Taking place on October 18 and 19 at EcXel London, #RISK London addresses the issues impacting organisational risk today, from Governance, Risk and Compliance (GRC), to Environmental, Social and Governance (ESG), organisational culture, and much more.
The event builds on the success of #RISK 2022, allowing organisations to examine the cumulative nature of risk, unite GRC specialities and share views with subject-matter experts.
Federico Iaschi is Head of Cyber Resilience and Observability at Virgin Media O2. He will be at #RISK London to discuss the scourge of phishing, how the malicious practice is evolving, and how organisations can mitigate risk.
Social Engineering: How Phishing Attacks Are Getting Better, and What to Do About It
Wednesday 18th October 2023, 14:00 - 15:00pm BST
We caught up with Federico to hear more about his career so far and for more on the issues on the table at his forthcoming #RISK London session.
Could you outline your professional pathway to date?
My journey in information security over the past 20 years has been an exciting odyssey that has empowered me to influence change and create secure environments.
Starting as an IT Security Manager in the Italian Government, I then moved to the UK at Lavalin Atkins where I had the opportunity to manage global certifications and lay the foundational policies for risk management.
My time at Vodafone was a journey of innovation and collaboration, as I crafted a unified Global Information Security Strategy across 26 nations, raising the bar for ISO27001 implementation. My tenure at CSL Seqirus transformed me into a pioneer, as I had the chance to establish the Global Information Security Department from scratch.
Now, in my current roles at Virgin Media O2, I am creating a safer digital world by enhancing Cyber Resilience and Observability, fortifying defences, and paving the way for streamlined operations.
Describe the current phishing attack landscape: what are the latest methods being employed by threat actors to disrupt organisational security?
A wise mentor once taught me, “To defeat your enemy, you must know them.” As businesses digitally transform, so do our adversaries - relentlessly seeking new ways to breach our defences. We must meet this challenge with vigilance, courage, and compassion.
Today’s phishing landscape is characterised by coordinated campaigns, precision targeting, and social manipulation. Threat actors have innovated faster than our protections. But where they see opportunity, I see hope. Every breach is a chance to learn, every victim an opportunity to educate. United, we can weather any storm.
This calling motivates me daily - to outthink those who seek to harm, to see dignity in every user susceptible to deception, and to build communities grounded in care and security best practices. With patient persistence, I believe we’ll get there.
What are key strategies businesses should be employing in order to mitigate risk?
For businesses aiming to safeguard their realms, it’s crucial to realise that cybersecurity is not just a shield but a continuously evolving, adaptive strategy.
On the technological front, this means nurturing a landscape rich with state-of-the-art threat intelligence solutions, seamless automation, and unblinking monitoring systems for vulnerability detection.
This must be paired with a human-focused approach – a kingdom is only as strong as its people. Hence, educating employees about evolving threats like phishing and social engineering, and training them to be the first line of defence, is paramount.
Lastly, strong governance structures and risk management processes are the compass that guides this voyage, ensuring a consistently secure journey towards a secure and resilient future.
Don’t miss Federico Iaschi and fellow experts exploring these issues in depth at #RISK London, in the panel debate: “Social Engineering: How Phishing Attacks Are Getting Better, and What to Do About It”
With more and more data available about potential targets, and increasingly advanced methods to impersonate trusted individuals, it can sometimes feel like security teams are fighting a losing battle against social engineering.
But as threat actors develop better tools for tricking employees and consumers, security experts develop more sophisticated methods for stopping them.
This session will explore the various technical and organisational measures that your organisation can implement to defend against one of the most pervasive and effective security threats.
Also on the panel:
- Dr. Vasileios Karagiannopoulos, Co Director of Centre for Cybercrime and Economic Crime, University of Portsmouth
- Jonathan Craven, Privacy and Compliance Lead, UK/Europe, iRhythm Technologies
- Tina Forrester, Data Protection Officer, Liverpool John Moores University
Session: Social Engineering: How Phishing Attacks Are Getting Better, and What to Do About It”
Location: Security Theatre
Time: 14:00 – 15:00pm GMT
Date: Wednesday 18 October 2023
The session sits within a packed two-day agenda of insight and guidance at #RISK London, taking place on October 18 and 19 at EcXel London.
The event unites thought leaders and subject matter experts for a deep-dive into organisational approaches to handling risk. Content is delivered through keynotes, presentations and panel discussions.