Accredited event by the

The recent global crisis is causing ripple effects that will have a lasting impact on businesses, increasing the risk of cyber attack. The ‘new normal’ of hybrid business environments is heightening cyber security vulnerabilities, as organisations work to protect assets both in the office and at home. 

Now is the time to re-evaluate security strategies and safeguard your operations. 

The first event of the Cyber Risk and Resilience Series, ‘Understanding and Managing Cyber Risk’, will boost your knowledge of current risks and help determine your systems’ vulnerabilities. Delivering business critical content from a CISO perspective, this event will provide you with the tools you need to identify, assess and test your cyber security.

Understanding & Managing Cyber Risk

Key questions that will be answered:

Mapping your security risk:
In a global interconnected world which are the connections you should be worried about?

Show me the money: Where can you cut costs and find financial efficiencies in your cyber security strategy?

Identity and access Management:
Who should have access to what and when?

Main Focus Areas

Cloud & Network Security including

Identity & Access Management

Endpoint, Mobile Application & Website Security


Key Themes

Data insight & case studies

The event will provide you with in-depth intelligence from across the industry. We aim to provide business critical content arming you with data, statistics and insight that will strengthen your security strategies and operations.

Cyber attack year in review

Cyber attacks are becoming more sophisticated by the day. Learn how to adapt, and therefore protect, your assets in the ‘new normal’ of hybrid working environments.

Changing cyber risks

The event will explore the unique challenges face by businesses today in the ‘new normal’ of hybrid working environments and provide solutions scaled to fit your business size and situation.

Leading experts

This event is designed for CISOs and IT security professionals. Delivering expert advice from the leading voices in the industry, the event aims to cut through the marketing jargon to get to the business critical fundamentals.


*Please note all timings are Greenwich Meantime

**Agenda & speakers are subject to change 

Day 1
October 15, 2020
9:00 am - 9:05 am

Welcome Remarks & Explanation of Features of Digital Platform

To be Confirmed
9:10 am - 9:30 am

Data Download Presentation: The Cyber Security Year In Stats and Facts

Sharon Barber
CISO, Lloyds Banking Group
Mandy Haeburn-Little
CEO, BRIM (Business Resilience International Management)
Mal Smyth
Global Head of Governance Risk & Control, Vodafone

- An update on the latest and most sophisticated attacks including: Mitre, APT, DOS & DDOS
- The growing trend in advanced persistent threats - what you need to know and the numbers behind the most recent attacks
- The latest ransomware and malware developments: Spear phishing and beyond

9:30 am - 10:20 am

360 Viewpoint & Lesson Sharing Panel Discussion: A Review of 2020: What were the biggest attacks, changes in cybersecurity, how did we deal with them and how does it prepare us for the future?

To be Confirmed

Having security protocols, policies, and procedures in place that worked before the pandemic do not mean that those same controls will serve the ever-changing “new normal.” As companies are reopening and personnel and resources are coming back to the office, CISOs are once again challenged to make decisions fuelled by corporate pressures.

- How have attacks changed with a remote workforce? How will this continue to change in the ‘new normal’ hybrid working environment?
- Is the new hybrid remote and office working environment the biggest cyber security risk to face CISOs and IT security professionals?
- How have you hardened your colleague’s home SOC environment? Will this now need to be included in the process of onboarding new hires?
- The Lockdown Rush to Cloud migration: was it worth it and what do you do now to continue to secure your network and cloud?

10:25 am - 10:45 am

Presentation: Network Security - Mapping Your Security Risk: In a Global Interconnected World Which Are the Connections You Should Be Worried About?

To be Confirmed

- 3rd party risk & your suppliers - how can you accurately evaluate the risk your supplier poses to your business?
- How can you incorporate a cyber security framework in their vendor vetting process, and conduct regular vendor risk assessments?
- Working with a small business that does not have an established cyber security infrastructure - how do you assess and mitigate their cyber security risk to you?
- What steps can you take to ensure that all involved parties embrace a sense of shared accountability?

10:50 am - 11:15 am

Presentation: Learning from the Past to Implement Better Organisational Structures in the Future

Amol Sawarkar
Enterprise Architect, International Federation of the Red Cross (IFRC)
11:20 am - 11:45 am

Show Me the Money: Where can you cut costs and find financial efficiencies in your Cyber Security Strategy?

Sarah Armstrong-Smith
Chief Security Advisor, Microsoft

Moving forward CISOs and IT professionals will be put under enormous pressure to reduce costs as a result of the economic crisis. This session will show you how to put forward the business case to not reduce spending on cyber security. And if you are unsuccessful, if you have to cut where should you cut to have the least impact?

11:50 am - 12:30 pm

Pecha Kucha Presentations & Panel Discussion: Cloud Migration: Dos, Don’ts and Lessons Learnt For Rapid and Safe Cloud Migration

To be Confirmed

Due to the pandemic, many IT systems are facing unprecedented workloads. As a result, the cloud-native approach has been rapidly gaining popularity to help meet these sudden demands. Of course, proper security precautions must be built into these emerging cloud-native systems.
- How have you been building principles of cloud-native security into the enterprise?
- What role has zero-trust networking been playing in your cloud security strategy?
- What is your take on DevSecOps and advice for moving to DevSecOps?

12:30 pm - 2:00 pm

Lunch Break

To be Confirmed
2:00 pm - 2:20 pm

Presentation: Identity and Access Management: Who Should Have Access to What and When?

To be Confirmed

- Do you know all of your endpoints and risks? Do you know who has access to them? If not how can you map them more accurately?
- What are the pros and cons of biometric access? Is it worth the investment?
- Meeting insurance standards for access and access management
- How do you update access efficiently with workforce changes?

2:25 pm - 2:45 pm

Presentation: The Cyber Security of Your Customer & You: Website and Application Security

To be Confirmed

- A look at the top 10 attack chains on websites and applications
- Cart Mirroring - How can you discover mirroring early to mitigate the effect of the attack?
- Small business with a lot of website traffic? A look solutions that scale to mirror you and your business

2:50 pm - 3:30 pm

Panel Discussion: Vulnerability handling, Threat-hunting and Threat intelligence for Remote and Hybrid Working Environments

To be Confirmed

- Understanding IOT vulnerabilities and how this are a risk to your business with a remote workforce and hybrid workforce
- How can you react quickly with a hybrid workforce that may not be as easy to communicate to?
- With a hybrid workforce of remote and office workers, is threat modelling worth the ROI?
- Inputting threat-intelligence data into your remote cyber security framework

3:30 pm - 4:00 pm

Afternoon Break

Check out our networking facilities! Chat with speakers and other attendees by going to their profile.

4:00 pm - 4:20 am

Small Business Focused Presentation: Ransomware Protection that Scales with Your Business

To be Confirmed

- What ransomware solutions scale with your business growth and employee number?
- Breaking down the various component solutions to make a bespoke solution for you

4:25 pm - 4:45 pm

Presentation: Understanding Combined Ransomware Attacks: How Mobiles Increase Your Risk to a Combined Attack

To be Confirmed

- What can we learn from the recent Twitter combined hack?
- During lockdown many employers use text messages to update employees, how can you stop the number being cloned and a text sent from an antagonist?
- You can’t test for a combined attack, but how can you test your workforce to check that they are vigilant for a combined attack?

4:50 pm - 5:30 pm

Panel Discussion: So You have Identified, Assessed and Tested to Understand Your Risk: What is next?

Craig McEwen
CISO, AngloAmerican

- How can you prioritise your cyber security efforts to help your reduced team and reduced budget?
- How do you secure the investment to move forward and reduce your cyber security risk?
- How can you demonstrate and justify cyber security ROI to those that hold the purse strings?
- Where do you put your money? Understanding where you can get the most return on investment in your cybersecurity investments

5:30 pm - 5:40 pm

Close of Live Digital Conference & Sessions Uploaded For On Demand Access


CGG Logo

Andy Coles

Chief Information Security Architect, CGG

Nina Paine

Global Head Cyber Stakeholder & Government Engagement, Group CISRO, Standard Chartered Bank

Tamas Foldesi

CISO, International Federation of the Red Cross (IFRC)

Amol Sawarkar

Enterprise Architect, International Federation of the Red Cross (IFRC)

Simon Newman

Head of Cyber & Business Services, Police Crime Prevention Initiatives

Mal Smyth

Global Head of Governance Risk & Control, Vodafone