The new cybersecurity playbook, told by IT Leaders
Explore the latest event agenda below, and check back soon for updates.
Thursday, March 19
Join our host, Georgina Owens, who will open the day by setting the scene for today’s evolving threat landscape, introducing the key themes shaping cyber risk, resilience and leadership, and framing the conversations ahead to turn insight into practical, strategic action.
Geopolitics, accountability, and the resilience-first agenda
As global interdependence deepens, traditional borders no longer define risk. Supply chains, partners, and data flows now form a single, extended attack surface. This keynote explores how leaders can build resilience in a world where prevention alone is not enough,linking geopolitical instability, regulatory accountability, and supply chain exposure into a unified resilience agenda.
Key topics:
• Resilience as the organising principle of modern cyber strategy
• Managing risk across extended and interdependent supply chains
• Embedding accountability and resilience culture at board level
Navigating Overlap: Turning Regulatory Chaos into Coherent Strategy
From NIS2 and TSA to DUAA, CRA, and DORA, 2026 brings an avalanche of regulatory demands. For global organisations, the challenge is not understanding each rule but reconciling them. This panel unpacks how boards and CISOs are aligning competing frameworks, identifying overlaps, and turning compliance into a unified resilience strategy rather than a patchwork of obligations.
Key topics:
• Harmonising global frameworks: NIS2, TSA, DUAA, CRA, and DORA
• Building governance models that work across jurisdictions
• Turning compliance complexity into strategic advantage
From war in Europe to US policy, what comes next?
Global instability is redrawing the cyber threatscape. From the continuing impact of the war in Ukraine to the direction of US cyber policy under a new presidency, international events are shaping the risks UK organisations face. This panel explores how leaders can incorporate geopolitical intelligence into cyber strategy, incident response, and resilience planning.
Key topics:
• How war and conflict reshape the cyber threat environment
• The influence of US and allied policy on UK resilience
• Integrating geopolitical intelligence into risk management and continuity planning
Artificial intelligence is reshaping both attack and defence. This discussion explores how AI is transforming cyber strategy: from enhancing detection and response to enabling adversarial tactics such as deepfakes and automated intrusions. Leaders will reflect on how to embed AI into resilience planning, workforce models, and decision-making while anticipating its future impact on the cyber landscape.
Key Topics:
• Leveraging AI to strengthen resilience and operations
• Preparing for adversarial AI and automation-driven threats
• Adapting strategy, culture, and workforce to an AI-driven future
Breaches are inevitable, but catastrophic disruption is not. This panel examines real-world case studies of organisations that contained cyberattacks before they spiralled out of control. Leaders will uncover hard-won lessons on segmentation, zero trust, and rapid response, and how these principles can be embedded to protect operations.
Key Topics:
• Real-world breach containment lessons
• Minimising operational impact through zero trust and segmentation
• Turning recovery into competitive advantage
OT systems underpin national infrastructure, from power grids to water treatment to transport. With the NCSC emphasising definitive asset records, clear architecture maps, and strong separation between IT and OT, resilience has become non-negotiable.
This panel brings together OT and cyber leaders to examine how to map, defend, and recover critical systems under escalating technical, regulatory, and threat pressures.
Key Topics:
• Applying NCSC guidance: asset inventory, segmentation, and record-keeping
• Mitigating IT–OT convergence risks under regulatory and attacker pressure
• Developing robust recovery and continuity plans for key services
Turning the weakest link into a strength
Supply chain compromise remains one of the most common sources of cyber incidents. With new laws holding boards accountable for third-party resilience, this panel explores strategies for visibility, monitoring, and assurance. Leaders will discuss how to enforce higher standards and build trust across extended ecosystems.
Key Topics:
• Strengthening supply chain visibility and assurance
• Meeting new regulatory demands for vendor resilience
• Ensuring accountability across the extended enterprise
Preparing for adversarial AI and automation
Attackers are already leveraging AI for phishing, deepfakes, and automated intrusions. This keynote explores the emerging threat of adversarial AI and how organisations can defend against it. Attendees will gain insights into detection strategies, resilience planning, and the future of AI-driven cyber conflict.
Key Topics:
• Understanding adversarial AI techniques
• Defending against deepfakes and AI-augmented attacks
• Preparing resilience strategies for an AI-driven threatscape
UK surveys suggest half of UK cyber professionals are considering leaving their roles due to stress, alert fatigue, and unsustainable workloads. In this candid conversation, leaders share strategies for retaining talent, addressing burnout, and embedding a culture of resilience. Cybersecurity depends on people as much as systems, this session offers human-centred leadership insights.
Key Topics:
• Tackling stress and alert fatigue in security teams
• Building a culture of resilience and recognition
• Ensuring leadership succession and continuity
Cybersecurity budgets continue to rise, yet organisations face increasing pressure to prove measurable value. This keynote explores how leaders can demonstrate clear ROI by linking security investment to business resilience, regulatory confidence, and meaningful risk reduction.
The session also highlights the growing impact of human-risk reduction. From identity hygiene to behavioural analytics and cultural resilience, we’ll examine how investment in people is fast becoming a significant driver of measurable security outcomes and board-level decision-making.
Key Topics:
• Demonstrating ROI from cyber investment
• Aligning security spend with business risk
• Winning board-level support through meaningful metrics
Adapting security to evolving architectures
Cloud is the backbone of digital transformation, yet it remains a complex risk. This keynote examines evolving multi-cloud strategies, regulatory challenges, and new resilience models. Security leaders will learn how to adapt their cloud security approach to stay ahead of threats and business needs.
Key Topics:
• Building resilient multi-cloud security strategies
• Meeting compliance across cloud platforms
• Embedding adaptability into cloud security models
Embedding resilience into AI, IoT, and cloud systems
Emerging technologies are only as strong as the security built into them. This discussion examines how security leaders can drive “secure by design” principles across AI, IoT, and cloud. The panel will explore embedding cyber expertise at the development stage to reduce risk and future-proof digital transformation.
Key Topics:
• Security by design for AI, IoT, and cloud platforms
• Embedding cyber leadership at the innovation stage
• Reducing long-term risk through design principles
Cybersecurity is no longer a technical issue, it is a leadership mandate. This final discussion brings together CISOs and board directors to define what effective governance looks like under new regulatory and geopolitical pressures. Attendees will leave with a roadmap for embedding cyber resilience into corporate strategy at the highest level.
Key Topics:
• Redefining governance for resilience-first leadership
• Board accountability and oversight in practice
• Building the next generation of cyber leaders
To close the day, we will shift gears with a thought-provoking cybersecurity game. Over a drink or two, you’ll team up with fellow leaders to test instincts, challenge assumptions, and explore real-world threat scenarios in a relaxed setting.
Can you survive a ransomware attack while underfunding your SOC? Would you cut your CISO to save budget, or invest in phishing training instead? In this hands-on, team-based workshop, participants role-play fictional companies facing realistic cyber dilemmas, starting with a fixed cybersecurity budget to spend on controls, staff, insurance, and awareness.
Think of it like playing monopoly but make it cybersecurity!
It’s a chance to unwind, compare perspectives, and leave the summit with a few new insights.
