Taking a joined-up national response to secure technology, data and networks

8:00 am -

Coffee and registration in the exhibition area

9:15 am - 9:20 am

Chairman’s opening remarks

Mike StJohn-Green
Honorary Fellow and Technical Advisor
University of Warwick - Information Security Forum

9:20 am - 9:50 am

Opening keynote: A look at the evolving nature of the cyber threat

  • Communication – A look at the disconnect between the CISO and the board
  • An analysis of the changing face of the cyber threat over the past 5 years
  • A look at the geopolitics of cybersecurity
Misha Glenny
International Journalist, Best Selling Author

9:30 am - 9:45 am

Chairman’s opening remarks

Scott Sammons
Information and Records Management Society (IRMS)

9:45 am - 10:30 pm

Panel discussion: A look at the first 6 months of GDPR – Implementation insights

  • Deep dive into the implications of the EU data economy for a long-term GDPR implementation strategy
  • What’s GDPR got to do with a “risk based approach/risk management”
  • Global implications: How GDPR has affected organisations outside of the EU
Peter Brown
Group Manager (Technology Policy)
Information Commissioners Office (ICO)
Stephen Latham
Data Protection Programme Manager
Richard Merrygold
Director of Group Data Protection
Rhiannon Lewis
Senior Region Counsel, Privacy & Data Protection
Jeremy Lilley
Policy Manager - GDPR

10:20 am - 10:50 am

Cyber security – Responding to the threat to the UK health service

Will Smart
NHS England

10:30 am - 10:50 am

GDPR is here, now what? Top predictions for the GDPR era

  • Now that the GDPR is here, what’s next for data privacy?
  • How will regulators assess accountability?
  • Will we see massive fines? And what about ePrivacy Regulation?
  • A look at top predictions and practical advice for an ongoing GDPR program.
Ian Evans
Managing Director - EMEA

10:50 am - 11:30 am

Morning coffee and networking in the exhibition area

10:50 am - 11:30 am

Morning coffee and networking in the exhibition area

11:30 am - 12:05 pm

Panel Discussion: Analysing the latest trends in cyber-attacks – A look at the risk landscape for 2019

  • An in-depth look at the motivations, behaviours, tactics and techniques of the cyber criminal
  • Exploring new areas of vulnerability and new opportunities for exploitation
  • Examining the changing nature of the threat
  • Understanding why AI and machine learning are crucial to your 2019 IT strategy
Mike StJohn-Green
Honorary Fellow and Technical Advisor
University of Warwick - Information Security Forum
Hasan Al-Saedy
Professor of Cyber Security
British Institute of Technology

11:30 am - 12:00 pm

Data protection insights: The size of your company does not matter to data thieves

  • Addressing data protection challenges for SMBs as well as enterprises
  • Reducing risk by controlling the data that matters most to your company
  • Implementing a simplified approach to data protection
Kris Lahiri
Co-founder, Vice President of Operations and Chief Security Officer
Jeff Sizemore
Vice President of Governance and Compliance

12:00 pm - 12:20 pm

Protecting your data from third party risk

  • Reducing the risk that your data will be lost, corrupted, or misused by implementing robust governance, standards and controls over third party suppliers
  • Developing an effective strategy to mitigate third party risk: What to do
Ailidh Callander
Legal Officer
Privacy International

12:05 pm - 12:40 am

Utilising AI effectively to stay ahead of cyber security threats

  • Is AI the ‘saviour’ it is made out to be?
  • Using AI and machine learning to detect threats: Pipe dream or the future of combatting cyber security threats?
  • Harnessing AI to be in the position of planning forward strategically to counter future cyber risks, not reacting to the past.
  • Discover how AI will shape the future of cyber security and will it replace cyber security experts?
Stephen Browning
Interim Challenge Director - Next Generation Services
Innovate UK

12:20 pm - 12:40 pm

How DPAs conduct technical investigations: A practical example from the Bavarian DPA

  • Analysing how DPAs select companies and how the Bavarian Data Authority conduct audits
  • A look at the technical equipment and laboratories available to the Bavarian DPA
  • An insight into results and conclusions by the Bavarian DPA
  • Helpful “tips and tricks” on how to deal with DPAs in general
Dorit Buschmann
Department for Cybersecurity and Privacy Engineering
Bavarian Data Protection Authority

12:40 pm - 1:00 pm

Understanding your threat landscape and protecting vulnerabilities around data as your core asset

  • Managing the operational risk and technical safeguards that surround your most important asset
  • Reviewing the risks of implementing new technologies notably IoT
  • How to provide assurance when it’s in the cloud
  • Understanding the legal issues surrounding breaches, data privacy and protection

12:40 pm - 2:00 pm

Lunch and networking in the exhibition area

1:00 pm - 2:00 pm

Lunch and networking in the exhibition area

2:00 pm -

Security regulation – An outcome-focused approach to cyber risk exposure

  • Evidencing effective security plans and regimes that address the risks that effect the most important assets
  • Getting the best value from intelligence
  • What is it like to have outcome based as opposed to forced based regulations?
  • Understanding and addressing supply chain risk: Are you at risk from your own suppliers?
Tom Parkhouse
Head of Nuclear Cyber Security Regulation
‎Office for Nuclear Regulation
Sarabjit Purewal
Principal Specialist Inspector

2:00 pm - 2:40 pm

”How to DPO like a boss” – Integrating the role of the DPO into your business

  • Who should be the DPO?
  • Understanding the duties, obligations and liabilities of the DPO
  • Elevating the role within the organisation
  • Creating an effective reporting structure; ensuring all data breaches are reported to the DPO immediately to facilitate an effective and adequate response
Samantha Simms
Senior Principal and Founder
The Information Collective

2:20 pm - 2:40 am

Understanding what a good data compliance culture looks like

  • Investing in a programme of staff training and making the case for greater investment
  • Creating awareness of data protection and its significance to your organisation
  • Addressing internal risk factors and what measures should be taken to avoid internal data breaches
  • Raising awareness among your organisation’s management to set the appropriate ‘tone from the top’
  • Identifying the personal information your organisation holds about employees, customers and suppliers and the level of risk associated
  • Checking your use of data is compliant and overcome misinformation concerning the requirement for consent
Brian Shorten
Charities Security Forum

2:30 pm - 2:50 pm

A look at the importance of content protection and content security from the perspective of the film and TV industries

  • Looking at acts of content piracy as a prelude to future major cyber security issues within the entertainment industry
  • Understanding the different types of content piracy threats
  • Addressing the need for proactive content security to counter threats
  • What are the most popular and most effective content protection strategies?
  • De-bunking the myths about pirates and anti-piracy when it comes to content protection and content security
  • Content protection as a business intelligence tool and getting the right return on investment when implementing anti-piracy remedies.
Pascal Hetzscholdt
Director of Content Protection for Europe and Africa
21st Century Fox

2:40 pm - 3:00 pm

ePrivacy regulation current status

  • Understanding the scope: who is the ePrivacy regulation for?
  • Reconciling ePrivacy with the GDPR
Kimon Zorbas
SVP Government Relations & Public Policy

2:50 pm - 3:10 pm

The role of international global standards in cyber security in an uncertain world

  • ‘Herd immunisation’ – Understanding your place in the wider ecosystem when it comes to cyber security
  • A look at what other regulators are doing internationally
  • Developing cross-border technological collaboration to fight emerging cyber threats and address cyber security issues
  • Working in tandem with industry leaders and foreign governments to create a system of international cooperation and a culture of cyberspace norms
  • Complying with new standards in order to help implement a proven risk management framework without having to reinvent the wheel
Alison Barker
Director of Specialist Supervision
Financial Conduct Authority (FCA)

3:00 pm - 3:40 pm

Afternoon tea and networking in the exhibition area

3:10 pm - 3:50 pm

Afternoon tea and networking in the exhibition area

3:40 pm - 4:00 pm

Data mapping: What needs to be done to comply with GDPR

  • Maintaining Accountability of the data for the full data lifecycle
  • Evidence for the organisation that the data is protected in its full cycle
Rebecca Turner
Head of Compliance and Privacy
The Trainline.com

3:50 pm - 4:10 pm

What are the risks of IoT to your organisation?

  • Effectively detecting automated bot attacks as newer and more sophisticated generations of bots are getting launched by attackers
  • How will consumer data be used and by whom? – The issue of privacy
  • Software security and privacy of IoT and mobile devices in the workplace
  • Implementing regular training to your staff to ensure they are able to spot attacks when they happen
  • Understanding the challenges associated with managing and keeping secure the expanding network of connected devices
  • Warning indicators that could set off a red flag
  • Preventing and recovering from serious attacks, protecting private and confidential data, and the emerging dangers that organisations face

4:00 pm - 4:20 pm

Using ISO 27001 to achieve GDPR compliance

  • Implementing ISO 27001 Information Security Management System (ISMS) within your organisation
  • Putting processes in place that protect all information assets, not just customer information or information that is stored electronically
  • Setting a realistic scope to improve the chances of success
Bridget Kenyon
Head of Information Security
University College London

4:20 pm - 4:40 pm

The cyber security evolution: Why being ‘secure’ is not enough

  • Uncovering how to raise threat awareness
  • Unlocking the value of your existing IT security investments and continuing to improve your security posture
  • A look at the distinction between being ‘secure’ and ‘safe’
  • How the approach to cyber security needs to evolve to ensure that you are fully remediated against the impact of any future attacks, while allowing for business continuity when they happen
  • Practical advice, using the ‘assess, plan, build, run and improve’ (APBRI) model

4:40 pm - 5:00 pm

A look at the UN’s role in cyberspace

  • The UN’s relevance in global cyberspace
  • Disarmament: Cyberwarfare, advanced persistent threats and evidential attribution
  • Politics & Governance: challenges and opportunities
  • Cybercrime & Sustainable Development: empowering communities and building peace
Neil Walsh
Chief of the Global Programme on Cybercrime
UN Office on Drugs and Crime

5:00 pm - 5:10 pm

Chairman’s closing remarks

Mike StJohn-Green
Honorary Fellow and Technical Advisor
University of Warwick - Information Security Forum

Check back regularly for further updates for the 2018 show.  For speaker and content enquires please contact [email protected] 

If you would like to sponsor the 2018 Summit please click here, email [email protected] or call 020 3770 6546.