Programme @

ESRM Virtual UK

Enterprise Security & Risk Management

23 March 2021

Brought to you by Whitehall Media

Programme @ ESRM Virtual UK

Session one

building sustainability, expecting risk, preparing for disaster

  • CISO focus: protecting the enterprise
  • Sustainable business models: the age of Covid 19
  • Maintaining business continuity: surviving the storm
  • How to manage a crisis: disaster-recovery-as-a-service
  • Global disruption: mastering risk mitigation
  • SAM practitioners: Next-Gen asset management
  • Third-party risk: best-practice TPM management


Conference Chair's Opening Address


CISO focus: rethinking security and risk management

As we embark on a new decade, perhaps now is the time to reassess our approach to enterprise security. To do so we must review our current security structures, assess potential threats, and strengthen our relationship with the board.

By taking a fresh look at how we manage security, we can identify business relevant objectives and develop flexible approaches that avoid current limitations. This then provides you with the time and space to focus on your talent strategy, adopt a renewed mindset and nurture a clear view of enterprise risk and emerging trends.


Sustainable business strategy: building back better

A sustainable business strategy is one which encompasses the global economic climate, the industry specific financial landscape, and the social and cultural factors which are relevant to your organisation.

By catering to each of these key elements, businesses are able to successfully grow in a stable and manageable way.

By improving the process by which you plan out your activities you will be better able to create long term value for the company, its shareholders, and customers.

We address:

  • Identifying the appropriate model for your business
  • Restructuring where required
  • Understanding the organisational challenges
  • Securing employee buy-in
  • Mapping out your intended outcomes
  • Marking against milestones
  • Measuring against expected and unexpected disruption



Andy Giles
Head of Security GRC & Centre of Excellence, Nationwide Building Society
view profile

Andy Giles, Head of Security GRC & Centre of Excellence, Nationwide Building Society

This presentation will attempt to provide a summary of how current and near-term events are shaping the future of technology adoption, the application of cybersecurity in a rapidly evolving global innovation market, against a backdrop of global and environmental uncertainties that are causing organisations to consider physical and pollical developments when applying cybersecurity strategies.

Specific sections:

  • The impact of cloud on threat innovation vs the security industry’s skills uplift progress – are we moving fast enough in UK Plc?
  • The march of automation, AI and ML – what the security industry can do get ahead of the global technical race
  • The need for closer collaboration in a post-Brexit world, increasing offensive cyber activity and geopolitical impacts on UK Plc cyber exposure


Crisis management: disaster recovery as a service

With the right platform, you can maintain business continuity and minimise data loss while saving valuable budget and time. When a major disruption occurs, with disaster recovery as a service, you can activate failover in an instant and recover critical data to get your operations back online with the hour, reduce data loss with the automatic replication of virtual machine data, and achieve real cost versus usage benefit compared to traditional disaster recovery services.

We address:

  • Faster response times
  • Minimise IT hassle
  • Optimise site separation
  • Make it yours


Global disruption: mastering risk mitigation

In an age of ever-increasing complexity, in which the global quickly becomes the local, business leaders are having to pay greater attention to risks which threaten their fortunes and create the potential for catastrophic disruption. Prioritization of risk into manageable, accessible, and solvable issues is no easy task, with many organisations falling into the trap of creating silos rather than maintaining a business wide approach.

We address:

  • Protecting sources of value creation
  • Realising game changing moves for your organisation
  • Innovation through disruption
  • The role of emerging technologies
  • Business model transformation
  • Adapting to ecosystem changes
  • Organisational success through strategic decision making


Question to the panel of Speakers


Refreshment Break Served in the Exhibition Area


Effective asset management: Next-Generation SAM

Businesses invest significantly in enterprise software. Despite this investment, many SAM practitioners still find themselves having to manage time-consuming, inaccurate, and unreliable manual processes which are hosted on spreadsheets or out of date SAM tools. This leaves the possibility of optimisation a distant dream due to the lack of visibility.

We address why existing SAM approaches do not work, the benefits of a single system of action, how to establish a SAM strategy and how to get started


Best practices to improve your TPM programme

Each third-party relationship brings with it a number of risks that need to be identified at the time. These risks are often multi-dimensional as they extend across suppliers, vendors, contractors, service providers, and other parties, and can have an impact on different levels of the organisation such as product lines, business units, and geographies.

We address:

  • Comprehensively identifying third-party risks
  • An analysis of the specific drivers that increase third-party risk.
  • Focus strongly on contracts that govern third-party relationships
  • Frame policies, and implement controls to mitigate third-party risks


Questions to the Panel of Speakers and Delegates move to the Seminar Rooms


Seminar Sessions


Networking Lunch Served in the Exhibition Area

Session two

gaining technical insights, identifying best practice, securing your architecture and infrastructure

  • dealing with a breach: war games
  • advanced analytics in architecture: adding layers
  • mapping your internal vulnerabilities: behavioural analytics
  • cloud security: building trust in the cloud
  • safeguarding digital business initiatives: ML&AI
  • digital trust and safety: consumer-business interactions


Conference Chair’s Afternoon Address


Wargaming your response: dealing with a breach

It is the call every security team dreads-than an attacker has seriously compromised your organisation and gained widespread access to sensitive data. But how prepared are you for this eventual scenario?

This presentation looks at how you can develop a key playbook for responding to serious incidents and implement within your organisation.


Added layers to your architecture: advanced analytics

Being able to accurately identify and prioritise security threats and threats that affect the enterprise is vital. Equally important is the ability to respond at speed and scale no matter the size and scope of the challenge.

We address:

  • Visibility into data whether on site or in the cloud
  • Automate intelligence with AI threat and incident detection
  • Create an ecosystem of continuous improvement through detection of vulnerabilities and malware


Behavioural analytics: mapping your internal vulnerabilities

By successfully leveraging behaviour analytics, businesses can better map their internal vulnerabilities and act accordingly once a real entity risk has been identified.

We address, how you can identify users exhibiting risky behaviour, prevent bad actors from accessing critical assets and analyse communications-based data sources for potential code of conduct breaches.


Questions to the Panel of Speakers


Afternoon Networking and Refreshments served in the Exhibition Area


Cloud security: putting your trust in the cloud

With the expansion of remote working now part of the new normal, the value of a reliable, secure, and dynamic cloud platform is more important than ever.

Added to this new trend is the growing abandonment of the historical approach to security which placed an emphasis on building walls in favour of the worker as your first line of defence in an increasingly virtualised setting.

We address:

  • Convergence as a key feature
  • Security-as-a-service
  • Flexible, hybrid deployment
  • Data on a global scale
  • Securing your users, no matter the time or place


Protecting digital business initiatives: ML&AI

As enterprise usage of AI and ML automation and augmentation continues to expand across a wide range of use cases, so too does the need to develop alongside it the in house expertise to address the key challenges which come with effective management of the technology.

We address, how you can protect AI-enabled digital business systems, successfully leverage AI with bespoke security products and defend against hostile attackers deploying the use of AI.


Digital trust and safety: consumer-brand interactions

Arno Van Sloun
Lead Data Scientist, ARAG
view profile

Today’s business-consumer relationship is dynamic, varied, and multi-dimensional with a wide variety of established contact points, from twitter to the high street. Of paramount importance to the business is how secure each and every customer feels when engaging with the company, whatever the platform. Trust lost is also business lost and revenue not generated.

We address:

  • Moving away from discreet group management
  • Moving towards cross-functional trust
  • Safety teams overseeing all interactions
  • Ensuring a standard level of safety across each space
  • Supporting consumer-business interaction


Questions to the Panel of Speakers


Closing Remarks from the Conference Chair


Conference Closes

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

What is an Insider Threat? Definition and Examples
BY: JEFF PETTERS UPDATED: 9/22/2020 An insider threat is a security risk that originates within the targeted organization. This doesn’t mean that the actor must be a current employee or officer in the organization. They could be a consultant, former employee, business partner, or board member. 34% of data breaches in the 2019 Verizon Data Breach...
How Honeypots Unmask Hackers & Scammers Online
BY: KODY KINZIE UPDATED: 3/29/2020 A honeypot is a tool that acts as bait, luring an attacker into revealing themselves by presenting a seemingly tempting target. While advanced honeypots are designed to make it easier to detect and study the kinds of attacks hackers use in the wild, modern honeypots based on tracking URL’s have evolved...
What is an IT Security Audit? The Basics
BY: JEFF PETTERS UPDATED: 3/29/2020 A security audit is the high-level description of the many ways organizations can test and assess their overall security posture, including cybersecurity. You might employ more than one type of security audit to achieve your desired results and meet your business objectives. In this blog, we will go over the benefits...