Agenda

08.00 - 08.50

Breakfast networking & registration

08.50 - 09.00

Chair's welcome

09.00 - 09.20

►Securing GenAI: Our Journey & Lessons Learned

Ali Shepherd, Director of Cyber & Operational Resilience (CISO), FCA

  • Balancing Innovation and Risk
  • Embedding Responsible AI
  • Addressing novel risks and threats
09.20 - 09.40

►How CyberProof and Google Transformed Security Operations with Adaptive MxDR

Matt Baird, Global Head of Customer Engineering, Cyberproof

  • Adaptive MxDR Security: Google and CyberProof deliver agile, cloud-first security with rapid threat detection and integrated multi-SIEM architecture
  • AI-Powered Threat Intel: Google's platform uses AI and threat intelligence to scale detection, with sub-second search and 12-month hot data retention
  • Financial Sector Risks: Rising threats like phishing, AI-driven attacks, and regulatory fines highlight the need for faster, outcome-focused security
09.40 - 10.00

►New Strategies for Exposure Management of Modern Infrastructure

Ian Perry, Head of Sales Engineering, Searchlight Cyber

  • How the traditional perimeter has been dissolved by the realities of cloud adoption
  • The theory of Continuous Threat Exposure Management (CTEM) as a new approach to your cybersecurity
  • How CTEM evolves and realises the lost promise of “Attack Surface Management”
  • Case study examples of exposure management being deployed to prevent exploitation and cyberattacks
     
10.00 - 10.20

►From Threat Landscape to Defence How to Supercharge your Cyber Threat Intelligence Approach

James Kwaan, CIO - GS&S, Lloyds Banking Group

  • What the current threat landscape is based on breaches, data, and the associated risk
  • Diving Deeper - How to practically exploit MITRE tools to help in your defence to meet the threat
  • How to process threat intelligence into MITRE ATT&CK
  • How to deal with insider threat
  • How to predict adversary tactics
  • How to measure your CTI maturity 
10.20 - 11.00

►Education Seminar 1

Delegates will be able to choose from a range of topics:

  • Securing the Flow of Data in the Age of AI, Rich Beckett, Product & Solution Strategy, EMEA, Netskope
  • Banking on the Future: Balancing Tech Innovation with Changing Cybersecurity Regulations, Jake Boniface, Channel Sales Engineer, Rubrik 
  • Not Just Any Breach – Dissecting the Cyber Attacks shaking the UK Market, Simon Fisher CISSP, Senior Cyber Security Consultant, Orange Cyberdefense
11.00 - 11.30

Networking break

11.30 - 11.50

►Cyber Leadership in an era of Dis-Cooperation

William Dixon, Associate Fellow, Royal United Services Institute and Senior Technology Cyber Fellow, The Ukraine Foundation

  • How global trade fragmentation impacts the community
  • How the "America First" Foreign Policy is leading to cyber instability
  • Actions the Cyber C-Suite can take
11.50 - 12.10

►Aggressive Defence: Moving from Detect & Respond to Prevent & Investigate with Identity centric security operations

Rory Shannon, Global VP Engineering, Cyderes

  • As adversary behaviour changes, we must re-orient detection & response into a more pre-emptive function
  • Bringing identity & access management technologies into the threat detection & response process introduces additional friction to the attacker
  • Considering the SecOps technology stack holistically allows us to shift SecOps into a prevent first mindset
12.10 - 12.40

►Inside the Mind of the Adversary: Offensive Innovation and the Future of Cyber Threats

Manit Sahib, Ethical Hacker & Former Head of Penetration Testing & Red Teaming, Bank of England 
Dhruv Bisani, Head of Adversarial Attack Simulations, Starling Bank 
Rob Flanders, Head of Threat and Incident Response, BAE Systems 
Lino Gambella, CTO, Defenx

  • How modern threat actors are using AI, supply chain compromises, and "living-off-the-land" tactics to evade detection and extend their presence
  • What simulated attacks uncover that real-world breaches often miss—and where enterprise defenses most frequently break down
  • From social engineering to credential stuffing and zero-click exploits: the methods adversaries use to slip past perimeter defenses and establish control
  • What hackers see as tomorrow’s easiest targets—quantum-era risks, edge/IoT vulnerabilities, and deepfake-powered social engineering
12.40 - 13.20

►Education Seminar 2

Delegates will be able to choose from a range of topics:

  • AI Is Eating Your SDLC: Why It’s Time to Break Up With SAST (Just a Little), James Fenton, Senior Regional Sales Manager UK, Contrast Security
    & John Wood, Leader, Next-Gen Application Security, Contrast Security
  • Building Secure and Scalable Financial Services: The Isovalent Approach to Cloud Native Transformation, Raymond de Jong, EMEA Field CTO, Isovalent
  • This is Not a Drill - Live Cyber Incident Response Exercise, Peter Lane, Consultancy Director, Cyro Cyber
13.20 - 14.30

Lunch networking break

14.30 - 14.50

►Guarding the Gates You Don’t Control: Third-Party Threats and the Expanding Perimeter

Federico Iaschi, Information Security Director, Starling Bank

  • How do you assess and prioritise cyber risk across your third-party ecosystem?
  • What contractual, technical, or governance mechanisms have proven most effective in enforcing cybersecurity standards among your vendors?
  • With regulators placing increasing focus on third-party risk (e.g., DORA, SEC, OCC guidance), how are you aligning compliance efforts with operational risk management?
  • How do you ensure your organisation is prepared to respond to a cyber incident originating from a key third-party or cloud provider?
14.50 - 15.10

►Safeguarding Your Enterprise: Addressing Human and Insider Risks in Data Loss Prevention

Henry Glynn, Cyber Security Solutions Specialist, Bytes
James Burchell, Sales Engineering Manager, CrowdStrike
Khetan Gajjar, Field CTO, EMEA, Mimecast

  • Addressing both accidental and malicious data loss
  • The importance of managing human risk and insider threats
  • How to enhance user awareness to prevent accidental data loss
  • Securing collaborative platforms to prevent data breaches
  • Ensuring compliance with regulatory requirements to mitigate risks
  • Detecting anomalous user behaviour to identify potential insider threats and prevent malicious data loss
15.10 - 15.50

►Education Seminar 3

Delegates will be able to choose from a range of topics:

  • Complying with PRA Insider Risk Requirements: Focusing on What’s Achievable and Effective, Daniel Velez, GCITP, ITPM, CISSP, Senior Advisor, Insider Risk, Everfox
  • Two sides of the same coin: How DLP and Zero Trust create unified data protection, Damian Acklam, Founder & CEO, Gradian
15.50 - 16.10

Networking break

16.10 - 16.30

►Ransomware in Financial Services: How AI-Driven Ransomware Will Trigger the Next Major Breach

Manit Sahib, Ethical Hacker & Former Head of Penetration Testing & Red Teaming, Bank of England

  • LIVE DEMO - Inside the first AI-powered ransomware attack 
  • Why Financial Services is the perfect target — and how attackers are breaking in more easily than most think
  • First-hand insights from real-world red team ops 
  • Why traditional security fails — compliance checklists and conventional tools don’t stop modern ransomware
  • What CISOs and security leaders must do now 
16.30 - 17.00

►Panel Discussion: The Quantum Threat Timeline: Migration Challenges and Strategic Planning

Adam Avards, Principal for Cyber and Third Party Risk Policy, UK Finance (Moderator) 
William Dixon, Associate Fellow, Royal United Services Institute and Senior Technology Cyber Fellow, The Ukraine Foundation 
Federico Iaschi, Information Security Director, Starling Bank 
Matt Admas, Head of Security Enablement, Citi

  • What is the current state of quantum computing and how soon must financial institutions act to mitigate quantum threats?
  • What are the real-world implications of transitioning to quantum-resistant algorithms?
  • How can organisations build roadmaps that align with regulatory and operational realities?
17.00 - 17.00

Chair's closing remarks

17.00 - 18.00

Drinks reception

Education seminars


AI Is Eating Your SDLC: Why It’s Time to Break Up With SAST (Just a Little)


James Fenton, Senior Regional Sales Manager UK, Contrast Security
John Wood, Leader, Next-Gen Application Security, Contrast Security

In a world where AI accelerates software development and attackers exploit production logic in real time, financial institutions face a widening gap between risk and reality. The traditional AppSec playbook—scan early, scan often, drown in results—no longer scales. In this interactive session, John Wood and James Fenton unpack how Application Detection and Response (ADR) gives financial services a new way to think about application security-one that’s real-time, risk-aligned, and finally developer-friendly. We’ll share stories from the field, bust a few myths about shift-left security, and offer a practical framework for CISOs and architects to rethink where and how they apply controls in an AI-native SDLC.

Attendees will learn:

  • A clearer understanding of what ADR is (and isn’t)
  • Practical guidance for reducing noise, closing legacy gaps, and defending Tier 2/3 apps
  • A security narrative that developers, risk officers, and regulators can finally agree on

Building Secure and Scalable Financial Services: The Isovalent Approach to Cloud Native Transformation


Raymond de Jong, EMEA Field CTO, Isovalent

As financial services accelerate their cloud native adoption, security, compliance, and operational excellence become critical at every stage of the journey. The Isovalent Platform, powered by Cilium and eBPF, delivers a unified approach to networking, security, and observability for Kubernetes environments - enabling financial institutions to reduce risk, increase agility, and meet regulatory demands. This session will outline how the Isovalent Platform supports financial organizations from initial deployment to advanced enterprise microservices, ensuring secure, compliant, and scalable cloud native operations.

Attendees will learn:

  • Establish reliable connectivity and hardened security for Kubernetes clusters, simplifying troubleshooting and operational management from day one
  • Achieve enterprise-grade security and compliance with Zero Trust network segmentation, transparent encryption, forensic insights, and seamless SIEM integration
  • Scale across multi-cloud and hybrid environments, bridging modern Kubernetes workloads with legacy infrastructure while maintaining security, observability and control

Securing the Flow of Data in the Age of AI


Rich Beckett, Product & Solution Strategy, EMEA, Netskope

Sensitive data movement is often seen as a risk, but restricting it outright can create operational and security challenges. In the era of AI, financial institutions need security frameworks that protect data while ensuring agility. This session explores how modern security strategies enable secure data flows that defend against AI risk, adapt to real-time risk signals, and turn security into an enabler for innovation with AI.

Attendees will learn:

  • The importance of anchoring AI adoption in your approach to data governance and risk oversight
  • How to enable data flows without introducing escalating security risks
  • Why security must be adaptive to risk, user behaviour, and AI-driven interactions

This is Not a Drill - Live Cyber Incident Response Exercise


Peter Lane, Consultancy Director, Cyro Cyber

Have you ever wondered whether your incident response plans will hold up when really tested? Let’s find out.

You’ve got the playbooks and the policies… but when a major cyber incident hits, the reality rarely follows the script. In this live scenario exercise, you’ll step into the middle of a cyber incident hitting a financial services organisation. Led by award winning Consultancy Director, Peter Lane.Live and unscripted, Peter will speak with experience as to why each step and activity are so vital, and what the consequences are when there’s a missing piece of the puzzle. Get involved, learn best practice from an industry leader and hear how your peers handle those tough calls. Leave with insight. Leave with confidence. Leave better prepared. 

Attendees will learn:

  • Test your approach and see how others in your shoes would respond in a safe setting
  • Test your instincts under pressure with other cyber leaders facing the same challenges and concerns
  • Explore the blind spots that catch even the most prepared teams off guard

Complying with PRA Insider Risk Requirements: Focusing on What’s Achievable and Effective


Daniel Velez, GCITP, ITPM, CISSP, Senior Advisor, Insider Risk, Everfox

Insider risks, whether caused by negligence, compromise, or malicious intent, are receiving long-overdue attention. Financial firms in the United Kingdom (UK) supervised by the Prudential Regulation Authority (PRA) are now required to implement robust risk strategies and insider risk management systems to strengthen the operational resilience of their most critical business services.

In this session, Insider Risk Advisors will lead a practical discussion designed to help financial organisations align their insider risk strategy with PRA expectations, enabling the ability to defend against, detect, and respond to insider threats effectively. Compliance is more than deploying cybersecurity tools. It requires building a strategic, cross-functional framework that enables continuous improvement in risk posture and resilience.

Attendees will learn:

  • First steps your firm can take toward PRA compliance around the requirements for Operational Resilience
  • How to build a 90-day strategy that balances short-term and long-term objectives
  • Why effective data collection and incident reporting can deliver unexpected business value

Banking on the Future: Balancing Tech Innovation with Changing Cybersecurity Regulations


Richard Cassidy, EMEA CISO, Rubrik

Financial institutions are caught between adopting tech innovation and complying with strict regulations in the dynamic world of cybersecurity. Governments are pushing banks to enhance resilience, emphasising the non-negotiable need for uninterrupted transactions. With the added challenge of managing vast amounts of data and technology, the crucial question is: how can banks kickstart a resilience framework that smoothly aligns with regulatory demands?This presentation will explore the delicate balance between technology-driven innovation and compliance with ever-changing regulations.

Attendees will learn:

•    Compliance nuances in EU regulations, emphasising cross-border operations and organisational adjustment
•    Best practices for leveraging AI while maintaining ethical standards and regulatory compliance
•    Balancing the three-pronged approach: tech adoption, compliance alignment, and fostering resilience in the financial sector


Not Just Any Breach – Dissecting the Cyber Attacks shaking the UK Market


Simon Fisher CISSP, Senior Cyber Security Consultant, Orange Cyberdefense

Recent high-profile cyber breaches across the UK have sent shockwaves through industries, leaving many organisations scrambling to assess their vulnerabilities. These aren’t just isolated incidents- they represent a growing pattern of social networking attacks followed up with sophisticated software.

One common misconception is that all breaches stem from complex, impenetrable hacking techniques. In reality, many attacks leverage surprisingly simple methods such as social engineering, phishing, credential stuffing, or exploiting unpatched software. Human error remains a dominant factor, highlighting the need for ongoing employee awareness, supplier management and oversight and proactive threat detection. Taking a closer look at how these breaches occurred reveals a recurring set of tactics, perhaps more important than the breach itself is how organisations respond. The contrast underscores the need for well-rehearsed response playbooks, cyber resilience strategies, and continuous improvement based on lessons learned. So, what can we take away from this cyber onslaught? First, prevention is no longer enough - detection and rapid response are critical. Second, collaboration matters: sharing information within and across industries strengthens our collective defence. Lastly, every organisation, regardless of size or sector, must assume they could be a target and prepare accordingly. 

That’s where Orange Cyberdefense steps in. They combine cutting-edge threat intelligence, expert consulting, and managed detection and response services to help organisations stay ahead of evolving threats. Orange Cyberdefense supports businesses throughout the entire threat lifecycle- helping them build resilience, respond swiftly, and recover stronger. Cybersecurity isn’t just an IT issue. It’s a business imperative- and in today’s environment, complacency is the true vulnerability.

Attendees will learn:

  • Diving into the recent UK breaches – and dispelling the myths along the way
  • How was it done? Cyber-attack breakdown
  • How effective were the responses from those effected and what can we all learn from these

Two sides of the same coin: How DLP and Zero Trust create unified data protection


Damian Acklam, Founder & CEO, Gradian

Data Loss Prevention Programmes and Zero Trust Frameworks are essential initiatives of your organisation’s modern cybersecurity strategy. Each embraces the fundamental need to successfully protect organisational data in an increasingly complex threat landscape. It is estimated that 35% of DLP Gen 1 implementations have failed due to them creating 'too much noise', meanwhile Zero Trust is (in some respects) considered 'revolutionary' to help drive user productivity in the face of changing mobility patterns. The modern enterprise now faces two challenges - how to protect your data whilst simultaneously enabling access to it!

Attendees will learn:

  • How are DLP and Zero Trust are two sides of the same coin
  • How ‘tooling first’ conversations are a hindrance rather than a help
  • How 'time' is your friend when it comes to being successful - the programmatic approach wins!
  • Why strong policy creation and ongoing policy management are so important
  • The only 3 outcomes that you should care about to define success