08:20 - 08:50
Arrival, registration & breakfast networking
08:50 - 09:00
INTRODUCTION FROM THE NETWORK GROUP & CHAIRPERSON
A brief introduction to the event software, SNS – this software, unique to the industry, empowers our attendees to make the most effective use of their time at the event by maximising networking opportunities. The software designs a personalised agenda & enables attendees to arrange One-to-One meetings with each other. This will be followed by a welcome from the chairperson.
Graham Ingram, CISO, University of Oxford
09:00 - 09:30
Developing a robust Cyber Capability Within Your Organisation
- How users should be helped to understand and manage their risks
- How developers and coders should be helped to understand why security matters
- How operations should be helped to understand the reasons for governance, risk and compliance
- Why security and risk should be baked into every project from the start and not added in when required!
Henrik Kiertzner, Head of IT (Cyber Security & Infrastructure), National Trust
09:30-10:10
Panel Discussion: What Does a Realistic Cyber Strategy Look Like
- What steps are needed to develop a pragmatic security vision and strategy?
- Raising the profile of cyber security with the board to ensure it is given the focus it deserves
- How to acquire the resources to identify, mitigate and manage risks
Moderator—Henrik Kiertzner, Head of IT (Cyber Security & Infrastructure), National Trust
Gaynor Rich, Group Deputy CISO & Director, BT Group
Alan Hamilton, CISO, GAM Investments
Sunil John, Head of Information, Security Sainsburys Bank
Kam Karaji, Global Head of Information Security, Bibby Financial Services
Stream 1 - Aston Martin Case Study
10:10-10:40
How Aston Martin Design Pro-Social Cyber Security Solution
- Analysing regulatory requirements on security and data breaches
- A look at new ways to design cyber solutions that engage a positive mindset
- How to raise cyber skills in your organisation
Robin Smith, Head of Cyber and Information Security, Aston Martin
Stream 2 -Cyber Security Governance
10:10-10:40
Embedding Cyber Security Governance & Accountability into Working Practices
- Incorporating information security into decision-making processes to promote company-wide cyber resilience decisions
- Developing accountability frameworks to determine responsibility among senior leaders for taking risk
Brian Lake, Head of Cyber Security, Marie Curie UK
10:40-11:00
Coffee break & networking
11:00 - 11:25
Workshop 1
Fantastic Attacks: Secrets of Ransomware
Randeep Gill, Principal Security Strategist, Exabeam
11:25 - 11:50
Networking
11:50 - 12:15
Workshop 2
Metrics and Reporting: What does the board really want to know?
Andrew Rose, CISO, EMEA, Proofpoint
12:15 - 12:40
Networking
12:40 - 13:05
Workshop 3
Watching the Watcher
John Lester, Senior Manager, Sales Engineering, CrowdStrike
11:00 – 13:05
One-to-One meetings
Intelligently matched one-to-one meetings:
- Vulnerability Management
- Security Awareness
- Data Governance & DLP
- Threat Intelligence
- PUM & Authentication
- Cloud Security
- Third Party Risk Management
- GRC
- Malware Protection
- Identity & Access Management
- Application Security
- Mobile Security
- Regulatory Management
13:05 - 14:00
Networking Lunch
Stream 1 - Cyber Essentials
14:00-14:35
The Journey to Cyber Essentials Plus in a Large Complex organisation
- Evolving your risk management practices to stay on top of half billion turn over, 12,000 headcount and a 1000+ locations organisation
Rob Lee, Head of Information Security, Cyber & Infrastructure, CH &CO Group
Richard Tucker, Deputy Head of Information Security, CH &CO Group
Stream 2 - Cyber Risk Management
14:00 -14:35
Implementing an Effective Risk Management Programme
- How to stay on top of emerging and enterprise risks
- Successfully aligning your risk appetite with your business objectives
- Penetration tests and vulnerability research, what you need to know
Graham Ingram, CISO, University of Oxford
Stream 1 - Using AI in Cybersecurity
14:35 -15:10
Cyber Security Challenges & Opportunities in AI
- Implementing Innovation for AI in cyber security
- Cyber “Innovation” reality check
- What are the key things you need to take into account when building AI solutions?
Khadir Fayaz, SVP, Digital & Cyber, CBRE
Stream 2 - Cyber Team Capabilities
14:35 -15:10
Building your Cyber Team Capability from the Ground up
- Building a cyber capability that fits your business/culture
- Maturing vulnerability management
- Enhancing a cyber capability, moving from a compliance focus
Dan Burns, Head of Information Security, Next
15:10 - 15:25
Coffee break & networking
15:25 - 15:50
Workshop 4
Operationalising Cybersecurity For Measurable Risk Reduction
Jason Hart, CTO, Rapid7
15:50 - 16:15
Networking
16:15 - 16:40
Workshop 5
Continuous Threat Exposure Management: A Step Change in Vulnerability Management
Matt Quinn, Technical Director EMEA, XM Cyber
16:40 - 17:05
Networking
15:25 – 17:05
One-to-One meetings
Intelligently matched one-to-one meetings:
- Vulnerability Management
- Security Awareness
- Data Governance & DLP
- Threat Intelligence
- PUM & Authentication
- Cloud Security
- Third Party Risk Management
- GRC
- Malware Protection
- Identity & Access Management
- Application Security
- Mobile Security
- Regulatory Management
17:05 - 17:45
Panel: Outsmarting Cyber Criminals – Why Cyber Security should be on every Board’s priority list
- The importance of assigning clear ownership of cyber-risk oversight
- Considerations on driving a new holistic mindset against a new era of security risks
- How security leaders can communicate cyber-risks to the board
- How to prepare for systemic cyber security events, what you need to know
Goher Mohammad, Group Head of Information Security, L&Q Group
Jack Harrigan, Senior Policy Adviser, Cyber Resilience, Department for Science, Innovation & Technology
Brian Lake, Head of Cyber Security, Marie Curie UK
Stephen O’Hanlon, Group Head of Information Security, Vanquis Bank
17:45 - 17:50
Chairperson’s closing remarks
A reflection on today’s discussions, & thank you to our audience & speakers.
19:00
Gala dinner
08:30 - 09:00
Morning registration & breakfast
09:00 - 09:10
Opening remarks from the chairperson
A welcome from the chairperson
09:10 - 10:15
Roundtable discussions
Join group discussions with your peers on some of the most challenging & significant topics of today — please confirm attendance prior to the session beginning. Each host will facilitate the discussion & give a short roundup of key findings during the wrap up session.
Roundtable 1: Cyber Security & Cloud Integration
Ledum Maeba, Head of Information Security, Avanti
Roundtable 5: Risk Management
Andrew Leaning, Head of Cyber Security, Immediate Media
Roundtable 2: Incident Response
Steve Lorimer, CPO & CISO, Hexagon
Roundtable 6: AI & ML
Dinis Cruz, CISO, Holland & Barrett
Nick Harris, Deputy CISO, Holland & Barrett
Roundtable 3: Adopting a Zero Trust Strategy
Hosted by CloudFlare
Goher Mohammad, Group Head of Information Security, L&Q Group
Roundtable 7: Building Resilience
Kulwinder Johal, Head of Information Security, ElectraLink
Roundtable 4: IT Leadership
Ivan Milenkovic, Group CISO, Webhelp
Roundtable 8: Talent Management
Ian Scott, Head of Cyber Security, Manchester Metropolitan University
10:15 - 10:40
Roundtable wrap-up by the chairperson
Each host gives a short overview of key findings from their discussion & creates an ideas board to be distributed post event with the presentations.
10:40 - 11:00
Coffee break & networking
11:00 - 11:25
Workshop 6
AI in SecOps: The Reality
Elliott Went, Senior System Engineer, SentinelOne
11:25 - 11:50
Networking
11:50 - 12:15
Workshop 7
Secure everything you build and run in the Cloud
Iulian Toader, Solutions Engineer, Wiz
12:15 - 12:40
Networking
12:40 - 13:05
Workshop 8
Top Threats & Attacker Trends
Dor Zakai, Senior Director of Solutions Engineering, F5
11:00 – 13:05
One-to-One meetings
Intelligently matched one-to-one meetings:
- Vulnerability Management
- Security Awareness
- Data Governance & DLP
- Threat Intelligence
- PUM & Authentication
- Cloud Security
- Third Party Risk Management
- GRC
- Malware Protection
- Identity & Access Management
- Application Security
- Mobile Security
- Regulatory Management
13:05 - 14:00
Networking lunch
Stream 1 - Incidents Response
14:00-14:35
Successfully Responding to Security Breach Incidents to Strengthen Cyber Resilience
- Preparing incident response plans to establish the roles of all staff in managing a security breach
- Learning from security breaches to address causes to incidents and improve cyber protection
Dinis Cruz, CISO, Holland & Barrett
Nick Harris, Deputy CISO, Holland & Barrett
Stream 2 - Staff Burnout
14:00-14:35
Understanding the psychological aspect of cyber security in order to mitigate the risk of breaches
- Why staff burnout can cause breaches and how can you prevent this?
- Detecting and understanding when staff burnout maybe a risk
- Recovering from a breach caused by staff burnout
Tamlynn Deacon, Head of Information & Cyber Security, HBK – Hottinger Brüel & Kjær
Stream 1 - Automotive Attacks
14:35-15:10
Rise of Automotive Attacks a Threat Model Approach
- What is automotive hacking and how can they be mitigated
- Automotive threats and how to deal with them
- A look at threat model approaches and mitigation controls
Abbas Haidar, CISO, WorldFirst
Stream 2 - Quantifying Risk
14:35-15:10
Quantifying Risk & Demonstrating Return on Investment in Security
- Changing the conversation around cyber security to understand where accountability for cyber risk should lie
- Aligning cyber security with business goals and objectives
- How are cyber security experts measuring and evaluating cyber risk? How is it assisting them in building the business case for cyber security investment
Jay Moloo, Corporate Information Security Officer, DB Schenker
15:15 - 15:55
Panel: Embedding New technology to Reduce Cyber Security Risks
- How can you collaborate with technology providers to design an effective software that meets your cyber security priorities
- Working with staff to make the best use of new technology and strengthen cyber defences
- Engaging with senior leaders to secure resources for new information security technology
Richard Guttridge, Head of Network Security, TUI
Kevin Gourlay, Head of IT Security, IG Group
Steve Lorimer, CPO & CISO, Hexagon
15:55 - 16:00
Closing remarks from the Chairperson