Welsh Industry Cyber

Security Summit
Celtic Manor Resort,
Newport, 29th April 2015

Welsh Industry Cyber Security Summit 2015

Introduction
Professor
Khalid Al-Begain
Director of CEMAS

It is my great pleasure
to introduce the inaugural
Welsh Industry Cyber
Security Summit.

The four organising parties of this inaugural Welsh Industry

Cyber Security Summit have recognised the importance
of raising the awareness of Welsh businesses so that Cyber
Security can be considered at Board level in each company
small or large.
I hope that this Summit will become a trigger to a wider

The summit comes as the fruit of close collaboration

and more coordinated effort to capitalise on the expertise

between Airbus Defence and Security, TARIAN,

and the opportunities in Wales. I also hope that the Summit

Regional Organised Crime Unit (ROCU) for Southern

will facilitate the formation of the Welsh Regional Cyber

Wales Region, the Welsh Government and CEMAS of the

Security Information Sharing Partnership (CSIP) as a vehicle

University of South Wales.

to share information and advice on any Cyber Security matters.

Cyber Security is becoming a major concern for all

business around the world. It affects all businesses
regardless of their sector, size and geographical location.
Cyber-attacks can take many forms and can have varying
impacts from simple data theft to a wide-ranging attacks
such as Denial of Service attacks or essential IP theft
or digital ransom. Vulnerability to cyber-attacks whether
small or big can damage the confidence in any business
or the capability for any business to become part of the
supply chain for other major industries or businesses.
Wales has significant expertise in Cyber Security spread
among major industries such as Airbus Defence and Space
and General Dynamics, many SMEs, academics research
centres such the Information Security Research Group (ISRG)
and the Centre of Excellence in Mobile Applications and
Services (CEMAS) at the University of South Wales and the
Polices Organised Crime Unit. Hence, it is believed that
Cyber Security can become an opportunity for Wales
rather than just a threat.

www.cemas.mobi
@cemas_usw
fb.com/cemas.wales

Welsh Industry Cyber Security Summit 2015

Programme
9.30am

12.50pm

Registration and Coffee

Introduction to Cyber Information Sharing Partnership

Andrew Beckett, Airbus Defence and Space

10.00am
Welcome and Introductions
Dr Rhobert Lewis, University of South Wales

1.00 2.00pm

10.05am

2.00pm

Chairmans Opening Remarks

Dr Bob Nowill, UK Cyber Security Challenge

Technical and Practical Assistance

Ioan Peter, Airbus Defence and Space

10.10am

2.30pm

Keynote Mr Paul Kahn, President of Airbus Group UK

Panel Discussion/Q&A Session

Terry Wilson, Ioan Peters and Tim Hull

Lunch

10.25am
Rise of Cyber Threats Tim Hull, Head of Threat Desks,
National Crime Agency

3.00pm 3.15pm

10.55am

3.15pm

Examples of Recent Attacks

Andrew Beckett, Airbus Defence and Space

Cyber Innovation and Opportunities in Wales

Professor Andrew Blyth and Dr Kevin Jones

11.25am

4.00pm

Cyber Crime Unchartered Territory

D/Supt Terry Wilson, NPCC Cyber Crime Programme Lead

Closing Keynote

Networking Coffee Break

4.15pm
11.45am 12.00pm
Networking Coffee Break

Chairmans Closing Remarks Dr Bob Nowill,

UK Cyber Security Challenge

12.00pm

4.30pm

Panel Discussion/Q&A Session

National Crime Agency, Tarian, Airbus and
University of South Wales

Event Close

12.30pm
Cyber Security and Cyber Essentials
Dr Bob Nowill, UK Cyber Security Challenge

Welsh Industry Cyber Security Summit 2015

Speakers & Panel Experts

Dr Rhobert Lewis

Dr Bob Nowill

Dean of Computing, Engineering and

Science at the University of South Wales

Chair of the Board at The UK Cyber

Security Challenge Ltd

Dr Rhobert Lewis was formerly Head of Science and

Bob is Chair of the Board at The UK Cyber Security

Director of the Centre for Police Sciences and now

Challenge Ltd, and an independent Security Consultant

Dean of the new faculty of Computing, Engineering and

and Advisor through Herne Hill Consulting Ltd.

Science at the University of South Wales.

He is also a non-Executive Director and Board Member

He has considerable experience of consultancy, new business

of Information Risk Management (IRM) plc, and the Chair

and curriculum development in science and technology.

of the Institute of Information Security Professionals

His faculty has a strong research profile in hydrogen energy,

(IISP) Accreditation Committee.

anaerobic digestion, power generation, information security

and forensics, computer and communication systems
and optoelectronics.

He was the Director for Cyber and Assurance at the

BT Security Enterprise until the end of 2013. Before joining
BT in 2005, Bob was the Director of Technology and

Industrial connections include partnerships with British

Engineering and Board Member at the UKs Government

Airways, General Dynamics, Tata steel, Renishaw and

Communications Headquarters (GCHQ) and held a number

EDF Energy. Rhobert sees universities as critical in

of other roles there before that. His career has also included

stimulating the Welsh economy by providing high-quality

periods with UK MoD (Defence Procurement Agency and

graduates who are recognised by professional bodies

Research Agencies), in The Netherlands with The SHAPE

and by engaging in industrially-focussed knowledge transfer.

Technical Centre, and research at Cambridge University

Engineering Department.
He graduated from Cambridge University (Trinity College),
and subsequently read for a PhD also at Cambridge.
He is a Chartered Engineer and Chartered IT Professional,
a Fellow of the IET and of the BCS, and a full Founder
Member of the Institute of Information Security Professionals.
Bob was named in the Secure Computing (SC) Most Influential
2010 list in association with (ISC)2 as amongst the most
influential people in information security.
Bob is married to Dr Joanna Nowill, a Counselling
Psychologist who runs The Cheltenham Trauma and
Counselling Clinic, and they share three adult children
and a rescue Greyhound.

Welsh Industry Cyber Security Summit 2015

Paul Kahn

Tim Hull

President of Airbus Group

Head of Threat Desks,

National Crime Agency

Paul Kahn was appointed President of Airbus

In a career of over 30 years, Tim Hull has worked in the

Group UK on 1 October 2014 having worked

intelligence agencies, the Joint Terrorism Analysis Centre,

at Thales, latterly as President and Chief Executive

the Home Office and the National Crime Agency (NCA).

Officer of Thales, Canada.

Over that time, his roles have been many and varied,

Paul has extensive international management experience

though all relating directly or indirectly to intelligence,

in the aerospace, defence and transportation industries,

whether collection, analysis, technical investment or

in both the private and public sectors.

programme management. He has worked on a range

A chartered engineer with a Masters in engineering and

management systems from Brunel University, he worked

of topics, including geo-politics, terrorism, military conflict,

serious crime and cyber. In 2011 he was awarded the OBE.

for the Ford Motor Company in Europe and the United States,

From 2012-14 Tim led the design of the NCAs National

before joining the public sector as a civil servant at the UK

Intelligence Hub. The Hub sits at the heart of the agency,

Ministry of Defence. There, he led one of the major reviews

producing a comprehensive picture of the serious and

of procurement processes.

organised crime threat to UK interests A picture on which

Moving from the MOD back to the private sector, his career
in Thales spanned a variety of increasingly senior operational
and corporate positions, heading various business units
and as Vice President, Group Business Development in the
Paris headquarters.
Mr Kahn is a Fellow of the Royal Aeronautical Society,
holds an MBA from London Business School, and attended
The Royal College of Defence Studies. An active outdoors
person, he lives in Surrey, and is married with three children.
He holds dual British and American nationality.

the NCA relies to fulfil its core mission of leading and

co-ordinating the UK national response. Within the Hub,
Tim heads up the nine desks which are responsible for
building strategic and tactical intelligence on the serious
and organized crime threats set out in the related UK
National Strategic Assessment.
One of the highest-priority of those threats faced
is cybercrime, the national Law Enforcement response
to which is led by the NCAs National Cybercrime Unit.
Within the governance mechanisms by which this threat
is managed, Tim chairs a multi-agency body which,
in collaboration with industry and international partners,
focuses on the cybercrime marketplace, ie. the sophisticated
international marketplace in which criminals trade tools,
skills and a wide range of related criminal services.
Tim is married with two children. His free time (and money)
is spent restoring old cars and even older properties.

Welsh Industry Cyber Security Summit 2015

Andrew Beckett

D/Supt Terry Wilson

Head of Cyber Defence for Airbus

Defence and Space in the UK

NPCC Cyber Crime

Programme Lead

A founder and Managing Director of Regency IT Consulting

Terry joined the Metropolitan Police Service in 1986.

since 2005, Andrew grew this successful specialist Cyber

He has spent the majority of his career a detective,

and Information Assurance consultancy company until its

initially inner London postings at Clapham and Brixton.

acquisition by Cassidian (part of the Airbus Group) in 2010.

Specialist postings have included the South East Regional

Following the acquisition, Andrew has maintained his role

Crime Squad, MPS Anti Corruption Command and

at Regency but also heads Cyber Defence for Airbus Defence

Serious and Organised Crime Group Flying Squad

and Space in the UK.

where he specialised in Armed Robbery investigation

Prior to moving into consultancy, Andrew spent two years

with the International Civil Service in The Hague where he
was Head of the Office of Confidentiality and Security for

at ascending ranks from Detective Sergeant to Detective

Chief Inspector, in between performing more conventional
borough-based roles in those ranks.

the Organisation for the Prohibition of Chemical Weapons

From 2009 to 2013 Terry held the post of operational

recent recipients of the 2013 Nobel Peace Prize.

lead for the Police Central e-Crime Unit (PCeU).

A fast stream graduate entrant into the Civil Service,

Andrew spent his early career at GCHQ where he
specialised in cyber defence heading the teams
responsible for InfoSec consultancy and Penetration
Testing; personally providing support to the main
Whitehall departments and Intelligence Agencies.

This Metropolitan Police led national remit involved

responsibility for improving the timely response to serious
incidents of Cyber Crime through a public/private partnership
initiative to maximise harm reduction and increase public
confidence by proactively targeting criminal networks
involved in Cyber Crime, specifically, the most serious
incidents of computer intrusion, distribution of malicious
code, denial of service attack and Internet-enabled fraud.
Terry is currently the national cyber crime programme lead
working directly to the national policing lead, DCC Peter
Goodman. His role is developing cyber capability at regional
and force level across England and Wales.

Welsh Industry Cyber Security Summit 2015

Ioan Peter

Whilst at the UK IPO, Ioan led a security programme that

Head of Technical Design

at Regency IT Consulting

standards, embed information risk management into the

saw the organisation comply with Government security

business, achieve high scores against the Government
Information Assurance Maturity Model and certify its
information security management system against
ISO 27001.

Ioan joined Regency IT Consulting from the UK Intellectual

Property Office in April 2012, following a career that spanned
the UK Civil Service, Police Service and the Private Sector.

Prior to joining the Intellectual Property Office,

Ioan specialised in the design, implementation and
support of secure applications and infrastructure,

Since joining Regency, Ioan has completed numerous client

much of which was with one of the largest

engagements working at all levels of the client organisations.

police forces in the UK.

His favourite engagements include working with a Utility

Company to protect its extensive infrastructure against
cyber-attack and assisting the Home Office to search DNA
data more effectively to enable the processing of cold cases
in order to bring criminals to justice.
He is currently leading a programme of work for a very large
high tech multi-national, in order to test its cyber defences
through simulating sophisticated cyber-attacks and other
real-world threats. This work is seen as strategic, and reports
in at Group Chief Security Officer and Group CEO levels.
Ioan was employed by the Intellectual Property
Office in September 2008 as the Head of Technical
Design with responsibility for both technical architecture
and security.
Ioan was the Departmental Security Officer for
this Executive Agency, responsible for protecting the UKs
largest collection of Intellectual Property and for information
up to the highest levels of classification.
He was also responsible for the IT Services which support
the granting of Patents for the UK and represented the UK
on technical matters within the European and UN communities.

He has extensive experience of IT Security, designing secure

and highly available systems, running enterprise level IT
Operations, virtualisation and SAN technologies.

Welsh Industry Cyber Security Summit 2015

Dr Kevin Jones

He has worked closely with Government agencies on

Head of Airbus Group Innovations

Cyber Operations Team

such as the European Control System Security Incident

Cyber Security and on European funded programmes

Analysis Network.
He is a Member of the BCS, IEEE, and ISC2 and accredited as
a Certified Information Systems Security Professional (CISSP),
Certified Information Security Manager (CISM), and ISO 27001

Dr Kevin Jones is the Head of Airbus Group Innovations

Lead Auditor.

Cyber Operations team and is responsible for research

and state of the art Cyber Security solutions in support
of the Airbus Group (Airbus, Airbus Helicopters,
Airbus Defence and Space, and Airbus HQ).
He holds a BSc in Computer Science and MSc in
Distributed Systems Integration from De Montfort

Professor
Andrew Blyth
Head of Computing Systems
Engineering, University of South Wales

University, Leicester where he also obtained his PhD:

A Trust Based Approach to Mobile Multi-Agent System
Security in 2010.

Professor Andrew Blyth is a respected information

He is active in the Cyber Security research community

security academic.

and holds a number of patents within the domain.

He teaches information security and computer forensics

He has many years experience in consultancy to aid

at the University of South Wales. Andrew is an expert

organisations in achieving accreditation to ISO 27001

in computer forensics and vulnerability development.

standard on Information Security Management and

currently acts as a senior consultant to the Airbus
Group on matters of cyber (information) security across
multiple domains and platforms.
Kevins current research activities include Risk
Assessments, Security Architectures, and Cyber
Operations in; ICS/SCADA systems and Critical
National Infrastructure (CNI), Security Operations
Centres, Mobile Security, and Cloud Security.
He currently chairs the International Symposium for
Industrial Control System Cyber Security Research and
is an elected expert to the Engineering and Physical
Sciences Research Council (EPSRC).

Welsh Industry Cyber Security Summit 2015

Partners

Andrew Beckett
A founder and Managing Director of Regency IT Consulting
since 2005, Andrew grew this successful specialist Cyber
and Information Assurance consultancy company until its
acquisition by Cassidian (part of the Airbus Group) in 2010.
Following the acquisition, Andrew has maintained his role
at Regency but also heads Cyber Defence for Airbus Defence
and Space in the UK.
Prior to moving into consultancy, Andrew spent two years
with the International Civil Service in The Hague where he
was Head of the Office of Confidentiality and Security for
the Organisation for the Prohibition of Chemical Weapons
recent recipients of the 2013 Nobel Peace Prize.
A fast stream graduate entrant into the Civil Service, Andrew spent
his early career at GCHQ where he specialised in cyber defence
heading the teams responsible for InfoSec consultancy and
Penetration Testing; personally providing support to the main
Whitehall departments and Intelligence Agencies.

Airbus Defence
and Space
Airbus Defence and Space is one of the three divisions
of the Airbus Group and Europes Number 1 defence and
space company.
It is the worlds second largest space company and one of the
top 10 defence companies globally, with revenues of around
13 billion per year and approx. 38,600 employees. The Chief
Executive Officer of Airbus Defence and Space is Bernhard
Gerwert. Airbus Defence and Space puts a strong focus on core
businesses: Space, Military Aircraft, Missiles and related systems
and services.
Airbus Defence and Space develops and engineers cutting-edge
and peerlessly reliable products in the field of defence and space.
Its defence and space technologies enable governments and
institutions to protect natural resources, societies and individual
freedom. The aircraft, satellites and services help to monitor
climate and crops, and to secure borders. Airbus Defence and
Space solutions guarantee sovereignty in foreign affairs and
defence matters. Its portfolio also ensures communication,
mobility, the expansion of knowledge and the safeguarding
of the environment.
Airbus Defence and Space is composed of four Business
Lines: Military Aircraft; Space Systems; Communications,
Intelligence and Security (CIS); and Electronics. It brings
together a wide portfolio to continue to meet the complex
needs of its customers across the world, contribute to Europes
defence and security, and secure Europes independent
access to and utilisation of space. Among its flagship products
are the transport aircraft A400M, the military jet Eurofighter
and, in the framework of the Airbus Safran Launcher joint
venture, the Ariane launcher.

Welsh Industry Cyber Security Summit 2015

Gary Phillips

TARIAN

Gary joined Dyfed Powys Police in 1996 and was promoted

to Detective Chief Inspector at TARIAN, the Regional Organised
Crime Unit (ROCU) for Southern Wales in October 2013.

TARIAN is the Southern Wales Regional Organised Crime Unit

(ROCU), set up in 2002 to protect the communities of the
Southern Wales Region from the threats and risks of Serious
and Organised Crime; identifying, disrupting and dismantling
those organised crime groups who cause the most harm.

Aged 20, he was first posted to Carmarthen, where he

performed uniform patrol duties of both the town and
rural areas. However, since taking his next role at Ammanford
Criminal Investigation Department as Detective Constable
in 2001, he has stayed predominantly within a CID function.
Gary was promoted to the roles of Detective Sergeant
and Detective Inspector in 2002 and 2006 respectively
the latter being Intelligence Manager on Carmarthenshires
Divisional Intelligence Unit.
After moving on and spending nearly five years as Detective
Inspector at Llanelli CID, where he was dealing with volume
and serious crime incidents, Gary transferred to Dyfed-Powys
Force Headquarters in 2013 on a six-month secondment
in uniform as Force Performance Manager.
Within this role he was responsible to Chief Officers for the
audit and review of Dyfed Powys Polices overall performance.
Later that year Gary was promoted to his current role of
Detective Chief Inspector at TARIAN and his responsibilities
include managing the Regional Task Force, the Regional Asset
Confiscation Team, the Regional Asset Recovery Team (RART),
Regional Fraud Team and Regional Cyber Crime Unit.

Organised crime is a serious problem that impacts upon

our communities every day. From the drug dealing on the
street corner, to gangs terrorising our communities, to the
trafficking of vulnerable young women into prostitution
all are fundamentally driven by organised criminals.
TARIAN forms part of a National network; there are nine ROCUs
across England and Wales, all intently focussed on tackling
organised crime.
With the launch of the National Crime Agency (NCA) on the
7th October 2013, TARIAN also has the role of facilitating the link
between the NCA and local forces.
Our Vision
Our vision is to protect communities of the Southern Wales
Region from the threats and risks of serious and organised crime.
Our Mission
Our mission is to identify, disrupt and dismantle organised
crime groups causing most harm to the Southern Wales Region.
Our Values
We are professional in tackling serious and organised Crime.
We are committed to collaboration and working with partners
and other law enforcement agencies.

Welsh Industry Cyber Security Summit 2015

The University is a powerhouse in applied research used

to shape major decisions. As a major public policy think-tank,
it offers independent advice to government, industry and
employers across the UK on health, education, economic growth,
social policy, and governance. It provides a partnership platform
for ideas and debate with major think tanks such as the Joseph
Rowntree Foundation and NESTA.

Professor Khalid Al-Begain

Professor Khalid Al-Begain is the Director of the Centre
of Excellence in Mobile Applications and Services (CEMAS)
and is Professor of Mobile Computing and Networking
at the University of South Wales.
With over 25 years experience in computing and mobile
technology he has a vast and varied background in Mobile
Development, Communication Engineering and Analytical
Modelling and Simulation.
In 2013 Khalid was the winner of the IWA Inspire Wales Award
for Science and Technology. Additionally, in 2006, he received
Royal recognition as one of only 500 British scientists for his
contributions to the British scientific community. Khalid is leading
the University contributions to various national projects including
playing a key role in the establishment of the National Cyber Security
Centre for Wales and the first Welsh Industry Cyber Security Summit.

University of South Wales

Founded by industry and the professions, the University
of South Wales is one of Britains most exciting new universities
and a major player in higher education.

Wayne James
Wayne James, Cyber Security Lead in the Department
for Economy, Science and Transports ICT Sector team.
Waynes involvement with the public sector dates back to 1987,
when he held roles as a management advisor and then a regional
manager with the international division of the Welsh Development
Agency. Prior to this, he held financial and commercial management
positions within the private sector, with roles at magazine and
multimedia publisher IPC, global manufacturing and engineering
business Gallagher and City traders Stemcor.
In 2012 he led a collaboration of 9 European Regions and was the
publisher of an EU Best Practice Guide on creating new types of
digital business networks across Europe. Previous collaborations
include working with the DTI, Devolved Administrations and
industry aiding the delivery of regional economic strategies.
Currently he is Cyber Security Lead in the Department for Economy,
Science and Transports ICT Sector team at the Welsh Government.

One of the top ten campus universities in the UK by student number,

it attracts a cosmopolitan mix of students from over 120 countries
and all backgrounds.
The University of South Wales is unusual in the UK in bringing
together the broadest range of provision and the widest access
to education. It offers a full range of qualifications from further
education level to degrees and PhD study.

Welsh Government

As a major university it delivers the full range of STEM subjects,

from engineering and mathematics to computing and surveying
as well as being an experienced provider of teacher training courses.

The Department for Economy, Science and Transport aim

to create a strong economy to enable businesses to create
jobs and sustainable economic growth.

Welsh Industry Cyber Security Summit 2015

Stakeholders

With the backing of founding sponsors like the SANS Institute,

The South Wales Cyber Security Cluster is a business networking

the Challenge started out in 2010 to create a series of virtual

group formed under the umbrella of the UK Cyber Security Forum

and face-to-face competitions that would identify talented

to proactively support both the UK Governments National Cyber

people for the cyber security industry.

Security Strategy and Welsh Governments stated aim for South

Now entering its 6th year the Challenge is backed by over

Wales to be a hub for Cyber Security in the UK.

50 of the UKs most prestigious public, private and academic

It was formed and is led by Welsh businesses who meet monthly

organisations, and hosts a wide programme of activities designed

to communicate cyber initiatives, develop cyber skills in Wales

to spread the word about why cyber security is such a fulfilling

and help to grow each others businesses.

and varied career and help talented people get their first cyber

The group is free to join for anyone with an interest in Cyber

security jobs. Working from school level right through to helping

Security and meetings are held every 3rd Tuesday of the month

career changers making the transition across, the Challenge is

between 2.00pm and 4.00pm in Cardiff. More information can

making a notable difference to the career prospects of those with

be found at www.southwalescyber.net

the talents and aptitude to become cyber security professionals.

The 2015 Masterclass was recently held on board HMS Belfast
in London from which Adam Tonks, a computing student,
was named this years Cyber Security Champion. For more
information on Cyber Security Challenge UK please use the
following link: www.cybersecuritychallenge.org.uk
Tigerscheme is a certification scheme for technical security
specialists, backed by University standards.
Tigerscheme was founded in 2007, on the principle that
a certification scheme run on independent lines would give
buyers of security testing services confidence that they were
Action Fraud is the UKs national reporting centre for fraud
and financially motivated cyber crime.
Victims can report fraud by calling 0300 123 2040 or by
using the online reporting tool at www.actionfraud.police.uk
The service also enables people to get help, advice and support.

hiring a recognised and reputable company. Tigerscheme is

approved by CESG, the Information Security arm of GCHQ,
to carry out assessments for penetration testers which are
equivalent to CHECK standards.
Tigerscheme provides career progression through certification
and formal recognition of an individuals skills, and is awarded
on the basis of a rigorous independent assessment against
published and widely-accepted standards.
Tigerscheme is run and managed by the University of South
Wales Commercial Services Ltd, a wholly owned subsidiary
of the University of South Wales. The Industry Advisory Committee
includes representatives from Government and various sectors
of industry, including telecoms, utilities and academia.