Agenda

08.00 - 08.50

Breakfast networking and registration 

08.50 - 09.00

Chairman's remarks

09.00 - 09.20

► Innovation and the challenge for InfoSec

Adam Hembury, Director of Innovation, DLA Piper

  • A perspective on Innovation in the legal industry
  • The demands of clients - How is this impacting Partners’ (and law firms) attitudes towards innovation and security?
  • The challenge of adoption
  • Technology and the direction of travel
  • Where Innovation and InfoSec collide
09.20 - 09.40

► Destruction by Document: The greatest threat demands the most innovative approach

Rod Hawkins, Sales Director, Glasswall Solutions

  • Malicious files and documents present the greatest threat to business today
  • Current methods of detection are failing
  • Glasswall’s innovative approach allows trust in every file
09.40 - 10.00

► From Dark Souls to Zelda  - Game mechanics to help engagement and motivation 

Allan Campbell, Global Information Security Manager, Withers Worldwide                      

  • Gamification is a tool arguably representing a new direction for achieving personal and business goals
  • In order for a gamification solutions to be successful, it has to be fun and engaging, like playing games
  • Let us explore how game theory could help you 'level up' your firm and you
     
10.00 - 10.20

Networking and refreshments 

10.20 - 10.40

► Clients, audits and questionnaires: why are we ticking the boxes?

Damien Behan, IT Director, Brodies

  • As clients manage their supply chain ever more closely, law firms are required to fill out ever lengthier questionnaires and submit to audits. But these are often blunt instruments that don’t allow for nuance or compensating controls. 
  • An industry has grown up around these compliance exercises, but it can sometimes feel like ticking boxes is more important than addressing risks?
  • While clients like to see certifications like ISO27001 and Cyber Essentials Plus, it doesn’t mean you avoid the audits or questionnaires, so are they worth the paper they’re printed on – or the effort?
  • What, if any, competitive advantage is there in a high degree of compliance - i.e. once the required baseline is achieved, is there business sense in going above and beyond?
     
10.40 - 11.00

► Using AI as a force multiplier for threat prevention and containment

Lloyd Webb, VP Sales Engineering, Cylance

  • Cylance will discuss how Artificial Intelligence can be used to help prevent the known threats and unknown to enable your security teams to be more efficient and focused.
  • What questions to ask your security vendors whom claim to leverage AI
  • How AI can help you get ahead of the threat landscape
  • Why a prevention first detection and response strategy will help you sleep well at night
11.00 - 11.20

► Device centric security strategies for the modern work place

Stijn Paumen, VP of BD, Wandera

  • Mobile devices generate more corporate traffic than a traditional laptop or PC and traditional security investments such as SWG and EPP are no longer enough.
  • Many enterprise are looking to unify their mobile and traditional devices under one Unified Endpoint Management (UEM strategy).
  • This is the perfect opportunity for law firms to rethink their workspace security strategy and benefit from device-centric technologies such as MTD, CASB and Mobile SWG that are better suited to mobile deployment models. 
  • In this session, Wandera will share best practices to help you design a device-centric security strategy for the modern workplace.
11.20 - 11.40

 Keeping it simple and true to the business's journey

Mike Worth, Head of IT, Phillips Solicitors

  • Cover the basics first. How do you lay a security foundation through times of technological innovation and regulatory change, whilst collaborating and compromising with the board?
  • Why innovation and practical security is key to raising both the bar and awareness within small-medium law firms.
  • The legal technology bubble, the place to be?
11.40 - 12.10

Networking and refreshments

12.10 - 12.30

► Executive panel discussion

So you think you're special? Cross industry perspectives on identifying and protecting your unique business assets

  • Dan Chapman, GDPR Manager, bet365
  • Paul Holland, Information Security Leader, Hiscox
12.30 - 12.50

► Combating Threat Actors: Cross Border challenges, Cybersecurity hygiene and understanding the enemy

John Titmus, Director, CrowdStrike

  • How nationstate threats are crafted and how their Tactics, Techniques, and Procedures (TTPs) are infiltrating the legal world in the form of advanced attacks
  • Who are the most notable adversaries and what are the key European security themes based on the latest threat intel reported by CrowdStrike’s global intelligence operation
  • What are the indicators of attack and how you can apply them to defeat the adversary?
12.50 - 13.10

► Not becoming the next Cybersecurity headline is difficult, very difficult!

Etienne Greeff, CTO, SecureData

  • The only certainty in Cybersecurity is that high profile compromises will continue to dominate the headlines. This leaves boards with the question: How do we prevent ourselves becoming the next headline ?
  • Most companies know that they need to implement a threat detection program to get in front of the cyber challenge. Getting it right is hard, very hard
  • This talk looks at the overall threat landscape and provides a recipe for designing a threat detection program whether you decide to outsource or do it yourself
  • Key takeaways from this talk include understanding the building blocks and processes required to make sure you stand a chance of not becoming the next headline
13.10 - 13.30

►The customer knows best: how your clients are rating your cybersecurity 

Mohsin Choudhury, UK Head of Information Security, Bank of Ireland

  • Cybersecurity as a competitive advantage. Your clients are watching
  • Top potential risks the big banks are looking out for
  • Top tips from a major financial organisation. Areas to consider
  • How to pitch your security. How your clients are modelling cybersecurity risk
13.30 - 14.30

Lunch and networking 

14.30 - 15.00

► Executive panel discussion

Who are your real customers? Clients, questionnaires and C-suite: can you keep everyone happy? 

  • Nick Galt, IT Director, Boodle Hatfield
  • Rebecca Ditchburn, Risk & Best Practice Manager, Bevan Brittan
  • Chris Walmsley, Head of IT , Foot Anstey
     
15.00 - 15.20

► Is anything scarier than Cyber Security?

Graham Horsham, Head of Information Systems and Technology, Carpmaels & Ransford

  • Drivers for security: clients, regulation, self-preservation?
  • Big vs Small – complications & challenges of both 
  • Business engagement and buy-in – essential but at what level and how? 
  • Understanding of the risk versus business impact
  • Approaches to building a strategy:

o    Proactive vs Reactive planning, practice and learning
o    The importance of buy-in, within IT and the business 
o    Management of Risk – a key driver to eating an elephant
o    Certification – Does it add value / bring benefit

15.20 - 15.40

Networking and refreshments

15.40 - 16.10

► From cyber confusion to a 'defensible in a court of law' strategy for protecting your business

Jon Hawes, Head of Detect, Photobox

  • A whistlestop tour of the security industry's cross-sector challenges in delivering business value from security spend: where we are failing and how, and why we lack the best words when it comes to answering hard questions from our CxOs
  • Decomposing a security strategy and operational plan that works: a detailed template for how you can you assure your stakeholders (internal and external) that you are in control of your situation and your priorities, to properly negotiate budget and resources
  • 3 practical examples of how this works in the real world: how to execute on what matters and stay sane while you're doing it - even if you only have a small team
16.10 - 16.30

► Memoirs of an IT-eisha

Ozzie Kavcar, Head of IT, Joseph Hage Aaronson LLP

  • The Subtle Art of Failing Miserably and Achieving Your Dreams
  • Knowing what you have: if you don’t have visibility, how can you secure your assets?
  • Sitting at the grownups’ table: building the trust of the stakeholders
  • Whose line is it anyways?
16.30 - 16.30

Conference close