Join Darren Naidu of Object First as he explores the growing importance of data resilience in the cybersecurity landscape. Leveraging insights from research on data protection and ransomware trends, he'll reveal why traditional Zero Trust models are inadequate for the future. Discover how an evolved Zero Trust approach can empower organisations to attain genuine data resilience in the face of emerging threats.

Georgia Lewis Anderson cuts through the noise to show how AI can be a practical, creative partner in your work today. No buzzwords, no fear-mongering; just real examples, human insight, and the skills that matter.

Cyber resilience in the UK has improved, but not always in the ways organisations believe it has. Drawing on first hand experience as an independent cyber assessor and VCISO, this plenary explores what UK organisations arereally achieving in practice when measured against the NCSC Cyber Assessment Framework (CAF) and the NIS Regulations. Based on insight from cyber resilience assessments across critical national infrastructure and regulated sectors, the session highlights where genuine progress is being made, where maturity is often overstated, and why common weaknesses continue to persist despite increased investment and regulation. This talk cuts through theory and compliance led narratives to focus on evidence, outcomes and reality on the ground. Attendees will leave with a clearer understanding of how cyber resilience is shaping up across the UK, what regulators are increasingly focusing on, and where organisations should prioritise effort to strengthen real resilience rather than relying on confidence built on paper alone.

The Pitch: In the "Future of Cyber," the traditional phishing email has evolved from a clumsy nuisance into a precision-engineered AI weapon. As an Account Executive at KnowBe4, David Cooling spends his days on the front lines, helping organisations move past the "compliance checkbox" to tackle the actual behaviors that lead to breaches. In this 15-minute session, we’ll explore the shift from passive training to Human Risk Management (HRM+). We’ll look at how your "Email Estate" is being targeted in 2026 and how KnowBe4 uses real-time orchestration and AI-driven coaching to turn employees into a proactive defense layer. It’s a session designed for those tired of the "doom and gloom" who want a practical, data-driven roadmap to securing the human element—delivered with a personal style that should be appreciated, if not completely understood.

Digital power is no longer concentrated solely in governments, institutions, or corporations. A new pole of power has emerged: decentralized, anonymous, and driven by individuals who understand how to manipulate systems, narratives, and technologies at a scale. In this session, Carl Miller takes us directly into the dark web “assassination markets” and the shadow economies where influence, coercion, and reputation are traded like currency. But this is not a talk about crime — it’s a talk about power, mindset, and the future of decision-making.

Despite better tools, most organisations still fail in the same ways when a cyber incident hits.

This session highlights the 10 most common incident response mistakes, from slow decisions and poor communication to over-reliance on automation, and why they keep happening.

A fast, practical look at what actually goes wrong under pressure and how to avoid it. Key takeaways:

• The 10 mistakes that repeatedly derail incident response

• Why process and people fail more often than technology

• How small delays turn into major breaches • Where automation helps and where it hurts

• What high-performing teams do differently

Every career move — a new hire, a promotion, a departure — should trigger the right access change automatically. Yet most organizations accumulate permissions like clutter. AD360 governs the full identity lifecycle, ensuring access is granted with precision on day one and cleanly revoked on the last.

Chairperson Purvi Kay reflects on the day’s key insights and sets the stage for the afternoon sessions, highlighting emerging cyber trends and the collaborative future of digital security.

"Security leaders are used to managing threats that move quickly. The next generation of cyber risk is dangerous for the opposite reason as it combines speed with patience. Today, attackers are using AI to industrialise deception; generating phishing, impersonation, and deepfake attacks so credible that traditional awareness, identity, and approval controls routinely fail. At the same time, nation state and organised threat actors are stealing encrypted data at scale, explicitly planning to decrypt it later when quantum computing matures. Governments, including the UK and US, now formally recognise this “harvest now, decrypt later” strategy as an active risk not a future one and are setting timelines for post quantum cryptographic migration as early as the late 2020s. These risks are often treated as separate technical problems. In reality, they converge on the same failure point: human mediated trust. AI increases the effectiveness of attacks that rely on influencing human decisions, while quantum computing increases the risk associated with long term protection of sensitive data. In combination, they reveal structural dependencies in modern security on trust based processes This session challenges comfortable assumptions about resilience. It explains what post quantum readiness really means beyond algorithms, why AI enabled social engineering is changing the economics of cybercrime, and why simply “doing Zero Trust” or “waiting for standards” is insufficient. Most importantly, it sets out practical actions security leaders should start now: redesigning trust based processes, reducing decision risk for staff, aligning data protection with realistic cryptographic lifespans, and treating human risk as a measurable security control rather than a training issue."

Ontinue is a leading provider of AI-powered managed extended detection and response (MXDR) services, empowering organizations to securely embrace their digital future.

We’re redefining managed security with tailored protection to stop attacks and prevent future threats, so you don’t have to. Join this short session to discover how Ontinue can help to manage your security operations:

• Accelerates your threat detection and response.

• Continuously enhances your security posture.

• Tailors protection to your environment and operations.

• Maximises your Microsoft investment and helps to consolidate your security stack.

AI, AI, AI... everyone keeps talking about how transformational it is, but who is actually showing leaders how to implement it effectively inside a real organisation? Many organisations remain stuck in pilot mode, slowed by legacy systems, fragmented data, governance concerns, and unclear ownership. In this keynote, Gurps combines storytelling, humour and even fitness modelling principles of discipline and structure, alongside his 4D Delivery Discipline™ framework: Decide, Define, Do, Done, to share practical strategies for scaling AI with confidence. Drawing parallels between building a championship physique and delivering enterprise transformation, he shows leaders why sustainable results come from routine, accountability and disciplined execution. Attendees will leave with actionable tools to drive adoption immediately and some lucky attendees will physically receive proven change management tools and templates they can apply straight after the talk. Talk less do more!

Daniela will talk about the importance of leadership, how good and bad leadership impacts security and what the consequences can be. She will also talk about the traits of good leaders and how they impact team and delivery.

What happens when a cartoon company embraces AI without thinking it through? Road Runner hacks ACME, and everything goes up in smoke. In this fast-paced, story-driven talk, Glenn explores the real security risks facing organisations using GenAI and large language models, told through the absurd but oddly familiar lens of ACME’s AI transformation. The session blends humour, visual storytelling, and technical clarity to show what can go wrong when teams rush into GenAI without understanding the risks. Fun story. Serious risks.

This promises to be a session not to be missed