Agenda

08:00 - 08:50

Breakfast & Networking
08:50 - 09:00

Chairs Welcome
09:00 - 09:20

►Head in the Clouds : Securing the Cloud-native Enterprise 

Ben Trethowan, CISO, Brit Insurance

  • The importance of effective Cloud-platform control, management, and visibility.
  • The role of Machine Identity in Cloud-native architectures.
  • Leveraging Identity Governance to prevent the accumulation of privilege.
  • ‘Designing in’ secure configuration and hardening prior to deployment.
  • The relationship between Cloud, Application Security and Software Development.
09:20 - 09:40

►Beyond Visibility: Leveraging AI to burn down cyber risk

Garry Sidaway, Principal Solutions Engineer, Balbix

  • AI has enabled organizations to make significant progress in reducing cyber risk
    quickly.
  • Balbix customers have used AI to analyse and infer vulnerabilities without periodic scans, correlate and deduplicate vulnerabilities to reduce the number of vulnerability instances, understand the business impact in monetary terms of mitigating specific vulnerabilities, and prioritize vulnerabilities based on threats, controls, exposure, and business impact. 
  • The key to effective risk management lies in the ability to process vast amounts of data and identify specific vulnerabilities that need to be mitigated now.
  • Using measurable data, organizations can reduce risk while improving collaboration and
    communication between security and IT teams. Discover how leading organizations are
    leveraging AI to manage their risk effectively.
09:40 - 10:00

► Elite SOC Performance through Intelligence Led Security Operations - the “Wartime” perspective

Steve Benton, VP Anomali Threat Research, Anomali 

  • With over a decade of experience protecting BT across the globe Steve will share his real-world experience and how the security mission can be achieved at an elite level of performance. He will share a different approach that recognises the two states organisations operate in versus the dynamic cyber threat – “Peacetime” and “Wartime”. In this talk he will focus on “Wartime” (where a threat is coming at or has hit the organisation).
  • Smart use of intelligence in Wartime drives the core decision making cycle critical for incident response to disrupt the attack and minimise harm. NIS2 now expects this from organisations - but how? - surely there isn’t enough time for anything other than reaction?
  • Post the Covid fuelled rapid digitisation of enterprises cyber threat now constitutes a full-on business interruption risk for which the consequences can be significant and potentially existential. C-level execs and boards are worried and the CISO and security team have never been under more pressure to achieve the security mission. 
  • It is time to do things differently. Steve will tell you how. Be different, be the Anomali.
     
10:00 - 10:20

►Cyber insurance: the last line of defence 

Mike Tewfik, Cyber & Tech Underwriter, Beazley

  • Key claims data and current insights
  • Shedding light on risks and ways to boost your cyber insurance protection
  • Boosting your insurability
10:20 - 11:00

►Education Seminars Session 1

Delegates will be able to choose from the following education seminars:

  • Turning the DORA regulation into a proactive defensive strategy, Ian Dutton, Senior Sales Engineer UK, Gatewatcher
  • Managing Security Incidents: Prevention Strategies and Worst-Case Planning, Natalija Buldakova, Solution Architect, Quest Software
11:00 - 11:30

Networking Break
11:30 - 11:50

►The AI Genie is Out of the Bottle - What's Next? 

Robin Bylenga, Digital Strategy & AI Security Lead, DWS

We will discuss the journey of embracing AI within your organisation to include:

  • Why it is important to define what AI means to your organisation.
  • Critical Steps in the Journey
  • Differentiate between Ethical AI and Responsible AI
  • Resources for guidance to include how to stay up-to-date on the constantly updated regulations
11:50 - 12:10

►Fire with Fire: Leveraging Advanced Technologies to Protect Against Sophisticated Cyber Threats

Dan Jones, Senior Security Advisor, Tanium

  • Examine a brief history and the transformative role of AI in financial sector security
  • Assess the adoption and the risks of weaponisation of AI
  • See how fundamental hygiene is essential to safeguard against potential threats in this rapidly evolving landscape, providing practical guidance.
12:10 - 12:30

►Building a Security Program in the Ai Age

Dom Lucas, Head of Security, British International Investment

  • Exploring AI threats and necessary frameworks for addressing them
  • Developing responsible, user-centred principles to balance opportunity and risk
  • Building a resilient security program that allows the adoption of AI to flourish
12:30 - 13:10

►Education Seminars Session 2

Delegates will be able to choose from the following education seminars:

  • Browser security – the proven prevention layer for enterprise cybersecurity, Tom McVey, Sr. Solution Architect, Menlo Security
  • What can we learn from 1,000,000 applications, Andy Sutcliffe, Principal Solution Architect, Veracode 
13:10 - 14:00

Lunch & Networking
14:00 - 14:20

►Facing the AI Security challenge in The Financial Sector head on

Yair Kler, Head of Security Architecture, Standard Chartered Bank

  • Adapting Risk Management Frameworks for AI: Exploring how financial institutions can update their risk management frameworks to effectively address the unique security challenges posed by advanced AI technologies.
  • Enhancing Operational and Development Methodologies: Discussing the integration of robust security practices into operational and development processes to safeguard against AI-specific threats.
  • Implementing Comprehensive Third-Party Risk Assessments: Outlining strategies for evaluating and managing risks associated with third-party AI solutions and partnerships to ensure a secure financial ecosystem.
14:20 - 14:40

►Unlocking opportunities and understanding recruitment dynamics

Charlee Ryman, Co-Founder, Trident Search

  • The real recruitment market (market trends)
  • Where clients are failing
  • How to futher your career within security at all levels
  • What should you be earning?
  • Certifications VS Real experience
14:40 - 15:20

►Education Seminars Session 3

Delegates will be able to choose from the following education seminars:

  • AI Powered Identity: Fact or Fantasy?, Rob Byrne, Field Strategist, One Identity
  • Cyber Prevention & Remediation: The journey from Machine Learning to AI, Jay Gray, Interim Head of Cyber Solutions, Cloud Renewals & Standard Soln, Exponential-e
15:20 - 15:40

Networking Break
15:40 - 16:00

►AttackGen: Leveraging AI for Dynamic Incident Response Testing 

Matt Adams, Head of Security Enablement, Citi

  • AttackGen makes threat-driven incident response testing more accessible and efficient for organisations of all sizes.
  • It combines data from MITRE ATT&CK with Large Language Models to quickly generate comprehensive incident response scenarios for Red & Blue teams.
  • This talk will feature live demos that explore AttackGen’s features.
16:00 - 16:30

►Panel discussion: Managing personal legal and emotional challenges for CISOs

Simon Brady, Managing Editor & Event Chairman, AKJ Associates (Moderator)
Jonathan Armstrong, Partner, Punter Southall Law
Peter Olivier, Head of Security Delivery, Admiral Insurance 
Ash Hunt, CISO, Apex Group

  • With increasing personal liability for CISOs under UK regulations and the emotional toll of being held accountable for cyber incidents — including potential fines and criminal charges — how do you balance legal accountability and personal responsibility?
  • How can CISOs guard against their own liability?
  • Are you worried about personal liability? Is insurance a consideration?
  • Addressing ethical challenges such as balancing business interests with security needs along with the personal consequences of these decisions.
  • With the psychological impact on CISOs, does your organisation offer support for stress management and mental health and what’s out there for CISOs?
16:30 - 17:30

Drinks Reception & Networking

Education seminars


Turning the DORA regulation into a proactive defensive strategy


Ian Dutton, Senior Sales Engineer UK, Gatewatcher

Integrating Network Detection and Response (NDR) with DORA raises your defensive strategy to the next level. In 30 minutes, let’s cover how NDR's real-time threat detection and automated response capabilities combined with GenAI assistant technology, ensure that organisations can work faster and smarter in detecting and remedying evolving Cyber threats.

Attendees will learn:

  • Overview of the DORA regulation
  • How to transform a regulation into an opportunity
  • Why an NDR is the most appropriate technology to get prepared

Managing Security Incidents: Prevention Strategies and Worst-Case Planning


Natalija Buldakova, Solution Architect, Quest Software

With 74% of breaches involving the human element and ransomware attacks skyrocketing, safeguarding business identities has never been more crucial. Join us in this session as we explore the pivotal role of protecting your business from these threats. You'll gain actionable insights into potential consequences and effective mitigation strategies, alongside comprehensive worst-case scenario planning. Empower yourself to fortify your organisation's defences against evolving cyber threats with practical knowledge and proactive measures.

Attendees will learn:

  • Today’s Cybersecurity Challenges
  • Implementing Dynamic Preventative Measures
  • Developing Robust Strategy for Worst-Case Scenarios
     

AI Powered Identity: Fact or Fantasy?


Rob Byrne, Field Strategist, One Identity 

AI and Machine Learning promise to transform our lives and work, including Cyber Security. But is it genuinely 'Intelligence,' or is the hype overblown? What risks does it pose? Can AI simplify my life, autonomously protect my organization, and bring tangible value?

Attendees will learn:

  • Techniques for integrating Identity-centred Analytics, Insight, and Intelligence into your Cyber Security strategy, helping your organization navigate the AI-powered future effectively.
     

Browser security – the proven prevention layer for enterprise cybersecurity


Tom McVey, Sr. Solution Architect, Menlo Security

According to Google, 98% of attacks originate from internet usage and 80% of those target end user browsers – sadly all too successfully. Combine this stark reality, with users’ relentless demand for new SaaS and private applications, often collaborating with external stakeholders, and security pros are always running to stand still.  

Attendees will learn:

  • Security – The proven value of robust browser security across managed and unmanaged devices – automating browser configuration and establishing enhanced browser forensics.
  • Connectivity – Your users and third parties need access to SaaS applications, private web apps and data, including the use of GenAI. We share how organisations are enhancing user protection and productivity while reducing the cost and complexity of solutions such as VDI.
  • Compliance – How browser security supports organisations striving to comply with key NIS 2 requirements for incident management and prevention 
  • We will provide real world examples and case studies of how to increase cyber prevention through improved browser security. 

What can we learn from 1,000,000 applications


Andy Sutcliffe, Principal Solution Architect, Veracode

Generative AI is already having a big impact on the way that software is being developed. AI assistance is allowing code to be produced faster and in greater volume than ever but it is not delivering more secure code. Generative AI models have been trained using existing code with all of the same flaws and weaknesses that plague software. Meanwhile organisations are already drowning in security debt, so the influx of new vulnerable code could be the straw that breaks the camel’s back.

What attendees will learn:

  • Review recent research into AI Code Generation and Software Security. 
  • Gain insight into where we are today and how we can plot a course to more secure software portfolios. 
     

Cyber Prevention & Remediation: The journey from Machine Learning to AI


Jay Gray, Interim Head of Cyber Solutions, Cloud Renewals & Standard Soln, Exponential-e 

AI has been a part of Cyber Security for many years, but maybe not quite as we know it. Machine learning (ML), a subset of AI has been incorporated into dozens of cyber-related technologies over the last decade within solutions such as Next Generation Firewalls, IDS/IPS systems, SASE, the list goes on. However, with new AI advancements, Cyber Security has evolved a great deal – a key component for the financial services sector to be implementing. This session will explore the shift from traditional machine learning to AI-driven approaches, emphasizing their impact on financial institutions. 

Attendees will learn:


•    AI's role in detecting fraudulent activities
•    Safeguarding sensitive data
•    Automating incident responses
•    Our subject matter expert will also delve deeper into how AI can identify complex threats and reduce response times, ensuring robust protection of financial assets and future trends in AI-enhanced cybersecurity for the financial industry.