Agenda

Chairman's Welcome

►Fireside Chat: Preparing for the future of Healthcare

Dulcie Herreros, Deputy Chief Information Security Officer, NHS England
Mark Logsdon, CISO, NHS England

• How is the security environment changing in the current climate?
• What do you think of the current trends towards AI?
• What needs to change to enable us to face threats in the modern world?
• What are you most worried about & where should investment go?

►Presentation to be Confirmed

Alan Simpson, UK and Ireland Field CISO, Rapid7

►Don’t fear the auditor!

Nasser Arif, Cyber Security Manager, LNWUH NHS Trust

• A simple shift in mindset can transform those dreaded NHS security audits into powerful opportunities for learning, improvement, and growth. 
• This is a human centred take on audits that focuses on continuous improvement and not fear.
• Learn how to prepare and present clear evidence to auditors, how to use audit results to motivate teams and encourage positive change, and why it is not a weakness to ask for help and support when you need it.

Comfort Break

►Preparing Organisations for Emerging AI Threats: Deepfakes, Cognitive Resilience & Trust

Holly-Jane Grayling, Security Culture & Awareness Lead, Tunstall Healthcare

• How AI-enabled threats such as deepfakes, voice cloning, and synthetic identity attacks are being used to bypass traditional security controls in healthcare
• Why attackers increasingly target cognition, trust, and decision-making under pressure rather than technical vulnerabilities
• Introducing “cognitive resilience” as a practical capability for recognising and responding to AI-driven manipulation in real time
• Practical approaches to strengthening verification behaviours and organisational readiness for synthetic media incidents

►The Cost of a Stolen Password: NHS Breaches and why Privileged Access is critical to Cyber Resilience

Lee Elliott, Director of Solutions Engineering, BeyondTrust 

• Discover how the Advanced Computer Software and Synnovis breaches exploited compromised credentials to halt critical NHS services
• Understand why unprotected privileged accounts remain the number one attack vector in healthcare cyber incidents
• Explore practical privileged access management (PAM) controls that materially reduce risk and strengthen cyber resilience
• Leave with actionable strategies to safeguard NHS and healthcare organisations from the growing threat of credential-based attacks

►Cyber Security is a Shared Responsibility: Lessons from the Diagnostic Supply Chain

Sean Sapstead, CISO, SYNLAB UK & Ireland

• Understand why cyber security needs to be a shared responsibility across suppliers, healthcare providers, technology partners and end users.
• Explore how vulnerabilities within the diagnostic supply chain can create operational, financial and patient-safety risks for healthcare organisations.
• Learn how effective collaboration, information sharing and coordinated risk management can strengthen cyber resilience across the healthcare ecosystem.
• Discover why building resilience, including incident response, recovery and business continuity capabilities, is as important as preventing cyber attacks.

Comfort Break

►Building Resilience Through Experience: Lessons from Recent Cyber Attacks

Mike Owen, Deputy Director Cyber Operations, NHS England

• How real-world cyber attacks unfolded in the NHS, including what worked, what failed, and the practical lessons learned from responding under pressure.
• Key strategies for building organisational cyber resilience, drawn from first-hand experience of managing incidents in a complex, high-impact environment.
• Actionable insights leaders can apply immediately to improve preparedness, decision-making, and recovery before, during, and after a cyber attack.

►Make Your Business a Hard Target for Cybercriminals

Eoin McGrath, Solutions Engineer, ThreatLocker

• When it comes to potential targets for cyberattacks, easier to breach means more likely to fall victim. 
• While you might not be able to influence your perceived value, there are changes that can eliminate your organization from being seen as an easy target. 
• We’ll explore practical tactics to reduce your surface area of attack and controls to prevent lateral movement should a breach occur.

►Fireside Chat: Cyber Resilience, Regulation, and Risk in Modern Healthcare

Simon Brady, Event Chairman (Moderator)
James Witt, Head of Information Security, Barchester Healthcare Ltd

• With healthcare organisations are under increasing scrutiny from regulators how do you engage (or not) with them proactively on cybersecurity, and what does ‘good’ look like from their perspective today?
• In a care setting where availability can directly impact resident wellbeing, how do you balance strong security controls with the need to keep systems accessible for frontline staff?
• Ransomware continues to target healthcare—beyond backups, what does genuine organisational readiness look like in practice?
• As care providers increasingly rely on digital suppliers (from EHR systems to connected medical devices) how are you managing cyber risk across that supply chain, and where do you see the biggest blind spots?
• With a largely non-technical workforce in care homes, how do you design security awareness and controls that actually work in day-to-day care delivery?

Chairs Closing Remarks