Agenda

08.00 - 08.50

Breakfast networking & registration
08.50 - 09.00

Chair's welcome
09.00 - 09.20

►Securing GenAI: Our Journey & Lessons Learned

Ali Shepherd, Director of Cyber & Operational Resilience (CISO), FCA

  • Balancing Innovation and Risk
  • Embedding Responsible AI
  • Addressing novel risks and threats
09.20 - 09.40

►The attacker’s POV: How to build the right continuous threat exposure management (CTEM) program to reduce risk 

Matt Baird, Global Head of Customer Engineering, Cyberproof

  • Generating an effective organisational threat profile  
  • Identifying the threat actors, campaigns and adversarial TTPs that pose the greatest risk to your organisation  
  • Understanding the business and security risks of threat exposure
  • Gathering meaningful metrics to develop the business case for enhanced cybersecurity  
  • Developing a threat management solution that clearly helps manage and optimize your organisation's attack and defence surface 
09.40 - 10.00

►New Strategies for Exposure Management of Modern Infrastructure

Ian Perry, Head of Sales Engineering, Searchlight Cyber

  • How the traditional perimeter has been dissolved by the realities of cloud adoption
  • The theory of Continuous Threat Exposure Management (CTEM) as a new approach to your cybersecurity
  • How CTEM evolves and realises the lost promise of “Attack Surface Management”
  • Case study examples of exposure management being deployed to prevent exploitation and cyberattacks
     
10.20 - 10.40

►From Threat Landscape to Defence How to Supercharge your Cyber Threat Intelligence Approach

James Kwaan, CIO - GS&S, Lloyds Banking Group

  • What the current threat landscape is based on breaches, data, and the associated risk
  • Diving Deeper - How to practically exploit MITRE tools to help in your defence to meet the threat
  • How to process threat intelligence into MITRE ATT&CK
  • How to deal with insider threat
  • How to predict adversary tactics
  • How to measure your CTI maturity 
10.20 - 11.00

►Education Seminars 1

Delegates will be able to choose from a range of topics:

  • Securing the Flow of Data in the Age of AI, Rich Beckett, Product & Solution Strategy, EMEA, Netskope
  • Rubrik to be announed
  • Orange Cyberdefense to be announced
11.00 - 11.30

Networking break
11.30 - 11.50

►Cyber Leadership in an era of Dis-Cooperation

William Dixon, Associate Fellow, Royal United Services Institute and Senior Technology Cyber Fellow, The Ukraine Foundation

  • How global trade fragmentation impacts the community
  • How the "America First" Foreign Policy is leading to cyber instability
  • Actions the Cyber C-Suite can take
11.50 - 12.10

►Aggressive Defence: Moving from Detect & Respond to Prevent & Investigate with Identity centric security operations

Rory Shannon, Global VP Engineering, Cyderes
12.10 - 12.40

►Inside the Mind of the Adversary: Offensive Innovation and the Future of Cyber Threats

Manit Sahib, Ethical Hacker & Former Head of Penetration Testing & Red Teaming, Bank of England 
Dhruv Bisani, Head of Adversarial Attack Simulations, Starling Bank 
Rob Flanders, Head of Threat and Incident Response, BAE Systems 
Lino Gambella, CTO, Defenx

  • How modern threat actors are using AI, supply chain compromises, and "living-off-the-land" tactics to evade detection and extend their presence
  • What simulated attacks uncover that real-world breaches often miss—and where enterprise defenses most frequently break down
  • From social engineering to credential stuffing and zero-click exploits: the methods adversaries use to slip past perimeter defenses and establish control
  • What hackers see as tomorrow’s easiest targets—quantum-era risks, edge/IoT vulnerabilities, and deepfake-powered social engineering
12.40 - 13.20

►Education Seminar 2

Delegates will be able to choose from a range of topics:

  • AI Is Eating Your SDLC: Why It’s Time to Break Up With SAST (Just a Little), James Fenton, Senior Regional Sales Manager UK, Contrast Security
    & John Wood, Leader, Next-Gen Application Security, Contrast Security
  • Building Secure and Scalable Financial Services: The Isovalent Approach to Cloud Native Transformation, Raymond de Jong, EMEA Field CTO, Isovalent
  • This is Not a Drill - Live Cyber Incident Response Exercise, Peter Lane, Consultancy Director, Cyro Cyber
13.20 - 14.30

Lunch networking break
14.30 - 14.50

►Guarding the Gates You Don’t Control: Third-Party Threats and the Expanding Perimeter

Federico Iaschi, Information Security Director, Starling Bank

  • How do you assess and prioritise cyber risk across your third-party ecosystem?
  • What contractual, technical, or governance mechanisms have proven most effective in enforcing cybersecurity standards among your vendors?
  • With regulators placing increasing focus on third-party risk (e.g., DORA, SEC, OCC guidance), how are you aligning compliance efforts with operational risk management?
  • How do you ensure your organisation is prepared to respond to a cyber incident originating from a key third-party or cloud provider?
14.50 - 15.10

►Safeguarding Your Enterprise: Addressing Human and Insider Risks in Data Loss Prevention

Henry Glynn, Cyber Security Solutions Specialist, Bytes
James Burchell, Sales Engineering Manager, Crowdstrike
Khetan Gajjar, Field CTO, EMEA, Mimecast

  • Addressing both accidental and malicious data loss
  • The importance of managing human risk and insider threats
  • How to enhance user awareness to prevent accidental data loss
  • Securing collaborative platforms to prevent data breaches
  • Ensuring compliance with regulatory requirements to mitigate risks
  • Detecting anomalous user behaviour to identify potential insider threats and prevent malicious data loss
15.10 - 15.50

►Education Seminar 3

Delegates will be able to choose from a range of topics:

  • Complying with PRA Insider Risk Requirements: Focusing on What’s Achievable and Effective, Daniel Velez, GCITP, ITPM, CISSP, Senior Advisor, Insider Risk, Everfox & Aaron Mulgrew, Senior Solutions Architect, Western Europe & UK, Everfox
  • Gradian to be announced soon
15.50 - 16.10

Networking break
16.10 - 16.30

►Ransomware in Financial Services: How AI-Driven Ransomware Will Trigger the Next Major Breach

Manit Sahib, Ethical Hacker & Former Head of Penetration Testing & Red Teaming, Bank of England

  • LIVE DEMO - Inside the first AI-powered ransomware attack 
  • Why Financial Services is the perfect target — and how attackers are breaking in more easily than most think
  • First-hand insights from real-world red team ops 
  • Why traditional security fails — compliance checklists and conventional tools don’t stop modern ransomware
  • What CISOs and security leaders must do now 
16.30 - 17.00

►Panel Discussion: The Quantum Threat Timeline: Migration Challenges and Strategic Planning

Adam Avards, Principal for Cyber and Third Party Risk Policy, UK Finance (Moderator) 
William Dixon, Associate Fellow, Royal United Services Institute and Senior Technology Cyber Fellow, The Ukraine Foundation 
Federico Iaschi, Information Security Director, Starling Bank 

  • What is the current state of quantum computing and how soon must financial institutions act to mitigate quantum threats?
  • What are the real-world implications of transitioning to quantum-resistant algorithms?
  • How can organisations build roadmaps that align with regulatory and operational realities?
17.00 - 17.00

Chair's closing remarks
17.00 - 18.00

Drinks reception

Education seminars


AI Is Eating Your SDLC: Why It’s Time to Break Up With SAST (Just a Little)


James Fenton, Senior Regional Sales Manager UK, Contrast Security
John Wood, Leader, Next-Gen Application Security, Contrast Security

In a world where AI accelerates software development and attackers exploit production logic in real time, financial institutions face a widening gap between risk and reality. The traditional AppSec playbook—scan early, scan often, drown in results—no longer scales. In this interactive session, John Wood and James Fenton unpack how Application Detection and Response (ADR) gives financial services a new way to think about application security-one that’s real-time, risk-aligned, and finally developer-friendly. We’ll share stories from the field, bust a few myths about shift-left security, and offer a practical framework for CISOs and architects to rethink where and how they apply controls in an AI-native SDLC.

Attendees will learn:

  • A clearer understanding of what ADR is (and isn’t)
  • Practical guidance for reducing noise, closing legacy gaps, and defending Tier 2/3 apps
  • A security narrative that developers, risk officers, and regulators can finally agree on

Building Secure and Scalable Financial Services: The Isovalent Approach to Cloud Native Transformation


Raymond de Jong, EMEA Field CTO, Isovalent

As financial services accelerate their cloud native adoption, security, compliance, and operational excellence become critical at every stage of the journey. The Isovalent Platform, powered by Cilium and eBPF, delivers a unified approach to networking, security, and observability for Kubernetes environments - enabling financial institutions to reduce risk, increase agility, and meet regulatory demands. This session will outline how the Isovalent Platform supports financial organizations from initial deployment to advanced enterprise microservices, ensuring secure, compliant, and scalable cloud native operations.

Attendees will learn:

  • Establish reliable connectivity and hardened security for Kubernetes clusters, simplifying troubleshooting and operational management from day one
  • Achieve enterprise-grade security and compliance with Zero Trust network segmentation, transparent encryption, forensic insights, and seamless SIEM integration
  • Scale across multi-cloud and hybrid environments, bridging modern Kubernetes workloads with legacy infrastructure while maintaining security, observability and control

Securing the Flow of Data in the Age of AI


Rich Beckett, Product & Solution Strategy, EMEA, Netskope

Sensitive data movement is often seen as a risk, but restricting it outright can create operational and security challenges. In the era of AI, financial institutions need security frameworks that protect data while ensuring agility. This session explores how modern security strategies enable secure data flows that defend against AI risk, adapt to real-time risk signals, and turn security into an enabler for innovation with AI.

Attendees will learn:

  • The importance of anchoring AI adoption in your approach to data governance and risk oversight
  • How to enable data flows without introducing escalating security risks
  • Why security must be adaptive to risk, user behaviour, and AI-driven interactions

This is Not a Drill - Live Cyber Incident Response Exercise


Peter Lane, Consultancy Director, Cyro Cyber

Have you ever wondered whether your incident response plans will hold up when really tested? Let’s find out.

You’ve got the playbooks and the policies… but when a major cyber incident hits, the reality rarely follows the script. In this live scenario exercise, you’ll step into the middle of a cyber incident hitting a financial services organisation. Led by award winning Consultancy Director, Peter Lane.Live and unscripted, Peter will speak with experience as to why each step and activity are so vital, and what the consequences are when there’s a missing piece of the puzzle. Get involved, learn best practice from an industry leader and hear how your peers handle those tough calls. Leave with insight. Leave with confidence. Leave better prepared. 

Attendees will learn:

  • Test your approach and see how others in your shoes would respond in a safe setting
  • Test your instincts under pressure with other cyber leaders facing the same challenges and concerns
  • Explore the blind spots that catch even the most prepared teams off guard

Complying with PRA Insider Risk Requirements: Focusing on What’s Achievable and Effective


Daniel Velez, GCITP, ITPM, CISSP, Senior Advisor, Insider Risk, Everfox

Insider risks, whether caused by negligence, compromise, or malicious intent, are receiving long-overdue attention. Financial firms in the United Kingdom (UK) supervised by the Prudential Regulation Authority (PRA) are now required to implement robust risk strategies and insider risk management systems to strengthen the operational resilience of their most critical business services.

In this session, Insider Risk Advisors will lead a practical discussion designed to help financial organisations align their insider risk strategy with PRA expectations, enabling the ability to defend against, detect, and respond to insider threats effectively. Compliance is more than deploying cybersecurity tools. It requires building a strategic, cross-functional framework that enables continuous improvement in risk posture and resilience.

Attendees will learn:

  • First steps your firm can take toward PRA compliance around the requirements for Operational Resilience
  • How to build a 90-day strategy that balances short-term and long-term objectives
  • Why effective data collection and incident reporting can deliver unexpected business value