UK & Ireland CISO Executive Summit

16 May 2023 | Royal Lancaster London

16 May 2023
Royal Lancaster London

REGISTER NOW

Collaborate with your peers

Get together with UK & Ireland's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Enhancing the CISO Role as a Business Enabler

Reducing Risk and Embedding Resiliency

Thinking Differently About Empowering Staff and Retaining Talent

UK & Ireland CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Co-Chairs

Imran Ali

Compass Group
Group Chief Information Security & Technology Officer

Jared Carstensen

CRH
CISO

Paula Kershaw

Barclays
Chief Controls Officer, Cyber & Resilience

Sarah Lawson

University College London
CISO

Ewa Pilat

DWS Group
Group CISO

Helen Rabe

BBC
CISO

Yolande Young

bp
CISO

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your UK & Ireland CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda


Breakout Sessions

Reporting Risk Metrics to the Board - Show & Tell

Ransomware attacks and other cyber threats have become a key business risk, and the CISO’s role in reporting this risk to the board remains a critical area of discussion. Risk metrics play a pivotal role in this reporting and the metrics used shape the outcomes of their board interactions. In this interactive session, CISOs from different organisations will present short “board pitches” covering what they report metrics to their boards, followed by an open discussion.

In this conversation, you will hear about:

  • The different types of metrics CISOs use to quantify risk
  • How to reduce complexity to reach successful outcomes
  • Best practices to gain the board’s confidence and boost your profile

Maintaining a Cultural Mindset Change

Companies come with different baggage and mindsets towards cybersecurity. Changing employee’s attitudes in a meaningful way is an ongoing challenge and manifests in different ways across business units. Cyber consistency is key to maintaining a resilient security posture, but one size does not fit all.

Join this session to explore different approaches to making a meaningful cultural change:

  • Understanding the ‘how’ of a meaningful culture change
  • Successfully implementing a DevSecOpps approach
  • Maintaining a robust security culture with a distributed workforce and employee turnover

Carrot or the Stick – Sharing different Consequence Management Frameworks

Organisations’ security awareness budgets are rising as the need threat landscape increases across an increasingly distributed workforce. Yet after an employee has completed their awareness training, what is the appropriate consequence for someone failing to adhere to your cybersecurity policies? Consequence management is a key component in encouraging the correct cyber behaviour and deciding how strict the consequences should be is a complex question. In this panel session, CISOs from different companies will share their Consequence Management Frameworks and followed by a discussion.

Join this session to discuss:

  • Who should have the responsibility to enforce consequences
  • Different approaches to consequence management – what’s been successful
  • Sharing best practices and lessons learned

Advancing Mergers & Acquisitions Integrations with Identity

In today’s competitive environment, an organisation’s ability to execute successful mergers and acquisitions (M&A) has become a key differentiator. Yet the public nature of an M&A increases the potential for ransomware attacks. One’s ability to consolidate identity and access management (IAM) quickly during an M&A process can be a key tool in increasing the agility of an M&A and therefore reducing exposure to attacks. In this fireside chat, we will walk you through a successful M&A, where identity was quickly synchronised, leading to a secure M&A.

Join this fireside chat to discuss:

  • M&A identity tales – best practices and lessons learnt
  • Simplifying joiners, movers and leavers from two organisations
  • Addressing Shadow IT & third-party access during an M&A

Cybersecurity Has a People Problem. Learn How to Solve It

With over 82% of cybersecurity breaches involving the human element, it’s clear current training approaches aren’t working. Traditional methods rely on static tools and outdated certifications to assess workforce cybersecurity capabilities, approaches that create blind spots and vulnerabilities. To combat this lack of visibility, organisations must employ new methods to assess, build, and prove cyber capability and resilience.

Join us to discuss:

  • Measuring and benchmarking cybersecurity capabilities
  • Developing a people-centric cybersecurity culture across roles and responsibilities
  • Implementing dynamic, real-world training and upskilling practices


Executive Boardroom Sessions

Staying Ahead of Cybercriminals as Your Attack Surface Continually Evolves

Technological innovation is a key driver of business growth, yet continuous SDLC, growing software supply chains, and mergers & acquisitions lead to an ever evolving attack surface, and leave you exposed to new opportunities for exploitation. In this boardroom, we’ll discuss security vulnerabilities that need to be considered during business development to ensure CISOs are enablers of secure business growth.

Join this Executive Boardroom to discuss:

  • To what extent have you seen your attack surface evolve and what challenges does it pose for security?
  • How do you pinpoint the most critical flaws in your asset inventory and prioritise what to fix and why?
  • What preemptive approaches can you take to lower your threat exposure across your attack surface?

How CISOs Should Navigate the Challenges of Cyber Risk Reporting to Better Demonstrate ROI


Just how elevated have the cybersecurity stakes become for today’s organisations? As a CISO, communicating what’s at stake, the associated risks and the ROI of security programs is a critical success factor in gaining buy in for your cybersecurity strategies and securing investment. But how can you clearly demonstrate to the board that your investments are paying off, and that your protection levels are increasing? Join this boardroom to discuss:

  • The metrics that will impact key decisions on budget, resources, overall security posture of the organisation
  • Reporting risk to the board in a way that avoids misunderstanding and ‘worst-case scenario’ cyberattack outcomes
  • Demonstrating the ROI of security programs to demonstrate how security investments are paying off



Keynote Session

The Current State of Cybercrime

Geoff White is one of the world’s leading journalists on cybercrime, having covered it for BBC News, Channel 4 News, Sky News and published two books on the subject.

He uses real-world examples and his own investigations to bring home the impact of today’s global hacking industry, and to give insight into how organisations and individuals can protect themselves


REGISTER

We look forward to seeing you at an upcoming in-person gathering


Evanta cares about the health and safety of our community. Please review the following recommendations prior to attending the gathering.

Location


Venue & Accommodation

Royal Lancaster London

A block of rooms has been reserved at the Royal Lancaster London at a reduced conference rate. Reservations should be made online or by calling +44 020 7551 6000. Please mention UK CISO Executive Summit to ensure the appropriate room rate.

Deadline to book using the discounted room rate of £360 GBP (plus tax) is 26 April 2023.

Your Community Partners


Key Partners
Program Partners

Community Programme Manager


For inquiries related to this community, please reach out to your dedicated contact.

Luis Arango Abello

Senior Community Programme Manager

+44 (0)1784 267 880

luis.arangoabello@gartner.com