The CISO Chapter UK

Join Check Point’s Global CISO, Deryck Mitchelson, for a workshop on why an AI-centric security strategy is now the key to preventing your next major cyber incident. The cyber landscape has been re-shaped by the rise of AI-powered cyber attacks:

• Over 90% of cyber attacks start with an AI generated phishing email
• AI DDoS attacks have reached 5.6 terabits per second (Tbps)
• Social Media attacks are bigger and bolder, threatening business continuity

True digital transformation is about more than just deploying new technologies—it requires reshaping business processes, evolving security strategies, and embedding resilience to enable long-term success. As organisations navigate continuous transformation, security must be an enabler rather than a constraint.

This workshop will explore how leaders can build future-ready security strategies by embedding Zero Trust principles into their transformation journey. Attendees will gain practical insights into balancing agility and security while ensuring that innovation can scale effectively.

Key Takeaways:

• Understand the relationship between transformation, security, and Zero Trust, and how they intersect.
• Explore strategies for integrating Zero Trust to reduce attack surfaces and enhance resilience in a rapidly evolving threat landscape.
• Identify practical steps to align Zero Trust with cultural and business process transformation, ensuring security enables, rather than restricts, growth.

As organisations increasingly adopt multi-cloud strategies, robust security measures become essential to protect sensitive data across diverse platforms. This workshop will explore the unique challenges of securing multi-cloud environments and provide practical strategies for implementing effective security protocols. Participants will learn about best practices for data protection, identity management, and compliance across different cloud services.

Key Takeaways:

• Identify key security challenges and risks associated with multi-cloud environments.
• Develop actionable strategies to enhance data protection and compliance in a multi-cloud strategy.

This interactive roundtable session focuses on preparing organisations for a rapidly evolving regulatory environment by building flexible, agile GRC frameworks. It will help CISOs understand how to design compliance programs that not only meet today’s requirements but also adapt to future regulatory changes.

Key Takeaways:

• Building flexible GRC frameworks is critical to quickly adapt to evolving regulatory landscapes, supported by common control sets. 

• Leveraging integrated platforms and automation transforms compliance from a reactive process into a proactive, continuous discipline. 

• Continuous risk assessment and adaptable compliance strategies not only address emerging regulatory challenges but also strengthen overall business resilience.

In this session, Andrew Lord, Global Cyber Security Manager at Merlin Entertainments, will share his firsthand experience implementing Automated Security Validation. Learn how he tackled key cybersecurity challenges, reduced risk exposure, and leveraged proactive validation to enhance his organization’s security posture.

Key Takeaways:

• Real-world insights into implementing Automated Security Validation and its impact on risk reduction.
• Practical strategies for continuously testing and improving security controls.
• Lessons learned from integrating proactive validation into a broader cybersecurity strategy.

Struggling with slow and complex third-party risk management (TPRM) processes? Join this interactive session to explore how leading organisations streamline onboarding, monitoring, and offboarding without compromising security. Expect real-world insights, live benchmarking, and actionable strategies to make TPRM faster and more efficient.

Key Takeaways:

• Learn strategies to accelerate onboarding assessments, streamline continuous monitoring, and implement secure and efficient vendor offboarding.
• The session will provide practical insights into reducing complexity while maintaining robust risk management practices, ensuring TPRM becomes a seamless and business-friendly process.

Securing cybersecurity funding isn’t just about protection—it’s about strategic investment. In this session, we’ll explore how CISOs can position cybersecurity as a business enabler, making the case for smarter, more efficient spending.

We’ll discuss emerging technologies like AI/ML that improve security operations, the need to divest from legacy solutions, and the benefits of converging investments into unified frameworks like SASE. Attendees will gain insights on maximizing budgets, demonstrating ROI, and driving cybersecurity as a key pillar of business success.

Quantum computing is advancing at a rapid pace and poses a significant threat to current cybersecurity practices; it has the potential to break many widely used encryption methods, rendering sensitive data vulnerable and is no longer the stuff of science fiction. Governments and organisations are already investing heavily in post-quantum cryptography, and cybersecurity leaders must begin preparing for this shift now. However, the industry faces a significant skill gap—quantum security expertise is scarce, and many organisations are unsure where to begin.

This open-format workshop is designed to spark discussion among security leaders about the future impact of quantum computing on cybersecurity. Rather than a deep technical dive, this session will explore the strategic considerations for CISOs, the evolving regulatory landscape, and practical steps organisations can take to avoid being caught off guard in the coming years.

Key Takeaways:

• Understand why quantum cybersecurity is expected to be a critical concern within the next few years.
• Explore the current skill gap in quantum security and discuss strategies for upskilling teams.
• Join an open discussion on how CISOs can start laying the groundwork today to mitigate future risks.

In today’s evolving threat landscape, CISOs and security leaders face a dual challenge—external attackers targeting employees as the weakest link and internal risks stemming from human error or malicious intent. This forward-looking session will explore how a unified Human Risk Management (HRM) strategy can bridge the gap between external threats and internal vulnerabilities. Discover actionable insights to strengthen your organisation’s cyber resilience by leveraging cutting-edge AI, automation, and contextual education to reduce risks and streamline security operations.

Dr. Malcolm Murphy will demonstrate how security leaders can integrate email security with insider risk management to protect sensitive data, ensure compliance across collaboration platforms, and proactively educate employees to foster a culture of cyber awareness. Walk away with strategies to simplify operations, minimise incident response times, and stay ahead of emerging threats.

As organisations increasingly rely on complex supply chains, safeguarding against vulnerabilities is more critical than ever. CISOs need to address the unique security challenges faced in supply chain management and have effective strategies for identifying, assessing, and mitigating risks. Attendees will learn how to strengthen their security posture by collaborating with suppliers, implementing best practices, and leveraging technology to enhance supply chain resilience.

Key Takeaways:

• Understand the key vulnerabilities within supply chains and their potential impact on organisational security.
• Learn actionable strategies for creating a secure supply chain framework that protects against evolving threats.

In the fast-paced world of cybersecurity, automation has become essential for improving efficiency and responsiveness in security operations. This workshop will explore how organisations can leverage automation tools to streamline incident response, reduce manual workloads, and enhance overall security posture. Participants will gain insights into practical applications of automation in threat detection, monitoring, and remediation, enabling them to respond more effectively to emerging threats.

Key Takeaways:

• Discover key automation tools and techniques that can enhance security operations and reduce response times.
• Learn how to implement automation strategies that improve efficiency and bolster your organisation’s cybersecurity defences.

In a landscape where cyber threats are ever-evolving, fostering a culture of cybersecurity awareness is essential. This workshop will equip CISOs with the strategies to lead effective employee training programs that enhance awareness and prepare teams to recognise and respond to security threats. Participants will explore best practices for designing engaging training modules and fostering a proactive security mindset across the organisation.

Key Takeaways:

• Discover effective techniques for developing impactful cybersecurity awareness training programs.
• Learn how to measure training effectiveness and ensure continuous improvement in employee engagement with security practices.