The Future of Cybersecurity

CISO Think Tank

February 27, 2024 - London, England

VISIONARIES

Leo Cunningham

CISO

Owkin Inc

Think Tank Speaker

Leo has a successful track record working within different blue-chip companies and industries ranging from Start-ups/Scale-ups, Banking, FinTech, SaaS and eCommerce, providing insight, consultancy and strategy across global remits covering Information Security, Cyber Security, GRC, Auditing, Cloud and a multitude of compliance remits including PCI DSS, SOX and GDPR. At Flo Health, the number one health and wellbeing app. His team protects the data of 250 million users, equating to 300 billion data points. He is currently an advisor to multiple start-ups from the Palta Group. He has been instrumental in leading security efforts within HealthTech and FemTech. In June 2022, Flo Security delivered the industry’s first ISO 27001 certification. Leo is a multi-award winner. A Snyk influencer. A Keynote speaker worldwide and was added to the CISO Platform Top 100

Khadir Fayaz

SVP Digital & Technology

CBRE

Think Tank Speaker

Khadir Fayaz is a progressive Cyber Security Digital Executive Leader with more than 18 years of experience in driving large scale digital security initiatives, cyber resiliency programs and business information security engagements. Delivered successfully global digital security transformational programs with multi-million dollar investments. Transformed security as an enabler and accelerator for the business through frictionless services to meet both compliance & privacy requirements such as PCI DSS and GDPR. Dynamic, metrics-driven leader of international and virtual teams’ adept at integrating people, business processes, and technology assets into effective risk reduction strategies to elevate organizational security posture from external and internal threats. Significantly improved the risk culture and security maturity in some of the world’s largest PropTech, Learning, FMCG, Financial, Manufacturing, Technology Consulting, Hospitality & Travel companies. Built strong customer and business partner relationships, effective teams across the full spectrum of information security services. Hired and developed global talent, and operated truly globally having extensive hands-on experience in Asia Pacific, UK and USA. A highly sought-after speaker who has contributed immensely to the industry through tech start-up mentoring and holding non-executive director roles.

Cornelius Namiluko

Managing Director - Global Co-Head of Security Architecture

Goldman Sachs

Think Tank Speaker

I am an experienced software and systems security engineer with over 15 years experience in various industries including health, consulting and internet services. I am interested in working on challenging software design and implementation problems within the areas of web technologies, mobile computing, big data and general distributed systems. I am proficient in Java, C# and JavaScript (including Node.js) and I can quickly pick up any new technology. I have worked on various implementations of data driven systems that utilise databases such as MySQL, MS SQL Server, MongoDB, Redis and Casandra. My specialities include software architecture design. security analysis, programming, application of agile methodologies and data extraction algorithm design.

Ky Nichol

CEO

Cutover Inc.

Think Tank Speaker

Ky is the CEO of Cutover, he started out in the Space Industry with a physics background, he spent some time working with NASA and more with the European Space Agency on the International Space Station Program. He loved the seamless way teams and technology come together in the Space Industry to do great things! He left that industry to work as a tech consultant in the enterprise, working with the founding team for many years. Following frustrations they saw in managing tech ops/IT operations/SRE in the enterprise, they had a vision for a framework for teams and automation to work together to harness volatile and complex processes to reduce risk, increase productivity and reduce costs - they call this Collaborative Automation. On that basis they founded Cutover which has grown tremendously since its inception in 2015 and is now adopted at many of the world’s largest financial institutions and technology companies.

Fox Ahmed

Global Head of Cybersecurity & Technology and Data Protection Regulatory Risk

BNP Paribas

Think Tank Speaker

Fox Ahmed is the Global Head of Cybersecurity and Technology Regulatory Engagements at BNP Paribas. He has over 25 years’ experience working for Tier 1 banks with global responsibilities. Fox is currently responsible for ensuring the Group has an effective risk based approach in integrating Governance, Compliance and Regulatory requirements into programmes and digital initiatives with focus on Cybersecurity and Technology Risk Management. He is playing a crucial role in supporting the key digital strategies of the Group by enabling the management of risk at the speed and scale required in today’s digital world.

Azeem Aleem

Managing Director (MD) Client Leadership, EMEA

Sygnia

Think Tank Speaker

An experienced information security executive with over 15 years of practitioner experience in cyber defence technologies, security operations, counter threat intelligence, data analytics and behavioural classification of cyber criminal. Within the domain of organisational operations Azeem has an extensive experience in managing P&L, driving operational excellence, change management and process reengineering. Azeem has been at the forefront of architecting cyber resilience capability against Advanced Persistent Threats (APT) for some of the best financial, government and public sector organisations across Europe, the US, Asia and the Middle East. He has worked extensively with the national and international law enforcement agencies around intelligence training, detection and investigation of cyber crime. As a subject matter expert, he has made frequent appearance on regional television and radio programmes as an expert on cyber threats. A published book author and academic criminologist, he has also authored several periodical on advanced security threats in peer reviewed journals and security magazines. He is an eminent plenary conference guest speaker both at the national and international level.

Adam Denyer-Hampton

Director of Solutions Architects, International Markets

SecurityScorecard

Think Tank Speaker

Adam Denyer-Hampton is the head of International Solutions Architects at SecurityScorecard, Developing and expanding Security Ratings. Adam has 16 years of experience in successfully delivering large and complex IT security solutions for major global companies, across Europe and APAC, including the defense and government agencies. Prior to joining SecurityScorecard, Adam held key technical roles at companies such as SafeNet and SourceFire (part of Cisco Systems), where he managed solution deployments and technical consultations/trainings.

Pam Balsam

Snr. Regional Enterprise Account Manager (International)

KnowBe4

Think Tank Speaker

Pam heads up the UK&I Enterprise team, with over six years of expertise in the intricate realms of SaaS, PaaS, RPA and Cybersecurity. With a profound understanding of the ever evolving cyber landscape, Pam has honed her skills to deliver tailored advice that empower organisations to proactively strengthen their human firewall, mitigate risks and foster a culture of security awareness. She excels at demystifying complex technical concepts, making them accessible and understandable to associates from various backgrounds.

February 27, 2024

Agenda

All times United Kingdom Time

8:30 AM-9:00 AM

Registration


9:00 AM-9:30 AM

Morning Networking


9:30 AM-9:40 AM

Opening Remarks


9:40 AM-10:05 AM
Vision Voices Keynote

Darwin & the Accelerationist Machines: AIs Future Paths

Embark on an exploration in "Darwin & the Accelerationist Machines," where we unravel the past and future of Artificial Intelligence (AI) and its transformative role in society. The session delves into the synergy of AI and human consciousness, reviewing George Dyson's insights on the emergence of a conscious mind from today's technology and how it shapes the future of technologies. With a focus on the radical school of Accelerationism, the discussion navigates the far-reaching societal impact of AI, addressing ethical considerations and emphasizing the role of Cybernetics in harnessing its power.


10:10 AM-10:35 AM
Keynote

Tactics Tool and Procedures? Where the rubber meets the road: Learning from a Heavyweight Attack

In recent years, the Sygnia Incident Response Team has handled numerous nation-state attacks that employed unique attack techniques and posed new challenges to security leaders and incident responders.
In this talk we will guide you through the anatomy of a real-world attack we recently responded to, including attacker TTPs and effective response procedures. This case study will highlight the common pitfalls and key opportunities when defending against even the most sophisticated attacks.

In partnership with:

10:35 AM-10:55 AM

Coffee Break


10:55 AM-11:20 AM
Vision Voices Keynote

The Evolving Future of Artificial Intelligence (AI): Opportunities and Challenges Ahead

The potential of Artificial Intelligence (AI) is vast, as it is now being utilized across all industries. With the combination of machine learning, AI has made significant improvements in the field of cybersecurity. Automated security systems, natural language processing, face detection, and automatic threat detection are some examples of how AI is revolutionizing cybersecurity. However, AI is also being used to create intelligent malware and attacks, which can bypass the most up-to-date security protocols, making it a double-edged sword. On the positive side, AI-enabled threat detection systems have the ability to predict new attacks and immediately notify administrators in case of a data breach.


11:25 AM-12:10 PM
Panel

Ransomware and Cyber Readiness

Ransomware attacks are becoming increasingly prevalent and sophisticated, affecting businesses and individuals in all sectors. In 2024, these attacks are expected to continue to grow, resulting in significant financial losses, data theft, and reputational damage. Businesses should implement comprehensive security measures, including regular backups, employee training, and endpoint security, to minimize the risk of a ransomware attack. Additionally, because cyber attacks are unpredictable and complex it's important to have cyber recovery plans in place to orchestrate both teams and technology to minimize the impact of an attack. Businesses must develop recovery plans detailing the tasks to restore systems, manage data integrity, keep stakeholders informed of progress and meet regulatory requirements.
In partnership with:

12:10 PM-1:10 PM

Lunch & Vision Voice


12:50 PM-1:05 PM
Vision Voices

What is Wrong With Security and How to Fix It

Computer systems are complex. Complexity makes it difficult to understand what is going and thus how to secure a system. To deal with complexity, the theory of abstraction is a powerful approach that allows us not only to simplify how to reason about a system, but also forces us to hide unnecessary details. I argue that this is where security starts to go wrong. Abstractions are a double-edged; on one hand helping us to deal with complexity and on another hides crucial information (such as interfaces or vulnerabilities in an underlying system) needed to secure the system. Attackers are constantly exploiting assumptions made in the various layers of abstractions. This is what is wrong with security. To fix this, we should have assumptions, security properties and responsibilities model explicitly defined at every layer of abstraction and tooling to enable validation of these. Developers relying on an underlying system would use that to build their own assumptions while ensuring that the assumptions of underlying components are validated. 


1:10 PM-1:25 PM
Vision Voices

Navigating the Interplay between UK and International Data AI Regulation in the Digital Age

This session explores the intricate relationship of the UK and International regulatory compliance in data protection, privacy concerns, artificial intelligence (AI), and ethical considerations in the contemporary digital landscape. It delves into how organizations and their partners must adhere to UK and International regulations while leveraging AI-driven data insights and upholding ethical standards and individual privacy rights. The discussion will encompass the challenges, strategies, and emerging trends in this complex domain within the context of the UK and the International regulatory landscape.


1:30 PM-1:45 PM
Disruptor

Enhancing the Resilience of Your Organization's Final Barrier: The Human Firewall

In today's digital landscape, social engineering attacks like phishing, Business Email Compromise (BEC), and Ransomware are increasingly prevalent. These cunning tactics rely on manipulating humans to gain unauthorized access to protected systems and sensitive data. As the frequency of such cyber-attacks rises, it is crucial to fortify your organization's last line of defense: the human firewall.

In this session we will look into case studies around:

  • Regular, tailored security awareness training to educate employees about social engineering threats.
  • Foster a reporting culture for prompt identification of suspicious activities.
  • Strengthen password policies and use multi-factor authentication (MFA) to reduce risks.
In partnership with:

1:45 PM-2:05 PM

Networking Break


2:05 PM-2:20 PM
Vision Voices

The Rise of AI: Cyber Innovation & Risk Impact

AI is creating massive transformation impacts across businesses, from healthcare to financial services. The rise of GenAI and advanced AI capabilities poses a significant opportunity to advance organizational cyber maturity. These include automation in vulnerability remediation to predictive threat insights. On the contrary, the acceleration of AI services also poses a significant risk to businesses. In this session, we will explore pragmatic approaches to leveraging AI for cyber innovation while ensuring sufficient guardrails are developed to enable business acceleration using secure AI services.  


2:25 PM-3:10 PM
Panel

Scaling your Third Party Risk Program in the World of Automated Attacks

One of the largest obstacles facing companies today is to “do more with less” in the world of automated attackers. Increasingly we are being asked to reduce risk, increase the scope of coverage and continually protect our organisations from emerging threats. With the introduction of highly targeted automated attacks across multiple industries and countries. As well as governing bodies such as the EU introducing legislation and compliance requirements, which offer severe penalties to those organisations that are not implementing sufficient third party risk programs. This session will discuss how organisations across all industry verticals are implementing automated workflows and using global data sets to protect their organisations from the third party breaches and incidents.

In partnership with:

3:15 PM-3:30 PM
Vision Voices

A CISO Needs to Meet Their Board’s Expectations, Communicate Effectively with Them, and Earn Their Trust. What’s the Best Approach?

The CISO plays a critical role in communicating with the board of an organisation, ensuring that cybersecurity concerns are effectively conveyed and understood. This communication involves presenting comprehensive risk assessments, threat landscapes, and the effectiveness of current security measures. The CISO must articulate complex technical concepts in a business-friendly language, emphasising the potential impact of cyber threats on the organisation's overall strategy and objectives. Additionally, regular updates on cybersecurity initiatives, compliance status, and incident response plans are crucial to maintaining the board's confidence. Successful CISO-board communication enhances the organisation's cyber resilience, aligning security efforts with broader business goals.


3:30 PM-3:50 PM

Networking Break


3:50 PM-4:05 PM
Vision Voices

Creating and Delivering a Security Upgrade Program

Following a significant ransomware attack, a leading biotech giant reevaluated its cybersecurity approach. Rami will discuss the tactical and strategic measures taken post-incident, emphasizing the roadmap for implementation. The focus is on elevating cybersecurity maturity through advanced technologies, fortified defenses, and a holistic strategy. Rami will delve into integrating cybersecurity into the broader business approach, fostering awareness, and collaborative efforts across departments. The session aims to provide insights and guidance for organizations seeking to enhance their cybersecurity resilience in the face of evolving digital threats.


4:10 PM-4:25 PM
Vision Voices

Guarding the Cloud: Navigating the Rising Tide of Cloud Vulnerabilities and Cyber Threats in 2024

Cloud computing services have become a cornerstone of modern business operations, providing organizations with the agility and scalability needed to thrive in the digital age. However, in 2024, the threat of cloud vulnerabilities will continue to grow as more companies adopt cloud services. Cybercriminals are constantly finding new ways to exploit vulnerabilities in cloud infrastructure, which can result in data breaches, unauthorized access, and financial losses. To mitigate the risks of cloud-related security incidents, businesses must prioritize implementing robust security measures such as multi-factor authentication, encryption, and regular penetration testing. Additionally, businesses must develop comprehensive incident response plans that take into account the unique challenges of cloud-based attacks. By taking these steps, businesses can protect themselves and their customers. 


4:25 PM-4:30 PM

Closing Remarks & Raffle Giveaway


4:30 PM-5:30 PM

Cocktail Hour