8:30 - 9:25
Arrival, registration & breakfast networking
The event will begin with an informal networking session over a continental breakfast. This gives the attendees the opportunity to begin expanding their networks and to break into small groups and begin to discuss their biggest challenges and to exchange ideas
9:30 - 9:40
Introduction from the Network Group and the Chair
A brief introduction to the event software—this software, unique to the industry, empowers our attendees to make the most effective use of their time at the event by maximising networking opportunities. The software designs a personalised agenda and enables attendees to arrange One-to-One meetings with each other. This will be followed by a welcome from the Chair
Michael Colao, Chief Security Officer, AXA UK
9:40 - 10:15
Considering future cyber threats and the next wave of attacks
- Deliberating past threats to predict the future threat landscape
- Acknowledging the growing crossover between cyber criminals and nation state actors to identify how this will affect cyber threats in the future
- Strengthening partnerships to adapt and working collaboratively to enhance the response
Paul Edmunds, Head of Technology, National Cyber Crime Unit, National Crime Agency
10:15 - 10:50
Creating a safe, accessible network enabling a flexible and mobile workforce
- Overcoming the challenges of working on a virtual network and creating a successful back-up plan
- Remaining within your risk appetite to eliminate potential downfalls
- Deliberating the unstructured shape of your perimeter in the cloud to ensure the correct security measures are applied
Dave Harcourt, Chief Security Advisor, BT
10:50 - 11:00
Coffee break and networking
11:00 - 11:25
Workshop 1
Vulnerability Management – beyond the scanner
Mike Heredia, Regional Sales Director, EMEA North & Middle East, Skybox Security
11:25 - 11:50
Networking
11:50 - 12:15
Workshop 2
How to make the invisible visible
Wallace Sann, VP of Global System Engineering & Government CTO, ForeScout Technologies
12:15 - 12:40
Networking
12:40 - 13:05
Workshop 3
Destruction by Document: The greatest threat demands the most innovative approach
Rod Hawkins, Sales Director, UKI, Glasswall Solutions
Nicholas Bloom, Vice President of Marketing, Glasswall Solutions
11:00 - 13:05
One-to-One meetings
Intelligently matched one-to-one meetings:
- Vulnerability Management
- Security Awareness
- Data Governance & DLP
- Threat Intelligence
- PUM & Authentication
- Cloud Security
- Third Party Risk Management
- GRC
- Malware Protection
- Identity & Access Management
- Application Security
- Mobile Security
13:05 - 14:00
Networking Lunch - hosted by Skybox Security
AI
14:00 - 14:35
AI and machine learning—brave new world or not so new?
- Discovering what machine learning really is—what are the technique and how old are they?
- Identifying where they can excel in security measures
- Adopting strategies and tips—’everything AI’ vs. ‘Bang for your Buck’
Mark Osborne, EMEA CISO, JLL
Educating the Future & Diversity
14:00 - 14:35
Debating the skill gap in Information Security and outlining strategies to overcome it
- Deliberating the emergence of DevSecOps and how that will affect training programs
- Delivering realistic views to future workforce to manage expectations
- Understanding the importance of diversity of thought in Information Security
Joseph Da Silva, CISO, Electrocomponents
Maintaining confidence
14:40 - 15:15
How do I not know that? Maintaining confidence in security
- Excusability and information security risks
- Considering hard questions that look easy
- Building and maintaining confidence
Michael Colao, Chief Security Officer, AXA UK
Security Behaviour
14:40 - 15:15
Establishing a baseline to measure behavioural change
- Developing an Information Security culture study using quantitative and qualitative research
- Identifying the impact on your Information Security awareness programme
- Understanding what behaviours you should measure after each security awareness campaign
Denise Beardon, Head of Information Security Engagement, Pinsent Masons
15:15 - 15:25
Coffee break and networking
15:25 - 15:50
Workshop 4
Outsmart, outpace, and outmanoeuvre cyberattacks with next generation Incident Response
Andrew Yeates, Pre-Sales Consultant, IBM
15:50 - 16:15
Networking
16:15 - 16:40
Workshop 5
Endpoint Protection and Privacy: Can you accomplish both?
Niall Sheffield, Lead Solutions Architect UK, SentinelOne
16:40 - 17:05
Networking
15:25 - 17:05
One-to-One meetings
Intelligently matched one-to-one meetings:
- Vulnerability Management
- Security Awareness
- Data Governance & DLP
- Threat Intelligence
- PUM & Authentication
- Cloud Security
- Third Party Risk Management
- GRC
- Malware Protection
- Identity & Access Management
- Application Security
- Mobile Security
17:10 - 17:55
Panel discussion: Discussing GDPR—best practices and findings since May 2018
A few months into the implementation of GDPR and one year since our last discussion, our expert panellists will discuss key findings, surprises and learnings so far. The panel will then be opened for an interactive Q&A session with the audience.
Hosted by: Sarah Harvie, Head of Information Security, Merlin Entertainment
Kevin Alameida, Chief Data & Security Officer, Mitie
Ken Cheng, Head of Global Privacy Compliance and DPO, Computime
Lydia Benatia, Group Head of Privacy, Prudential
17:55
Close of Day 1
19:00
Networking dinner & drinks reception featuring after-dinner speaker Jenny Radcliffe, The People Hacker - Hosted by Palo Alto Networks
8:30 - 9:00
Morning registration and breakfast discussion groups
The breakfast discussion groups will be based upon pertinent topics being addressed at the event. Tables will be assigned individual topics for delegates to discuss over breakfast
9:00 - 10:00
Roundtable discussions
Join group discussions with your peers on some of the most challenging and significant security topics—please confirm attendance prior to the session. Each host will facilitate the discussion and give a short presentation of key findings in the wrap up session.
Roundtable 1: Discussing DevSecOps
Hosted by: Khadir Fayaz, VP Global Information Security Engineering and Architecture, Pearson
Roundtable 4: Awareness training
Hosted by: Gary Spokes, Director of Information Security, Korn Ferry Hay Group
Roundtable 2: Cloud
Hosted by: Dave Harcourt, Chief Security Advisor, BT
Roundtable 5: Third party management
Hosted by: Chris Leather, Global Director of IT Risk and Security, Clifford Chance
Roundtable 3: Ransomware
Hosted by: Daniel Nunn, Principal Technology Resilience & Cyber, FCA
Roundtable 6: Information Governance
Hosted by: Julie Burcham, Information Governance, Southern Water
10:00 - 10:50
Wrap-up session
Each host gives a short overview of key findings from their discussion and creates an ideas board to be distributed post event with the presentations.
10:50 - 11:00
Coffee break & networking
11:00 - 11:25
Workshop 6
2020 Disruption to the cyber security consumption business model
Nick Robinson, Systems Engineering Manager, Palo Alto
11:25 - 11:50
Networking
11:50 - 12:15
Workshop 7
Zero trust security—never trust, always verify
Chris Morgan, Regional Manager, Centrify
12:15 - 12:40
Networking
12:40 - 13:05
NETWORKING
11:00 - 13:05
One-to-One meetings
Intelligently matched one-to-one meetings:
- Vulnerability Management
- Security Awareness
- Data Governance & DLP
- Threat Intelligence
- PUM & Authentication
- Cloud Security
- Third Party Risk Management
- GRC
- Malware Protection
- Identity & Access Management
- Application Security
- Mobile Security
13:05 - 14:00
Networking Lunch - Hosted by Glasswall Solutions
Educating users
14:00 - 14:35
Creating a unique and innovative training and awareness program to engage your staff
- Considering alternative platforms to educate users in order to safeguard your network
- Developing department specific programs to ensure content is relevant and applicable
- Changing users perception to change their approach to security
Mike Pitman, CISO, Dunnhumby
Talking up security
14:00 - 14:35
Engaging with the board and executives to secure funding and resources
- Investigating the growth of the ‘cyber’ brand and the opportunity this has created
- Considering who you are talking to and what their needs are in comparison with yours
- Creating a simple and translatable report to the board highlighting key information only
Phil Huggins, Group Head of Information Risk & Security, Prudential
Third Party Management
14:40 - 15:15
Managing third party risk
- Understanding the supply chain risk
- Assessing, managing and monitoring suppliers
- Suppliers as part of operational resilience
Ruth Anderson, Head of IT and Cyber Risk, Lloyds Banking Group
Threat Hunting
14:40 - 15:15
Revealing best practices for pro-actively hunting threats and staying one step ahead of the enemy
- Developing an understanding of the enemy in order to recognise a potential threat
- Reacting appropriately to a potential threat and ensuring you escalate accordingly
- Assessing service providers and tools to ensure you are using the right lens
Geoff Rawlings, Regional Information Security Leader, Nielsen
IoT
15:20 - 15:55
Secure by design—tackling the challenges of IoT
- Considering what levels of cybersecurity are necessary for IoT to meet GDPR
- Deliberating the rapid evolution and proliferations of IoT in the UK
- Can consumer security, privacy and safety be maintained from potentially insecure devices?
Ken Cheng, Head of Global Privacy Compliance and DPO, Computime
Protecting Data
15:20 - 15:55
Eradicating data leaks and going back to the fundamentals of information security
- Debating the effectiveness of data encryption in protecting your information
- Evaluating tools that can be used to mitigate an attack from the inside to ensure you are using the right software
- Identifying normal and abnormal behaviour through behaviour analytics to pinpoint potential threats
Ryan Nicholson, Information Security Officer, RAC
15:55 - 16:00
Closing remarks from the Chair
16:00