Agenda

►From Threat Landscape to Defence How to Supercharge your Cyber Threat Intelligence Approach

James Kwaan, CIO - GS&S, Lloyds Banking Group

• What the current threat landscape is based on breaches, data, and the associated risk
• Diving Deeper - How to practically exploit MITRE tools to help in your defence to meet the threat
• How to process threat intelligence into MITRE ATT&CK
• How to deal with insider threat
• How to predict adversary tactics
• How to measure your CTI maturity 

►The Intelligence Revolution: Thoughts on AI Innovation and Impact | Reviewing Artificial Intelligence in 2025 for Security Leaders

Jill Robertson, Former Deputy CISO Metro Bank & Independent Consultant

• AI Landscape and real world impact
• Where this could go and why we should care
• Staying informed and inspired

►Inside the Mind of the Adversary: Offensive Innovation and the Future of Cyber Threats

Manit Sahib, Ethical Hacker & Former Head of Penetration Testing & Red Teaming, Bank of England 
Dhruv Bisani, Head of Adversarial Attack Simulations, Starling Bank 
William Dixon, Associate Fellow, Royal United Services Institute Senior Technology Cyber Fellow, The Ukraine Foundation

• How modern threat actors are using AI, supply chain compromises, and "living-off-the-land" tactics to evade detection and extend their presence
• What simulated attacks uncover that real-world breaches often miss—and where enterprise defenses most frequently break down
• From social engineering to credential stuffing and zero-click exploits: the methods adversaries use to slip past perimeter defenses and establish control
• What hackers see as tomorrow’s easiest targets—quantum-era risks, edge/IoT vulnerabilities, and deepfake-powered social engineering

►Guarding the Gates You Don’t Control: Third-Party Threats and the Expanding Perimeter

Federico Iaschi, Information Security Director, Starling Bank

• How do you assess and prioritise cyber risk across your third-party ecosystem?
• What contractual, technical, or governance mechanisms have proven most effective in enforcing cybersecurity standards among your vendors?
• With regulators placing increasing focus on third-party risk (e.g., DORA, SEC, OCC guidance), how are you aligning compliance efforts with operational risk management?
• How do you ensure your organisation is prepared to respond to a cyber incident originating from a key third-party or cloud provider?
   

►Panel Discussion: The Quantum Threat Timeline: Migration Challenges and Strategic Planning

Adam Avards, Principal for Cyber and Third Party Risk Policy, UK Finance (Moderator) 
William Dixon, Associate Fellow, Royal United Services Institute Senior Technology Cyber Fellow, The Ukraine Foundation

• What is the current state of quantum computing and how soon must financial institutions act to mitigate quantum threats?
• What are the real-world implications of transitioning to quantum-resistant algorithms?
• How can organisations build roadmaps that align with regulatory and operational realities?

►Securing GenAI: Our Journey & Lessons Learned

Ali Shepherd, Director of Cyber & Operational Resilience (CISO), FCA

• Balancing Innovation and Risk
• Embedding Responsible AI
• Addressing novel risks and threats

►Safeguarding Your Enterprise: Addressing Human and Insider Risks in Data Loss Prevention

Henry Glynn, Cyber Security Solutions Specialist, Bytes
James Burchell, Sales Engineering Manager, Crowdstrike
Khetan Gajjar, Manager of Sales Engineering, Mimecast

• Addressing both accidental and malicious data loss
• The importance of managing human risk and insider threats
• How to enhance user awareness to prevent accidental data loss
• Securing collaborative platforms to prevent data breaches
• Ensuring compliance with regulatory requirements to mitigate risks
• Detecting anomalous user behaviour to identify potential insider threats and prevent malicious data loss