17th e-Crime & Cybersecurity Mid-Year Summit

A realistic MVP of tech and teams 

15th October 2026 • Park Plaza Victoria, London

 

Cybersecurity is entering a period of hard trade-offs. 

Most organisations have become structurally dependent on digital technology faster than they have become structurally capable of securing it. And most organisations will never have enough people, budget or specialist expertise to secure every system, supplier, identity, application and data flow to the level they would like. 

Nor can they build every capability in-house: cloud security engineering, identity architecture, incident response, threat intelligence, third-party assurance, application security, OT security, Al governance, resilience testing and regulatory evidence production are all competing for limited capacity. 

The next phase of cyber maturity will therefore depend increasingly on making better decisions under permanent constraint. Security leaders must decide: 

•    What must we own internally?
•    What can we safely outsource?
•    What should be automated?
•    What should be escalated to the board as an accepted business risk?
•    What must we stop doing because it consumes capacity without materially reducing risk?
•    How do we prove resilience/security without creating a compliance bureaucracy?
•    Which suppliers are genuinely part of our resilience model, and which are themselves a source of risk?

At the same time as these concrete operational issues around resources and CISO capacity, security teams are also being dragged into the wider problem of European and UK technology dependency­ a much bigger challenge than patching, tooling and compliance. They are now central to decisions about cloud concentration, Al adoption, supplier resilience, operational continuity, data control and institutional trust. 

DORA, NIS2, the Cyber Resilience Act and the UK's own cyber resilience agenda are all symptoms of the same shift: governments and regulators no longer regard cyber as a technical risk owned by security teams. They increasingly view it as a systemic resilience issue affecting financial stability, healthcare delivery, energy security, public services and democratic confidence. 

Add all of this together and it's clear that CISOs and their security teams face an impossible capacity gap. So, what does a practical ASO capacity framework look like? What tooling and teams does it imply? What genuinely matters? What must security own directly and have in­-house? What does a strategic outsourcing strategy look like? How can capacity be freed up through complexity reduction, automation, and third-party tools? And can teams honestly document unresolved capacity gaps to make them formally accepted business risks — rather than silently absorbing impossible expectations? 

The e-Crime & Cybersecurity Congress Mid-Year Summit is designed around that gap. It will examine how CISOs can prioritise under constraint: what to own, what to outsource, what to automate, what to escalate, what to stop doing, and how to make a credible investment case for the security capabilities on which organisational and national resilience now depend. 
 

The e-Crime & Cybersecurity Congress Mid-Year Summit will look at how security teams and the business must respond to a new era in cybersecurity. Join our real-world case studies and in-depth technical sessions from the most sophisticated teams in the market. 

 

Key Themes: AI and Quantum

Identity, authority, and control for non-human actors 
CISOs must rethink core identity and governance frameworks, including the adoption of robust agent identity models (spanning machine, service, and workload identities). and clearly defined delegation structures that determine what authority an agent holds and who grants it. What technologies can help them maintain visibility and control? 

Data protection and leakage risks 
What does "insider threat" mean when the actor is non-human? For CISOs, the focus shifts to monitoring the behaviour of agents as well as users, developing capabilities to detect anomalous machine activity, and establishing effective controls that balance guardrails, detection, and containment. Do you need Al defences to do that? 

Al anti-phishing and social engineering defences 
Al is shifting defence from static filtering to behavioural detection at scale, flagging anomalies that rules/ signatures miss. It can also enable pre-emptive defence against social engineering, identifying manipulation cues. The result is a move from reactive blocking to adaptive defence reducing both successful attacks and analyst workload. Can you help? 

Who needs to be quantum-ready? 
Anyone responsible for long-lived sensitive data or critical infrastructure has a quantum problem. That means banks, governments, telecoms, energy, healthcare whose datasets need to last decades. If your encryption protects value over time, you need crypto-agility and a migration path now, not when quantum arrives. How does this work in the real world? 

Integrity and the Al-enabled supply chain 
Al-native operating models imply dependence on a complex supply chain of foundation models, internal systems, and external APls and orchestration layers that collectively produce legal work. Imagine the consequences of hacking such a system. So how do CISOs stop that happening? 

Intelligent Threat Detection 
CISOs now must build a single coherent security program that simultaneously satisfies divergent regulatory demands; they must interpret vague legal standards into technical architectures, and they risk non-compliance if auditors, regulators, or courts interpret differently later; they face unrealistic expectations around incident reporting; and they face personal liability. Can RegTech help? 

Key Themes: Building Better Security

Making the best use of threat intelligence 
In a preemptive security model, timing is everything - success depends on detecting and neutralising threats before they become active incidents. To do this, security operations can't just rely on internal telemetry (e.g., endpoint or network logs). They need external, real-time context about emerging threats - where do they get it? 

Security Posture Management 
Traditional vulnerability scanners don't handle cloud native architectures well. Today's cloud environments spin up thousands of ephemeral assets without a traditional OS, without an IP address for long. So how do you adapt to that dynamic, APl-driven reality? How can traditional tools connect the dots - not just generate tickets? 

Improving continuous attack surface discovery 
You need to know what attackers can see and what they can actually attack and you need it on a continuous basis, not in some static inventory. Ideally you also need assets ranked by risk priority and put into the current threat and vulnerability context. Is this feasible and is it cost effective? 

The power of automation 
There's too much manual intervention in security. SOAR pulls data from SIEMs, EDRs, firewalls, cloud APls, ticketing systems threat intelligence feeds, and even email servers and coordinates actions across tools via APls and prebuilt integrations and intelligent playbooks. Well, that's the theory. How does it work in the real world? 

Key Themes: Best Practice Fundamentals

Achieving visibility across ecosystems 
From exposed initial access points such as warehouse management systems to complex machine control software, simply understanding your device and application landscape is a huge challenge. Can you help with asset tracking and endpoint visibility? And what about anomaly detection after that? 

Transitioning OT to the Cloud? 
OT traditionally was localised in particular sites and air-gapped from IT systems. But connectivity with broader corporate networks and the need to manage technology more centrally (especially during COVID) has seen companies looking at managed services in the Cloud for OT. Is this a way forward? Or does the Cloud just create more problems? 

Defending against the latest ransomware variants 
Ransomware evolution is forcing the hands of government and causing havoc in the insurance market. So firms must go back to basics (see below) but also invest in immutable back-ups and real resilience. Detecting early-stage infiltration is also critical. What else can CISOs do to better defend against ransomware? 

Securing the basics 
The endpoint and email are still a critical cybersecurity battleground. So, organisations still need EDR/XDR everywhere; they need advanced emaiI security; they need more aggressive patching of internet-facing anything. They need to move from awareness training to behavioural conditioning. What does that mean practically for CISOs? 

Why zero trust, isolation and segmentation are key 
There has been a shift in recent attacks away from the theft of data now threat actors are concerned with interrupting all operation activity. It is now critical that business functions are separated, and that internet access to OT networks is limited. Can security teams still keep up with sophisticated foes? Should they upgrade their capabilities? 

Dealing with regulations 
CISOs now must simultaneously satisfy divergent regulatory demands; they must interpret often vague legal standards into technical architectures, and they risk non-compliance if auditors, regulators, or courts interpret those regulations differently later; they face unrealistic expectations around incident reporting; and they face personal liability. Can RegTech help? 


Who attends

Job titles

Security Architect
Global Manager, Service Continuity
CISO
Head of Payments
Global IS Manager
Head of Digital Risk
Group I.T. Audit Manager
Global Security Supervisor
Head of Penetration Testing
Chief of Cybercrime Section
CISO, Head of Information Security
Global Head I.T. Governance
Head of ISAG
Global Fraud Risk Controller
Head of Global I.T. Security
Head of Data Protection
CISO
Head of I.T. Security Risk Management
Global IS Risk Manager
Global Head of IT Security
Head of Information Security Risk
CISO, Head of Digital Security & Risk
Group Finance & Compliance Director
Chief Security Officer
Chief Information Officer
Head of Cybercrime Unit
Head of Cyber Threat Intelligence
Head of Internal Audit
Head of I.T. Security
Chief Information Security Officer
Group I.S. Manager
Chief Executive
Head of Emergency Response
Head of I.T. Security
Director Of Information Security
Chief Information Security Officer
CISO
Head of Operational Risk Management
Group Data Security Manager
Head of Information Security
CIO
Head of Specialist Crime
Director of Security
Head of Informantion Security Risk
Head of Cyber & Investigations
Chief Information Security Officer
Head of Group I.T.
Head of Information Security
Global Head of Fraud Investigations
Chief Information Security Officer
Global Security Manager
Group CISO
Chief Information Security Officer
Director Global Investigations
Head of Policy & Performance
Head of Information Security
Global Head of Cyber Intelligence
Head of Information Security
Director Cybercrimes
Head of Payments & Fraud
Director of Risk & Compliance
Head of Information Security
Head of I.T. Security Operations
Group Information Security Manager
Head of Operational Security
Head of Payment & Financial Crime
Chief Information Security Officer
Head of Internal Audit
Head of Information Security
Head of IT Risk & Control
Director Enterprise Technology
Head of Business Controls
Director
Director of Security
Head of Cybercrime Investigations
Head of I.T. Security
Director, Global Security
Group I.T. Security Officer
Head of I.T.
Head of Risk & Resilience
Director Group Risk Management
Head of Investigations
Head of Customer Security
Chief Technology Risk Officer
Group Fraud Manager
CISO
Chief, Cyber Crimes
Chief Risk Officer
Head of Business Risk
Group IT Security Analyst
CIO Risk Manager
Group Infrastructure Manager
Head of Operations & Infrastructure
Head of Technical Support
Head Cybersecurity Operations
Head of Fraud Oversight
Director, Technical Investigations
Director

Companies

DPD
Trafigura
GE Capital
Babcock International Group
Scotia Gas Networks
Telefónica O2
Bank of America Merrill Lynch
ING
Catella Bank
Channel 4
H&M
BP
John Lewis Partnership
Royal Canadian Mounted Police
Experian
Jordan Cyber Crime Project
Zamir Telecom
John Wiley & Sons
Halma
Zurich Financial Services
Security Service of Ukraine
HSBC
British Medical Association
Romanian Directorate
TUI Travel
Markit
Western Union
Pennant International Group
TSL Education
Liverpool Victoria
The Finance Practice
Camelot Group
Capital One
Noble Group
HSBC
Dixons Carphone
Halma
Ghana International Bank
British American Tobacco
First Rate Exchange Services
Unum Provident
Santander
Rexam
Matalan
John Lewis Partnership
Home Retail Group
Allen & Overy LLP
ITV
Virgin Money
Spamhaus
Rank Group
EveryMatrix
Shop Direct
Sky
QVC
Lloyds Banking Group
General Motors Corporation
Tullett Prebon
Atcore Technology
Aviva
CIFAS
Premier Oil
HSBC
Rothschild
HSBC
Liverpool Victoria
Permanent TSB
Auto Trader
Public Health England
Selfridges
NBC Universal
Office of Civil Nuclear Security
UBM
Citigroup
SABMiller
Legal & General
Post Office
JD Sports
CERT-UK
Eurostar
Mayer Brown LLP
Swiss Re
UBS
Open University
The Bank of Tokyo - Mitsubishi UFJ
Dixons Carphone
Post Office
JustGiving
Bank of America Merrill Lynch
FIA Pakistan
Norgren
GE Capital
Unipart Group
Heathrow
Inmarsat
Modern Times Group
Ocado
Capital One

Industries

Logistics
Commodities
Banking
Industrial Engineering
Oil/Gas
Telecommunications
Banking
Banking
Banking
Media
Retail
Oil/Gas
Retail
National Law Enforcement
Banking
National Law Enforcement
Telecommunications
Publishing
Electronic/Electrical Equipment
Insurance
Central Government
Banking
Healthcare
National Law Enforcement
Travel/Leisure/Hospitality
Media
Banking
Aerospace/Defence
Media
Insurance
Banking
Casinos/Gaming
Banking
Mining/Metals
Banking
Retail
Electronic/Electrical Equipment
Banking
Food/Beverage/Tobacco
Banking
Insurance
Banking
Household/Personal Products
Retail
Retail
Retail
Legal
Media
Banking
Technology
Casinos/Gaming
Software
Retail
Media
Retail
Banking
Automobiles
Banking
Software
Insurance
Not-for-profit association
Oil/Gas
Banking
Banking
Banking
Insurance
Banking
Publishing
Central Government
Retail
Media
Central Government
Media
Banking
Food/Beverage/Tobacco
Insurance
Transportation/Shipping
Retail
National CERT
Transportation/Shipping
Legal
Insurance
Banking
Education
Banking
Retail
Transportation/Shipping
Charity
Banking
National Law Enforcement
Industrial Engineering
Financial Services
Logistics
Transportation/Shipping
Telecommunications
Media
Transportation/Shipping
Banking


Venue

Park Plaza Victoria, London

vpp

Location:
Park Plaza Victoria
239 Vauxhall Bridge Road, London, UK, SW1V 1EQ
Telephone: 0333 400 6140

Directions:
Please click here