In-Person

UK & Ireland CISO Community

Executive Summit

10 June 2025 | Royal Lancaster London

10 June 2025
Royal Lancaster London

Governing Body Agenda Location Sponsors Contact

Governing Body Co-Chairs

Matt Broomhall

Lloyd's of London
CISO

Luke Fairless

Tesco Plc
Director, Technology - Security & Capability

Tony Jowett

ITV
CISO

Sarah Lawson

University College London
CISO & Deputy CIO

Benedict Olaoya

SGN
CISO

Ewa Pilat

FNZ Group
Group CISO

Helen Rabe

BBC
CISO

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your UK & Ireland CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda

9 June 2025

afternoon evening

10 June 2025

morning afternoon evening

16:00 - 17:30 Executive Boardroom

A Sneak Peek of 2025 Gartner Security and Risk Management Summit

Chris Gould

Executive Partner, Gartner for CISO Executive Programs

Gartner

***Invitation only***

With enhanced scrutiny from regulators and the board alike, it’s never been more important to stay ahead of the ever-increasing threat landscapes and breaches. Join this session to gain key insights into the top trends for CISOs in 2025 and beyond, as well as a sneak peek into Gartner’s thinking on enabling transformation and resilience in a fast-changing digital worlds. Specifically, you’ll dive into:

Key cybersecurity trends for 2025 and beyond
Enhancing your strategy with key insights and data on topics like Gen AI, risk management, cloud security, and more
Exploring digital risks and resilience strategies that will be showcased at the Gartner Security & Risk Management Summit

Immediately following this session, the UK & Ireland CISO Summit will begin with a networking reception, workshop and dinner: connect with your fellow CISOs before the Executive Summit!

17:30 - 21:00 Governing Body Private Dinner

Governing Body Welcome Reception

Exclusive to Governing Body members and select guests, this dinner is a can’t-miss opportunity to connect with your peers prior to tomorrow’s Executive Summit.

18:30 - 19:15 Workshop

Workshop: Addressing Complex Cyber Security Decision-Making in Digital Transformation

Sarah Lawson

CISO & Deputy CIO

University College London

Waseq Ziaie

Doctoral Student

University College London

Dive into an exciting session that unravels the complexities of cybersecurity decision-making, based on a groundbreaking study by University College London. Through cutting-edge research and a tailored survey, we tackle key areas like Governance & Management, Data Security Infrastructure, and Individual Behaviours. Discover diverse stakeholder perspectives and the organisational hurdles that challenge cybersecurity across industries. Your input will help shape impactful strategies for the future. Don't miss out on this opportunity to:·

Gain exclusive feedback on survey findings
Explore the dynamic world of cybersecurity decision-making
Participate in an engaging segment to share your insights and experiences

08:00 - 09:00 Registration & Breakfast

09:00 - 09:45 Keynote

Strategic Leadership – Navigating an Ocean of Uncertainty

Thomas Harvey

CISO UK

Banco Santander

Today’s leaders are confronted with high expectations and an evolving set of skills necessary to be successful. They are expected to build healthy team cultures, manage high levels of ambiguity, and align with corporate objectives. In this dynamic environment, how can they go beyond the basics to support their business and teams in complex organisations? Join Thomas Harvey, CISO at Santander UK, as he shares some of his personal stories that can inspire all of us when it comes to leading successful teams and being bold in our lives and careers. Thomas will share thoughts on:

How to achieve success in uncertain landscapes
The importance of mental health and resilience to our daily work
Embracing boldness and purpose for a happier life and career

09:45 - 10:00 Break

10:00 - 10:45 Breakout Session

Are we Living in a Cybersecurity Sophistication Paradox?

Jon Abbott

CEO

ThreatAware UK

Organisations are constantly bombarded with news of sophisticated attacks. A deeper analysis reveals a paradox that has persisted in the industry for over a decade: the Sophistication Paradox. This session will delve into the complexities of this paradox, examining how the focus on advanced threats might overshadow the prevalence and impact of basic attacks. By recognising basic attacks and the strategic use of sophisticated techniques by cybercriminals, organisations can create more balanced cybersecurity strategies. This session equips attendees with the knowledge and tools to navigate modern cyber threats and protect digital assets effectively.

Join to discuss:

Exploring the Sophistication Paradox: The danger of focusing too much on defenses against advanced attacks while potentially overlooking essential security measures.
The reality of threats and the influence of vendors in pushing "next-gen" solutions.
Understanding how attackers blend basic entry methods with advanced malware, and how to achieve a strategic balance to enhance security posture and effectively combat these threats.

10:00 - 10:45 Breakout Session

Fortify Your Defences: Mastering Ransomware Detection, Response, and Recovery

Richard Meeus

Director, Security Technology & Strategy

Akamai Technologies

As ransomware continues to disrupt organisations, cybersecurity leaders must adopt a holistic strategy to counter this growing threat. Annually, businesses incur substantial losses from ransomware attacks, leading to prolonged downtime, hefty recovery costs, and tarnished reputations. Preparing for and responding to such attacks can be daunting. Join this session to explore strategies for bolstering detection, response, and recovery capabilities, ensuring you are well-equipped to tackle future challenges with confidence.

We'll discuss:

Improving detection and prevention capabilities, from zero-trust principles to threat intelligence.
Crisis management and containment strategies to ensure resilience and protection of critical assets.
Recovery strategies that ensure optimal recovery times.

10:00 - 10:45 Executive Boardroom

Mastering the SaaS Surge — Enhancing Security with Improved Threat Detection and Posture

Brandon Romisher

VP EMEA

AppOmni

Kyle Headley

CISO

Phoenix Group

George Robertson

Head of Cyber Security

Taylor Wimpey

In a landscape where threats are constantly evolving, CISOs must tackle the increasing complexities of data exposures, SaaS ecosystems and identity management. How can CISOs adopt a proactive strategy for threat detection and posture management that not only safeguards the business but also keeps key stakeholders informed about evolving risks?

Join this boardroom to discuss:

Understanding your true SaaS attack surface: user accounts, web portals, OAuth Connections, direct logins, back doors, vendor updates and more
How to achieve risk reduction through App Hardening and SaaS Detection & Response
How to build a SaaS Security programme: Crawl, Walk, Run

10:00 - 10:45 Executive Boardroom

Taming Third Party Risk with Advanced Technologies

Shaun Crawford

Business Security Partner

AXA

John Chisum

VP, Solutions Consulting

Mastercard Cybersecurity

Alan Bambury

CISO

Kerry Group

Cyber threats are increasingly sophisticated and pervasive, making conventional TPRM approaches like questionnaires inadequate. AI/ML and threat intelligence have the potential to transform TPRM, as well as extending into 4th, 5th parties and beyond. Leveraging key insights can help CISOs stay ahead of evolving risks and enhance security programs, even with limited resources.

Join this session to discuss:

Practical strategies for leveraging threat intelligence in TPRM
Critical alignment of people and process elements with advanced technologies
Acting on useful insights and data to manage supply chain risk

10:45 - 11:50 Networking Break

10:55 - 11:40 Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:50 - 12:35 Breakout Session

Reducing Application Delivery Tech Debt from the Inside Out

Michael Leland

VP, Field CTO

Island

As high volumes of sensitive data flow through web browsers, three in five organisations believe their current IT and security infrastructure makes the risk of data leakage likely or highly likely. This reflects the growing complexities of keeping data secure while dealing with legacy systems, inefficient application delivery methods, and outdated security controls. What is a modern approach to enterprise operations that simplifies IT while strengthening security?
Join this session to learn:

Why disparate IT and security solutions accumulate technical debt and bog down operations
How to articulate the business impacts of technology operations and security challenges beyond IT
New approaches to enterprise application delivery that enhance end-user productivity

11:50 - 12:35 Breakout Session

The Evolution of AI in Cybersecurity — Cutting Through The Hype

Kevin Leusing

EMEA Chief Technologist

Proofpoint

Artificial Intelligence (AI) is often heralded as the ultimate solution to today’s cybersecurity challenges. However, the reality is that whilst AI holds immense potential, it is also surrounded by a lot of hype. CISOs need to cut through the noise to separate fact from fiction in the world of AI-powered cybersecurity.

Join this session to learn more on:

Debunking the hype on AI and discover what actually works in enhancing security
Real-world examples of how AI has been used for years to protect organisations from sophisticated threats.
The value of safe AI adoption and strategies for cybersecurity professionals.

11:50 - 12:35 Executive Boardroom

Collaboration into Action — Cloud Security Approaches to Secure Business Growth

Julia Weimer

Head of Solutions Engineering, UK&I

Wiz

John Williams

Head of Cyber Security

Korn Ferry

As organizations grow and adapt, the importance of cloud security's role in transforming strategic collaboration into actionable outcomes becomes even more critical. By fostering a culture of collaboration, businesses can ensure that security becomes an integral part of the operational fabric rather than a standalone function. Effective cloud security strategies are essential for protecting sensitive data and maintaining trust in digital operations.

Join us as we delve into:

The role of AI and cloud security measures in safeguarding data and infrastructure
Meeting developers where they are when approaching security integration across the business
Implementing security metrics that directly correlate with business goals and establishing feedback loops between security, IT, and business teams to enhance cloud security posture

11:50 - 12:35 Executive Boardroom

Harnessing AI for Effortless Data Security

Ash Hunt

VP EMEA Strategy

Cyera

Gareth Packham

Director of Information Security & Data Protection

Save the Children

Valerie Ezinmo

CISO, UK & Ireland

L'Oréal

As leaders, you’re asked to find ways to securely enable your business and use data to drive innovation. But this takes a fundamental understanding of what data exists within your environment, where it's running, its risk level, who has access to it, and how it's being used. This interactive discussion will cover the challenges and solutions CISOs use to discover their data attack surface, monitor, detect and respond to data threats and ensure data compliance.

Join this session to explore:

Gaining data visibility as a foundation for data governance
Managing data security’s landscape of laws, regulations, and industry standards
Aligning tools and teams across a shared responsibility model to ensure compliance

12:35 - 13:20 Lunch Service

13:20 - 14:00 Keynote

Zero Trust & AI — Strengthening Security, Reducing Complexity, and Driving Innovation

Yaroslav Rosomakho

CTO in Residence

Zscaler

Tobi Patterson-Jones

Group Deputy CISO

Compass Group PLC

Businesses stand to benefit from AI in unprecedented ways, but only if IT and security leaders overcome transformation challenges. This includes implementing a modern zero trust architecture to protect data and users, embracing AI while managing its risks, and handling the technical and financial implications of ever-expanding environments. A risk-based approach to security ensures CISOs deliver a secure, phased transformation.

Join this session to:

Understand how zero trust and AI together, unlike firewalls, provide the strongest cyber defense by stopping threat actors from lateral movement within networks
Learn strategies for protecting AI applications developed in data centers and the cloud, while preventing data leaks from public AI applications
Discover how eliminating costly legacy hardware simplifies environments while cutting network and security costs

14:00 - 14:15 Break

14:15 - 15:00 Breakout Session

The Future of Cyber Resilience— Sainsbury's Bold Journey to Becoming a Minimum Viable Company

Douglas Weekes

CISO & Director of Data Governance

Sainsbury's

Not If, When! The rise of complex supply chains has heightened the vulnerability of many organisations. To combat these threats, the concept of a "minimum viable company" (MVC) has emerged to ensure business continuity after an attack. Douglas Weekes will share insights from Sainsbury’s journey to create a modern cyber resilience response through the innovative concept of a Minimum Viable Company (MVC).

This session will explore the following:

Discuss the value of adopting an MVC approach to ensure business continuity during cyber disruptions
Learn how to adopt an MVC concept by streamlining processes and optimizing supply chains
Understand how far Sainsbury’s is along this journey and how they reached this level of maturity. Gain exclusive insights into the milestones, challenges, and successes that have defined their path to cyber resilience

14:15 - 15:00 Breakout Session

Evolving CISO Role— The Future of Cybersecurity Leadership

Nicole Fowler

CISO, UK

Bank of Ireland

Paul Clarges

CISO

CRH

Stuart Seymour

Group CISO & CSO

Virgin Media O2

Jon Begley

Global CISO

WHSmith

As cyber threats, emerging technologies, and evolving regulations redefine the digital landscape, the CISO role is transforming. With cybersecurity now a cornerstone of business strategy, CISOs are expanding their influence, shaping organisational priorities, and contributing to broader objectives.

Join us for a session that delves into the evolving responsibilities of the CISO, where we will:

Highlight potential future scenarios and anticipate changes to the CISO role in light of evolving regulations and digital advancements, from compliance and data privacy to AI
Discuss how compliance and changing organisational structures are shifting accountability and redefining the CISO remit
Explore how cybersecurity leadership can address challenges by aligning with business values and centering security at the heart of the business

14:15 - 15:00 Executive Boardroom

An Evolving Security Mindset — From Advisor to Action Taker

Lenny Zeltser

CISO

Axonius

Neil Binnie

Head Of Information Security and Compliance

Morgan Sindall Group

John Cruise

CISO

Mitie

Cybersecurity leaders are emerging as strategic members of the senior leadership team. As a result, we are being asked to deliver concrete outcomes rather than merely form risk-oriented opinions. How might we live up to these expectations to drive meaningful improvements that benefit the organisation? How can we ensure that our participation supports the organisation’s mission and objectives?
Join this session to discuss:

Ways of focusing on actions–automated or manual–that change the security program in alignment with business goals
Strategies for highlighting the security team’s value to technical and non-technical stakeholders
Techniques for influencing colleagues to evolve the cybersecurity program

14:15 - 15:00 Executive Boardroom

Identity Security in the Age of AI & Intelligent Automation

Ash Hughes

Head of Security

Berkeley Group

Gabriela Ahmadi-Assalemi

CISO, Technology Operations & COO, Security and Technology

University of Cambridge

Matt Bruun

VP, Northern Europe

Delinea

As AI and intelligent automation transform business operations, they also reshape identity security. Despite the enhanced efficiency and streamlined access, new risks arrive including AI-driven cyber threats, deepfake impersonation, and privilege abuse. Organisations must modernise their Identity & Access Management (IAM) strategies to mitigate evolving threats while ensuring secure, frictionless access.

Join this boardroom session to discuss:

The intersection of AI, automation, and identity security
Strategies to mitigate AI-driven threats, enforce least privilege
Leveraging automation for secure, efficient access management

15:00 - 15:15 Networking Break

15:15 - 16:00 Breakout Session

Words Have Power – How the Language of Cybersecurity Determines Who Takes Part

Joe Da Silva

CISO

Johnson Matthey

Probably all of us recognise that cybersecurity has a diversity problem. But how many of us realise that the language we use every day may play a part in excluding a wide range of talent? In this interactive and thought-provoking session, Dr. Joseph Da Silva will share insights from his research on the pervasive masculinity within the cybersecurity industry. This discussion will include how we can make cyber more accessible and more appealing to a broader audience and ultimately improve security outcomes across our industries.

Discover how the language of cybersecurity can inadvertently both exclude talent and restrict ideas
Learn how making the field more appealing to a broader audience will enhance security cultures and bridge talent gaps
Gain actionable insights into ways in which you can break the cycle to identify new approaches to cybersecurity and promote diversity and inclusion within your organisation

15:15 - 16:00 Executive Boardroom

From Metrics to Narratives— Your Role as a Risk Storyteller

Phil Huggins

National CISO for Health & Social Care

NHS

Neil Bennett

CISO

Post Office Ltd

Mike Heritage

VP, Cyber Security

Financial Times

CISOs are evolving from technical experts into strategic storytellers, becoming vital advisors to the board. This transformation is essential in a constantly shifting regulatory landscape, with new reporting requirements and a renewed focus on accountability. Join us to explore

The art of clearly and accurately articulating the business impact of assumed risks
Discuss competitive advantage of effective risk management.
Keep stakeholders informed on risk and response within a complex maze of legal, privacy, and regulatory challenges

15:15 - 16:00 Executive Boardroom

Winning the AI vs AI Cybersecurity Battle

Sanjay Kapoor

CISO, Global Corporate IT

Worldline

David Lomax

Senior Security Engineering Manager (EMEA)

Abnormal AI

Steve Hughes

BISO, EMEA

JLL

AI is the critical differentiator in the evolving battle between hackers and defenders. CISOs are tasked with defending against AI-powered cyberattacks that humans can't always easily identify and then finding ways to use AI-powered technologies to bolster their organizations’ defenses.

Join this session to discuss:

The rise of AI-powered threats and responses to those attacks
Better detection through automated monitoring
Improvement of analysis and context of behaviors to combat evolving threats

16:00 - 16:15 Break

16:15 - 17:00 Keynote

The Art and Science of Motivation: Tactics to Light the Fire in Your People (and Yourself)

Rob O'Donohue

VP Analyst, KI Leader, Executive Leadership Research

Gartner

CISOs and executives have a unique opportunity to motivate their people by leveraging a combination of art and science. The art taps into the emotional side of motivation, the science relies on data and evidence. Both combined allow CISOs to create a holistic approach to motivation, fostering a highly motivated and engaged workforce.

This keynote explores:

The journey through different motivation models, synthesizing the most effective strategies
The introduction of the SPARKS model, which ignites motivation through six intrinsic drivers
Practical tactics, with actionable strategies to enhance motivation by aligning with individual drivers

17:00 - 17:30 Closing Comments and Prize Drawing

9 June 2025

afternoon evening

10 June 2025

morning afternoon evening

Apply to Participate

Already a Member? Sign In

Apply to participate in the UK & Ireland CISO Community Executive Summit.

Gartner facilitates exclusive, C-level communities by personally qualifying and understanding the priorities, challenges and interests of each member.

Our selective approach maintains the high quality of the network and ensures top-level discussions with peers from the world’s leading organizations.

Each application will be reviewed, and once your participation is confirmed, you will have access to year-round community programs.

Community Member Criteria

To ensure peer connections and conversations at the highest level, members must meet the following criteria:

- C-level or senior most executive for respective function

- Organization revenue of $500M+

Exceptions are considered.

I meet the criteria above

I would still like to be considered

My contact information is….

First Name*

Last Name*

Organization*

Title*

Corporate Email Address*

Best Contact Number*

Organization Revenue *

You agree to our Privacy Policy and T&Cs, which includes sharing your contact details with your peers and sponsors.

Form contains errors, please review the above

Step

We look forward to seeing you at an upcoming in-person gathering

Gartner cares about the health and safety of our community. If you are feeling unwell, please refrain from attending the conference. At this time, Gartner does not have any health-related requirements in place for attendance. Should this change, we will follow up with updated guidance.

Location

Venue & Accommodation

Royal Lancaster London

A block of rooms has been reserved at the Royal Lancaster London at a reduced conference rate. Reservations should be made online or by calling 020 7551 6000.

Deadline to book using the discounted room rate of £390 GBP (plus tax) is 18 May 2025.

Reserve Room