skip to navigation skip to content
Search
 

The Cyber Ecosystem 2020

Back to 2020

Register

This event has now passed

This year’s Cambridge Cyber Risk Conference explores “The Cyber Ecosystem” – how cyber risk inter-connects with influences and consequences within and beyond the technical arena. In this conference we invite participants to explore the drivers of cyber risk for an individual organisation and from broader societal and macroeconomic trends.

The digital economy has been boosted by remote working and changes in retail distribution during the pandemic, and this has forced the global economy to reassess modes of consumption, supply, interaction, security and productivity. We invite participation from a wide variety of specialists and business managers, including cyber security specialists, ethical hackers, academics studying aspects of cyber crime, motivation, and technology, Chief Information Security Officers and their teams, cyber insurance practitioners, and advisors and specialists.

The conference will take place on Thursday 17 September 2020 between 15:00 and 18:00 BST (10:00 to 13:00 EST; 07:00 to 10:00 PST).

15:00-15:15

Welcome address
Dr Michelle Tuveson, Executive Director, Centre for Risk Studies

Session one: Cyber Ecosystem Disruptors

15:15-15:30

The Great Digital Acceleration and Cyber Risk
Dr Andrew Coburn, Chief Scientist, Centre for Risk Studies

2020 has seen an unprecedented acceleration in digitisation of the global economy, driven by a perfect storm of COVID-19 lockdown and underlying social and market trends. This has prompted a step-change in cyber risk, with threat actors taking advantage of a new technology landscape, and leveraging the vulnerabilities it creates. The Cyber Ecosystem is both transforming society and is being transformed by it. Research at the Centre for Risk Studies suggests scenarios for cyber risk in the next few years ahead.

15:30-15:45

Here Be Dragons… With Heavy Tails!
Éireann Leverett, Founder of Concinnity Risks, and Senior Risk Researcher, Centre for Risk Studies

The many headed hydra of new emerging risks haven’t even been measured yet. Digital acceleration also amplifies uncertainty in risk. So our ability to measure new cyber risks, needs to accelerate too. Old risks are like old money, easy to dismiss in conversation but impossible to ignore in a fight. Ransomware is the heavy tail of our dragon, and extortion of all types will continue to wag this beast.

15:45-15:55

Q&A session

Session two: Resilience in the Cyber Ecosystem

15:55-16:00

Introduction to the session and Q&A coordinator
Dr Maria Bada, Research Associate, Cambridge Cyber Crime Centre

16:00-16:15

The Era of Data-Driven Policymaking
Stephen Boyer, Chief Technology Officer, Bitsight

One contributing factor for global cyber insecurity: historical lack of data and measurement to drive better decision-making. As cybersecurity performance data and analytics become more readily available, can policymakers take advantage of this information to create a more secure and resilient ecosystem? A discussion of data and research that may usher in a “new era” of data-driven policymaking.

16:15-16:30

Insuring Against the New Wave of Ransomware
Dr Matt Harrison, Director, Product Management, Cyber, Risk Management Solutions

16:30-16:40

Q&A session

Session three: The Next Generation of Ecosystem Disruptors

16:40-16:45

Introduction to the session and Q&A coordinator
Derek Blum, Senior Director, Product Management, Risk Management Solutions

16:45-17:00

A Failure of Digital Trust
Dr Jennifer Daffron, Lead, Technology Risk Research, Centre for Risk Studies

Anthony Shapella, Head of Analytics, Global Cyber Team, AIG General Insurance

A collaboration between the Centre for Risk Studies and AIG addresses systemic risk in cyber space. The number and variety of technologies, connections, and infrastructure that characterise the global internet makes this challenging, however certain key technologies, services, protocols and vendors make up a core internet “backbone” that represents aggregation risk if they were to fail. Failure of Transport Layer Security (TLS) is an under-appreciated potential source of systemic risk in the digital economy, illustrated with a scenario that features in a new report, published as a result of the collaboration.

17:00-17:15

A Space Parable: Disrupting Satellite Broadband Security
James Pavur, Doctoral Student, Department of Computer Science, University of Oxford

This talk delves into the weaknesses of a “security through complexity” mindset through the lens of real-world eavesdropping attacks in satellite broadband network. In it, we see how less than £250 worth of equipment can be used by attackers to target critical infrastructure systems and personal communications privacy via satellite internet connections. We delve into how this situation came about and how disruptive shifts in threat models can undermine security risk-calculus that hinges on assumptions of attacker incompetence.

17:15-17:25

Q&A session
Moderated by Derek Blum

Panel discussion: Managing Cyber Risk in an Uncertain Future

17:25-17:55

Managing Cyber Risk in an Uncertain Future

Moderated by Dr Matt Harrison, Director, Product Management, Cyber, Risk Management Solutions

Panellists:

  • Joe Turnstall, Senior Risk Manager & Head of Insurance, easyJet
  • Kelly Malynn, Senior Risk Manager, Beazley
  • Dr Maria Bada, Research Associate, Cambridge Cybercrime Centre
  • Zaman Uddin, Head of Technology Risk and Compliance, Tesco

17:55-18:00

Closing remarks
Professor Danny Ralph, Academic Director, Centre for Risk Studies

Michelle Tuveson

Chairman & Executive Director, Centre for Risk Studies

Michelle Tuveson is a Founder and Executive Director at the Cambridge Centre for Risk Studies hosted at the University of Cambridge Judge Business School. Her responsibilities include the overall executive leadership at the Centre. This includes developing partnership relationships with corporations, governments, and other academic centres.

Andrew Coburn

Chief Scientist, Centre for Risk Studies

Andrew is a Founder and Director of the Centre for Risk Studies’ External Advisory Board, and Senior Vice President at Risk Management Solutions, the leading provider of catastrophe risk models to the insurance industry. He is also a Fellow of Cambridge Judge Business School.

Eireann Leverett

Senior Risk Researcher, Centre for Risk Studies

Founder of Concinnity Risks

Eireann is a founder and director of Concinnity Risks, and has published a variety of cyber security and academic cyber risk papers. He collaborates with the Centre for Risk Studies regularly as a Senior Risk Researcher, and is a co-author with Andrew Coburn and Gordon Woo on their 2017 book Solving Cyber Risk.

He holds his BEng in AI and Software Engineering from the University of Edinburgh and his MPhil in Advanced Computer Science from the University of Cambridge. He continued his education as an Ethical Hacker focused on critical national infrastructure and industrial systems around the world for three years, before returning to cyber risk entrepreneurship and academic research in equal measure.

Maria Bada

Senior Research Associate, Cambridge Cyber Crime Centre

Dr Maria Bada is a Senior Research Associate at the Cambridge Cyber Crime Centre.

The Cambridge Cybercrime Centre is a multi-disciplinary initiative combining expertise from the University of Cambridge’s Department of Computer Science and Technology, Institute of Criminology and Faculty of Law.

Jennifer Daffron

Research Associate, Centre for Risk Studies

Dr Jennifer Daffron Risk Research Associate at the Centre for Risk Studies, who focuses on modelling the impact of cyber threats on global business and socioeconomics.

Anthony Shapella

Head of Analytics, Global Cyber Team, AIG General Insurance

Anthony Shapella is Head of Analytics, Global Cyber Team at AIG.

Anthony has more than 15 years of experience leading risk and analytics teams. His specialities include cyber risk/accumulation modelling, emerging risk analysis and research, financial analysis and modelling, property and market strategy, and strategic and decision making.

Derek Blum

Senior Director, Product Management, Risk Management Solutions

Derek Blum is a Senior Director, Product Management at Risk Management Solutions.  He is an entrepreneurial product and project manager with a skill for solving complex problems and working cross-functionally.

James Pavur

Doctoral Student, Department of Computer Science, University of Oxford

James is a doctoral student in the Department of Computer Science, University of Oxford.  He is a hacker at heart, and always interested in the dynamics connecting weird hardware, security, and privacy. Right now, his main focus is on satellite systems security. He hopes to complete his PhD next year and then start the next adventure.

Matt Harrison

Director, Product Management, Cyber, Risk Management Solutions

Matt is the recently appointed Director of Product Management, for Cyber Solutions at RMS.

Prior to this he worked at Hiscox for 14 years in a wide variety of predominately specialty cat modelling/exposure management roles.  The last six years were primarily focused on building capability to measure cyber and liability/casualty risk.

Matt has a PhD in Physics (Fluid Mechanics), which has had a startlingly minimal cross-over with his career to date.

Joe Tunstall

Senior Risk Manager and Head of Insurance, easyjet

Kelly Malynn

Senior Risk Manager, Beazley

Kelly is a Senior Risk Manager at Beazley and for the last five years has had a specialist focus on cyber risk and innovation across all classes of business, most recently developing Beazley affirmative physical damage marine hull product.

She is responsible for providing cyber risk assurance to the board on the systemic aggregation potential, emerging risks, exposure management and capital provisions. She is also responsible for the implementation of the Beazley strategic initiative on client experience and chair of the environmental working group under the responsible business committee.

She has been at Beazley since 2009, has 20 years of London Market experience and is a member of the LMA’s Cyber Strategy Group which operates under the LMA Board.

Zaman Uddin

Head of Technology Risk and Compliance, Tesco