CSO Security Summit Agenda

CSO Security Summit Agenda

Thursday, November 27

Thursday, November 27 Morning Keynote Sessions
09:00 - 09:10
Opening Remarks: CSO Security Summit UK
Opening Keynote
09:10 – 09:35
Geopolitical Strife and Rising Global Cybersecurity Threats – What are the Trends from the Attacks Coming into the UK?

The world order is evolving at an unprecedented pace, where the risk landscape can dramatically shift for an organisation due to geopolitics. WEF’s Global Cybersecurity Outlook 2025 revealed that nearly 60% of global organizations believe geopolitical tensions have impacted their cybersecurity strategy. With the risks of state-backed cyber-attacks and those of nationalist hacktivists and opportunistic cybercriminals continues to rise, so does the potential for collateral damage.

This is a challenging time to be a CISO. Corporate security leaders will need to adapt rapidly to these changing circumstances, or risk being exposed by a ruthless new era of geopolitical tension. Join this opening keynote to cut through the noise and hear the latest updates on the current UK cybersecurity landscape, including disruptions and innovations.

A unique opportunity for cybersecurity leaders to gain a valuable perspective on understanding an increasingly critical risk driver.

Speaker
Senior Representative National Cyber Security Centre
Opening Keynote Panel
09:55 – 10:30
Limiting the Blast Radius and Building Resilience – Learnings from Withstanding, Absorbing and Recovering from Real-World Breaches

We all know the theory but what are the learnings from real world breaches, with the appreciation of the complexities that most organisations face?

Hear candid insight and learnings from case studies by CISOs who have withstood attacks, absorbed attacks or recovered from breaches toapply in your own scenarios and see where you might have gaps to learn from.

Speaker
Tom O’Driscoll Head of Security Operations & Intelligence National Highways
Speaker
Marcin Frycz Head of IT Operations and Security Iglu
Speaker
Matt Palmer Director, Jersey Cyber Security Centre Government of Jersey
Speaker
John-Paul Edwards Chief Information Officer Broadstone
10:30 – 11:00
Networking Break
Track 1 – Protecting the Enterprise: Security at the Speed of Business
11:00 – 11:15
Prioritising Protection of Critical Data and Assets from the Quantum Computer Threat to Cryptography
Speaker
Tommy Charles Chief Cryptographer and Distinguished Technologist HP
11:15 – 11:45
Transforming National Resilience – Responding to Complex and Evolving Threats Impacting the UK Critical National Infrastructure Sector

A cyber security powerhouse of professionals from the public and private sectors will share perspectives on mitigating the sophisticated threats targeting critical infrastructure, whose organisations are dedicated to thwarting bad actors, as we face some of the toughest geopolitical challenges in a generation. In a serious incident or in crisis, readiness is everything.

Through hands-on operational experience, the panel will disclose what they are seeing on the front line, how this can affect your organisation and how they work together to defensively protect our national critical infrastructure globally, covering both proactive and reactive measures and how they are rethinking approaches to resilience.

Speaker
Robert Flanders Head of Threat and Incident Response BAE Systems
Speaker
Ffion Flockhart Global Co-Head of Cybersecurity A&O Shearman
Speaker
Nihal Newman Director, Security and Resilience Policy Ofcom
Speaker
Emma Smith Global Chief Information Security Officer Vodafone
12:00 - 12:30
Fireside Chat: Security by Design – Futureproofing Cyber from the Next Wave of Emerging Technologies

From cyber warfare to deepfakes, the security threat landscape is evolving at a rate never seen before, with attacks becoming more enhanced and sophisticated. What is the impact of the rising threat levels and how do we address them? In the race to harness AI’s transformative power, attackers are developing new methods and defenders are adapting their strategies. Join this fireside chat as we evaluate how to strengthen security and navigate the threat landscape from the next wave of emerging technologies.

Speaker
Saj Huq COO Plexal & Member of The National Cyber Advisory Board
Speaker
Andrew Barber Head of Apps and Devices Surrey & Sussex Police
Track 2 – Empowering Cyber Culture in the Age of AI
11:00 - 11:40
How Can We Manage the Security Aspect of Increased AI Adoption and Get Ahead of the Game on the EU AI Act?

As enterprises seek business value from AI and adopt it at pace, how can security teams ensure that their controls and technology keep pace with the rate of adoption? Many in the security sector are asking how we can build safe systems when using this technology. From concerns about sharing sensitive business information with advanced self-learning algorithms to malicious actors using them to significantly enhance attacks – the security risks introduced by AI are considerable.

Join this session to explore the potential these technologies have on radically changing the cybersecurity threat landscape and hear cross-industry perspectives from security heads who are securing their systems that use AI.

Speaker
Farhan Chaudhry Cyber Security, Governance, Risk and Compliance Qatar Airways
Speaker
Dr. Inna Stelmukh Former Exec IT Director - GPO - Commercial/ Global Process Owner: Global / Commercial - Digital- Innovate AkzoNobel
11:55 – 12:15
Keynote Presentation: Cyber Resilience is Not Just a Technology Challenge – Best Practice to Build Resilience Through People and Culture

CISOs play a critical role in shaping a culture of security within an organisation. So, what are best practice strategies to influence and drive secure behaviour and culture across the organisation?

This session will discuss how to position security as a business enabler and explore strategies to influence secure behaviour.

Speaker
Neil Manfred Group IT Director Airswift
12:30 – 13:30
Networking Lunch Break
13:30 – 14:20
Peer-to-Peer CSO Security Roundtable Series

This series of interactive roundtable discussions offers a unique opportunity for security and technology leaders to connect, share insights, and tackle today’s biggest challenges together. Each table will focus on a key theme shaping security, allowing participants to exchange strategies, discuss real-world experiences, and gain fresh perspectives from peers facing similar opportunities and obstacles.

Absorbing a Cyber Attack: How to Limit the Blast Radius

Safeguarding critical services – how do you limit what the attacker can do?

Crisis Averted: Effective Communication Strategies During a Cyber Security Breach

How to maintain transparency, manage stakeholder expectations and preserve organisational reputation during a cyber-attack incident

Recovering from a Cyber Attack: Operational Resilience

Best practice for business continuity during a security crisis

What is the Threat Landscape From the Next Wave of Emerging Technologies?

How to adapt your security strategies to prepare for more enhanced and sophisticated attacks

Fortifying the Weak Links: Best Practice for Managing Supply Chain Security

How to effectively counter risks as supply chains become more globalised

How to Safeguard your Organisation Amidst the Dynamic Landscape of Cloud Computing
Cutting through the cloud complexity to have a foundational approach that’s resilient to ongoing platform changes and novel technologies

How to Secure your Systems That Use AI
How can security teams ensure that their controls and technology keep pace with the rate of AI adoption?

Accelerating the Adoption of AI and Large Language Models (LLMs) to Drive Innovation and Enhance Security

key AI adoption trends, how this technology is being used to detect threats, emerging risks, improve supply chain security and expedite response times

Understanding the Intent and Impact of Upcoming Legislation
Evaluate the European raft of upcoming and implemented laws and what the interpretation is for the UK and our roles/companies?

Quantum Computing vs. Cybersecurity: A Powerful Ally or Looming Threat?

Explore the dual nature of quantum technology, examining its potential to both strengthen and undermine cybersecurity

Measuring, Demonstrating and Communicating Security ROI to the Board

Methodologies for measuring the ROI of cybersecurity initiatives and effectively communicate the value of security investments to tangible business outcomes and risk reduction

TRACK 1
14:30 – 14:50
Fireside Chat: The Evolving Tactics of Supply Chain Attacks and Strategies to Counter Threats for Resilient Global Supply Chains

As a source of many high-profile attacks, securing the vulnerabilities within vendor supply chains is paramount to ensuring resilience.

How do we effectively counter these risks? Join this session to hear how to navigate the risk terrain, improve supply chain visibility, and allow better monitoring, real-time threat detection, and a comprehensive understanding of data flow and potential vulnerabilities.

Speaker
Matt Marciniak Director of Information Security Pharo Management
Speaker
Luke Collinson Head of Cyber Security JLA Group
14:50 – 15:10
Presentation: New Cloud Environments, New Threats – CSO Strategies to Fortify Cloud Defences

How do you take a complex mix of legacy systems, a global pandemic, and the pressures of a major merger, regulatory pressures — and turn them into an opportunity for lasting transformation? In this keynote, one CIO shares strategies that worked: simplifying architecture, hardening security, and creating a singular cloud ecosystem.

Most importantly, he’ll share the story of how he brought the board and fellow executives with him on the journey, building trust and alignment through times of disruption.

Speaker
Rajiv Peter Group Chief Information Officer Notting Hill Genesis
15:10 - 15:30
Presentation: From Chaos to Compliance – Turning Cyber Legislation into Strategic Advantage

For years, infosec has operated with minimal legislative oversight but the landscape is now changing rapidly – where legislation is no longer optional. The UK and EU are rolling out sweeping reforms (e.g., NIS2, CRA, DORA, UK Cyber Security & Resilience Bill) and security functions have to now shift from freedom to framework. Attend this session to hear the pros, the cons and what you should do next!

  • The shift from freedom to framework – what’s coming: a quick legislative rundown
  • The pros – strategic upsides for practitioners: clarity, consistency, impact on the infosec role and career growth
  • The cons – challenges to navigate: Increased complexity, compliance burden and privacy concerns
  • The mindset shift – from resistance to resilience: you can complain about regulation or capitalize on it
  • What next and what you should do now
Speaker
Quentyn Taylor Senior Director – Product, Information Security and Global Incident Response Canon EMEA
TRACK 2
14:20 -14:35
What Good Looks Like in Mastering Risk – How Do you Communicate Security Priorities in a way that Secures Board Buy-In Without Getting Lost in Technical Jargon?

Cyber security is a principal business risk, with maintaining business resilience always a priority for boards regardless of vertical. As such, the Board should be provided effective oversight and assured that the risk is being effectively managed.

This session will explore what the Board is responsible for, how CISOs and their Board can improve their collaboration, and what good looks like in effective governing of cyber security risk. Refine your boardroom narrative and take control of risk before it takes control of you.

Speaker
Mark Nicholls Head of Information Security, Risk & Compliance Ramsay Health Care
14:45 – 15:00
AI and the Cyber Security Workforce of the Future – Bridging the Skills Gap

AI is transforming cybersecurity with threats like adaptive malware and AI-driven phishing. The threat landscape is moving at such an unprecedented pace that even the most well-staffed enterprises are finding it difficult to effectively protect their digital assets.

Organisations must combine advanced defence tools to harden enterprise systems against attack, along with professionals requiring new security skills. Join this session to review security-by-design, how to retain skills talent and support cyber security culture across the business.

Speaker
Robin Smith Chief Information Security Officer Great British Nuclear
15:15 – 15:30
The Invisible Battles of a CISO – Balancing Pressure, Accountability, and Humanity in the Most Demanding Role in Business

Behind every secure organisation is a CISO carrying invisible battles that few ever see. This keynote pulls back the curtain on the lived reality of cybersecurity leaders – the paradox of being invisible in success yet fully accountable in failure, the constant weight of responsibility without full control, and the human cost of operating under unrelenting pressure.

Drawing from 25+ years in global cybersecurity leadership, Jitender Arora shares real stories, lessons learned, and a deeply human perspective on what it means to lead in one of the most high-stakes roles in business today.

But this is not just a story of pressure, accountability, and stress – it’s a story of resilience, purpose, and reframing cybersecurity from a blocker to an enabler of secure growth.

15:30 – 15:45
Navigating Stress & Burnout in Cybersecurity

According to CSO, half of UK cybersecurity professionals could quit in the next 12 months due to burnout. With teams at a breaking point, what is happening to the cybersecurity workforce across the UK?

Join this session as we look at the high levels of alert fatigue, the negative impact of work/life balance, and how leaders are seeking innovative ways to better recognize and address burnout and stress in their teams.

Speaker
Jasmine Eskenzi Co-Founder & CEO The Zensory
15:45 – 16:15
Networking Break
16:15 – 16:40
Closing Keynote: Separating the Signals from the Noise – A To-Do List for 2026

The definitive overview of the latest cyber threats and a look back at what we’ve learned in the last year. If you only go to one cyber security session this year – this is the one!

Speaker
Lisa Ventura MBE Founder Cybersecurity Unity
16:40 – 17:15
Closing Panel: Security ROI – Where Should You be Spending Your Budget?

According to IDC, global cybersecurity spend will grow to nearly $300 billion in 2026. How is spend being allocated and what priorities are security leaders leaning towards?

Join this panel of top security professionals as we navigate the cybersecurity spend landscape, hear how they secure the budget and what their key spending priorities are.

Speaker
Mike Pitman CISO BSI
Speaker
Simon Schofield Head of Security Atradius
17:15 – 17:25
Chair’s Closing Remarks