Agenda

09.30 - 09.40

Chair's welcome

09.40 - 10.00

►Improving public sector resilience at scale

A representative from NCSC

  • Improving cyber decision making and increase cyber accountability
  • Resilience against common threats through Cyber Essentials  
  • Addressing identity issues through increasing the uptake of strong authentication, such as FIDO authenticators including passkeys
10.00 - 10.20

►Building a New Approach to Government and Public Sector Cyber Security

Alex Harris, Head of Future Cyber Capability, Cabinet Office

  • An honest review of the current state of government and public sector cyber security.
  • Creating a joined-up approach to government and public sector cyber security.
  • Meeting the cyber challenges of the future.
10.20 - 10.40

►Rapid NCSC CAF Compliance: Deploying Enterprise PAM in Days with Silverfort

Peter Batchelor, Regional Director UK&I, Silverfort
Elliott Morgan, Cyber Lead for the NHS and Regional Services, Trustmarque (on behalf of Silverfort)

  • See proven Public Sector results with case study examples of how Trustmarque and Silverfort have helped government teams achieve CAF compliance with minimal disruption and cost
  • ⁠Learn how to extend MFA “Everywhere” to legacy systems, on-premises environments
  • Learn how to automatically detect and protect service accounts and cloud non-human identities
  • Learn how to deploy Just-in-Time, access - Enforcing time-bound privileged access that meets CAF controls without the overhead of legacy PAM
  • Learn how to deliver identity zero trust, stop lateral movement, and protect against 3rd party  / supply chain cyber-attacks
10.40 - 10.50

►From Reactive to Resilient: Cyber Resilience for Public Sector Operations  
Shifting the mindset from prevention to resilience in cybersecurity

Gerard Thompson, Chief Information Security Officer, North Tyneside Council

  • Why resilience matters more than ever in critical public services
  • Integrating continuity planning, cyber hygiene, and adaptive security
  • Metrics for resilience: what should leaders actually measure?
  • Real-world frameworks for building institutional muscle memory
10.50 - 11.00

Comfort break

11.00 - 11.20

►To ‘DAIR’ is to do – Rethinking Incident Response Frameworks for Modern Teams

Matthew Holland, Incident Response Team Lead, Royal Navy

  • Explore PICERL – Gain insights into the current industry-standard incident analysis framework, understanding both its strengths and its limitations
  • Discover DAIR – Introduce a modern, agile alternative designed to enhance collaboration, adaptability, and continuous learning
  • Compare & Apply – Analyse a real-world incident through both lenses to reveal how DAIR can drive deeper insights and more effective outcomes than PICERL
     
11.20 - 11.40

►Evolving from Secure-by-Design to Secure-by-Default - improving cyber resilience

John Keegan, Deputy Director, Head of Digital Security, Department for Work and Pensions (DWP)

  • Operational and architectural shifts required to move from Secure-by-Design to truly enforceable Secure-by-Default implementations
  • Integrating Secure-by-Default principles into CI/CD pipelines, infrastructure-as-code, and zero trust enforcement at scale
  • How Secure-by-Default enhances resilience by reducing attack surfaces, enforcing least privilege, and eliminating insecure defaults across complex environments
11.40 - 12.00

Veracode presentation to be announced

12.00 - 12.20

►Cyber Essentials: Simple Steps, Stronger Security

Dr Emma Philpott, Director and CEO, IASME

  • What's it all about?
  • Effectiveness and Impact
  • Overcoming challenges for large organisations meeting such a prescriptive standard
  • Using Cyber Essentials as a Supply Chain Tool
12.20 - 12.25

Chair's closing remarks

Education seminars