UK & Ireland CISO Executive Summit

Geopolitical tensions have escalated cyber threats to BAE Systems, particularly within their strategic defense capabilities, crucial for maintaining our way of life and societal values. In her keynote, Mary Haigh (Global CISO, BAE Systems), will explore what needs to be in place to underpin effective cyber security embedded in the way we do business. She argues that CISOs shouldn't start with the technology, they should focus on developing a clear vision and strategy, the governance, transparent reporting, the culture and the strong moral values within our teams. When conditions are optimal, technology, people, and processes synergies to fortify our cyber resilience against growing threats.

Join Mary to discuss:

• Get exec buy—in to a compelling vision and strategy and communicate ad nauseum until people repeat it back to you!
• Spend time building the right team culture
• Use governance and reporting to keep the focus on the right priorities

Join James Frampton, CISO and Managing Director at MUFG Bank, for an interactive session focusing on preparations for a Post-Quantum world. Delve into essential strategies and considerations necessary for readiness in the face of quantum computing advancements. Engage in discussions, share insights, and collaborate on developing robust plans to navigate the challenges of this emerging landscape. You’ll enhance your understanding and preparedness for a post-quantum era.

James will discuss:

• When will Quantum Computing (QC) be commercially available?
• What will happen when this epoch-defining time comes (or has it already happened?) potentially undermining the cryptographic algorithms our organisations' security rely on?
• What activities and planning should CISO’s be planning & doing now?

The complete entanglement of cyber risk with business risk is becoming increasingly visible. CISOs now have an opportunity to better pinpoint third parties that present a threat to the organisation. Yet the increasing complexities of third party, and even fourth party, risk management, prompted by a wide range of evolving threats, demands heightened attention. How can CISOs ensure they have a clear overview of the threat landscape and vulnerabilities across ecosystems and supply chains?

Join this session to discuss:

• Identification of vulnerabilities across your vendor landscape to prioritise response efforts
• Best practices for mitigating a new wave of sophisticated attacks to keep assets safe
• The role threat intelligence plays in risk management strategies to safeguard your digital ecosystem

For many organisations, the question isn't if they'll be attacked, but when and how it will happen. Certain attack types are growing more accessible for a wider variety of attackers, and the risks of distributed work, cloud adoption, and third-party code are impossible to fully contain.

This discussion will focus on strategies security leaders and their teams can use to preserve business operations and protect sensitive data in a world where attacks are inevitable. Specifically, you’ll discuss:

• Understanding your risk profile – what’s your tolerance for downtimes on business-critical systems
• Business continuity management — understanding what is your minimum viable level
• Organisational strategies for strengthening a culture of security

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

CISOs have a unique and valuable skill set that makes them excellent candidates to take on NED roles. Taking on such additional responsibilities can also provide additional growth opportunities and professional network expansion. But what does the role of a NED actually entail? How do you know which potential NED role is right for you? What are the realities of juggling a growing plate of priorities alongside your current workload, and how can you make sure you’re set up for success? Join Elaine Bucknor Strategic Advisor, Non Executive Director and Technology Executive and Claire Davies Partnership CISO, John Lewis Partnership as they have an open conversation about the multiple routes CISOs could take after leaving the hot seat, including considering an NED position.

Specifically, they will discuss:

• Identifying what the role of a NED actually is, and what the role entails
• Elaine's story, decision-making process and criteria around becoming a NED
• Open discussion around the benefits, challenges and shared experiences of NED roles for Security leaders

CISOs recognise the benefits of AI to stay in the innovation race for their organisations. According to Wiz, although 70% of organisations are using cloud-based managed AI services, many are still in the experimentation phase. CISOs must establish a robust governance programme to better support cloud-based AI tools. Ultimately, ensuring a more secure framework to protect assets within the cloud.

Join this session to discuss:

• Use cases to prioritise when getting started with cloud-based managed AI services
• Governance structures which outline AI usage whilst maintaining cloud security
• Policies which ensure data availability, integrity and confidentiality within the cloud

As the attack surface grows, CISOs know they need a holistic view of their security posture to stay safe. Recognised within Gartner’s re-classification of security operations, CISOs must ensure they detect and mitigate third party and internal threats. By adopting a risk-based approach, CISOs can assess cyber maturity, address compliance gaps and ultimately, prioritise how they spend security investment.  

Join this Executive Boardroom to discuss how to:

• Implement a risk-based approach to your SecOps process to better monitor vulnerabilities and remain compliant
• Strengthen your security strategy to prioritise spend and controls to optimise your SOC and maximise security investment
• Work towards continual improvement to defend against future threats across the attack surface and prepare for future regulatory obligations