Programme @


Enterprise Security & Risk Management

24 November 2021

Business Design Centre, London

Programme @ ESRM uk

Session one

building sustainability, expecting risk, preparing for disaster

  • Face up to today’s risk reality
  • Streamline your information sources
  • Become a better digital business leader
  • Where to start with your cyber security culture change
  • Redesign your IT organisational structure
  • Advance your threat and vulnerability management capabilities
  • Act on your insights: get closer to where data is created


Conference Chair's Opening Address


Facing up to today’s risk reality

Stephen Owen
CISO, Esure
view profile

In today’s hyper-risk reality, a key business priority is the ability to anticipate new and emerging security threats, master disruptive technologies, and strengthen resilience.

No matter your organisational role, and no matter your area of expertise, from CISO’s, business continuity managers, heads of application security to forensics team leaders, we all need to become better at identifying, mitigating, and resolving security and risk factors.

In our opening address, we explore the extent to which today’s enterprises have the right people, processes, and technology in place to manage our hyper-risk reality world


Streamline your information sources

In a world of disruption, interruption, misinformation, and a number of competing sources of truth, many security and risk leaders are left struggling to harmonise, synchronise and make use of business-critical data.

An inability to effectively streamline your data sources leads to organisational silos, degraded processes, revenue depletion, and a lack of competitiveness.

We explore, what security and risk executives can do to improve the collection, allocation, and dissemination of data sources.


Become a better digital business leader

Developing and translating the value of information security into a tangible objective which the wider business can interpret and relate to is vitally important.

By democratising comprehension of, and access to, the infosec ecosystem you will better articulate security and risk concerns, promote a risk-aware culture, resolve business and IT process-related issues, and drive your security programme strategy in accordance with the business appetite for security and risk.

We address:

  • Understanding your IT landscape
  • Aligning IT with corporate objectives
  • Address the business impact of IT risk
  • Identify where value is created
  • Measure your organisations risk appetite
  • Utilise risk mitigation tools
  • Become an adviser to the board


Where to start with your cyber security culture change?

Related to becoming a better communicator is the need to infuse a cross-business appreciation and understanding of some of the most common types of attacks.

Whilst approaches to training non-IT staff have advanced towards more real-life, war-game style, methods of instruction, many businesses still rely on outdated do’s and don’ts rather than address the fundamentals behind successful phishing attacks.

We will explore how to:

  • Understand why some links are so clickable
  • Engage partners and employees with empathy
  • Discover the neurological insights into habits and behaviours
  • Deploy the use of positive reinforcement to encourage behaviour change


Redesign your IT organisational structure

An organisational re-design represents a critical opportunity to ensure IT is better aligned with the strategic direction of an organisation.

Despite the obvious value in implementing structural changes, the many choices on offer has inadvertently developed a crowded market in which the competing approaches and differing priorities have made the task of implementing a best-fit design extremely complex and difficult to navigate.

Added to this complexity is the pressure of competitors and new and emerging technology which many struggle to integrate into existing and soon-to-be business processes.

We address:

  • Structure is not just your organisational chart
  • Balance adaptability and stability
  • Change in practice, not just in theory


Question to the panel of Speakers


Refreshment Break Served in the Exhibition Area


Advance your threat and vulnerability management capabilities

Deciding what constitutes a clear and present danger to enterprise defences, and prioritising according to the degree of risk, is a real-life decision which needs to be made by security and IT teams on a daily basis.

Of course, remediating all vulnerabilities on a typical enterprise network is impossible, but you can at least react as the situation demands.

We look at, leveraging machine learning and related AI technologies at scale with contextual prioritisation and the role it plays in building a comprehensive risk score for each vulnerability.


Act on your insights: get closer to where data is created

The growing prominence of edge computing with 5G has the potential to positively impact across economies and industries by bringing computation and storage closer to where data is generated. The value this provides business users can be witnessed in advanced data control, significantly reduced costs, quicker insight-action, and operational capacity.

Join us as we explore how your business can better manage scalability, variability, and rate of change in edge environments in order to provide you with the data usability you need.


Questions to the Panel of Speakers and Delegates move to the Seminar Rooms


Seminar Sessions


Networking Lunch Served in the Exhibition Area

Session two

gaining technical insights, identifying best practice, securing your architecture and infrastructure

  • Maintain business continuity in times of disruption
  • Build resilience in your supply chains
  • Whose device is it anyway? Protect your network devices
  • Defend the enterprise: harmonising the security aspects of AI
  • Improve your response times
  • How to master third-party risk


Conference Chair’s Afternoon Address


Maintain business continuity in times of disruption

The necessity of remote working brought about by the pandemic has raised a number of issues from a security and risk perspective.

Whilst today’s highly digitised IT environment has enabled a significantly digitalised workforce to migrate to home working, mobile working and remote systems access has widened existing vulnerabilities and created new risks that need to be managed.

We address, how to establish risk-based policies and procedures that are able to support your remote workforce and defend the integrity of enterprise security capabilities.


Build resilience in your supply chains

The evolution of supply chains from the local to the global has inevitably added to a more complex business ecosystem. Added to this complexity is the uncertain times in which individuals and businesses find themselves.

With fragmented workforces, disrupted third party relationships, declining customers, and diminishing revenues, the risks to business viability is clear.

We explore, how to manage and mitigate increasing risks, balance cost pressures, improve efficiency, and prepare for supply chain failures.


Whose device is it anyway? Protect your network devices

One of the primary ways by which hostile actors look to exploit the enterprise network is through the exploitation of devices which business users rely on. Coupled with this is the growing concern of IoT connectivity vulnerability, as well as the multitude of unsecured devices which the typical employee uses on a daily basis.

We address:

  • How to best mitigate malicious cyber activity
  • Defend enterprise network infrastructure devices
  • Understand the scope of the threat
  • Drive effective organisational risk mitigation


Questions to the Panel of Speakers


Afternoon Networking and Refreshments served in the Exhibition Area


Defend the enterprise: harmonising the security aspects of AI

Many security and risk practitioners, as well as business leaders more broadly, view AI as a technology which is utilised in order to drive business opportunities rather than as a key part of enterprise defences.

As AI-powered malware provides cyber attackers with the means by which to not only increase the severity of attacks but to also increase success rates, organisations are having to deploy defensive cyber AI to identify and neutralise new and emerging hostile activity.

We address, the speed at which offensive AI is evolving, the primary techniques deployed, and the role that defensive AI plays in delivering automated response capabilities.


Improve your response times

Reducing the time in which it takes to react, reduce, and resolve a security incident limits business-wide exposure, protects sensitive data, defends the privacy of your employees, and maintains the integrity of business-consumer trust.

Preserving brand reputation in the age of hyper-competitiveness means having an advanced insight into an emerging threat and using that knowledge to inform the next course of action before events overwhelm organisational capabilities.

We will look at:

  • The window of opportunity from incident to resolution
  • How to act from initial indication to peak crisis
  • Real-time monitoring as your clear line of sight
  • Deliver on the need for operational excellence no matter the impact
  • Use data-driven foresight to your advantage


How to master third party risk

The flexibility and fluidity of today’s enterprise environment have meant that what constitutes an employee has become less obvious.

With the number of third party actors set to continue on an upward trend as more and more businesses onboard contractors, agents, and consultants, the task of ensuring the integrity and authenticity of each and everyone one of them has made the deployment of an automated IAM system a vital tool to combat the error-ridden inefficiencies of manual processing.

We address:

  • Improve employee processes and customer experience
  • Adopt a governance-based approach to identity management
  • Realise significant cost savings in onboarding and offboarding
  • Scale third party capacity and IAM capabilities
  • Secure enterprise activity from false-positive authentication and verification


Questions to the Panel of Speakers


Closing Remarks from the Conference Chair


Conference Closes

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

The Enterprise Security Threat of Mobile Devices
In the rush to ensure workforces could successfully operate remotely during the pandemic, businesses left themselves in one of the biggest vulnerable positions possible when it came to cybercriminals. Remote Working Problem Whilst businesses sighed a breath of relief in being able to quickly push their remote working plan into effect, it came at the...
MobiKwik Denial on Data Breach, Security Researchers Provide Proof
Digital payments firm MobiKwik has been quick to deny certain claims by security researchers who flagged that a substantial amount of consumer data was made available on the dark web due to a system breach. Shortly after the denial by the company which is currently planning for an initial public offering, a swathe of security...
Make sure the doors are locked before trying to profile the burglar
For years we have been searching for a miracle cure for the common cold. Bizarrely, during 2020 almost no one had a cold, because of COVID we have all stayed away from each other, caught sneezes, worn masks and washed our hands. We have eaten better (some people have anyway), we have exercised more, in...