Main Conference Room – Session 4

Session 4: IDENTITY, DECEPTION & HUMAN RISK

Identity Compromise, Deception and the Human Attack Surface

14:00pm – 15:00pm

Register For Free

Overview:

Many organisations think meeting regulatory compliance standards is enough to keep them secure. It isn’t. If your focus stops at compliance, you’re leaving gaps attackers can exploit. This session explores how to go beyond regulatory requirements and build a security strategy that protects your organisation from real-world threats.

Main Conference Room – Session 4

Facilitator

Paul C Dwyer

President ICTTF International Cyber Threat Task Force / CEO, Cyber Risk International

Paul C Dwyer is recognised as one of the world’s foremost experts on cyber security, risk and privacy. As CEO of Cyber Risk International he specialises in corporate and enterprise security, development of cyber defence programs, and business operations protection for CRI clients. As founder and President of the ICTTF International Cyber Threat Task Force he is an advocate for diversity in the industry and leads a community of over 30,000 with a common goal to defeat cyber evil.

View Presentation Abstract
The Compliance Trap: Why Being ‘Secure Enough’ Won’t Cut It in the Era of DORA and NIS2

Many organisations think meeting regulatory compliance standards is enough to keep them secure. It isn’t. If your focus stops at compliance, you’re leaving gaps attackers can exploit. This session explores how to go beyond regulatory requirements and build a security strategy that protects your organisation from real-world threats.

Panelists

Picture5

Michael Simpson

Senior Sales Engineer, Lookout

With a ten-year military background in highly sensitive IT infrastructure, Michael brings a rare and potent perspective to cybersecurity. His subsequent five years as a covert surveillance technician for a Commercial Spyware Vendor provided him with an insider’s view into the methodologies of sophisticated threat actors. This experience uniquely positions him to demonstrate the absolute necessity of comprehensive security measures against all tiers of adversaries. 

Complacency in mobile security, relying on baseline compliance or a sense of being ‘secure enough,’ is a dangerous fallacy in today’s rapidly evolving threat landscape. A new first wave of attacks is targeting mobile devices as the primary entry point into sensitive data and enterprise networks, rendering traditional security perimeters increasingly irrelevant. In this session we will explore how recommended Mobile Device Management does not detect or defend against the latest threats. 

Presentation on:

The new first wave of attack – Why being ‘secure enough’ or ‘compliant’ is no match for the latest mobile threats

View Presentation Abstract
The new first wave of attack - Why being 'secure enough' or 'compliant' is no match for the latest mobile threats

Complacency in mobile security, relying on baseline compliance or a sense of being 'secure enough,' is a dangerous fallacy in today's rapidly evolving threat landscape. A new first wave of attacks is targeting mobile devices as the primary entry point into sensitive data and enterprise networks, rendering traditional security perimeters increasingly irrelevant. In this session we will explore how recommended Mobile Device Management does not detect or defend against the latest threats. 

Lorna Burman

Distribution & Partnership Manager APAC & EMEA – usecure

Lorna is an experienced IT Manager of a global business, with 20+ years of navigating the channel. She was a former business owner in the tech space. Through strategic partnerships and innovative solutions, I’m committed to helping MSPs navigate the complex landscape of human-centric cybersecurity threats, creating human firewalls globally. 

The truth is, compliance doesn’t always equal security. While frameworks like NIS2, GDPR, and ISO 27001 are essential, organisations that only meet the minimum requirements remain at risk. 

Join usecure to learn why ‘secure enough’ isn’t enough anymore – and how to bridge the gap between compliance and real security resilience. 

Presenting on: 

Compliance vs. Security – Why Meeting the Bare Minimum Won’t Keep You Safe 

View Presentation Abstract
Compliance vs. Security – Why Meeting the Bare Minimum Won’t Keep You Safe

With NIS2 and DORA regulations now in full effect, businesses are scrambling to meet compliance standards. But is checking a compliance box enough to keep organisations truly secure? 

The truth is, compliance doesn’t always equal security. While frameworks like NIS2, GDPR, and ISO 27001 are essential, organisations that only meet the minimum requirements remain at risk. 

Join usecure to learn why ‘secure enough’ isn’t enough anymore - and how to bridge the gap between compliance and real security resilience. 

Brian Lowe

Country Manager, Ireland - Level Blue

Brian Lowe, a graduate of University College Limerick, embarked on his career in software sales in 2016 as a Junior MSSP Account Manager at AlienVault. Over the past nine years, Brian has demonstrated exceptional skill in developing and expanding some of the largest MSSP and Reselling Accounts in the UK and Ireland.

In 2025, Brian assumed the role of Country Manager for Ireland, where he is dedicated to fostering and enhancing partner relationships. His strategic vision and leadership continue to drive growth and innovation within the industry

Presenting on: 

More Regulatory Scrutiny Makes Incident Response Readiness (IRR) Non-negotiable

View Presentation Abstract
More Regulatory Scrutiny Makes Incident Response Readiness (IRR) Non-negotiable

With DORA, NIS2, and SEC rules tightening, incident response readiness (IRR) has become a board-level priority. Regulators now expect faster reporting, clearer governance, and proof of preparedness. This session breaks down the top IRR capabilities for 2025- risk assessments, playbooks, training, and post-incident reviews - explaining why readiness is now essential to compliance. Backed by market data, we’ll show how organisations can shift from reactive defence to proactive resilience in an era where being ‘secure enough’ no longer cuts it.

Josh Bowles

Enterprise Sales Director EMEA & APAC

Josh Bowles leads Theta Lake’s sales effort in EMEA and APAC and has previously held roles at leading software companies, including NICE and 8×8.

Presenting on: 

Managing Compliance and Cybersecurity Risk in Modern Communication Platforms.

View Presentation Abstract
Managing Compliance and Cybersecurity Risk in Modern Communication Platforms.

In today’s rapidly evolving digital landscape, modern communications platforms offer unprecedented connectivity and efficiency—but they also introduce complex compliance and cybersecurity challenges. This presentation explores the critical intersection of regulatory requirements UC solution usage, talks about how an organisation can stay compliant across all of their communications, and how these are closely linked to DORA and NIS2. 

Please can we update?

 

Cyber Conference Agenda

KeyNote:

Power, Politics and AI: The Global Forces Driving Cyber Risk in 2026
Power, Politics and AI: The Global Forces Driving Cyber Risk in 2026

Cybersecurity is no longer just a technology problem; it’s also now a geopolitical one. State-sponsored actors are targeting critical infrastructure with increasing boldness, AI-powered political attacks are testing democratic institutions, and regulatory frameworks around data sovereignty are reshaping how organisations operate across borders. This opening keynote sets the tone for the day by examining the global forces that are driving cyber risk in 2026: from geopolitical disruption and the weaponisation of AI to the shifting regulatory landscape that every Irish organisation needs to navigate.

  • Main Conference Room

10:00am- 10:30am

AI IN CYBERSECURITY

Attack, Defend, Govern: The AI Security Playbook
Attack, Defend, Govern: The AI Security Playbook

AI is now embedded in every layer of the cybersecurity landscape. Attackers are using it to launch autonomous operations, generate convincing deepfakes and discover zero-day vulnerabilities at speed. Defenders are building AI-driven SOCs that detect and respond to threats in real time. And organisations everywhere are grappling with shadow AI, model risk and a wave of new regulation including the EU AI Act. This stream brings together security vendors at the cutting edge to address the full AI picture: offensive threats, defensive tools, governance frameworks, workforce readiness and the strategic shifts that will define secure organisations in 2026 and beyond.

  • Main Conference Room

10:45am- 11:4v5am

MSP & CHANNEL

Scaling Security: Building Profitable MSP Practices for 2026
Scaling Security: Building Profitable MSP Practices for 2026

MSPs serve as the frontline defence for hundreds of SMBs while managing their own operational and commercial pressures. This dedicated stream addresses security service delivery models, evolving customer expectations around compliance and cyber insurance, and practical approaches to vendor selection and stack consolidation. Speakers from successful MSPs share what’s working.

  • Bar (upstairs)

10:45am- 11:45am

DATA & INFRASTRUCTURE DEFENCE

Layered Defence: Protecting Data and Infrastructure Across Your Environment
Layered Defence: Protecting Data and Infrastructure Across Your Environment

No single control point is sufficient, and data remains the ultimate target. This session brings together endpoint, network, cloud and data security perspectives to explore how organisations can build layered defences that work together. We address EDR, next-generation firewalls, cloud workload protection, data discovery, classification and loss prevention, with particular focus on the risks introduced by generative AI adoption, the insider threat challenge, and the operational reality of tool proliferation and alert fatigue.

  • Downstairs Room 3

10:45am- 11:45am

REGULATORY COMPLIANCE & GOVERNANCE

The Compliance Reality Check: What Irish Organisations Actually Need to Do
The Compliance Reality Check: What Irish Organisations Actually Need to Do

The deadlines have passed and regulators are watching. This session moves beyond theory to examine what NIS2 and DORA compliance looks like in practice. We address incident reporting, supply chain risk requirements, board-level accountability and the documentation regulators expect, with lessons from organisations that have been through the process.

12:00pm -13:00pm

  • Main Conference Room

OPERATIONAL TECHNOLOGY & CRITICAL INFRASTRUCTURE

Keeping the Lights On: Protecting the Systems That Run Ireland
Keeping the Lights On: Protecting the Systems That Run Ireland

Attacks on operational technology environments have moved from theoretical to routine. This session addresses the unique challenges of securing environments where availability trumps confidentiality, legacy systems cannot be patched, and a breach can have physical consequences. Speakers share practical approaches to network segmentation, asset visibility and secure remote access.

  • Bar (upstairs)

12:00pm -13:00pm

RANSOMWARE & RESILIENCE

When Prevention Fails: Ransomware, Recovery and Operational Resilience
When Prevention Fails: Ransomware, Recovery and Operational Resilience

The question is no longer whether you’ll face a serious incident but how quickly you can recover. With ransomware attacks increasing in volume and sophistication, this session addresses the full lifecycle from prevention through to containment and recovery. We examine the critical importance of immutable backups, tested recovery procedures, and the often-overlooked challenge of Active Directory restoration.

  • Downstairs Room 3

12:00pm -13:00pm​

IDENTITY, DECEPTION & HUMAN RISK

Identity Compromise, Deception and the Human Attack Surface
Identity Compromise, Deception and the Human Attack Surface

Attackers don’t need to find a vulnerability when they can steal a credential or trick a human. From AI-generated phishing that’s virtually indistinguishable from legitimate communication to credential theft, privilege escalation and Active Directory compromise, the most common path into organisations now runs through people and their identities. This session examines how social engineering and identity attacks are converging, why Zero Trust must address both technical controls and human factors, and what practical defences look like when the threat is designed to bypass every instinct your users rely on.

  • Main Conference Room

14:00pm  - 15:00pm

EMERGING THREATS

From Deepfakes to Quantum: The Next Wave of Threats You Need to Prepare for Now
From Deepfakes to Quantum: The Next Wave of Threats You Need to Prepare for Now

Deepfake technology is already being used to impersonate executives and bypass verification. Quantum computing threatens to undermine the encryption we rely on today. And geopolitical shifts are reshaping who is targeting whom and why. This session cuts through the noise to examine the emerging threats that Irish organisations need to take seriously now, not in five years’ time, and provides practical frameworks for building preparedness into your security strategy today.

  • Bar (upstairs)

14:00pm  - 15:00pm

TBD
TBD

TBD

  • Downstairs Room 3

2:00pm -3:00pm​

Closing Panel:

Security Leadership 2026: What Keeps CISOs Awake at Night
Security Leadership 2026: What Keeps CISOs Awake at Night

The day has covered a lot of ground, from geopolitical disruption and AI-powered attacks to regulatory pressure, ransomware resilience and the challenge of protecting critical infrastructure. In this closing panel, security leaders from across Irish industry reflect on what they’ve heard, share what resonates most with their own organisations, and offer a candid perspective on the decisions that will define cybersecurity leadership in the year ahead. Expect honest conversation about skills shortages, board-level expectations, AI governance and what it actually takes to keep an organisation secure in 2026.

  • Main Conference Room

15.30pm - 16:30pm

Join Our Cyber Ecosystem

Become a part of our growing Cyber Security Ecosystem. We’re Bringing everyone together!

Vendors
+
VARs & MSPs
+
Cyber Experts
+
Attendees Registered Annually
+

©  2026 Cyber Expo Ireland. Built using WordPress and the Highlight Theme