Agenda

Chair's welcome

►Improving public sector resilience at scale

A representative from NCSC

• Improving cyber decision making and increase cyber accountability
• Resilience against common threats through Cyber Essentials  
• Addressing identity issues through increasing the uptake of strong authentication, such as FIDO authenticators including passkeys

►Building a New Approach to Government and Public Sector Cyber Security

Alex Harris, Head of Future Cyber Capability, Cabinet Office

• An honest review of the current state of government and public sector cyber security.
• Creating a joined-up approach to government and public sector cyber security.
• Meeting the cyber challenges of the future.

►Rapid NCSC CAF Compliance: Deploying Enterprise PAM in Days with Silverfort

Peter Batchelor, Regional Director UK&I, Silverfort
Elliott Morgan, Cyber Lead for the NHS and Regional Services, Trustmarque (on behalf of Silverfort)

• See proven Public Sector results with case study examples of how Trustmarque and Silverfort have helped government teams achieve CAF compliance with minimal disruption and cost
• ⁠Learn how to extend MFA “Everywhere” to legacy systems, on-premises environments
• Learn how to automatically detect and protect service accounts and cloud non-human identities
• Learn how to deploy Just-in-Time, access - Enforcing time-bound privileged access that meets CAF controls without the overhead of legacy PAM
• Learn how to deliver identity zero trust, stop lateral movement, and protect against 3rd party  / supply chain cyber-attacks

►From Reactive to Resilient: Cyber Resilience for Public Sector Operations  
Shifting the mindset from prevention to resilience in cybersecurity

Gerard Thompson, Chief Information Security Officer, North Tyneside Council

• Why resilience matters more than ever in critical public services
• Integrating continuity planning, cyber hygiene, and adaptive security
• Metrics for resilience: what should leaders actually measure?
• Real-world frameworks for building institutional muscle memory

Comfort break

►To ‘DAIR’ is to do – Rethinking Incident Response Frameworks for Modern Teams

Matthew Holland, Incident Response Team Lead, Royal Navy

• Explore PICERL – Gain insights into the current industry-standard incident analysis framework, understanding both its strengths and its limitations
• Discover DAIR – Introduce a modern, agile alternative designed to enhance collaboration, adaptability, and continuous learning
• Compare & Apply – Analyse a real-world incident through both lenses to reveal how DAIR can drive deeper insights and more effective outcomes than PICERL
   

►Evolving from Secure-by-Design to Secure-by-Default - improving cyber resilience

John Keegan, Deputy Director, Head of Digital Security, Department for Work and Pensions (DWP)

• Operational and architectural shifts required to move from Secure-by-Design to truly enforceable Secure-by-Default implementations
• Integrating Secure-by-Default principles into CI/CD pipelines, infrastructure-as-code, and zero trust enforcement at scale
• How Secure-by-Default enhances resilience by reducing attack surfaces, enforcing least privilege, and eliminating insecure defaults across complex environments

Veracode presentation to be announced

►Cyber Essentials: Simple Steps, Stronger Security

Dr Emma Philpott, Director and CEO, IASME

• What's it all about?
• Effectiveness and Impact
• Overcoming challenges for large organisations meeting such a prescriptive standard
• Using Cyber Essentials as a Supply Chain Tool

Chair's closing remarks