Agenda

08.00 - 08.45

Registration and breakfast networking

08.45 - 08.50

Chairman's welcome 

08.50 - 09.10

► Of CTO and CISO: how both security and technology are vital to the success of the business

Jonathan Freedman, Chief Information Security and Technology Officer, Howard Kennedy

  • The legal industry has ascended the maturity curve when it comes to cyber and information security. What lessons has it learnt?
  • Recognition of the Partners of the real business risk and impact of information security
  • How do you implement a holistic security strategy across the unique business structure of a law firm?
09.10 - 09.30

► Developments since the coming into force of the GDPR on 25 May

Stuart Skelly, Sector Consultancy Manager, IT Governance

  • Number of complaints received by ICO
  • Number of breach reports received by ICO
  • Codes of practice from the ICO
  • The DPA 2018
  • Brexit related matters
09.30 - 09.50

► Access Management Leading the Cloud Transformation Drive

Jon Noble, Regional Sales Manager and Martin Day, Solutions Engineer, OneLogin

  • Hear how you can make it simpler, safer and more cost-effective for your users to access the apps and data they need anytime, everywhere.
  • Learn how to reduce cloud deployment timescales, increase efficiency and lower costs.
  • Build an environment with increased security and an improved end user experience.
09.50 - 10.10

► Hunting for Lions & Bulls on the dark web

Etienne Greeff, CTO & Founder, SecureData

  • Threat detection at a glance, what works and what doesn’t
  • How criminals are finding new ways of monetising hacking 
  • The state of the cybersecurity market 
  • Pragmatic advice for addressing the new cybersecurity reality where everybody is a target, including legal firms
10.10 - 10.30

► Beyond Security: Zero Trust - Making the perimeter less lonely

Richard Archdeacon, Advisory CISO, Duo Security

  • Concept of zero trust or the BeyondCorp model
  • Why a zero trust model will reduce risk?
  • Key elements in implementing a zero trust approach
10.30 - 10.50

► Using DNS to Combat Malware Threats

James Dowell, Senior Engineer - EMEA, Verisign

  • Using DNS-based solutions to protect your network
  • How to stop most DNS-reliant ransomware
  • The weakness of C&C based malware
  • Why antivirus apps, backups and training are not enough
10.50 - 11.20

Morning break and networking 

11.20 - 11.40

► Phishing: the number 1 cyber-risk 

Graham Thomson, CISO, Irwin Mitchell 

  • What is the threat? How serious is it? And why is it the number one cybersecurity risk faced by law firms?
  • Are you doing enough to mitigate the risk? Do you know how vulnerable you are?
  • What are the pragmatic and cost effective solutions? From basic to advanced mitigations using people, process and technology
  • What is the role of AI and machine learning? For the good guys and the bad
11.40 - 12.00

► New Era of Cyber Threats: The Shift to Self-Learning, Self-Defending Networks

Katie Hall, Senior Cyber-Security Manager, Darktrace

  • Leveraging machine learning and AI algorithms to defend against advanced, never-seen-before cyber-threats
  • How new immune system technologies enable you to pre-empt emerging threats and reduce incident response time
  • How to achieve 100% visibility of your entire business including cloud, network and IoT environments
  • Why automation and autonomous response are enabling security teams to neutralize in-progress attacks, prioritise resources, and tangibly lower risk
  • Real-world examples of subtle, unknown threats that routinely bypass traditional controls
12.00 - 12.20

► Controlling the spectrum of Mobile Risk

Burak Agca, Enterprise Sales Engineer, Lookout UK

  • Mobile security is a top priority – controlling the spectrum mobile risk
  • Mobile phishing – trends, insights and Lookout-exclusive research   
  • How to extend your current UEM to protect your company and customer’s data (Blackberry)
12.20 - 12.40

► Cloud Adoption Risk Awareness

Paulo Rodrigues, Cloud and Enhanced Technologies Solution Architect, Fortinet

  • The current climate of cloud adoption euphoria. What are the potential security risks you might be missing?
  • How to raise awareness of Cloud related risk
  • Examining the pitfalls and potential ramifications
12.40 - 13.20

► Education Seminar 1:

Delegates will be able to choose from a range of topics:

  • Protect the client, protect the firm: How cybersecurity risk affects the bottom line, Sam Brooks, Territory Manager, eSentire
  • Data security protection for Law Firms in the Cloud, Ian Greenwood, Regional Sales Manager, Thales eSecurity
  • Panamanian Behaviours – detecting and preventing the malicious insider, Nick Pollard, Security and Intelligence Director, EMEA, Nuix
13.20 - 14.20

Lunch and networking 

14.20 - 14.40

► Data risks and responding to a breach

Fergal Cathie, Partner, and Tom White, Partner, Clyde & Co. 

  • Top tips for in-house IT teams in a data breach scenario
  • Non-GDPR regulatory risks
  • Handling data breaches: the cyber liability perspective and SRA issues 
14.40 - 15.00

► Staying agile in a world of ever-changing threats, without breaking the bank 

James Barrett, Senior Director, EMEA, Endace

  • Incident investigations are taking too long because analysts do not have ready access to the right information and tools
  • Business controls and budgets have a great impact on the agility of security teams
  • Whilst client data continues to have significant value to criminals, these problems will only get worse
  • How can businesses give their security teams the flexibility they need to do their jobs, without bankrupting the business?
15.00 - 15.20

► What makes law firms unique? Cross-industry, cross-sector security experiences

Anthony Stables, CIO, Forsters

  • Is the business structure of law firms really unique? Cross-industry, cross-sector lessons 
  • Compare and contrast: what can the legal industry learn from others? 
  • Building security from the ground up 
15.20 - 15.40

► Debunking the myths of A.I.

Carson Leonard, A.I. Product Lead, ZoneFox

  • Understand what A.I. technology means for the legal sector
  • Learn where the Law Firm can benefit from A.I.
  • Discover where the legal sector can expect to see some immediate advantages of A.I. in the future
15.40 - 16.00

► A Day in the Life of a Mole: Detecting and Preventing Insider Threat

Jay George, Chief Operating Officer & Head of Consulting, Commissum

  • Learn how the behaviour of rogue employees fits into patterns that can be detected – if you know what to look for
  • Implementing technical and organisational measures to provide an early warning of malicious activity
  • How to reduce the likelihood of malicious insiders being successful, without creating a culture of suspicion
16.00 - 16.20

Afternoon break and networking

16.20 - 16.40

► Executive Panel Discussion 

Regulations and Revolutions: how corporate structures and the regulatory landscape are changing. And what that means for security 

  • Mike Worth, Head of IT, Phillips Solicitors
  • Steve Byrne, Lead Information Security Officer, DWF
16.40 - 17.00

►The six issues and two elephants in cybersecurity legal services

Mark Jones, CISO, Allen & Overy 

  • The six issues 
  • The two elephants 
  • Addressing those 
17.00 - 17.20

► Strong-form spear phishing - protecting against advanced threats 

Henry Trevelyan Thomas, Head of Client Development, Tessian

  • Weak-form v strong-form spear phishing 
  • Weak-form spear phishing can be prevented using perimeter-based defenses but organisations remain vulnerable to highly-targeted attacks
  • Machine intelligence allows us to protect against the most advanced threats by understanding historical relationships 
     
17.20 - 17.40

► Balancing security capabilities, culture and clients.  A cry for help!

David Wood, IT Director, Watson Farley & Williams 

  • WFW and security capabilities (our posture, resources, challenges around communications on security)
  • Culture and clients: challenges we face in terms of kit, tools, people, local requirements
  • Client security questionnaires and audits 
  • How we manage today / How we are looking ahead
17.40 - 17.45

Closing remarks

Education seminars


eSentire - Protect the client, protect the firm: How cybersecurity risk affects the bottom line


Sam Brooks, Territory Manager, eSentire

Nothing affects a law firm’s bottom line more than lost billable hours. Yet, as firms continue to focus on defending their clients in the court room, protecting client data often takes a back seat. By investing in cyber protection, firms can avoid the financial, reputational and regulatory implications of an inevitable cyber breach. Join eSentire as they focuse on: 

  • Why law firms? Means, motive, opportunity for attackers
  • The unique threat landscape and the risk it presents 
  • The evolution of client requirements and alignment to compliance mandates
  • Why it happens: examples and the resulting implications
  • How to demonstrate your security posture and the path to lowering risk
     

Nuix - Panamanian Behaviours – detecting and preventing the malicious insider


Nick Pollard, Security and Intelligence Director, EMEA, Nuix

Over the past couple of years we have seen serious data breaches reported from Law Firms. Indeed, who can forget either the Paradise or Panama Papers and the fall out that created. In fact recently the law firm involved in the Panama Papers announced its closure due to the financial and reputational damage caused by the breach. Nuix will explore the steps needed to ensure you do not end up the same way. 
Having good data governance, knowing what you have, where it is, who has access to it and having the ability to collaborate and investigate the data if an issue occurs makes it much harder for potential insiders to hide. This session will show you how data driven security can improve your security operations and enable you to make better decisions, faster. Collaborative and intelligence driven investigations can augment human investigative skills and expose the hidden relationships across people, objects, locations and events. 

  • Learn how a single pane of glass can help expose hidden relationships in the data
  • Understand the importance of efficient workflows that can make best use of technology
  • Find out how the latest technology can augment your investigative teams to enable you to make timely and informed decisions

Thales - Data security protection for Law Firms in the Cloud


Ian Greenwood, Regional Sales Manager, Thales eSecurity

Securing data in your Legal practice can be very challenging, and with Cloud being at the heart of law firms digital transformation it’s imperative that you consider security and the complexities brought to it when moving to cloud or adopting a hybrid platform. This presentation will support you in understanding what mechanisms you should have in place, the facts of having an insufficient protection for your data as well as examples of current migrations and data security including key management and bring your own encryption.  

  • Considerations when moving to the cloud
  • Encrypting your sensitive data in the datacentre, hybrid cloud and multiple cloud ennvironments
  • Enforcing security access controls
  • Strong key management