Expo Agenda

GDPR Conference
Seminar one
Seminar two
Seminar three

Opening Remarks from the Chair

10:00 am - 10:10 am

GDPR Preparedness – Frameworks and Guidance from the ICO

10:10 am - 10:30 am

  • Preparing for the May 2018 deadline: Avoiding the risk of 20,000,000 EUR fines, or up to 4% of the total worldwide annual turnover for serious breaches to GDPR
  • Understanding the key principles of the regulation – including the right to erasure, the right to access, data portability and how to respond to data requests
  • Exploring the role of the Data Protection Officer, reporting data breaches and GDPR enforcement
  • Identifying the appropriate supervisory authority in cases of complex cross-board data processing
  • Global Implications: How GDPR will affect organisations outside of the EU
  • How does GDPR link with other data policies including the EU-US Privacy Shield and the Network and Infrastructure Directive?
Peter Brown, Group Manager, Information Commissioners Office (ICO)

GDPR in the Boardroom – Leadership for Compliance

10:30 am - 10:50 am

Panel Discussion

  • Getting data protection right to help deliver real business benefits and competitive advantage
  • Managing the implications of GDPR for your business in terms of data strategy and usage within the organisation
  • Exploring the key elements of a good information strategy
  • Examining new rights and status of Data Protection Officers
  • Creating a culture of GDPR data compliance and measuring compliance
Simon Wright, Strategic Governance Manager – Group Data Protection & Privacy, SKY

Data Governance Requirements for GDPR

10:50 am - 11:10 am

  • Meeting Data Governance regulatory requirements for GDPR – the clock is ticking, how are you protecting your data and content
  • Securing your applications and securely share files on premises and in the cloud, encrypt content, data and files
  • Cloud storage and file sharing – challenges and security threats
  • Data Governance solutions to help IT and business leaders gain greater control and transparency over visibility of data assets, who has access to files and data, data retention, reporting and auditing
  • Challenges of managing and classifying data in a digital workplace, what does best practice data governance look like
Kris Lahiri, VP Operations and Chief Security Officer, Egnyte

Questions and Answers

11:10 am - 11:20 am

Coffee and Expo

11:20 am - 12:00 pm

Developing an Organisational Roadmap for the Introduction of GDPR in May 2018

12:00 pm - 12:20 pm

  • Dealing with the multiple challenges and opportunities that the GDPR brings
  • Taking a proactive approach to preparing for its implementation, developing project milestones and plan of action to meet the deadline
  • Managing the impact on your company’s data strategy and ability to use data
  • Taking a cross-function approach to GDPR – Security, IT, Data and Legal teams working together
Jonathan Baines, Data Protection Officer, GDPR Readiness, Network Rail

Identifying Areas of Data Risk within Your Organisation

12:20 pm - 12:40 pm

Case Study

  • Things to consider when examining areas of the business that will be impacted by GDPR – identifying the personal information that you hold
  • Analysing data access points and accessibility
  • Undertaking a privacy impact assessment where the risk is deemed high, using as a tool to ensure you meet the GDPR obligations
  • Shared lessons from experience and what to consider in your GDPR preparations
John Townsend, Data Protection Officer & Legal Counsel, Plusnet

GDPR for the Public Sector – Being Ready for May 2018

12:40 pm - 1:00 pm

Lunch and Expo

1:00 pm - 2:00 pm

New Considerations for Sensitive Data, Regulated data, Personal Data and Child Data

2:00 pm - 2:15 pm

  • Best practice in processing personal sensitive data: Understand what personal data is, what lawful processing looks like and how to gain and record consent
  • Detecting data breaches and utilising breach procedures to ensure you take the appropriate steps to inform relevant parties
  • Communicating the correct data privacy notice and that they are undertaking the appropriate consent retrieval methods
  • New measures for data retention and data disposal – how to prove state of data?
  • Managing data on children, what additional controls do you need?
John Culkin, Director of Information Management, Crown Records Management

Implementing an Enterprise Content Management System (ECM) to take control of your information and processes

2:15 pm - 2:30 pm

Thought Leadership session

GDPR – Being Ready for May 2018

2:30 pm - 2:50 pm

  • Mandatory grounds for appointing a DPO under the GDPR
  • Latest Guidance by Art.29 Data Protection Working Party on the DPO
  • What the DPO is expected to do in their first 100 days?
  • How easy or difficult is it to hire a DPO?
  • How to identify a senior manager internally who could become the DPO?
  • Will ‘Team DPO’ as an outsourced solution become the de facto way to comply with the requirement for a DPO?
Ardi Kolah, Executive Fellow and Co-Director, GDPR Transition Programme - Henley Business School (UK)

Questions and Answers

2:50 pm - 3:00 pm

Coffee and Expo

3:00 pm - 3:30 pm

Session Lead: TBC

3:30 pm - 3:45 pm

eBay – Reviewing Process, Procedure and Reporting for GDPR

3:45 pm - 4:00 pm

Case Study

  • Reforming the way personal data is stored, used, shared, maintained and recorded
  • Technological solutions to help meet GDPR challenges
  • Developing processes to manage individual data rights
  • Implementing record keeping and reporting to demonstrate compliance and accountability
  • Developing and enhancing a culture of privacy compliance
  • Operational and technical challenges
Ben Westwood, Senior Privacy Manager & Data Protection Officer, eBay UK

Creating a Culture of Data Compliance in your Organisation

4:00 pm - 4:30 pm

Panel Discussion

  • Exploring the role of Data Protections Officers in preparing for GDPR
  • How to engage staff and the board in the responsibilities of the regulation
  • Considerations beyond the organisation: Where do you need to consider GDPR in outsourcing relationships and the supply chain?
  • Measuring GDPR compliance
  • Investing in a programme of staff training
Brian Shorten, Chairman, Charities Security Forum Ardi Kolah, Executive Fellow and Co-Director, GDPR Transition Programme - Henley Business School (UK) Simon Wright, Strategic Governance Manager – Group Data Protection & Privacy, SKY John Townsend, Data Protection Officer & Legal Counsel, Plusnet

Check back regularly for further updates. For speaker and content enquiries please contact [email protected] or call 020 3770 6569. 

If you would like to sponsor the GDPR Conference or exhibit click here, email [email protected]or call 020 3770 6546.

Top Tips for Good Cyber Hygiene

9:30 am - 9:50 am

Expert Insight

  • Helping organisations prepare, protect, prevent, respond and recover from salient cyber threats
  • Engaging with local enterprise partnerships to create a shared awareness culture
  • Encouraging organisations to help prevent attacks from spreading through the Cyber Security Information Sharing Partnership (CiSP)
  • Working with national partners across government, crime sector and industry to provide regular updates on attack trends
Jennie Williams, Cyber Protect Officer, TITAN - North West Regional Organised Crime Unit

Best Practice in Security Management System, Security-based Standards, ISO 27001 Certification, Training

10:00 am - 10:30 am

The Dangers and Opportunities of AI-Based Security Systems

10:40 am - 11:00 am

Expert Insight

  • The need for smart, adaptive security systems
  • AI and machine learning in new deterrence and defence technologies
  • Exploring the risks and rewards posed by smart security systems
Prof. Tim Watson, Director, Cyber Security Centre at WMG (Warwick University)

Session Lead – PA Consulting

11:20 am - 12:05 pm

Session Lead – Nextlabs

12:15 pm - 12:45 pm

Access Rights Management for Complex Information Infrastructures

12:55 pm - 1:15 pm

Expert Insight

  • Implications of the IG Toolkit for Trusts and in meeting the modern needs of patients
  • Reducing the intrusion of biometric/biomathematics information using authenticated equipment
  • Implementing role-based control to improve compliance with HIPAA regulations without reducing efficient accessibility to patient information

Shared Lessons: Preparing for Ransomware Attacks and Disaster Recovery

1:35 pm - 2:05 pm

Best Practice Panel Discussion

  • Understanding the increase in ransomware variant: More common, more cost and more damaging
  • Optimising defence: Deploying monitoring tools to detect, respond and neutralize suspicious activity for DDOS and website protection
  • Factoring ransomware into business continuity planning to enable quick and efficient response in the event of a breach
  • Paying the ransom: Discussing practicality, organisational reputation and principles
  • Preparedness best practice: Regular backups of mission critical data, defined access control and system compartmentalisation

Moderator: 

Talal Rajab, Head of Programme – Cyber and National Security, Tech Uk Bridget Kenyon, Head of Information Security, University College London Stephen Baker, Chief Executive & Spokesperson on Civil Resilience and Community Safety, Suffolk Coastal and Waveney Councils & SOLACE

How an ECM Solution Can Help with GDPR to Store and Manage Personal Data

2:15 pm - 3:00 pm

  • Information Management and GDPR – what is the connection and why is GDPR a strategic business challenge?
  • Implementing an Enterprise Content Management System (ECM) to take control of your information and processes
  • How to effectively use ECM to store and manage personal data
  • Reviewing your current systems and ensuring future compliance

Session Lead – TBC

3:10 pm - 3:40 pm

Emerging Cyber Tech for Evolving Cyber Threats

3:50 pm - 4:10 pm

Expert Insight

  • Matching the changing threat with the right solutions, strategy and approach
  • Working with the private cyber security industry to accelerate the development of next-gen technology
  • Developing the potential of automation, artificial intelligence and machine learning in new deterrence and defence technologies
  • Exploring the risks and rewards posed by a future of quantum computing
  • Realising the potential of Blockchain based security solutions and advanced cryptography
Prof Chris Hankin, Director, Institute for Security Science and Technology, Imperial College London

Check back regularly for further updates. For speaker and content enquires please contact [email protected] or call 020 3770 6569.

If you would like a sponsored speaking slot in this seminar theatre or wish to exhibit please click here, email [email protected] or call 020 3770 6546.

Taking a Proactive Approach to Cyber Defence

9:40 am - 10:00 am

Case Study

  • Revisiting strategies to map and test vulnerabilities within your organisation
  • Developing a Red Team cyber approach
  • Simulating attacks with advanced threat intelligence to secure critical IT
  • Shifting mindsets from incident response to continuous response
Ian Glover, President, CREST

Securely Unlocking the Value of Digital Business in the Internet of Things

10:10 am - 10:55 am

  • What is the internet of things?
  • What use cases are there for the internet of things?
  • What are the challenges inherent in the internet of things?
  • How can Entrust Datacard help you prepare for the internet of things?

 

Luke Niemiec, Sales Associate, Entrust Datacard

Data Breach Detection – What’s Outside Your Firewall?

11:05 am - 11:35 am

  • Dark Web monitoring – has your data already left the building?
  • Watermarking and Fingerprinting – how to recognize your data when it leaks
  • Detecting Data Breaches on the Deep Dark Web
  • Beyond Google – the role of TOR, IRC and Paste sites in data breaches
  • Real-time detection and alerting as part of a GDPR compliance strategy
Jeremy Hendy, Chief Commercial Officer, RepKnight

Session Lead – TBC

11:45 am - 12:15 pm

Cyber Security Considerations for your Journey to the Cloud

12:40 pm - 1:10 pm

Best Practice Panel Discussion

  • Exploring operational security benefits presented by Cloud based SaaS, PaaS and IaaS
  • Public, Community and Private Cloud: Evaluating which is best for your organisation
  • Best practice for data protection and service migration: Developing a data-tight roadmap
  • The importance of classifying risk of data and compliance frameworks when considering multi-tier cloud options
  • Evaluating the interoperability and versatility of security solutions and tools to reduce complexity in your security architecture
Steve Williamson, Director of IT Governance, Risk & Compliance, GlaxoSmithKline Sue Daley, Head of Programme for Cloud, Data Analytics and AI, TechUK

Session Lead – TBC

1:25 pm - 1:55 pm

Implementing Verify for Identity Management across Government

2:05 pm - 2:25 pm

Case Study

  • Using a ubiquitous system to ensure widespread demographic coverage using multiple types of evidence and methods of verification
  • Keeping pace with security challenges, products and best practice
  • Ensuring strong authentication including 2nd Factor Authentication for bolstered security
  • Increasing scope to service local government, health and social care, and the private sector
  • Working with D5 nations, the United Nations, and the World Bank, to promote international standards and platforms for identification and verification
Adam Cooper, Lead Technical Architect, Verify-Government Digital Service (GDS)

24 Hours in a Cyber Attack

2:25 pm - 3:10 pm

  • Exposing how quickly multiple technical defences can be efficiently defeated
  • Protecting organisations from well-resourced, well-motivated attackers who use a wide range of advanced techniques to compromise  your security
  • Understanding the vulnerabilities of traditional systems and implementing advanced core security functions
Noel Hannan, Cyber and Digital Innovation Lead, GoSecure

Cyber Insurance

3:20 pm - 3:50 pm

  • Why Cyber Insurance should be a key part of your Cyber risk strategy
  • How can you protect your business in a fast and complex world where cyber risk is constantly changing
  • Reputational Harm and Cyber Insurance
  • How can a specialist cyber insurance partner mitigate the risk
  • The need to take a proactive approach to brand risk management
  • Crisis Management, business interruption, data breach

The Psychology Behind Cyber Attacks and How to Manage the Insider Threat

4:00 pm - 4:20 pm

Expert Insight

  • Implementing safeguards to administrative, procedural and technical components to decrease human error
  • Using holistic approaches to develop training for staff and reduce insider attacks
  • Reducing physical data breaches such as; lost paperwork, faxing or emails to wrong recipients
  • Monitoring technology to spot threats within the organisation
Angela Sasse, Professor of Human-Centered Technology in the Department of Computer Science, University College London

Check back regularly for further updates. For speaker and content enquires please contact [email protected] or call 020 3770 6569.

If you would like a sponsored speaking slot in this seminar theatre or wish to exhibit please click here, email [email protected] or call 020 3770 6546.

The Evolving Cyber Threat Landscape – Looking Ahead for the Next 12 Months

9:35 am - 9:55 am

Expert Insight

  • Horizon scanning for emerging and future threat vectors
  • Exploring new areas of vulnerability and new opportunities for exploitation
  • Examining the changing nature of the threat: Large scale state-level vs. personal and reputational attacks
Ewan Lawson, Senior Research Fellow, Royal United Services Institute (RUSI)

Session Lead – TBC

10:05 am - 10:35 am

The Cybernetics Of Society

10:45 am - 11:15 am

  • Understanding cyber as a complex, self-adaptive, socio-technical phenomenon operating at societal scale
  • Exploring the implications of this for cyber security and society
  • Projecting the possible future developments of cyber as a societal construct
Colin Williams, Director, Softbox (SBL)

Dealing with the Increased Sophistication of Phishing Attacks

11:25 am - 11:55 am

Best Practice Panel Discussion

  • Reducing vulnerability and managing risk – updating security policies and solutions to eliminate threats as they evolve
  • Educating employees and conducting training sessions with mock phishing scenarios
  • Implementing the use of anti-virus on mobiles to combat the effect of smishing damaging organisations smart working and mobile security
  • Applying log in activity software to halt fake email interfaces stealing log-in details
  • Exposing the dangers of URLS as websites built by criminals that gain access to identities and systems

Moderator:

Piers Wilson, Director, Institute of Information Security Professionals (IISP) Michele Hanson, Head of Information Security, News UK DCSupt Glenn Maleary, Detective Chief Superintendent, City of London Police - Economic Crime Directorate

Session Lead – TBC

12:05 pm - 12:35 pm

Session Lead – TBC

12:45 pm - 1:30 pm

Protecting your Digital Assets with Password Manager for Mobile Devices and Computers – Keeping your Data and Assets Secure Anytime, Anywhere

1:50 pm - 2:35 pm

Ensuring Cyber Security Culture in Complex Environments of Regular Change

2:45 pm - 3:05 pm

Case Study

  • Reviewing the layers of security risk connected to mobile cyber-security: Network, device, application, and back-end system
  • Implementing cyber security policies and processes to manage remote working risks
  • Creating a culture of security through clear responsibilities and accountability
  • Taking a proactive and protective approach to mobile security for next-generation productive working
  • Using encryption and preventative software to manage risks
Jasvinder Pham, Information & Cyber Security Manager, High Speed Two (HS2)

Session Lead – TBC

3:15 pm - 3:45 pm

Reframing Security Strategies for Secure Mobile Working

3:55 pm - 4:15 pm

Case Study

  • Reviewing the layers of security risk connected to mobile cyber-security: Network, device, application, and back-end system
  • Implementing cyber security policies and processes to manage remote working risks
  • Creating a culture of security through clear responsibilities and accountability
  • Taking a proactive and protective approach to mobile security for next-generation productive working
  • Using encryption and preventative software to manage risks
Giacomo Collini, Director of Information Security, King.com

Check back regularly for further updates. For speaker and content enquires please contact [email protected] or call 020 3770 6569.

If you would like a sponsored speaking slot in this seminar theatre or wish to exhibit please click here, email [email protected] or call 020 3770 6546.