Why do so many cybersecurity and technology transformation programmes fail? Not because of the tools. Not because of the people. But because change isn’t managed properly. Cyber transformation is rarely a technology problem. It’s a change management challenge.

In this high-energy keynote, Gurps Khaira draws a powerful and unexpected parallel between fitness modelling and implementing cyber technologies and large-scale transformation programmes through disciplined, structured change. Just as real physical results aren’t built through crash diets, sustainable cyber change isn’t delivered through one-off training sessions, policies, or awareness campaigns. Lasting transformation comes from clear direction, consistent leadership, structured frameworks, and repeatable routines.

Blending lessons from the gym, global banking, and complex enterprise change programmes, this keynote introduces Gurps’ 4D Delivery Discipline: Decide, Define, Do, Done, a practical approach that helps leaders move from intent to execution, embed new ways of working, and sustain momentum across cyber and technology initiatives. Packed with humour, real-world stories, and practical takeaways, this keynote treats cyber transformation like a training programme, building stronger habits, disciplined execution, and measurable results one rep at a time. Gurps will also surprise attendees with a ready-to-use toolkit of proven tools and templates to help them stay on track, measure progress, and deliver results long after the session ends.

Two centuries ago, Gregor MacGregor convinced people a country existed.

Today, we don’t always need to convince people—we just need to convince systems. A frustrating London Parking Penalty was enough to tip me over the edge. So I turned to my trusted ally… AI. Could it help me out and produce something “official-looking” enough to slip past modern checks and processes? In under 48 hours, I used off‑the‑shelf models and agent workflows to generate credible documentation, a coherent backstory, and the kind of polished digital presence that automated decision-making increasingly treats as legitimate.

In this session, I’ll show how “helpful” AI can be steered into endorsing shaky assumptions, validating questionable credentials, and drafting persuasive (but flawed) arguments.

Then we’ll zoom out from the absurd to the enterprise reality: how the same mechanics enable insider risk, process bypass, and high-impact errors when organisations outsource judgement to AI summaries and automated workflows.

We’re entering the age of the human‑AI hybrid, where trust becomes the primary attack surface. Let’s learn how to secure it.

Key takeaways

- The Helpful-AI Trap: How agentic systems can be nudged to prioritise completion over correctness—and what that means for policy and compliance.

- The Summary Risk: Why AI “executive summaries” can quietly introduce false confidence, flawed logic, and material business decisions.

- Context as a Weapon: How benign content can be reframed by AI to create convincing narratives—against individuals, teams, or organisations.

- Trust Boundary Controls: A practical framework for moving from “don’t click” to “don’t blindly follow,” with guardrails for humans and agents.

Geopolitical volatility, increased digital interconnectivity, more frequent technology related disruptions, and subsequent regulatory focus has now become a boardroom imperative. Declan Burke draws on lived experience to explore how leaders can move beyond traditional technical defence and ‘cyber security’ thinking and reimagine themselves as ‘enterprise resilience’ business leaders; embedding trust, preparedness, and strategic value into their organisations. A must-attend for anyone seeking to elevate their role, emerge stronger after a crisis and help their organisations achieve competitive advantage.

Identity threats now span humans, AI agents, and service accounts. This blueprint covers the four pillars protecting human identities (ISPM, ITDR, IGA, PAM) and how the same principles apply to non-human identities. Discover how unified governance reduces MTTR, improves audit readiness, and transforms identity from compliance checkbox to active defense.

Click here to see the full schedule of streams on offer

Traditional backup is no longer enough; in an era of aggressive ransomware, organisations need rapid recovery and absolute confidence. In this session, Druva explores the critical shift from legacy backup to true cyber resilience. We can demonstrate why on-premise tools struggle to protect modern hybrid environments and how a 100% SaaS, cloud-native approach eliminates hardware complexity while ensuring immutable, air-gapped security. Discover how to unify protection across cloud workloads, SaaS applications like Microsoft 365, endpoints, and data centres- empowering your team to focus less on managing infrastructure and more on delivering clean, rapid recovery when it matters most.

In the race against evolving threats, patching everything is impossible but outpacing risk is not. RBVM helps organisations prioritise vulnerabilities by business impact and exploitability, enabling teams to fix fewer issues while reducing more risk. This session outlines how a modern, risk driven approach delivers faster, clearer, and more meaningful security improvements.

Jake will delve into the darker, more controversial aspects of facial recognition technology, exposing its unsettling potential. He'll unveil cutting-edge glasses capable of real-time identification, allowing you to discover someone's identity with nothing more than a glance. But it doesn't stop there - Jake will also demonstrate how AI can be used to outsmart these systems, revealing how he successfully bypassed a bank’s supposedly secure facial recognition system using nothing but freely available software. For the grand finale, Jake will prove Mission Impossible is now possible by pushing the boundaries even further. He’ll add himself to a high-security watchlist of known suspects - only to walk straight past the system undetected with the use of AI, proving just how vulnerable and exploitable this technology truly is.

Is artificial intelligence the doom-bringer for penetration testers and cybersecurity professionals - automating us out of relevance? Or can it be harnessed, in combination with human intellect and modern tooling, to enhance and elevate security testing rather than replace it? In this session George will explore how AI has evolved and is starting to reshape offensive and defensive security testing, and how we can adapt to ensure that humans remain at the heart of the cyber arms race.

Cyber risk is often assessed with confidence but little clarity. This session examines how unconscious bias, qualitative scoring, and traditional risk matrices distort decision-making and obscure what truly matters to the business. Through practical examples, Jonathan challenges “High/Medium/Low” thinking and introduces pragmatic ways to frame cyber risk in probabilistic and financial terms, enabling clearer prioritisation, more meaningful comparisons, and more effective executive communication.

Exploring the human factor in digital transformation and return on investment, is a key driver for business and employee growth in 2026.

Alexandra will explore:

· Cyber security and technology trends.

· Balancing performance with emotional intelligence: the true edge towards scalability.

· AI automation co-existing with human checks on data quality and trust to ensure due diligence and ethics.

· Strategies organisations can implement to cultivate strategies for resilience and attract next generational talent.

Join cyber security leader Purvi Kay in an engaging fireside chat with Jason Manford.

This promises to be a session not to be missed