8:30 - 9:30
Arrival, registration & breakfast networking
The event will begin with an informal networking session over a continental breakfast. This gives the attendees the opportunity to begin expanding their networks and to break into small groups and begin to discuss their biggest challenges and to exchange ideas.
9:30 - 9:40
Introduction from the Network Group and the Chairperson
A brief introduction to the event software—this software, unique to the industry, empowers our attendees to make the most effective use of their time at the event by maximising networking opportunities. The software designs a personalised agenda and enables attendees to arrange One-to-One meetings with each other. This will be followed by a welcome from the Chair.
Phil Cordey, Group Head of IT Security, Inchcape
9:40 - 10:15
Become a Power CISO in 30 days (but probably much longer)
- Dispel the myth that a “one size fits all” approach works in gaining Board support in all or even in any organisation
- Examine organisational traits, behaviours and decision drivers that could influence the success of your chosen approach
- Highlight a toolkit of strategies & habits to help… with a hint of humour
Mark Osborne, CISO, JLL
10:15 - 10:50
Going Passworldless: Lessons learnt from the 2017 Parliament Cyber Attack
- Investigating the response and cause of the 2017 Parliament Cyber Attack
- Changing the mindset from re-active to pro-active
- Overcoming the ever-changing challenges of Identity Access Management
Yochana Henderson, Head of Identity Access Management, UK Parliament
10:50 - 11:00
Coffee break and networking
11:00 - 11:25
Workshop 1
“If you know the enemy and know yourself you need not fear the result of a hundred battles” – Sun Tzu, 500 B.C.
Justin Coker, Vice President, EMEA, Skybox Security
11:25 - 11:50
Networking
11:50 - 12:15
Workshop 2
Space junk securing the other 80% of your Data
Ben Bulpett, EMEA Identity Platform Director, Sailpoint
12:15 - 12:40
Networking
12:40 - 13:05
Workshop 3
Seeing the Attacker’s View: A People-centric Approach to Security
Richard Davis, Cybersecurity Strategist, ProofPoint
11:00 - 13:05
One-to-One meetings
Intelligently matched one-to-one meetings:
- Vulnerability Management
- Security Awareness
- Data Governance & DLP
- Threat Intelligence
- PUM & Authentication
- Cloud Security
- Third Party Risk Management
- GRC
- Malware Protection
- Identity & Access Management
- Application Security
- Mobile Security
13:05 - 14:00
Networking Lunch Hosted by Skybox Security
Stream 1 - Inconvenient Truths
14:00 - 14:35
The challenge of IT and Information Security
- Analysing the most common incidents to accurately assess your organisation’s risk
- Assessing the moving goalposts and the detriment it can have on IT & Infosec teams
- Evolving your organisation’s security posture to ensure achievable and realistic continuous steps
Phil Cordey, Group Head of IT Security, Inchcape
Stream 2 - Emerging Innovations
14:00 - 14:35
Emerging innovations in technology that will impact cyber security
- Investigating the cause of increasing risk of cyber security and what this means for your business
- Overview of the latest emerging innovations in technology and how to prepare for this
- Leveraging new technologies with fundamental security controls
Dr Kevin Jones, Head of Cyber Security, Airbus
Stream 1 - Strategic alignment
14:40 - 15:15
The future of the CISO: Aligning the cybersecurity function with organisational strategy
- Investigating how to build strong relationships with executive colleagues
- Developing strategic plans aligned with the organisations goals to articulate their value
- Establishing a framework with the right support and resources to respond to future threats
Scott Barnett, Head of Cyber & Information Security Services & Deputy CISO, TSB
Stream 2 - Insider Threats
14:40 - 15:15
CISOs Guide to Insider Threats: Prevent, detect and respond
- Identifying and building a defence against insider threats
- Best practices for a successful insider threat program
- Future proofing your internal security
Billy Fagan, CISO, QinetiQ
15:15 - 15:25
Coffee break and networking
15:25 - 15:50
Workshop 4
Drive Digital Transformation in Traditional Industries with Okta
Kevin Butler, Digital Identity, Information Security Management & Solutions Architect, Okta
15:50 - 16:15
Networking
16:15 - 16:40
Workshop 5
A CISO’s journey to impact: taking endpoint security to the next level
Neil Binnie, Head of Information Security & Compliance, Morgan Sindall Group
16:40 - 17:05
Networking
15:25 - 17:05
One-to-One meetings
Intelligently matched one-to-one meetings:
- Vulnerability Management
- Security Awareness
- Data Governance & DLP
- Threat Intelligence
- PUM & Authentication
- Cloud Security
- Third Party Risk Management
- GRC
- Malware Protection
- Identity & Access Management
- Application Security
- Mobile Security
17:10 - 17:55
Panel Discussion: The evolving relationship between the CIO, CTO and CISO
Moderated by: Phil Cordey, Group Head of IT Security, Inchcape
Mark Osborne, CISO, JLL
Louis Brook, CIO, First Direct
Nick Wood, CISO & DPO, ICBC Standard Bank
17:55
Close of Day 1
19:00
Networking dinner & drinks reception hosted by Verizon
8:30 - 9:00
Morning registration and breakfast discussion groups
The breakfast discussion groups will be based upon pertinent topics being addressed at the event. Tables will be assigned individual topics for delegates to discuss over breakfast
9:00 - 10:15
Roundtable discussions
Join group discussions with your peers on some of the most challenging and significant security topics—please confirm attendance prior to the session. Each host will facilitate the discussion and give a short presentation of key findings in the wrap up session.
Roundtable 1: Cloud Security
Lester Waters, Group Head of Cloud Security Architecture, Centrica
Roundtable 4: Incident Response and Planning
Barrie Millet, Head of Operational Resilience, Wesleyan
Roundtable 2: Ethics and AI
Martin Jimmick, Head of Information Security, Whitbread
Roundtable 5: Third Party Risk
Matt Gregory, Information Security Governance Officer, Pinsent Mason
Roundtable 3: Security and Privacy
Craig Botwin, Director of Privacy, Enterprise Holdings
Roundtable 6: Insider Threats
Steve Hill, Global Head of Technology Risk, Credit Suisse
10:15 - 10:50
Wrap-up session
Each host gives a short overview of key findings from their discussion and creates an ideas board to be distributed post event with the presentations.
10:50 - 11:00
Coffee break & networking
11:00 - 11:25
Workshop 6
How to Utilize Threat Hunting In A “Continuous Response” Approach to Cyber Defence
Peter Cohen, Director, F-Secure Countercept
11:25 - 11:50
Networking
11:50 - 12:15
Workshop 7
Using a risk-adaptive approach to your security strategy
Duncan Brown, Chief Security Strategist EMEA, Forcepoint
12:15 - 12:40
Networking
12:40 - 13:05
Workshop 8
Cloud Security Policies: General or Specific, Restrictive or Open?
Nigel Hawthorn, Cloud Security Expert, McAfee
11:00 - 13:05
One-to-One meetings
Intelligently matched one-to-one meetings:
- Vulnerability Management
- Security Awareness
- Data Governance & DLP
- Threat Intelligence
- PUM & Authentication
- Cloud Security
- Third Party Risk Management
- GRC
- Malware Protection
- Identity & Access Management
- Application Security
- Mobile Security
13:05 - 14:00
Networking Lunch hosted by Forcepoint
Stream 1 - Third Party Risk
14:00 - 14:35
Managing Third Party risk through collaboration
- Overcoming the challenge of ensuring protection with little ability to monitor day-to-day operations
- Actively engaging and collaborating with third parties information Security training
- Investigating the areas of monitoring and incident response the CISO should ensure are addressed
Ian Colomb, CISO, Amey
Stream 2 - Strengthening the foundation
14:00 - 14:35
Case Study: Strengthening the foundation of security measures
- Tackling the challenges of creating strong policies and practices around foundational security measures
- Back to basic: best practices for security hygiene
- Creating a strategy that works with the strengths of your organisation and mitigates its weakness
Ben Rowden, Head of Information Security, TT Electronics
Stream 1 - Public Cloud
14:40 - 15:15
Rethinking Risk & Resiliency
- Understand the shift in security responsibilities
- Shift-left Security in the Agile Era – SecDevOps
- Learning key risks unique to the cloud
- Realising what questions you should be asking
Lester Waters, Group Head of Cloud Security Architecture, Centrica
Stream 2 - Case Study
14:40 - 15:15
Castles in the sky – a Data Loss Prevention story
- Understanding the environment
- Identifying the issues
- Finding the right answers
- Protecting your tower
Matt Gregory, Information Security Governance Officer, Pinsent Masons
15:20 -15:55
Panel Discussion: Organisational change to build a strong security culture
- What needs to change and who’s responsibility is it to encourage security culture?
- Investigating how to overcome the obstacles of building a security culture
- Encouraging internal security through engaging training and setting the right tone
Moderated by: Phil Cordey, Group Head of IT Security, Inchcape
Ian Colomb, CISO, Amey
Khadir Fayaz, VP, Security Architecture and Engineering, Pearson
Bernadette Palmer, Senior Director Information Security, Publicis Groupe
Cameron Young, Business Information Security Officer, Aviva
15:55 - 16:00
Closing remarks from the Chair
16:00
End of the event