ismg summit logo

17th September 2024

Cybersecurity Summit: London

8:30 BST - 17:45 BST | London, EN

Event Overview

The Cybersecurity Summit in London, hosted by ISMG, is the ultimate gathering of elite cybersecurity practitioners, distinguished by its laser focus on the latest industry developments and toughest challenges. This exclusive event offers unparalleled networking opportunities with industry leaders, fostering an exchange of groundbreaking ideas. Dive deep into specialized topics such as the latest NIS2 Directives, DORA resilience strategies, AI-driven cybersecurity innovations and sophisticated ransomware combat techniques. 

The highlight? A hands-on tabletop exercise on deepfakes, equipping you with practical skills to tackle emerging threats head-on. This summit ensures you stay ahead, armed with the knowledge and connections to lead the field. 

View our ISMG 2023 London Summit Experience video to see highlights and what is in store for 2024!

Venue

Andaz, Liverpool Street, London

40 Liverpool Street, London, EN

EC2M 7QN, United Kingdom

NOTE: All requests to attend will be reviewed by event staff and

approved based on and event capacity.

Highlight Topics

  • DORA – The Promise of Cyber Resilience Across the Financial Sector
  • AI Act – Is the EU Putting AI in a Time Out Until It Learns to Share and Play Fair?
  • NIS2 – The Impact on EU Member States
  • Deepfake Drama – An In-Depth Tabletop Simulation 
  • Ransomware – Navigating Threats and Responses

Speakers

Thought Leaders on Stage and Leading Deep Dive Discussions

ISMG Summits bring the foremost thought leaders and educators in the security space to the stage, interactive workshops and networking events. Learn from the “who’s who” in Cybersecurity passionate about the latest tools and technology to defend against threats 

Ian Thornton-Trump

CISO, Cyjax

Surinder Lall

SVP, Global Information Security Risk Management, Paramount

Brian Brackenborough

CISO, Channel 4

Heather Lowrie

Former CISO, University of Manchester

Jon Davies

Senior Director, Media Company - Confidential

Victor Murineanu

Information Security Manager, Chelsea Football Club

Dom Lucas

Head of Security, British International Investment

Angus Clarke

VP, BSO, Mastercard

Jonathan Armstrong

Partner, Punter Southall Law

Martyn Booth

CISO, dunnhumby

Jon Staniforth

fmr. CISO, Royal Mail

Rory Alsop

Head of Information Security & Cyber Risk, Tesco Bank

Speakers

Thought Leaders on Stage and Leading Deep-Dive Discussions

ISMG Summits bring the foremost thought leaders and educators in the security space to the stage for knowledge-sharing discussions. Know what is on the minds of leading security experts as they share insights and challenges of the ever-evolving threat landscape.

Agenda

You can now view or download a PDF version of the attendee guide.

Registration & Networking Breakfast

You can now view or download a PDF version of the attendee guide.

Opening Remarks

Ian Thornton-Trump

CISO, Cyjax

Jon Staniforth

Former CISO, Royal Mail

Heather Lowrie

Former CISO, University of Manchester

Deep Insights From Three CISOs Who Battled Ransomware Attacks and Have the Scars to Prove It

Discover how to strengthen your organization’s resilience by learning directly from those who have navigated these intense challenges, offering you practical strategies and invaluable lessons for future preparedness. 

This session will:

  • Explore the speaker’s firsthand experience in managing a significant ransomware attack compared to prior training.
  • Highlight the importance of communication and showing empathy in incident response.
  • Discuss the personal and financial implications of a cyber incident for CISOs, their organizations and customers.
  • Emphasize the need for collaboration among legal, compliance and communication stakeholders.

Moderated by Ian Thornton-Trump, CISO, Cyjax

Jon Staniforth, Former CISO, Royal Mail

Heather Lowrie, Former CISO, University of Manchester

James Maude

Field Chief Technology Officer, BeyondTrust

Ian Thornton-Trump

CISO, Cyjax

Victor Murineanu

Information Security Manager, Chelsea Football Club

Hackers Don’t Hack in – They Log In. How to Combat the Threat of Identity Compromise

With identity compromise common to almost every cyberattack, distinguishing between how a legitimate user is leveraging an identity and the misuse of that identity by an unauthorized user is difficult. This leaves the door open for threat actors to use impersonated identities to access resources, compromise systems, move laterally and achieve their illicit objectives. Today, this is effectively making identity the new security perimeter.

Join the discussion with our esteemed panel of experts as they share what is driving this paradigm shift, and how attackers are successfully exploiting the gaps in visibility between IAM and security tools.

This session will cover:

  • How the threat landscape is evolving.
  • Real-world examples of identity breaches.
  •  How attackers are exploiting hidden paths to privilege.
  • How controlling identities and privileges can be your greatest defense.

James Maude, Field Chief Technology Officer, BeyondTrust

Ian Thornton-Trump, CISO, Cyjax

Victor Murineanu, Information Security Manager, Chelsea Football Club

Steve Jackson

Senior Vice President of Growth, Binalyze

Resolving Incident Response Challenges in Your SOC With Automation

In this session, we will explore the specific challenges around operational security, SOC resources and welfare and the regulatory landscape, and how these challenges can be met head-on through automation, collaboration and greater speed of investigation.

Steve Jackson, Senior Vice President of Growth, Binalyze

 

Networking & Exhibition Break

Nathan Swain

CISO, Binance

Max Kington

CISO, Global Markets, BNP Paribas

Surinder Lall

SVP, Global Information Security Risk Management, Paramount

A Double-Edged Sword: Guarding Against AI’s Expanded Threats

This panel discussion will explore how cybercriminals are leveraging AI to conduct sophisticated attacks, such as automated phishing, deepfake generation and AI-driven malware. We will examine these real-world cases, discuss their implications for U.K. organizations, and provide strategies for mitigating these advanced threats.

Join us to gain a deeper understanding of the evolving threat landscape and to equip your organization with the knowledge to stay ahead of AI-powered cyberthreats. We will dissect specific AI-driven attacks, analyzing the methodologies used by cybercriminals and offering insights on how to bolster your cybersecurity posture against such advanced tactics.

This session will cover:

  • Understanding AI-enhanced threats: Gain insights into how AI is being utilized by cybercriminals to execute more sophisticated and harder-to-detect attacks, including phishing and malware.
  • Real-world case studies: Learn from real-world examples of AI-driven cyberattacks, such as the AI-powered spear-phishing attack on Metro Bank and the deepfake fraud case targeting RWE.
  • Mitigation strategies: Explore effective strategies and best practices for defending against AI-powered threats, including enhancing threat detection capabilities and improving incident response protocols.

Nathan Swain, CISO, Binance 

Max Kington, CISO, Global Markets, BNP Paribas

Surinder Lall, SVP, Global Information Security Risk Management, Paramount 

Lance Moraitis-Jones

Senior Presales Engineer, Recorded Future

Reducing Risk Through Automated Threat Profiling

This session will delve into the benefits of automated threat profiling, exploring why it is crucial and the challenges it presents. Attendees will learn how to prioritize threat actors and malware more dynamically and in real time, and discover methods to operationalize the output to further protect their organizations. Join us for an in-depth discussion with experts who will share their insights and strategies for leveraging automated threat profiling to enhance cybersecurity defenses.

This session will cover:

  • Benefits of automated threat profiling: Understanding why automated threat profiling is crucial for modern cybersecurity and the challenges it presents.
  • Dynamic prioritization: Exploring methods to prioritize threat actors and malware dynamically and in real-time to stay ahead of evolving threats.
  • Operationalizing threat profiling: Discussing how to effectively operationalize the output of automated threat profiling to enhance organizational protection and response strategies.

Lance Moraitis-Jones, Senior Presales Engineer, Recorded Future 

Richard Meeus

Director of Security Technology and Strategy, EMEA, Akamai

Illuminating the Shadows: Enhancing Discovery and Visibility for Robust Operational Resilience

IT security leaders must focus on the essential roles of discovery and visibility to strengthen their organization’s defenses and ultimately protect against evolving cyberthreats

This session will highlight how comprehensive discovery and visibility across IT infrastructure, data streams, applications, APIs and operational technology can strengthen your organization’s defenses. Learn to identify and inventory digital assets, integrate visibility for better monitoring, and apply simple practical steps for continuous resilience against cyberthreats.

Richard Meeus, Director of Security Technology and Strategy, EMEA, Akamai

Lunch & Exhibition Break

Dom Lucas

Head of Security, British International Investment

Brian Brackenborough

CISO, Channel 4

Every Link Counts: Third-Party Risk and Emerging Supply Chain Threats

Recent incidents such as the 2024 breach of the U.K. Ministry of Defence, which involved a third-party payroll system managed by SSCL, highlight the significant risks posed by third-party software providers. This breach exposed personal data of nearly 270,000 current and former staff, underscoring the necessity for rigorous supply chain security and the adoption of comprehensive risk management frameworks. By joining the discussion, attendees will acquire actionable strategies to fortify their supply chains against emerging threats and ensure no stone is left unturned in their risk management strategy.

This session will cover:

  • Proactive risk management: Learn how to integrate comprehensive threat intelligence and adopt best practices for evaluating third-party vendors, drawing lessons from recent high-profile breaches.
  • Advanced security controls: Discover best practices for deploying security controls such as code signing, software integrity verification, and secure boot mechanisms to safeguard supply chain components.
  • Continuous monitoring and incident response: Gain insights into setting up effective monitoring systems to detect signs of compromise or suspicious activity in the supply chain, and develop robust incident response plans to mitigate the impact of breaches.

Dom Lucas, Head of Security, British International Investment

Brian Brackenborough, CISO, Channel 4

 

Richard Cassidy

Field CISO, Rubrik

Achieving Predictive Resilience With AI: Safeguarding Critical Business Operations

Organizations must adapt their cyber resilience and cybersecurity strategies to ensure their critical business operations remain uninterrupted in case of worst-case scenarios.

This session will explore how businesses can leverage latest technology capabilities – many of which are already embedded into existing operations and services ecosystems – to not only respond to threats in real time, but also predict and mitigate operational risks proactively.


Join us as we delve into the transformative role of artificial intelligence in enhancing cyber resilience. Discover how AI-driven insights can help organisations understand their current resilience posture, predict likely points of failure, and integrate seamlessly with existing security platforms to combat the threats we’re now facing to our critical business operations.

This session will cover:
• The integration of AI with data-at-rest solutions to provide deeper insights and predictive capabilities.
• Strategies for maintaining continuous business operations amidst rising cyberthreats.
• Approaches for the successful application of AI in predicting and mitigating cyber risks.
• Collaborative approaches to building a resilient security ecosystem that leverages the strengths of AI and existing cybersecurity tools.

By attending this event, you will gain valuable knowledge on leveraging AI for predictive resilience, ensuring that your organisation can withstand and quickly recover from cyber incidents to maintain operational continuity in an increasingly hostile digital landscape.

Richard Cassidy, Field CISO, Rubrik

Afternoon Break

Jonathan Armstrong

Partner, Punter Southall Law

Declan Burke

CISO, NorthStandard

Rory Alsop

Head of Information Security & Cyber Risk, Tesco Bank

Cross-Channel Resilience: Ensuring Compliance With EU Regulations

Additionally, we will discuss the DORA directive, which focuses on digital operational resilience in the financial sector, and the EU AI Act, which introduces comprehensive measures to regulate AI technologies.
 
Join our panel of experts as they delve into practical strategies for compliance
 
Key takeaways:
  • NIS2 Compliance: Understand the critical steps for aligning with the NIS2 directive to enhance the security of network and information systems across multiple sectors.
  • DORA and AI Act Insights: Gain insights into the requirements of the DORA and the EU AI Act, focusing on digital operational resilience in financial services and ethical AI deployment.
  • Future Trends: Explore the future of cybersecurity regulation in the UK and EU, considering the evolving regulatory landscape and emerging technologies.

Jonathan Armstrong, Partner, Punter Southall Law

Declan Burke, CISO, NorthStandard

Rory Alsop, Head of Information Security & Cyber Risk, Tesco Bank

Martin Peters

Detective Superintendent, City of London Police -- NPCC National Cybercrime Programme

Phillip Davies

CISO, Equifax UK

Deepfakes, Real Stakes: Unmasking Cyber Deception in a High-Stakes Tabletop Simulation

It aims to bolster strategic response capabilities and enhance operational readiness against the backdrop of advanced cyberthreats.The focal point of this exercise is a strategically crafted deepfake incident targeting a corporate executive, weaving together elements of social engineering, financial fraud and the challenges posed by emerging technological threats.

This session will cover:

  • Enhanced organizational readiness: To critically assess and improve organizational preparedness in responding to intricate cyber incidents involving deepfake technology and social engineering
  • Interagency collaboration and knowledge exchange: To strengthen the partnership and information sharing between the sponsor and leaders in the private sector cybersecurity community.
  • Strategic response development: To create all-encompassing incident response strategies that cover legal, technical and communicational facets, while also identifying and rectifying weaknesses in existing cybersecurity policies and governance.

Martin Peters, Detective Superintendent, City of London Police – NPCC National

Cybercrime Programme

Phillip Davies, CISO, Equifax UK

Closing Comments

Networking Reception

Don’t miss your chance to attend this dynamic impactful event

#ISMGSummit

@ISMG_News

CPE Credits

ISMG Summits offer Continuing Education Credits. Learn informative and engaging content created specifically for security professionals.

Our Sponsors

Recorded Future logo

Our Partners

CyberTech logo
Women in Cybersecurity logo
Water ISAC logo
Information Systems Security Association International logo
Swiss Cyber Institute logo

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speaker Name

Title, company name

Speakers

Thought Leaders on Stage and Leading Deep Dive Discussions

ISMG Summits bring the foremost thought leaders and educators in the security space to the stage, interactive workshops and networking events. Learn from the “who’s who” in Cybersecurity passionate about the latest tools and technology to defend against threats 

Speakers

Thought Leaders on Stage and Leading Deep Dive Discussions

ISMG Summits bring the foremost thought leaders and educators in the security space to the stage, interactive workshops and networking events. Learn from the “who’s who” in Cybersecurity passionate about the latest tools and technology to defend against threats 

Register

RSVP here to attend our events. You can select for multiple or individual tickets. 

The Summit Experience

Upcoming ISMG Events

Decemebr 5-6, 2024

Virtual IoT/OT Summit

December 10, 2024

State of Identity: Protecting Identities in the Modern Climate

December 10, 2024

Transformez vos Opérations avec l'IA Générative Avancée d'Elastic et Google Cloud Paris

december 12, 2024

Revolutionizing AppSec with Multi-AI Agent Approach

February 11-12, 2025

Virtual Summit: Cybersecurity Implications of AI

Upcoming ISMG Events

Decemebr 5-6, 2024

Virtual IoT/OT Summit

December 10, 2024

State of Identity: Protecting Identities in the Modern Climate

December 10, 2024

Transformez vos Opérations avec l'IA Générative Avancée d'Elastic et Google Cloud Paris