R3 Summit 2018

R3 Summit 2017 featured over 17 sessions in 2 distinctive streams. Discover our 2017 agenda below.


KEYNOTE: Predicting the next breach – keeping up with the criminals

  • Forecasting the primary types of cyber attack and high-risk targets
  • Using threat intelligence analysis to re-evaluate and adapt current incident response plans – developing playbooks for common incident types
  • Catching breaches earlier: feeding threat intelligence into threat hunting and identifying indicators of compromise

by Brian Boetig, Legal Attaché, US Embassy London, FBI Show Profile


KEYNOTE: Turning the tide – fending off cyber threats

Cybercriminals are increasingly targeting the human vulnerability. With businesses more interconnected than ever and with the perimeter being progressively blurred, it is important that we bring a more deterministic way of building resilience into the ecosystem that protects our employees, business partners and customers from threats. In this session we will discuss how the industry is restoring trust to today‘s number one attack vector: email.

by Rob Holmes, Vice President Products, Proofpoint Show Profile


PANEL DISCUSSION: How do we build a threat sharing network?

  • How to communicate threat trends and forensic details within sectors and across the wider market
  • Practical tips: learning from industries and regulators that have built a successful threat sharing network
  • What needs to be put in place to create a wider cooperative network?

by Simon Dukes, CEO, CIFAS Show Profile

by Andy Cobbett, CISO, FCA Show Profile

by John Unsworth, Chief Executive, London Digital Security Centre Show Profile


HOW TO: Tackle GDPR – a typical privacy and security roadmap

As a new era of privacy regulations approaches, security and compliance professionals need to make GDPR a top priority. It is essential to build a roadmap with both privacy and security in mind. In this session, we’ll discuss the importance of privacy management within the context of your existing security and compliance ecosystem –– how it fits into the larger puzzle, why it has been precariously overlooked in the past, and how it can be seamlessly integrated as a function among the information security, information technology, risk management, audit and compliance, as well as legal areas in your organization. We’ll address the importance of demonstrating on-going compliance with privacy regulations like GDPR, and how privacy management software can support security and GRC teams.

by Dave Horton, Technical Lead EMEA, OneTrust Show Profile


Announcing a new TEISS initiative

  • That InfoSec issue you are struggling with right now – someone else in the room has probably already solved it
  • That InfoSec work you completed recently – many in the room would love to know how you did it
  • How can we tap into the rich experience of the conference audience?

by Stephen Citron, Director, The Peer Awards Show Profile


Refreshment break & networking



  • How can Cybersecurity adapt to the changing business landscape where DevOps, Cloud, IoT and APIs are facilitating rapid business growth while ensuring the safety of customer data
    • Hosted by Robert Coleman, Chief Technology Officer – UK&I, CA Technologies
  • Disrupting the insider threat kill chain with machine learning, and why the human element is indispensable
    • Hosted by Neill Cooper, CCO, Zonefox
  • Today’s data protection: inside, outside and mobilised
    • Hosted by Jorge Maldonado, Chief Security Officer Evangelist, Code42
  • How to discover and prevent malicious attacks over mobile and cloud services in today’s threat landscape
    • Hosted by Paloma Garcia, SE Manager, Large Enterprise, Symantec

WORKSHOP: The IR Challenge: How do you reduce your time to contain cybersecurity incidents?

Companies are struggling to manage the volume and severity of cybersecurity incidents they have to deal with. The reasons for this are complex – the complexity of technical architectures and business processes, a lack of skilled staff, the increased regulatory landscape as well as the growing sophistication of the attacker.

All of these factors point to a lack of maturity around Incident Response (IR) processes across the industry, from piecemeal security solutions to an approach that is typically focused on post-incident clean-up as opposed to day-to-day response.

This workshop, hosted by IBM Resilient, will review some of the key areas around IR – people, process, technology and compliance, with a view to helping the security team to better understand their ideal and effective IR process, look at ways to improve response times while demonstrating success back to senior management.

by Chris Neely, Director of Technical Sales, EMEA, IBM Show Profile


Lunch & networking


CASE STUDY: Watching system attacks in real time

  • Watch real-time video footage of a sustained attack and how it was countered
  • Quantifying what constitutes an attack and which systems it’s worth constantly patching

by Stephen Wilkinson, CISO, Addison Lee Show Profile


PRESENTATION: Al for Cyber Security? The Machine Fights Back

  • Exploring how new machine learning and mathematics are automating advanced cyber defence
  • Understanding how automated defences augment human security teams
  • Navigating the challenges of implementing AI in a business environment
  • Examining real-world examples of unknown threats detected and defended by ‘immune system’ technology

by Andrew Tsonchev, Director of Cyber Analysis, Darktrace Show Profile


SPRINGBOARD DISCUSSION: 72 hours’ notice – from identification to notification

  • Clarifying the GDPR reporting requirements: what constitutes a breach and when does the clock start?
  • Gathering the information: what are the best processes, and what level of detail is needed initially?
  • Reporting a global incident correctly in each jurisdiction
  • Balancing between scaremongering and concealing: what do you tell your suppliers, customers and employees, and when?

by Nina Baraksai, Group Head of Data Protection and Privacy, Sky Show Profile

by Dr Rachel Carter, Managing Director of Carter Insurance Innovations and, Director of Security Institute (UK) Show Profile

by Helen Davenport, Director, Gowling WLG UK Show Profile


Refreshment break & networking


HOW TO: Build a culture of reporting in order to catch incidents quicker

  • Creating an engaging training programme to improve prompt incident recognition
  • The single-funnel approach: making reporting easy and accessible
  • Making minor improvements to effect significant behavioural change within your staff

by Evie Monnington-Taylor, Senior Advisor, The Behavioural Insights Team Show Profile


CASE STUDY: Mitigating the threat of social engineering

  • Understanding how threat actors compose intelligence profiles
  • Exploring cases where social engineering has compromised processes
  • Examining how good PR can be ideal for threat actors
  • What can you do to stop them?

by Kieren Lovell, Head of Computer Emergency Response, University of Cambridge Show Profile


Close of conference


CASE STUDY: What happened when I sprang an incident on my response team

  • Demonstrating the importance of preparation: lessons learned from a surprise simulation
  • Top Tips: the five things you must do quickly when responding to an incident

by Steve Watt, CIO, University of St Andrews Show Profile


HOW TO: Contain loss after a data breach

  • What can be done in the first hours after the breach has been identified?
  • What are the main impediments to an effective response?
  • What is the response paradigm and how can understanding it dramatically improve our breach response?

by Rogelio Aguilar, Management Consultant - Cyber Resilience, Privacy and IT Security, SunGard Show Profile


SPRINGBOARD DISCUSSION: Managing business continuity and disaster recovery in the extended enterprise

  • Resourcing your disaster recovery plan: who needs to do what, from where?
  • Incident response beyond the perimeter: how do you ensure business continuity when the incident is within the supply chain? Do you know your suppliers’ recovery plans?
  • Calculating the risk of business with customers that have poor security hygiene
  • Planning for disaster recovery at different times of the year, for both the short and long term

by Richard Bridgford, Chair, The Business Continuance Group Show Profile

by Furqan Hashmi, Head of IT Security and Operations, Emirates Investment Authority Show Profile

by Jamie Watters, Business Continuity Manager, HSBC Global Banking & Markets, Americas, HSBC Show Profile

by Stuart Smith, Presales Engineer, Flowmon Network Show Profile


Refreshment break & networking


CASE STUDY: Making the media work for you to minimise brand impact

  • Providing press training to your PR representative and coordinating a consistent, coherent message
  • Understanding the potential global impact of incident PR on brand and share price
  • Strenghtening your brand on the back of a breach

by Nick Samuels, Executive Director, Strategy, Communications and Policy, Royal College of Physicians Show Profile


HOW TO: Think like a criminal – limiting the impact of a breach

  • Understanding segregation and privilege
  • Implementing managed and layered security
  • Managing business continuity and remediation

by Nick Ioannou, Head of IT, Ratcliffe Groves Partnership Show Profile


Close of conference



Drinks reception

back to top

Copyright © Lyonsdown Ltd. 2016. All rights reserved.