Noord InfoSec Dialogue

The Grand, Brighton

13 March 2017 - 14 March 2017

Evolving the risk based cyber security framework to drive cloud and data initiatives

Worldwide spending on cybersecurity is predicted to top $1 trillion for the five-year period from 2017 to 2021, according to experts. Why is that we ask? According to a report ‘IT analyst forecasts are unable to keep pace with the dramatic rise in cybercrime, the ransomware epidemic, the refocusing of malware from PCs and laptops to smartphones and mobile devices, the deployment of billions of under-protected Internet of Things (IoT) devices, the legions of hackers-for-hire, and the more sophisticated cyber-attacks launching at businesses, governments, educational institutions, and consumers globally.’

In early 2015 Inga Beale, CEO at the British insurer Lloyd's, claimed that cybercrime was costing businesses globally up to $400 billion a year. Several months later Juniper Research released a report which said cybercrime will cost businesses over $2 trillion by 2019. Microsoft CEO Satya Nadella stated $3 trillion of market value was destroyed in 2015 due to cybercrime. TalkTalk, Carphone Warehouse, Tesco Bank all have become synonymous with the new reality of organised cyber crime.

There has never been a more exciting and challenging time for the industry.

CISOs are strategists by default and with the complexity and rapid growth in technology, CISOs now have to implement cyber security frameworks to enable the businesses to capitalise on the data-centric and cloud computing projects currently dominating business agendas. Security has become the definition of business and technology enablement. 

 

Noord InfoSec Dialogue has become a must-attend for CISOs, directors and heads of information security. The reason is simple, true peer-to-peer engagement. Simply filling seats is not the objective. We believe in putting people with the same challenges in the same space, in a highly interactive environment, so that knowledge can be shared and practical take aways can be reached.

This private event governed by Chatham House rule will see you meet your peers and relevant solution providers. You’ll definitely make news contacts and certainly leave with some fresh perspective.

Testimonials:

"Excellent and interesting two days."

Head of Governance & Information SecurityCofely 

"An excellent event focussing on open dialogue with your peers."

Director, Information SecurityFidelity Information Services

"Great event. Very useful networking time. Good contact with suppliers. Great dinner."

Head of Cyber SecurityParliamentary Digital Service 

"A friendly & purposeful event, enjoyable & informative."

CISO, Unipart Group

“Great forum to meet fellow information security peers and solution providers”

Executive Director, Group Information Security Office, UBS

speaker image

Simon Legg

Executive Director Information Technology
PRA Health Sciences

+
speaker image

Mark Jones

Global CISO
Allen & Overy

+

A CISO and risk management and security professional operating at executive level for the last 10 years with experience of leading large teams on both a global and national basis to deliver and sustain:

- Cyber Security for globally recognised high privacy brands and tier 1 CNI providers
- Regulatory compliance programmes in response to regulatory scrutiny
- Internal and external audit support (analysis and programme delivery)
- Business and service continuity
- Information Security across all industry verticals

His experience includes leading both end user, IT service provider and management consulting teams and encompasses leadership of the global Cyber Security & IT Compliance business for Atos Group, development and deployment of the Cyber Security strategy for BAA/Heathrow Group as an end user CISO and the leadership of the Global Information Security and Cyber Security agenda as CISO for Allen and Overy.

Prior to his end user roles Mark has lead management consulting and IT service delivery teams to provide advice and IT risk solutions to a wide range of organisations including the Scottish Parliament, the Royal Navy, ABN Amro (global wholesale banking), Zurich Financial Services, VISA Europe, Resolution plc, SEGA, William Hill, Waitrose and London 2012 to name but a few.

Mark holds the honorary appointment of distinguished engineer with Fujitsu Group in recognition of his work with them concerning e-commerce and security. He also holds a degree in Computing Science, a post graduate qualification in leadership capability and is a trained security auditor.

speaker image

David Joao Vieira Carvalho

Group CISO
OCS Group

+

David has held a variety of roles in different companies at CISO level and other very senior roles transversally in Cyber-Security for over 16 years, most recently at OCS Group, London City Airport, CryptoHeroes, AT&T, Electronic-Arts and others.

In his most recent assignment, David is currently the Group CIhief Information Security Officer of OCS Group, he leads a large global cyber-security transformation for an environment with more the 100K employees globally.  He has led various Cyber-transformations, including one enabling the sale of a UK business for £3billion. He is also involved in the strategy around Blockchain-based technologies, machine-learning, deep-learning and disruptive innovation surrounding Offensive Cyber-Security and research on the Cyber field in regards to deep-web intelligence, zero-day defense and critical infrastructure defense.

David is very certified in his technical area having been a cyber-security researcher for most of his career. Holder of the CISSP accreditation, IFCI-500, Cyber-Forensics IFCI-CCI, CISMP. Extensive knowledge of ISO 27001:2013, PCI-DSS, GDPR, Human-Machine Interaction Security (University of Maryland), Hardware Security (University of Maryland), Cryptography (University of Maryland, Information Security and Risk Management (University of Washington), Designing and Executing Information Security Strategies (University of Washington), and Computer and Telematics Engineering Masters (University of Aveiro).

David is very passionate about start-up projects and innovation – he has been on the board of several of these through the years mostly focused of Cyber and Blockchain-based Technology and as CISO (Chief Information Security Officer).


speaker image

Sharon Gould

Senior Information Security Consultant
RSA

+

Sharon Gould is the Security Operations Manager for the UK and European business within RSA Group (formerly Royal & SunAlliance and the home of MORE TH>N insurance). Reporting to the CISO, she manages a Horsham-based team of ten, growing to thirteen in 2017. The team punches well above its weight and has had its fair share of both challenges and successes over the past couple of years.

Sharon is an English Language & Literature graduate of Somerville College, Oxford, after which she worked for the first Data Protection Registrar (now the ICO), in Wilmslow. Sharon continued her data protection career at the RSPCA, where she was based in the CIO function and became a ‘proper IT person’, moving into technology management, and developing a keen interest in IT security.

With a career specialising in both data protection and security risk management, she also has a law degree from the Open University and is a Certified Information Security Manager. Sharon counts herself as a practical ‘doer’ and enjoys implementing and running security controls with her team, advising business colleagues on secure behaviour and working with the team to keep RSA’s customer data safe and secure.

speaker image

Nina Barakzai

Group Head of Data Protection & Privacy
Sky UK

+

Nina Barakzai is immediate Past Chair of the UK’s Commerce & Industry Group, representing UK in-house counsel. She is an accountant and solicitor, Trustee for two community charities and sits on the Chartered Institute of Management Accountants’ Research Advisory Group, working on Big Data.

She served as Board Member on the International Federation of Accountants’ International Ethics Standards Board and has been appointed Vice President of In-House Counsel Worldwide.  Her professional experience is in compliance, ethics, privacy, corporate transactions, cloud services and social media.  She is Group Head of Data Protection & Privacy for the Sky UK group of companies, handling all aspects of privacy and data governance. 

speaker image

Angela Isom

Group Head of Data Protection Risk
JLT Insurance Group

+
speaker image

Quentyn Taylor

Director of Information Security
Canon EMEA

+

Quentyn Taylor is Director of Information Security for Canon Europe.

He has a wealth of experience in both the IT and information security arenas and, in recent years, has focused his attention on building business relationships across the world.

Quentyn has driven Canon’s strategy to highlight the importance of document security and help business customers to minimise their security risk. Quentyn strongly believes in educating users about the importance of a comprehensive, overall security framework that will allow Canon’s business customers to improve security in a cost-effective way.

During his career, Quentyn has worked in a variety of industries for a number of organisations including outsourced service providers, Internet service providers as well as Dotcom businesses, before moving to Canon in 2000.

speaker image

Julian Osborne

CISO
VW

+

Julian has over 20 years’ experience  working within SME and bluechip companies within the brewing, health and automotive sectors.  He has a degree in Electronic Engineering from the University of Leeds and is a member of the ISO27001/2 UK User group.

Although, currently focusing entirely on Information Security in his current role, he has a wealth of experience working in mixed environments providing consultancy to large public healthcare providers as well as  IT operations, Software design and development,  R&D, network design and implementation, and Security Architecture and Operations.

He has a particular passion and focus on supplier assurance; securing the supply chain in a diverse multi franchise environment, and on innovation and disruptive technologies.

speaker image

Nicholas Miller

Chief Information Security Officer
Brevan Howard

+

Nic began his career as an Intelligence Officer within the UK Government investigating nation-state cyber security actors, leading investigations into sophisticated programs targeting UK interests globally. On leaving Government, Nic moved into providing effective, risk-based security advice and leadership for private sector firms. For the last two and a half years, Nic has been employed as the CISO at Brevan Howard, a global alternative asset manager.

speaker image

Mike Pitman

Head of Information Security
John Lewis

+

As Head of Information Security at John Lewis, Mike has accountability for information security and information assurance management and for ensuring that security plans, policies and practices reflect the changing business and regulatory environment and are in accordance with John Lewis’s risk appetite.  Mike also spent almost 3 years as Chief Information Security Officer of Adecco. Previous roles he held include Global Head of IT Security at Rentokil-Initial Plc; Head of IT Security, Risk & Compliance at Capita Life & Pensions Services.

speaker image

Robert Veres

Chief Cybersecurity Strategist
AXA

+

Robert’s 20 years in security have involved shaping the priorities of organizations to reduce risk and create business value. He has applied this Information Security expertise to manufacturing, finance, retail and medical industries across a number of security technology and operational roles in Asia and Europe. Robert’s current role is defining and executing the strategic approach that AXA uses globally to counter cyber threats covering technical, operational and process related approaches across the 64 countries AXA operates in.

speaker image

Vincent Di Giambattista

CISO / Director Information Security and IT Compliance
Walgreens Boots Alliance

+
speaker image

Tarun Samtani

Group Chief Information Security Officer
Findel Plc

+

Tarun Samtani,CISSP is the Group Cyber Security Advisor for Findel Plc, Express-Gifts (multi-channel retailer) and Findel Education. Tarun holds over 17+ years of experience across various sectors like Telecommunications, ISP's, Financial Services, Gambling & Retail. Tarun has worked across UK, Europe, Asia & Middle East on different assignments. 

He has a wealth of experience in Cyber Security and is passionate about securing business information landscape. During the course of his career Tarun has been involved in the strategy & planning, design, architecture and implementation of a significant number of information security programmes. 

He has a passion for Cyber Security and enjoys sharing his experience. He also has a keen interest in helping out charities and non-profit board organisations fight cybercrime. His specialisations include strategy, planning through delivery of security programmes including Security Culture, Data Security and DLP & IAM programmes, 

He regularly addresses global audience on these and other topics. 

speaker image

John Robey

Global Information Security Expert
Barclay's

+

John joined Barclays direct from University on the Graduate Programme in 1989. He spent his first 10 years with the Bank in front line customer facing roles and lending risk management. John moved into Information Security in Barclaycard in 1999. Since then he has had a number of roles working with the business and IT on initiatives ranging from Internet Payment engines to PCI DSS. His current specialist areas are securing the Cloud, Dev Ops and Agile Project methodologies. He is a strong believer in the maxim that “Security is fundamentally a people problem."

speaker image

James Kwaan

President
ISC2 Scotland Chapter

+

James has worked for a number of blue chip companies in Simulation and Training, Telecommunications and Financial Services. He has published papers at international conferences. He is specialist in information security, with particular knowledge and interest in Cloud (SaaS), Web Application Security, Architecture, Big Data and evolving technologies. In his spare time James is Chapter President for ISC2 and Vice-President for ISACA, and arranges ISACA knowledge sharing events. He sits on both on the ISACA and (ISC)2 Scottish committees. He is currently working for the TSB.

speaker image

Paul Butterworth

Head of IT Governance & Performance
Cancer Research UK

+
speaker image

Eric de Smedt

Manager Cyber Security
Telenet

+
speaker image

Azeem Bashir

CISO

+

Azeem Bashir is an award winning industry recognised business-driven CISO with a highly-successful background in B2B, FinTECH, Investment\Retail Banking, Financial Services, Consulting, Energy, Utilities Oil & Gas, Government & Global Corporate sectors.

Azeem has held the position of CISO and Director of Cyber Security for EMEAR for many global businesses and is a ‘Trusted Advisor’ on Cyber & Information Security Risk Management throughout the UK Government and Banking sectors.

Over 20+ years leading Information\Cyber Security and Information Risk Management delivery across multiple sectors, with extensive proven track record across EMEAR managing Banking, Oil & Gas, Critical National Infrastructure Cyber-attacks and building Cyber Security & Digital Transformation Programs.

Azeem holds numerous industry qualifications across Cyber Security \ Risk Management \ Program Management and is recognized by his peers as an industry leading CISO, a Cyber Security Advisor, Risk Practitioner, Panel\Keynote Speaker & Non-Executive on Information\Cyber Security & Risk Management.

See below for the Noord InfoSec Dialogue agenda

If you are interested in becoming a solution partner, please send an e-mail to Chris Hugall at Sales@noord-group.com

 

Current Partners

BAE Systems

BAE Systems provides some of the world’s most advanced, technology-led defence, aerospace and security solutions, employing a skilled workforce of some 83,400 people in over 40 countries. We develop, engineer, manufacture and support products and systems to deliver military capability, protect national security and people and keep critical information and infrastructure secure.

BAE Systems delivers solutions that help clients protect and enhance their critical assets in the intelligence age. Our intelligent protection solutions combine large-scale data exploitation, ‘intelligence-grade’ security and complex services and solutions integration. We enable nations, governments and businesses around the world to defend themselves against cybercrime, reduce their risk in the connected world, comply with regulation, and transform their operations.

We achieve this using our unique set of solutions, systems, experience and processes - often collecting and analysing huge volumes of data to defend against cyber-attacks, fraud and financial crime, enable intelligence-led policing and solve complex data problems.

We operate in four key domains of expertise: cyber security, financial crime, communications intelligence and digital transformation.

Leading government departments and global companies use our solutions to protect and enhance their physical infrastructure, mission-critical systems, valuable intellectual property, corporate information, reputation and customer relationships, competitive advantage and financial success.

www.baesystems.com

Bomgar

Bomgar connects people and technology securely, providing leading privileged access management and remote support solutions that strengthen security while increasing productivity. Bomgar solutions help support and security professionals improve business performance by enabling secure, controlled access to any device or system, anywhere in the world.

http://www.bomgar.com/

Centrify

Centrify is the leader in securing enterprise identities against cyber threats that target today’s hybrid IT environment of cloud, mobile and on-premises.  The Centrify Identity Platform protects against the leading point of attack used in data breaches ― compromised credentials — by securing an enterprise’s internal and external users as well as its privileged accounts.  Centrify delivers stronger security, continuous compliance and enhanced user productivity through single sign-on, multi-factor authentication, mobile and Mac management, privileged access security and session monitoring.  Centrify is trusted by over 5000 customers, including more than half of the Fortune 50. 

https://www.centrify.com/

Code42

Code42 is the modern endpoint backup company. Our secure cloud solution is trusted by more than 39,000 organizations worldwide—including the most recognized brands in business and education—for continuous, automatic backup of employee laptops and desktops. Code42 enables IT and security teams to centrally view, protect, and manage end-user data as a critical corporate asset. Our software limits risk by enabling IT to monitor data movement and use, meet data privacy regulations and recover rapidly from data loss—no matter the cause.

http://www.code42.com/

Infoblox

Infoblox delivers Actionable Network Intelligence to enterprise, government, and service provider customers around the world. We are the industry leader in DNS, DHCP, and IP address management, the category known as DDI. We empower thousands of organisations to control and secure their networks from the core—enabling them to increase efficiency and visibility, improve customer service, and meet compliance requirements. With Infoblox, organisations can protect against the rising flood of malware and cyberattacks that target networks; overcome complexity by creating a single point of control across traditional data centres as well as public and private cloud deployments; establish a single point of enforcement for security and compliance policies; and deliver actionable insights for making networks more reliable, efficient, and effective. Infoblox is headquartered in Santa Clara, California, and has operations in over 25 countries.

https://www.infoblox.com/

Netskope

Only Netskope eliminates the catch-22 between being agile and being secure and compliant by providing  complete visibility, enforcing sophisticated policies, and protecting data in cloud apps. The Netskope Active Platform performs deep analytics and lets decision-makers create policies in a few clicks that prevent the loss of sensitive data and optimize cloud app usage in real-time and at scale, whether IT manages the app or not. With Netskope, people get their favorite cloud apps and the business can move fast, with confidence. Serving a broad customer base including leading healthcare, financial services, high technology, and retail enterprises, Netskope has been named to CIO Magazine's top 10 cloud security startups and featured in such business media as CBS News, Wall Street Journal, and Forbes. Netskope is headquartered in Los Altos, California. Visit us at netskope.com and follow us on Twitter @Netskope.

The Netskope Cloud Confidence Index is a database of more than 5,000 cloud apps that Netskope has evaluated based on 35+ objective criteria adapted from Cloud Security Alliance guidance. These criteria indicate apps' enterprise-readiness, taking into consideration security, auditability, and business continuity. Each app is assigned a score of 0-100 and placed into one of five Cloud Confidence Levels - excellent, high, medium, low or poor. Netskope customers can use the Cloud Confidence Index score to make cloud app selection decisions, create custom criteria weightings in accordance with their business policies (e.g., weigh encryption of data at rest more heavily in the score), and enforce real-time policies based on Level (e.g., "Don't let users share content in cloud storage apps rated medium or below").

https://www.netskope.com/

PKWARE

Every day, Thieves, Snoops and Idiots exploit the gaps in enterprise information security. Breaches are costing companies too much time, money and credibility. It’s time to stop believing in solutions that focus on networks and devices.

Today’s threats require us to armor the data itself, so it’s protected everywhere it is used, shared and stored. We've solved these problems through the introduction of Smartcrypt. It’s next-generation encryption and key management, simplified in a way nobody thought possible.

Smartcrypt provides persistent protection and control that travels with your information. High performance, cross-platform security that is easily embedded and managed without changing the way you work.     

https://www.pkware.com/

Qualys

Qualys, is a pioneer and leading provider of cloud-based security and compliance solutions with over 8,000 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The Qualys Cloud Platform and integrated suite of solutions help organisations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organisations including Accenture, BT, Cognizant Technology Solutions, Dell SecureWorks, Fujitsu, HCL Comnet, Infosys, NTT, Optiv, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA). 

http://www.qualys.com

Dell SecureWorks

SecureWorks provides an early warning system for evolving cyber threats, enabling organisations to predict, prevent, detect and respond rapidly to cyberattacks. Combining unparalleled visibility into the global threat landscape and powered by the Counter Threat Platform – our advanced data analytics and insights engine – SecureWorks minimises risk and delivers actionable, intelligence-driven security solutions for clients around the world.

http://www.secureworks.co.uk/

Skyhigh Networks

Skyhigh Networks helps organisations safely adopt cloud services while meeting security, compliance and governance requirements. Over 400 enterprises including BP, Astra-Zeneca, The Prudential and Swarovski gain visibility into all cloud services in use and their associated risk; analyse cloud usage to identify security breaches, compromised accounts and insider threats; and seamlessly enforce security policies with encryption, data loss prevention, contextual access control and activity monitoring for sanctioned cloud services such as Office 365, Salesforce.com, Box & Google Drive

https://www.skyhighnetworks.com/

TrendMicro

Trend Micro Incorporated, a global leader in security software, strives to make the world safe for exchanging digital information.  Our solutions for consumers, businesses and governments provide layered content security to protect information on mobile devices, endpoints, gateways, servers and the cloud.  Trend Micro enables the smart protection of information, with innovative technology that is simple to deploy and manage, and security that fits an evolving ecosystem.  All of our solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™, and are supported by over 1,200 threat experts around the globe.  For more information, visit www.trendmicro.com

Zscaler

Zscaler ensures that more than 12 million users at more than 5,000 enterprise and government organisations worldwide are protected against cyber-attacks and data breaches while staying fully compliant with corporate and regulatory policies. Zscaler’s award-winning Security-as-a-Service platform delivers a safe and productive Internet experience for every user, from any device and from any location.

Operating in more than 100 data centers around the world, Zscaler delivers unified, carrier grade Internet security, advanced persistent threat (APT) protection, data loss prevention, SSL decryption, traffic shaping, policy management and threat intelligence – all without the need for on-premise hardware, appliances or software.

http://www.zscaler.com/

Business connections: a strong catalyst for success!

At the Noord Group, we understand the power of face-to-face interactions and their ability to inspire, drive change and do better business.

With this in mind, we individually approach all of our delegates to fully understand their expectations and participation goals. Based on the information collected, our dedicated business matching team devises a personalised itinerary featuring a variety of powerful business interactions such as:

  • One-to-one meetings with our Solution Partners so as to be introduced to the products and services most relevant to energise business growth
  • Quality interactions with other delegates during the frequent time-slots dedicated to participant networking

The event will also provide ample opportunities to mingle with peers in a casual set-up, including during:

  • Coffee breaks
  • Gala dinner
  • Luncheons

These relaxed, informal and interactive networking sessions will guarantee that you make enduring and mutually beneficial connections which will help you expand your network of contacts as well as your sphere of influence.

Ultimately, it is all about making you and your business thrive!