TL;DR
- This year, PTP Cyber Fest featured hands-on villages, a bunch of great speakers, and plenty of ways for everyone to join in
- Thank you to our sponsors and partners, RANT Community Shoosmiths, Harmonic AI, Retail & Hospitality ISAC, and the Aviation ISAC.
- With the Cyber House Party, the event raised over £35,000 for the NSPCC!
Not your usual cybersecurity event
Our PTP Cyber Fest returned this year as part of a busy week for the cybersecurity community in London.
The cyber community came together over two days at The Fox, located next to Infosecurity Europe at ExCeL London.
Some came for the talks. Some came for the demos. Some came because they had heard there was an industrial cocktail machine and wanted to see if that was actually true.
It was…
This year had car hacking, aviation, maritime, lock picking, cloud and AI challenges, incident response discussions, governance conversations, physical security and an AI safe with far too much personality.
Alongside a long list of speakers, doing talks and RANT panels, sharing insights into new and emerging topics like artificial intelligence, cloud security, incident response, regulation and resilience.
Before the show…
Let’s take a look at some of the highlights…
The Industrial Cocktail Machine returned
The OT cocktail machine was back, this time as version 2.5.
Adam Bromiley and Sam Thom from our Hardware Team brought it along to show how industrial control systems and programmable logic controllers can be tested in a safe, practical way.
It also made drinks, which did not hurt its popularity.
The demo gave people something physical to interact with. Instead of talking about operational technology in the abstract, visitors could see a connected process in front of them and understand how small changes in logic, control, or access can affect the outcome.
Physical security in the cyber world
Our Tom Roberts, Colin Kitchen and Nicola Pastres demonstrated physical security through picking locks and exploiting weaknesses Physical access control systems, with our RFID-accessed safe, showed how card cloning works.
Sassy Safe met the public at Infosecurity Europe
Our Aaron Thacker’s AI Sassy Safe made its first appearance inside Infosecurity Europe.
People loved interacting with it, testing its limits, and seeing whether it could be convinced to part with its password. It was fun, but it also made a serious point about AI security.
The demo gave people a practical way to experience the risks around AI systems, and even though it was told specifically not to, it would sometimes randomly blurt out its own password!
The Cloud and AI village duo demos
The Cloud and AI village had a lot of interest throughout the event.
Our Gabriel Garcia Teran’s cloud demo walking through how old cloud attack chains have evolved from the Capital One attack in 2019, with Kubernetes changing the threat model with increased complexity of multi-tenant environments, container orchestration and dynamic workflows.
Here it is in action:
The full lab cost in Amazon Web Services for the demo came to just US$0.05!
On the AI side, we ran a CTF, built by our David Lodge. Again, the point was not to talk about AI in the abstract. It was to let people test and understand how these systems can behave when users try to push them outside their intended boundaries.
Automotive Village
Our hacked Clio kept its legendary status.
The Clio somehow continues to survive, despite every reasonable attempt we made to break it!
Automotive security remains one of the clearest ways to show why connected systems need proper testing. People can see the impact. They can understand the link between software, hardware, safety, and trust.
What better way to show it than playing Mario Kart by intercepting CAN data…
Ransomware and the breach crisis simulator
Our Joseph Williams from our Digital Forensics and Incident Response (DFIR) team joined our Ken Munro and Nick Holland from Shoosmiths on the PTP DFIR Panel hosted by the RANT community, discussing what to do and what not to do, when ransomware happens.
We also put your response stills to the test with Joseph William’s breach crisis simulator:
Cyber House Party brought the community together
We are also proud to support the Cyber House Party takeover, and this year it helped raise £35,000 for NSPCC! Overtaking what we raised last year!
PTP pays for the venue and the bar tab, ensuring that every penny raised from ticket sales and sponsorship goes straight to NSPCC.
That is a huge achievement.
Cyber House Party has become an important part of Infosecurity Europe week. It gives the community somewhere informal to meet, talk, reconnect, and support a cause that matters.
Thank you
Thank you as well to everyone who came along. Whether you joined a demo, asked a question, took part in a challenge, watched a talk, came to Cyber House Party, or stopped by for a conversation.
A huge thank you to everyone who made Cyber Fest happen this year.
Thank you to our sponsors and partners, Shoosmiths, Harmonic AI, the Aviation ISAC, the Retail and Hospitality ISAC, the University of Bristol, and RANT Community for supporting the event and helping bring people together across the two days.
Their help meant we could keep PTP Cyber Fest open, accessible, and hands-on just the way we like it.
