Agenda


R3: Resilience, Response, Recovery Summit 2019

R3: Resilience, Response & Recovery Summit 2019 features 20 different sessions across 2 distinctive streams.
Browse the 2019 full agenda and speakers below

08:00 – 09:00: Registration & welcome refreshments

Chair’s welcome and introduction

09:00

Cyber resiliency by design: Prepare, absorb, recover, adapt

Keynote

  • Creating a response plan that minimises confusion and stress without deviating from habitual actions
  • Developing a positive security culture that helps increase early detection
  • Incident Response plans are not perfect. Communication is crucial during an incident
  • Resilience v Robustness – adapting in a changing environment
09:10

The human in Cyber Resilience: How dysfunctional behaviour during response and recovery can be avoided so that your organisation emerges on the other side stronger and more competitive

Keynote

  • Organisational Resilience, as defined within the business and management literature is a business outcome as opposed to a process, management system, strategy or static characteristic.
  • It arises through a complex interplay of factors, the presence, importance and contribution of which change in response to the threats posed by the external environment and the inherent vulnerabilities of the organisation.
  • Unlike most business outcomes, such as increasing profit, improving customer service and reducing carbon emissions, organisational resilience can only be observed and measured when the organisation is responding to and recovering from stress.
  • Whilst many factors are involved, the role of people, and their actions, cannot be overstated.  People, especially groups of people in institutionalised settings, are affected by stress in some quite unusual ways.

by Dr. Sandra Bell, Head of Resilience Consulting, Sungard Availability Services Show Profile

09:30

Emerging practice in developing and implementing an operational resilience framework

Panel discussion

  • What metrics or indicators could be used to assess and compare operational resilience?
  • What are the practical challenges related to improving operational resilience in the information supply chain?
  • Is regulation strengthening or weakening organisations’ operational resilience?
10:00

10:40 – 11:10: Morning refreshments & network

How do you develop a positive security culture that helps increase early detection?

Roundtable

11:10

What metrics or indicators do you use to assess operational resilience?

Roundtable

11:10

How do you involve your supply chain partners in your operational resilience testing?

Roundtable

11:10

Red-teaming; is it worth it? What should you look out for when preparing and executing such an exercise?

Roundtable

11:10

How do you train your security teams to develop personal resiliency?

Roundtable

11:10

How to set up and run a successful, internal, threat hunting process

Roundtable

11:10

12:40 – 13:40: Lunch & Network

Chair’s opening remarks

13:40

Security vendor and information supply chain risk and resilience management

Case study

  • Measuring and reporting the cyber resilience of your supply chain
  • Managing overlapping tools complexity in the technology stack
  • Involving supply chain partners in your operational resilience testing
13:50

Operational stress testing – measuring cyber resilience internally, and against peers externally

Case study

  • When security controls fail, can you detect unusual or irregular behaviour with sufficient context to mitigate risk?
  • How quickly and effectively can you recover, in comparison to external peers?
14:10

What are the barriers to improving cyber resilience in organisations and business, and how to overcome them

Panel discussion

  • Challenges between internal organisational structures
  • Access to the right skills and technology
  • Poor visibility of entry points to detect a breach in real time
  • Shift in mindset from SOC to shared duty
14:30

Chair’s opening remarks

13:40

Adding external threat hunting to supplement your internal incident response plan

Case study

  • Can manual threat hunting supplement and utilise existing security monitoring mechanisms?
  • Using previously unseen threats, tactics, techniques and procedures used by threat actors in your IR plan
  • How to set up a successful threat hunting process internally
13:50

What are your legal considerations when planning for recovery from a cyber attack or breach?

Legal briefing

  • What are your recording obligations under existing legislation?
  • Breach forensics – collected legally permissible evidence
  • Common mistakes made by organisations post-breach that undermine their legal obligations
14:10

Internal Information sharing and collaboration – best practice during response for a faster recovery

Panel discussion

  • Effective internal communication approaches and channels to manage every stage of a breach.
  • Ensure your people are empowered to give an effective, professional response to protect your reputation and assets

by Daniela Somerscales, Head of Information Security, ClearBank Show Profile

14:30

15:20 – 15:50: Afternoon refreshments & Networking

Interactive incident response workshop

Workshop

15:50

What makes a resilient Information Security leader and SOC team?

Panel discussion

  • Resilient security staff and wider staff training
  • Protecting colleagues’ mental health during recovery
  • How to ensure colleagues return to business-as-normal after a crisis
16:40

Interactive crisis communication workshop

Workshop

15:50

How do you plan for the human responses in your Incident Response plan?

Panel discussion

  • Leadership and emotional reactions internally and externally
  • Managing the message internally and externally post-breach
16:40

17:30 – 19:00: Drinks Reception

back to top

Copyright © Lyonsdown Ltd. 2016. All rights reserved.