Programme

Registration - coffee - networking
Chairs Opening Address & House Keeping

A look back over the first half of 2025 - how attackers are evolving their tactics and techniques

SIEMless Outcomes - Breaking free from SIEM, the future of AI-driven security operations

Why are traditional SIEMs becoming outdated, and what challenges do they pose for modern security teams? How can AI-driven security operations deliver SIEM-like outcomes without the cost and complexity? What real world examples show how lean security teams are detecting and responding to threats faster with AI?

Supplier Assurance that Works, Lessons from the Field

This session moves beyond theory to explore the practical mechanics of building a scalable and effective third party risk management process.

Drawing from client case studies, regulatory frameworks such as NIS2 and DORA, and behavioural insights from our advisory experience, we will examine:

- How to identify and prioritise suppliers that require closer attention

- How to design assessments that are meaningful without overwhelming suppliers with excessive documentation - What good looks like in posture verification, and how to achieve it

- How to assess the real value of supplier certifications, including what they reveal, what they omit, and when they truly matter

Threat trends from the Cloudflare Network

In this talk, we will explore the evolving landscape of cybersecurity threats as observed through Cloudflare's extensive network in 2024. Attendees will gain a deep understanding of emerging attack vectors and sector-specific threats, with a particular focus on the alarming year-over-year increase in DDoS attacks. By exploring key trends across Web Application Firewalls (WAF), bot management, threat hunting, and threat events, we will highlight the critical importance of tailored security strategies. Participants will leave equipped with actionable insights and strategies to fortify their defenses against the ever-changing cybersecurity challenges.

Cybersecurity Outcomes Unlocked: Doing More with Less through Integration and Automation

In this dynamic 15-minute plenary, Fortinet and a valued customer will explore how organisations can achieve stronger cybersecurity outcomes while optimising resources. The session will highlight real-world strategies for leveraging integration, automation, and orchestration to simplify operations, reduce costs, and enhance threat response. Attendees will gain insights into how to drive efficiency, scalability, and resilience.

Why bother with Security Awareness? Delivering measurable behaviour change

ThinkCyber’s CEO Tim Ward will delve into the reasons for implementing security awareness programs within organisations. Is it purely a matter of compliance or does it serve a deeper purpose of empowering employees to protect sensitive information and themselves?

Tim will explore the fundamental question: why invest in security awareness training? He will examine how to ensure these programs work—focusing on the science behind how people learn and retain security knowledge. By applying behavioural science principles, Tim will discuss how organisations can effectively change employee behaviours, reducing operational risks and enhancing overall security posture.

The session will also address key metrics for success. Tim will explore the importance of measuring not attendance or click rate, but the effectiveness of security awareness efforts. Are you measuring performance or real impact? He will share real-world examples from some of ThinkCyber’s clients to illustrate how to assess the effectiveness of security training and discuss the best practices for ensuring lasting behavioural change.

The Rise of the Clones

Deepfakes are getting easier to make but how can they be used in crime? Are they the next tool in the social engineer’s toolkit? From hacked CCTV to cloned RFID cards and quality deepfakes, Jake will uncover what is currently possible when breaking into a business with a little help from AI. Plus learn what happens when you experiment the spread of misinformation and how it can be used in financial crime.

Nudging Your Way to a Strong Security Culture

Developing a robust security culture within an organisation is a critical challenge in today's threat landscape. Traditional security awareness programs often struggle to drive lasting behavioural changes. This session explores the power and role of "nudges" – subtle environmental cues and design elements that can positively influence employees' security-related behaviours.

Changing behaviours is a challenging task, changing your organisational culture can be even more difficult. Understanding why social engineering works, or how errors are so frequently made needs a better understanding of oneself. Grounded in the principles of behavioural economics and mindsets, attendees will learn practical strategies to educate, inform, nudge, and ultimately influence the culture of their workforce towards better security practices.

Coffee & Networking
Seminar Change Over
Lunch and networking
Chairs Afternoon Address
Keynote: Geoff White

Overview Coming Soon

Bridging the Email Security Gap: Future-Proofing Your Organization for 2025

Discover how to align your security investments with real-world threats. Amir Khan, Head of Sales at Zivver, presents exclusive insights from Zivver’s latest independent research revealing how IT leaders across industries perceive and prioritize email security. Gain a unique perspective on your peers' biggest challenges and plans for ensuring their email security strategies meets compliance and learn what’s driving their focus for 2025 and beyond. Amir shares practical steps to future-proof your organization with a holistic approach to email security.

Frontline stories from IR - A Comprehensive Approach to Threat-Informed Defence

A Kudelski Security Incident Response expert shares stories of what happens behind the scenes while learning tips from someone that sees these attacks happen on the daily.

Living with AI: Relationship Advice for the Future

The talk explored the transformative potential of AI in redefining how humans interact with technology, emphasizing the principle of AI-assisted human progression. Central to the discussion was the recognition that while we often refer to "artificial intelligence," AI is not truly intelligent in the human sense. Instead, it is a combination of advanced machine learning and automation, designed to process data, recognize patterns, and execute tasks at unprecedented speed and scale.

Available slot

TBC

Moving Beyond Point-in-Time Security: Adapting to Continuous Compliance across Cyber

In the past, compliance efforts have largely centred around providing a snapshot of security at a specific moment. However, with evolving regulations like DORA, NIS2, CRA and others, this approach is becoming outdated. These new standards demand a more dynamic and continuous view of security.

Get ready for a new era of hard-hitting security conversations

If raw, thought-provoking conversations about the biggest challenges in global security sounds like your thing, we’ve got something brewing that you won’t want to miss. Join Lisa Forte and Sarah Armstrong-Smith for an exclusive session as they reveal what they've been working on in partnership with CNG.

Coffee and networking
‘Fire-side chat’ with Ross Kemp

This promises to be a session not to be missed

Chairs Closing Remarks
Drinks Reception