will set out to answer in his keynote: ‘The cyber security journey — from denial to opportunity’. You’ll find out why reaching true cyber security requires a five-stage journey — from denial through to true leadership.

    There is no silver bullet when it comes to security and in order to avoid the dangerous traps along the way, don’t try to run before you can walk.