Arrival, registration & breakfast networking
INTRODUCTION FROM THE NETWORK GROUP & CHAIRPERSON
A brief introduction to the event software, SNS – this software, unique to the industry, empowers our attendees to make the most effective use of their time at the event by maximising networking opportunities. The software designs a personalised agenda & enables attendees to arrange One-to-One meetings with each other. This will be followed by a welcome from the chairperson.
Graham Ingram, CISO, University of Oxford
Developing a robust Cyber Capability Within Your Organisation
- How users should be helped to understand and manage their risks
- How developers and coders should be helped to understand why security matters
- How operations should be helped to understand the reasons for governance, risk and compliance
- Why security and risk should be baked into every project from the start and not added in when required!
Henrik Kiertzner, Head of IT (Cyber Security & Infrastructure), National Trust
Panel Discussion: What Does a Realistic Cyber Strategy Look Like
- What steps are needed to develop a pragmatic security vision and strategy?
- Raising the profile of cyber security with the board to ensure it is given the focus it deserves
- How to acquire the resources to identify, mitigate and manage risks
Moderator—Henrik Kiertzner, Head of IT (Cyber Security & Infrastructure), National Trust
Gaynor Rich, Group Deputy CISO & Director, BT Group
Alan Hamilton, CISO, GAM Investments
Sunil John, Head of Information, Security Sainsburys Bank
Kam Karaji, Global Head of Information Security, Bibby Financial Services
How Aston Martin Design Pro-Social Cyber Security Solution
- Analysing regulatory requirements on security and data breaches
- A look at new ways to design cyber solutions that engage a positive mindset
- How to raise cyber skills in your organisation
Robin Smith, Head of Cyber and Information Security, Aston Martin
Embedding Cyber Security Governance & Accountability into Working Practices
- Incorporating information security into decision-making processes to promote company-wide cyber resilience decisions
- Developing accountability frameworks to determine responsibility among senior leaders for taking risk
Brian Lake, Head of Cyber Security, Marie Curie UK
Coffee break & networking
11:00 – 13:05
One-to-One meetings
Intelligently matched one-to-one meetings:
- Vulnerability Management
- Security Awareness
- Data Governance & DLP
- Threat Intelligence
- PUM & Authentication
- Cloud Security
- Third Party Risk Management
- GRC
- Malware Protection
- Identity & Access Management
- Application Security
- Mobile Security
- Regulatory Management
Networking Lunch
The Journey to Cyber Essentials Plus in a Large Complex organisation
- Evolving your risk management practices to stay on top of half billion turn over, 12,000 headcount and a 1000+ locations organisation
Rob Lee, Head of Information Security, Cyber & Infrastructure, CH &CO Group
Richard Tucker, Deputy Head of Information Security, CH &CO Group
Implementing an Effective Risk Management Programme
- How to stay on top of emerging and enterprise risks
- Successfully aligning your risk appetite with your business objectives
- Penetration tests and vulnerability research, what you need to know
Graham Ingram, CISO, University of Oxford
Cyber Security Challenges & Opportunities in AI
- Implementing Innovation for AI in cyber security
- Cyber “Innovation” reality check
- What are the key things you need to take into account when building AI solutions?
Khadir Fayaz, SVP, Digital & Cyber, CBRE
Building your Cyber Team Capability from the Ground up
- Building a cyber capability that fits your business/culture
- Maturing vulnerability management
- Enhancing a cyber capability, moving from a compliance focus
Dan Burns, Head of Information Security, Next
Coffee break & networking
15:25 – 17:05
One-to-One meetings
Intelligently matched one-to-one meetings:
- Vulnerability Management
- Security Awareness
- Data Governance & DLP
- Threat Intelligence
- PUM & Authentication
- Cloud Security
- Third Party Risk Management
- GRC
- Malware Protection
- Identity & Access Management
- Application Security
- Mobile Security
- Regulatory Management
Panel: Outsmarting Cyber Criminals – Why Cyber Security should be on every Board’s priority list
- The importance of assigning clear ownership of cyber-risk oversight
- Considerations on driving a new holistic mindset against a new era of security risks
- How security leaders can communicate cyber-risks to the board
- How to prepare for systemic cyber security events, what you need to know
Goher Mohammad, Group Head of Information Security, L&Q Group
Jack Harrigan, Senior Policy Adviser, Cyber Resilience, Department for Science, Innovation & Technology
Brian Lake, Head of Cyber Security, Marie Curie UK
Stephen O’Hanlon, Group Head of Information Security, Vanquis Bank
Chairperson’s closing remarks
A reflection on today’s discussions, & thank you to our audience & speakers.
Morning registration & breakfast
Opening remarks from the chairperson
A welcome from the chairperson
Roundtable discussions
Join group discussions with your peers on some of the most challenging & significant topics of today — please confirm attendance prior to the session beginning. Each host will facilitate the discussion & give a short roundup of key findings during the wrap up session.
Ledum Maeba, Head of Information Security, Avanti
Andrew Leaning, Head of Cyber Security, Immediate Media
Steve Lorimer, CPO & CISO, Hexagon
Dinis Cruz, CISO, Holland & Barrett
Nick Harris, Deputy CISO, Holland & Barrett
Hosted by CloudFlare
Goher Mohammad, Group Head of Information Security, L&Q Group
Kulwinder Johal, Head of Information Security, ElectraLink
Ivan Milenkovic, Group CISO, Webhelp
Ian Scott, Head of Cyber Security, Manchester Metropolitan University
Roundtable wrap-up by the chairperson
Each host gives a short overview of key findings from their discussion & creates an ideas board to be distributed post event with the presentations.
Coffee break & networking
11:00 – 13:05
One-to-One meetings
Intelligently matched one-to-one meetings:
- Vulnerability Management
- Security Awareness
- Data Governance & DLP
- Threat Intelligence
- PUM & Authentication
- Cloud Security
- Third Party Risk Management
- GRC
- Malware Protection
- Identity & Access Management
- Application Security
- Mobile Security
- Regulatory Management
Networking lunch
Successfully Responding to Security Breach Incidents to Strengthen Cyber Resilience
- Preparing incident response plans to establish the roles of all staff in managing a security breach
- Learning from security breaches to address causes to incidents and improve cyber protection
Dinis Cruz, CISO, Holland & Barrett
Nick Harris, Deputy CISO, Holland & Barrett
Understanding the psychological aspect of cyber security in order to mitigate the risk of breaches
- Why staff burnout can cause breaches and how can you prevent this?
- Detecting and understanding when staff burnout maybe a risk
- Recovering from a breach caused by staff burnout
Tamlynn Deacon, Head of Information & Cyber Security, HBK – Hottinger Brüel & Kjær
Rise of Automotive Attacks a Threat Model Approach
- What is automotive hacking and how can they be mitigated
- Automotive threats and how to deal with them
- A look at threat model approaches and mitigation controls
Abbas Haidar, CISO, WorldFirst
Quantifying Risk & Demonstrating Return on Investment in Security
- Changing the conversation around cyber security to understand where accountability for cyber risk should lie
- Aligning cyber security with business goals and objectives
- How are cyber security experts measuring and evaluating cyber risk? How is it assisting them in building the business case for cyber security investment
Jay Moloo, Corporate Information Security Officer, DB Schenker
Panel: Embedding New technology to Reduce Cyber Security Risks
- How can you collaborate with technology providers to design an effective software that meets your cyber security priorities
- Working with staff to make the best use of new technology and strengthen cyber defences
- Engaging with senior leaders to secure resources for new information security technology
Richard Guttridge, Head of Network Security, TUI
Kevin Gourlay, Head of IT Security, IG Group
Steve Lorimer, CPO & CISO, Hexagon