CISO UK schedule

•    Insights into the latest threat intelligence from the National Cyber Security Centre and industry reports
•    How attacker tactics are evolving with AI and automation
•    The risks UK boards are still underestimating, and how to communicate them effectively
•    Strengthening Governance, Risk & Compliance (GRC) to align cyber risk with business strategy and regulatory expectations

•    How to deploy AI safely in detection and response
•    Insights into real attacker use of generative AI and deepfakes
•    Exploring governance models for AI in enterprise security

•    How to translate cyber risk into financial impact
•    Insights into what UK boards actually expect from CISOs
•    What makes a CISO credible at executive committee level
Kirsty Kelly, Group Chief Information Security Officer, CFC INTERNATIONAL

•    Exploring real UK breach case studies and leadership lessons
•    How to prepare executives for crisis decision-making
•    What separates resilient organisations from reactive ones

•    Exploring how attackers use generative AI and deepfakes
•    How to adapt detection for AI-driven phishing and fraud
•    What defensive AI actually delivers in real SOC environments

•    How to redesign SOC workflows to reduce noise
•    Insights into detection engineering maturity models
•    Exploring automation without blind spots

•    How to integrate intelligence into board-level risk reporting
•    Insights into collaboration with peers and law enforcement
•    What actionable intelligence actually looks like

•    What UK data protection evolution means for cloud strategy
•    How to manage multi-region storage compliance
•    Exploring encryption and key management governance

•    How to move from checkbox audits to control validation
•    Insights into regulator expectations vs reality
•    What measurable resilience really looks like

•    Building an engineering-first security function: shifting from reactive defence to proactive, product-led security
•    The DevSecOps dial: structuring teams, embedding security into development pipelines, and hiring for the right blend of engineering and security skills
•    GRC as engineering: moving to compliance-as-code and creating a holistic, real-time view of organisational risk and security posture
•    Leveraging AI in security: understanding how attackers are using AI, and how security teams can operationalise it to enhance detection, response, and efficiency
Mike Chilvers, Deputy Chief Information Security Officer, ELANCO

•    Exploring real incidents affecting UK organisations
•    How to protect finance teams and executives
•    What detection controls catch impersonation attacks

•    How to coordinate legal, comms and technical teams
•    Insights into lessons from major breach investigations
•    What to do when containment fails

Dr. Dipesh Hindocha, Chief Medical Information Officer, HCA HEALTHCARE UK

•    How to detect behavioural anomalies ethically
•    Insights into cultural and HR collaboration
•    Exploring privacy vs monitoring trade-offs

•    How adversaries innovate faster than defenders
•    Insights into attacker ROI thinking
•    What defensive teams can learn from them

•    Shifting from technical expert to business risk leader: framing cyber in terms of revenue, operations, and enterprise risk
•    Earning board trust and buy-in: communicating clearly, influencing decisions, and aligning with executive priorities
•    Enabling the business, not blocking it: supporting innovation (AI, cloud, digital) while managing risk pragmatically
•    Owning resilience and accountability: ensuring the organisation can respond, recover, and maintain stakeholder trust
•    The evolving CISO role: from technical leader to strategic business partner
Matt Cockbill, Partner, ODGERS
Johann van Duyn, Global Chief Information Security Officer, DO & CO AG