Agenda

Presentations already confirmed include:


►Quantum Leap - Preparing for a quantum-safe future 

Steve Davies, Head of Cyber Security, DLA Piper

  • What is quantum computing and what does it mean for the enterprise?
  • What are the risks and how serious is the threat from quantum computing? 
  • How can you prepare for the post-quantum future, today?
  • What does post-quantum readiness look like across technology service providers?

►Panel Discussion: Operationalising Threat Intelligence in High-Risk Environments

Rob Flanders, Head of Threat and Incident Response, BAE Systems  
Jonathan Freedman, Head of Technology & Security, Howard Kennedy

  • How can traditional cyber intelligence be integrated into threats to legal practice? 
  • Can existing intelligence marking schemes (e.g. TLP) be easily fit with restrictions surrounding legal privilege?
  • How can intelligence support the mitigation of attacks against VIPs, case leads, and privileged data?
  • Which is of greatest concern to the legal sector – ransomware or targeted attacks?

►Briefs and Breaches: Why Foreign States Target Law Firms

Chris Worthy, Former Deputy Director, UK Home Office & Independent Consultant

  • State sponsored espionage and where cyber fits in
  • Why would foreign States carry out espionage (including Cyber) against law firms?
  • How they use the information gathered
  • The range of techniques used (including Cyber and non-cyber methods)

►Panel Discussion: Managing Elevated Threats: Protecting Clients, Staff, and Data

Chris Worthy, Former Deputy Director, UK Home Office & Independent Consultant 
Steve Davies, Head of Cyber Security, DLA Piper 
Neil Bell, Information Security Manager, Forster LLP

  • How is the firm addressing the risk of being targeted due to representing politically sensitive or high-profile clients?
  • What measures are in place to protect partners and employees during travel to regions with heightened security concerns
  • How are we preparing for potential threats from activists, hacktivist groups, or state-sponsored actors targeting the firm or its clients? Is this a concern and something that has become more of an issue for you in recent months?

►Bridging the cybersecurity skills gap. Are you part of the problem or part of the solution?

Ash Spencer, Head of IT and Security, Minster Law

  • What is the cybersecurity skills gap?
  • What problems or challenges do those gaps cause?
  • Some potential solutions to address the skills gap within your organisation

►Securing Cloud Adoption in Law Firms

Neil Bell, Information Security Manager, Forster LLP

  • Why cloud adoption security is critical for modern legal practices—for efficiency, scalability, and business continuity
  • Aligning cloud security strategy with firm-specific goals 
  • Understanding regulatory and jurisdictional impacts, such as GDPR, HIPAA, and attorney–client privilege obligations
  • Developing a risk-based approach that integrates cybersecurity from day one, not as an afterthought and not losing sight of customer needs

►Data Security, Governance & Consolidation for Legal Firms

Scott Chenery, Regional Manager UK & Ireland, Kiteworks

  • Your data, why is it so important?
  • Centralised Data Governance whilst maintaining end user experience
  • Possession less editing – why it’s here and why you need it
  • Consolidation of data sharing applications

Education seminars


Security operations and the Cloud: How to address the security staff shortage


Graham Holt, Regional Vice President (Sales), Arctic Wolf

Cyber Security continues to be a top priority for law firms - yet the operational burden, resource challenges, and fast-evolving threat landscape make it difficult to stay ahead. As more firms shift critical business functions to cloud-based SaaS platforms, it's time to ask: Should security operations follow suit? This discussion will bring together CISOs, CIOs, IT Directors, and Partners from the legal industry to explore key challenges.

Attendees will learn:

  • Shortage of skilled security professionals and retention difficulties
  • The need for continuous, 24x7x365 monitoring across increasingly complex security stacks
  • Alert fatigue and dissatisfaction with existing tools-based approaches
  • Rising compliance demands and the growing cost of cyber insurance