The New Rules of Security

The world is changing and so is the way you keep it secure. As your business innovates, your security needs to be more integrated, collaborative and unified– and delivered at speed and scale. This requires a new approach. A different model that lets us succeed in spite of the chaos, that lets us go fast to meet any challenge head on. 

The new rules of security reduce risk by embracing openness; stop threats faster through practiced response and adoption of AI and cloud technologies; speed digital transformation with agile practices; and accelerate business growth with digital trust.

The IBM Security Summit for CISOs and Security leaders, offers a vision that shakes up the status quo to bring you ideas that help break through cybersecurity complexity and write new rules for a new era that ensure clients can enjoy comprehensive security at the speed of business.

Key Takeaways

Learn how to prepare your organisation for a "boom" moment and how to embrace resiliency as a practice

Learn how to prepare your organisation for a "boom" moment and how to embrace resiliency as a practice

Hear from experts on securing the enterprise to enable innovation and growth

Hear from experts on securing the enterprise to enable innovation and growth

Network with peers and experts in the security industry to learn what works, and what doesn't

Network with peers and experts in the security industry to learn what works, and what doesn't

Featured Sessions

Wednesday, May 1


Registration & Coffee


NCSC – What should CISOs be thinking about and doing?



Rob Sedman, Director IBM Security UK & Ireland




IBM Opening Keynote: The New Rules of Security
What if our approach to cybersecurity isn’t going to make us better? That despite all the advanced security technologies, we don’t have the right culture and approaches to combat this complex, chaotic problem. Mary O’Brien, shares insights she has learned from running the largest enterprise security company that challenges our conventional thinking and offers new ways to empower the industry to become exponentially better.

Mary O'Brien, General Manager, IBM Security


A choice of 4 collaborative breakout sessions (choose 2)

  • Design Thinking Workshop: What are the demands of the business executives when it comes to managing cyber risk? 
    Greg Davis, Partner IBM Security
  • MITRE ATT&CK™ Framework Workshop
    Craig Roberts, European Solutions Architect, IBM Security
  • Embedding security in your cloud transformation
    Scott Mcavoy, Cloud Security Competency Lead
  • Every second counts - A Cyber Resilience Experience
    Flick March – IBM Cyber Resilience SME

Panel discussion: How will YOU detect and respond to a data breach?
In the next two years, your company is likely to be the victim of a data breach. How can you be ready to respond successfully, decreasing the impact of the attack? And what have other organisations done to be as prepared as possible?  During this session we will explore Incident Response, the need for breach readiness from the boardroom down, and how this all relates to a 23 tonne truck. You will also hear from clients including Aviva, BT, and the NHS, who will share insights from their recent experiences in a fully immersive cyber range.

Host: Mike Spradbery, Technical Leader, IBM Security

Diana Moldovan, UKI Cyber Operations Lead
Daniel Jeffery, Head of Innovation and Delivery: NHS Digital 

(Chatham House rules)


Coffee Break


Coffee Break


CISO Panel Discussion:
Hear from Security Leaders how they are addressing the key challenges faced, from skills shortage, to threat management to digital transformation

Jane Frankland


Panel Discussion: Move to the cloud with confidence
It’s no longer a question of if a client will move to the cloud, but when. But with that comes a set of new challenges not traditionally faced in the on-prem landscape.  Hear from different organisations how they are facing the challenge of moving into cloud with confidence.


External Industry Speaker Keynote
Jessica Barker
World expert on aspects of cyber security


Closing Comments and Networking Drinks Reception

Breakout Descriptions

Design Thinking Workshop: What are the demands of the business executives when it comes to managing cyber risk?

Discuss the needs  of the C Suite and the Line of Business executives when it comes to cyber risk, learn to apply design thinking technique such as “Empathy” mapping to understand the demands and share experiences with your peers.

MITRE ATT&CK™ Framework Workshop

The MITRE ATT&CK framework is increasingly being adopted by CISOs as a way of structuring and prioritising their Security plans. In this breakout we'll look together at what the framework is, why it's important, how it helps with planning and response, and how to use it to identify gaps in your current security posture.  Engage in a threat mapping exercise to understand a practical framework: which actor is relevant, their technique set, and how technology, people and processes could use those techniques to mitigate their "blindspots".

Embedding security in your cloud transformation

Moving you business to the Cloud doesn't mean needing to achieve different security outcomes but they can be achieved in different ways.  In this session we will look at simplifying the fulfilment of compliance requirements and moving towards a state of continuous compliance by using cloud native technologies and services.

Every second counts - A Cyber Resilience Experience  

In today’s world, it feels like a matter of when, not if, a cyber incident will impact your business.  Preparedness is the key to your ability to detect, contain and recover your business, your reputation and your customers.  Join Flick March, an IBM Cyber Resilience expert to experience for yourself how Every Second Counts when disaster strikes a business and how to minimise the impact.

Meet our speakers

Jessica Barker
World expert on aspects of cyber security

Jessica Barker is a leader in the human nature of cyber security. In 2017, she was named one of the top 20 women of influence in cyber security in the UK and was the winner of the TechWomen50 Awards.

Jessica is the Co-Founder and co-CEO of the cybersecurity consultancy Cygenta, where she specialises in socio-technical security.

Barker’s work surrounds the psychology and sociology of cyber security, particularly regarding cyber security threats, social engineering, how to effectively communicate cyber security messages, the psychology of fear and cyber security, and the language of cyber security. Her specialisms span cyber security awareness, behaviour and culture.

Barker is passionate about encouraging young people to become more engaged with cyber security, working with TeenTech and the UK’s Cyber Security Challenge.

National Cyber Security Centre

Senior Representative NCSC
The NCSC was set up to help protect our critical services from cyber attacks, manage major incidents, and improve the underlying security of the UK Internet through technological improvement and advice to citizens and organisations. Our vision is to help make the UK the safest place to live and work online

Diana Moldovan

Diana Moldovan
UKI Cyber Operations Lead, Aviva

Diana has seven years of experience in incident response and security operations. As the UKI Cyber Operations Lead for Aviva, she leads vulnerability management and incident response/threat hunting teams. Previously, Diana worked for Deloitte, UK where she was a manager in the Cyber Incident Response team. During her 1.5 years at Deloitte, she collaborated with several blue-chip clients working on multiple areas of security including incident response, memory forensic analysis, threat intelligence, vulnerability management and attack detection.

Greg Davis

Greg Davis
Partner IBM Security

Greg is responsible for the Security consulting and systems integration business for IBM UK and Ireland

Over the last few years Greg has engaged and worked with a wide set of cyber security industry players with the focused intent of delivering value to clients who are faced with modern day security challenges.

Before re-joining IBM in December 2013 he spent 5 years with BAE Systems Implied Intelligence developing their Cyber Security capability. He was primarily responsible for new business, security portfolio and oversight of numerous security delivery programmes including the summer 2012 Olympics

Paul Jenkinson
Head of Cyber Security & Architecture at UK Power Networks

Scott Mcavoy
Cloud Security Competency Lead

I am an information security professional with over 20 years of experience leading teams in technical environments, across highly regulated industries and delivering complex solutions.

Historically I have designed, built and supported integrated security solutions on-premise or in data centres and have transformed this experience and my skills to apply to the Cloud.  I have a broad understanding across all security domains and specialise in applying this agnostically to Public Cloud and DevOps environments.  Having supported production workloads for UK Government on AWS from 2010 onwards I have seen the public cloud emerge and mature.  Initially I supported clients to understand the cloud landscape technically and influence decision makers and accreditors to gain approval to transform and modernise workloads, whilst maintaining necessarily high levels of security.  Now my team and I design and delivery solutions across all Cloud Service Providers and industries with a recent focus on enterprise level Financial Services.

Daniel Jeffery

Daniel Jeffery
Head of Innovation and Delivery: NHS Digital

Dan Jeffery is responsible for leading the design, sourcing and delivery of the Digital Security Centre’s programme portfolio.

Craig Roberts

Craig Roberts
European Solutions Architect, IBM Security

Craig Roberts is the European Solution Architect at IBM Security, Resilient, working with customers across the region and assisting them in developing their Incident Response strategies. Craig has spent 7 years in the security industry helping customers to build world class Security Operations Centres (SOC), with particular expertise in Financial Services and Government sectors. Craig currently works on security automation and orchestration - driving incident triage, evaluation and remediation using smart automation techniques. Craig holds patents in the area of blockchain and security.

Mike Spradbery

Mike Spradbery
Technical Leader, IBM Security UK and Ireland

Mike manages a diverse team of technical specialists who work with clients across all industries. During the past 20 years, Mike has worked with security, mobile, social and web experience technologies in a variety of business leadership, sales and technical roles.

Mary O'Brien

Mary O'Brien
General Manager, IBM Security

Mary leads a global team focused on delivering the  extensive IBM security product and services portfolio. She is a strategic partner to many CEOs, CISOs and CIOs on cybersecurity, AI and IT strategy. Before taking over as head of IBM Security, O’Brien led research and development for the division. A lifelong engineer, O’Brien has more than 30 years of industry experience developed through tenures in the UK, US and Ireland.

Rob Sedman

Rob Sedman
Director, IBM Security Business

Rob leads the Security team to deliver end-to-end security solutions and services to clients. He is responsible for profit and loss, strategy, sales, delivery and commercials for UK and Ireland.  Rob has more than 20 years of experience in the IT industry across all sectors, with solid experience in large transformation services deals and leading a number of sales and consulting areas in IBM Global Technology Services.

Flick March

Flick March
IBM Cyber Resilience SME

Felicity has spent her life immersed in technology and is passionate about ensuring companies build Resilience right into the core of their strategy and architecture. She understands the importance of Transformation into the Digital World as well as the risks of not having services available. 

Felicity started her career as a hacker, and has worked for technology giants for over 25 years, in that time she has worked and advised Companies, Governments and Standards bodies on the emerging IT trends and ensuring integrity and sustainability is baked into the heart of IT.

Felicity has a wealth of expertise and experience throughout her career and her insights and perspective are refreshing. She also is an advocate of driving STEM skills in to the younger generation and is an active mentor and coach to the next generation of technologists. 

Felicity lives in Winchester with her family, three dogs and not enough motorbikes. 

IET London: Savoy Place, London WC2R 0BL

This unique London venue on the River Thames offers cutting-edge technology, improved capacity and new outside space easily accessible by rail, tube and river. The perfect location for our event.