We’re delighted that you have chosen to join us at the Cyber Secure Forum – a unique event, tailor-made to meet your individual requirements. We have carefully planned out your itinerary to ensure your time here is worthwhile: Connect with businesses relevant to your current and forthcoming projects in our matchmade one-to-one meetings.
And let’s not forget the networking – we’ve created a relaxed environment for you to form new partnerships, with ample opportunities to mix with peers during the buffet lunch and coffee breaks!
4
6
Our Partners
8
10 Seminars
16 Dates for your Diary
18 Itinerary
‘ Employee Awareness Month: The Psychology of Cyber Risk – Why behavioural science holds the key to awareness success ’
12 ‘Analyst predict 30% increase in AI-related legal disputes for tech companies ’
14 Delegates Supplier Directory
Follow us on socials
@forumevents #forumevents @forumeventsltd # FECyberSecureForum Cyber Secure Forum
For more information about our event, contact:
Liam Cloona - Senior Sales Manager on 01992 374078 or L.Cloona@forumevents.co.uk
Josh Kingsmill - Delegate Sales Executive on 01992 374081 or J. Kingsmill @forumevents.co.uk
Our Partners
Headline Sponsor
Partners & Supporters
Itinerary
08.45 - 09.20
Opening Presentation
‘ The Art of Project Management ’
Gurps Khaira
HSBC Meeting Room 3/4/5
09.25 - 10.00
Seminar
‘Cyber Governance’
George Quigley
IASME
Meeting Room 3/4/5
10.05 - 13.00
Face to Face Meetings
Quayside Suite
13.00 - 13.45
Networking Buffet Lunch
Cinnamon Restaurant
13.45 - 14.20
Seminar
‘Cyber Escape Room’
Mike Wager
The Cyber Escape Room Co Meeting Room 3/4/5
14.25 - 16.25
Face to Face Meetings
Quayside Suite
16.30 - 17.15
Seminar
‘Rethinking Security ’
Greg Van Der Gaast
Former hacker turned FBI & DoD Operative
Meeting Room 3/4/5
W E M A K E N E T W O R K
P E N T E S T I N G E A S Y .
Automated, Affordable, and CREST Accredited Solution!
Scan or click here to subscribe to the Cyber Security Briefing newsletter
Seminars
TUESDAY 11TH NOVEMBER
08.45 – 09.20
Gurps Khaira Cybersecurity Programme Manager
“ The Art of Project Management ”
How to manage enterprise level projects and deploying cybersecurity technologies to very complicated infrastructures and environments. How to manage risks, issues and stakeholders with effective governance structures.
• Project Management lifecycle
• What are the key Project Phases?
• How to create a project plan
• How to manage a enterprise level portfolio
• How to create a low level plan.
As a Cybersecurity Programme Manager at HSBC, Gurps Khaira has extensive experience delivering high-value projects and programmes exceeding $200,000,000.
In addition to his cybersecurity expertise, he is also a bodybuilder, offering unique insights at the intersection of security, leadership, transformation, and wellbeing. Gurps believes his perspective can bring a fresh and engaging dimension to your audience, and he’d be delighted to discuss potential opportunities further.
09.25 – 10.00
George Quigley Head of IASME Cyber Assurance
“Cyber Governance”
Cyber resilience is more than just a technology issue. Understand why cyber governance is key to becoming cyber resilient
• The Cyber Landscape
• Governing Cyber Risk
• Cyber Governance Code of Practice
• IASME Cyber Assurance Standard
• Becoming Cyber Resilient and Demonstrating Compliance
With over 25 years as a Partner at both KPMG and BDO, George Quigley joined IASME in 2023 ISAME and is currently the Head of IASME Cyber Assurance. George brings a perspective based on helping businesses become cyber resilient in a cost-effective manner. Having also worked on a number of cyber breaches, it became clear that the key denominator in all those breaches was the lack of effective cyber governance. Not only will he focus on good practice, but he will also highlight key frameworks that can help and how you can demonstrate compliance to your own organisation and to your wider supply chain.
13.45 - 14.20
Mike Wager
Commercial Director
The Cyber Escape Room Co
“Cyber Escape Room”
TUESDAY 11TH NOVEMBER
A ransomware attack has locked down your organisation’s systems and the hackers are playing games. Literally.
They claim they only needed one set of stolen credentials to get in. Now, they’ve given you the five suspects, five possible methods of compromise, and five locations it could have happened.
If your team can crack the case and identify the right combination, they’ll have over the decryption key. Get it wrong? Game over.
A decade of Cyber Security sales working with some of the worlds biggest brands on GRC transformation programmes has led Mike Wager to partner with Amy in bringing new solutions to established problems. Supporting organisations to ensure end user engagement as the foundation of security awareness projects, programmes and events; the Cyber Escape Room Co are proud to partner with nationally and internationally recognised brands to maximise security initiative impacts.
16.30 – 17.15
“Rethinking Security ”
Have we gone too far down the rabbit hole without actually understanding the problem?
While the world spends ever-more on security technology, the outcomes keep getting worse. In this presentation we’ll look into why things aren’t working and explore how simple easy to understand concepts already in use in many other industries can lead not just to better security outcomes, but better business as well.
Greg van der Gaast boasts a distinguished, yet diverse, 25+ year career in information security and cybersecurity. Deemed one of the World’s Top 5 Most Infamous Hackers and an FBI most-wanted, Greg now uses his expertise as a force for good – having since worked as an undercover FBI and DoD operative. Driving change in information security practices, Greg shares his in-depth understanding of how to maintain the security of data as a businessminded CISO and cutting-edge technical consultant. Aside from his business commitments, Greg is also sought after as a keynote speaker – sharing his expertise on how organisations can protect themselves from cyber threats with unconventional approaches. As a teenager, Greg forged a reputation as a notorious hacker, having famously hacked into a nuclear weapons facility. Leaving his legacy as a hacker behind, Greg has since committed his expertise in the vulnerabilities of technology to help organisations better manage their information security. From acting as the Head of Security Architecture for CGI to being the Associate CISO of the Francis North Group and the Head of Information Security for the University of Salford, Greg has generated fresh narratives and powerful perspectives on information security.
Most recently, Greg was appointed as a Security Advisor to the Office of the CTO of CDW UK, having also been the Chief Technologist of Security for CDW UK. To further his passion for information security, Greg has authored the bestselling books What We Call Security and Rethinking InfoSec. He has also committed time to working as the CISO of Scoutbee and a Navigator for Bloor Research. Committed to making organisations less vulnerable to cyber threats, Greg is now also highly sought after as an information security keynote speaker for corporate events, imparting his wisdom on how security can grow bottom and top-line revenue.
Greg Van Der Gaast Former hacker turned FBI & DoD Operative
Analyst predict 30% increase in AI-related legal disputes for tech companies
AI regulatory violations will result in a 30% increase in legal disputes for tech companies, with weak international regulation impeding the provision of coherent guidance for IT leaders.
A May through June 2025 Gartner survey of 360 IT leaders involved in the rollout of generative AI (GenAI) tools found that over 70% indicated that regulatory compliance is within their top three challenges for their organisation’s widespread GenAI productivity assistants deployment.
Only 23% of respondents are very confident in their organisation’s ability to manage security and governance components when rolling out GenAI tools in their enterprise applications.
“Global AI regulations vary widely, reflecting each country’s assessment of its appropriate alignment of AI leadership, innovation and agility with risk mitigation priorities,” said Lydia Clougherty Jones, Sr. Director Analyst at Gartner. “This leads to inconsistent and often incoherent compliance obligations, complicating alignment of AI investment with demonstrable and repeatable enterprise value and possibly opening enterprises up to other liabilities.”
At the same time the impact from the geopolitical climate is steadily growing, but the ability to respond lags behind. Fifty-seven
percent of non-U.S. IT leaders from the same survey indicated that the geopolitical climate at least moderately impacted GenAI strategy and deployment, with 19% of respondents reporting it has a significant impact.
Yet, nearly 60% of those respondents reported that they were unable or unwilling to adopt non-U.S. GenAI tool alternatives.
In a Gartner September 3, 2025 webinar poll, 40% of the 489 respondents indicated that their organization’s sentiment to AI sovereignty – defined as the ability of nation-states to control the development, deployment, and governance of AI technologies within their jurisdictions – is “positive” (as in viewed with hope and opportunity), and 36% indicated their organization’s sentiment was “neutral” (as in taking a “wait and see” approach).
In the same poll, 66% of the respondents indicated they were proactive and/or engaged in response to sovereign AI strategy, and 52% indicated that their organization was making strategic or operating model changes as a direct result of sovereign AI.
With GenAI tools, such as GenAI productivity assistants, becoming more ubiquitous in uncertain and fluctuating geopolitical and legal environments, especially with AI sovereignty in mind, IT leaders
must immediately strengthen the moderation of outputs by taking the following steps:
• Engineer self-correction by training models to self-correct and not answer certain questions in real time, communicating instead a phrase such as “beyond the scope.”
• Create rigorous use-case review procedures that evaluate the risk of “chatbot output to undesired human action,” from legal, ethical, safety and user impact perspectives; use control testing around AI-generated speech, measuring performance against the organization’s established risk tolerance.
• Increase model testing/ sandboxing by building a crossdisciplinary fusion team of decision engineers, data scientists, and legal counsel to design pre-testing protocols and test and validate the model output against unwanted conversational output. Document the efforts of this team to mitigate unwanted terms in model training data and unwanted themes in the model output.
• Inject content moderation techniques such as “report abuse buttons” and “AI warning labels.”
Scan or click here to subscribe to the Cyber Security Briefing newsletter
Delegates
Advantage Smollan
Atlantic Pacific Global Logistics Group
BHP
Birmingham County Football Association
CBRE
Department for Energy Security and Net Zero
Ecarx Group
Freeman Clarke
Hakluyt & Company
Honda Motor Europe
KPMG
London Borough of Lambeth
Marks & Spencer
Metropolitan Police Service
Metropolitan Thames Valley Housing
MOD
Motability Foundation
MUFG Bank
Octavius Infrastructure
Pogust Goodhead
Pret A Manger
Record Financial Group
RedCat Pub Company
Regent College London
Runa Network Limited
Serco
St Joseph’s College
Tapi Carpets
ThamesWey Group
The Royal Borough Of Windsor And Maidenhead
The View From The Shard
Ticketmaster
Timothy Oulton
University of Sunderland in London
Volopa
Head of Cyber
CIO
Principal Data Security
Finance Lead
Associate Director, Operational Resilience
Group Deputy CDIO
Head of IT, International Fractional CIO
CIO
Head of Risk
Digital & Cloud Technology Director
DPO
Technical Program Manager
Head of Service Delivery
Information Security Manager
Cyber Security Officer
High Threat Officer
Head of IT
Cybersecurity Programme and Transformation Manager
Head of IT Services
Head of Information Security
Cyber Security Manager
Head of Technology
Head of IT
Head of IT
Head of Information Security & IT (CISO)
IT Supplier Relationship Manager
Student Services Manager
IT Manager
IT Network Manager
Infrastructure Security Manager
Senior Facilities Manager
Senior Software Engineer
IT Manager
IT Manager
IT Infrastructure Manager
Dates for your Diary
5th February 2026
Hilton London Canary Wharf
9th July 2026
Hilton London Canary Wharf
Scan or click here for our website:
4th March 2026
Hilton London Canary Wharf
10th September 2026
Hilton London Canary Wharf
Scan or click here for our website:
12th March 2026
Hilton Canary Wharf
19th & 20th October 2026
Radisson Hotel & Conference Centre, London Heathrow
Arcanum is a National Cyber Security Centre (NCSC) Assured Cyber Security Consultancy specialising in IT & OT Risk Management, Audit & Review, Security Architecture, Cyber Resilience Audit, and CHECK Penetration Testing. Since our inception in 2008, we have been committed to delivering expert security advice and services to businesses, safeguarding them against the ever-evolving landscape of cyber threats.
Core to Cloud is a leading cybersecurity managed services provider enabling organisations to securely adopt innovative technologies while staying resilient against evolving threats. Our mission is simple: secure your digital future without compromising performance, productivity, or compliance. We provide consultative, outcome-driven solutions across, but not limited to, the following areas:
• Managed Detection & Response (MDR): 24/7 threat detection and incident response powered by human expertise and vendor-agnostic technology.
• Third-Party Risk Monitoring: Continuous visibility into your supply chain’s security posture.
• Crisis Simulation & Incident Response Testing: Prepare teams with realistic simulations of ransomware, phishing, and breach scenarios.
• Dark Web Monitoring: Real-time detection of leaked credentials and sensitive data before attackers strike. Working with organisations across healthcare, retail, logistics, finance, and the public sector, Core to Cloud delivers tailored services as a true extension of your internal team.
Cydea is an optimistic cyber security company dedicated to help organisations see their cyber risk clearly, act on what matters, and prioritise their next steps with confidence. Our services include risk quantification, cyber assessments, cyber due diligence, and tailored programmes for security improvement. We work in the open, side-by-side with our clients. Transparency, collaboration and accountability are at the core of every engagement. Whether helping a private equity firm assess risk across its portfolio, or supporting a global enterprise to navigate digital transformation securely, we apply the same principle: the right tools, the right people, the right outcomes.
Darktrace
Darktrace is a global leader in AI for cybersecurity that keeps organizations ahead of the changing threat landscape every day. Founded in 2013 in Cambridge, UK, Darktrace provides the essential cybersecurity platform to protect organizations from unknown threats using AI that learns from each business in real-time. Darktrace’s platform and services are supported by 2,400+ employees who protect nearly 10,000 customers globally. francesca.cornwall@darktrace.com / darktrace.com
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organisations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
03300 882 752 / info@iasme.co.uk / iasme.co.uk
IASME is a cyber security certification company based in the Malvern Hills, with an office in Belfast and one in Dalgety Bay. We work with a network of cyber security experts to help organisations of all sizes improve and demonstrate their cyber security. Fairness and inclusion are central to our business and we bring these values to everything we do.
IntaForensics is a UK leader in cyber security, digital forensics, digital investigations, e-Discovery, and cell site analysis. Trusted by law enforcement, legal professionals, businesses, and government agencies, we deliver expert, defensible solutions. Our Lima Forensic Case Management® software streamlines digital investigations, ensuring efficiency, precision, and the highest professional standards. To learn more about our services and solutions, visit www. intaforensics.com, call us on 024 77 177 780 or email sales@intaforensics.com.
Nasstar
07814 581
Networks today are more than just infrastructure; they’re the backbone of digital transformation. But as businesses embrace AI, cloud, and hybrid work, the threat landscape is evolving just as fast. Cybercriminals are leveraging automation and AI to launch more sophisticated, targeted attacks, making traditional security models obsolete. That’s why we help organisations build secure, adaptive networks that are ready for what’s next. Whether you’re deploying SASE, adopting Zero Trust, or modernising legacy infrastructure, we bring the expertise to simplify complexity and strengthen your defences. Through our partnership with Fortinet, the global leader in cybersecurity, we deliver integrated, AI-driven security solutions that protect your people, data, and operations. Backed by consultancy and managed services, we help you stay resilient, responsive, and ready for whatever the future brings.
Outbreach is a boutique service delivering 24x7 cyber incident response and crisis management that stops attacks, restores operations, and limits business interruption or damage using a Plan, Prepare, React, Recover model. Outbreach assumes that everyone will eventually fall victim to a cyber-attack and so provides specialist all-in-one response services spanning technical, forensics, legal, PR, communications and negotiation. We offer rapid onboarding for unexpected incidents or preplanned retainers with simple, fair pricing for mid-sized businesses. As an NCSC Assured Service Provider for Cyber Incident Response the team has managed the response to over 100 cyber incidents spanning London, Dubai, and New York. Different to other companies we don’t try to stop breaches or prevent attacks. Our services start where IT teams, traditional SoC teams or insurance providers have identified complex attacks that need speciality support. Ideal for ransomware, data theft, BEC, and other attacks.
SecurityHQ is a technology-agnostic MSSP that designs and architects custom security solutions to fit your environment’s specific needs. Whether that includes fully managing your security program or filling in well-defined gaps, we serve as an extension of your security team and give you the essential elements you need to protect your organization: Time and insights. With bespoke managed services ranging from 24/7 MDR to threat and risk advisory to proactive security posture management, our 450+ SOC Analysts and Engineers detect and remediate threats with a 62% lower noise-to-signal ratio than competitors.
Sentrium Security
01242 388 634 / adam.king@sentrium.co.uk
Sentrium delivers expert penetration testing, red teaming, and cyber security advisory services designed to uncover critical vulnerabilities before they become threats. Our CREST-qualified consultants combine deep technical expertise with a pragmatic, commercial approach, helping organisations across the UK strengthen their security posture with clarity and confidence. We empower businesses to discover tomorrow’s cyber breach, today, providing actionable insights that enable informed decision-making and effective risk management. From assessing complex IT environments to evaluating third-party security and ensuring compliance, we focus on delivering tangible value, clear reporting, and practical guidance. We reveal weaknesses others may miss, giving clients full visibility of their security landscape. Our flexible, UK-based consultancy ensures responsive communication, tailored testing, and precise recommendations, helping organisations protect technology, information, and people while maintaining business-as-usual operations.
SEP2 are an award-winning cyber security specialist and Managed Security Service Provider (MSSP) delivering a range of advanced security solutions from their 24/7/365 UK-based SOC. They partner with world-class vendors, and are one of the most technical Check Point, CrowdStrike and Google partners in the UK. Founded in 2016, SEP2 are recognised for their rapid growth and technical excellence, now employing over 100 individuals and offering services globally across various sectors. Their team of expert engineers, analysts, and consultants is driven by a genuine passion for protecting customers from evolving cyber threats. That’s why they say they are Tech Driven, People Powered.
Storm Guidance Limited
STORM Guidance are pioneers of digital investigations, beginning our journey in early 1990’s supporting cybercrime and other criminal investigations with digital forensics, where our work established cybercrime case law and earned us police and judicial commendations in the UK and the US. We have been the Cyber Incident Response (CIR) firm of choice for leading cyber insurers for over a decade. Our current CIR service delivers a comprehensive suite of specialisms. All that is needed for any organisation of any size when faced with a cyber incident. Our decades of experience in CIR informs our delivery of Cyber Incident Exercising (CIE) and we offer both tabletop and live play CIE workshops for executives, managers and operational specialists. Our realistic scenarios are tailored to our client’s operations to deliver an optimal learning experience. We are proud to be a UK NCSC CIR and CIE Assured Service Provider (ASP).
Synguard delivers comprehensive access management solutions that adapt to your organization’s unique security needs. As a Belgian based developer and manufacturer, we design and build our entire ecosystem in-house—from intelligent hardware controllers to our powerful software platform. Our solution seamlessly unites access control, visitor registration, parking management, and security monitoring into a single, 100% web-based platform that requires no client software installation. Whether you choose cloud or on-premise deployment, Synguard scales infinitely with your business while maintaining endto-end security and the flexibility to migrate between hosting options as your needs evolve. Utilising open standards, our platform embraces a “best-of-breed” philosophy—integrating seamlessly with leading third-party devices while allowing you to activate only the modules you need, ensuring a robust system designed to adapt to future technologies.
The Cyber Escape Room Co.
07828 918 423 / cyberescaperoom.co
Training that doesn’t suck. At The Cyber Escape Room Co., we make cyber security awareness actually fun. No death-by-slideshow. No tick-the-box boredom. Just immersive, interactive experiences that get people engaged, laughing, and... most importantly... learning. From physical and digital escape rooms to AR games, breach workshops, CTF challenges and AI-powered vishing attacks, we create training your team won’t forget. Our blend of storytelling, suspense, and real-world relevance turns passive learners into active defenders. We work with CISOs, security awareness pros, and L&D leads across enterprise and midmarket businesses... especially in finance, retail and critical infrastructure. Whether you’re UK-based or scaling across South Africa, the USA, or beyond, we’ve got you. And yes, we’ve got speakers who’ll wake up your event too. Bottom line? We’re the anti-boring security awareness provider. If your training needs an upgrade, we’ve got the good stuff.
ThreatLocker
08332 927 732 / robyn.vaughan@threatlocker.com /
Stop ransomware! ThreatLocker® improves enterprise-level server and endpoint security with zero trust controls, including Allowlisting, Ringfencing™, Elevation, Storage, Network Control, Configuration Management, and Operational Alert solutions.
Vonahi Security
sindy.kosta@kaseya.com / vonahi.io
The industry’s most valued automated network penetration testing platform. vPenTest from Vonahi Security, a Kaseya company, is the leading SaaS platform that’s revolutionizing network penetration testing through automation. The full-scale penetration testing platform makes network pentesting more scalable, accurate, faster, consistent, and not prone to human error. Using vPenTest, organizations can now schedule a network penetration test at any time, allowing security teams to evaluate their risks to cyber attacks in real-time. Vonahi Security is proud to be a CREST Accredited in both EMEA and Australasia. MSP partners and customers can now receive a CREST-certified network penetration test report from vPenTest across Europe, the Middle East, Africa (EMEA), and Australasia. This prestigious accreditation places us among an elite group of only 300 CREST-accredited cybersecurity providers worldwide.
Discover all our events and everything they offer:
City Security & Safety Summit (1 Day)
25th March 2026 | Hilton Canary Wharf
Focus on the unique security challenges of city environments, from transport hubs to corporate offices and discover practical solutions while connecting with security professionals and leading solution providers.
The Mixer (Evening)
25th March 2026 | London
The Mixer provides the perfect setting to form valuable business connections in a sophisticated and engaging atmosphere with carefully crafted experiences, including drinks, canapes, music and an ambiance designed to foster meaningful interactions.
Total Security Summit (2 Days)
19th & 20th October 2026 - London Heathrow
Connect with senior security professionals from multiple sectors, explore innovative solutions and build valuable connections through targeted one-to-one meetings.
Fire Prevention & Safety Summit (2 Days)
19th & 20th October 2026 - London Heathrow
New this year, the Total Security Summit is expanding to include the Fire Prevention & Safety Summit. This enhanced event now connects solution providers with key decisionmakers in security, fire protection, and workplace safety.
