Fast-moving cyber-attacks can strike at any time, and security teams are often unable to react quickly enough. Join Hanah Darley, Head of Threat Research at Darktrace, to learn how Autonomous Response takes targeted action to stop in-progress attacks, without disrupting your business. Includes real-world threat finds, case studies and attack scenarios.
The Future of Cybersecurity
CISO Think Tank
UK Visionaries
Leo Cunningham
CISO
Owkin Inc
About Me
Leo has a successful track record working within different blue-chip companies and industries ranging from Start-ups/Scale-ups, Banking, FinTech, SaaS and eCommerce, providing insight, consultancy and strategy across global remits covering Information Security, Cyber Security, GRC, Auditing, Cloud and a multitude of compliance remits including PCI DSS, SOX and GDPR.
At Flo Health, the number one health and wellbeing app. His team protects the data of 250 million users, equating to 300 billion data points.
He is currently an advisor to multiple start-ups from the Palta Group. He has been instrumental in leading security efforts within HealthTech and FemTech. In June 2022, Flo Security delivered the industry’s first ISO 27001 certification.
Leo is a multi-award winner. A Snyk influencer. A Keynote speaker worldwide and was added to the CISO Platform Top 100
Gurinder Singh
Global Head of IT Security & Global Head of Innovation
Deutsche Bank
Sandip Patel
Group Chief Security Officer
APM
Paul Scott
Global CISO
Omnicom Group
Cameron Brown
Director - CyberSecurity - Risk Advisory
Deloitte
About Me
Cameron is a seasoned cyber defence advisor and information security strategist who has worked for the United Nations, governmental and law enforcement agencies, as well as leading multinational corporations. He consults across verticals to guide his clients in maturing strategic and tactical security capabilities, incident response measures, proactive defence, and resilience investments, and devising effective countermeasures to insider threats. Cameron has also conducted in-depth research into emerging trends in cybercrime offending, forensic science, data protection, and cyber-warfare. He is an author and contributor to books and articles on many aspects of cybersecurity and a regular speaker at international conferences. He holds multiple bachelor and master level degrees in law, behavioural science, international security, policing, intelligence, and counterterrorism, in addition to vendor neutral technical certifications and accreditations. Cameron enjoys working at the intersection of technology, security and law and building capable teams to deliver services that organisations need to operate safely, competitively, and effectively in today’s digital world.
Leo Cunningham
CISO
Flo Health Inc.
About Me
Leo has a successful track record working within different blue-chip companies and industries ranging from Start-ups/Scale-ups, Banking, FinTech, SaaS and eCommerce, providing insight, consultancy and strategy across global remits covering Information Security, Cyber Security, GRC, Auditing, Cloud and a multitude of compliance remits including PCI DSS, SOX and GDPR.
At Flo Health, the number one health and wellbeing app. His team protects the data of 250 million users, equating to 300 billion data points.
He is currently an advisor to multiple start-ups from the Palta Group. He has been instrumental in leading security efforts within HealthTech and FemTech. In June 2022, Flo Security delivered the industry’s first ISO 27001 certification.
Leo is a multi-award winner. A Snyk influencer. A Keynote speaker worldwide and was added to the CISO Platform Top 100
Troy Cunningham
Head of Information Security
IPONWEB
About Me
I am a passionate information security leader and I enjoy making the technical aspects of security become real for people, especially when it comes to making information security engaging and accessible for the non-specialist community. I frame security in a way that’s relatable across a business, regardless if you’re a lawyer, a developer, a client, an engineer or a C-level executive. As part of that passion I’ve been a moderator and a panellist at security events in Geneva and London. I’ve been a security generalist for years and I pride myself on having learned my craft on the job working my way up through various IT administration and architecture roles.
As part of my current role I'm redefining how security is done at Iponweb, and initiating a large program of security transformation, based on risk and strategy. My remit is all of information security, incorporating all of my previous experience and intra-domain knowledge into a holistic strategy for effective long-term security.
I’m generally known by my colleagues for having a pragmatic, practical approach to security and architecture, which is underpinned by my own technical experience. I’m also upfront about when I don’t know something and open to learning new things regularly on the job. It’s important to me to have a fun and collaborative working relationship with my colleagues, and to share knowledge in an effort to grow myself and my people.
Balaji Anbil
Lead Enterprise Architect
Ministry of Justice UK
About Me
Successful Technology Leader with a strong track record of delivering complex Digital & Cyber Security transformations in Public & Private Sectors.
An advocate of 'Post-Modern' business models and enabling new age businesses to accelerate growth through better adoption of Data Capabilities. Passionate in shaping organisations through Data & Technology with Resilience at its core.
*Currently building a Data & Cyber Professional Services Start-up - Tenacium DC*
Key Focus Areas: Open Source, Azure, AWS, Cyber Capabilities (NIST/CREST/BSIMM, SOC, SEIM, Executive Cyber Coach), ML, Data & Digital Engineering, Innovation, SAFe, Enterprise & Solution Architecture, Tech Procurement.
Phil Lea
Chief Privacy Officer
Tenth Revolution
About Me
Delivery of strategy for senior clients, including outcome-based delivery, interim management and targeted cyber consultancy.
Coaching and mentoring of senior Security and Risk Management clients. Delivering specific value to stakeholders to ensure that key initiatives are on track and have the best possible advice and guidance.
Professional Services and consulting for many clients including central government, local government, financial services, telecommunications and commercial organisations. Bid preparation and production. Network accreditation and production of RMADS and ADS. ISO27001 implementation, management, compliance and review
Development of IPR, risk methodologies, risk assessments
20+ years of IT experience, including 16+ years of Information Security.
William Davies
Head of Information Security and Assurance
Government Shared Services
Martin Medlycott
Group CIO & CISO
Metropolitan Thames Valley
About Me
A visionary and global leader in Digital, Data and technology. My multifunctional experience spans numerous businesses, markets and verticals which enables me to see strategic potential others miss and unlock value by executing change programs that achieve positive outcomes.
• Business first digital leader of change, with a successful track record of guiding teams and businesses through digital transformation, achieved with a mix of process, tooling and cultural transformation.
• Extensive experience in Enterprise applications, Data and E&M-commerce with an emphasis on change management and transformation within the enterprise.
• Customer first approach, using detailed analytics to guide business decisions
• Leadership across FTSE through to Start –up: yielding successful delivery of large-scale transformation initiatives based on a combination of strategic vision, tactical ability and an effective team mobilization strategy.
• My expertise in improving employee & customer experiences and working practices has enabled me to deliver efficiency gains in every part of the organisation and unlocked areas of value
Adrian Leung
CISO & Data Protection Officer Europe
Equifax
Lyn Webb
CISO
Open University
About Me
I am an experienced Chief Information Security Officer with outstanding leadership credentials and broad industry experience. I have a background as a Royal Air Force officer, Director in a Big 4 consultancy and presently, the CISO at The Open University. My passion is leading and growing security functions for complex organisations and embedding a strong security culture that helps to support business outcomes. Having experience of multiple high profile, global organisations, often at Board level and in digital organisations, I am passionate about both optimising and exploiting data, while protecting what is most valuable to an organisation. I am an experienced, media trained incident director with over 25 years experienced of multi-agency incidents. I have a strong network in the security sector and regularly present at, and participate in, national and global forums; in 2020, I was made a Fellow of the British Computing Society. I am also passionate about mentoring the next generation and supporting military veterans in their transition to civilian employment. Overall, I thrive on challenges and relish the opportunity to build new capabilities and lead new teams.
Amar Singh
CISO
Cyber Management Alliance Limited
About Me
- Senior C-Level Executive, experienced cyber, information risk & data-privacy practitioner. Global Chief Information Security Officer
- UK-Government certified Trainer. Creator of UK Government’s NCSC-Certified Cyber Incident Planning & Response (CIPR)
- Trusted advisor to police forces, financial institutions, hedge funds, banks, insurance companies, the NHS and telecom firms.
- Mentor to CISOs, author, writer, industry speaker & presenter, guest lecturer at multiple universities.
- Highly connected with a large network of over 11,000 C-Level decision-makers, people of influence, practitioners and specialists.
Amar is an industry acknowledged expert and public speaker and is regularly invited to speak and share his insights by some of the largest and most respected organisations in the world including The BBC, The Economist’s Intelligence Unit, The Financial Times, SC Magazine, InfoSec Magazine, Computer Weekly, The Register and the Al-Jazeera English Channel
Hanah Darley
Head of Threat Research
Darktrace Holdings Limited
About Me
With nearly a decade of experience as a threat intelligence specialist and senior geopolitical analyst, I use my background studying psychology and international relations to creatively problem solve and mentor teams. Having worked for a range of private companies and government clients, I understand the fast-paced and demanding reality of global strategic intelligence and the need for creativity in critical problem solving and resource management.
Gurinder Singh
Global Head of IT Security & Global Head of Innovation
Deutsche Bank
Sandip Patel
Group Chief Security Officer
APM
Paul Scott
Global CISO
Omnicom Group
William Davies
Head of Information Security and Assurance
Government Shared Services
Adrian Leung
CISO & Data Protection Officer Europe
Equifax
EVENT DETAILS
May 10, 2022
Agenda
12:00 PM-12:45 PM
Welcome & Registration
12:55 PM-1:45 PM
Keynote
Fast and Furious Attacks: Using AI to Surgically Respond
Panelists
Together With:
1:45 PM-2:40 PM
Fireside Chat
Cloud Security
According to Gartner 79% of companies have experienced at least one cloud data breach during the pandemic. Remote work is here to stay, and the concept of securing a perimeter has essentially ended. Traditional application security measures are broken. The need to innovate faster and shift to cloud-native application architectures isn’t just driving complexity, it’s creating significant vulnerability blind spots also.
Under the thumb of the pandemic, enterprises and IT leaders had to look for tech solutions that were resilient and agile to empower the remote workforce. To sustain business continuity plans, organizations shifted workloads to the cloud. As much as cloud adoption offers flexibility and productivity, it also exposes organizations to cyber threats and data breaches. So the question remains if moving to the cloud is the right thing to do and if so how to protect it from the new risks given that most organizations believe that application security should be completely automated to keep pace with dynamic clouds and rapid software development practices.
Panelists
Chair
Cameron Brown
Director - CyberSecurity - Risk Advisory
Deloitte
Cameron is a seasoned cyber defence advisor and information security strategist who has worked for the United Nations, governmental and law enforcement agencies, as well as leading multinational corporations. He consults across verticals to guide his clients in maturing strategic and tactical security capabilities, incident response measures, proactive defence, and resilience investments, and devising effective countermeasures to insider threats. Cameron has also conducted in-depth research into emerging trends in cybercrime offending, forensic science, data protection, and cyber-warfare. He is an author and contributor to books and articles on many aspects of cybersecurity and a regular speaker at international conferences. He holds multiple bachelor and master level degrees in law, behavioural science, international security, policing, intelligence, and counterterrorism, in addition to vendor neutral technical certifications and accreditations. Cameron enjoys working at the intersection of technology, security and law and building capable teams to deliver services that organisations need to operate safely, competitively, and effectively in today’s digital world.
Speaker
Leo Cunningham
CISO
Flo Health Inc.
Leo has a successful track record working within different blue-chip companies and industries ranging from Start-ups/Scale-ups, Banking, FinTech, SaaS and eCommerce, providing insight, consultancy and strategy across global remits covering Information Security, Cyber Security, GRC, Auditing, Cloud and a multitude of compliance remits including PCI DSS, SOX and GDPR.
At Flo Health, the number one health and wellbeing app. His team protects the data of 250 million users, equating to 300 billion data points.
He is currently an advisor to multiple start-ups from the Palta Group. He has been instrumental in leading security efforts within HealthTech and FemTech. In June 2022, Flo Security delivered the industry’s first ISO 27001 certification.
Leo is a multi-award winner. A Snyk influencer. A Keynote speaker worldwide and was added to the CISO Platform Top 100
2:40 PM-2:50 PM
Networking Break
3:00 PM-3:35 PM
Panel
Guarding the Doors: Navigating 3rd Party Risk
As organizations expand their third-party ecosystem, many are challenged with executing core activities that are critical to operations, risk profiles, and compliance posture without compromising the quality of data collection, evaluation, and mitigation measures increasingly outsourcing business activities to 3rd-party vendors. It is critical for an organization to be vigilant when selecting the right 3rd-party vendor with the appropriate security posture, as many vendors are hosting, processing and transmitting sensitive regulatory information with unrestrained access to our IT assets. At the highest level, third-party incidents can result in reputational damage, non-compliance, or even criminal activity, which can negatively impact earnings and shareholder value. To address this challenge, many organizations are investing in technology to support vendor risk management. Technology isn’t the entire answer to managing third-party risk, however the right technology or collection of technologies, coupled with optimal processes, can enable organizations to bridge the gap.
Panelists
Chair
Cameron Brown
Director - CyberSecurity - Risk Advisory
Deloitte
Cameron is a seasoned cyber defence advisor and information security strategist who has worked for the United Nations, governmental and law enforcement agencies, as well as leading multinational corporations. He consults across verticals to guide his clients in maturing strategic and tactical security capabilities, incident response measures, proactive defence, and resilience investments, and devising effective countermeasures to insider threats. Cameron has also conducted in-depth research into emerging trends in cybercrime offending, forensic science, data protection, and cyber-warfare. He is an author and contributor to books and articles on many aspects of cybersecurity and a regular speaker at international conferences. He holds multiple bachelor and master level degrees in law, behavioural science, international security, policing, intelligence, and counterterrorism, in addition to vendor neutral technical certifications and accreditations. Cameron enjoys working at the intersection of technology, security and law and building capable teams to deliver services that organisations need to operate safely, competitively, and effectively in today’s digital world.
Speaker
Gurinder Singh
Global Head of IT Security & Global Head of Innovation
Deutsche Bank
Speaker
Sandip Patel
Group Chief Security Officer
APM
Speaker
Phil Lea
Chief Privacy Officer
Tenth Revolution
Delivery of strategy for senior clients, including outcome-based delivery, interim management and targeted cyber consultancy.
Coaching and mentoring of senior Security and Risk Management clients. Delivering specific value to stakeholders to ensure that key initiatives are on track and have the best possible advice and guidance.
Professional Services and consulting for many clients including central government, local government, financial services, telecommunications and commercial organisations. Bid preparation and production. Network accreditation and production of RMADS and ADS. ISO27001 implementation, management, compliance and review
Development of IPR, risk methodologies, risk assessments
20+ years of IT experience, including 16+ years of Information Security.
3:40 PM-4:15 PM
Building security into DevSecOps
Many organizations struggle with how and where to introduce automation and integrations efficiently. Conventional approaches to application security can’t keep pace with cloud-native environments that use agile methodologies and API-driven architectures, microservices, containers, and serverless functions. Application security testing is evolving to meet the speed at which DevOps teams operate. DevSecOps teams are challenged with how to make sense of the noise their AppSec tools generate once they’ve been automated into DevOps pipelines. Processes and tools are more fast-paced and rely on integration and automation to maintain efficiency throughout the software development life cycle. A new approach to DevSecOps is required addressing a change in the security mindset. How do CISOs achieve this without the buy-in from stakeholders?
Panelists
4:15 PM-4:35 PM
Networking Break
4:35 PM-5:30 PM
Panel
The Greatest Fears?
The biggest fear is not the technology, it is the potential of human error that could expose your organization to a cyberattack. The majority of CISOs agree that an employee carelessly falling victim to a phishing scam is the most likely cause of a security breach. Most also agree that they will not be able to reduce the level of employee disregard for information security. How do we guard against human error without limiting employee efficiency and productivity?
Panelists
Chair
Cameron Brown
Director - CyberSecurity - Risk Advisory
Deloitte
Cameron is a seasoned cyber defence advisor and information security strategist who has worked for the United Nations, governmental and law enforcement agencies, as well as leading multinational corporations. He consults across verticals to guide his clients in maturing strategic and tactical security capabilities, incident response measures, proactive defence, and resilience investments, and devising effective countermeasures to insider threats. Cameron has also conducted in-depth research into emerging trends in cybercrime offending, forensic science, data protection, and cyber-warfare. He is an author and contributor to books and articles on many aspects of cybersecurity and a regular speaker at international conferences. He holds multiple bachelor and master level degrees in law, behavioural science, international security, policing, intelligence, and counterterrorism, in addition to vendor neutral technical certifications and accreditations. Cameron enjoys working at the intersection of technology, security and law and building capable teams to deliver services that organisations need to operate safely, competitively, and effectively in today’s digital world.
Speaker
Troy Cunningham
Head of Information Security
IPONWEB
I am a passionate information security leader and I enjoy making the technical aspects of security become real for people, especially when it comes to making information security engaging and accessible for the non-specialist community. I frame security in a way that’s relatable across a business, regardless if you’re a lawyer, a developer, a client, an engineer or a C-level executive. As part of that passion I’ve been a moderator and a panellist at security events in Geneva and London. I’ve been a security generalist for years and I pride myself on having learned my craft on the job working my way up through various IT administration and architecture roles.
As part of my current role I'm redefining how security is done at Iponweb, and initiating a large program of security transformation, based on risk and strategy. My remit is all of information security, incorporating all of my previous experience and intra-domain knowledge into a holistic strategy for effective long-term security.
I’m generally known by my colleagues for having a pragmatic, practical approach to security and architecture, which is underpinned by my own technical experience. I’m also upfront about when I don’t know something and open to learning new things regularly on the job. It’s important to me to have a fun and collaborative working relationship with my colleagues, and to share knowledge in an effort to grow myself and my people.
Speaker
Balaji Anbil
Lead Enterprise Architect
Ministry of Justice UK
Successful Technology Leader with a strong track record of delivering complex Digital & Cyber Security transformations in Public & Private Sectors.
An advocate of 'Post-Modern' business models and enabling new age businesses to accelerate growth through better adoption of Data Capabilities. Passionate in shaping organisations through Data & Technology with Resilience at its core.
*Currently building a Data & Cyber Professional Services Start-up - Tenacium DC*
Key Focus Areas: Open Source, Azure, AWS, Cyber Capabilities (NIST/CREST/BSIMM, SOC, SEIM, Executive Cyber Coach), ML, Data & Digital Engineering, Innovation, SAFe, Enterprise & Solution Architecture, Tech Procurement.
Speaker
Adrian Leung
CISO & Data Protection Officer Europe
Equifax
Speaker
Lyn Webb
CISO
Open University
I am an experienced Chief Information Security Officer with outstanding leadership credentials and broad industry experience. I have a background as a Royal Air Force officer, Director in a Big 4 consultancy and presently, the CISO at The Open University. My passion is leading and growing security functions for complex organisations and embedding a strong security culture that helps to support business outcomes. Having experience of multiple high profile, global organisations, often at Board level and in digital organisations, I am passionate about both optimising and exploiting data, while protecting what is most valuable to an organisation. I am an experienced, media trained incident director with over 25 years experienced of multi-agency incidents. I have a strong network in the security sector and regularly present at, and participate in, national and global forums; in 2020, I was made a Fellow of the British Computing Society. I am also passionate about mentoring the next generation and supporting military veterans in their transition to civilian employment. Overall, I thrive on challenges and relish the opportunity to build new capabilities and lead new teams.
5:30 PM-5:35 PM
Closing Remarks
5:35 PM-6:30 PM
Cocktail Hour
Together With
