Agenda

Presentations already confirmed include:


►Do I Need a ROC as Well as a SOC?

Ian Dalby, Global Head of GRC, A&O Shearman

  • What if companies aren't optimizing for operational security or resilience, but rather for protection against liability?
  • How to distinguish real security from compliance-driven assurance and assess whether your organisation is truly resilient
  • How compliance can quietly become a source of risk amplification rather than genuine risk reduction ... enter AI
  • How to turn compliance into operational value ... welcome to The ROC!

►Panel Discussion: Business continuity in law firms: staying operational through cyber disruption

Gayle Hedgecock, Business Continuity & Resilience Specialist, Clifford Chance
Stephen Beckett, Global Security and Business Continuity Director, Dentons
Jonathan Freedman, Director of Technology & Security, Howard Kennedy (Moderator)

  • When a cyber incident hits, who actually makes the call — and is that genuinely clear in practice?
  • How does information flow in the first hour, who needs to know what, and how do you avoid confusion or bottlenecks?
  • Are we putting too much emphasis on backups and not enough on keeping the firm operational?
  • How do you handle client confidentiality and regulatory pressure while the situation is still unfolding?
  • When you’ve tested your plans, what’s actually broken — and what caught you off guard?
  • And what are the headaches people don’t usually plan for?

►Panel Discussion: The Future of Legal AI: Innovation with Accountability

Philip Young, Co-founder and CEO, Garfield AI
Amelia Hewitt, Director of Cyber Consulting, Principle Defence
Tom Sampson, Head of Information Security, Macfarlane
Dale Hodgkinson, Former Head of Head of Strategy and Architecture, Slaughter and May

  • What does 'good AI governance' actually look like inside a modern law firm?
  • Unlike the EU AI Act, the UK has a principles-based approach. What does accountability look like for UK law firms right now?
  • AI risk often sits across multiple silos. How should firms address the overlap between cyber, privacy, and AI governance?
  • How can firms innovate with AI while preserving trust and meeting client expectations?
  • How do we prevent AI from becoming a single point of failure in financial decision-making?

►Will The Future Law Firm Be Indistinguishable From A Tech Company?

Philip Young, Co-founder and CEO, Garfield AI

  • From people led to platform led delivery - how API integrations, automation, and 24/7 availability are reshaping client expectations, workflows, and scalability.
  • Regulation meets technology – the implications of running a regulated legal service through a software platform, including accountability, auditability, and risk.
  • New exposure, new responsibilities – how always-on, interconnected legal platforms change the firm’s risk profile, including data security, resilience, and third-party dependencies.

►In the Age of AI, Is Security Even Possible?

Jonathan Freedman, Director of Technology & Security, Howard Kennedy

  • As AI accelerates cyber capability, from autonomous vulnerability discovery to machine-speed attacks, the legal sector faces a critical question: can organisations still defend sensitive data, or are breaches becoming an unavoidable cost of innovation?
  • This session will challenge the narrative that “AI changes everything” and instead explore why the fundamentals of cybersecurity matter more than ever in an AI-driven threat landscape looking at:
    • What AI-powered offensive capability really means in practice — from autonomous vulnerability discovery to agentic attack automation — and where the hype ends
    • Why foundational security controls remain the most effective defence against AI-enabled threats
    • How organisations can shift from preventing every attack to slowing, detecting, and responding to machine-speed compromise attempts before damage occurs

►Surviving the "Vulnpocalypse": Transforming Exposure Management for the Era of AI 

Steve Davies, Head of Cyber Security, DLA Piper

  • The Shift to Exponential, Autonomous Threat Exposure
  • Navigating the Perilous Transitionary Period
  • Fighting Speed with Speed: End-to-End Automated Defence