ESRM

Enterprise Security & Risk Management

27 November 2019

Victoria Park Plaza

SOCIAL


LATEST TWEETS

SPEAKERS

speaker-image
Sarb Sembhi

Former President, ISACA London

Sarb Sembhi has been the Chair of the ISACA GRA Committee and a member of the ISACA Relations Board. Sarb began his career in the public sector as a Project Manager and has more than 30 years of project management and consultancy experience.

He has gained this experience providing services to companies including the BBC, Travis Perkins, BP, Network Rail. Sarb is a regular speaker at Information Security Conferences around the world, including the CxO Dialogue, Gartner Summits, InfoSec Europe, RSA Europe, HITB, BCS, ISACA, IPSec, IFSEC, Security Directors Forum.

He is also a member of the Defence and Security Committee and the Cyber Security Working Group at the London Chamber of Commerce & Industry, Infosecurity Magazine Editorial Board, and The Institute of Engineering and Technology, The Institute of Risk Management, The Chartered Insurance Institute, and was an individual member of the Parliamentary IT Committee.

speaker-image
Greg van der Gaast

Head of Information Security, University of Salford

Greg has over two decades of technical and management experience in Information Security, starting as one of the most notorious hackers of the late 1990s. A frequent speaker about bringing visibility, care, and accountability to the Information Security profession, he is an expert in building efficient InfoSec organisations and programmes by enabling leadership, addressing root causes, and harnessing human potential.

He is currently the Head of Information Security at the University of Salford where he will also be lecturing on practical information security management in the coming year.

He also has his own consultancy, CMCG, to help others deliver effective and accountable information assurance.

speaker-image
Omer Maroof

Head of IT Risk, Euroclear – UK & Ireland

Omer started his career in IT risk consulting at KPMG in the year 2000 where he was involved in several world-class business continuity, security and governance engagements with a particular focus on banking, telco and oil & gas sectors.  From KPMG he moved to EY to focus on IT SOX attestation and advisory work.  Since then Omer has focussed entirely on the financial services sector across the insurance, wealth management, funds and post-trade segments.  At Aberdeen Standard Investments he headed up the IT audit team and was instrumental in developing the IT & change audit and data analytics team within the Internal Audit function.  Earlier this year, he moved to Euroclear UK & Ireland to build the IT Risk capability in the second line Risk Management function with a particular focus on cyber, resilience, outsourcing and the regulatory agenda on the back of the Central Securities Depositories Regulation (CSDR).  Omer has a degree in Systems Engineering & Management and a postgraduate diploma in Information Systems from the University of Leeds.  He holds the Certified in Risk & Information Systems Control (CRISC), Certified Information Systems Auditor (CISA) and Certified ScrumMaster (CSM) certifications.

speaker-image
Francesco Cipollone

Director of Events, Cloud Security Alliance UK; Head of Security Architecture & Strategy, HSBC Global Banking and Markets

I’m Francesco, a Chief Information Security Officer (CISO) and cybersecurity advisor who specialises in strategy and cloud security. Fuelled by passion, curiosity and dissatisfaction for the status quo, I believe in protecting identities in cyberspace and creating a safer, more connected world for future generations.

I’m currently helping ELEXON and HSBC build their cybersecurity practices.

In my spare time, I love to give back to the cybersecurity community. As part of that, I am Director of Events for the Cloud Security Alliance UK and an active member of ISC2. I’ve launched the #MentoringMonday community together with the support of Jane Frankland and Tanya Janca. The mentorship community is inclusive with a focus on empowering women in cybersecurity.

speaker-image
Michael Macpherson

Lead Information Security Architect, ClearBank

 

 

speaker-image
Ian McKay

CIO, Brookson Group

 

 

Previous Speakers

speaker-image
Helen Hosein

Customer Engineer, Google

Helen Hosein is a Customer Engineer for Chrome Browser, and has worked with several large customers to help them uphold best practice and compliance by making use of Chrome’s management capabilities. Helen is considered an expert on Chrome Browser security both within Google and externally.

speaker-image
Chris Rivinus

Head of IT Finance, Tullow Oil

Chris has over 20 years of experience in Information Technology, Innovation Management and Project Management working across the civil engineering and energy sectors. He holds degrees in Cultural Anthropology, Business Administration and International Business Transactions as well as certifications in Industrial Control System Security Management. His articles on information management and business strategy have been published in research forums, textbooks and mainstream business publications including CIO Magazine, Business Information Review and Knowledge Management Review.

speaker-image
Sam Lee

Head of Operational Risk, EMEA at Sumitomo Mitsui Banking Corporation

Sam Lee is Head of Operational Risk, EMEA for SMBC. He has previously been head of operational risk at RBS, Barclays Wealth and Credit Suisse Private Banking and has ridden a number of the industry’s challenges. Sam started his career training as a chartered accountant and left the profession immediately after qualifying and entered the world of investment banking as an internal auditor before moving to operational risk and initially setting up the operational risk framework and department for CSPB – He has stayed with Operational Risk ever since and has been focused on the embedding and transformational aspects of Operational Risk.

speaker-image
Andy Boura

Senior Information Security Architect, Thomson Reuters

Andy Boura has a passion for technology, science, and business. He brings technical depth of knowledge together with broad development process, business, and management experience. This allows him to take a holistic strategic view of technology, information security, and risk management. He advises on enterprise and technical security architecture of internally developed and third-party applications; and contributes to technical strategy, policies, and standards.

Thomson Reuters has over 50,000 employees in over 100 countries and is trusted by many of the biggest organisations in the world to provide business critical services and deliver accurate and timely information to professionals. As such, information security is critical in almost everything Thomson Reuters does.

speaker-image
Randi Roisli

IT Technical Security Lead, Shell International

An information risk management professional with 20 years’ of experience from the oil and gas industry, Randi was born in The Netherlands, gained engineering degrees in the UK and USA before embarking on an IT security career. Over the years, her roles and responsibilities have spanned technical security to governance and assurance, and she is currently working in the Joint Venture IT area.

speaker-image
David Wood

Information Security Manager, Kennedys

David Wood has over 14 years’ experience in information security, from access control with Halifax Card Services, to non-compliance management with Lloyds Banking Group. He has worked for Kennedys for over 3 years, overseeing the ISO 27001 certification programme, and general Information Security management.

speaker-image
David Robinson MBE

Head of Global IT Security, Herbert Smith Freehills LLP

David Robinson MBE is the Head of Global IT Security for Herbert Smith Freehills, one of the world’s leading law firms, who advise many of the biggest and most ambitious organisations across all major regions of the globe. David leads the delivery and strategy for IT security services across the firm in a flexible and responsive approach to the business. He has a wealth of experience gained from 22 years as a communications and electronics engineer with the RAF where he worked in numerous sectors including aircraft simulation, Radar, data handling & processing networks, training, procurement and information security; his military career was followed by a little over 13 years in senior security roles in the private sector with both C&W and Fujitsu where latterly he held various posts including company CSO.

speaker-image
Jonathan Gill

Chief Information Officer, Watchfinder & Co.

Jonathan Gill has spent the last twenty years working in the IT sector, specialising in complex IT systems for the education, health, engineering, accountancy and retail industries. His experience with web front-end systems dates back to 1999, but his core focus is on developing bespoke information management systems. His most recent work has been for Watchfinder & Co., a Sunday Times Virgin Fast Track Hot 100 ‘Ones to Watch’ company, building the company’s entire IT infrastructure to support rapid growth and maintain a stock roster of well over 4,000 high-value luxury items across multiple locations whilst catering to 1 million website visitors each month.

speaker-image
Algy Booker

Group Head of Information Security, RSA Insurance Group

Algy has worked for RSA for over 30 years in a variety of technology-oriented roles. He has been working in Information Security for over 10 years, developing capability from an initial basic IT Security focus into a wider Information Security framework aligned with Enterprise Risk Management practises.

speaker-image
Mohsin Choudhury

UK Head of Information Security for Bank of Ireland (1st Line)

Mohsin has over 20 years of experience in Information Security from diverse sectors including Investment Banking, Defence & National Security, Central Government, Big 4 Audit Firms, Nuclear and Global Health Organisations. He is responsible for all areas of Information Security from defining security requirements for new digital programmes, advising businesses of their Cyber Risks, Technical Cyber Risk Assessment and Financial Regulatory needs.

During his career, Mohsin has worked on the Security of Satellite Communication Systems, producing key management and encryption systems, helping and advising Global Investment Bank’s with their Information Security maturity and managing large scale security of transformational programmes . He is highly technical and understands business needs.

Mohsin holds CISM and CISSP Certifications and has two Master Degrees, MSc in Defence Communications and MSc in Nuclear Science.

Title: No one is safe – Cyber Crime and the Threat Landscape

Cyber Criminals pose significant threats to individuals, organisations and nation states with devastating consequences.

The speaker will highlight the motives, means and opportunities of  Cyber Criminals  and the impact they are having on our society. He will show the changing threat landscape and why your business will be a target for Cyber Criminals. This session will cover identity theft, financial fraud, ransomware, organised crime and conclude with best ways to protect your business from Cyber Criminals.

Linked in profile

speaker-image
Matthew Kay

Group Data Protection Officer, Balfour Beatty

Matthew holds a Masters in Information Rights Law and Practice and the BCS certificate in Data Protection. He is experienced in case handling and advising organisations on information compliance across a variety of sectors.

Matthew currently heads the Data Protection function for Balfour Beatty(c.40000 employees) overseeing the 6 Data Protection Officers across the strategic business units that the organisation operates to achieve compliance with the General Data Protection Regulation(GDPR) as well as the Data Protection Act 2018.

In addition to his core work he is also a member of the Data Protection Network(https://www.dpnetwork. org.uk) and a regular speaker at numerous external events on GDPR to help assist other organisations with compliance and share best practice.

He previously worked for the London Borough of Hounslow where he was organisational lead for GDPR implementation(c.2000 employees) as well as being a key member of the Information Governance Network for London.

Prior to this work Matthew worked in the audit department at the Information Commissioner’s Office (ICO) helping organisations improve their privacy practices to reduce risk. He provided expert advice to local government, criminal justice and health organisations through on-site audits which were followed up with listed recommendations. Matthew also worked as part of a network of trainers delivering internal training to all levels within ICO.

His diverse work experience has exposed him to Information risks facing the Financial, Higher Education, Property and Transport, Emergency and Legal sectors.