Agenda

Presentations already confirmed include:


►Quantum leap – Preparing for a Quantum-Safe Future

Steve Davies, Head of Cyber Security, DLA Piper

  • What is quantum computing and what does it mean for the enterprise?
  • What are the risks and how serious is the threat from quantum computing? 
  • How can you prepare for the post-quantum future, today? 
  • What does post-quantum readiness look like across technology service providers?

►Fireside Chat: Mitigating Concentration Risks in an Interconnected Business Landscape

Simon Brady, Event Chairman, AKJ Associates (moderator)
Ethan Duffell, Head of Information Security, Clifford Chance LLP

  • Identifying and assessing concentration risk across vendors and technology ecosystems
  • Balancing operational efficiency with diversification and risk reduction
  • Communicating the importance of concentration risk to boards and stakeholders
  • Embedding resilience planning to address concentration risks in today’s threat environment
  • Lessons from recent incidents such as Microsoft 365/Azure outages (2024), the 2024 CrowdStrike disruption, and the June 2025 Google Cloud outage

►Evolving Threats to Law Firms: Adversary Tactics, Detection, and Defense

Ekow Oduro, IT Security Operations Lead, Forsters LLP

  • How emerging threat actors are evolving their methods against the legal sector
  • How to uncover vulnerabilities across the wider legal supply chain
  • How to spot and disrupt hidden data exfiltration and C2 activity
  • How to strengthen resilience through threat-led testing and simulation

►Internal Audit – Bridging the Gap Between Aspirations and Reality

Mark Penlington, Head of Risk, Resilience and Internal Audit, Irwin Mitchell LLP

  • Why Internal Audit Is Important: Learn why Internal Audit is essential to providing the assurance and confidence senior executives need to understand how teams actually operate in practice
  • What Internal Audit Is: Understand the role of Internal Audit as an objective, constructive process that strengthens governance and accountability
  • How It Enhances Risk Management and Governance: Discover how Internal Audit bridges the gap between stated controls and actual practice by validating control effectiveness, uncovering hidden risks, and driving better decision-making
  • How to Embed Internal Audit in a Practical Way: Learn practical approaches to implement and integrate Internal Audit to deliver meaningful insight, drive activity and provide lasting value

►Collaborating Securely: Addressing Cyber Risks in Chambers Partnerships

Eleanor Ludlam, Partner - Cyber, Privacy and Technology Litigation, Pinsent Masons (Moderator)
Adam Speker KC, Barrister, 5RB
Melanie Hart, Partner – Contentious Information Law & Dispute Resolution, Kingsley Napley

  • Supply chain risks when engaging barristers
  • Technical challenges of securing chambers
  • Navigating breach of confidence during a cyber incident
  • Injunctive relief as a legal remedy

►The new CISO deal 

Ryan Virani, Founder, Cyber Moves LTD 

  • CISO and Head of Security briefs have changed in the last 2–3 year
  • What “good” now looks like in successful CISO appointments, from a talent and behaviours perspective
  • Snapshot of current salary and day-rate ranges for CISOs and Heads of Security 
  • Where mandate, support and reward are misaligned, and what CISOs are now asking for before they say yes

►Panel Discussion: Beyond Compliance — Building Cyber Resilience That Actually Works

Simon Brady, Event Chairman, AKJ Associates (moderator) 
Jonathan Freedman, Head of Technology & Security, Howard Kennedy 
Jonathan Turner, Head of Cyber Security, Farrer & Co 
Federico Iaschi, Information Security Director, Starling Bank

  • How do we turn risk appetite statements into real decision levers instead of paperwork?
  • With NIS2 and similar rules, what does “appropriate and proportionate” really mean on the ground — and how can risk management steer the response?
  • What cyber metrics really matter — and how do we prove our risk posture to the Board, to clients, and across the entire supply chain, right down to nth-party dependencies?
  • How does a resilience-first mindset transform culture — moving from blame and unrealistic prevention to readiness, adaptability, and fast recovery?

►European Cyber Threats Exposed: CrowdStrike Threat Briefing

  • Exploration of key findings from the 2025 European Threat Landscape, highlighting the tactics and techniques used by leading threat actors
  • Insight into the strategic objectives of adversaries across eCrime, nation-state and hacktivist groups
  • Guidance on how understanding their playbook can inform stronger, more effective defensive strategies

Education seminars


Safe AI Adoption for Law Firms: Guardrails that Protect Clients (and your Firm)


James Derbyshire, Cybersecurity Entrepreneur, Harmonic Security

Legal teams are embracing AI to accelerate research, improve client service, and streamline operations. Yet as firms adopt tools ranging from GenAI assistants to AI-enabled practice software, they face a dilemma: how to encourage innovation while upholding strict client commitments, confidentiality obligations, and regulatory requirements.

This session explores how leading legal firms are moving quickly on AI adoption while implementing the controls needed to avoid data exposure, ethical missteps, and compliance violations. Attendees will learn where the most common governance gaps occur, the types of AI-related risks that frequently go unnoticed, and how to establish practical guardrails that protect sensitive information without slowing lawyers down.

Drawing on real patterns observed across law firms of all sizes, the talk outlines a clear framework for responsible AI enablement. You will leave with a deeper understanding of how to safely operationalise AI in a legal environment and how forward leaning firms are putting structure around experimentation, oversight, and continuous monitoring.

Attendees will learn:

  • The most common AI driven exposure patterns in legal workflows and why they occur
  • Where governance gaps arise as firms introduce both sanctioned and unsanctioned AI tools
  • Practical guardrails that balance innovation with confidentiality, client commitments, and regulatory duties
  • How progressive firms are enabling responsible internal AI use while maintaining full compliance