Agenda
Presentations already confirmed include:
►Building an adaptive Cybersecurity function
Mario Beccia, Deputy CIO for cybersecurity, NATO
- The threat picture and the challenge of constant adaptation
- Planning your next Cybersecurity incident: infrastructure Resilience, Scalability and Simplification
- Embracing Emerging Technologies
- The Changing Role of the Blue Team
►Can The AI (R)evolution help security leaders to manage complexity?
Delivered by a cybersecurity leader from a leading global financial services organisation
- Observations of threats using AI for fraud and malware development
- Foundations for effective AI/LLM use, focusing on the importance of a working security data model and appropriate sources
- Potential for AI application in the security risk management context to keep up with the threat
- Importance of training and AI prompt competence
- Personal reflections
►Fireside chat: Integrating Cybersecurity into Mergers, IPOs, and ESG Strategies
Ian Dalby, Global Head of GRC, A&O Shearman
Simon Ashworth, MD, Chief Analytical Officer – Insurance Ratings and Cyber Lead, S&P Global Ratings
- How do companies prioritise cybersecurity due diligence, and what specific metrics or risks are most critical, when planning a merger or IPO
- What role do cybersecurity audits and due diligence play in the preparation phase for mergers and IPOs?
- How can companies identify and mitigate cyber risks that could impact valuation or delay the IPO/merger process?
- How does cybersecurity intersect with ESG criteria, and why is it crucial for integrating cybersecurity practices into ESG strategies?
- How are investors and stakeholders increasingly viewing cybersecurity as a critical component of a company’s ESG performance, and are current regulations effective in deterring non-compliance?
- How do you align and integrate cybersecurity practices post-merger
►Resourcing priorities in Third-Party Risk Management and Supply Chain Security
Sarah Lawson, CISO & Deputy CIO, University College London
Clair Phelps, CISO, Wagestream
Mark Logsdon, CISO, NHS England
- Identifying, risk assessing and screening critical vendors – a job for who?
- Defining contractual obligation: how do you enforce your security requirements, standards and data handling practices?
- Approaches to continuous vendor monitoring: dealing with problem third-parties
- Incident Response Planning and managing third-party breaches
- What about security vendors?
►Maximising the value of threat intelligence
Simon Brady, Managing Editor & Event Chairman, AKJ Associates (Moderator)
Parul Khedwal, Security Operations Lead, Trainline
Evie Wild, Information Security Officer, EMEA Region, LBBW Bank
- Paid versus free: where to spend on threat intel
- Data overload or actionable insights? Threat intel and the false positives problem
- The role of AI in extracting the most from threat intel
- Linking enterprise threat intelligence and the business
►LIVE DEMONSTRATION: Weaponising AI: Voice Phishing with AI (Social Engineering 2.0)
Manit Sahib, Ethical Hacker, The Global Fund
- Overview: How AI is being weaponised in the wild for malicious activities.
- Use-Cases: How to weaponise AI for your own Offensive Operations.
- Weaponising AI for Cyber Attacks: AI Vishing (AI Voice Phishing):
- Exploring the new Social Engineering 2.0 technique, AI generated calling Agent (AVA) for Vishing. Trained with Rejection handling.
- Live Demonstration: AI Vishing in action. Volunteers? Be ready to come on stage.
►Can The AI (R)evolution help security leaders to manage complexity?
Andrew Giles, Executive Director - Cybersecurity and Fraud Intelligence, JPMorgan Chase & Co