The new cybersecurity playbook, told by IT Leaders
Explore the latest event agenda below, and check back soon for updates.
Thursday, March 19
Join our host, Georgina Owens, who will open the day by setting the scene for today’s evolving threat landscape, introducing the key themes shaping cyber risk, resilience and leadership, and framing the conversations ahead to turn insight into practical, strategic action.
Geopolitics, accountability, and the resilience-first agenda
As global interdependence deepens, traditional borders no longer define risk. Supply chains, partners, and data flows now form a single, extended attack surface. This keynote explores how leaders can build resilience in a world where prevention alone is not enough,linking geopolitical instability, regulatory accountability, and supply chain exposure into a unified resilience agenda.
Key topics:
• Resilience as the organising principle of modern cyber strategy
• Managing risk across extended and interdependent supply chains
• Embedding accountability and resilience culture at board level
Navigating Overlap: Turning Regulatory Chaos into Coherent Strategy
From NIS2 and TSA to DUAA, CRA, and DORA, 2026 brings an avalanche of regulatory demands. For global organisations, the challenge is not understanding each rule but reconciling them. This panel unpacks how boards and CISOs are aligning competing frameworks, identifying overlaps, and turning compliance into a unified resilience strategy rather than a patchwork of obligations.
Key topics:
• Harmonising global frameworks: NIS2, TSA, DUAA, CRA, and DORA
• Building governance models that work across jurisdictions
• Turning compliance complexity into strategic advantage
*By invitation only
Resilience dominates today’s cyber agenda, from geopolitics and regulation to AI-driven threats and recovery speed. While technology and governance provide the structural backbone, resilience is reinforced by the confidence and capability of the teamsoperatingunder pressure. The question is how intentionally that capability is developed,measuredand sustained.
• How visible is workforce capability within your resilience strategy?
When resilience is reported at board level, how are team readiness and applied capability reflected alongside technology investment and governance metrics?
• What does measurable security readiness actually look like?
Beyond certifications and course completion, how can organisations evidence hands-on capability that stands up under regulatory scrutiny and real-world pressure?
• How do we operationalise continuous capability in a rapidly evolving threat landscape?
As AI-driven threats and regulatory expectations accelerate, how do leaders ensure skill development evolves at the same pace as technology and risk, rather than remaining periodic or reactive?
Cyber threats are now evolving faster than prevention strategies can adapt, especially for the public sector, regulated industries and critical national infrastructure. In this environment, true resilience depends not just on how quickly you can recover, but on how much control you have over the environment you recover into.
This keynote explores why sovereign recovery is becoming a strategic consideration for organisations delivering essential services. As geopolitical dynamics and regulatory expectations grow more complex, your control over the recovery platform directly shapes your ability to restore operations safely, maintain public trust and meet accountability standards.
From war in Europe to US policy, what comes next?
Global instability is redrawing the cyber threatscape. From the continuing impact of the war in Ukraine to the direction of US cyber policy under a new presidency, international events are shaping the risks UK organisations face. This panel explores how leaders can incorporate geopolitical intelligence into cyber strategy, incident response, and resilience planning.
Key topics:
• How war and conflict reshape the cyber threat environment
• The influence of US and allied policy on UK resilience
• Integrating geopolitical intelligence into risk management and continuity planning
*By invitation only
AI driven threats are moving faster than traditional defense models can respond, forcing security leaders to reassess what their organisation’s true risk appetite is. This roundtable is designed for leaders who are responsible for safeguarding critical services and who are now asking a new question: not just can we recover, but can we fully trust the place we recover into?
Through a series of real world “what if” scenarios, we’ll examine how security leaders think about exposure, control and accountability. What if a major incident compromises your primary environments? What if your recovery options depend on foreign jurisdiction? What if regulators expect immediate assurance that you can’t confidently provide?
The discussion will explore how sovereign, UK controlled recovery environments reshape the risk landscape, offering greater control, clearer accountability and reduced operational and geopolitical exposure. Attendees will leave with a more grounded understanding of the decisions, tradeoffs and
safeguards required to build recovery strategies that genuinely match today’s accelerated threat environment.
Breaches are inevitable, but catastrophic disruption is not. This panel examines real-world case studies of organisations that contained cyberattacks before they spiralled out of control. Leaders will uncover hard-won lessons on segmentation, zero trust, and rapid response, and how these principles can be embedded to protect operations.
Key Topics:
• Real-world breach containment lessons
• Minimising operational impact through zero trust and segmentation
• Turning recovery into competitive advantage
In this session by Everpure we move past the ‘if’ and ‘how’ of cyber-attacks to focus on the only metric that matters: Speed of Recovery. Learn why the game has shifted from protecting the gates to ensuring your business is back online before the ransom clock runs out.
• Beyond the Perimeter: Why the shift from “Hacking In” to “Logging In” has made traditional defence obsolete
• The £1.9bn Wake-Up Call: Understanding the true business cost of downtime and why recovery is now a Board-level priority
• Speed as a Weapon: How to move from “weeks” to “hours” and transform your recovery team into an F1 pit crew
• The Unbreakable Foundation: Why immutable data and “clean room” environments are the way to change the ransom dynamics
Artificial intelligence is reshaping both attack and defence. This discussion explores how AI is transforming cyber strategy: from enhancing detection and response to enabling adversarial tactics such as deepfakes and automated intrusions. Leaders will reflect on how to embed AI into resilience planning, workforce models, and decision-making while anticipating its future impact on the cyber landscape.
Key Topics:
• Leveraging AI to strengthen resilience and operations
• Preparing for adversarial AI and automation-driven threats
• Adapting strategy, culture, and workforce to an AI-driven future
OT systems underpin national infrastructure, from power grids to water treatment to transport. With the NCSC emphasising definitive asset records, clear architecture maps, and strong separation between IT and OT, resilience has become non-negotiable.
This panel brings together OT and cyber leaders to examine how to map, defend, and recover critical systems under escalating technical, regulatory, and threat pressures.
Key Topics:
• Applying NCSC guidance: asset inventory, segmentation, and record-keeping
• Mitigating IT–OT convergence risks under regulatory and attacker pressure
• Developing robust recovery and continuity plans for key services
*By invitation only
During this session we will delve into a table top simulated cyber-attack covering:
• The Before – proactive readiness
• The During – the heat of the crisis
• The After – resilient recovery
Scenario
• The Company: Icarus Airways (A mid-sized international carrier)
• The Scenario: Friday, 4:00 PM. Half-term weekend
• The Trigger: A third-party ground-handling app pushes a “critical update.” Ten minutes later, check-in kiosks go dark at Heathrow. By 4:15 PM, the crew scheduling system is encrypted. A ransom note appears on the CTO’s laptop: “We have your passenger manifests and your backups. 500 Bitcoin or Icarus stays grounded.”
Join this session to gain practical, experience-driven insight into what truly happens when a cyber crisis hits at the worst possible moment – and how leadership decisions in the first minutes shape the outcome for days, months, and even years. Through the Icarus Airways simulation, you will sharpen your ability to assess third-party risk exposure, pressure-test your crisis governance model, and evaluate whether your organisation is genuinely prepared to operate without critical systems. You will leave with clearer strategies for executive communication, stakeholder coordination, ransom decision-making, regulatory considerations, and resilient recovery planning. Most importantly, you will walk away with a stronger framework for translating cyber preparedness from policy on paper into decisive, confident action when it matters most.
Cybersecurity budgets continue to rise, yet organisations face increasing pressure to prove measurable value. This keynote explores how leaders can demonstrate clear ROI by linking security investment to business resilience, regulatory confidence, and meaningful risk reduction.
The session also highlights the growing impact of human-risk reduction. From identity hygiene to behavioural analytics and cultural resilience, we’ll examine how investment in people is fast becoming a significant driver of measurable security outcomes and board-level decision-making.
Key Topics:
• Demonstrating ROI from cyber investment
• Aligning security spend with business risk
• Winning board-level support through meaningful metrics
Turning the weakest link into a strength
Supply chain compromise remains one of the most common sources of cyber incidents. With new laws holding boards accountable for third-party resilience, this panel explores strategies for visibility, monitoring, and assurance. Leaders will discuss how to enforce higher standards and build trust across extended ecosystems.
Key Topics:
• Strengthening supply chain visibility and assurance
• Meeting new regulatory demands for vendor resilience
• Ensuring accountability across the extended enterprise
Preparing for adversarial AI and automated attacks
Attackers are already leveraging AI for phishing, deepfakes, and automated intrusions. This keynote explores the emerging threat of adversarial AI, state sponsored omnipotent attacks and looks at how organisations can prepare.Attendees will gain insights into adaptive strategies, resilience planning and the future of AI-driven cyber conflict.
Key topics:
• Understanding the next generation of adversarial AI techniques and volume of attacks
• Securing against Cyber threats at a national level
• Preparing resilience strategies and designing for the AI-driven threatscape
Adapting security to evolving architectures
Cloud is the backbone of digital transformation, yet it remains a complex risk. This keynote examines evolving multi-cloud strategies, regulatory challenges, and new resilience models. Security leaders will learn how to adapt their cloud security approach to stay ahead of threats and business needs.
Key Topics:
• Building resilient multi-cloud security strategies
• Meeting compliance across cloud platforms
• Embedding adaptability into cloud security models
Embedding resilience into AI, IoT, and cloud systems
Emerging technologies are only as strong as the security built into them. This discussion examines how security leaders can drive “secure by design” principles across AI, IoT, and cloud. The panel will explore embedding cyber expertise at the development stage to reduce risk and future-proof digital transformation.
Key Topics:
• Security by design for AI, IoT, and cloud platforms
• Embedding cyber leadership at the innovation stage
• Reducing long-term risk through design principles
UK surveys suggest half of UK cyber professionals are considering leaving their roles due to stress, alert fatigue, and unsustainable workloads. In this candid conversation, leaders share strategies for retaining talent, addressing burnout, and embedding a culture of resilience. Cybersecurity depends on people as much as systems, this session offers human-centred leadership insights.
Key Topics:
• Tackling stress and alert fatigue in security teams
• Building a culture of resilience and recognition
• Ensuring leadership succession and continuity
Cybersecurity is no longer a technical issue, it is a leadership mandate. This final discussion brings together CISOs and board directors to define what effective governance looks like under new regulatory and geopolitical pressures. Attendees will leave with a roadmap for embedding cyber resilience into corporate strategy at the highest level.
Key Topics:
• Redefining governance for resilience-first leadership
• Board accountability and oversight in practice
• Building the next generation of cyber leaders
To close the day, we will shift gears with a thought-provoking cybersecurity game. Over a drink or two, you’ll team up with fellow leaders to test instincts, challenge assumptions, and explore real-world threat scenarios in a relaxed setting.
Can you survive a ransomware attack while underfunding your SOC? Would you cut your CISO to save budget, or invest in phishing training instead? In this hands-on, team-based workshop, participants role-play fictional companies facing realistic cyber dilemmas, starting with a fixed cybersecurity budget to spend on controls, staff, insurance, and awareness.
Think of it like playing monopoly but make it cybersecurity!
It’s a chance to unwind, compare perspectives, and leave the summit with a few new insights.
