Sergey Nivens - Fotolia

Cyberthreat 2018 aimed at UK cyber security techies

Cyberthreat 2018 is aimed at growing the UK’s network of cyber defenders, filling a key gap in the UK cyber security conference calendar and bridging the public-private sector divide

Although the number of UK-based cyber-security related events has grown rapidly in the past few years, none was designed to showcase UK talent, skills and technologies. But that is set to change in 2018.

Seeking to fill the gap, the National Cyber Security Centre (NCSC) is partnering with the Sans Institute to host Cyberthreat 2018 at the QEII Conference Centre in London from 27 to 28 February.

“This is part of delivering on our commitment to encourage and foster a better sharing of an understanding of the cyber threat and how best to counter it,” said Paul Chichester, director of operations at the NCSC.

“It is not about fixing something that is wrong, but about doing something that we should, which will improve the cyber security of the UK through this community getting together to share knowledge and best practice in defending ICT networks and systems,” he told Computer Weekly.

The event has been specifically designed for techies working in cyber security consultancy, intelligence or defence in an attempt to connect and consolidate this community in the UK, with a focus on understanding cyber adversaries and the ways they seek to do harm at a technical level.

“The UK still has work to do in growing its community of network defenders made up of those people who are trying to defend their networks and stop cyber attacks,” said Chichester.

“Despite the large number of cyber security related conferences in the UK, there are not many for those involved in the more technical elements, and we wanted enable this community to access the top technical cyber security speakers without having to go to the US,” he said.


The NCSC is partnering with the Sans Institute, which has a successful track record in running cyber threat intelligence conferences in the US that typically feature key technical speakers.

“We were keen to bring something similar to the UK, not only to give local technicians access to top speakers, but also to help create a sense of community through interactive workshops and activities,” said Chichester.

“Another key aim of Cyberthreat 2018 is to further foster collaboration between the public and private sectors around analysing attacks, to come together to share knowledge, expertise and best practices to ultimately reduce the harm to the UK,” he said.

Contrasting Cyberthreat 2018 with the NCSC’s CyberUK annual cyber security conference, Chichester said that while that event is aimed at a broader range of topics and is a much more strategic, high-level event, this new event will sit under that to focus on particular technical strands of the overall mission.

James Lyne, head of research and development at the Sans Institute said Cyberthreat 2018 is designed to replicate the US-based technical conferences that foster the development of a technical community and give rise to new discussions and concepts.

“We want to make that easily accessible to the huge base of technical talent in the UK, and the geek in me is excited to have something of that degree of technical credibilty, with lots of hands-on exercises and talks, taking place in the UK and involving both the public and private sectors,” he said.

Read more about the NCSC

  • NCSC demonstrates first year success against cyber attacks on the UK.
  • The NSC started several initiatives in its first year with the aim of using data drawn from those to drive better cyber security practices.
  • The National Cyber Security Centre is unashamedly ambitious in aiming to make the UK the safest place to do business online, which chief Ciaran Martin sees as an achievable goal.
  • The UK’s NCSC and NCA publish a joint report on the cyber threats facing UK businesses, outlining the best response strategies.

Hands-on events include the opportunity to work in teams to hack the conference badges, security challenge booths focusing on different areas, and a two-day team-based capture the flag competition.

This competition, said Lyne, includes technical challenges spanning a variety of disciplines to break down silos, boost understanding of how to collaborate with other specialists in cyber security, and to teach participants about techniques used by cyber adversaries.

There will also be the fairly rare opportunity, said Chichester, for attendees to get some hands-on training from the NCSC. “We are trying to do something that is fun, different, and informative,” he said.

To ensure that the conference is reaching its intended audience, the initial wave of registrations was open only to those capable of solving technical challenges, with discounts available to practitioners with the right technical skills.

“Registration is now a lot more open, but still with clear expectations in line with the type of conference and type of agenda to ensure we are reaching the right community,” said Lyne.

Choosing speakers

In terms of content, he said there was an “astounding” response to the call for presentations, making it “exceptionally difficult to choose” which of the “phenomenal” topics and speakers to include in the inaugural agenda.

In making the choice, Lyne said they tried to include as broad a range of topics as possible around a threat intelligence theme, without focussing on any particular area, and opting mainly for content that will provide broader perspectives on core areas that will be of most use to a technical audience.

“But there are some wildcards, such as a talk by a software developer talking about some of the complexities of implementing security defenders’ advice, and why it is not a simple thing to do in practice.”

While there are some well-known presenters in line up, Lyne said there are also lots of newcomers in line with the aim of fostering talent and innovation.

The NCSC sees the event as a “fantastic opportunity” to showcase UK technical talent in cyber security and provide the opportunity that is difficult to get at US-based events, said Chichester.

“We have included some cracking talks from UK people who would otherwise not get the opportunity to come out and talk about what they are working on, often in small teams across a broad spectrum of industry sectors and organisations of different sizes,” he said.

Broad representation

While some big security suppliers are represented, so too are smaller organisations that are not security companies that have “good people, doing good [cyber security-related] work,” said Lyne, to expose case studies and tools that “go beyond the usual suspects” found at most security conferences.

In the longer term, the NCSC plans to build on this event to further address the lack of technical cyber security conferences in the UK and Europe as a whole. “Although London was the logical place to start, the NCSC is keen to extend this type of event to other centres around the UK,” said Chichester.

“By creating the platform with Sans, I believe we will be able to kick-start a revolution in creating a UK cyber security technical community, showcasing its work and inspiring innovation along similar lines when they see there is value in and the need for events like this,” he said.

Read more on Hackers and cybercrime prevention

Data Center
Data Management