2017 Summit Agenda

9:00 am -

9:40 am - 9:45 am

9:40 am - 9:45 am

9:45 am - 10:15 am

• Communication – A look at the disconnect between the CISO and the board
• An analysis of the changing face of the cyber threat over the past 5 years
• A look at the geopolitics of cyber security: What have we learnt in 2018 and what can we expect in 2019?

9:45 am - 10:10 am

• An in-depth look at the motivations, behaviours, tactics and techniques of the cyber criminal
• Exploring new areas of vulnerability and new opportunities for exploitation
• Examining the changing nature of the threat
• Understanding why AI and machine learning are crucial to your 2019 IT strategy

9:45 am - 10:00 am

10:00 am - 10:45 am

• Deep dive into the implications of the EU data economy for a long-term GDPR implementation strategy
• What’s GDPR got to do with a “risk based approach/risk management”
• Global implications: How GDPR has affected organisations outside of the EU

10:15 am - 10:45 am

10:30 am - 10:45 am

10:45 am - 11:15 am

• What can government, businesses and the NHS do to enhance cyber security?
• The impact of GDPR and NIS on data security in the NHS
• What are the predicted cyber security threats to health and care services in 2019 and how are they evolving?
• The strategic framework for managing cyber at board level

10:45 am - 11:00 am

11:00 am - 11:20 am

• Now that the GDPR is here, what’s next for data privacy?
• How will regulators assess accountability?
• Will we see massive fines? And what about ePrivacy Regulation?
• A look at top predictions and practical advice for an ongoing GDPR program.

11:15 am - 11:45 am

11:20 am - 11:45 am

11:45 am - 12:15 pm

• Addressing data protection challenges for SMBs as well as enterprises
• Reducing risk by controlling the data that matters most to your company
• Implementing a simplified approach to data protection

12:15 pm - 12:40 pm

• Analysing how DPAs select companies and how the Bavarian Data Authority conduct audits
• A look at the technical equipment and laboratories available to the Bavarian DPA
• An insight into results and conclusions by the Bavarian DPA
• Helpful “tips and tricks” on how to deal with DPAs in general

12:20 pm - 12:40 pm

• Uncovering how to raise threat awareness
• Unlocking the value of your existing IT security investments and continuing to improve your security posture
• A look at the distinction between being ‘secure’ and ‘safe’
• How the approach to cyber security needs to evolve to ensure that you are fully remediated against the impact of any future attacks, while allowing for business continuity when they happen
• Practical advice, using the ‘assess, plan, build, run and improve’ (APBRI) model

12:40 pm - 1:00 pm

• Financial business has a greater global presence than ever before.
• Firms must establish, maintain and develop a global risk model that meets the threat faced by each of their businesses.
• A strong cyber resilience posture is needed across a global marketplace.
• Firms must build a security culture that protects their business.
• Firms must work together to defend themselves.
• Regulatory authorities must work together to promote cohesion across industry sectors and jurisdictional borders.

12:40 pm - 1:00 pm

• Managing the operational risk and technical safeguards that surround your most important asset
• Reviewing the risks of implementing new technologies notably IoT
• How to provide assurance when it’s in the cloud
• Understanding the legal issues surrounding breaches, data privacy and protection

12:40 pm - 1:40 pm

1:00 pm - 2:00 pm

1:29 pm - 1:55 pm

• Reducing the risk that your data will be lost, corrupted, or misused by implementing robust governance, standards and controls over third party suppliers
• Developing an effective strategy to mitigate third party risk: What to do

1:40 pm - 2:00 pm

• Leicester City Council and the impact of GDPR
• An analysis of the key changes required as a unitary local authority needed and the changes made by Leicester City Council

2:00 pm - 2:25 pm

• Cloud computing brings advantages and challenges to the IT Security team. A good cloud computing service provider lifts the burden of a lot of routine cyber hygiene actions. But you cannot outsource liability – you still have to take care!
• A look at how careful consideration is needed to make sure that the system owner is clear about the remaining responsibilities for security patching and vulnerability management: not all cloud options have the same ITSEC implications
• Analysing why the cloud service needs to be set up to perform when bad things happen

2:00 pm - 2:30 pm

• Who should be the DPO?
• Understanding the duties, obligations and liabilities of the DPO
• Elevating the role within the organisation
• Creating an effective reporting structure; ensuring all privacy risks (including data breaches) are reported to the DPO immediately to facilitate an effective and adequate response

2:25 pm - 2:55 pm

• Protecting and exploiting precious assets
• Leading the way – governance and culture
• Understanding the landscape: Threats, vulnerabilities and actions
• Management information and assurance
• Legal and regulatory responsibilities
• Stimulating innovation

2:30 pm - 2:55 pm

• Investing in a programme of staff training and making the case for greater investment
• Creating awareness of data protection and its significance to your organisation
• Addressing internal risk factors and what measures should be taken to avoid internal data breaches
• Raising awareness among your organisation’s management to set the appropriate ‘tone from the top’
• Identifying the personal information your organisation holds about employees, customers and suppliers and the level of risk associated
• Checking your use of data is compliant and overcome misinformation concerning the requirement for consent

2:55 pm - 3:20 pm

• Looking at acts of content piracy as a prelude to future major cyber security issues within the entertainment industry
• Understanding the different types of content piracy threats
• Addressing the need for proactive content security to counter threats
• What are the most popular and most effective content protection strategies?
• De-bunking the myths about pirates and anti-piracy when it comes to content protection and content security
• Content protection as a business intelligence tool and getting the right return on investment when implementing anti-piracy remedies.

2:55 pm - 3:30 pm

3:20 pm - 3:50 pm

3:30 pm - 3:55 pm

• Maintaining accountability of the data for the full data life cycle
• Providing evidence that your data is protected in its full cycle and kept in adherence to the rules of GDPR to submit to the regulatory and supervising authorities
• Understanding consent under GDPR – assessing your current consent procedures

3:50 pm - 4:00 pm

• A look at the biggest contracts
• Who are the most active buyers and suppliers
• What are the most valuable contracts due to expire in the near future

3:55 pm - 4:20 pm

• Implementing ISO 27001 Information Security Management System (ISMS) within your organisation
• Putting processes in place that protect all information assets, not just customer information or information that is stored electronically
• Setting a realistic scope to improve the chances of success

4:00 pm - 4:30 pm

• Evidencing effective security plans and regimes that address the risks that effect the most important assets
• Getting the best value from intelligence
• What is it like to have outcome based as opposed to forced based regulations?
• Understanding and addressing supply chain risk: Are you at risk from your own suppliers?

4:20 pm - 4:40 pm

• Effectively detecting automated bot attacks as newer and more sophisticated generations of bots are getting launched by attackers
• How will consumer data be used and by whom? – The issue of privacy
• Software security and privacy of IoT and mobile devices in the workplace
• Implementing regular training to your staff to ensure they are able to spot attacks when they happen
• Understanding the challenges associated with managing and keeping secure the expanding network of connected devices
• Warning indicators that could set off a red flag
• Preventing and recovering from serious attacks, protecting private and confidential data, and the emerging dangers that organisations face

4:30 pm - 4:50 pm

• Is AI the ‘saviour’ it is made out to be?
• Using AI and machine learning to detect threats: Pipe dream or the future of combating cyber security threats?
• Harnessing AI to be in the position of planning forward strategically to counter future cyber risks, not reacting to the past.
• Discover how AI will shape the future of cyber security (in terms of both cyber defence and cyber offence) and will it replace cyber security experts?

4:50 pm - 5:00 pm