Agenda


R3: Resilience, Response, Recovery Summit 2019

R3: Resilience, Response & Recovery Summit 2019 features 20 different sessions across 2 distinctive streams.
Browse the 2019 full agenda and speakers below

08:00 – 09:00: Registration & welcome refreshments

Cyber resiliency by design: Prepare, absorb, recover, adapt

Keynote

  • Creating a response plan that minimises confusion and stress without deviating from habitual actions
  • Developing a positive security culture that helps increase early detection
  • Incident Response plans are not perfect. Communication is crucial during an incident
  • Resilience v Robustness – adapting in a changing environment

by A Senior Representative (confirmed), NCSC Show Profile

09:10

The human in Cyber Resilience: How dysfunctional behaviour during response and recovery can be avoided so that your organisation emerges on the other side stronger and more competitive

Keynote

  • Organisational Resilience, as defined within the business and management literature is a business outcome as opposed to a process, management system, strategy or static characteristic.
  • It arises through a complex interplay of factors, the presence, importance and contribution of which change in response to the threats posed by the external environment and the inherent vulnerabilities of the organisation.
  • Unlike most business outcomes, such as increasing profit, improving customer service and reducing carbon emissions, organisational resilience can only be observed and measured when the organisation is responding to and recovering from stress.
  • Whilst many factors are involved, the role of people, and their actions, cannot be overstated.  People, especially groups of people in institutionalised settings, are affected by stress in some quite unusual ways.

by Dr. Sandra Bell, Head of Resilience Consulting, Sungard Availability Services Show Profile

09:30

Emerging practice in developing and implementing an operational resilience framework

Panel discussion

  • How have organisations addressed the challenge for improving organisational resilience to keep pace with the emerging threat and regulatory expectations?
  • Approaches, opportunities and challenges to developing and implementing an operational resilience framework
  • What metrics or indicators could be used to assess and compare operational resilience?
  • What are the practical challenges related to improving operational resilience in the information supply chain?

by Nic Devine, Global Head of Operational Resilience, Deutsche Bank Show Profile

by Barrie Millett, Head of Operational Resilience, Wesleyan Show Profile

by Robin Jones, Head of Technology, Resilience and Cyber, Financial Conduct Authority Show Profile

10:00

10:40 – 11:10: Morning refreshments & network

How do you use Next Generation technology in your Incident Response planning?

Roundtable 1

  • How do you balance technology and your human resource in Incident Response?
  • Can you rely solely on technology to give you the answers you need?
  • Do you see potential in AI to drive efficiencies and time to recovery?
  • How can you use your Incident Response planning for more than data breaches?

by Kevin McMahon, CEO, CYJAX Show Profile

11:10

What metrics or indicators do you use to assess operational resilience?

Roundtable 2

by Charlotte Davis, Head of Organisational Resilience, Bupa Group Show Profile

11:10

How do you involve your supply chain partners in your operational resilience testing?

Roundtable 4

by Chris Kelly, Global Head of Business Resilience, Standard Life Aberdeen Show Profile

11:10

Breach notification since GDPR: How have you been dealing with your internal incidents and breaches of data?

Roundtable 8

by Rocio de la Cruz, Principal Associate, Gowling WLG Show Profile

11:10

How do you train your security teams to develop personal resiliency?

Roundtable 10

by Bharat Thakrar, Chief Technology Officer and Cyber Advocate, Learning People Show Profile

11:10

How to detect and manage internal threats

Roundtable 12

by Jeremy Swinfen Green, Head of Consulting, teiss Show Profile

11:10

The data breach vs. the ethics breach: How to prepare for both

Roundtable 3

  • Break down the difference between a data breach and an “ethics breach”
  • Hear key insights from recent data breaches and learn how to avoid these mishaps
  • Gain an incident and breach toolkit to prepare your organisation ahead of a breach

by Vipul Asher, Privacy Consultant, OneTrust Show Profile

11:10

How successful is your recovery plan in a cyber attack?

Roundtable 5

  • Why cyber attacks are likely to be the Achilles heel of your recovery strategy?
  • Why existing and traditional DR systems will never be enough today?
  • How robust and agile is your Resiliency strategy in a hybrid multicloud world?
  • How can you sidestep cyber attacks and function under duress?
  • What regulatory mandates does cyber resilience help you comply with?

by Richard Hamilton, Cloud and Cyber Resiliency, Resiliency Orchestration SaaS, IBM Resiliency Services Show Profile

by Douglas Pattie, IT & Cloud Business Specialist, IBM Resiliency Services Show Profile

11:10

How to reduce your attack surface with data sanitization

Roundtable 7

  • How does unnecessary data storage increase costs and information risk?
  • How can I ensure data security when I migrate data to the cloud?
  • How can I destroy data safely and prove to regulators and other stakeholders that I have done so?
  • How can I manage IT assets so that when they are reassigned internally or sold to third parties the data on them is deleted?

by Fredrik Forslund, Vice President, Enterprise & Cloud Erasure Solutions, Blancco Show Profile

11:10

How do you plan your cyber incident response exercises?

Roundtable 6

by Mark Chaplin, Principal, Information Security Forum Show Profile

11:10

12:40 – 13:40: Lunch & Network

Are you prepared enough to survive a cyber attack?

Case study

  • Digital transformation is enabling disruptive business models to provide improved customer experience and better business outcomes.
  • Hybrid multicloud adoption is the key pillar enabling this digital transformation.
  • The risk landscape in such a complex world is dramatically changing and cyber attacks are now no longer a question of ‘if’, but ‘when’.
  • Organisations must build cyber resilience early into their digital and cloud transformation strategy. It’s time to re-evaluate your traditional disaster recovery programs.

by Richard Hamilton, Cloud and Cyber Resiliency, Resiliency Orchestration SaaS, IBM Resiliency Services Show Profile

13:50

The evolution of cyber risk management and how to engage with the board

Case study

  • The 4th industrial revolution, driving technology and data consumption, driving cyber security.
  • Supporting the board understand cyber as a complex enterprise wide risk.
  • The role of the board in securing the balance sheet and the role of cyber risk management.
  • What the board should know and how to report cyber risk effectively.

by Andy Watkin-Child, Chartered Security Professional Show Profile

14:10

What are the barriers to improving cyber resilience in organisations and business, and how to overcome them

Panel discussion

  • Challenges between internal organisational structures
  • Access to the right skills and technology
  • Poor visibility of entry points to detect a breach in real time
  • Shift in mindset from SOC to shared duty

by Ian Burgess, Head of Cyber Policy, UK Finance Show Profile

by Drew Gibson, Head of Cyber, Sopra Steria Show Profile

by Dr Ruth Massie, Senior Lecturer in Cyber Governance, Cranfield School of Management Show Profile

14:30

The Response and Recovery feedback cycle and the pursuit of continual improvement

Case study

 

by Thom Langford, Founder, TL(2) Security Show Profile

13:50

Planning a cyber incident response exercise in critical national infrastructure and the lessons learning during execution

Case Study

by Peter Gibbons, Chief Security Officer, Network Rail Show Profile

by Guy Huckle, Head of Operational Security and Contingency Planning, Network Rail Show Profile

14:10

Internal Information sharing and collaboration – best practice during response for a faster recovery

Panel discussion

  • Effective internal communication approaches and channels to manage every stage of a breach.
  • Ensure your people are empowered to give an effective, professional response to protect your reputation and assets
  • Identifying the stakeholders to participate
  • How to identify and share relevant information

by Daniela Somerscales, CISO, ClearBank Show Profile

by Titta Tajwer, CISO, News UK Show Profile

by Massimo Cotrozzi, Director - Cyber Intelligence Centre, Deloitte Show Profile

14:30

15:20 – 15:50: Afternoon refreshments & Networking

Interactive incident response workshop

Workshop

15:50

What makes a resilient business and Information Security leader?

Panel discussion

  • How to deliver Business Resilience as a Service at scale and adding everyday value to the service
  • Developing Business Resilience awareness training within the security function
  • How to ensure colleagues return to business-as-normal after a crisis
  • How to reward resilient behaviours in the wider business

by Phil Huggins, Security and Risk Leader Show Profile

by Dr. Paul Robertson, Director of Resilience, continuity and crisis, EY Show Profile

by Vicki Gavin, Security, Privacy and Resilience - Advisor / Thought Leader Show Profile

16:40

Cyber Crisis Playbooks to avoid mistakes from previous breaches

Workshop

  • Receive a bespoke analysis of how resilient their organisation is to cyber attack
  • Clear Command & Control: how the best playbooks maintain clarity of decision-making through the ambiguity of a major breach
  • Response at Internet speed: how the best playbooks use templates and holding statements to accelerate effective recovery
  • Exercising is Essential: how the best playbooks maintain readiness through an owned schedule of rehearsals

by Kevin Duffey, Managing Director, The Cyber Rescue Alliance Show Profile

by Chris Procter, Director, Data Protection + Show Profile

15:50

How do you plan for the human responses in your Incident Response plan?

Panel discussion

  • The reality of the human response to an incident and not the planned response
  • Selecting incident management team members not on seniority or technical expertise, but on their knowledge and ability to respond collectively in an incident
  • People is the most important asset a company can have. Have lessons learnt after each critical/high incident and understand where “people” failed and improve your controls
  • Creating playbooks for under pressure people to avoid forgetting basic things

by Tiffany Georghiades, Crisis and Resilience Manager EMEA, The Walt Disney Company Show Profile

by Diana Moldovan, UKI Cyber Operations Lead, Aviva Show Profile

by Andy Shaw, Head of Information Security - Premier Inn & Restaurants, Whitbread Show Profile

by Jim Steven, Head of Data Breach Services, Experian Consumer Services Show Profile

16:40

17:30 – 19:00: Drinks Reception

back to top

Copyright © Lyonsdown Ltd. 2016. All rights reserved.