Enterprise Cyber Security

24 September 2019

Victoria Park Plaza, London




Dr Gilad L. Rosner

Founder: IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher

Dr Gilad Rosner is a privacy and information policy researcher and the founder of the non-profit Internet of Things Privacy Forum, a crossroads for industry, regulators, academics, government and privacy advocates to discuss the privacy challenges of the IoT. The Forum’s mission is to produce guidance, analysis and best practices to help industry and government to reduce privacy risk and innovate responsibly in the domain of connected devices.

Gilad’s broader work focuses on the IoT, identity management, US & EU privacy and data protection regimes, and online trust. His research has been used by the UK House of Commons Science and Technology Committee report on the Responsible Use of Data and he is a featured expert on O’Reilly and the BBC. Gilad is an internationally invited speaker and has given talks at industry conferences, universities, and government agencies, including the US National Institute of Standards and Technology.

Gilad has a 20-year career in IT, having worked with identity management technology, digital media, automation and telecommunications.
Gilad is a member of the UK Cabinet Office Privacy and Consumer Advisory Group, which provides independent analysis and guidance on Government digital initiatives and is a member of the IEEE Global Initiative for Ethical Considerations in Artificial Intelligence and Autonomous Systems.

He is a Visiting Researcher at the Horizon Digital Economy Research Institute, an Affiliate Researcher at UC Berkeley’s Centre for Long-Term Cybersecurity and has consulted on trust issues for the UK government’s identity assurance programme,

Senior Representative


Confirmed keynote speaker

Francesco Cipollone

Director of Events, Cloud Security Alliance UK; Head of Security Architecture & Strategy, HSBC Global Banking and Markets

I’m Francesco, a Chief Information Security Officer (CISO) and cybersecurity advisor who specialises in strategy and cloud security. Fuelled by passion, curiosity and dissatisfaction for the status quo, I believe in protecting identities in cyberspace and creating a safer, more connected world for future generations.

I’m currently helping ELEXON and HSBC build their cybersecurity practices.

In my spare time, I love to give back to the cybersecurity community. As part of that, I am Director of Events for the Cloud Security Alliance UK and an active member of ISC2. I’ve launched the #MentoringMonday community together with the support of Jane Frankland and Tanya Janca. The mentorship community is inclusive with a focus on empowering women in cybersecurity.

Michael Aminzade

MD Cyber, 6point6

Michael brings with him over 20 years of experience within the cybersecurity, governance, risk and compliance (GRC) industry. He is responsible for the cyber portfolio of services as well as leading the team of cyber specialists at 6point6, helping companies to establish an industry-leading cyber maturity.

Prior to joining 6point6, Michael was the VP for Global Compliance and Risk at a large cybersecurity and managed security services provider based in the US and the CISO for a leading payment and commerce solutions provider.

Helen Hosein

Customer Engineer, Google

Helen Hosein is a Customer Engineer for Chrome Browser, and has worked with several large customers to help them uphold best practice and compliance by making use of Chrome’s management capabilities. Helen is considered an expert on Chrome Browser security both within Google and externally.

Ian Brown

Head of Information Security, British Heart Foundation

Ian is a business-focused information security professional, holding positions in complex, international companies where safety is critical. He is currently working for the nation’s heart charity, founding the information security department and transforming the use of security and data with a focus on long-lasting change and getting “the basics” right.

Anna Russell

EMEA VP of Enterprise Sales, comforte AG

Anna has over 20 years in the security industry and has helped some of the largest organisations in the world to successfully execute enterprise-wide security transformation projects. Her proven track record shows that she knows how to deliver value to her clients as a trusted advisor continually. For the past five years, Anna has focused exclusively on helping companies harness the full potential of the new data-centric security model.

Anna can often be found at security events or working with large enterprises across EMEA evangelising her firm belief that a data-centric approach to security is the only way to truly keep a company’s data safe in today’s digital society where data privacy matters more than ever before.

Denise Beardon

Head of Information Security Engagement, Pinsent Masons

Denise Beardon is Head of Information Security Engagement at Pinsent Masons, an international law firm. Prior to joining Pinsent Masons, she worked for The Security Company, a security awareness consultancy, where she was responsible for the creation and implementation of their behavioural change methodology including qualitative and quantitative baseline research. During the past ten years, Denise has worked on many successful behavioural change programmes for a number of high-profile organisations.

Denise is committed to exploring the interaction between human behaviour and technology and understanding why people do what they do. This insight provides her with the ability to deliver tailored strategic behavioural change programmes that ensure the individual does not feel undermined but empowered to make the right choices. By using behavioural psychology at the heart of her programmes, Denise aims to bring positive change to any cybersecurity culture.

Prior to entering the world of cybersecurity awareness, Denise was internal communications manager for Cambridge Constabulary following a successful career in marketing communications in the private sector. She has a Masters in Crime Writing from the University East Anglia and is working on her debut novel.

Professor John Walker

Visiting Professor, School of Science and Technology, Nottingham Trent University

Professor John Walker is a specialist providing consultancy to Middle East-based organisations, government, and military clients. He served 22 years in Royal Air Force Security/Investigations and Counterintelligence operations within a SCIF/Comint/Sigint environments, working alongside GCHQ, CESG, UK and US Agencies.

He is a ITSO and Systems Security Manager for CIA Accredited Systems, Visiting Professor School of Science/Technology – Nottingham Trent University, Mentor to Tallinn University (Estonia) Masters Students Cyber Research, Practicing and Registered Expert Witness, Certified Forensics Investigator Practitioner [CFIP], Editorial Member at MedCrave Research for Forensics & Criminology, ENISA CEI Listed Expert, Editorial Member of the Cyber Security Research Institute [CRSI], Digital Forensics/Cyber Security Listed Trainer in Dubai for Certified courses, Fellow of Royal Society for the Arts [FRSA], and a Belkasoft (Digital Forensics) Partner.

Vladimir Krupnov

Lead Threat Intelligence analyst, Revolut

Vladimir is leading the CTI function at Revolut. His primary focus is merging manual and automated collection to provide all-source threat intelligence used to boost the companies cyber defence.

Previously Vladimir worked for a digital-risk protection company in London and has private consulting experience. He was involved in projects related to digital risk protection, HVT exposure management and data-leak prevention.

Graduated from the University of Cambridge, his interests include cyber threat intelligence, privacy and social psychology.

Tom Hoyland

Agile Delivery Lead - Login Squad, Sky Betting & Gaming

With a career spanning software engineering, business analysis and digital transformation, Tom coaches a wide range of teams, weaving together agile values, language and psychological safety to build high performing, sustainable teams.

A host at Agile Sheffield and a regular speaker at agile and product meetups, Tom enjoys presenting case studies, research and insights into successful agile transformations, team working and their metrics.

Etienne Greeff

CTO & Co-Founder, SecureData

Etienne Greeff is one of the early pioneers of the information security industry. He has spent over 20 years promoting the innovative use of technology and services to solve complex customer issues: founding, growing and successfully exiting a number of information security businesses.

Simon Cross

Senior Enterprise Architect, Lloyds Bank

Simon is a senior enterprise security architect with multi-sector experience across defence, public, telecommunications and most recently financial services.

Last year, Simon completed an MSc at Lancaster University in Cyber Security.

Over the past 12 months, Simon has been working at Lloyds Banking Group to transform the delivery of their Cyber Security Programme to being threat intelligence-led.

Pritam Pabla

Lead Chrome Customer Engineer, EMEA

Pritam Pabla, Lead Chrome Customer Engineer at Google EMEA, is a business-focused expert in end-user device management technologies, and in this position he has EMEA responsibility for providing IT consulting around Chrome Browser/OS security, management and Chrome lifecycle best practices for all of Google’s large enterprise and government customers. Prior to Google, Pritam worked for notable corporations such as Microsoft, Lenovo and IBM.

Previous Speakers

Professor Christopher Hankin

Director, Institute for Security Science and Technology at Imperial College London

Professor Hankin joined Imperial College London in 1984 and was promoted to Professor in 1995. He is Co-Director of the Institute for Security Science and Technology. His research is in theoretical computer science, cyber security and data analytics. He leads multidisciplinary projects focussed on developing advanced visual analytics and providing better decision support to defend against cyber-attacks.

He is Director of the UK’s Research Institute on Trustworthy Industrial Control Systems. He is the immediate past President of the Scientific Council of INRIA, the French national institute for research in computer science and control. He is Chair of the UK’s Academic Resilience and Security Community (Academic RiSC) and sits on the ministerial oversight group of the Security and Resilience Growth Partnership. He was Vice Chair of the DG CONNECT Advisory Forum for the European Commission until 2015, having previously been a member of ISTAG for two successive terms.

He is Chair of the Association for Computing Machinery (ACM) Europe Council. He is also a member of the ACM Publications Board.

Flavius Plesu

Chief Information Security Officer, Bank of Ireland

A business-focused cyber security leader, Flavius has held senior security positions both within the public and the private sector and has lead a number of enterprise-wide security transformation programmes in complex global organisations. He is passionate about cultivating and building teams to deliver on the organisation’s mission, values and goals. His primary focus is enabling organisations to understand their cyber security risk exposure to make well informed business decisions.

Along with his role as a Head of Information Security at Bank of Ireland, Flavius is also one of the co-founders of OutThink, a team of CISOs and security practitioners who are changing the way in which organisations engage with their employees to change behaviours and build a risk aware culture.

Royce Curtin

Managing Director of Global Intelligence, Barclays

Royce Curtin joined Barclays in January 2017 as Managing Director of Group Intelligence to lead the build-out and delivery of the firm’s global intelligence services. He previously completed a 27-year career as a Federal Bureau of Investigation (FBI) Senior Executive and USA military pilot, including his final role as an FBI Senior Advisor to the USA Director of National Intelligence and the FBI Deputy Assistant Director of National Intelligence for Partner Engagement.

Royce leads Barclays’ Global Threat Intelligence program as part of an integrated Security Operations service line, combined with their CSO Global Cyber Operations and Investigations teams and a 24/7 Joint Operations Centre. His team coordinates all intelligence activities across CSO, BUK Retail Bank, and Barclays International Bank and is key to a large 3 year change program delivering Intelligence Driven Defence security operations across the company.

The Intelligence team delivers Cyber Defence, Cybercrime, Geo-Political, Physical, Strategic and Open Source Intelligence on the most sophisticated threats to the bank that helps defend the network; optimise controls; protect the corporate estate and global workforce; reduce cyber-enabled financial loss; inform vulnerability management, resilience, red team, and secure innovation; support 24/7 situational awareness and incident response; and plays an integral role in mitigating risk and enabling rich customer experiences and secure global financial services.

Raef Meeuwisse

ISACA Expert Speaker and Author of ‘Cybersecurity for Beginners’

Raef Meeuwisse is an ISACA governance expert and Director of Cyber Simplicity Ltd. He has recently finished an ISACA paper on the Governance of Enterprise Information Technology for Healthcare and is also known for his independent books, including ‘Cybersecurity for Beginners’.

Tim Williams

Independent Contractor

Tim is an independent security consultant, life-long learner and trainer. His experience spans international technology service providers, the energy sector, banks and several government departments/agencies. He is currently undertaking multi-disciplinary PhD research integrating knowledge, methods and data from sociology, cybersecurity and physical security domains.

Keith Martin

Professor of Information Security, Royal Holloway University of London

Prof. Keith Martin is a Professor of Information Security at Royal Holloway, University of London. He is currently Director of the EPSRC Centre for Doctoral Training in Cyber Security at Royal Holloway, and is a former Director of Royal Holloway’s Information Security Group. He has broad research interests in cyber security, with a current focus on application of cryptography and geopolitical aspects of cyber security.

Keith has been teaching on Royal Holloway’s pioneering MSc Information Security since 2000, and was a co-creator of the successful distance learning version of this programme. He is author of the book Everyday Cryptography (OUP, 2012), now in its second edition, which introduces cryptography to non-mathematical audiences, with a focus on the practical use of cryptography to support everyday activities. He presents the introduction to cryptography week on the online Coursera course: Information Security: Context and Introduction. He has also presented courses on cryptography to a wide range of audiences, including specialist industrial short courses, the general public, and school audiences.

Tom Parkhouse

Superintending Inspector, Head of Civil Nuclear Cyber Security Regulation, Office for Nuclear Regulation

Tom Parkhouse joined the Office for Nuclear Regulation in 2012 and is currently the Head of Nuclear Cyber Security Regulation within the Civil Nuclear Security Division. As a former member of the Royal Air Force Police he has a broad security and counter-intelligence experience including between 2008 and 2012 serving in various Ministry of Defence appointments focused on cyber issues. From 2011 until 2013 he was a Senior Fellow of the Atlantic Council publishing subjects such as Cyber Security Cooperation and co-authoring a chapter within the National Cyber Security Framework Manual. At ONR, Tom has previously been the Civil Nuclear Security Chief of Staff and the regulatory lead for Emergency Preparedness and Response. Tom is a Chartered Security Professional and has degrees from the Royal Military College of Science (Information Systems Management) and Kings College London (Military Studies); he also holds a number of protective and cyber security certifications.

Margaret Wookey

Head of Information Risk, Global Information Services, British Council

Margaret has worked in Zambia, South Korea, Ireland and Bermuda as well as the UK in the course of a long career with the British Council. She has run cultural programmes for New Zealand and lead budgetary teams, managed higher education recruitment services and HR change programmes. She joined the corporate risk team in 2010 travelling extensively and moved to specialise in information risk on relocating to Bermuda in 2012. She has been the Head of Information Risk for the last two years and is now based in London.

Adam Bland

Head of Emergency Preparedness, Resilience and Response, NHS England (Yorkshire and Humber)

Adam Bland is Head of Emergency Preparedness, Resilience and Response for NHS England across Yorkshire and the Humber. He works with NHS organisations and non-health partners and Local Resilience Forums to ensure arrangements are in place and joined up to deliver the best outcome for patients and the public during disruptive events and emergencies.

NHS England leads the NHS in England, setting its priorities and direction as well as commissioning health care services from GPs, pharmacists and dentists. It is the lead health agency for risk assessing, planning and responding to emergencies and incidents.

Adam’s career in the NHS has involved risk management, service redesign, assurance and commissioning and emergency planning and response in hospital, community and primary care organisations. Previously Chair of the Emergency Planning Society (London), he is a qualified Health Service Commander, has a degree in Public Service Management and a Diploma in Health Emergency Planning.

Among many emergencies throughout his career, Adam led the regional major incident response to the Wannacry cyber attack that affected NHS organisations in 2017.

Sarb Sembhi

Past President, ISACA London Chapter

Sarb Sembhi has been the Chair of the ISACA GRA Committee and a member of ISACA Relations Board. Sarb began his career in the public sector as a Project Manager, and has more than 30 years of project management and consultancy experience.

He has gained this experience providing services to companies including BBC, Travis Perkins, BP, Network Rail. Sarb is a regular speaker at Information Security Conferences around the world, including the CxO Dialogue, Gartner Summits, InfoSec Europe, RSA Europe, HITB, BCS, ISACA, IPSec, IFSEC, Security Directors Forum.

He is also member of the Defence and Security Committee at the London Chamber of Commerce & Industry, and a member of the Cyber Security Working Group at the London Chamber of Commerce and Industry, Infosecurity Magazine Editorial Board, The Institute of Engineering and Technology, The Institute of Risk Management, The Chartered Insurance Institute, and was individual member of the Parliamentary IT Committee.

John Hield

Information Security and Compliance Manager, Veolia

John Hield is an experienced information security manager (CISM) with a background in both manufacturing and IT quality assurance management (ITIL & ISO 20000). Since 2006, he has held the role of Information Security and Compliance Manager for Veolia UK and Ireland. A senior member of the UK and Ireland Security team, he covers the less technical aspects of security and manages all IT compliance activities – ISO27001, Cyber essentials+, PCI-DSS, MOD RMADS, GDPR and (previously) SOX. He is an active member of both the Veolia global information security team and the Veolia UK and Ireland Risk Committee.

Ian Goodwin

Director of Information Governance and Risk Management, Global Information Services, British Council

Ian has worked in the area of Information Governance for over 16 years in roles at the Information Commissioner’s Office, the Legal Services Commission, Lambeth Council and now at the British Council as their Director of Information Governance and Risk Management. In his new role Ian leads a team of officers based around the world, covering all areas of Information Governance (Data Protection, Cyber Security, Information Risk Management and Assurance). The current focus of Ian’s role is on preparing the organisation for GDPR and embedding information governance maturity within a 3 lines of defence model.

Ian is IAPP CIPP/E, CIPM, CIPT certified and was one of the first people to receive the IAPP Fellow of Information Privacy designation. Ian is also ISEB qualified Data Protection and Freedom of Information Practitioner, as well as a certified ISO 27001 Lead Auditor and Prince 2 qualified.

Martin Fletcher

Assurance and Information Management Consultant, National Archives

As part of the Information Management Department at The National Archives; Martin Fletcher has provided Cyber Security training to 2,700 staff from over 150 organisations across the public sector. In this role, he has also developed an Information Security ‘train the trainer’ course which is now used by organisations including The Scottish Government, HMRC and the Ministry of Justice. He is also responsible for the Archives’ well established programme of Management Board briefings. Martin believes that the core to ensuring a secure culture is to engage the senior management and encourage them to see cyber security as being more than just an “IT problem.”

Richard Bell

Former Chief Information Security Officer, Transport for London

Transport for London is a dynamic and challenging retail and transportation organisation with annual revenue of £4Bn. In Richard’s former position, his first step was to risk assess the current state of information security at TfL. From that risk assessment he then developed and led the implementation of an effective tactical and strategic cyber response programme to ensure cyber security resilience.

Richard has been with TfL since 2004, during which he has had responsibility for providing security assurance against some of the most significant risks TfL has faced. He is advocator in the harnessing of social media and big data analytics. He has served as a Director for The Security Institute and featured within the IFSEC Global Top 40 of influencers in security 2014 and 2015.

Richard has been with TfL since 2004, during which he has had responsibility for providing security assurance against some of the most significant risks TfL has faced. He is advocator in the harnessing of social media and big data analytics. He has served as a Director for The Security Institute and featured within the IFSEC Global Top 40 of influencers in security 2014 and 2015.

Richard Wright

Senior Officer - Security Education, National Crime Agency

Richard leads the National Crime Agency’s security education programme, with responsibility for policy, guidance, communications and training. As a passionate advocate of people-centric security, he believes long-term behavioural and cultural change strategies should be at the heart of risk reduction instead of viewing people as the weakest link to be designed out by onerous technical controls. Richard is a qualified information security and training professional with over nine years’ experience of working on a number of diverse and challenging security projects.

John Unsworth

Chief Executive, London Digital Security Centre

John is the Chief Executive of the London Digital Security Centre.

The London Digital Security Centre is a joint venture between the Mayor’s Office for Police and Crime (MOPAC), the Metropolitan Police Service (MPS) and the City of London Police (CoLP). Working in partnership with academia and the private industry the London Digital Security Centre aims to help protect businesses operating in London from online criminal threats.

John is a highly regarded financial and cybercrime intelligence professional. He has 20+ years of experience in successfully leading national intelligence activities in the UK aimed at identifying, preventing and detecting criminal activities and targeting financial and cybercrime threats committed by Organised Crime Groups.

Prior to joining the London Digital Security Centre, John was seconded to the Global Cyber Alliance (GCA), from one of its co-founders the City of London Police (CoLP) and also led CoLPs Economic and Cyber Crime Prevention Centre (ECPC).

John has recently completed a Masters degree in Criminology at Cambridge University.

Detective Chief Inspector Vanessa Smith

Yorkshire and Humber Regional Cyber Crime Unit

DCI Vanessa Smith is head of the Yorkshire and Humber Regional Cyber Crime Unit. She has served in West Yorkshire Police for 22 years, developing the force’s first cybercrime unit and cyber response strategy. During her career, she has also investigated historical child sex abuse allegations, managed Registered Sex Offenders and managed teams tackling serious organised crime.

Steve Kennett

Security Director & Senior Information Risk Owner (SIRO), Jisc

Steve Kennett served 23 in the Royal Air Force from 1978 to 2001 as a telecommunications engineer. He served at various bases and in the UK and in operations around the world, he specialised in Data communications, Cryptography & Data protection (cyber and Information security).

On Leaving the RAF Steve held senior positions at Kingston Communications and Centrica where he had responsibilities for the Data & IP networks as well as the One Tel ISP he was responsible for all aspects of IP and ISP operations, design & strategic management.

Steve Joined Ofcom in June 2005 as the Head of Spectrum Services he was responsible for all aspects of Enforcement & Interference policy, business governance and due diligence. He introduced major Legislation & Policy changes into Ofcom the new WT Act 2006, R&TTE Act 2005 and Regulation of Investigatory Powers Act 2000. During his time at Ofcom he was Chair of the Satellite Monitoring MOU committee within CEPT of the European communications office. He left Ofcom on a high after being part of the successful Ofcom Olympics Spectrum Delivery team responsible for keeping the Spectrum for the London 2012 Games free from Interference.

Steve joined Janet in Jan 2013 as the Head of Operational Services and Senior Information Risk Owner (SIRO) is to ensure that appropriate supplier relationships (contractual and otherwise) were in place to support the network and its services and that the services provided over the network are delivered according to the company’s stated service levels and policies and meet customer expectations.

Steve is currently the Security Director and SIRO responsible for Jisc’s response to the increasing cyber security threat, providing leadership for the development of the cyber security strategy and policy to ensure that an extensive programme of enhanced cyber security services and initiatives is maintained that protect the network and meets the needs of Jisc’s members and customers whilst maintaining a high level of cyber security across the Janet network and other Jisc services.