Now Available On Demand: The CSO Security Forum

Now Available On Demand
Event Primary Image IDG

Summary

As security leaders look back on 2020, many will barely recognise the businesses they are now securing compared to the start of last year. The pandemic brought around new ways of working, new tools, and new network topologies that have changed how companies operate and how CISOs protect their most important data and operations.

But what challenges still remain, and how does a permanent shift to remote working for large portions of the workforce affect security operations, budgets, planning and priorities? And what other transformational trends on the horizon do CISOs and their teams need to prepare for and contend with?

CSO UK’s first virtual CSO Forum delved into topics around security leadership, changing regulatory environments, evolving technology trends, and the increasing threat landscape through a packed half-day of panel discussions and presentations from leading cybersecurity experts and practitioners.

This half-day virtual event is now available on demand. Register now and watch back the sessions from the live event. 

Agenda

All sessions below are now available to watch on demand
  • 09:30am – 10:00am – Virtual guest arrival and networking break

    10:00am – 10:05am – Welcome remarks from Scott Carey, Group B2B Editor, IDG UK

    10.05am - 10.40am – CISO Stress: How to Deal with Burnout featuring Cath Goulding, CISO, Nominet; Vicki Gavin, Head of Information Security & Compliance, Kaplan International and Matt Palmer, Director, Cyberclaria and CISO.

    Being a CISO can be a lonely and stressful job. In this panel session, our experts discuss the pitfalls of burnout, how to spot it in yourself and team members, the impact of Covid-19 and changing business expectations, and ultimately some practical tips for how to move forwards. Tune in to hear from Vicki Gavin, Head of Information Security at Kaplan International, Nominet CISO Cath Goulding and Cyberclaria Director Matt Palmer.

    10:40am – 11:00am – Identity in the Era of Microservices from Sunil James, Senior Director, Security Engineering, HPE

    ‘Identity’ is a seemingly well understood concept. Ask anyone, and they’ll say something like, “identity lets you prove you are who you say you are.” This broad assertion affords us the ability to do various activities with relative ease – like flying, driving, and so on. Join us as we delve deeper into the fundamental idea of identity, and showcase its applicability in the world of microservices running on clouds, platforms, and all sorts of hardware. Like humans, microservices need to conduct various activities — and identity is the foundation to making that happen at scale.

    11.00am - 11.30am – Mind the Gap: How to Fix the Cybersecurity Skills Shortage from Geordie Stewart, Chief Information Security Officer at Wickes, Matt Foster, Head of Information Security at Lookers, Amanda Finch, CEO of the Chartered Institute of Information Security, and Dr Leila Powell, Data Scientist at Panaseer.

    The cybersecurity skills gap remains a significant challenge for organisations worldwide, with recent studies indicating that the industry faces a global shortage of some four million professionals. So how can industry close the gap, encourage more people into security careers, improve job attraction and retention, and help CSOs/CISOs build highly skilled, diverse teams working collaboratively to better protect their organisations? To find out, tune in to this panel session to hear from Geordie Stewart, Chief Information Security Officer at Wickes, Matt Foster, Head of Information Security at Lookers, Amanda Finch, CEO of the Chartered Institute of Information Security, and Dr Leila Powell, Data Scientist at Panaseer.

    11.30am - 11.40am – Can we secure and thrive in a new digital, remote world? from Mark Woods, Chief Technology Advisor, EMEA at Splunk

    What trends and considerations should we be aware of as we endeavour to safely steer our companies through the changing waters of 2021? How do we instigate a strategy that can identify critical risk but also exploit dynamic opportunities?

    11.40am – 12.10pm – The Politics and Policy of SolarWinds from Richard Harknett, Co-Director, Ohio Cyber Range Institute and Bob Bragdon, SVP Wordwide, CSO

    Richard Harknett, Co-Director of the Ohio Cyber Range Institute, has examined the SolarWinds hack that’s dominated the news for months. A hack defined by the level of sophistication, persistence, and patience exhibited by the attackers. In this session, Prof. Harknett looks at the big picture and discusses why we should be shifting our approach from a doctrine of persistent engagement, to a whole-of-nation frame that includes public and private sectors as well as our international allies.

    12:10pm - 12.25pm – Cybersecurity Trends: Defeating Hackers Before They Attack from Cole Humphreys, Global Cyber Security Product Management, Hewlett Packard Enterprise

    Supply chain attacks, insider threats, persistent malware and ransomware are becoming highly sophisticated. With 66 percent of security teams struggling to protect complex, granular and dynamically changing attack surfaces, enterprises need new lines of defense to shift the focus from fighting fires to driving secure digital transformation. Join us as we dive into the foundational elements you need to build a zero trust approach into your IT supply chain and infrastructure.

    12.25pm – 13.00pm – The CISO’s Evolving Role: Career Tips and Guidance for Today’s Security Leaders featuring Tim Youngblood, Corporate VP, Global CISO, McDonald’s

    Tim Youngblood is Corporate VP, Global CISO at McDonald’s, one of the world’s largest food service companies. Having worked at other large organizations, Tim’s developed a unique understanding of the various stages in evolving your career to the CISO level. Join us for this in-depth interview to understand Tim’s views on the evolving CISO role, his career and skills advice for aspiring security leaders, why expertise in operational excellence and partnering is essential, and the future of information security.

    13.00pm - 13:10pm – Why Security Can’t Be Optional from David Warburton, Senior Threat Research Evangelist, F5

    The basic tenets of cyber security have existed for decades, yet their implementation is still largely optional. Because of this, attackers are shifting tactics and picking easy targets. This session presents research from F5 Labs and uncovers the most common breach methods used by threat actors today.

    13.10pm - 13:40pm – Data Protection in 2021: Brexit, Privacy Shield, GDPR featuring Enza Iannopollo, Senior Analyst – Privacy, Security & Risk, Forrester and Steve Kuncewicz, Partner, BLM Law

    The UK data protection regulation landscape is in a very uncertain and precarious position. Brexit complicates data flows with the EU, the fall of Privacy Shield complicates UK and EU data flows to the US, and the UK being too cosy with either one could lead to complications with the other. A look at what CISOs need to know, how they need to work with DPOs to navigate a complicated time.

    13.40pm - 13.45pm - Closing remarks from Doug Drinkwater, Senior Director of Content, IDG

    13.45pm - 14.45pm – Networking in the Exhibitor Lounge and Networking Zone

Speakers

Amanda Finch

Amanda Finch, CEO, CIISec

Amanda Finch is the CEO of the Chartered Institute of Information Security (CIISec) and has specialised in Information Security management since 1991. She has always been an active contributor to the industry and for many years she has been dedicated to gaining recognition for the discipline to be recognised as a profession.

Cath Goulding

Cath Goulding, Chief Information Security Officer - Nominet

Cath has over 15 years experience in the cyber security profession having worked for both UK Government and the private sector. A thought leader in her field, she frequently speaks at security and internet conferences and has provided articles and comments for multiple publications. Cath currently works as Chief Information Security Officer for Nominet UK, the internet company best known for running the ‘dot.uk’ registry and therefore critical to internet operations in the UK. Prior to joining Nominet, Cath worked at GCHQ holding a variety of posts in the field of cyber security. Cath has a BSc in Mathematics, an MSc in Human Computer Interaction and is CISSP qualified. She was named one of the most influential women of UK Tech in 2020 in Computer Weekly.

Cole Humphreys

Cole Humphreys, Global Cyber Security Product Management, Hewlett Packard Enterprise

Cole Humphreys is an IT industry veteran and leader with global IT industry experience that spans decades. During his career Cole has engaged and ignited product management programs across complex business models to deliver value to customers and partners in the Americas, Europe, and Asia Pacific regions. Cole served in the Military for over a decade and joined Compaq, then HP, where he led a highly successful Global Category portfolio driving over $2B in revenue. Cole held tenure at Rackspace where he launched their Next Generation Public Cloud running on OpenStack. Today, Cole leads Global Cyber Security Product Management at HPE where he is responsible for the security features and technologies embedded within HPE’s Compute portfolio, and there are now over 2 million of the world’s most secure industry-standard servers running in customers environments today.

David Warburton

David Warburton, Senior Threat Research Evangelist, F5

David Warburton is Senior Threat Research Evangelist with F5 Labs with over 20 years’ experience in network and application security. A regular speaker at industry events and contributor to online and broadcast media, he was responsible for the design of a public cloud platform in the UK and for helping large government organisations adapt and improve their security posture. He recently completed an MSc in Information Security with Royal Holloway University where his thesis was on the use of security and cryptography in IoT..

Enza Ionnapollo

Enza Iannopollo, Senior Analyst – Privacy, Security & Risk - Forrester

Enza is a senior analyst on the security and risk team and a Certified Information Privacy Professional (CIPP/E). Enza helps organizations worldwide embed privacy and ethics in their strategic initiatives through approaches that deliver business growth while protecting their customers’ and employees’ trust and their brand reputation. Her research focuses on compliance with data protection rules, privacy as a competitive differentiator, ethics, and risk management. Enza speaks regularly at national and international executive conferences, and her research is often quoted in the media, including The Wall Street Journal and Forbes.

Leila Powell

Dr Leila Powell, Lead Security Data Scientist, Panaseer

Dr Leila Powell started out as an astrophysicist, using supercomputers to study the evolution of galaxies. Now she tackles more down-to-earth challenges! As the Lead Data Scientist at Panaseer, she helps information security functions in global organisations understand and reduce their cybersecurity risk exposure. She's an advocate for diversity and inclusion in tech and co-created the WEDS (We Empower Diverse Startups) Network with other women in cyber tech startups to champion inclusive practices beyond her own team.

Mark Woods

Mark Woods, Chief Technology Advisor, EMEA, Splunk

Mark provides advice and guidance to executive teams, policy makers and boards; helping organisations to get more value from data. Before joining Splunk Mark co-founded AMPLYFI and as CTO created and scaled the start-up’s proprietary AI analytics technology. He has also worked commercialising novel integrated hardware/software solutions at British Telecom (BT), Bentley and for various energy firms. Mark spent the first decade of his career as a British Army Engineering Officer, specialising in new technology introduction, strategic planning and spending time in hot and cold places that would not be on most people’s bucket-list.

Follow Mark on LinkedIn.

Matt Foster

Matt Foster, Head of Information & Cyber Security, Lookers

An IT professional for over 25 years, with a strong curiosity into how things work. As a cybersecurity leader, my role is to advise companies on how to uphold that social contract by managing risks and deterring and denying threat actors. My consultative approach is the result of decades of experience working with well reputation companies. I’ve worked across many industry sectors, with a plethora of security, identity and infrastructure related technologies. My approach is to find ways to say yes – safely; and that can only be done with a strong understanding of both the business operations and risk appetites. I am currently responsible for Information, IT & Cyber security across the group, not just within my team of security professionals.

Matt Harris

Matt Foster, Director, Cyberclaria and CISO

An award winning global CISO, Matt has transformed security teams across banking, capital markets, alternative investments and insurance - most recently as Chief Information Security Officer and Senior Director at Willis Towers Watson. He now leads a cyber risk and technology practice working with financial services companies on operations, risk and innovation, and serves as interim CISO for an international fund administration company. A chartered accountant as well as a technologist, Matt is also a Commissioner and Chair of the Audit Committee at the Jersey Financial Services Commission, the international finance centre's regulator, and a board advisor to several fintech startups.

Follow Matt on LinkedIn.

Scott Carey

Scott Carey, Group Editor UK B2B - IDG UK

Scott is an experienced enterprise technology journalist, as comfortable writing analysis as he is hosting industry events and appearing on broadcast media. He has a keen interest in big IT and cloud vendors, deep knowledge of the SaaS market and digital transformation at some of the UK’s biggest companies, and a contacts book that covers the industry from top to bottom.

Steve Kuncewicz

Steve Kuncewicz, Partner, and Head Of Creative, Digital & Marketing Sector

Steve specialises in intellectual property, media and privacy-related issues, working mainly with the creative, digital, technology and advertising sector with a nationally-recognised niche specialism in issues involving social media. He deals in both contentious and non-contentious matters, ranging from litigation before the High Court to cross-jurisdictional disputes and complex advisory work, reducing commercial, reputational, regulatory and legal risk. Working across the public and private sector, and with both agencies and those who buy from them, he leverages commercial expertise gained during my time in house and a passion for the sectors I work with for the benefit of his clients.

Steve Kuncewicz

Sunil James, Senior Director, Security Engineering, Hewlett Packard Enterprise

Sunil James is a Senior Director within Hewlett Packard Enterprise’s Security Engineering division. He leads a globally distributed team of hardware engineers, software engineers, architects, product managers, program managers, UX designers and technical writers to build trust into (and through) HPE’s burgeoning software and hardware products. Previously, he was founder and CEO of Scytale, which HPE acquired in February 2020

Timothy Youngwood

Timothy Youngblood, Vice President and Chief Information Security Officer - McDonald's Corporation

Timothy Youngblood is the Vice President, Chief Information Security Officer for the McDonald’s Corporation leading the company’s global information security organization. Timothy is responsible for overseeing risk management and brand protection on a global scale for the company. He has 30 years of industry experience ranging from Cyber Security Strategy and Operations, Product Security, IT Audit, Disaster Recovery, Risk Assessment, and Management Consulting. Timothy has served in multiple industries across his career including financial services, healthcare, oil/gas, retail, and manufacturing.

Vicki Gavin

Vicki Gavin, Head of Information Security & Compliance - Kaplan International

Vicki, The Cyber CoachTM, is a recognized expert in security, privacy and resilience. She was Chairperson of the Women's Security Society and has won Cybersecurity Woman of the Year and Unsung Hero, Marathon (Wo)man awards. Currently she is the Head of Information Security & Risk Management for Kaplan International, having previously held leadership positions with Cyber Rescue Alliance, Artemis Fund Management, Kensington Mortgages, The Economist, Barclaycard, Barclays Bank, Barclays Capital, Dresdner Kleinwort Wasserstein and the Toronto Stock Exchange. An invited speaker at industry conferences globally, recently she participated in the OpRisk Europe conference discussing the cyber threat landscape and the Evolve event discussing developing a cyber secure culture. Vicki is MBCI and CRISC Certified, holds a BSc in Physics and a Postgraduate Diploma in Teaching Adults.

Event Sponsors

Sponsor Logo

Headline sponsor: Hewlett Packard Enterprise & AMD

HPE is the world’s leading supplier for trusted computing by being the first vendor to embed silicon-based security into its industry-standard servers. Its exclusive silicon root of trust technology runs in over two million servers globally today and has formed the foundation for HPE’s vision for securing the enterprise to deliver experiences from the edge-to-cloud, platform as-a-service. HPE also delivers the industry’s most advanced, embedded network security with Aruba’s high-performing, highly reliable and secure wired and wireless network infrastructure solutions. Additionally, HPE further extends zero trust capabilities by standardizing and accelerating service authentication across cloud, container, and on-premises infrastructures. For more information, visit:www.hpe.com/security.

For 50 years AMD has driven innovation in high-performance computing, graphics and visualization technologies ― the building blocks for gaming, immersive platforms and the datacenter. Hundreds of millions of consumers, leading Fortune 500 businesses and cutting-edge scientific research facilities around the world rely on AMD technology daily to improve how they live, work and play. AMD employees around the world are focused on building great products that push the boundaries of what is possible. For more information about how AMD is enabling today and inspiring tomorrow. For more information, visit:www.amd.com/en.

Sponsor Logo

Partner Sponsor: Splunk

Splunk Inc. (NASDAQ: SPLK) turns data into doing with the Data-to-Everything Platform. Splunk technology is designed to investigate, monitor, analyze, and act on data at any scale. Our powerful platform and unique approach to data have empowered companies to improve service levels, reduce operations costs, mitigate risk, enhance DevOps collaboration, and create new product and service offerings. For more information, visit:www.splunk.com.

Sponsor Logo

Partner sponsor: F5

Every company today is in the digital experience business. And, in the wake of COVID-19, customer expectations are higher than ever because those experiences are now the primary way that people interact and transact with just about every organization. F5 helps organizations deliver and secure the extraordinary digital experiences that customers demand by enabling adaptive applications which, like living organisms, will naturally adapt based on their environment—growing, shrinking, defending, and healing themselves. Through a portfolio of automation, security, performance, and insight solutions, F5 empowers organizations to create, secure, and operate these adaptive applications, which increases revenue, reduces costs, improves operations, and better protects users. For more information, visit: www.f5.com.

Who should attend

Registrations are now open for UK senior IT executives, including CSOs, CISOs, CTOs, CIOs and IT directors.