Chaired live from the Studio by:
Chaired by
Marcus Alldrick, CISO Luminary
Digital Risk Management, Security and Compliance Advisor
Born at a very early age and growing up in a culture where cyber was a prefix for anything automated, menacing and malevolent (how history has a tendency of repeating itself), Marcus entered the world of Data Processing as it was known back then after graduating from university. Lured by the flashing console lights (it was also the disco era), the whirl of the magnetic tape and the click clack of the keypunch machine (TSO was still a dream), Marcus became a COBOL programmer, becoming prolific in Michael Jackson’s structured programming methodology (who would have known what future lay ahead for Michael). Having moved into analysis and then data architecture Marcus became the first devolved Information Risk and Security Manager for Barclaycard. After seven years in that role he moved banks and became Head of Information Security for Abbey National plc, now Santander UK. After six years at Abbey and a move into consulting for a large UK utilities company Marcus joined KPMG as a Principal Advisor. Eighteen months later he joined Lloyd’s of London as its CISO and subsequently became its Head of Digital Risk Management and Compliance, also embracing responsibility for data protection and privacy, during his 10 years tenure there. Having worked in IT for over 40 years, specialising in information risk, protection, security and compliance for the latter 27 years or so, Marcus decided to leave full-time corporate life and move to the South Coast of England in mid-2017, ever the seafaring Fisherman’s Friend. As well as being a proud member of the Pulse Conferences family, Marcus now undertakes advisory engagements, provides pro bono consulting and volunteering services and sits on the Cymmetria Advisory Board as Chief Risk Officer.
Keynotes by
Kai Roer, Security Culture Coach / Author / Creator of the Security Culture Framework / CEO of CLTRe AS
Kai Roer (author of “Build a Security Culture” by publisher IT-Governance) has over 25 years of experience in cybersecurity, with much of his expertise centered around security culture. He is currently managing director of CLTRe, a KnowBe4 company, where he is responsible for security culture research. Prior to founding CLTRe, Roer created the global de-facto standard Security Culture Framework. His groundbreaking research into security culture metrics provides organisations worldwide with deep insights into the human factors that influence risk and security. Roer is an award-winning specialist on security behaviors and security culture as well as a best-selling author. Roer keynotes at events around the world. He belongs to the Norway Chapter of the Cloud Security Alliance.
Michael Colao Chief Corporate Security Officer, AXA
Michael has been the head of security for AXA in the UK for more than five years. Prior to that he was a director of Downtown Associates, an information security and privacy consultancy, where he assisted firms in the Lloyd’s Insurance market. Previously to that he was the Global Head of Information Security as well as the Global Head of Privacy and Data Protection for the investment bank Dresdner Kleinwort, Michael has a strong side-interest in computer forensics and in the management of digital evidence. He graduated from the Massachusetts Institute of Technology in 1987 where he studied Mathematics and Computer Science. He has since lived in three continents and has lectured globally on security technology issues. Since 1996 has been working in Security and Technology in Financial Services in London.
First Keynote Speakers Announced! 4th CISO 360 Congress – Hybrid 2020
Alyssa Miller (CISM) is a life-long hacker, security advocate, author, and public speaker with almost 15 years of experience in security roles. She has always had a passion for deconstructing technology, particularly since buying her first computer at the age of 12 teaching herself BASIC programming. In her career, Alyssa has performed all forms of security assessments but given her developer background, she has a dedication to application security. She specializes in working with business and security leaders to design and deploy effective security programs that strengthen enterprise security posture. Alyssa is also committed to advocating for improving security practices. Not only does she speak internationally at various industry, vendor and corporate events, Alyssa also engages in the community through her online content, media appearances, and security community activism. Her journey through security was recently featured in Cybercrime Magazine. She’s also been recognized in Peerlyst’s e-Book “50 Influential Penetration Testers”. Alyssa is board member for Women of Security (WoSEC), Advisory Board Member for BlueTeam Con, and serves on the review board for DevSec Con. She is currently an Application Security Advocate for London-based Snyk Ltd.
Anthony Young is a Founding Director at Bridewell Consulting, one of the UK’s leading independent cyber security companies certified by the National Cyber Security Centre (NCSC) and Council for Registered Ethical Security Testers (CREST).
Anthony has been involved in cyber security for more than 16 years, with a background in information security, governance, risk and compliance.
After starting his career with a small consulting company providing advisory services to the public sector, Anthony joined Barclay Simpson to develop its contract information security division. This gave great exposure to understanding large enterprise cyber security requirements, building teams and managing multiple resources across a wide variety of projects.
Anthony founded Bridewell Consulting in 2013, using his consulting, project and resource management skills to build a world-class cyber security company that focuses on customer satisfaction and long-term relationships.
Caroline is an experienced Identity Strategist and Sales Engineering Leader with many years consulting and delivery involvement, focusing on large scale Security and IGA platforms within the financial sector. She sat in the position of the customer for many years leading programmes of work, as well as in leadership positions across the Security Vendor landscape. She graduated from the University of Southampton with a degree in Modern languages, speaking fluent German, Swedish and Dutch and is based in Oxfordshire.
Clive Room began his professional career in 1970 as the original Heinz Baked Beans boy, in an advert that ran for twelve years! The repeat fees kept Clive in a decent school and his Mother in gin until the mid-80s!
After more than 20 years of acting, when the call from Hollywood failed to come, Clive became a Blue Badge Tour Guide, performing all over the UK to a captive audience of fifty Americans a day on a luxury coach with the doors locked. After winning Guide of the Year in 1996, he felt his touring career could get no better, so he made his first foray into the Information Security industry for Portcullis Computer Security, where he was hired (by the hour) as eye candy for their stand at Infosec. He then became Portcullis’ Marketing Manager to the Stars until their acquisition in 2016. At this point he took a short break to find himself, with the aid of a loin cloth and an Indian mystic, up an Airbnb treehouse in the foothills of the Himalayas. There are no known photographs from this period.
Clive joined Pulse from its inception in January 2017 as their Master of Ceremonies and chief bottle washer. This year he is celebrating his 21st year in the industry and says “ as a young man, with most of my life ahead of me, I can not imagine a better job than the one I have now at Pulse Conferences”. Amongst other things, Clive is responsible for CISO 360’s one-to-one meetings, an area in which he has a great deal of personal experience.
An experienced information security leader with over 19 years of professional experience in information and cyber security, IT, risk management, privacy and data compliance. Derek has recently joined TalkTalk as their Chief Security Officer, where he is building and leading the cyber security strategy and team to protect TalkTalk’s critical infrastructure, assets, and customer data. Previously, he was the Global Head of Security and Risk Management (CISO) at Electronic Arts (EA) where he led a large, global team to protect EA’s intellectual property and sensitive data. Prior to EA, Derek spent over 6 years at Deloitte & Touche where he managed and performed a multitude of information security and risk management engagements for several global Fortune 500 companies across various industries including financial services, technology, consumer business, manufacturing, and public sector. His primary areas of expertise include developing and leading tactical and strategic security strategies, building and maturing security teams, and ensuring executive governance around security to manage risks appropriately. Derek has also published information security articles and white papers and has been a presenter/panellist at CISO conferences. Derek holds a Bachelor Degree in Computer Science from the California Polytechnic State University,
Agile Leader, Agile Coach & Delivery SME, Transformational Lead, Business Agility Specialist – Helping individuals, teams, leaders and the organisation achieve value add Agility @ Scale. Evelyn is known in industry as an agile coach, transformational leader, delivery SME, facilitator, speaker and practitioner with a trusted pair of hands, an exceptionally positive mindset, an infectious enthusiastic attitude and a great passion for agility. 22 years of Industry experience across large scale financial institutions including investment banks, public sector, aviation, energy including utilities, small and mid-size software houses and consultancies. Today she plays non-exec director level roles, as well as, a senior level agile/business coach helping any size of organisation be adaptable to the changing environments whilst maintaining security, stability and sustainability for both the people, product development, the foundations of the operation and the customer. Certified in SAFe, LeSS, and Scrum. A member of the Heart of Agile Leadership Community. Currently in the process of becoming an Red Team Thinking Coach and a Remote:AF Guide.
Summary of successful impacts:
Involved in an HR transformation which formed part of global transformation which helped the client increase their overall yearly turnover from £1B to £5B in 1 year.
Direct total savings for clients circa £25m over across 4 programmes and 3 transformations.
Direct impact circa 1,600 people improving overall delivery and agility techniques.
Indirect impact circa 5,000 people by influencing, evangelising and sharing stories via Show and Tells to help promote business agility.
Encouraged and trained people in the use of agile techniques and collaboration tools to reduce time spent within the project/programme delivery flow.
Supported technical teams to deliver DevOps toolsets to speed up code check-in to code deploy cycle times and improve overall code and product quality.
Helped multiple teams and leaders to feel empowered and truly experience success by applying agile techniques.
Gadi heads the AppSec, Information Sharing (TI), Incident Response, and Third-party Risk domains for Citi’s global cyber innovation lab in Tel Aviv, looking into new technologies from the idea phase, through technical PoC, to full integration with the bank. He is Chair, RISCC Cyber Risk Council of the World Economic Forum, an advisory council with WEF, discussing, and engaging on cyber risk topics. He is the Founder and Chairman of the Board of the Israeli CERT, Founding Chairman of the Cyber Threat Intelligence Alliance (CTIA), and Founder of the Israeli Government CERT. Gadi is widely recognized for his work in Internet security operation and global incident response, and is considered the first botnet expert. Gadi founded Cymmetria which was acquired in 2019, a cyber security company changing the asymmetry of cyber for the enterprise environments. He has authored two books on the topic of information security, organizes global professional working groups, chairs worldwide conferences, and is a frequent lecturer.
Jonathan is an experienced lawyer with a concentration on technology and compliance. His practice includes advising multinational companies on matters involving risk, compliance and technology across Europe. He has handled legal matters in more than 60 countries involving emerging technology, corporate governance, ethics code implementation, reputation, internal investigations, marketing, branding and global privacy policies. Jonathan has counselled a range of clients on breach prevention, mitigation and response. He has also been particularly active in advising multi-national corporations on their response to the UK Bribery Act 2010 and its inter-relationship with the U.S. Foreign Corrupt Practices Act (FCPA). Jonathan is one of three co-authors of the LexisNexis definitive work on technology law, “Managing Risk: Technology & Communications”. He is a frequent broadcaster for the BBC and other channels and appeared on BBC News 24 as the studio guest on the Walport Review. In addition to being a lawyer, Jonathan is a Fellow of The Chartered Institute of Marketing. He has spoken at conferences in the U.S., Canada, China, Brazil, Singapore, Vietnam, the Middle East and across Europe. Jonathan qualified as a lawyer in the UK in 1991 and has focused on technology, risk and governance matters for more than 20 years. In April 2017 Thomson Reuters listed Jonathan as the 6th most influential figure in risk, compliance and fintech in the UK. Jonathan was ranked as the 14th most influential figure in data security worldwide by Onalytica in their 2016 Data Security Top 100 Influencers and Brands Survey. In 2019, Jonathan was the recipient of a Security Serious Unsung Heroes Award for his work in Information Security. In 2020, Jonathan was featured by Onalytica in their Who’s Who in cybersecurity report as one of the world’s top 100 influencers in cybersecurity. Jonathan is a Solicitor of the Senior Courts of England & Wales. In addition Jonathan is admitted as a Solicitor (non-practising) in Ireland.
John Wood, the UK Lead at Checkmarx has been working at the forefront of Application Security since 2006, he was responsible for establishing Fortify Software in the United Kingdom and Europe. He has worked on numerous Application Security Projects – good and bad. Areas of special interest are OpenSAMM and the advanced use of measurement and metrics to assist CISO’s in running successful programs of work. He is frequent and entertaining speaker at industry events often using allegories from subjects as diverse as Physics, Geometry, Ethology and Classical Economics to explain the route to successful Application Security. A graduate of Portsmouth University and Queensland University of Technology he holds degrees in Economic History, Entrepreneurship and Technology Management.
Marcus Dimbleby is a former senior UK military officer and red teamer who has been sharing these techniques with corporations since retiring from the Royal Air Force in 2013. In the RAF, he served across the globe, enjoying tours with the Royal Marines, Royal Navy and U.S. Marine Corps, with whom he deployed to Iraq in 2003. His final tour saw him in an air command role, working closely with the Cabinet Office, and coordinating the air security for the London Olympics 2012 – a natural red teaming event. After retiring as a Wing Commander, Marcus moved into business, initially working for a global consultancy, before moving on to lead major business transformations in the financial sector, focusing on enabling leadership to deal with the complexity of today’s volatile business environment. Marcus now assists organisations with making better decisions faster and provides red team training across the globe.
Dr. Robert Coles is the Director of Cumberland House Consulting Ltd, specialising in cyber security strategy, programme delivery and Non-Exec and Board Advisory roles. He is also an Honorary Professor at UCL and Visiting Professor at Royal Holloway, University of London. He holds a number of commercial board positions including Chair of the Crossword Consulting Ltd Board, Chair of the Crossword Cybersecurity PLC advisory board, member of the advisory boards for Think Cyber Ltd, UK bank, a US pharmaceutical and the Government of Singapore Ministry of Health and member of the Tech-Nation Cybersecurity judging panel. Robert has over 30 years of cybersecurity experience and has held a number of Chief Information Security Officer positions, including for the NHS and health and care system, GSK, National Grid and Merrill Lynch. In all these roles, he owned the information security risk and was responsible for providing leadership across the organisations. He was accountable to the Executive and their Boards for establishing information security strategy and direction, building information security teams and delivering the information security change programme. Prior to these CISO roles, he held a number of “head of” roles at Royal Bank of Scotland, and was the first lead partner, and set up, KPMG’s Information Security Services for EMEA. Robert has extensive links with major industry information security networking groups and government security agencies. He also has links with a number of universities and participates in leading edge research, particularly with Royal Holloway where he is an Executive Sponsor for the Institute of Information Security Innovation, and Cranfield University where he is an executive sponsor for the Cyber Masters Programme. He was awarded a PhD in psychology by the University of Leeds for his work on the perceptions of information and IT risk and has published and presented on this and other topics.
An experienced Senior Leader & Corporate Executive, Security & Risk Professional, Ray is a globally acknowledged and well-known thought leader; recognised and highly respected as someone who delivers. Ray has sat on global programmes for the World Economic Forum on Cyber Resilience and the Advisory Board for the Information Security Forum. Ray has held Group CISO/CSO & EVP roles for BT, National Grid, Interoute, Redwood Technologies and Airbus UK. He has been fortunate enough to have held global accountability, ranging from consultancy, through to design, build and run of managed services; including full profit and loss ownership for multiple business lines, while combining this experience with protection of Critical National Infrastructure in the Energy and Communications industries.
Victoria Baines is a leading author and speaker in the field of cybersecurity. Her areas of research include electronic surveillance and evidence gathering, the changing face of online identity, and the politics of cybersecurity. She has appeared on the BBC, CNN and other major broadcast media outlets as an authority on the misuse of emerging technologies, including Virtual Reality. She serves on the Advisory Board of the International Association of Internet Hotlines (INHOPE). For several years, Victoria was Facebook’s Trust & Safety Manager for Europe, Middle East and Africa. Her work focused on operational support to law enforcement, and strategic engagement with policy makers on criminal activity online. Before joining Facebook, Victoria led the Strategy & Prevention team at Europol’s European Cybercrime Centre (EC3), where she was responsible for the European Union’s cyber threat analysis. She designed and developed the iOCTA, Europe’s flagship product on cybercrime, and authored 2020, scenarios for the future of cybercrime that were the basis for Trend Micro’s successful short film series of the same name. Earlier in her career Victoria was Principal Analyst for online child protection at the UK Serious Organised Crime Agency (SOCA), and was responsible for the UK’s threat assessment of online child safety issues. She began her career in law enforcement in 2005 as a Higher Intelligence Analyst for Surrey Police. In 2008, the International Association for Law Enforcement Intelligence Analysts recognised Victoria’s work for the public sector with an award for outstanding achievement. Victoria is a graduate of Trinity College, Oxford and holds a doctorate in classical literature. She is a Visiting Associate of the Oxford Internet Institute (Oxford University), and a Visiting Fellow at Bournemouth University School of Computing.
Peter was appointed by the Civil Aviation Authority (CAA) as its first Director of Aviation Security in 2013 and led the transition of operational aviation security functions from the Department for Transport (DfT) to the CAA on 1st April 2014. He took on the additional responsibility for Cyber Security Oversight of the UK aviation sector in 2018. He is a member of the CAA ExCo and a Board attendee. Peter had previously been Director of Security & Business Continuity for the Home Office and, prior to that, had served for 32 years in the Royal Air Force from which he retired as an Air Commodore in April 2007. His last appointments were as Provost Marshal for the RAF and Commandant General of the Royal Air Force Regiment. Peter had served as a Non-Executive Director of Plan UK, an international children’s charity for 10 years, and until 2014 had been a trustee of the City and Guilds Group; he remains on the governing council of that organization.
Peter’s career spans over 50 years, with experience in network security, social engineering, threat and risk analysis, red teaming, industrial control systems and electronics.
He founded First Base Technologies, the UK’s first cybersecurity consultancy, in 1989. He provided security testing and guidance for businesses of all sizes for more than 28 years, leading a team of expert penetration testers and consultants.
He is now Partner and Lead Consultant at Naturally Cyber LLP, providing senior management with independent expert advice, guidance on achieving Cyber Resilience, and education on the real cyber risks to business.
Peter is also a world-renowned security evangelist, speaking at major conferences and delivering seminars and webinars. He has appeared in documentaries for BBC television, provided commentary on security issues for TV and radio, and written numerous articles on cybersecurity.
He is a BCS Fellow, a Chartered IT Professional, CISSP, and a member of CIISec, ISACA and Mensa. He is also a visiting lecturer at the University of Sussex, teaching cybersecurity and resilience.
Paul is a highly capable and readily adaptable technical professional, with more than 15 years experience supporting hardware and software solutions globally. Possessing a proven ability to meet and exceed customer demands, and business objectives, in challenging conditions and circumstances. Paul has amassed a wealth of experience working within the Security and Defence sectors, as well as Central Government, Public Sector and Commercial markets.
Rob is a Principal Architect for Ping Identity in the UK and also the EMEA representative to the Ping Identity CTO Office. Rob has 20 years of experience in identity and access management. He has worked on complex implementation projects in the UK, USA, Europe and South Africa.
His current area of focus is on applying industry standards like OpenID Connect and OAuth 2.0 to enable businesses to interoperate and securely expose data and API’s. He is specifically focused on using Mobile Applications to deliver elegant Strong Customer Authentication solutions within financial services and other verticals.
Richard Bird is the chief customer information officer for Ping Identity. He is a cyber security veteran, identity-centric security expert, voice of the customer and an advisor to the global marketplace on solutions for the most challenging business issues faced in today’s world. Richard is a dynamic international speaker and a pragmatic former corporate executive that cuts through the hype and hyperbole of today’s cyber security realities and does it in an engaging and thought-provoking way.
He has spent more than 20 years in corporate business and technology roles within multiple industries. His diverse background includes serving as a chief information officer, a chief information security officer and the global head of identity for JPMorgan Chase’s consumer businesses. Richard’s combination of IT operations and security experience have afforded him the opportunity to be a trusted and strategic advisor to hundreds of companies for topics ranging from identity-centric security, to threat and vulnerability management, data protection and cloud security. Richard is a member of the Forbes Tech Council and a board member for the Identity Defined Security Alliance.
Researcher, writer, filmmaker and presenter Rik Ferguson is the Vice President of Security Research at Trend Micro and a Special Adviser to Europol’s EC3. Rik’s research into the murky world of cybercrime and the cloudy future of technology sees him advise law enforcement, governments and large enterprises alike. A session with Rik will leave you with a lot to rethink.
Professional information security governance, risk & compliance consultant with over 30 years of hands on skills & experience in:
• Threat Assessments & Risk Analyses
• Supply Chain Information Risk Management
• Information Security Policies & Procedures
• Security Vulnerability Assessments
• Security Penetration Testing
• Advanced Persistent Threats
• Wi-Fi Security Assessments
• Cloud Security Assessments
• Mobile Device Security
• Insider Threat & Data Leakage
• Security Awareness Training
Sajed Naseem (“Saj”), is the Chief Information Security Officer (CISO) of New Jersey Courts. Sajed has over twenty years of experience with information security and information technology across many industries. As the Chief Information Security Officer (“CISO”) of the New Jersey Courts, Sajed has focused on Cybersecurity Readiness & Performance, Information Governance, and Network Security. Sajed holds Masters Degrees from St. John’s University and Columbia University. Sajed routinely speaks at Cybersecurity conferences nationally, Europe and with the New Jersey Bar Association. Sajed is also an Adjunct Professor at St. John’s University in Information Security since 2010 and a native of New York City.
Sounil Yu is a Christian, husband, and father with over 30 years of hands-on security experience. He is the creator of the Cyber Defense Matrix and the DIE Resiliency Framework, serves on the Board of SCVX Corp and the FAIR Institute, teaches security as an adjunct professor, co-chairs Art into Science: A Conference on Defense, and advises many startups. He previously served as the Chief Security Scientist at Bank of America, driving innovation to meet emerging security needs and develop alternative approaches to hard problems in security. Although on occasion he is forced to write about himself in the third person, he would rather meet people in person to share experiences rather than writing it up in a short bio. He lives in Virginia with his wife and their four homeschooled children.
Dr. Vasilis Karagiannopoulos is a Reader in Cybercrime and Cybersecurity at the Institute of Criminal Justice Studies (ICJS), University of Portsmouth.Vas graduated from Athens Law School and completed an LLM in Information Technology and Telecommunications Law and a PhD in Law at the University of Strathclyde. He is currently the Director of the Cybercrime Awareness Clinic, which was recently awarded a National Cyber Awareness Award in the National Cyber Awards 2020 sponsored by the National Police Chiefs’ Council. He has also developed and led the launch of the innovative BSc in Criminology and Cybercrime in 2018 and has published in national and international academic journals and magazines on various cyber-related issues. He is currently working on national and international Clinic projects funded by the EU Commission, the UK National Cyber Security Centre and the Centre for Research and Evidence on Security Threats.
Enquire about becoming a speaker
We are always looking for:
- keynote insights or cutting-edge ‘live’ demos
- innovative best practice corporate case studies
- fresh ideas from future-facing persons and companies
- actionable takeaways
- the world’s smartest thinkers and doers in security, resilience, cyber, privacy, resilience, risk, governance, compliance – BUSINESS AND TECHNOLOGY!
Speaker Rules of Thumb when it comes to programming and presenting at virtual events!
- A virtual presentation should be half the length of a physical one. Focus on the physical presence of you as a speaker; that’s the experience people are not getting when they work from home!
- Use PowerPoint sparingly, if at all. It is tough to read slides when they are a picture within a picture. People would much rather see your FACE! Place presentation prompts at the same level as your camera!
- Try to turn a presentation into an interview or a fireside chat. This will increase authenticity and viewer-appeal. TV chat shows are popular for a reason. Pulse will confirm experienced anchors and chairpersons with nerves of steel. People who can listen to the Delegates, adjust their questioning on the fly and manage to keep the audience engaged when things go wrong!
- Give news. Hold back important announcements to specific points i your session, and only release that news on other channels after the broadcast!
- Leave plenty of time for questions. Pulse will gather Question Panels for a few Speakers at a time so stay around after your session!
- Create a rhythm to your presentation. Create a flow between use of slides (if needed) or between yourself and fellow speakers if you are doing a joint session.
- Content rule of thumb – “say what you can’t show, show what you can’t say”. Use talking heads about the vision but employ videos or a slide for internal cases studies to demonstrate the latest innovation in your office or factory!
We welcome your input into shaping the agenda!
Our programmes are highly researched and “led by, for and with” C-Level practitioners who do the job day in and day out. Programmes are structured and organic to ensure that we remain agile to meet the very latest requirements!
For further information, please contact Sara Hook
+44 (0)20 7936 8989 or sara.hook@pulseconferences.com