08:00 -
08:55 -
Welcome by Dr. Simon Moores 
09:00 -
Preventing, detecting and responding to new threats in an evolving technology landscape

Bob Mann, Chief Security Officer, Information Management and Technology, Ofgem
  • Working in partnership with IT Operations – we’re on the same side
  • Security toolbox – defining, agreeing & deploying the right tools
  • Remediation efforts – applying the KISS principle
  • Executive Board – informative reporting
09:20 -
Rethinking your security strategy: fend off cyber attacks with new models, methods and messaging

Neil Thacker, Information Security & Strategy Officer, EMEA, Websense
  • Market dynamics and trends: staying ahead of the cybercrime lifecycle
  • Industry benchmarking: success rates for safeguarding critical data in IT departments and reasons why
  • Taking action: how to identify security blind spots across your organisation
  • Going forward: examples of tactical adjustments to enhance security strategy
09:40 -
 Case study  Does effective Risk Management need to be expensive?

Arnie Bates, Head of Information Security, Scotia Gas Networks
  • Theory and Execution aka Risk Management 101
  • Dealing with Black Swan events: solutions for when risk management models fail
  • Risk management on a budget: maximising limited finance and resources
  • Case study: A practical example
10:00 -
The Data Center of the future

John Stubbs, Worldwide VP Sales - Global Software Channels, Unisys 
  • Proactive security: Reducing attack surface
  • Software defined: increasing infrastructure agility
  • Borderless: enabling organizations to counter the increasing sophistication of cyber-crime in today’s borderless environment
  • Segments assets - diamonds and paperclips: reclassifying data based on need-to-know access
10:20 -
Education Seminar Session 1

Delegates will be able to choose from a range of seminars. Please click here for details.
11:00 -
Networking and refreshments break
11:30 -
A fresh look at phishing - new metrics to measure for proactive brand protection

Ken Takahashi, General Manager, Anti-Phishing Solutions, Return Path
  • Moving from reactive protection to proactive phishing prevention - using email authentication, DMARC and non-owned domain analysis
  • Preparing for emerging phishing threats - understanding the impact of mobile and new gTLDs
  • Protecting customers from malicious attacks sent in your brand's name - the forgotten half of the phishing equation
  • Uncovering the true scale of outbound phishing against brands - empirical analysis comparing existing and next generation reporting models
11:50 -
 Case study  Driving security-aware behaviour: a case study from Vodafone

Luisa Gentile, Security Awareness Transformation Manager, Group Corporate Security, Vodafone 
  • Employees- "biggest problem" or "greatest asset": ensuring that security becomes part of everyday employee behaviour
  • Vodafone's new approach: setting up and managing a security awareness transformation program
  • Looking to the future: successes, challenges and failures in improving security-aware behaviour
  • Worldwide awareness: the international challenges of ensuring security awareness in an organisation with multiple locations
12:10 -
Changing the perception of security from business inhibitor to business enabler

Kurt Hagerman, Director of Information Security, Firehost 
  • Methods for ensuring the information security function is not an afterthought when budgets are determined
  • Tools for successfully educating employees and securing support from top to bottom based on real life examples
  • Working with stakeholders to convince the business that security risks are high and feasible solutions exist
  • Best practices: from ‘the consumerisation of IT’ to ‘the consumerisation of the security function’
12:30 -
Phishing your employees- Lessons learned from phishing over 4 million people

Jim Hansen, Executive Vice President, PhishMe
  • Clicking a malicious link or giving away corporate credentials: employee initiated cyber attacks
  • Phishing techniques: how criminals are using phishing techniques for a variety of scams, sabotage and theft
  • Decreasing risk: how can we change educate staff and change dangerous behaviour?
12:50 -
Education Seminar Session 2

Delegates will be able to choose from a range of seminars. Please click here for details.
13:30 -
Lunch & networking break
14:30 -
 Executive information security and technology risk panel discussion 
  • Nick Truman, Head of Information Security, Balfour Beatty
  • Jim Noakes, Head of Transactional Services, Gala Coral Group
  • Richard Davies, Head of Information Security, QVC UK
  • Naheem Zaman, Director, Head of Application Security Governance, Deutsche Bank
  • Tim Ramsey, Operations Director, Centient Ltd 
14:50 -
Aligning risk and security with the business

Dave Anderson, Senior Director of Marketing, Voltage Security 
  • How information security can finally enable the business and drive value
  • How to effectively mitigate risk without impacting the business
  • How several global enterprises have reduced risk, improved compliance, and grown their business
15:10 -
The early warning system

Rashmi Knowles, Chief Security Architect EMEA, RSA
  • Are current security systems up to the task of thwarting tailored cyber attacks designed to exploit vulnerabilities, disrupt operations and steal valuable information?
  • Beyond signature-match technologies: the need for new practices based on an understanding of the phases of an attack, continuous threat monitoring and rapid attack detection & remediation
  • Rethinking risk management priorities to reflect today’s higher chances of cyber attack and strategies to deal with unknown or unpredictable attacks
15:30 -
Education Seminar Session 3

Delegates will be able to choose from a range of seminars. Please click here for details.
16:10 -
Networking and refreshments break
16:30 -
 The BYOD question  Evolving strategies for an evolving landscape 

Patrick Romain, Head of Information Security Risk, Barclays
  • Overview of the future: what trends are emerging on the BYOD horizon?
  • Dealing with the practicalities: standard controls, segregation, set-up, and education
  • The employer’s perspective on multiple devices: what organisations need to consider
16:50 -
 Cyber risk  What corporate leaders need to know

Wayne Grundy, Managing Director, Cyber Protection Practice, Alvarez and Marsal
  • Organisations and individuals are increasingly being breeched by cyber attack losing customer data and intellectual property
  • The sophistication, scale and frequency of attacks is increasing while companies tend to treat Cyber security as an IT department problem
  • Cyber risk needs to be part of an organisation's business strategy, proactively managed by the board and encompass all aspects of the organisation including interactions with supply chain, customers and partners
  • Processes must be put in place to assess risks, analyse threats, monitor for attacks and deal with breaches
17:10 -
 Case study  Establishing an efficient and effective compliance strategy: how I avoided talking to lawyers!

Tony Hibbert, Chief Information Security Officer/Deputy CIO, Intrum Justitia 
  • Knowing when to work with In House and External lawyers: Ecookies, Data Protection, Banking laws, ISO 27001, SSAE 16, supplier contracts & compliance, model contracts, terms & conditions etc
  • Getting the most out of the relationship: understanding their Ts&Cs, what information can be legally shared, what jurisdiction means, key legal jargon explained, when to get a second opinion and the right questions to ask i.e. how likely is that?
  • How to use a legal opinion regarding compliance in your organisation when responsibility remains with the business
  • Case Study -How facts matter:  How one key fact changed the legal advice regarding new data protection guidelines
17:30 -
Drinks reception
18:15 -
Close of conference