Programme

Registration - coffee - networking
Chairs Opening Address & House Keeping

A look back over the first half of 2025 - how attackers are evolving their tactics and techniques

Speaker
Chief Security Advisor
Microsoft
Strengthen cyber resilience, protect data, and prepare for future regulations.

The introduction of the Cyber Security and Resilience Bill to Parliament highlights that, despite the UK's departure from the EU, future regulations will likely follow international standards. The interconnected nature of global cyber threats makes it impractical to deviate from existing frameworks. By aligning with NIS2, DORA, and GDPR, UK organisations can better prepare for upcoming national regulations and enhance protection against cyber risks. This isn't about rewriting the rulebook—business continuity and data resilience remain central to all cybersecurity regulations. That’s why ensuring your organisation has tamper-proof backups and effective disaster recovery capabilities is key to surviving infrastructure and data threats. Join Kim Larsen, CISO at Keepit and seasoned cybersecurity advisor with experience in NATO, the EU, and international corporations, for insights on:

• Data governance

• Regulatory compliance

• Business continuity strategies

Speaker
Kim Larsen,
KeepIT
You are the Weakest Link, Goodbye!

Jen will discuss how to discover the weakest link in your organisations security before attackers do. Using gap analysis, risk assessment and building a dynamic and comprehensive culture of cybersecurity, find out how to identify the weak links and say goodbye to them before it’s too late.

Speaker
Managing Director
Secarma
Why is everyone talking about the C word?

Cybersecurity is not just about technology; it's fundamentally about human behaviour and what we now call Cyber security Culture. This talk will explore the critical role of cyberpsychology and criminology in understanding user behaviour and the motivations of attackers (and those who weaken security posture through insider risk). We'll delve into the impact of common cognitive biases on security decisions and discuss strategies for improving user education and awareness. What's a 2025 talk without including AI? Let's also examine how the rise of Artificial Intelligence (AI) is transforming the cyber security landscape. Discussing the implications of AI-powered automation, the importance of trust and transparency in AI systems, and the emergence of new threats and how these are ultimately affecting cyber security 'culture'.

Speaker
Cyber & Diversity Champion
Threat trends from the Cloudflare Network

In this talk, we will explore the evolving landscape of cybersecurity threats as observed through Cloudflare's extensive network in 2024. Attendees will gain a deep understanding of emerging attack vectors and sector-specific threats, with a particular focus on the alarming year-over-year increase in DDoS attacks. By exploring key trends across Web Application Firewalls (WAF), bot management, threat hunting, and threat events, we will highlight the critical importance of tailored security strategies. Participants will leave equipped with actionable insights and strategies to fortify their defenses against the ever-changing cybersecurity challenges.

Speaker
Threat Intelligence Product Manager
Cloudflare
The hidden costs of your security stack: What should you keep, cut, or combine?

• Learn the art of prioritisation to ensure your team focuses on high-impact activities, protecting critical assets without burning out or overspending

• Explore the hidden costs in your security stack to determine what to keep, cut, or combine for maximum efficiency.

• Boost your defences without breaking the bank: What does it take to stay ahead of attackers and build better lines of defence with limited resources?

Speaker
Director of Technology
SenseOn
Why bother with Security Awareness? Delivering measurable behaviour change

ThinkCyber’s CEO Tim Ward will delve into the reasons for implementing security awareness programs within organisations. Is it purely a matter of compliance or does it serve a deeper purpose of empowering employees to protect sensitive information and themselves?

Tim will explore the fundamental question: why invest in security awareness training? He will examine how to ensure these programs work—focusing on the science behind how people learn and retain security knowledge. By applying behavioural science principles, Tim will discuss how organisations can effectively change employee behaviours, reducing operational risks and enhancing overall security posture.

The session will also address key metrics for success. Tim will explore the importance of measuring not attendance or click rate, but the effectiveness of security awareness efforts. Are you measuring performance or real impact? He will share real-world examples from some of ThinkCyber’s clients to illustrate how to assess the effectiveness of security training and discuss the best practices for ensuring lasting behavioural change.

Speaker
CEO & Co-Founder
ThinkCyber
The Rise of the Clones

Deepfakes are getting easier to make but how can they be used in crime? Are they the next tool in the social engineer’s toolkit? From hacked CCTV to cloned RFID cards and quality deepfakes, Jake will uncover what is currently possible when breaking into a business with a little help from AI. Plus learn what happens when you experiment the spread of misinformation and how it can be used in financial crime.

Speaker
Global Cybersecurity Advisor
Nudging Your Way to a Strong Security Culture

Developing a robust security culture within an organisation is a critical challenge in today's threat landscape. Traditional security awareness programs often struggle to drive lasting behavioural changes. This session explores the power and role of "nudges" – subtle environmental cues and design elements that can positively influence employees' security-related behaviours.

Changing behaviours is a challenging task, changing your organisational culture can be even more difficult. Understanding why social engineering works, or how errors are so frequently made needs a better understanding of oneself. Grounded in the principles of behavioural economics and mindsets, attendees will learn practical strategies to educate, inform, nudge, and ultimately influence the culture of their workforce towards better security practices.

Speaker
Lead Security Awareness Advocate
Knowbe4
Coffee & Networking
Seminar Change Over
Lunch and networking
Chairs Afternoon Address
Speaker
Chief Security Advisor
Microsoft
Hacktivists V2.0

We as an industry have been heavily focused on the ransomware threat. A loud and dramatic threat that commands the attention of security professionals, governments and CEO’s globally but has possibly diverted some of our resources away from another increasingly concerning threat. Hacktivists seem like an old adversary that are the concern only of big banks and extractive industry organisations. This is a dangerous assessment. In this talk we will look at the rapid increase in their number, capability and motivation. Who are they? How do they select targets? How are they funded? Why do they pose a threat to you? What discussions do we need to have in 2025 to combat them?

Speaker
Partner
Red Goat Cyber Security
Bridging the Email Security Gap: Future-Proofing Your Organization for 2025

Discover how to align your security investments with real-world threats. Amir Khan, Head of Sales at Zivver, presents exclusive insights from Zivver’s latest independent research revealing how IT leaders across industries perceive and prioritize email security. Gain a unique perspective on your peers' biggest challenges and plans for ensuring their email security strategies meets compliance and learn what’s driving their focus for 2025 and beyond. Amir shares practical steps to future-proof your organization with a holistic approach to email security.

Speaker
Head of UK&I
Zivver
Frontline stories from IR - A Comprehensive Approach to Threat-Informed Defence

A Kudelski Security Incident Response expert shares stories of what happens behind the scenes while learning tips from someone that sees these attacks happen on the daily.

Speaker
Cyber Security Strategist
Kudelski Security
Living with AI: Relationship Advice for the Future

The talk explored the transformative potential of AI in redefining how humans interact with technology, emphasizing the principle of AI-assisted human progression. Central to the discussion was the recognition that while we often refer to "artificial intelligence," AI is not truly intelligent in the human sense. Instead, it is a combination of advanced machine learning and automation, designed to process data, recognize patterns, and execute tasks at unprecedented speed and scale.

Speaker
Head of Security Architecture Office for Nuclear Regulation
Ransomware: Get Ready or Get Wrecked

Picture this: You arrive at work, coffee in hand, only to find your screen frozen with a ransom note. The message is clear: “Pay up millions, or your data vanishes forever.” It’s not a distant nightmare, it’s happening every day, and in 2025, the risks have never been higher. With growing reliance on technology, widespread cryptocurrency, and tougher economic times, ransomware is thriving. In this session, we’ll uncover the dark history of ransomware, explore the anatomy of an attack, and look at what’s coming next in the threat landscape. Most importantly, you’ll leave with practical tips, tricks, and tools to protect yourself, your team, and your organisation. Because when it comes to ransomware, preparation isn’t optional - it’s survival.

Speaker
World-renowned security expert
Moving Beyond Point-in-Time Security: Adapting to Continuous Compliance across Cyber

In the past, compliance efforts have largely centred around providing a snapshot of security at a specific moment. However, with evolving regulations like DORA, NIS2, CRA and others, this approach is becoming outdated. These new standards demand a more dynamic and continuous view of security.

Speaker
Head of Cyber Security
GBG Plc
Get ready for a new era of hard-hitting security conversations

If raw, thought-provoking conversations about the biggest challenges in global security sounds like your thing, we’ve got something brewing that you won’t want to miss. Join Lisa Forte and Sarah Armstrong-Smith for an exclusive session as they reveal what they've been working on in partnership with CNG.

Speakers
Chief Security Advisor
Microsoft
Partner
Red Goat Cyber Security
Coffee and networking
‘Fire-side chat’ with David Walliams

Join cyber security leaders Sarah Armstrong Smith and Lisa Forte for an engaging fireside chat with renowned author and comedian David Walliams. The session begins with an exciting announcement from our hosts, leading into a lively discussion on creativity, resilience, and leadership.

Concluding with an interactive Q&A, this talk promises to inspire, inform, and entertain. Don’t miss it!

Speaker
Comedian, author, presenter, and actor
Chairs Closing Remarks
Speaker
Chief Security Advisor
Microsoft
Drinks Reception