Thank you to everyone who attended the CISO 360 Fireside Chat and Roundtable: Practical Ways to Modernise Security
Hosted Tuesday 28 September 2021
{10-11} Carlton House Terrace and Gardens – Westminster, London
Fireside Chat and Roundtable: 14:00-17:30
Networking Reception: 17:30-19:00
“Really great opportunity to explore the subjects, we could have gone on all day! Knowledgeable speakers with whom it was possible to disagree and be able to learn from each other the whys and wherefores of our differences.” – Head of Information Security Assurance, Quilter
Thank you to everyone who attended this inspiring half-day CISO 360 Fireside Chat and Roundtable: Practical Ways to Modernise Security hosted on Tuesday, 28 September at {10-11} Carlton House Terrace, a venue steeped in history with a sense of occasion overlooking St James’s Park, Whitehall and the Mall in London.
Sponsored by IBM and hosted by Pulse Conferences, CISO peers and senior strategists joined for 360-degree benchmarking on practical ways to modernise security.
Share proven strategies to develop and adapt cybersecurity maturity models: How are we automating workflows by integrating Open Security and adopting security platforms that produce better, faster outcomes? What are practical ways to free up the CISO to focus on business strategic priorities and tasks? What are the challenges and benefits of reactive vs proactive security approaches?
Martin Borrett, Distinguished Engineer, CTO IBM Security EMEA, was joined by prominent CISOs from across industry sectors for a dynamic fireside chat that led into smaller group roundtable discussions co-led by CISO luminaries and senior strategists from IBM. The entire event was held under The Chatham House Rule.
Timings at a glance:
14:00-14:30 Guests arrive and afternoon tea is served (Music Room)
14:30-17:30 Fireside Chat and Roundtable Discussions (Council Room)
17:30-19:00 Networking reception (Waterloo Place East Gardens)
There was no cost to attend this discussion for CISOs and senior cybersecurity practitioners. Places around the table were limited and confirmations was done on a ‘first to confirm’ basis. Clive Room, a Director at Pulse Conferences was the Master of Ceremonies.
Thank you again to everyone who attended and took an active part in the discussions, benchmarking Practical Automation Strategies and Reactive vs Proactive Security Approaches. Special thanks go out to our fantastic speakers of the Fireside Chat, Graham Edwards, Martin Borrett and Stephen Khan and of course the co-chairs and those taking notes around each table. Also a big thank you to IBM for sponsoring this fantastic event, making it possible for security peers to meet face-to-face for these important discussions.
Sponsored by
Hosted by
Photo Gallery
About IBM Security
IBM Security partners with you to protect your business with an advanced and integrated portfolio of enterprise security products and services infused with AI that helps you thrive in the face of uncertainty. By aligning your security strategy to your business; integrating solutions that protect your digital users, assets, and data; and deploying technology to manage your defenses, we enable you to mitigate your risk and grow with a modern open approach that supports today’s hybrid multi cloud environments.
For more information, please check www.ibm.com/uk-en/security, follow @IBMSecurity on Twitter or visit www.securityintelligence.com/.
Why Attend?
-
- Our top panel of CISOs and Martin Borrett, Distinguished Engineer and CTO IBM Security EMEA will discuss practical ways to modernise security in an exclusive fireside chat. Martin will share top findings from the 2021 Cost of a Data Breach Report conducted by the Ponemon Institute
- Benchmark security approaches with CISO peers on reactive vs proactive security, what works, what doesn’t and why; what metrics get the best reaction from the Board; how are we doing proactive threat hunting, continuous monitoring and investigation of threats?
- Explore with CISO peers what organisations are embracing and adopting the idea of a Security Platform, what this looks like in practice and what are the challenge areas
- Join inspirational CISOs and senior IBM strategists in roundtable discussions to discuss how Open Security can support an approach where standards and applications work better together, how we are navigating all the buzz words to find true value and avoid misconceptions with SIEM, SOAR and how we can adapt cybersecurity maturity models with automation
- Network face-to-face with peers in the safe, prestigious and central setting of 10-11 Carlton House Terrace and Gardens
AGENDA
14:00 – 14:30
Guest Arrivals and Afternoon Tea (Music Room)
14:30 – 14:40
Introductions (Council Room)
Master of Ceremonies: Clive Room, Director, Pulse Conferences
Co-Chairpersons: Graham Edwards, Head of Cyber Security, Yorkshire Water and Martin Borrett, Distinguished Engineer and CTO, IBM Security EMEA, IBM
14:40 – 15:20
Fireside Chat – Practical Ways to Modernise Security
Led by: Graham Edwards, Head of Cyber Security, Yorkshire Water
With: Martin Borrett, Distinguished Engineer and CTO IBM Security EMEA, IBM
Stephen Khan, CISO Office, Department of Health and Social Care
Explore reactive vs proactive approaches to security and hear how CISOs are adapting cybersecurity maturity models by automating workflows, integrating Open Security and adopting security platforms that produce better, faster outcomes. Practical ways to free up the CISO to focus on business strategic priorities.
- Reactive vs Proactive · Which approach do you take and why?
- Are you doing proactive threat hunting, continuous monitoring and investigation of threats? What works, what doesn’t
- How do I communicate cybersecurity with the Board?
- What metric for threat management and incident response gets the best reaction when I share it?
- Do organisations with AI and automation and incident response planning have lower threat?
- How can Open Security support an approach where standards and applications work better together?
- Are organisations embracing and adopting the idea of a Security Platform? What does it look like and what are the benefits and challenges?
- How are we navigating all the buzz words to find true value and avoid misconceptions? SIEM, SOAR
- How are we developing and adapting cybersecurity maturity models with automation to optimise operational efficiency?
15:20 – 15:40
Coffee Break and Networking
15:40 – 17:00
Roundtable Discussions – Sharing and comparing practical ways to modernise security
Two different topics are discussed across four tables. Each table has two facilitators, a senior strategist from IBM and a fellow CISO. As a participating guest, you rotate tables once after 40 minutes, giving you the opportunity to contribute to both topic discussions. Note-takers on each of the tables capture the main points (non-attributed to reflect that the entire event is held under The Chatham House Rule). These notes enable the sharing of the combined tables output, a practical take-away the week post-event.
1. Security Approach: Reactive vs Proactive
- Which approach do you take and why?
- Is it because of skills, too many tools/vendors, attacker sophistication, volume of noise/attacks etc.
- Are you doing proactive threat hunting, continuous monitoring and investigation of threats?
- What works, what doesn’t – sharing collective learnings
- How do I communicate cybersecurity with the Board?
- What metric for threat management and incident response gets the best reaction when I share it?
Table 1 Co-Hosted by:
Martin Borrett, Distinguished Engineer and CTO IBM Security EMEA, IBM
Julia Harris, Information Security Compliance and Assurance Director, Flight Centre Travel Group
Table 2 Co-Hosted by:
Stephen Khan, CISO Office, Department of Health and Social Care
Michael Hoddy, Strategic Alliance Director, IBM Security
2. Practical Automation Strategies: Open Security and Security Platforms
Sharing proven strategies to develop and adapt cybersecurity maturity models. How are we automating workflows by integrating Open Security and adopting security platforms that produce better, faster outcomes? Practical ways to free up the CISO to focus on business strategic priorities and tasks.
- How can Open Security support an approach where standards and applications work better together?
- Are organisations embracing and adopting the idea of a Security Platform?
- What does it look like and what are the challenges?
- How can CISOs benefit?
- How are we navigating all the buzz words to find true value and avoid misconceptions? SIEM, SOAR
- Developing and adapting cybersecurity maturity models with automation
- How are we optimising operational efficiency by automating repetitive tasks?
Table 3 Co-Hosted by:
Graham Edwards, Head of Cyber Security, Yorkshire Water
Dino Stavrou, Technical Sales Leader, IBM Security
Table 4 Co-Hosted by:
Lee Harris, MSSP & Cloud Pak for Security Leader, EMEA, IBM Security
Carole Embling, Information Security Manager – Awareness and Behaviour Change, Metro Bank
17:00 – 17:25
Summary of key points by Table Hosts
17:25 – 17:30
Closing Statements
Co-Chairpersons: Graham Edwards, Head of Cyber Security, Yorkshire Water
Martin Borrett, Distinguished Engineer and CTO IBM Security EMEA, IBM
Master of Ceremonies: Clive Room, Director, Pulse Conferences
17:30 – 19:00
Networking Reception (Waterloo Place East Gardens)
SPEAKERS
About the Speakers
Martin Borrett, Distinguished Engineer, CTO IBM Security EMEA, IBM
Martin advises at the most senior level in clients on policy, business, technical and architectural issues associated with security. Martin is co-author of the IBM Redbooks “Introducing the IBM Security Framework and IBM Security Blueprint to Realize Business-Driven Security” and “Understanding SOA Security”. He is Chairman of the European IBM Security Board of Advisors, represents IBM at GFCE and the Industry Advisory Board of LORCA, the London Office for Rapid Cybersecurity Advancement, is a Fellow of the British Computer Society, a Chartered Engineer (CEng) and member of the IET. Martin has a passion for sailing and has represented Great Britain; he is also a keen tennis player.
Graham Edwards, Head Cyber Security, Yorkshire Water
A successful senior Chief Information Security Officer and Operational Risk Director with a proven track record in multi-cultural and multi-national organisations, Graham bridges technical and business disciplines and communicates at all levels. He has extensive knowledge of Information Security, Cyber Security, Physical Security, BCDR, Operational Risk, Crisis Management, Data Protection, Financial Crime and Compliance. The first 16 years of Graham’s career were spent in the Diplomatic Service engaged in technical security for the Foreign and Commonwealth Office. He then moved to the financial services sector where he has held senior security posts with Abbey National, Standard Chartered, Barclays, RBS, HBOS and ING. Through these roles he has developed a holistic approach to risk management and security, holding responsibility for information risk, IT security, physical security, fraud, money laundering, business continuity planning, compliance, crisis management and intelligence. Graham also worked outside of the banking industry as the Group Head of Information Risk for Centrica. He then held the position of Director of Data Security at Nationwide Building Society before taking the role as Head of Information Security at Camelot Lottery Solutions. Graham is currently Interim Head of Cyber Security at Yorkshire Water. He has a master’s degree in Information Security from Royal Holloway.
Carole Embling, Information Security Manager – Awareness and Behaviour Change, Metro Bank
Carole has worked in the world of Information Security since the turn of the century, first in Royal Mail as the Compliance, Communications and Awareness manager for the whole Group, having spent the 20 years ‘learning the business inside out’. She then spent 6 years at Prudential Group Head Office working on group-wide Information Security compliance. Carole then worked at BMJ Publishing Group as their Information Governance and Data Protection Lead. She joined Metro Bank in May 2019 as Information Security Manager – Awareness and Behaviour Change.
Julia Harris, Information Security Compliance and Assurance Director – Corporate, Flight Centre Travel Group
Prior to her current role at Flight Centre Travel Group, Julia was Head of Information Protection and Assurance Post Office where she was a strategic leader and trusted advisor with accountability, vision and insights to identify, recommend and plan appropriate Information Assurance Strategy that engendered trust in Post Office brands, drove growth, modernisation and innovation by influencing the business priorities and development, whilst ensuing information assets were protected in line with business strategy, and legal and regulatory requirements. Julia has also held senior cybersecurity roles at BGL and she was Director of Information Security at Rank Group. Stephen Khan, CISO Office, Department of Health and Social Care
Stephen is an experienced senior leader and corporate executive with over 20+ years of cross sector experience implementing successful cyber programmes in demanding global environments including Financial Services, Pharmaceuticals, and Healthcare (HSBC, RBS, GSK, SIEMENS). He provides strategic vision, leadership, and technology expertise with a proven track record for effective cyber risk management and digital business enablement. With deep technical expertise in cyber security and enterprise cyber security risk management, Stephen has built a strong track record of creating and leading global strategic change initiatives to drive tangible digital business benefits and outcomes. Prior to his current role, Stephen was Global Head of Technology and Cyber Security Risk; Security Architecture & Engineering at HSBC. Before this, Stephen was at RBS and held the position of Global Head Security Strategy, Architecture and Engineering; and Global Head of Security Transformation programmes.He is currently Chairman of an executive cyber industry forum (ClubCISO) and Chairman of both The White Hat Ball, which has raised £2m+ over the last 15 years to support UK NSPCC and The White Hat Rally which supports Barnardo’s, a UK charity. He is also a Board member of RISCS which is funded by UK National Cyber Security Centre, a partnership between public, private, and academic organisations to support development of key areas which advanced cyber security across organisations.
Master of Ceremonies
Clive Room, Director, Pulse Conferences
Clive has worked as a marketeer within cybersecurity since 2000. As the Marketing Manager at Portcullis Computer Security he organised all their bespoke events from seminars to hospitality events like the famous Portcullis Arms during Infosec. He was also responsible for their involvement with conferences and exhibitions all over Europe. His experience in promoting and presenting at cyber security events is matched by his passion for helping people understand the critical importance of mitigating the risks and protecting themselves and their organisations from cybercrime.
VENUE
{10-11} Carlton House Terrace
10-11 Carlton House Terrace, London, SW1Y 5AH
www.10-11cht.com
Once the former residence of Prime Minister William Gladstone {10-11} Carlton House Terrace sits at the very heart of the capital, overlooking St James’s Park, Whitehall and the Mall. Superbly located just a short walk from Piccadilly, Charing Cross, and Embankment stations, the picturesque setting of St James’s gives the venue an air of distinction and the peaceful nature of Carlton House Terrace provides a rare reprieve from the hustle and bustle of the West End. The British Academy (housed within 10-11 Carlton House Terrace) is a forum for debate and engagement – a voice that champions the humanities and social sciences. Both through its convening power and an enhanced role as a funder of research, the Academy is developing programmes to address the great challenges of our time – nationally and internationally.
The event will be hosted in the Council Room, a grand space, with impressive paintings on the walls, on loan from the National Portrait Gallery.
Bright and airy with high ceilings and well-ventilated rooms that look out onto wrap around balconies, we have chosen this modern venue that is steeped in history with safety in mind and in keeping with a sense of the occasion. Afternoon tea will be served on arrival in the adjoining Music Room. The networking reception will be hosted outside directly across the road in the Waterloo Place East Gardens.
HEALTH AND SAFETY INFORMATION
The Good to Go mark is the official UK accreditation to signal that a tourism and hospitality business have worked hard to follow Government and industry COVID-19 guidelines and has a process in place to maintain cleanliness and aid social distancing. The {10-11} team have been successfully delivering safe meetings since reopening in August 2020 all within public health guidelines. Full information is here https://10-11cht.com/coronavirus
Directions to {10-11} Carlton House Terrace
{10-11} Carlton House Terrace is conveniently located just a short distance from many major transport links. Charing Cross station is an 8-minute walk. The venue is located a 2-minute walk from Trafalgar Square, behind the Institute of Directors (off Pall Mall).
LONDON UNDERGROUND
Piccadilly Circus, Charing Cross, Embankment
MAINLINE TRAINS
Charing Cross, Waterloo.
BUS
Buses to all parts of London run every minute from Trafalgar Square.
PARKING INFORMATION
Please click here to get discounted parking rates at Trafalgar Parking.
For further travel information or to plan your journey, please click here.