3 September 2014 | One Great George Street, London
08:30 - 09:00Registration & networking
09:00 - 09:10Chair’s opening remarks
Maija Palmer, Social Media Journalist, Financial Times
09:10 - 09:40Opening keynote address: The new realities of cyber crime
James Quinault, Director, Office of Cyber Security and Information Assurance (OCSIA), Cabinet Office, UK Government
Moderator: Maija Palmer, Social Media Journalist, Financial Times

Cyber security is a global concern as society becomes increasingly reliant on technology. Governments, businesses and citizens will become more vulnerable to cyber attacks unless robust mechanisms are put in place to protect against the threats.

  • What are the main cyber threats – to national security, government services, critical infrastructure, business and citizens – and who are the perpetrators?
  • Quantifying the cost: how much damage is being caused in cyberspace?
  • What will be the main cyber security threats in the future?
  • Finding solutions: how do you create an effective cyber security strategy? 
  • 09:40 - 10:30Panel discussion: Re-examining government cyber agendas
    Jakub Boratyński, Head of Unit, Trust and Security, DG CONNECT, European Commission.
    Karsten Geier, Head of International Cyber Policy Coordination Staff, Federal Foreign Office, German Government
    Paola Albrito, Head, Regional Office for Europe, United Nations Office for Disaster Risk Reduction (UNISDR)
    John Lyons, CEO, International Cyber Security Protection Alliance
    Moderator: Sam Jones, Defence and Security Editor, Financial Times

  • What are the exact responsibilities of governments in creating a secure and resilient cyberspace for all?
  • How are national and international security policies and standards changing to meet cyber challenges? Eg. the EU’s Cyber Security Strategy, the UK’s Cyber Security Programme, and the US’s NIST and Department of Homeland Security’s initiatives.
  • Which threats are being given the highest priority?
  • Expecting the worst, and getting over it… what are the ingredients of an effective cyber disaster prevention and recovery plan?  Are there any lessons to be learnt from natural disasters?
  • Public-private partnerships: how are governments engaging with businesses and citizens to tackle the problem together?
  • Data protection: striking the right balance between a citizen’s right to privacy and the authorities’ right to access their data. In what circumstances are government agencies legally entitled to access personal and corporate data, when might legal access be regarded as immoral, and when might it become illegal? What safeguards are needed to prevent the cyber policeman becoming the cyber criminal?

  • 10:30 - 10:55Networking refreshment break
    10:55 - 11:10Presentation: Protect, reassure, recover – putting your customer first, from fraud prevention to breach resolution
    Amir Goshtai, Managing Director, Affinity (Identity & Data Breach Resolution), Experian
    Moderator: Hannah Kuchler, San Francisco Correspondent, Financial Times
  • Proliferation of mobile device use is one of the many factors contributing to the rise in cyber fraud.
  • The threat to consumers: more fraud than ever is being intercepted but many consumers are still lacking even the basics of line identity protection.
  • The impact on businesses: corporate account takeover is one of many issues facing businesses, yet many fraud prevention technologies cannot cope.
  • To protect themselves and their customers, organisations must have a multi-layered anti-fraud strategy in place, starting with pre-transaction customer verification through to customer protection,reassurance and recovery if and when a data breach or fraud occurs.
  • 11:10 - 11:55Panel discussion: Making businesses more secure and resilient
    Peter Gibbons, Professional Head, Cyber Security, Network Rail
    Graham Wright, Chief Information Security Officer and Global Head of Digital Risk, National Grid
    Annemarie Zielstra, Director International Relations Cyber Resilience, TNO (Netherlands Organisation for Applied Scientific Research)
    Jane Jenkins, Partner, Freshfields
    Moderator: Hannah Kuchler, San Francisco Correspondent, Financial Times

    Critical infrastructure industries such as energy, financial services, transport, telecommunications, water and healthcare are particularly vulnerable to cyber attack, as are other sectors like retail and media.

  • How has cyber crime harmed businesses – in terms of financial loss, reputational damage and reduced share values – and the wider economy?
  • What are the potential liabilities to customers and shareholders affected by cyber attacks, data loss and failure to comply with regulations?
  • What are the key learnings from recent attacks on businesses, in terms of the weaknesses exposed and the counter-measures proposed?
  • How are businesses addressing the cyber threat and why is buy-in from board members so critical?
  • Why must cyber security capabilities be integrated into overall business strategies?
  • How can businesses fill the skills shortage to be able to deal with sophisticated cyber criminals?

  • 11:55 - 12:05Panel framing presentation: Winning the support of the board and executive management
    Alpesh Patel, UK & Ireland Cyber Lead, EY
    12:05 - 12:50Panel discussion: Winning the support of the board and executive management
    Rocco Mammoliti, Chief Information Security Officer, Poste Italiane; Director General, Global Cyber Security Center
    David Grant, Operational Risk & Financial Crime Director, Lloyds Banking Group
    Richard Knowlton, Member of the Board of Directors, Internet Security Alliance; Group Corporate Security Director, Vodafone
    Mark Jones, CISO and Director IT Compliance and Governance, Heathrow Airport Holdings
    Steve Holt, Partner, Head of EMEIA Financial Services Information Security Practice, EY
    Moderator: Maija Palmer, Social Media Journalist, Financial Times

    The board and executive management of a business should take full responsibility for protecting it from cyber attack. But in all too many companies – even the largest – information and communications security is not always given the attention it deserves.

  • Do business leaders really understand the cyber threats they face and allocate adequate resources – people, IT and money – to provide the counter measures required?
  • When the focus of those at the top is lacking, how do chief security officers and others in the front line impress on them the importance of cyber security as a strategic risk management issue and gain the necessary support? 

  • 12:50 - 14:00Lunch
    14:00 - 14:30 On-stage interview: The cyber threat to the West, and NATO’s response
    Speaker: Sorin Ducaru, Assistant Secretary General for Emerging Security Challenges, NATO
    Moderator: Sam Jones, Defence and Security Editor, Financial Times

  • What is the nature and the scale of the cyber threat to the West?
  • How is NATO addressing the issue? What are the key features of NATO’s "Enhanced Cyber Defence Policy" and associated actions.  How successful has NATO's Policy been so far, and what more to be done?
  • The 2014 NATO Wales Summit in September: What cyber defence issues will be discussed? How is NATO dealing with “ambiguous attacks”, as witnessed in the Ukraine crisis, which blend cyber attacks with conventional information warfare, sabotage and other undercover action.

  • 14:30 - 14:40Panel framing presentation: Innovations driving cyber security
    Michael Papay, Vice President and Chief Information Security Officer, Northrop Grumman
    14:40 - 15:20 Panel discussion: Innovations driving cyber security
    Prof Chris Hankin, Director, Institute for Security Science and Technology, Imperial College London (ICL)
    Stephanie Daman, CEO, Cyber Security Challenge UK
    Martin Roberts, Information Security and Data Privacy Manager, Virgin Atlantic Airways
    Michael Papay, Vice President and Chief Information Security Officer, Northrop Grumman
    Martin Dion, Vice President Financial Services Practice, Kudelski Security
    Moderator: Hannah Kuchler, San Francisco Correspondent, Financial Times

    With limited resources available and a multitude of innovative cyber security solutions being offered or developed, government departments and agencies, other public organisations, businesses and individuals need to prioritise their investments.

  • Which innovations are shaping future threat analysis and management in cyberspace?
  • What combinations of technological advances provide the best protection without limiting objectives and performance?
  • How effective is Tor and similar software for concealing an internet user’s identity and activity? Can evasion technologies really be safe?
  • What will “next-generation” cyber security look like and should it be regulated?
    15:20 - 15:50Networking refreshment break
    15:50 - 16:40 Panel discussion: Dealing with the cyber threat to financial services
    Matthew Penney, Global Head, Crisis Management and Protective Intelligence Programmes, Deutsche Bank
    Rob Bening, CISO/Global Head of IT Security, ING Bank
    Craig Balding, Managing Director, Group Cyber Security Risk, Barclays
    Slavka Eley, Head of Home-Host Coordination Unit, European Banking Authority (EBA)
    Moderator: Maija Palmer, Social Media Journalist, Financial Times

    Banks, insurance companies and other financial firms are in the frontline of the war in cyberspace. They are suffering from denial-of-service attacks, data theft, online fraud and more. But they are fighting back with a range of counter-measures.

  • How much damage are cyber criminals inflicting on the financial services sector?
  • What strategies, practical operational measures and IT solutions are banks and other financial institutions developing to improve cyber security?
  • Taking a collaborative approach: how important is it to work with other financial firms, government, regulators, law enforcement agencies, IT specialists and research?

  • 16:40 - 17:25Closing keynote addresses: Implementing an all-encompassing approach to national security, cyberspace protection and law enforcement
    Dr Phyllis Schneck, Deputy Under Secretary for Cybersecurity, Department of Homeland Security, US Government
    Dr Paolo Ciocca, Deputy Director - General, Security Intelligence Department (Dipartimento Informazioni per la Sicurezza – DIS), Italian Government
    Moderator: Maija Palmer, Social Media Journalist, Financial Times
  • The role of governments in strengthening the security and resilience of national critical infrastructure: overview of the US’s Cybersecurity Framework and Italy’s National Strategic Framework for Cyberspace Security
  • Engaging with the wider business community and individuals to help educate them and secure the cyber ecosystem.
  • Effective intelligence: investigating, arresting and prosecuting cyber criminals.
  • Safeguarding the privacy of citizens – how privacy protection is integrated into cyber security operations to ensure governments act responsibly and openly in the way they collect and use personal information.
  • 17:25 - 17:30Chair’s summation and closing remarks
    Maija Palmer, Social Media Journalist, Financial Times
    17:30 - 19:30Networking drinks reception