teiss logo
Browse the teissLondon2020 agenda and speakers below.

08:00 Registration and welcome refreshments

Chair’s Opening Remarks

09:00

The Information Commissioner’s Office GDPR investigations and decisions, and expectations in 2020 and beyond

Plenary keynote

  • GDPR investigations and justification behind the decisions on the prominent fines of British Airways and Marriot in 2019
  • What is the current level and nature of GDPR-related complaints being received?
  • What are the ICOs expectations concerning changes in its activity for 2020 and onwards?

by Stephen Eckersley, Director of Investigations, Information Commissioner's Office Show Profile

09:10

Password administration for system owners: The NCSC strategies that can help your organisation remain secure

Plenary keynote

  • Examining and challenging existing corporate password policies, and updating to a modern approach
  • Understanding the decisions to be made when determining password policy
  • Guidance on implementing password policies which support the ways in which people naturally work
09:30

Technology ethics: How can we create and use technologies so that they deliver maximum benefit and pose minimum harm?

Plenary keynote

  • How can ethical frameworks be deployed across a diverse range of stakeholders?
  • The four areas which urgently require our ethical lens: biometrics, big data, data protection and children’s data.
  • Which approaches could be used to better engage ethical frameworks in the deployment and design of emerging technologies

by Dr Stephanie Hare, Author of the forthcoming book "Technology Ethics" Show Profile

09:50

Security and Privacy by design: How can information security leaders ensure their organisations avoid a “bolt-on” approach and minimise risk

Plenary panel discussion

  • Where and why does DevSecOps work, and how can Information Security professionals ensure security is not an afterthought
  • Which legal, policy and operational processes need to be considered when implementing privacy engineering?
  • Evaluating whether your systems fulfil users’ privacy needs

by Dr Stephanie Hare, Author of the forthcoming book "Technology Ethics" Show Profile

by Deborah Haworth, CISO, Penguin Random House UK Show Profile

by Joseph Carson, Chief Security Scientist and Advisory CISO, Thycotic Show Profile

10:10

11:00 Morning refreshments & networking

What metrics do you use to measure the effectiveness of your internal SOC team?

Roundtable discussion

11:30

Enhancing red and blue teaming with Breach and Attack Simulation

Roundtable discussion

by Tim Ager, VP Sales EMEA, Cymulate Show Profile

11:30

How do you plan your cyber incident response exercises?

Roundtable discussion

11:30

Which metrics do you use to measure progress in cultural change?

Roundtable discussion

11:30

How do you identify your information security priorities, and resource a team to match?

Roundtable discussion

11:30

Workshop 1

Interactive workshop

by Immersive Labs Show Profile

11:30

teissPodcast – Information Security Leaders’ Roundtable LIVE

Live podcast recording

by Anna Delaney, Editor in Chief, teiss Show Profile

by Thom Langford, Founder, TL(2) Security Show Profile

12:10

What are your barriers to improving cyber resilience in your organisation, and how do you overcome them?

Roundtable discussion

11:30

Breach notification since GDPR: How have you been dealing with your internal incidents and breaches of data?

Roundtable discussion

11:30

Can you recognise burn-out in your information security team, and what strategies do you have to manage this?

Roundtable discussion

11:30

How do you involve your supply chain partners in assessing their cyber risk?

Roundtable discussion

11:30

How do you detect and manage your internal threats?

Roundtable discussion

11:30

How do you develop your information security staff soft skills to improve retention?

Roundtable discussion

11:30

Roundtables are repeated at 12:10 – 12:50

12:50 Lunch & networking

Chair’s opening remarks

by Paul Taylor, Partner - Cyber Security, KPMG Show Profile

13:50

Quantifiable approaches for measuring the effectiveness of your internal SOC or MSSP

Case study presentation

  • How moving department is a clean-up opportunity
  • How to enhance the SOC operational activities by automation and orchestration
  • How do you get continuous visibility into your vulnerability risk?

 

14:00

Strategies to quantify your organisation’s cyber risk, and making your messages effective at board level

Case study presentation

  • Translating C Suite priorities to your security team
  • Communicating threats and risks upwards to your C Suite
  • Measuring and reporting progress and impact

by Dr Keyun Ruan, Google Cloud Specialist Engineering, Computer Scientist & Author, Google Show Profile

14:20

Identifying the barriers to improving cyber resilience in your organisation, and how to overcome them

Case study presentation

  • What are the challenges between internal organisational structures?
  • How do you access to the right skills and technology?
  • Leading a shift in mindset from SOC to shared duty
14:40

Overcoming CISO Communication issues and the issue of cybersecurity excuses

Case study presentation

 

by Allan Alford, Delivery CISO, NTT Data Services Show Profile

15:00

Chair’s opening remarks

by Jeremy Swinfen Green, Head of Consulting, teiss Show Profile

13:50

Aligning home-life security and company security: Making your people the CISO of their own homes

Case study presentation

  • Instilling the concept that security belongs to everyone in the organisation
  • Focusing on awareness – in work and at home – and beyond
  • Rewarding and recognising colleagues who do the right thing for security

by Sarb Sembhi, CTO & CISO, Virtually Informed Show Profile

14:00

Recognising and overcoming the cognitive biases that undermine your information security training

Case study presentation

  • Does your ‘aggregate bias’ lead you wrongly direct your focus to the wrong individuals?
  • How do successful phishing attackers use known cognitive biases to make colleagues behave illogically?
  • Steps towards identifying and eliminating cognitive bias-driven decision-making

by Bridget Kenyon, Global CISO, Thales eSecurity Show Profile

14:20

The ways that your security awareness programme is failing, and what you should do about it

Panel discussion

  • Should awareness focus on implementing good security related behaviours?
  • The failing of the hacker mentality and “telling people not to do that”
  • Avoid treating awareness as a casual activity

by Lucy Payne, Security Awareness and Engagement Lead, Aviva Show Profile

by Reena Shah, Head of Information Security Culture and Skills, M&G Prudential Show Profile

by Daniela Somerscales, CISO, ClearBank Show Profile

by Dora Ross, Security Awareness & Business Change Professional, Penguin Random House Show Profile

14:40

Chair’s opening remarks

13:50

Using Artificial Intelligence to identify malicious activity within your network

Case study presentation

  • What is the threat from smart malware and botnets?
  • Where is the intersection between AI, cyber security, and human-computer Interaction?
  • How do we ensure security, privacy and transparency in complex and automated systems?
14:00

Artificial Intelligence, Machine Learning and human ingenuity – enhancing your people to combat cyber threats

Case study presentation

  • False positives or ‘innocent anomalies’ are a huge distraction for over-stretched security teams
  • How can a unique AI approach gather context and triangulate threats across the entire digital estate?
  • Automate investigation, reduce false positives and simplify the security stack
14:20

Threats in the supply chain: Balancing your internal and the external requirements and competing risk agendas

Panel discussion

  • Which compliance questions reveal the biggest security risks with 3rd parties?
  • Alternative approaches to identifying risk in the supply chain
  • How to work up and down the supply chain to improve information security

by Holly Grace Williams, Technical Director, Secarma Show Profile

14:40

15:20 Afternoon refreshments & networking

How to create and sustain a high-performance security culture

Case study presentation

  • Is a lack of organisational commitment to proactively prepare and execute effectively the difference between relative success and failure?
  • How is this commitment one of the defining characteristics of a high-performance security culture?
  • Which other characteristics translate into success factors and best practices?

by Dr Dave Chatterjee, World-Renowned Technology Thought Leader and Business Strategist Show Profile

15:50

Empower your people, strengthen your culture and reduce your cyber risk

Keynote presentation

by Dr Jessica Barker, Chair, ClubCISO Show Profile

16:10

Tailoring your security awareness programmes to overcome colleagues’ inbuilt biases

Panel discussion

  • The importance of establishing benchmarks before engaging in any change exercise, both qualitative and quantitative
  • Recognising and reflecting behavioural psychology, cognitive abilities, social attitudes and modern work-environments
  • Definitions and objectives – what do we want the end ‘culture’ to look like, so that we can establish progress against this

by Dr Jessica Barker, Chair, ClubCISO Show Profile

by Dr Dave Chatterjee, World-Renowned Technology Thought Leader and Business Strategist Show Profile

by Marilise de Villiers, High performance coach Show Profile

16:30

High-end, regulatory-driven, red-teaming: What are the techniques and how quickly are they evolving?

Case study presentation

  • How the depth of your security assurance isn’t good enough
  • Developing a programme of red-teaming based upon high-end near nation state grade attacks
  • How fast are high-end compromise techniques evolving?

by Ken Munro, Security writer & pentester Show Profile

15:50

Tackling the insider threat – investing in your investigators and using understandable and enforceable policies

Case study presentation

  • Ensuring evidence-based visibility into user activity to reduce investigation time
  • Making uncovering the intent of the insider your priority
  • Eliminating a mis-allocation of resources when investigating insider threats
16:10

Threat trends in 2020 and beyond; Deep fakes, misinformation and reputational attacks

Panel discussion

  • Meeting the challenge of destructive and disruptive attacks from defence in depth intended to deter intrusive attacks
  • Managing the nuances of a threat management discipline in a risk management culture
  • Changing geo-political context affecting the threat environment for commerce and industry

by Joseph Carson, Chief Security Scientist and Advisory CISO, Thycotic Show Profile

by Eamonn Keane, Head of Cyber Security & Innovation, Scottish Business Resilience Centre Show Profile

by Holly Foxcroft, Neurodiversity consultant Show Profile

16:30

17:20 Drinks reception & networking

08:00 Welcome refreshments & networking

Chair’s opening remarks

by Paul Taylor, Partner - Cyber Security, KPMG Show Profile

09:00

‘How secure are we?’: Bringing together cyber, physical and personnel security to address risk, deliver compliance and benefit from common processes

Case study presentation

  • Increasing overlap between security issues/threats that no longer fit within the silos of physical or information
  • 3rd party suppliers and how their (cyber) risk assessments don’t take physical issues into account
  • Benefiting from common policies, processes and skills

by Peter Gibbons, Chief Security Officer, Network Rail Show Profile

09:10

Password-less authentication: Where is biometric or behavioural authentication deployed, and best-practice in implementation

Case study presentation

  • Can SFA securely replace 2FA and MFA?
  • When should something you have replace something you are or something you know?
  • Best-practice in deploying SFA across whole organisations
09:30

Evaluating and minimising information security risks across multi-Cloud estate

Panel discussion

  • Best practice in identifying, mitigating and managing cloud risks
  • Developing a consistent organisation view of cloud risks to make well-informed decisions about vendors and services
  • Using a risk framework for measuring multi-cloud risk

by Nick Taylor, Cloud Programme Manager, Google Show Profile

09:50

Developing and retaining your cyber security professionals using career road-mapping and skills competency frameworks

Case study presentation

  • Defining your organisation’s expectations for Foundational, Industry-related and Occupation-related competencies
  • Which are the most critical security professional competencies for your organisation?
  • Implementing a Cybersecurity Competency Model and measuring impact

by Bharat Thakrar, CTO, CISO and Cyber Advocate, Learning People Show Profile

09:10

Behavioural economics and calculating the impact of your Information Security policies

Case study presentation

  • How your colleagues make mistakes in processing information and planning for the future
  • How do these mistakes distort the information security learning processes?
  • How do emotions and visceral factors affect colleagues’ actions and their connection between information, learning and choices

by James Watson, Advisor, Fraud & Cyber Security, The Behavioural Insights Team Show Profile

09:30

Recruitment, retention and diversity in information security – energising the talent market

Panel discussion

  • Are some skills sets more transferable than others for cyber security careers?
  • Moving away from a blame culture to retain your best security staff
  • Do we have a misalignment of expectations, rather than a skills shortage?

by Joseph Carson, Chief Security Scientist and Advisory CISO, Thycotic Show Profile

by Ian Thornton-Trump, Head of Cyber Security, AMTrust International Show Profile

by Nicole Keeley, Head of Cyber Security Oversight, Civil Aviation Authority Show Profile

by Holly Foxcroft, Neurodiversity consultant Show Profile

09:50

Chair’s Opening Remarks

09:00

Quantum Computing and the timeline of the threat to your encryption

Case study presentation

  • Being agile when it comes to encryption
  • Quantum key distribution to preserve the integrity and confidentiality of data
  • Post-quantum cryptography for devices, software and networks
09:10

Social engineering and Spear-phishing – using real cases to protect and advise your senior colleagues

Case study presentation

  • What are the social engineering attack vectors and how they are employed by attackers?
  • Why does social engineering work so well as an attack vector and what to look out for when trying to defend against it?
  • Some simple defensive steps you can take to make yourself a less appealing target of social engineering

 

09:30

Using blockchain for information security in identity management and compliance

Panel discussion

  • How can information security specialists engage with this technology?
  • Insight in the adoption opportunities and challenges for the wider business economy
  • Is blockchain technology in itself secure?

by Tim Holmes-Mitra MBE, Co-founder and CTO, Glimpse Protocol Show Profile

by Dr Maria Grazia Vigliotti, Cybersecurity Expert, Author "The Executive Guide to Blockchain" Show Profile

09:50

10:40 Morning refreshments & networking

Product Demonstration 1

Product demonstration

by Code42 Show Profile

11:10

Product Demonstration 2

Product demonstration

by Yubico Show Profile

11:30

Product Demonstration 3

11:50

Workshop 2

Interactive workshop

11:10

Workshop 3

Interactive workshop

11:10

12:10 Lunch & networking

Chair’s Opening Remarks

13:30

Protecting your human resources: Strategies to identify and avoid Information Security professional burn-out during the day-to-day and during a crisis

Plenary panel discussion

  • How to recognise burn out in your team and yourself, and ways in which we can reduce the stress of individuals
  • Building a team culture and values, and how your culture influences honesty and openness
  • Align expectations with vulnerability and remembering the forgotten victims of a data breach

by Deborah Haworth, CISO, Penguin Random House UK Show Profile

by Ian Thornton-Trump, Head of Cyber Security, AMTrust International Show Profile

by Allan Alford, Delivery CISO, NTT Data Services Show Profile

by Paul Watts, CISO, Dominos Pizza Show Profile

by Marilise de Villiers, High performance coach Show Profile

13:40

The InfoSec Leaders’ Legal Briefing: GDPR, Brexit and Data protection changes in global, regional and national jurisdictions

Plenary panel discussion

  • GDPR – Profiling Overview including; Data; Subject; Fundamental Rights
  • Article 22 – Interpretational challenges for sole automated processing
  • What of the future? – identifying risk; working towards more efficient compliance; DPIAs; Privacy by Design and Certification

by Dan Whitehead, Senior Associate, Privacy & Cybersecurity, Hogan Lovells Show Profile

by Joel Harrison, Partner, Milbank Show Profile

by Emma Wright, Partner, Kemp Little Show Profile

by Rocio de la Cruz, Principal Associate: Lead of Privacy Law and Global DP Projects, Gowling WLG Show Profile

14:40

Chair’s closing remarks

15:30

15:40 Conference close

back to top
teiss logo

Copyright © Lyonsdown Ltd. 2018. All rights reserved. TEISS® is a registered trademark of Lyonsdown Limited.