| Date and Time | Title | |
|---|---|---|
| Jun 16, 2026 8:45am - 9:00am (London) | Chairperson's Opening Address with Purvi Kaye |  |
| Jun 16, 2026 9:00am - 9:30am (London) | Is your M365 backup enough to stop a cyberattack? Microsoft 365 and Entra ID environments are evolving daily—and attackers are moving even faster. From compromised credentials to rapid data exfiltration and encryption, modern threats span seamlessly across identity, OneDrive, SharePoint, and endpoints.
In this fast-paced, 25-minute virtual session, Druva’s Solutions Architect, Vanessa Toves, breaks down how these attacks actually unfold and explains why traditional point-in-time restores leave organizations vulnerable.
What You’ll Learn In 25 Minutes:
Spot the Blind Spots: Identify exactly where native protections fall short against sophisticated ransomware and exfiltration tactics.
See the Invisible: Learn how to leverage anomaly detection and historical snapshots to pinpoint what changed during a security incident.
Recover with Confidence: Master how to rapidly isolate and restore the "last known good" clean version of your critical data.
Bridge the Resilience Gap: Build a stronger, unified incident response plan across OneDrive, SharePoint, and Entra ID. | |
| Jun 16, 2026 9:30am - 10:00am (London) | Compliance Without Chaos: Aligning Audit Quality and Efficiency in a Multi-Framework World As organisations face mounting pressure to maintain compliance across an ever-growing number of regulatory frameworks, the question is no longer whether to take audits seriously, but how to do so without overwhelming teams and compromising quality.
This session explores the intersection of audit complexity and compliance quality, drawing on data from A-LIGN's 2026 Compliance Benchmark Report to reveal how most enterprises are trapped in a costly, repetitive audit cycle. Attendees will learn how report rejection carries a hidden financial impact exceeding $100,000 per incident, and how audit harmonisation enables organizations to consolidate overlapping frameworks, reduce audit burden, and deliver reports that hold up under enterprise scrutiny. | |
| Jun 16, 2026 10:00am - 10:30am (London) | How Benchmarking Brings Clarity to Cyber Security Most security teams are working flat‑out, yet it still feels like they’re fighting fires rather than making progress. One week it’s a vulnerability spike, the next it’s a supplier issue, then a new tool lands on the roadmap and everything shifts again. It’s no surprise that even experienced professionals end up busy but unsure whether the work is actually reducing risk. This talk is a clear‑eyed look at why that happens, what really drives meaningful improvement, and how a simple benchmarking exercise can cut through the noise. We’ll explore why effort drifts into low‑value areas, how technical teams and leadership end up misaligned, and why so many organisations invest heavily without seeing their posture genuinely improve. If you want a practical way to show the board where you stand, prioritise the controls that actually matter, and move from reactive to focused, this session will give you the clarity and structure to do exactly that. | |
| Jun 16, 2026 10:30am - 11:00am (London) | KEYNOTE: Ben Owen, Fire Side Chat Former Intelligence Officer and cyber security expert Ben Owen joins Purvi Kay to discuss the latest cyber threats, criminal tactics and the practical steps organisations can take to strengthen their resilience. Followed by a short audience Q&A. | |
| Jun 16, 2026 11:00am - 11:30am (London) | Beyond Phishing: Building A Culture Of Security Tell people not to click a link, pat each other on the back, and ride off into the sunset. If only security awareness training was that simple.
In this session, Javvad Malik, Lead CISO Advisor for KnowBe4, will explain how to take your security awareness to the next level and prevent it from going stale. Changing behaviours and creating a culture of security can only be achieved by adopting the right mindset and techniques.
In this session you will learn:
- Why you need to brand the security department the right way
- The psychological approach to getting your message across
- Practical advice on building a strong security culture | |
| Jun 16, 2026 11:30am - 12:00pm (London) | Decluttering the SOC: Focusing on What Truly Secures You in the Age of AI Investments in Security Operations Centers are growing, yet the return often falls short due to tool sprawl, alert fatigue, and inefficient processes. This clutter not only wastes resources but also weakens the ability to respond to real threats. By reducing noise, consolidating workflows, and focusing on high-value security activities, organizations can achieve a SOC that is both cost-effective and resilient. This session explores practical ways to deliver measurable ROI while ensuring stronger protection for the business. | |
| Jun 16, 2026 12:00pm - 12:30pm (London) | Reporting Active Exploits in 24 Hours: Are You Ready for the CRA? Most organisations’ vulnerability management processes are not built for the CRA’s mandatory 24 hour reporting of actively exploited vulnerabilities, let alone the required 72 hour follow up submissions. This session highlights the gaps that will matter most when these obligations take effect—from real time detection and exploitation confirmation to dependency visibility, evidence capture, and integration across AppSec, SecOps, and product teams. Using practical examples, we explore where current processes fail and what must be modernised: automation, intelligence feeds, cross team workflows, and documentation readiness. Attendees will leave with concrete steps to rebuild their AppSec operations for speed, accuracy, and CRA compliance before regulatory pressure makes the choice for them. | |
| Jun 16, 2026 1:00pm - 1:30pm (London) | AI vs Caffeinated Security Analyst AI will improve the Security Analyst’s experience, but it won’t replace them. So how do we strike the right balance?
AI is transforming cybersecurity, allowing analysts to detect threats faster, automate routine tasks, and reduce alert fatigue. But it can’t replace human judgement in a complex, adversarial landscape.
This session will explore where AI truly adds value, where its limits lie, and how organisations can balance automation with human expertise to build a stronger, more resilient security function for the future. | |
| Jun 16, 2026 1:30pm - 2:00pm (London) | The Future of the SOC Security operations are under pressure - not because teams aren’t capable, but because the volume, complexity and pace of signals has outgrown traditional SOC models.
AI is often positioned as the answer. In reality, introducing it into a live SOC brings its own challenges.
In our live session, “The Future of the SOC”, we share the practical lessons we’ve learned as an MSSP implementing AI within our own security operations - what worked, what didn’t, and what we’d do differently if we were starting again.
This session draws directly on our experience running AI in a live SOC - helping organisations move forward with clarity instead of guesswork. | |
| Jun 16, 2026 2:00pm - 2:30pm (London) | KEYNOTE: Jake Moore- The Deepfake Interview: Breaking In From the Inside Jake lifts the lid on the darker side of artificial intelligence, taking you deep into the criminal underworld powered by today’s most advanced technology. In the name of research, he used AI driven face-swapping tools to pass a live video job online interview under a completely false identity. Not once, but repeatedly. Through these real-world experiments, Jake reveals how powerful AI tools are already being weaponised by criminals to infiltrate organisations from the inside, bypassing traditional security and exploiting human trust. But it doesn’t stop there. With the same tools now widely available, Jake demonstrates how AI can clone voices, generate convincing documents and create fake identities in seconds, giving cybercriminals everything they need to scale deception like never before. Nothing is real anymore. The question is, would you spot it? | |
| Jun 16, 2026 2:30pm - 3:00pm (London) | Closing the Gap: Securing Identity Across Humans, Machines and AI Identity has become core enterprise infrastructure, governing access not just for the workforce but
for machines, service accounts and AI-driven processes. Yet governance models have not kept pace
with this broader, more dynamic landscape.
In this presentation, Keeper Security will unpack key findings from their latest research report, Identity at
Machine Speed: The Architecture of Enterprise Governance. Learn why 96% of organisations report
exploitable gaps caused by disconnected tools and why most still cannot detect credential misuse in real time.
This session will cover:
How rapid growth in identities is expanding complexity and risk
Where fragmented identity systems and disconnected tools create security gaps
The growing identity risks associated with increased AI adoption
How organisations can control, monitor and audit privileged access across both human and
non-human identities. | |
| Jun 16, 2026 3:00pm - 3:30pm (London) | 3rd Party Risk Management : Software Supply Chain Security Examining the security risks and threat vectors involved in both developing software and procuring third party applications | |
| Jun 16, 2026 3:30pm - 4:00pm (London) | Securing Active Directory in High-Trust Industries: From Credential Risk to Identity Assurance Active Directory Is Still the Backbone of Trust. But credential-based attacks are still the easiest way in. For banking institutions, healthcare systems, and critical infrastructure organizations, Active Directory remains the foundation of access control. Yet phishing, account takeover, and helpdesk reset abuse continue to bypass traditional defenses, especially in hybrid workforce environments.
When identity is the control plane, credentials alone are no longer enough. This session explores how regulated organizations can strengthen identity assurance by adding a government ID validation layer to their authentication workflows without disrupting user experience or operational efficiency.
What You’ll Learn
o Why credential attacks remain dominant in high-trust industries
o How phishing-resistant identity verification reduces account takeover risk
o The hidden risk in helpdesk password resets and how to eliminate it
o Why government ID validation is uniquely suited for regulated environments
o How to elevate identity assurance without adding friction
Why This Matters for Regulated Industries
In industries where compliance, auditability, and trust are non-negotiable, strengthening authentication isn’t optional, it’s operationally critical.
Government ID validation:
o Reduces account takeover exposure
o Mitigates helpdesk social engineering
o Strengthens phishing resilience
o Supports stronger audit and compliance postures
o Provides high-confidence identity proofing without complex infrastructure | |
| Jun 16, 2026 4:00pm - 5:00pm (London) | LIVE FIRESIDE CHAT: Cecilie Fjellhøy Known globally as the woman who brought down The Tinder Swindler, Cecilie Fjellhøy joins Purvi Kay for a powerful conversation on fraud, deception and the growing threat of social engineering. Drawing on her own experience at the centre of one of the world’s most infamous scams, Cecilie will share the lessons every organisation can learn. Followed by a short audience Q&A. | |
| Jun 16, 2026 5:00pm - 5:30pm (London) | Prize Quiz LIVE Entertainment with Dean our host - we have lots of great prizes to Win - See you there |
 | |||
Agenda
|
|