Programme @

ESRM uk

Enterprise Security & Risk Management

24 November 2021

Business Design Centre, London

Programme @ ESRM uk

Session one

building sustainability, expecting risk, preparing for disaster

  • Face up to today’s risk reality
  • Streamline your information sources
  • Become a better digital business leader
  • Where to start with your cyber security culture change
  • Redesign your IT organisational structure
  • Advance your threat and vulnerability management capabilities
  • Act on your insights: get closer to where data is created

09:00

Conference Chair's Opening Address

09:15

Facing up to today’s risk reality

Kancharla Manmadh, Head of Cyber Security, Pfizer

In today’s hyper-risk reality, a key business priority is the ability to anticipate new and emerging security threats, master disruptive technologies, and strengthen resilience.

No matter your organisational role, and no matter your area of expertise, from CISO’s, business continuity managers, heads of application security to forensics team leaders, we all need to become better at identifying, mitigating, and resolving security and risk factors.

In our opening address, we explore the extent to which today’s enterprises have the right people, processes, and technology in place to manage our hyper-risk reality world

09:35

Streamline your information sources

In a world of disruption, interruption, misinformation, and a number of competing sources of truth, many security and risk leaders are left struggling to harmonise, synchronise and make use of business-critical data.

An inability to effectively streamline your data sources leads to organisational silos, degraded processes, revenue depletion, and a lack of competitiveness.

We explore, what security and risk executives can do to improve the collection, allocation, and dissemination of data sources.

09:50

Become a better digital business leader

Arun Kumar, Director – Cyber Security Governance & Compliance, Unilever

Developing and translating the value of information security into a tangible objective which the wider business can interpret and relate to is vitally important.

By democratising comprehension of, and access to, the infosec ecosystem you will better articulate security and risk concerns, promote a risk-aware culture, resolve business and IT process-related issues, and drive your security programme strategy in accordance with the business appetite for security and risk.

We address:

  • Understanding your IT landscape
  • Aligning IT with corporate objectives
  • Address the business impact of IT risk
  • Identify where value is created
  • Measure your organisations risk appetite
  • Utilise risk mitigation tools
  • Become an adviser to the board

10:05

Where to start with your cyber security culture change?

Related to becoming a better communicator is the need to infuse a cross-business appreciation and understanding of some of the most common types of attacks.

Whilst approaches to training non-IT staff have advanced towards more real-life, war-game style, methods of instruction, many businesses still rely on outdated do’s and don’ts rather than address the fundamentals behind successful phishing attacks.

We will explore how to:

  • Understand why some links are so clickable
  • Engage partners and employees with empathy
  • Discover the neurological insights into habits and behaviours
  • Deploy the use of positive reinforcement to encourage behaviour change

10:20

Redesign your IT organisational structure

Geethy Panicker, Head of Enterprise Risk, HSBC

An organisational re-design represents a critical opportunity to ensure IT is better aligned with the strategic direction of an organisation.

Despite the obvious value in implementing structural changes, the many choices on offer have inadvertently developed a crowded market in which the competing approaches and differing priorities have made the task of implementing a best-fit design extremely complex and difficult to navigate.

Added to this complexity is the pressure of competitors and new and emerging technology which many struggles to integrate into existing and soon-to-be business processes.

We address:

  • Structure is not just your organisational chart
  • Balance adaptability and stability
  • Change in practice, not just in theory

10:35

Question to the panel of Speakers

10:50

Networking Break

11:30

Advance your threat and vulnerability management capabilities

Roy Samson, Senior Risk Manager and Lead Architect Product Security, ASML

Deciding what constitutes a clear and present danger to enterprise defences, and prioritising according to the degree of risk, is a real-life decision that needs to be made by security and IT teams on a daily basis.

Of course, remediating all vulnerabilities on a typical enterprise network is impossible, but you can at least react as the situation demands.

We look at, leveraging machine learning and related AI technologies at scale with contextual prioritisation and the role it plays in building a comprehensive risk score for each vulnerability.

11:45

Act on your insights: get closer to where data is created

The growing prominence of edge computing with 5G has the potential to positively impact across economies and industries by bringing computation and storage closer to where data is generated. The value this provides business users can be witnessed in advanced data control, significantly reduced costs, quicker insight-action, and operational capacity.

Join us as we explore how your business can better manage scalability, variability, and rate of change in edge environments in order to provide you with the data usability you need.

12:00

Questions to the Panel of Speakers

12:15

Seminar Sessions

13:00

Networking Lunch Served in the Exhibition Area

Session two

gaining technical insights, identifying best practice, securing your architecture and infrastructure

  • Maintain business continuity in times of disruption
  • Build resilience in your supply chains
  • Whose device is it anyway? Protect your network devices
  • Defend the enterprise: harmonising the security aspects of AI
  • Improve your response times
  • How to master third-party risk

14:00

Conference Chair’s Afternoon Address

14:05

Maintain business continuity in times of disruption

The necessity of remote working brought about by the pandemic has raised a number of issues from a security and risk perspective.

Whilst today’s highly digitised IT environment has enabled a significantly digitalised workforce to migrate to home working, mobile working and remote systems access has widened existing vulnerabilities and created new risks that need to be managed.

We address, how to establish risk-based policies and procedures that are able to support your remote workforce and defend the integrity of enterprise security capabilities.

14:20

Build resilience in your supply chains

The evolution of supply chains from the local to the global has inevitably added to a more complex business ecosystem. Added to this complexity is the uncertain times in which individuals and businesses find themselves.

With fragmented workforces, disrupted third party relationships, declining customers, and diminishing revenues, the risks to business viability is clear.

We explore, how to manage and mitigate increasing risks, balance cost pressures, improve efficiency, and prepare for supply chain failures.

14:35

Whose device is it anyway? Protect your network devices

One of the primary ways by which hostile actors look to exploit the enterprise network is through the exploitation of devices which business users rely on. Coupled with this is the growing concern of IoT connectivity vulnerability, as well as the multitude of unsecured devices which the typical employee uses on a daily basis.

We address:

  • How to best mitigate malicious cyber activity
  • Defend enterprise network infrastructure devices
  • Understand the scope of the threat
  • Drive effective organisational risk mitigation

14:50

Questions to the Panel of Speakers

15:00

Afternoon Networking and Refreshments served in the Exhibition Area

15:30

Defend the enterprise: harmonising the security aspects of AI

Many security and risk practitioners, as well as business leaders more broadly, view AI as a technology which is utilised in order to drive business opportunities rather than as a key part of enterprise defences.

As AI-powered malware provides cyber attackers with the means by which to not only increase the severity of attacks but to also increase success rates, organisations are having to deploy defensive cyber AI to identify and neutralise new and emerging hostile activity.

We address, the speed at which offensive AI is evolving, the primary techniques deployed, and the role that defensive AI plays in delivering automated response capabilities.

15:45

Improve your response times

Reducing the time in which it takes to react, reduce, and resolve a security incident limits business-wide exposure, protects sensitive data, defends the privacy of your employees, and maintains the integrity of business-consumer trust.

Preserving brand reputation in the age of hyper-competitiveness means having an advanced insight into an emerging threat and using that knowledge to inform the next course of action before events overwhelm organisational capabilities.

We will look at:

  • The window of opportunity from incident to resolution
  • How to act from initial indication to peak crisis
  • Real-time monitoring as your clear line of sight
  • Deliver on the need for operational excellence no matter the impact
  • Use data-driven foresight to your advantage

16:00

How to master third party risk

The flexibility and fluidity of today’s enterprise environment have meant that what constitutes an employee has become less obvious.

With the number of third party actors set to continue on an upward trend as more and more businesses onboard contractors, agents, and consultants, the task of ensuring the integrity and authenticity of each and everyone one of them has made the deployment of an automated IAM system a vital tool to combat the error-ridden inefficiencies of manual processing.

We address:

  • Improve employee processes and customer experience
  • Adopt a governance-based approach to identity management
  • Realise significant cost savings in onboarding and offboarding
  • Scale third party capacity and IAM capabilities
  • Secure enterprise activity from false-positive authentication and verification

16:15

Questions to the Panel of Speakers

16:25

Closing Remarks from the Conference Chair

16:30

Conference Closes

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

UK Paradise for Scammers
A Top executive for NatWest bank has expressed his views that the UK currently is the ultimate paradise for scammers, as well as warnings concerning crypto-currency related fraud. Market Leaders Not in a Good Sense With the UK currently deemed as the worst market for scams, a concerted effort has been called for across governments,...
Fertility Clinic Patients Hit by Ransomware Egg
Ransomware attacks have been seen to hit a wide variety of industries and sectors over the past year, with the healthcare sector being a prime cause for concern and target. A Healthy Target Considered among the chief containers for personal and sensitive information that can be stolen in various cybercrime attacks, every sector of the...
Facebook Shares Your Views, But Their Breach Shared Even More
Facebook may be the ultimate place to connect, talk and share memories with friends and family, but you believe you have the control over who exactly sees what when it comes to your profile. Unfortunately, the place where we like to control what people know about us has suffered one of the all-time biggest data...