2023 London Cybersecurity Summit

19th September 2023

London Cybersecurity Summit

8:30 AM BST - 5:00 PM BST

In-Person Summit

Thank You for Coming!

ISMG’s Cybersecurity Summit: London Empowers the Security Community Through Insightful Keynotes and Interactive solutions

Event Overview

The ISMG London Summit dedicates a full day to advancing cybersecurity education among leaders, delivering enlightening sessions that encompass a diverse range of essential subjects. Among the highlights was an unmissable discussion featuring Helen Rabe, the CISO of BBC. In this eagerly anticipated session, Rabe delved into the refinement of team skills, the art of effective leadership, and the intricacies of incident response, all within the context of the transformative forces of technology, particularly AI.

Participants gained invaluable insights from the analysis of Carlos Abarca’s case, the TSB CIO, and his journey in navigating executive liability. The summit also offers a comprehensive exploration of incident response strategies during the hands-on and engaging “Solution Room” exercise that challenges CISOs and cybersecurity leaders to strategize on incident response during a global ransomware attack.

Furthermore, the summit took a deep dive into the technical landscape of AI, equipping leaders for secure implementation and addressing supply chain budget concerns. As cybersecurity leaders strive to maintain equilibrium in a rapidly evolving landscape, the summit offers guidance on finding balance in times of change, reinforcing the notion that a steady hand at the helm is vital in safeguarding digital landscapes.

Venue

Convene 22 Bishopsgate

22 Bishopsgate, London EC2N 4BQ

Highlight Topics

Executive Liability for CISOs and Their Teams
Incident Response Exercise
Ransomware Detection and Prevention
Supply Chain Incident and Response
Harnessing the Power of AI Against Cyberthreats
Security Budget Management
Preventing Burnout and Building Resilience

Keynote Speaker

Helen Rabe, CISO, BBC

Rabe is passionate about aligning security with desired business outcomes, while being mindful of current state and future business strategies. As an influential and versatile security leader, her ability to clearly communicate strategy to all levels of the organisation, including the board, has resulted in strong and comprehensive programs with high adoption of security behaviours across organisations.

Rabe has a proven track record of developing, executing and maturing bespoke ISMS strategies and teams to mitigate risk, counter threats and deliver world-class security and data privacy management solutions across varied industry sectors ranging from financial services to media and broadcasting and life sciences.

Matt Gordon-Smith

Former CISO, Gatwick Airport

Andrew Robson

CISO, Bentley Motors

Matt Broomhall

CISO, Lloyd's of London

Don Gibson

CISO, Kinly

Milos Pesic

CISO, ABB Accelleron

Dom Lucas

Head of Security, British International Investment

Adam Wedgbury

Head of Enterprise Security Architecture, Airbus

Jonathan Armstrong

Partner, Cordery

Quentyn Taylor

Director, Information Security, Canon EMEA

Speakers

Thought Leaders on Stage and Leading the Critical Conversations

ISMG Summits bring the foremost thought leaders and educators in the security space to the stage and knowledge-sharing discussions. Learn what is on the minds of leading security experts as they share insights and challenges of the ever-evolving threat landscape.

Thank You for Coming!

ISMG’s Cybersecurity Summit: London Empowers the Security Community Through Insightful Keynotes and Interactive solutions

Agenda

You can now view or download a PDF version of the attendee guide.

Registration and Breakfast

Helen Rabe

CISO, BBC

CISO One-on-One - Helen Rabe, CISO, BBC

In this keynote fireside chat with CISO Helen Rabe, we will delve into the dynamic realm of upskilling teams, effective leadership and incident response within the context of revolutionary technologies, with a focus on artificial intelligence (AI). As news organisations grapple with integrating AI into their operations, Rabe's insights provide invaluable perspectives on navigating this transformative landscape.

During this discussion, Rabe will explore a range of crucial subjects, including:

Proactively Anticipating and Mitigating AI-Associated Security Threats: Explore the intricacies of identifying and neutralizing security threats linked to the realm of AI. Gain exclusive insights into strategies that safeguard against potential vulnerabilities.
The Leadership Paradigm in Nurturing Diverse Teams Within a Technology-Driven Ecosystem: Navigate the uncharted waters of steering a diverse team in a technology-immersed environment. Rabe will share her experiences and wisdom on fostering an inclusive and high-performing team culture.
Empowering Proactivity – Crisis Management and Post-Incident Analysis: Uncover the keys to effective proactive measures that not only prevent mishaps but also bolster organisational resilience. Rabe’s discourse on crisis management and post-incident analysis promises to be enlightening and transformative.

Helen Rabe, CISO, BBC

Ivan Milenkovic

Group CISO, Webhelp

Milos Pesic

CISO, ABB Accelleron

Sateesh Kumar Challa

Head of Digital Transformation Office, Société Générale

Karamjit Singh

Director, Artificial Intelligence, Mastercard

CISOs Need Post-Quantum Cryptography: Here's Why

Security leaders are consistently faced with a relentless stream of threats that can escalate into high-pressure crises at any time.

When breaches occur, the challenge extends beyond just damage control; it also involves maintaining team focus, composure, and effectiveness under pressure. This specialized session aims to provide cybersecurity leaders like you with actionable strategies for building resilience and stability, particularly during and after security incidents.

Gain valuable insights and practical tools for confidently navigating your teams through unexpected security events. The session will focus on key areas, such as:

Enhancing the resilience and unity of your incident response teams for improved performance under stress.
Refining crisis communication protocols to ensure quick and effective action, thereby reducing latency and increasing overall effectiveness.
Conducting thorough analyses of past incidents to develop proactive and dynamic plans for mitigating future cybersecurity threats.

Ivan Milenkovic, Group CISO, Webhelp

Milos Pesic, CISO, ABB Accelleron

John Stone

Director, Office of the CISO, Google Cloud

SAIF - A Security Framework to Enable AI in a Secure Manner

This session looks at how using an AI security framework such as Google's SAIF enables usage and development of AI use cases by placing security at the forefront and adapting to new challenges whilst retaining principles from traditional security approaches.

John Stone, Director, Office of the CISO, Google Cloud

Milos Pesic

CISO, ABB Accelleron

The Art and Science of Translating Cyber Risk and Loss Exposure Into Quantifiable Measures

Because every business is unique, so too are the risks facing each one. Hence the answer to the question "what are the biggest cyber risks we face?" depends on who's asking. Regardless of the answer, however, it's up to the cybersecurity team to not only identify cyber risks, but help business leaders understand the operational risks each one poses, to help them quantify the resulting business risks each one poses and to take responsibility for what happens next.

This expert panel discusses:

• Creating a common risk language across the organization

• Building a playbook that helps the business identify actual exposure

• Strategies for making cyber everyone’s responsibility

Milos Pesic, CISO, ABB Accelleron

Networking and Exhibition Break

Andrew Robson

CISO, Bentley Motors

Jonathan Armstrong

Partner, Cordery

Quentyn Taylor

Director, Information Security, Canon EMEA

Navigating Executive Liability: Lessons From TSB CIO Carlos Abarca's Case

In April of this year, former TSB CIO Carlos Abarca was fined £81,620 for operational resilience failings in 2018, as per the Prudential Regulation Authority (PRA) investigation.

Abarca’s breach of Senior Manager Conduct Rule 2 was due to inadequate measures in ensuring compliance with PRA Outsourcing Rules during a data migration process, resulting in significant disruptions to TSB’s banking services and impacting a large portion of its 5.2 million customers.

These recent cases, including that of Joe Sullivan, former CSO at Uber, have once again brought to the forefront the heightened vulnerability of CISOs and CIOs to executive liability, where decision-makers assume personal responsibility for their professional actions.

In this exclusive session, the panelists will discuss how these outcomes can influence the responsibilities and expectations of security leaders and take a deep dive into:

What the Joe Sullivan verdict portends for the security profession globally;
What the case tells us about personal liability under GDPR;
Practical steps security leaders should take today to guard against their own liability.

Andrew Robson, CISO, Bentley Motors

Jonathan Armstrong, Partner, Cordery

Quentyn Taylor, Director, Information Security, Canon EMEA

Tai Alad

Director, Solutions Engineer – EMEA, CyberGRX

Mitigating Modern Cyberthreats From Third Parties

Vendor risk assessments are no longer the centerpiece of effective third-party risk management programs.

As digital ecosystems become more diverse and dynamic, our perspective on the vendors essential to our businesses and supply chain should evolve too. It’s time to start thinking of third parties as our new endpoints, which require monitoring, detection, and response capabilities. Join Tai Alad of CyberGRX as he discusses how to revolutionize the approach to TPRM using data-rich, actionable insights.

Tai Alad, Director, Solutions Engineer – EMEA, CyberGRX

Lunch and Exhibition Break

London Summit

Critical Infrastructure Protection: Improving Resilience

As part of its remit, the U.K.'s National Cyber Security Center, or NCSC, safeguards the nation's critical infrastructure - much of which is controlled within the private sector.

Marsha Quallo-Wright, an NCSC deputy director, is responsible for improving critical infrastructure resilience, and in this exclusive session she discusses:

The state of critical infrastructure security;
The heightened cyberthreat resulting from Russia’s invasion of Ukraine;
Public/private sector partnerships that can improve critical infrastructure security and resilience.

Angus Clarke

BSO, Mastercard

Matt Gordon-Smith

Former CISO, Gatwick Airport

Matt Broomhall

CISO, Lloyd's of London

Crawford Thomas

Global Head of Cyber Threat Intelligence, Credit Suisse

From Attack to Recovery: Incident Response in Ransomware Scenarios

Ransomware persists as one of the most high-stake threats cybersecurity leaders face, no matter how robust their organisation’s security architecture may be. Growing attack vectors create increased risk – whether through internal lapses in coverage, in a partner’s supply chain or through human error – and threat actors are deploying increasingly sophisticated techniques to exploit vulnerabilities and infiltrate previously secure networks.

As a precursor to an interactive incident response workshop, learn from industry leaders who have faced and defended against the pervasive threat of ransomware attacks firsthand. Attendees will hone their knowledge of ransomware attacks and their organisations’ potential vulnerabilities as they prepare to enter The Solution Room.

Key topics include:

Learn how to leverage public-private engagement to stay aware of global threats;
Explore best practices for preparation and response to ransomware attacks while considering their impact on client and proprietary data;
Identify how to most effectively inform internal stakeholders in case of a security breach;
Gain a comprehensive understanding of ransomware complexities and develop robust strategies for safeguarding digital assets in the face of this evolving cybercrime.

Angus Clarke, BSO, Mastercard

Matt Gordon-Smith, Former CISO, Gatwick Airport

Matt Broomhall, CISO, Lloyd’s of London

Crawford Thomas, Global Head of Cyber Threat Intelligence, Credit Suisse

Milos Pesic

CISO, ABB Accelleron

Don Gibson

CISO, Kinly

Crawford Thomas

Global Head of Cyber Threat Intelligence, Credit Suisse

Dom Lucas

Head of Security, British International Investment

Angus Clarke

BSO, Mastercard

Adam Wedgbury

Head of Enterprise Security Architecture, Airbus

The Solution Room: CISO and Cybersecurity Leaders, Exercise on Incident Response

The Solution Room offers cybersecurity leaders a highly engaging and interactive conference session, providing them with peer-to-peer support and subject matter expertise to tackle their most pressing challenges.

During this interactive session, CISOs and cybersecurity professionals will engage in a dynamic and timely exercise centered on a global ransomware attack. The scenario revolves around a fictional shipping and logistics company and its semiconductor manufacturer supply chain partner. The exercise is structured into three phases, each presenting unique challenges and crucial decision points relevant to real-life incident response.

The session’s objective is to provide practical insights into managing a global ransomware attack, mitigating supply chain risks, effectively engaging with law enforcement, and fostering a cyber-resilient organisational culture. By actively participating in the exercise, participants will gain valuable experience in dealing with cyberthreats and hone their incident response preparedness, ultimately strengthening their organisation’s cybersecurity defenses in the face of evolving challenges.

Milos Pesic, CISO, ABB Accelleron

Don Gibson, CISO, Kinly

Crawford Thomas, Global Head of Cyber Threat Intelligence, Credit Suisse

Angus Clarke, BSO, Mastercard

Matt Gordon-Smith, Former CISO, Gatwick Airport

Dom Lucas, Head of Security, British International Investment

Adam Wedgbury, Head of Enterprise Security Architecture, Airbus

Networking and Exhibition Break

Ian Thornton-Trump

CISO, Cyjax Limited

Andy Chakraborty

Head of Technology Platforms, Santander UK

Adam Wedgbury

Head of Enterprise Security Architecture, Airbus

Navigating the Technical Landscape of AI: Empowering CISOs for Secure Implementation

As the digital landscape continues to evolve, the integration of AI and ML technologies into organisations' operations has become increasingly prevalent.

These transformative technologies hold great potential for enhancing efficiency, automation and decision-making processes. However, with the tremendous benefits they offer, AI and ML also bring about unique challenges and risks that demand the attention of CISOs.

This session is designed specifically for CISOs seeking to enhance their understanding of AI technologies and their implications on cybersecurity. The session will delve into the technical intricacies of AI systems and explore the pivotal role CISOs play in ensuring a secure and responsible AI implementation within their organisations.

Key discussion topics include:

Fundamentals of AI and ML: Learning core principles and algorithms powering AI and ML. Helps CISOs understand AI-driven app mechanics;
AI in Cybersecurity: Exploring the current landscape of AI applications in the realm of cybersecurity, including threat detection, anomaly identification, and risk assessment, along with insights into the potential for AI-driven attacks;
Data Privacy and Ethics: Addressing the ethical considerations and data privacy challenges that arise from AI implementation;
Adversarial AI and Mitigation Strategies: Analysing the concept of adversarial AI, its potential to subvert AI systems and best practices for safeguarding AI algorithms from malicious attacks;
AI Governance and Risk Management: Highlighting the significance of comprehensive AI governance frameworks and risk management strategies to mitigate potential AI-related risks effectively;
Collaborating With AI Teams: Strategies for fostering collaboration between CISOs and AI development teams, facilitating a cohesive approach to security in AI projects.

Ian Thornton-Trump, CISO, Cyjax Limited

Andy Chakraborty, Head of Technology Platforms, Santander UK

Milos Pesic

CISO, ABB Accelleron

Don Gibson

CISO, Kinly

Dom Lucas

Head of Security, British International Investment

Budget Management for CISOs: Securing Information Assets From Within and Between

In an increasingly decentralised cyber landscape, organisations must make strategic investments to safeguard assets and prevent costly breaches.

Effectively budgeting for internal security, while fortifying information exchange with third parties, is complicated by an increased attack surface, market volatility, and global supply chain disruption. Today’s CISO plays a pivotal role in shoring up defenses on both fronts and protecting each link in the chain.

This session will break down the intricate realm of fiscal management while ensuring the fortification of your systems. Panelists will discuss how and where to allocate limited resources to maximize ROI on cybersecurity investments.

Key topics include:

Vendor Assessment and Monitoring: Practical ways to make the most of your organisation’s security assessments of third-party vendors and strategies for continuously monitoring supplier protocols throughout the partnership.
Proactive versus Reactive Measures: How to create a dual approach to budgeting for proactive measures and preventive security controls, reactive measures and incident response plans.
Scalability: Consider the scalability of cybersecurity measures. As supply chain components expand or contract, ensure that the budget allocation strategy can adapt accordingly.
Personnel Utilization: Employ a tactical approach for deployment of human capital, ensuring sustained coverage between security architects, penetration testers and analysts.
Adaptive Strategy: Implementing a dynamic budget allocation strategy takes into account evolving threats, changes in the supply chain landscape, and emerging technologies to ensure that resources are allocated where they are most needed at any given point.

Milos Pesic, CISO, ABB Accelleron

Don Gibson, CISO, Kinly

Dom Lucas, Head of Security, British International Investment

Don Gibson

CISO, Kinly

If You Can Keep Your Head: A Leader's Guide to Finding Balance in Times of Change

In this enlightening session, join Don Gibson, CISO of Kinly, as he delves into the critical issue of burnout experienced by cybersecurity CISOs and their teams. Drawing from his own expertise, Don will shed light on the profound effects of change, both professionally and personally, on cybersecurity leaders.

Through his valuable insights, he will:

• Guide participants on how to strike a harmonious balance amidst times of rapid transformation,

• Ensure their teams remain resilient and motivated while avoiding the perils of burnout,

• Infuse practical tips and real-life examples to equip CISOs with the tools they need to lead effectively and foster a healthier and more sustainable cybersecurity environment.

Don Gibson, CISO, Kinly

Closing Comments

Don’t miss your chance to attend this dynamic and impactful event

@ ISMG_News #ISMGSummits

Our Sponsors

Our Partners

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speakers

Thought Leaders on Stage and Leading Deep Dive Discussions

ISMG Summits bring the foremost thought leaders and educators in the security space to the stage, interactive workshops and networking events. Learn from the “who’s who” in Cybersecurity passionate about the latest tools and technology to defend against threats