UK & Ireland CISO Executive Summit

7 September 2021 | Royal Lancaster London

7 September 2021
Royal Lancaster London

REGISTER NOW

Collaborate with your peers

Get together with UK & Ireland's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Creating and maintaining global resiliency

Developing a global security culture

Accelerating security to match the pace of global digital business initiatives

UK & Ireland CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Co-Chairs

Elaine Bucknor

Sky Plc
Group CISO & Group Director Technology

Jared Carstensen

CRH
CISO

Matt Gordon-Smith

Gatwick Airport
CISO

Paula Kershaw

Barclays
Chief Controls Officer, Cyber & Resilience

Ewa Pilat

Willis Towers Watson
Global Chief Information Security Officer

Yolande Young

BP
CISO

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your UK & Ireland CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda


6 September 2021

18:30 - 21:30  Governing Body Welcome Reception

Governing Body Welcome Reception

Hosted by the Governing Body, this welcome reception and dinner is a can’t-miss opportunity to connect with your peers prior to tomorrow’s Executive Summit. Please join your colleagues for an evening of good food, wine, and lively networking.

7 September 2021 - morning

08:00 - 09:00  Registration & Breakfast

09:00 - 09:45  Keynote

Bp’s Cybersecurity Transformation to Support Major Business Change

Yolande Young headshot

Yolande Young

CISO

BP

Bp is undergoing a major business transformation and digital adoption to support their pivot from an international oil company to an integrated energy company, including significant changes to their staff base. From a cybersecurity perspective, this has brought new challenges, including how the organisation needs to combat insider risk, maintain safe and reliable operations in the face of change to people and technology, all with an eye to a volatile geopolitical and regulatory backdrop.

In this keynote you’ll listen to Yolande Young, CISO at bp as she shares how bp’s cyber organisation is continuing to support this transformation whilst protecting the business every step of the way.

Join this session to learn more about:

  • Lessons learned moving towards a hybrid/entirely virtual model
  • Moving digital trust beyond a cyber defence mechanism and towards a business imperative one
  • How to implement agile ways of working and overcoming resistance to change

09:45 - 10:00  Networking Break

10:00 - 10:45  Breakout Session

Actionable Intelligence — Keeping Pace with Relentless Threats

Kevin Jones headshot

Kevin Jones

Group CISO

Airbus

Craig McEwen headshot

Craig McEwen

CISO

AngloAmerican

Helen Rabe headshot

Helen Rabe

Group CSO

Abcam

Efficiently employing actionable threat intelligence is key to staying ahead of the next wave of threats. A fast-moving threat intelligence program that highlights the latest risks can spell the difference between preventing a breach or becoming the next headline. How can CISOs sift through the deluge of information?

Join this session to discuss:

  • How CISOs can pinpoint and leverage actionable threat intelligence
  • How security leaders can use AI and ML to protect their environment
  • Keeping up with the evolving nature of today’s threat landscape

10:00 - 10:45  Executive Boardroom

Simplifying Cloud Shift for Security Operations Teams

Nipun Gupta headshot

Nipun Gupta

Cybersecurity Specialist

Devo

Luke Fairless headshot

Luke Fairless

Director, Technology (Security Program & Capability)

Tesco Plc

Manish Chandela headshot

Manish Chandela

Group CISO

Unipart Group Limited

Security operations teams desperately need a simple way to successfully shift to the cloud. Limited visibility—due to shortcomings of legacy monitoring systems and security analytics tech —handcuffs teams from making this crucial transition.

In striking a balance between risk mitigation and driving innovation, security leaders recognise that moving away from legacy solutions and to the cloud brings an array of benefits and opportunities, including improving cost efficiency, simplifying operational processes, and reducing staff burnout.

Join this boardroom discussion to discuss:

  • What are the common reasons organisations hesitate to move to the cloud? And what could eliminate their hesitation?
  • What can cloud do to enable automation opportunities for both IT and security?
  • How can cloud transformation improve key metrics of *SOC* responsiveness and effectiveness?

10:00 - 10:45  Executive Boardroom

What Does the IAM Strategy of the Future Look Like?

Kaz Bansal headshot

Kaz Bansal

Head of Information Security

Travelopia

Graham Ingram headshot

Graham Ingram

CISO

University of Oxford

Increased connectivity and more devices on the network generally mean more challenges for CISOs who are tasked with protecting them through a comprehensive IAM strategy. This closed-door discussion aims to shed light on to the types of identity-related breaches impacting organisations today, what progress is being made on preventing them and how CISOs can continue to protect their enterprises without interrupting core business operations.  

This boardroom will address:

  • Increasing efficiency through cloud and zero trust strategies
  • Overcoming data protection challenges in a global multifaceted environment
  • Improving user behaviour and activity monitoring efforts

10:45 - 11:15  Networking Break

7 September 2021 - mid-afternoon

11:15 - 12:00  Breakout Session

Realising the Benefits of Cloud — Understanding Threats and Supporting Organisational Journeys

David Calder headshot

David Calder

Chief Product Officer

Adarma

Tim Grieveson headshot

Tim Grieveson

CISO

AVEVA

Phil Knight headshot

Phil Knight

Chief Information Security Officer, 10x Banking

Guest Speaker

Whether you are born in, hybrid or moving to the cloud, ensuring your cloud journey is risk-aware and accelerated amidst a volatile threat landscape is increasingly complex.

In this breakout session, you’ll hear from UK cybersecurity threat management specialists Adarma, 10x Banking and AVEVA as they discuss:

  • The complexity of the cloud threat landscape and risk
  • Critical security controls to manage cloud adoption securely
  • Best practices and insights to consider in your own cloud journey

11:15 - 12:00  Executive Boardroom

Taking a Pragmatic Approach to Autonomous Cybersecurity

Mike Beck headshot

Mike Beck

Global CISO

Darktrace

Martin Sloan headshot

Martin Sloan

Group Security Director

Drax

Craig McEwen headshot

Craig McEwen

CISO

AngloAmerican

Security teams continue to wrestle with a range of external threats affecting customers, employees and supply chains. New AI and autonomous response capabilities can shorten detection times to milliseconds, and takedown times to minutes. But does the secret lie in the technology or in the humans behind it?

This session will explore how autonomous response technology can make investigation, detection, and response swifter and more efficient, tackling key challenges and pain points from real-world examples.

Join this discussion to explore:

  • How autonomous cyber defence can free up valuable time, enabling human security teams to focus on higher-value tasks
  • What a successful application of AI to complex digital landscapes looks like
  • The current role of AI and autonomous response technology in detecting advanced and fast-moving threats

11:15 - 12:00  Executive Boardroom

Taking Control in the Cloud

Benedict Olaoya headshot

Benedict Olaoya

CISO

SGN

Steven Hague headshot

Steven Hague

Sales, Google Cloud Security

Google Cloud Security

Grace Mollison headshot

Grace Mollison

Head of Solutions Architecture, EMEA

Google Cloud Security

Are you challenged with unknown risks from your adoption of cloud services? Concerned with whether your IaaS investments are endangering your security or compliance? Or perhaps you’re just watching your budget disappear seemingly on its own. You are not alone. CISOs have been charged with a delicate balancing act, managing increased productivity and cost benefits within a secure cloud environment.

Join your peers for a discussion around:

  • Incorporating the cloud into a fully articulated security strategy
  • Improving security, visibility and governance in multi-cloud environments
  • Establishing trust while balancing the speed and scale of a modern enterprise

12:00 - 12:10  Break

12:10 - 13:10  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Be sure to opt in when you register online.

12:20 - 13:30  Lunch & Comments

7 September 2021 - afternoon

13:30 - 14:15  Keynote

The Journey to SASE/SSE and Zero Trust

Neil Thacker headshot

Neil Thacker

CISO EMEA

Netskope

Join this keynote discussion as Neil Thacker will speak on his experiences in moving to SASE/SSE and Zero Trust. The session will ask the audience to share their experiences on their own SASE/SSE journey, touching upon the challenges and rewards of redefining cloud, network and data security. 

This keynote aims to shed light into:

  • Implementing edge delivered data-centric security to protect the workforce and data throughout the business
  • Safely enabling cloud services without slowing down productivity
  • How SASE/SSE can help streamline network security and eliminate complexities and inconsistencies

14:15 - 14:30  Networking Break

14:30 - 15:15  Breakout Session

The Importance of Diversity in Information Security

Simon Goldsmith headshot

Simon Goldsmith

Director of Information Security

OVO

Jamaal Brathwaite headshot

Jamaal Brathwaite

Founder, Solidarity in Tech and Founder & CEO, Jobseekrs

Guest Speaker

Diversity comes in many forms, and as cybersecurity criminals become more creative with their methods of attack, CISOs recognise the need for a wide range of skills across their security teams. Diversity comes as a much-needed solution to bridging the gaps in cyber security training. Having people on the team from different backgrounds will bring a variety of viewpoints, meaning teams are more likely to overcome obstacles and resolve issues more efficiently.

Join this discussion to learn how diversity can:

  • Boost problem solving capabilities for cybersecurity teams and shed light into threat mindsets
  • Help affect good security practice and help build a secure by design framework
  • Open the doors to build the future workplace as seen by young generations

14:30 - 15:15  Executive Boardroom

Mitigating Alert Fatigue With Passive Security

Ronnen Brunner headshot

Ronnen Brunner

VP EMEA

ExtraHop

Nick Jones headshot

Nick Jones

CISO

TUI Group

Don Gibson headshot

Don Gibson

Head of Cyber

Department for International Trade

Automation is the obvious solution to avoid overtaxing our security teams, but is it enough? How can CISOs inspire out-of-the-box thinking while designing security strategies that will enhance visibility into their systems?

Come together to discuss:

  • Techniques to track asset inventory, including both managed and unmanaged devices
  • How passive security can increase bandwidth
  • Where to identify gaps and vulnerabilities within the enterprise

14:30 - 15:15  Executive Boardroom

Deepening the Multifaceted Risk-Security Relationship

Mick Ebsworth headshot

Mick Ebsworth

Director Information Security

Co-op

Simon Tong headshot

Simon Tong

Cyber Security Governance Manager

Schlumberger

Reza Salari headshot

Reza Salari

Business Information Security Officer

Pacific Life Re

Added to the list of bona fides for today’s information security leader is a multilingual mandate for speaking the languages of risk. Business risk, legal risk and more all intertwine with an effective security strategy, yet the owners of each area don’t always see eye to eye. Where business units aren’t looking at risk the same way, an opportunity opens for malicious actors.

Join this session to discuss:

  • Successful examples of cross-functional partnerships in risk management
  • Metrics that effectively describe risk within, and outside of, security
  • Tips for leveraging risk discussions to gain support for security

15:15 - 15:45  Networking Break

15:45 - 16:30  Breakout Session

Strengthening the Organisation by Linking Data Governance and Information Security

Douglas Weekes headshot

Douglas Weekes

Group CISO and Head of Data Governance

Sainsbury's

Data governance and security is a crucial exercise when privacy regulation is only becoming more complex and severe. Tightening security controls for sensitive data while also increasing access to other, more valuable types of data is a key challenge on any security information leader’s to do list.

This session aims to explore how CISOs can partner with DPOs, CDOs and the rest of the enterprise to develop data governance strategies that bolster innovation while minimising risk.

Join this session to learn:

  • Benefits of linking data governance with information security
  • Why data governance and information security are inter-related and how to get the most out of the overlap
  • What you, as a CISO, need to do for the data governance team

15:45 - 16:30  Executive Boardroom

Securing the Sprawling Endpoint

Don Gibson headshot

Don Gibson

Head of Cyber

Department for International Trade

Neil Blagden headshot

Neil Blagden

CISO

SSE

Paula Kershaw headshot

Paula Kershaw

Chief Controls Officer, Cyber & Resilience

Barclays

As enterprises increasingly make access to data more fluid and move assets to the cloud endpoint protection has become vital. These shifting perimeters lack clear definition and require new layers of security through endpoint protection.

This session aims to bring together CISOs to share their journeys of endpoint management, including concerns over vendor validation, data and asset visibility as well as success and failure stories. 

Join this discussion to explore:

  • Tactics for monitoring a sprawling attack surface of connective devices
  • Strategies to identify your most vulnerable endpoints
  • How deep learning can offer a multi-layer approach to endpoint security

16:30 - 16:45  Networking Break

16:45 - 17:15  Keynote

Accelerating Security to Match the Pace of Global Digital Business Initiatives

Graham Ingram headshot

Graham Ingram

CISO

University of Oxford

Oxford University is an open, free-thinking, academic institution, normally pre-disposed to slow evolution over long periods of time (800 years so far). Early last year, like most organisations, it needed to transform to digital ways of working whilst coping with an evolution in the threats to seize on COVID-19 themes.

Join this session as Graham Ingram shares his security story, including:

  • The increase in the general risk profile of COVID themed attacks and exploiting colleagues’ sense of uncertainty in their new home working environment
  • The key role the University played in delivering critical COVID life-saving research and ensuring cyber did not become a barrier 
  • Securing research of global importance at a University with an open and collaborative culture and an increasing level of scrutiny

17:30 - 18:15  Closing Reception & Prize Drawing

REGISTER

Returning to in-person conferences


We are excited to welcome you back, in person, to Evanta gatherings.

Evanta, a Gartner company, will only hold in-person programmes in those locations that meet our stringent health and safety criteria to help ensure the well-being of participants, partners and our associates. These criteria include adhering to local government and health agency guidelines, in addition to taking all practical actions on-site.

Please refer to the Location section below (under More Information) for up-to-date local guidelines.

Location


Venue & Accommodation

Royal Lancaster London
MORE INFORMATION

Your Community Partners


Key Partners
Program Partners

UK & Ireland CISO Community Manager


For inquiries related to this event, please reach out to your dedicated program contact.

Luis Arango Abello

Senior Community Manager

+44 (0)1784 267 880

luis.arangoabello@gartner.com