Opening Keynote by
Robert Hannigan is a renowned cybersecurity specialist with an extensive background in public service. He currently serves as Director of BlueVoyant, and as an adviser to a number of international companies such as McKinsey & Company, Hiscox and Immersive Labs. During his 20 years of public service, Robert served as Director of the Government Communications Headquarters (GCHQ), the UK’s largest intelligence and security agency, where he led the creation of the UK’s National Cybersecurity Centre (NCSC). Prior to that, he worked as principal adviser to Prime Minister Tony Blair on the Northern Ireland peace process.
Robert has been deeply involved in shaping UK Government’s approach to national cybersecurity, from the creation of the first UK Cyber Security Strategy for Prime Minister Gordon Brown, to framing the coalition Government’s ambition of making the UK “the safest place to live and do business online” against a rising tide of cyber security incidents. He has often shared his view that governments cannot do this alone but only in partnership with industry. Having studied classics at the University of Oxford, Robert continued his education at Heythrop College, University of London. After an early career in the private sector, Robert was appointed as Deputy Director of Communications for the Northern Ireland Office in 2000, progressing to Director-General, Political, in 2005. Robert had a role in the Northern Ireland peace process and was singled out in Tony Blair’s autobiography, where he is described as “a great young official who had taken over as the main Number 10 person [on Northern Ireland]”.
In 2007, Robert was appointed as the Prime Minister’s Security Adviser, as well as the Head of Security, Intelligence and Resilience at the Cabinet Office, responsible for coordination between the intelligence services and government. Notably, Robert led the review into the loss of the nation’s child benefit data, a major data breach incident; the subsequent report is informally called the “Hannigan Report”. Robert moved to the Foreign and Commonwealth Office as the Director-General of Defence and Intelligence in 2010, where he served for four years. In 2014, Robert was appointed as the Director of the GCHQ where his major external change to the organisation during his tenure was the creation of the NCSC as an operational part of GCHQ. At the opening of NCSC’s London headquarters in 2017, Robert described the historical line between Bletchley Park and the NCSC and set out the challenge of cyber security at a national level. In February 2017, Hannigan was appointed to the UK Government’s new Defence Innovation Advisory Panel.
Following his resignation as Director of GCHQ in 2017, Robert was widely credited with bringing greater transparency to GCHQ, not least through the use of cryptographic puzzles; his Christmas card puzzle in 2015 inspired some 600,000 attempts worldwide to solve it. This led to the publication of The GCHQ Puzzle Book in 2016, which became a Christmas best-seller and raised £240k for the Heads Together mental health charities by April 2017.
Describing his move to the private sector, Robert says: “I felt it was a good time to go into cybersecurity – I spent over 20 years in government setting up the NCSC and GCHQ. I felt there was a big demand for what I could accomplish in the private sector. I want to make the UK the safest place to do business online and believe that governments cannot do it alone. The cybersecurity industry has the resources and skills and knows where attacks are happening.” Robert has previously stated that “however much [large US technology companies] may dislike it, they have become the command and control networks of choice for terrorists and criminals” and that GCHQ and its sister agencies “cannot tackle these challenges at scale without greater support from the private sector”, arguing that most Internet users “would be comfortable with a better and more sustainable relationship between the [intelligence] agencies and the tech companies”.
Over the years Robert has received numerous commendations. He was appointed Companion of the Order of St Michael and St George (CMG) in the 2013 New Year Honours for services to national security. He was made an Honorary Fellow of Wadham College, Oxford in 2015 and became a Fellow of the Institute of Engineering and Technology in 2017. Robert is also one of the few non-US citizens known to have been awarded the US National Intelligence Distinguished Public Service Medal. Currently Robert is a Distinguished Fellow of the Royal United Services Institute and a Senior Fellow of Harvard’s Belfer Center for Science and International Affairs. He also continues to serve as a Trustee at Bletchley Park Trust, home of British World War Two codebreaking, described by Robert as “the place where the digital world started from.”
Robert lives in the UK with his wife and has two children. He enjoys playing tennis and is a Chelsea F.C. supporter. With his wife being Irish, Robert also follows sports such as hurling and Irish football.
Describing his professional motives, Robert says he is “all about raising the baseline of security and helping people and companies to get better” and he is not interested in adopting “scare tactics” when speaking with journalists.
Robert has made frequent interventions on cyber security issues and can talk knowledgably about the following:
- Government cybersecurity strategy – how should a government organise itself and what is the correct intersection between government and industry?
- Geo-politics and nation state cyberthreats – including Russian, North Korea and China.
- Sophistication of cyber crime groups
- Privacy and regulation
- Mental health and neurodiversity
- The encryption debate – this is not necessarily a cybersecurity issue but relates to how law enforcement and the tech sector work together.
- Vulnerability in video conferencing apps such as Zoom – the privacy aspect of an app but not cybersecurity and public policy, i.e. what is useful and what safe.
- The cyber skills gap and the required “culture shift” within Boardrooms to meet cyber threats.
Having worked in IT for nearly 40 years, specialising in information risk, protection, security and compliance for the latter 26 years or so, Marcus decided to retire in mid-2017 but was quickly lured back to take on an advisory role for a Tier 1 UK bank. At the start of 2018, Marcus also joined the Cymmetria Advisory Board as Chief Risk Officer.
In his previous role at Lloyd’s Marcus was responsible for ensuring that risks to IT and information were understood and correctly mitigated in a cost effective manner throughout the corporation, both in the UK and in its overseas locations. His role extended to providing second line of defence assurance to this effect to Executive, Senior and Line Management. Marcus also had corporate responsibility for Data Protection and Privacy and provided thought leadership on emerging digital related risks pertinent to the Lloyd’s market.
Prior to joining Lloyd’s, Marcus was a Principal Advisor for KPMG, working in IT Advisory and specialising in information security strategy definition and implementation. Before that Marcus was Head of Information Security for Abbey National plc, a leading UK bank, a position he held for six years following seven years as Information Risk and Security Manager for Barclaycard, a leading card issuer and merchant acquirer and part of Barclays plc.
The Board Directors Panel
Simon is currently Chairman of the Gibraltar Stock Exchange which is using blockchain technology to improve clearing and settlement. He also acts as General Counsel for a casino group based in the UK. He is a former Head of AIM at the London Stock Exchange and has served as a director on various stock exchange boards in Europe, including as CEO. In such roles he has had ultimate responsibility for rolling out new trading platforms for various types of securities. He has served as a NED on various listed and non-listed companies in Financial Services, Investor Relations and even Mining. Simon sits on various bodies in the Third Sector including the Norfolk Community Foundation. He is a former barrister and was educated at Cambridge University.
With a career in the tech sector that spans three decades, backed by extensive commercial and marketing expertise – most notably Board positions at Microsoft and the BBC – Sharon’s executive career has been dominated by roles that have helped transform consumer behaviour through the utilisation and implementation of technology. Sharon received the Microsoft Chairman’s Award for sustainable innovation from Bill Gates in 2004 and when she moved onto work for the BBC went straight onto the Executive Board as Director of Marketing, Communications and Audiences. In 2008 Sharon also joined the BBC Worldwide Board, and became Non-Exec Director of both Freesat and Digital UK. Since leaving the BBC, Sharon has developed an extensive portfolio career and currently holds several Non-Executive Directorships including Chair at Restore plc and Remuneration & ESG Chair at Hyve plc; Chair at Eurowag plc. Sharon was also formerly Chair of Ted Baker plc. Sharon also Chair’s private equity-backed businesses – Unique X Ltd – specialising in Cinema delivery software, Foundation SP Ltd – specialising in Digital Transformation consultancy services and DriveWorks Ltd, developer of DriveWorks design and automation software. Sharon was a finalist for the Dame Helen Alexander “NED to Watch” award in 2018, and previously a finalist for Chairman of the Year in 2016 and is a huge advocate for more diversity on Boards. Sharon runs the “So you want to be an NED” programme to support aspiring NED candidates (https://www.sharonbaylay.com/how-to-become-a-non-exec-director/) and is an Advanced Coach and Mentor, with a client list that includes top-tier executives from many global brands. Sharon is also a Fellow of the Chartered Institute of Marketing and an active Member of Women in Advertising and Communications London (WACL).
Deborah is now owner, founder and CEO of EXELL INTELL, a strategic partner of WILL EXELL and is a recognised leader in business transformation, known by clients for strategy development and vision. She developed her unique blend of applied research and commercial practice in Asia, Middle East, Europe and America. As a board member and CEO advisor, she has been tested in some of the most complex and challenging turnaround programmes of the last 20 years – in banking, technology and consumer brand retail. Deborah was co-founder and Managing Partner of WILL EXELL specializing in helping leaders shape and deliver strategy, with a particular emphasis on organisational alignment. She worked with Fidelity International, Nespresso, Experian, Glencore & Getronics during her 4 years as an active partner in the business. Deborah has held senior positions as MD Organisation Development Unit at Deutsche Bank; Group Head Organisation Development at NatWest Group; Group Head Organisation Development at Lloyd’s Banking Group; Human Capital Advisor to Corporate Change Programmes at Connectology; Global SVP Human Capital Development and Transformation; The Coca-Cola Company; Global SVP Human Capital Development and Transformation at American Express. A content expert, Deborah holds an MSc in Industrial & Organisational Psychology and a BA in Political Economics.
A pioneer of competitive, sustainable business practices, Jeremy Schwartz is the multinational CEO who led The Body Shop, Pandora and Conival PLC. Earlier in his career, Schwartz was the Managing Director for L’Oréal UK, and Marketing Director for News International, Coca-Cola and Sainsbury’s. Currently, he is Chairman of the Kantar Sustainability and Inclusion practice and advisor to McKinsey’s Business Transformation practice. As CEO of The Body Shop, Schwartz created the ground-breaking and highly successful vegan ranges, persuaded authorities around the world to protect endangered strips of rainforest, and travelled to the Amazon to source new ingredients and protect biodiversity by creating an income for local indigenous groups. At Coca-Cola, Schwartz created the multi-billion dollar Coke Zero brand, at L’Oréal he launched the iconic “Because You’re Worth it” line, and at Pandora he led the transition from stores to e-commerce focus, resulting in a 300% increase in share price. As a leading innovator, Schwartz has demonstrated that a company can be both a force for good and a successful profitable business. With his 8 New Skills of Leadership, he identifies the step-by-step practical business tools that enable leaders and companies to increase performance and hit extraordinary goals. He addresses engaging stakeholders, transforming profit and loss, the future of work, and digitisation. At the heart of this ethos lies the need to tackle the fear of change which so often stymies individuals and organisations.
Graham Joscelyne CA(SA), CIA, CRMA is a South African and USA citizen and an experienced professional who has focused on governance, risk and assurance activities for many years.
He led the internal audit function in a large Southern African listed group of companies, was appointed Auditor General of the World Bank Group and now consults to senior leadership in the UN Organization and multilateral development institutions management and boards on the topics of internal auditing, risk, governance, ethics & Integrity, and social & environmental issues.
He has chaired and been a member of audit committees for The Global Fund to Fight Aids, Tuberculosis, and Malaria, the World Food Programme, the UN Population Fund, the International Center for Tropical Agriculture, and the CGIAR. Currently, he sits on the Advisory Committee for Internal Oversight for the UNRWA and the Audit and Risk Committee for ACBF.
The Speaker Panel includes
Andrew Kelly is Principal Consultant in the Cyber & Information team and Technical Lead for Cyber Security, Supply Chain and Telecoms Resilience at QinetiQ. Andrew has put to use over 20 years experience in both the public and private sector to provide leadership across a range of programmes and clients. More recently Andrew was Chief Information Security Officer for the Emergency Services Network and has had significant involvement with the UK Telecoms Lab and recently undertook a number of projects on behalf of Cabinet Office to improve Supply Chain Security.
Andrew is the Resident CISO at Proofpoint, which he joined in 2021 from Mastercard, where he was the Chief Security Officer of their subsidiary firm, Vocalink, a firm which provides the transactional backbone of the financial services industry in the UK.
Prior to that Andrew held the CISO role at the UK’s Air Traffic Control provider, NATS, where he oversaw a security transformation and contributed to the design of the next generation air traffic control system. Andrew has also held CISO roles at two top tier global law firms, Allen & Overy LLP and Clifford Chance LLP. In between these roles, Andrew was a Principal Analyst at Forrester Research where he covered the role of the CISO and Security Culture & Awareness as two of his speciality areas.
Andrew was recognized as “European CISO of the year” (2018), and has previously won awards for devising and leading the “Best security awareness program” (2015).
Andrew holds a Master’s degree in information security, is a regular speaker at global security conferences and has contributed to media outlets such as the Wall Street Journal, the Financial Times, the Washington Post, Wired magazine and the Times newspaper. Andrew also appeared in the CNBC documentary entitled “Rise of the Machines”.
An information security professional for quite some time, Bev delivers operational and strategic privacy, information security and information risk management, development and delivery of information security and privacy policies and standards, and information security training. She has worked in a variety of culturally diverse organisations and industries. Currently, Bev is working with tools to analyse and produce data-driven metrics and indicators, using that data to measure and monitor control performance, failures and gaps, to underpin and drive corrective action, and to support information security assurance reviews. Previous roles include Group Risk Manager with Photo Box; Head of Operational Security with Sopra Steria; Information Assurance Compliance Manager with Schroders and Information Security Manager with EDF. Bev has an Executive MBA from Cass Business School and an BA (Hons) degree in Economics & Politics. She is CISA, COBIT 5, ISO 27001 qualified and is proactive in the security industry.
Chris is an Information Security professional, with experience ranging as CISO delivering firm-wide strategy to client-facing delivery as a cyber consultant in a variety of roles and industries. I’m a strong exponent that security is something a business does across the enterprise; it must be built into processes and policies across the organisation in a way that keeps the place running. Information security experience in government, legal and financial services, encompassing: cyber security strategy, ISO27001 certification, third party assurance, security policy frameworks, and operational resilience, business continuity and IT disaster recovery. How can we help organisations understand the threats to their information, today and in the future?
With experience across the industry, and with a history of successful data security projects, Danny is a now a senior identity security engineer with SailPoint – taking a consultative approach to identity challenges, with key focus on time to value and risk reduction, across both public and private sectors. Prior to SailPoint, Danny spent 10 years at Barclays in a variety of information security roles, followed by 3 years as a solution engineer at Varonis Systems.
A successful senior Chief Information Security Officer and Operational Risk Director with a proven track record in multi-cultural and multi-national organisations, Graham bridges technical and business disciplines and communicates at all levels. He has extensive knowledge of Information Security, Cyber Security, Physical Security, BCDR, Operational Risk, Crisis Management, Data Protection, Financial Crime and Compliance. The first 16 years of Graham’s career were spent in the Diplomatic Service engaged in technical security for the Foreign and Commonwealth Office. He then moved to the financial services sector where he has held senior security posts with Abbey National, Standard Chartered, Barclays, RBS, HBOS and ING. Through these roles he has developed a holistic approach to risk management and security, holding responsibility for information risk, IT security, physical security, fraud, money laundering, business continuity planning, compliance, crisis management and intelligence. Graham also worked outside of the banking industry as the Group Head of Information Risk for Centrica. He then held the position of Director of Data Security at Nationwide Building Society before taking the role as Head of Information Security at Camelot Lottery Solutions. Graham is currently Interim Head of Cyber Security at Yorkshire Water. He has a master’s degree in Information Security from Royal Holloway.
A career starting in retail with Marks & Spencer to the current role as CISO of MUFG EMEA. In addition to the retail and finance sectors, I have worked in the Beverages, Recruitment and Public Sector. I have covered Operations, Warehousing, Marketing, Project and Programme Management and many Technical roles. This has given me wide experience, seeing different approaches to similar problems. I am a big investor in people and enjoy observing and learning from different styles, approaches and behaviours. I look forward to sharing some of that experience with you.
Jonathan is the co-founder of CyLon, which has supported the growth of 100+ cyber security startups across Europe, Asia and the Middle East to a collective valuation of $1bn+. Before founding CyLon, Jonathan was a senior British Diplomat, serving in a variety of roles for the UK Government, including as an advisor to UK Prime Minister David Cameron. He also co-founded Epsilon Advisory Partners, a strategy and growth firm working with world-leading global technology companies and investors.
Martyn is an experienced information security leader and CISO, working at board level to define information security strategy and then manage teams to implement that strategy. Martyn works with clients in a flexible and proactive way to meet stringent security requirements and adaptive needs, enabling businesses to work in a flexible way by reactively designing security processes and technical controls that support the business rather than inhibit it. Specialties: Risk, Compliance, Governance, Awareness, Security Architecture, application architecture, ISO 27001, PCI DSS, policy and information security strategy.
Michele Peroli is a highly-focused, energetic, determined and well-rounded senior security consultant. After his bachelor and master’s degrees in computer science, Michele continued his career with a PhD, focused on model checking and automated penetration testing. He then moved to a consultancy position where he helped securing organisation across many industries and lead teams of varying sizes to undertake large multinational projects. He is currently the head of cyber services at 2|Sec consulting.
Mivy James has been an IT professional for over 20 years. Prior to joining BAe systems Applied Intelligence in 2005 she worked for several international IT consultancies and corporations. Mivy started her career as an analyst / programmer after completing a degree in Computer Science and Maths and soon moved into technical leadership and system design. Mivy has worked for a range of clients across UK government on everything from cutting edge technology research to the strategic design of multi-billion pound programmes. Mivy is enthusiastic about technology and particularly keen to encourage women to follow careers in the IT profession, she is the founder & chair of Applied Intelligence’s gender balance network. Outside of work Mivy pursues a variety of hobbies including travel and outdoor sports.
Mun Valiji is a passionate C-suite Cyber & Privacy executive and Advisory Board member with twenty five years experience of delivering business-enabling, transformative security programs across multiple sectors. Mun currently reports to the Trainline Operating Board helping shape a deliver a pragmatic security and privacy strategy. Previous to this he led the cyber programs Sainsbury’s Group, News Corp and spent some time at Citi and Deloitte. Mun’s early career was established at JP Morgan Chase where he was VP responsible for leading the bank’s security threat and vulnerability management program globally. Mun sits on several customer advisory boards and a number of national security councils.
Lady Olga Maitland, Founder, Defense and Security Forum and Chairman, Copenhagen Compliance – has wide experience in all major Governance, risk Management and Compliance issues in general and global Fraud and Corruption problems in particular. She is a special adviser to a number of dignitaries and a widely sought after speaker at all Major Conferences on several Corporate Governance issues. Lady Olga is a former British MP for the Conservative party. Prior to her political career she was a reporter for the Fleet Street News Agency, a columnist in the London.
Paul Haywood is the group chief information security officer for Bupa. Paul is responsible for the global approach to information security across the Bupa Group, including identifying, evaluating, and reporting on risks and meeting compliance and regulatory requirements. Paul has a honours degree in mathematics and a master’s in strategic information systems.
Paul moved from Scotland to London in the late 90’s to start his first IT job as a systems administrator for Elonex PLC, at the time one of the biggest UK P.C. manufacturers. Being exposed to multiple vendor operating systems and enterprise applications early on in his career gave him the opportunity to learn a broad range of skills in a short period of time which in turn allowed him to shape his career. Paul has always worked within an I.T. function, having the opportunity to wear many hats has helped him progress into the highest levels of System Engineering / Architecture. Wanting to make the move into cyber he seized the opportunity when it came about and has never looked back. After building a security ethos in a UK FTSE 250 from the ground up he took on the challenge of building a new SOC function within Jaguar Land Rover before his final move to Qualys. Joining Qualys in February of 2021 as the UK and North EMEA Chief Technical Security Officer Paul is helping to drive Qualys’ vision at C-Level across the customer and partner base. Supporting the Qualys sales teams with his knowledge and experience of delivering cyber security operations to enterprise customers at a global scale. Paul will be representing Qualys at forums and conferences to help support the wider cyber security community. Paul mantra is “Perfection is not a destination; it is a never-ending journey”
Peter has almost 30 years of experience working with vendors, partners and customers covering Networking, Performance Management, Cyber Security, and Analytics and has worked as an external consultant across the globe solving customer and business issues. Peter’s focus for the last 10 years has been on bringing Analytics to bear on multiple business challenges but predominantly Cyber Risk and remediation.
Dr. Robert Coles is the Director of Cumberland House Consulting Ltd, specialising in cyber security strategy, programme delivery and Non-Exec and Board Advisory roles. He is also an Honorary Professor at UCL and Visiting Professor at Royal Holloway, University of London. He holds a number of commercial board positions including Chair of the Crossword Consulting Ltd Board, Chair of the Crossword Cybersecurity PLC advisory board, member of the advisory boards for Think Cyber Ltd, UK bank, a US pharmaceutical and the Government of Singapore Ministry of Health and member of the Tech-Nation Cybersecurity judging panel. Robert has over 30 years of cybersecurity experience and has held a number of Chief Information Security Officer positions, including for the NHS and health and care system, GSK, National Grid and Merrill Lynch. In all these roles, he owned the information security risk and was responsible for providing leadership across the organisations. He was accountable to the Executive and their Boards for establishing information security strategy and direction, building information security teams and delivering the information security change programme. Prior to these CISO roles, he held a number of “head of” roles at Royal Bank of Scotland, and was the first lead partner, and set up, KPMG’s Information Security Services for EMEA. Robert has extensive links with major industry information security networking groups and government security agencies. He also has links with a number of universities and participates in leading edge research, particularly with Royal Holloway where he is an Executive Sponsor for the Institute of Information Security Innovation, and Cranfield University where he is an executive sponsor for the Cyber Masters Programme. He was awarded a PhD in psychology by the University of Leeds for his work on the perceptions of information and IT risk and has published and presented on this and other topics.
Tim has been working in the cybersecurity industry for over 20 years and has a passion for helping organisations defend against the latest cyber threats. He is an advocate of continuous security validation and how it empowers security teams to better understand, measure and mitigate risks.
Prior to joining Darktrace, Toby spent 15 years in the UK Government’s cyber security threats response unit, including as the UK National Cyber Security Centre’s Deputy Technical Director for Incident Management. He has specialist expertise in Security Operations, having worked across Cyber Threat Intelligence, Incident Management, and Threat Hunting. He has presented at several high-profile events, including the NCSC’s flagship conference, CyberUK, the SANS CyberThreat conference, and the Cheltenham Science Festival. He was a lead contributor to the first CyberFirst Girls Competition, championing greater gender diversity in STEM and cyber security. Toby is a Certified Information Systems Security Professional (CISSP) and holds a Master’s in Engineering from the University of Bristol.