Context

The main page for this event is [scotlandcyber.com]

The main focus for the Symposium is to engage a wide range of domains to collaborate effectively, and to understand current and future threats to our citizens and society. The event is free, and is intended to increase the collaboration of organizations around Scotland.

The Symposium is organised and delivered with the support of Scottish Enterprise, Finmeccanica Cyber Solutions, and Edinburgh Napier University. IBM and Raytheon are also generour sponsors of the event.

Aim and Scope of Symposium

This symposium aims to bring together knowledge from many different domains in order to create knowledge exchange and collaborative infrastructures, which address the key risks that Scotland faces. The focus on this symposium is security risk, cybercrime and the protection of critical infrastructure, with a key focus on:

• Collaborative networks within Scotland and links to the EU and the UK.
• knowledge networks related to computer security, cybercrime and in risk analysis.
• Security and Cybercrime risks of the Cloud.
• Training requirements for Scotland related to Computer Security and Cybercrime.
• Emergency response infrastructures, and risk within critical infrastructure.
• Criminal risks and new attack vectors.
• Risks to privacy and identity theft.
• Intelligence-led activities.

There will also be a wide range of prizes for students, which will be announced soon.

Speakers

There will be a wide range of speakers from academia, the business community, law enforcement, and so on. An outline of the range of speakers include:

• Sir Kevin Tebbit, Finmeccanica UK.
• David Livingstone.
• Prof Merabti Madjid, Liverpool John Moores University.
• Don Smith, Dell SecureWorks.
• Ian Whittaker/Neil Logan, Amor Group.
• Richard Nethercott, Logica.
• Scott Chase, Raytheon Cyber.
• Martin Borrett, IBM Ltd.
• Scottish Government Lead.
• ACPOS Lead.
• John Howie, Microsoft.

Prizes

The Symposium has a number of prizes including:

• Flexiant Cipher Challenge.
• Raytheon Global Security Challenge.
• Security Engineer Student Prize.

Venues

The Meet-the-Buyer will be based on the Craighouse Campus in Edinburgh, and the Symposium will be held at Craiglockhart Campus, Edinburgh, with the Global Security Challenge held at the Merchiston Campus on the 5 December 2011.

Outline Programme

The Symposium will run:

• Tuesday 6 December 2011: Symposium, 9-5pm. Craiglockhart Campus Edinburgh. Prize winners announced. [Book for the Symposium]

There are also other events built around the Symposium, such as:

• Monday 5 December 2011: Meet the Buyer/Knowledge Exchange Event. Craighouse Campus Edinburgh. It will be an opportunity for SMEs to engage with the major companies in computer security and cybercrime. [Book for Meet-the-Buyer Event]
• Monday 5 December 2011: Global Security Challenge, Merchiston Campus Edinburgh. Open to university students. Hosted by Raytheon.

The following is a draft programme.

Bios

Sir Kevin Tebbit. Sir Kevin Tebbit is Chairman of Finmeccanica UK. He is a member of the Strategic Advisory Group to the Minister of State for Trade and Investment and Chairman of the Defence Advisory Group to the UKTI Defence and Security Organisation. He is a member of the Advisory Board to the Imperial College Institute for Security Science and Technology, a Non-Executive Director of Smiths Group plc and has been a visiting Professor at Queen Mary, London University since 2006.

Sir Kevin has extensive experience of working at senior level within government and abroad, dealing with security, defence and economic issues. He began his career with the UK Ministry of Defence, where he specialised in nuclear strategy. In 1979 he transferred to the Foreign and Commonwealth Office. His diplomatic postings included NATO HQ (serving as Director of Cabinet to the Secretary General, Lord Carrington), Head of Chancery at the British Embassy in Turkey and three years as Defence and European Counsellor at the British Embassy in Washington DC. At home he was Head of the FCO Economic Relations Department, Chief Inspector of the Diplomatic Service and, finally, supervised defence and intelligence matters as Deputy Under Secretary. Sir Kevin was Director of the Government Communications Headquarters (GCHQ) in 1998 before returning to the UK MoD where he was the Permanent Secretary from 1998 until late 2005. [Web page]

Professor Merabti is Professor of Networked Systems and Director of the School of Computing and Mathematical Sciences, Liverpool John Moores University, UK. He is a graduate of Lancaster University in the UK. He has over 20 years' experience in conducting research and teaching in the areas of Computer Networks (fixed and wireless), Mobile Computing, Computer Network Security, Digital Forensics, Multimedia, Games Technology, and their applications. Professor Merabti is widely published with over 160 publications in these areas and leads the Distributed Multimedia Systems and Security Research Group, which has a number of UK Government, EU, and industry-supported research projects. He has graduated 26 PhD students in the course of his work. He is principal investigator in a number of current projects in Digital Rights Management, Games Technology, Multimedia Networking, Mobile Networks Security and Privacy Architectures and Protocols, Secure Component Composition in Ubiquitous Personal Networks, Networked Appliances, Mobile and Ad-Hoc Computing Environments, and Sensor Networks. He is also Director of a newly created Research Centre for the Protection of Critical Infrastructure (PROTECT www.protect-ci.org), addressing the challenges of innovating, building and managing new critical infrastructure systems for the 21st century that are both resilient to unpredicted changes and secure against external attacks. Professor Merabti is a member of the EPSRC Peer College and Coordinator of a UK EPSRC funded Network on the Convergence of Telecommunications, Networking, and Broadcasting and which involves some of the major UK Universities and Industry. [Web page]

John Howie, CIPP/IT, CIPP, CISA, CISM, CISSP is the Senior Director of Technical Security Services for the Online Services Security and Compliance (OSSC) team within Global Foundation Services at Microsoft Corporation. He manages the teams responsible for strategy and architecture, threat management, and incident response for the company's cloud computing infrastructure. Prior to joining OSSC, John led the Data Governance Initiative in Microsoft's Trustworthy Computing Group, focusing on privacy protections for personal information, strategy, and policy. Previously he managed the company's Security Center of Excellence, and led the security community and its professional development program. John has spent twenty years working in the Information and Communications Technologies industry, principally working in the areas of information security and privacy, in several industry sectors including. [Web]

Don Smith is VP Engineering and Technology at Securework. He has worked in the IT industry for 18 years, starting his IT career with the groundbreaking Edinburgh University spin-off, Vision Group. After a successful flotation Vision was acquired by STMicroelectronics where ultimately Don became responsible for security architecture and operations for this $8billion enterprise. During his time at ST in Geneva, Don also worked on successfully integrating 14 acquisitions across 26 sites on three continents. Don joined dns on returning to Scotland in 2005 and was instrumental in the construction of the dns identity management practice and the evolution of the dnsMSS service portfolio. Don is regarded as an expert in the field of Identity and Access Management. After SecureWorks' acquisition of dns, Don focuses on bringing SecureWorks threat intelligence and security messages to European clients as well as continuing to provide leadership across the varied technologies and application areas represented by the IAM umbrella.

Scott Chase is a technical director for Raytheon SI Government Solutions, Scott Chase actively promotes information operations and information assurance. Along with presenting SI's capabilities to internal Raytheon programs and customers, he helps to develop the next generation of offensive and defensive cybercapabilities for Raytheon, and to recruit and train future cyberprofessionals. For Chase, interest in computers and security came at age 10, when he bought his first computer, a TI–99 clone with 16K of memory, from a discount store. He quickly learned BASIC and wrote programs to show his family and friends. His interest led him to enroll in the computer science program at Florida Institute of Technology. While at FIT, he became involved in student research, helping to start the Software Engineering Society and the Center for Information Assurance with Dr. James Whittaker. After graduation, he stayed on to work at the center full time. In late 2001, security was becoming an increasingly important problem for companies and the government. However, the dot-com collapse meant few investors were interested in a software startup. Despite the risks, Chase joined Whittaker, former Lockheed Engineer Terry Gillette and others in forming Security Innovation in the fall of 2002, becoming director of security testing. In 2005, SI Government Solutions was created to focus on a growing market — the information security needs of the U.S. defense industry. Around this time, Chase began collaborating with fellow researcher Herbert Thompson on "The Software Vulnerability Guide." The book, published in June 2005, was designed to teach developers how programming mistakes can lead to security vulnerabilities in software. Chase was excited by the opportunity to sell SI to Raytheon in 2008. "As a small business, we were reaching the limits of what we could do on our own," he said. "With Raytheon's backing and access to government programs, we can achieve success in the information operations domain that wasn't possible otherwise." The team's efforts to defend U.S. cybersecurity were recently featured in "The New York Times" and other newspapers.

Tabassum Sharif is Director of Operations at Flexiant, a leading independent cloud platform provider and software and services company. Flexiant developed Europe's first cloud platform over four years ago and remains one of only a handful of independent cloud platform providers world wide.Prior to joining Flexiant, Sharif acquired a wealth of experience in translating theoretical ideologies and best practices into real world environments working with a number of leading financial service organisations including GE Capital, the JW Group and Alphyra.Tabassum Sharif spent almost eight years in the military specialising in telecommunications and other communication projects after completing a B Eng in Electronic and Electrical Engineering at the School of Electrical and Electronic Engineering with the Corp of Royal Electrical and Mechanical Engineers."

Nigel Jones MBE FBCS is currently the law enforcement coordinator of the Cybercrime Centres of Excellence Network for Training, Research and Education (2CENTRE) and a director of Technology Risk Limited, a company specialising in technology risk solutions. Nigel served for 30 years in the UK Police Service where in addition to wide ranging experience in major commercial fraud and computer crime investigation both nationally and internationally, he was the UK Police representative on the G8 sub group on high tech crime and UK coordinator of a series of G8 Industry conferences. During his time as a fraud investigator he designed and delivered an academically accredited fraud training programme. He created National High Tech Crime Training Centre at the National Centre for Policing Excellence at Wyboston in the UK and was responsible for the creation of the design and delivery of a core curriculum and modular high tech crime training programme for the UK police service. Nigel formed the Kent Police Computer Crime Unit in 1993 and is co-author of the ACPO "Computer Based Evidence - Good Practice Guide" and member of the Technical Working Group on the Investigation of Electronic Evidence (TWGIEE) in the USA. Nigel has given presentations at numerous national and international events including the preparation and moderation of a hi-tech crime scenario at the United Nations 10th Crime Congress.

In 2003 Nigel was appointed as project manager of a European Commission Agis funded programme to develop a cybercrime training programme for the 28 EU and candidate countries. He also project managed a series of training courses course on behalf of the European Police College (CEPOL) to deliver training to senior managers of EU police forces and a further project to deliver training to a group of countries from North Africa, the Middle East and Southern Europe. In January 2005 Nigel was elected by the Member Countries as Chair of the Interpol European Working Party on IT Crime. He worked in close collaboration for two years with Canterbury Christchurch University in the development of an MSc award in Cybercrime Forensics that is now offered by the University. Nigel is currently the training manager for a €2.7m European Commission funded programme to further harmonise cybercrime training across international borders. He is a consultant to the Council of Europe in their cybercrime projects in Georgia and South Eastern Europe. He co-authored a paper on the training and education requirements of law enforcement that led to the 2CENTRE concept. He is a member of the Digital Forensic Specialist Group advising the UK Forensic Science Regulator.

Martin Borrett is the Director of the IBM Institute of Advanced Security in Europe. He leads the Institute and advises at the most senior level in clients on policy, business, technical and architectural issues associated with security. Martin leads IBM's Security Blueprint work and is co-author of the IBM Redbooks "Introducing the IBM Security Framework and IBM Security Blueprint to Realise Business-Driven Security" and "Understanding SOA Security" . He is Chairman of the European IBM Security User Group community and Chairman of the IBM UKI Technical Consulting Group. He is a member of the IBM Academy of Technology, a Fellow of the BCS, and a Chartered Engineer (CEng) and member of the IET. Martin has a passion for sailing and has represented Great Britain; he is also a keen tennis player.

Ian Whittaker BSc FCA FIIA. Ian is a Senior Consultant with Amor Group, www.amorgroup.com, Scotland's largest independent IT Company having, inter alia, previously been an eBusiness Advisor to Scottish Enterprise, Group IT Director for one of Scotland's fastest growing Energy Service Groups and Head of Computer Auditing in Scotland and Northern England for an international accountancy firm. He is a committee member of the IT Faculty of the ICAEW and has presented on a number of new technology and business topics, including computer control and security, to universities and institutions both in the UK and Europe. As a Management Consultant he has provided independent corporate and financial advice regarding Information Technology exploitation during start-ups, spin-offs, acquisitions, demutualisations and mergers.

Dr Basil Philipsz, MIISP is the Managing Director of Distributed Management Systems, www.dms-soft.com, which has developed CASQUE, a multi factor authentication, key distribution and key management system. New generation, CASQUE SNR is currently being certified by CESG. Basil, a serial inventor, is Chair of Ideas North West, a self help Inventors Group based in the North West of England, www.ideasnorthwest.co.uk and is a founding director of a Solid State lighting company, www.csaphotonics.co.uk. Interests: Pure Mathematics, Development of high assurance security systems for both Hardware and Software, Mentoring of Inventors.

Cormac Callanan BA, MSc, MICS operates an independent consultancy company from Dublin, Ireland named Aconite Internet Solutions (www.aconite.eu) which provides expertise in policy development in the speciality area of international cybercrime and Internet security & safety. Qualified in Computer Science he has over 20 years working experience on international computer networks and 10 years experience in the policy area of illegal content and cybercrime activities on the Internet. He has provided training at Interpol and Europol and to law enforcement agencies around the world on the subject of emerging and developing technologies. Having visited over 45 countries for business, he currently provides consultancy services around the world and works on policy development with the Council of Europe. He is Industry Coordinator for the 2CENTRE – Cybercrime Centres of Excellence in Training, Research and Education – www.2centre.eu and was past-president of INHOPE – the International Association of Internet Hotlines (www.inhope.org) and CEO for 5 years. During this time the network grew to 30 member hotlines in 27 countries around the world and he successfully achieved financial support of over €3m during this time. INHOPE facilitates and co-ordinates the work of Internet hotlines responding to illegal use and content on the Internet.

Cormac was founding Chairman of the Internet Service Provider Association of Ireland (www.ispai.ie) in 1997 which he led for 5 years until February 2003 and served as Secretary General of the European Service Provider Association (www.euroispa.org). He was founding Director of the Irish www.hotline.ie service in 1998 responding to reports about illegal child pornography and hate speech on the Internet. In addition to representing INHOPE, he has represented the Irish and European Internet Service Provider's at Irish government and at EU level. Following work on international assignment in the USA and Japan, he established the first commercial Internet Services Provider business in Ireland in 1991 - EUnet Ireland – which was sold in 1996. He has presented seminars throughout Western, Central & Eastern Europe, the Middle East and Asia and has lectured on a wide range of technology issues for many years. Cormac is a board member of the Copyright Association of Ireland (www.cai.ie). He served on the Rightswatch (www.rightswatch.com) UK & Ireland Working Group developing best practice guidelines for Notice and Takedown procedures as they relate to Intellectual Property Rights (IPR).

Oscar O'Connor BSc CEng CITP FRSA MBCS MBCI, is the Services Director, Finmeccanica Cyber Solutions at Selex Elsag and Committee Member BS25777:2008 (Pro Bono) at British Standards Institution. In the past he was a Programe Director at Adam Continuity and the Head of Professional Services at Dell Corporation, along with being the Programme Manager at Computacenter. Oscar holds a BSc in Computing and Mathematics and is about to embark on a PhD. He is a professional member of both the British Computer Society and the Business Continuity Institute and a Fellow of the RSA.

Tony Povoas MA, MSc, CITP, CISA –is the IT Security Manager for Virgin Money. He has over seventeen years in information/IT security and risk management working in management and consultancy roles across financial services, government and a range of other industry sectors. Security roles held include technical specialist, consultancy and architecture roles for firms such as Reuters and BSkyB.  Previously Director of Consultancy at security assurance boutique. President of ISACA Scotland for the last 4 years. Former Associate Lecturer in Information Security Management for the Open University. Previously technically accredited as a CLAS consultant by GCHQ. Repeat speaker at security conferences, e.g. Infosec, on subjects ranging from how to address VoIP security to how to design and implement security metrics. Guest specialist speaker/presenter for radio and TV, including the BBC.

David Stubley. David is a Director with 7 Elements, an Edinburgh based security consultancy. He brings with him 12 years of experience within the technical security market where he has gained a huge wealth of knowledge and expertise through the delivery of security testing and in the provision of technical expertise to high profile incidents. His specialist skill is bridging the gap between technical teams and senior management. David is an active member of the wider security industry, regularly presenting on the subject of information security and it's many facets. He has worked as an Industry Committee member of the Council of Registered Ethical Security Testers (CREST) to improve the understanding, use and development of security testing [Web].

Organisers

Bill Buchanan is a Professor in the School of Computing at Edinburgh Napier University and a Fellow of the IET and also a Fellow of the BCS. He currently leads the Centre for Distributed Computing and Security, and works in the areas of security, e-Crime, intrusion detection systems, digital forensics, e-Health, mobile computing, agent-based systems, and simulation. Bill has one of the most extensive academic sites in the World, and is involved in many areas of novel teaching in computing. He has published over 27 academic books, and over 10 academic research papers, along with awards for excellence in knowledge transfer. Presently he is working with a range of industrial/domain partners, including with the Scottish Police, health care professionals and the FSA. [Web page]

James Cameron (Scottish Enterprise), James.Cameron@scotent.co.uk.

Ross White (Scottish Enterprise), Ross.White@scotent.co.uk. [Web]

Sharon McGettrick (Edinburgh Napier University). s.mcgettrick@napier.ac.uk. [Web]

Aileen Wood (Edinburgh Napier University). a.wood@napier.ac.uk.

Wendy Stewart (Edinburgh Napier University). w.stewart@napier.ac.uk.

Others:

Mike Just is a Lecturer (Assistant Professor) at the School of Engineering & Computing at Glasgow Caledonian University. He is also a Visitor at the School of Informatics at the University of Edinburgh. Mike has penned more than two dozen publications in his areas of interest, which include applied cryptography, human computer interaction, network security, and social informatics. Prior to his current academic position, Mike spent more than 10 years working in both the public and private sectors. In 2003, he designed the Government of Canada's online authentication recovery solution, currently used by more than 6 million citizens and businesses. He earned his PhD in Computer Science in 1999 from Carleton University. [Web page]

Richard McFarlane is a lecturer in Security and Forensics in the School of Computing, at Edinburgh Napier University. Current research areas include Network Security, Forensic and Security Frameworks, Virtualisation, and Network Device Emulators. He has a Degree in Computing, followed by 7 years in industry, Masters in Networking and 2 years teaching Networking, Security and Forensics, BSc Hons, MSc, Cisco Instructor CCNA, CCNA Security, PBCS, EnCase Forensic I. [Web page]

Dr Ishbel Duncan is a lecturer in the School of Computer Science at the University of St Andrews. Having previously been a Research Fellow with BT investigating large scale software testing in which the adequacy of a test suite is optimal, she became interested in the adequacy of security, that is, security testing and analysis of its effectiveness. She has worked on projects as diverse as communications metrics, wireless sensor networks, e-voting, agent testing, virtual world education and security requirements modelling before building up and currently running a successful MSc programme in Information Technology. She lectures in Security at both Honours and MSc level. [Web page]

Prof Burkhard Schafer studied Logic, Theoretical Linguistics, Philosophy and Law at the Universities of Mainz, Munich, Florence and Lancaster. My main field of interest is the interaction between law, science and computer technology, especially computer linguistics. How can law, understood as a system, communicate with systems external to it, be it the law of other countries (comparative law and its methodology) or science (evidence, proof and trial process). As a co-founder of the Joseph Bell Centre for Legal Reasoning and Forensic Statistics, I help to develop mathematically sound methods to evaluate scientific evidence, develop computer models which embody these techniques, and provide assistance to police and lawyers to interpret and apply scientific evidence, A special interest here is the development of computer systems that help law enforcement agencies to co-operate more efficiently across jurisdictions, assisting them in the interpretation of the legal environment within which evidence in other jurisdictions is collected. This research is linked to my wider interest in comparative law and its methodology, the idea of a "Chomsky turn in comparative law", and the project of a "computational legal theory" My Research Centre is the Joseph Bell Centre. He is involved with a number of organisations that promote the exchange between computer science and law, including the German Association for Informatics, BILETA, and the Evidence and Investigation network of the Scottish Institute for Policing Research. I'm also on the Nomination Committee of the International Association for Artificial Intelligence and Law. [Web page]

Supporters

The Symposium is delivered with the support of Scottish Enterprise, and has the the support of the Scottish Institute for Policing Research (SIPR). It is also provided with the support of:

• Finmeccanica Cyber Solutions.
• Scottish Enterprise.
• BCS Cybercrime Forensics Specialist Group.
• Scottish Information Assurance Forum.
• Scottish Institute for Policing Research (SIPR).

The presentations from the event in June 2011 is at [here]