Agenda

Presentations already confirmed include:


►Do I Need a ROC as Well as a SOC?

Ian Dalby, Global Head of GRC, A&O Shearman

  • What if companies aren't optimizing for operational security or resilience, but rather for protection against liability?
  • How to distinguish real security from compliance-driven assurance and assess whether your organisation is truly resilient
  • How compliance can quietly become a source of risk amplification rather than genuine risk reduction ... enter AI
  • How to turn compliance into operational value ... welcome to The ROC!

►Panel Discussion: Business continuity in law firms: staying operational through cyber disruption

Gayle Hedgecock, Business Continuity & Resilience Specialist, Clifford Chance
Stephen Beckett, Global Security and Business Continuity Director, Dentons

  • When a cyber incident hits, who actually makes the call — and is that genuinely clear in practice?
  • How does information flow in the first hour, who needs to know what, and how do you avoid confusion or bottlenecks?
  • Are we putting too much emphasis on backups and not enough on keeping the firm operational?
  • How do you handle client confidentiality and regulatory pressure while the situation is still unfolding?
  • When you’ve tested your plans, what’s actually broken — and what caught you off guard?
  • And what are the headaches people don’t usually plan for?

►Panel Discussion: The Future of Legal AI: Innovation with Accountability

Philip Young, Co-founder and CEO, Garfield AI
Amelia Hewitt, Director of Cyber Consulting, Principle Defence

  • What does 'good AI governance' actually look like inside a modern law firm?
  • Unlike the EU AI Act, the UK has a principles-based approach. What does accountability look like for UK law firms right now?
  • AI risk often sits across multiple silos. How should firms address the overlap between cyber, privacy, and AI governance?
  • How can firms innovate with AI while preserving trust and meeting client expectations?
  • How do we prevent AI from becoming a single point of failure in financial decision-making?

►Will The Future Law Firm Be Indistinguishable From A Tech Company?

Philip Young, Co-founder and CEO, Garfield AI

  • From people led to platform led delivery - how API integrations, automation, and 24/7 availability are reshaping client expectations, workflows, and scalability.
  • Regulation meets technology – the implications of running a regulated legal service through a software platform, including accountability, auditability, and risk.
  • New exposure, new responsibilities – how always-on, interconnected legal platforms change the firm’s risk profile, including data security, resilience, and third-party dependencies.