Don’t miss out

CISOXUK

07 Oct 2025

County Hall London

Welcome to CISOXUK, the premier event exclusively designed for accomplished CISOs across the UK. Step into the forefront of strategic technology leadership as we navigate the evolving post-pandemic landscape and unlock unparalleled opportunities for enterprise success. Join us at CISOXUK, where visionary CISOs converge to engage in transformative discussions, gain strategic insights, and address the pressing challenges shaping the world of enterprise technology.

Apply to Attend
View agenda
Become a sponsor
intro

The Speakers

Darren Desmond

CISO

The AA

Darren Desmond

CISO

The AA

Darren Desmond is an information security leader and Certified Information Systems Security Professional with diverse experience in security risk management within the UK Defence sector, global online gambling industry, a major UK telecommunications & media company, a ‘Big Four’ managed services company and latterly as the CISO at one of the UK’s most recognisable brands. 

Anaïs Beaucousin

CBSO

ADP International

Anaïs Beaucousin

CBSO

ADP International

Anaïs Beaucousin, currently Chief Business Security Officer for ADP International, is accountable for the delivery of centralized security services, in accordance with the needs, risk level, and plans of ADP International businesses (covering LATAM, EMEA and APAC) and ADP Corporate security. She is accountable for managing risk posture, regulatory compliancy assurance, and for the coordination of ADP International Security plans in accordance with Chief Security Office. Anaïs holds a Master’s degree in Management & Business from the Ecole Supérieure de Commerce in France. She enjoys working in multi-cultural environments, helping the organization with Security matters as well as digital transformation initiatives and is committed to deliver Service Excellence to associates and clients. She is a firm believer that being inclusive and diverse at the workplace brings the best ideas and leads businesses to success. 

Florence Kaleta

CISO - UK & Ireland

Deutsche Bank

Florence Kaleta

CISO - UK & Ireland

Deutsche Bank

Florence Kaleta is a passionate cybersecurity professional serving as Regional CISO for the UK & Ireland at Deutsche Bank. She has a strong track record of leading global risk reduction and technology programs, specializing in Identity & Access Management and cloud security, to drive process re-engineering and organizational transformation across complex international environments. 

Fluent in English, German, and French, Florence is an exceptional communicator who adapts quickly to changing landscapes. Her sharp analytical skills enable the development of strategic solutions and action plans for intricate security challenges, earning trust from stakeholders at all levels. Balancing attention to detail with an eye on the big picture, she consistently delivers robust, scalable security frameworks aligned with business objectives. 

Florence’s leadership is defined by innovation, collaboration, and a focus on enabling secure growth, ensuring that Deutsche Bank stays resilient and agile in the face of emerging cybersecurity threats. 

Neil Weller

Group CISO

OCS Group

Neil Weller

Group CISO

OCS Group

Neil Weller is a proactive and pragmatic Chief Information Security Officer (CISO) who leads a highly effective global Information Security team at OCS. His modern, risk-based, and cost-conscious approach to cybersecurity, governance, and data protection has helped shift the organisation from a reactive stance to a proactive, resilience-focused model. A core part of Neil’s leadership philosophy centres around supporting the growth and well-being of his team—an area he remains deeply passionate about.

With nearly 30 years of experience in the industry, Neil began his career as a developer specialising in secure coding practices before moving into security architecture. He brings extensive knowledge of security frameworks, tooling, and implementation techniques, underpinned by strong technical expertise and attention to detail. This background enables him to evaluate systems with both strategic and operational clarity.

Throughout his career, Neil has worked closely with security teams and business stakeholders, earning a reputation for delivering solutions that balance protection with business value. He holds a postgraduate diploma in Advanced Security and Digital Forensics and is committed to fostering awareness across all levels of an organisation—ensuring employees remain secure in both their professional and personal lives. As a leader in a global business, Neil places high value on understanding cultural differences and helping colleagues protect themselves in contextually relevant ways.

He is also a regular speaker at cybersecurity events and has worked in partnership with the UK’s National Cyber Security Centre (NCSC).

Reza Salari

CISO

Pacific LifeRe

Reza Salari

CISO

Pacific LifeRe

Reza Salari, Head of Business Information Security (BISO), oversees the global cybersecurity and technology risk program for Pacific Life Re and its Insurtech subsidiary, UnderwriteMe. He is primarily responsible for advising the business on cyber risks, security risk management, awareness, and driving adoption of security services and best practices.  Reza served in the US Air Force and participated in several deployments as part of a communications element based in Europe. Later as a civilian, he spent over a decade in the US defense industry working on cybersecurity projects, operations, and research for the US Department of Defense and intelligence agencies.   

He holds two Masters degrees, most recently an MBA from University of California, Irvine. Prior to that he obtained an MS in Computer Information Systems from Boston University. For undergraduate studies he attended San Diego State University and holds a BA in International Security and Conflict Resolution. He is a Chartered Security Professional (CSyP). He holds multiple industry leading certifications to include the Certified Information Systems Security Professional (CISSP); Certified in Risk and Information Systems Controls (CRISC); and certified in Strategic Planning, Policy, and Leadership (GSTRT).   

Hammond Reddie

CISO

Spire Healthcare

Hammond Reddie

CISO

Spire Healthcare

Hammond Reddie is a passionate cybersecurity leader with a deep commitment to protecting healthcare systems and the people they serve. As Chief Information Security Officer, he’s spent years navigating the complex intersection of clinical care and digital risk, helping organisations build resilience while staying patient focused. Hammond believes security should empower, not hinder, innovation, and he’s known for creating inclusive, forward-thinking teams. Whether mentoring future leaders or shaping national strategy, he brings clarity, warmth, and a sharp eye for what matters.

Shintaro Takeda

Regional CISO

KDDI Europe

Shintaro Takeda

Regional CISO

KDDI Europe

Shintaro Takeda is the Regional CISO and Information Security Director at KDDI Europe, where he leads the company’s internal cybersecurity strategy across Europe. In this role, he is responsible for fortifying KDDI’s digital infrastructure, managing enterprise risk, and ensuring compliance with key European cybersecurity legislation, including the EU Cybersecurity Act, NIS2 Directive, and GDPR.

Shintaro oversees the development and execution of strategic security initiatives that align with the EU’s broader goals for technological sovereignty, resilience, and operational readiness against cyber threats. His leadership ensures that KDDI’s European entities maintain robust internal security postures, capable of responding to sophisticated cyberattacks and adapting to the rapidly evolving regulatory landscape.

He also plays a pivotal role in fostering cross-functional collaboration within KDDI, promoting a culture of cybersecurity awareness, and integrating best practices across departments to support secure digital transformation. His work directly contributes to KDDI’s commitment to excellence in governance, risk management, and compliance across Europe.

Nisha Patel

CISO

Ocorian

Nisha Patel

CISO

Ocorian

Chief Information Security Officer (CISO) at Ocorian, a global leader in corporate and fiduciary services. With over two decades of experience in cyber security, network architecture, and digital transformation. Previously, Head of Digital Cyber Security Architecture and Delivery at Lloyds Banking Group, with a focus on protecting digital platforms and Lead Architect at Crossrail, Europe’s largest infrastructure project, guiding the project’s infrastructure and security architecture.

Martin Covill

CISO

IPSL

Martin Covill

CISO

IPSL

Chief Information Security Officer (CISO) at Intelligent Processing Services Limited (IPSL) who are the largest cheque processor in the UK with over 190 million items worth over £250 billion processed each year. With more than 15 years military leadership experience within Data, Voice and Communications fields and 18 years experience within financial, retail, manufacturing and B2B sectors, specialising in establishing, implementing and maintaining large strategic corporate information security and cybersecurity programs primarily within highly regulated financial services related environments.

Andrew Waples

CISO

St Andrews Health Care

Andrew Waples

CISO

St Andrews Health Care

Andrew Waples is the Chief Information Security Officer at St Andrew’s Healthcare, the UK’s leading specialist mental health charity. He leads the development and implementation of a comprehensive information security programme, ensuring the protection of sensitive patient and operational data across multiple hospital sites.

With over three decades of experience, including foundational service with the UK Ministry of Defence, Andrew has held senior cybersecurity and IT leadership roles across healthcare, education, and the private sector. His previous positions include Deputy Head of Technology and Head of Cyber Security at NHS University Hospitals of Northamptonshire, Interim CISO at Nike Computing, and global IT and security leadership roles at Swiss International, Rugby School, and Eracent.

Andrew holds both a BSc and MSc in Information Technology from Liverpool John Moores University, along with a Diploma in Senior Management. He is certified in Mental Health First Aid and Strategic Planning, and is currently pursuing advanced credentials such as CISM and CISSP. Known for his pragmatic leadership and deep technical insight, Andrew is committed to advancing digital security while supporting compassionate, patient-centred care.

Steve Postle

Director of Cyber Risk & Resilience

Trivium Packaging

Steve Postle

Director of Cyber Risk & Resilience

Trivium Packaging

Steve Postle is a strategic cybersecurity and enterprise risk leader with over two decades of experience spanning finance, utilities, defence, and manufacturing sectors. As Global Director of Cyber Risk & Resilience at Trivium Packaging, he leads the development of integrated risk, security, and business continuity programs aligned with global standards such as ISO 27001, NIST, and PCI-DSS. Known for transforming SOC and GRC capabilities across global operations, Steve brings a pragmatic, business-aligned approach to resilience, regulatory compliance, and cyber risk mitigation. He has hands-on experience managing security crises, including ransomware response, and serves as a trusted advisor to executive leadership on cyber risk and resilience strategies. 

Sarith Chandra

Director - Security, Risk & Compliance

GE Healthcare

Sarith Chandra

Director - Security, Risk & Compliance

GE Healthcare

Sarith Chandra is the Director of Security, Risk & Compliance at GE Healthcare, where he leads global initiatives to embed comprehensive risk management, information security, and compliance frameworks across the organisation. In this critical role, he ensures that GE Healthcare’s digital, clinical, and operational platforms meet rigorous regulatory standards and are resilient against evolving cyber threats.

Drawing on extensive experience in designing and executing enterprise-wide security strategies, Sarith excels at transforming fragmented controls into integrated, data-driven security programmes. He collaborates closely with cross-functional teams—spanning product development, IT, operations, and legal—to embed risk-aware practices into the organization’s culture, helping deliver secure and compliant solutions for medical devices and healthcare platforms.

Recognised for balancing technical excellence with pragmatic business alignment, Sarith is adept at steering complex compliance initiatives (e.g., HIPAA, ISO 27001) and ensuring they enhance patient safety and trust without hindering innovation. His leadership is characterised by strategic insight, collaborative engagement, and a steadfast commitment to safeguarding both the organisation and the users it serves.

Ash Hughes

Head of Cyber Security

Berkeley Group

Ash Hughes

Head of Cyber Security

Berkeley Group

Ash Hughes is the Head of Security at Berkeley Group, a leading residential-led property developer operating across London and the South of England. In this role, he provides strategic leadership for the group’s security operations, overseeing the protection of people, assets, and information across numerous high-profile development sites.

With deep expertise in both physical and cyber security, Ash champions an integrated approach that aligns safety, risk management, and technology. Under his leadership, Berkeley Group has strengthened its cybersecurity posture through robust IT governance, incident response planning, and proactive risk mitigation strategies.

Ash is known for his collaborative, forward-thinking leadership style. He works closely with stakeholders across the organisation to embed security into every stage of the development process, supporting the group’s commitment to creating secure, resilient, and sustainable communities.

Mousa Hayadri

Group Head of Cyber Security - Europe

Metroline

Mousa Hayadri

Group Head of Cyber Security - Europe

Metroline

Mousa serves as the Group Head of Cyber Security (CISO) for Metroline’s ComfortDelGro Europe, a role he has held since May 2024. In this capacity, he is responsible for leading the strategic direction and practical implementation of cyber security initiatives across the organisation’s extensive European footprint. This includes overseeing security for 13 distinct and widely recognised transport companies, such as Metroline, Citylink, and Megabus, among others.

His distinguished career spans senior leadership roles within the financial, retail, and transport industries, where he was instrumental in establishing robust security operations and shaping cyber strategy. Mousa’s impressive professional background includes significant tenures at organisations like Lloyds Banking Group, Thomas Cook, and EDF Trading.

Academically, Mousa holds a master’s degree in computer networks & security from Staffordshire University. He is also actively engaged in further developing his leadership capabilities through the Cyber Resilience Programme at Cambridge Judge Business School. Additionally, he contributes to the community by teaching cyber security and network security at university. His core specialisations lie in strategic cyber development programmes, Zero Trust architecture, and comprehensive incident investigation.

Milena Maneva

Head of Business Continuity & Resilience

Cantor Fitzgerald

Milena Maneva

Head of Business Continuity & Resilience

Cantor Fitzgerald

Milena Maneva is a recognised resilience thought leader with over 15 years of cross-sector experience spanning financial services, brokerage, law, and real estate. As Head of Business Continuity & Resilience EMEA at BGC Group and Cantor Fitzgerald, and Founder of the Resilience Arc, she brings sharp expertise in business continuity, crisis management, risk, governance, and enterprise resilience. A trusted board advisor and active member of BCI, ISACA, and SASIG, Milena is known for turning complex risks into clear, actionable strategies. She is passionate about enabling organisations and individuals to reach their full potential by fostering a culture of preparedness and resilience.

Stuart Evans

Global Director of Internal Audit

Travelex

Stuart Evans

Global Director of Internal Audit

Travelex

Stuart is globally responsible for Travelex’s Internal Audit, reporting directly to the Audit & Risk Committee. Stuart joined Travelex in 2022, having previously worked at Travelex as Head of Internal Audit for Travelex’s Global Business Payments division prior to its sale to Western Union in 2011.

Since rejoining Travelex Stuart has ensured Internal Audit provides robust assurance over key risk areas including governance, cybersecurity, regulatory and finance but also focused on assessing business performance and commercial aspects of the business.

Stuart has over 25 years’ experience in senior finance positions and managing internal audit and risk functions for large corporates including British Airways, Western Union and PayPoint. Stuart has a degree in Accounting from Liverpool University, is a Chartered Accountant and holds an Association of Certified Anti-Money Laundering Specialists (ACAMS) certification.

AJ Nurcombe

Field CTO EMEA,

Horizon3.AI

AJ Nurcombe

Field CTO EMEA,

Horizon3.AI

Ashley “AJ” Nurcombe is a highly passionate and driven technologist with a proven track record of competency in Offensive Security, Infrastructure, DLT and Mobility. With over a decade of relevant experience in the most advanced cybersecurity fields, superior technical abilities, and a highly reliable, well-rounded, seasoned IT security professional, AJ has delivered keynote talks across North America, Europe, and the GCC.

Jim Simpson

ML Threat Operations, Intel Specialist

HiddenLayer

Jim Simpson

ML Threat Operations, Intel Specialist

HiddenLayer

Jim Simpson is a seasoned cybersecurity expert specialising in threat intelligence, currently serving as Principal Analyst for Threat Intelligence at HiddenLayer. In this role, he focuses on analysing the convergence of AI and cyber security.

Prior to HiddenLayer, Jim was the Director of Threat Intelligence at SearchLight Cyber from May 2022 to May 2024. There, he led teams dedicated to monitoring and countering cyber threats emerging from dark web environments, significantly enhancing proactive threat detection capabilities.

Earlier in his career, Jim spent nearly five years at Cylance, which later became part of Blackberry. From October 2017 to May 2022, he advanced through multiple roles, ultimately becoming Director of Threat Intelligence. At Cylance and Blackberry, Jim was instrumental in developing intelligence programs that supported proactive threat hunting and incident response on a global scale.

In addition to his professional experience, Jim is also a certified instructor candidate with the SANS Institute, where he educates professionals worldwide in Threat Intelligence, bringing his real world experience to the theoretical.

Ryan Sheldrake

Field CTO, EMEA

Chainguard

Ryan Sheldrake

Field CTO, EMEA

Chainguard

Ryan has been in the industry for over twenty years. Specialising for the recent decade or so in vulnerability management and threat detection.

Ryan volunteers with the DevOps Institute and talks at many community events on the changing landscape of security in application delivery.

Ryan likes to speak about wider subjects than just technology, extending into culture, team architectures, fitness, hiking etc. Give him a try, he has an opinion about most things!

Lee Casey

Field Chief Technology Officer

Nephos Technologies

Lee Casey

Field Chief Technology Officer

Nephos Technologies

Lee Casey is the Field Chief Technology Officer at Nephos Technologies, a consultative-led data services integrator and provider. With over 20 years of experience across global vendors, distributors, and service providers, he leads Nephos’ Solution Group which houses presales, consultancy, and delivery functions to help contribute towards the development of and delivery of go-to-market service lead offerings. Lee specialises in helping organisations address complex data challenges in data management, governance, privacy, security and risk use cases. His broad technical expertise and pragmatism enable businesses to align data innovation with real-world impact.

Mandy Andress

CISO

Elastic

Mandy Andress

CISO

Elastic

Mandy Andress is currently the CISO of Elastic and has a long career focused on information risk and security. Prior to Elastic, Mandy led the information security function at MassMutual and established and built information security programs at TiVo, Evant, and Privada. She worked as a security consultant with Ernst & Young and Deloitte & Touche, focusing on energy, financial services, and Internet technology clients with global operations. She also founded an information security consulting company with clients ranging from Fortune 100 companies to start up organizations.

She is a published author, with her book Surviving Security having two editions and used at multiple universities around the world as the textbook for foundation information security courses. Mandy also tested and reviewed information security products for multiple publications as well as serving as the author for the weekly InfoWorld security column. She has been a sought after expert in the field, speaking at signature security conferences such as BlackHat and Networld+Interop. In addition, she has taught a graduate level Information Risk Management course for UMass Amherst in the College of Information and Computer Sciences.

Mandy has a JD from Western New England University, a Master’s in Management Information Systems from Texas A&M University, and a B.B.A in Accounting from Texas A&M University. Mandy is a CISSP, CPA, and member of the Texas Bar.

Chris Eves

Director of Identity Security Evangelism

Semperis

Chris Eves

Director of Identity Security Evangelism

Semperis

With a strong foundation in pre-sales engineering and a proven track record in enterprise sales, Chris has helped organisations across the UK and beyond identify and mitigate external attack surface risks and identity-based threats. His background spans both start-ups and global SaaS providers, equipping him with a unique blend of technical insight and commercial acumen. At Semperis, Chris delivers strategic guidance and trusted solutions to help clients stay ahead of evolving cyber threats.

Adam Desmond

VP UK&I

Transmit Security

Adam Desmond

VP UK&I

Transmit Security

Fraud, Risk, and Compliance Expert with over 10 years of experience delivering solutions for leading brands across financial services, e-commerce, automotive, and insurance sectors. Specializing in fraud prevention, risk management, and compliance, his career has been shaped by advancements in the cybersecurity space.
Adam is focused on how GenAI and Agentic AI are transforming fraud threats and how Predictive AI is helping leading teams stay ahead by detecting malicious intent at scale and driving measurable impact on fraud losses and efficiency.

Accelerate your network growth

Secure up to twelve exclusive meetings with relevant leads at CISOXUK maximising your opportunity to forge valuable connections and drive business growth.

Become a sponsor
Become a sponsor

Learn from industry titans

Immerse yourself in thought-provoking discussions, as top leaders share their expertise and provide you with invaluable insights to propel your strategic initiatives forward.

Forge meaningful Connections

Engage with industry peers, thought-leaders, and solution providers to foster meaningful connections and explore collaborative opportunities that drive innovation and growth.

Agenda

Discover what awaits you at CISOXUK.

Registration & Networking Breakfast

Welcome & Opening Remarks From EDS

OPENING PANEL - The Business-Savvy CISO: Mastering Communication, Influence and Impact

  • Florence Kaleta
    Regional CISO - UK & Ireland Deutsche Bank
  • Neil Weller
    Group CISO OCS Group
  • Hammond Reddie
    CISO Spire Healthcare

In today’s rapidly evolving threat landscape, CISOs face the critical challenge of bridging the gap between complex technical risks and business priorities. This panel will explore how security leaders can overcome communication barriers to effectively engage the boardroom and gain essential sign-off on security initiatives. Panelists will discuss the risks and consequences when security messages fail to resonate, such as delayed decisions, inadequate funding, and increased organizational exposure. Learn how today’s CISOs can develop strategic influence, build trust with C-suite peers, and become indispensable partners driving business growth and resilience.

In the Cyber Trenches: War Stories from 180,000

  • AJ Nurcombe
    Field CTO EMEA Horizon3.AI

To defeat the adversary, we must move beyond tracking their tools—we must understand their mind.
The traditional approach to cybersecurity has focused relentlessly on the technical what (malware signatures, TTPs) and the macro why (geopolitical tension, economic drivers). However, the next decisive frontier in intelligence and defence requires a pivot to the who: the personality dynamics that fuel cyber threat actor groups and using autonomous tools to follow in their footsteps.

THE HOT SEAT: What CISOs Need to Know About Political Risk and Threat Intelligence

  • Darren Desmond
    CISO The AA

As geopolitical tensions increasingly shape the cyber threat landscape, CISOs must adapt their strategies to account for political risk and evolving adversarial tactics. In this session, Darren Desmond—drawing on his background in military intelligence and critical infrastructure—will explore how global events influence cyber threats, and how strategic threat intelligence can help organizations stay ahead. He’ll share practical insights on integrating geopolitical awareness into risk governance, preparing for state-linked cyber activity, and leading with resilience in high-stakes environments. This is a must-attend session for security leaders navigating today’s complex, interconnected threat ecosystem.

AM BREAK & 1:1 Xchange

ROUNDTABLE XCHANGES - Discussions on Shared Challenges

  • Jim Simpson
    ML Threat Operations, Intel Specialist HiddenLayer
  • Lee Casey
    Field Chief Technology Officer Nephos Technologies
  • Chris Eves
    Director of Identity Security Evangelism Semperis
  • No Crash, Just Conduct: Security in the Era of Generative AI

    In traditional security, things break and that’s how we know they’re vulnerable. But with Large Language Models, there’s no crash, no exploit chain—just behaviour. Risk isn’t binary anymore; it’s probabilistic, contextual, and unpredictable. So, how do you test something that doesn’t fail the old way? We’ll explore why LLMs break the testing model, how attackers manipulate behaviour instead of code, and what CISOs need to rethink about red teaming, incident response, and trust boundaries in the age of generative AI.
  • Map, Manage, Mitigate: Data Governance for AI Risk

    As organisations accelerate their adoption of AI, the foundation for responsible and secure deployment lies in how effectively they govern their data. In this session, you’ll hear about the critical role of data governance in mitigating AI-specific risks - from model exploitation to data leakage - while ensuring compliance with an increasingly complex regulatory landscape. Key discussion points include: • How data mapping helps identify exposure points across your ecosystem • Why controlling access and usage is key to preventing misuse and leakage • How robust governance frameworks reduce the risk of AI model corruption • What’s emerging in AI regulation - and how to stay ahead of it • Why data governance is the cornerstone of long-term AI resilience
  • Legacy Tech, Modern Threats: Rethinking Identity Infrastructure for Business Resilience

    In today’s digital-first world, identity platforms like Active Directory are more than just IT tools, they are the backbone of business operations. This roundtable explores how identity systems underpin everything from access control to AI functionality, and why their resilience is critical to organizational survival. We’ll discuss the risks of outdated infrastructure, the challenges of hybrid environments, and how identity recovery can make or break your operational continuity.

In this interactive session, our event partners will take the lead in initiating and facilitating conversations centered on challenges and solutions within the industry. Attendees can expect dynamic discussions where diverse perspectives are shared, fostering collaborative problem-solving and the exploration of innovative solutions to common industry hurdles.

Women Leading Cyber: Breaking Barriers, Shaping the Future and Embracing Neurodiversity

  • Anaïs Beaucousin
    CBSO ADP International
  • Nisha Patel
    CISO Ocorian
  • Florence Kaleta
    Regional CISO - UK & Ireland Deutsche Bank

Cybersecurity needs more than technical excellence, it needs diverse, empowered leadership. This panel brings together trailblazing women in cyber to explore the real experiences, challenges, and impact of women shaping the future of security. Through honest stories of success and setbacks, our speakers will share how they’ve navigated career-defining moments in a field that’s still evolving in its inclusivity. Expect practical insights and lived experiences from breaking through “all-male” leadership structures, to mentoring others, and advocating for neurodiverse strengths in the workplace. We will also explore the neurodiverse differences observed between male and female leadership – such as emotional intelligence, pattern recognition, and problem-solving under pressure, and how these shape decision-making and team dynamics in high-stakes environments. Whether you’re looking to elevate your own path or champion the next generation, this conversation is a call to action: to give women in cyber a stronger voice, create space for neurodiverse brilliance, and build leadership that reflects the full spectrum of talent our industry needs.

Secure by Default: What Every CISO Should Demand from Open Source

  • Ryan Sheldrake
    Field CTO, EMEA Chainguard

Open source software fuels innovation—but it also introduces increasing security risk. With software supply chain attacks on the rise and regulations tightening globally, engineering and security leaders are under pressure to adopt secure-by-default practices that scale across development environments and teams.

In this session, we’ll explore why traditional, reactive approaches to open source security are no longer enough, and how Chainguard is enabling organizations to shift
left, building security into the software supply chain from the start. From trusted provenance to continuous vulnerability elimination, we’ll show how compiling everything from source daily gives teams unprecedented visibility and control. You’ll get an inside look at how companies like Snowflake leveraged Chainguard to reduce CVE remediation time by 85%, enabling their teams to ship with confidence and stay ahead of compliance requirements. We’ll also explore how Canva integrated Chainguard Images to support rapid product delivery while meeting strict security and governance standards.
Whether you are operating at hyperscale or just beginning your journey toward secure software development, this session will deliver market insights, real-world examples, and practical takeaways to help you build a secure software factory grounded in open source best practices.

Join us to learn why “secure by default” isn’t just a philosophy, it’s now a market expectation.

LUNCH & 1:1 Xchange

QUICK TECH TALE: Seconds to Respond: Navigating the Chaos of a Live Phishing Attack

  • Ash Hughes
    Head of Cyber Security Berkeley Group

When a highly targeted phishing email bypassed traditional security filters, the Berkeley Group’s cyber team was faced with a critical challenge: contain the threat before it spread. In this 10-minute session, Ash Hughes, Head of Cyber Security, shares how the team rapidly identified the compromise, initiated a coordinated incident response, to isolate and remediate malicious payloads across mailboxes. He outlines the pressure of real-time decision-making, how Berkeley refined its response workflows, and the role of end-user behavior in threat detection. The outcome? No data loss, improved response time, and a transformed approach to phishing defense. This is a candid look at what it takes to stay ahead of attackers, when seconds matter most.

QUICK TECH TALE: Beyond Bots: Tackling Modern Fraud in the Age of Agentic AI

  • Adam Desmond
    VP UK&I Transmit Security

GenAI is fueling a new era of fraud; fast, adaptive, and eerily human. Agentic AI amplifies the threat by powering autonomous attacks that imitate legitimate behaviour, rendering traditional fraud defenses ineffective, especially as real users increasingly rely on agents themselves. Stopping fraud now requires a different kind of AI. Predictive AI doesn’t react; it continuously learns from real user behaviour, device signals, and identity context to detect subtle signs of fraud before it happens. It’s how leading fraud and identity teams are staying ahead of GenAI and Agentic AI threats.

EDS INSIGHTS: What Are Security Leaders Saying? Challenges and Priorities

  • David McClelland
    XSeries Host & Moderator EDS

In this interactive session, we unpack the latest poll findings on the most pressing challenges facing Security Leaders in 2025. From evolving threat landscapes and regulatory pressures to talent shortages and technology shifts, this discussion brings together real-world insights and peer perspectives from across the security community. Join us as we explore the data, identify emerging priorities, and exchange ideas on how today’s security leaders are preparing for what’s next.

AI-Powered Security: Staying Ahead in an Autonomous Threat Landscape

  • Mandy Andress
    Chief Information Security Officer Elastic

As threat actors increasingly leverage AI to scale and sharpen their attacks, security teams must evolve beyond reactive defence. In this session, you’ll hear how leading organisations are adopting AI-driven approaches to detect threats earlier, respond with greater precision, and build environments capable of defending themselves.
Elastic CISO Mandy Andress will examine how defenders can rethink detection, decision-making, and response – shifting from traditional playbooks to dynamic, intelligence-led security strategies that keep pace with a rapidly changing threat landscape.

Key Takeaways:
– How AI is transforming detection speed and decision-making at scale across the SOC
– Why generative AI introduces new types of risk – and what strategies help mitigate them
– Ways data quality and accessibility shape the effectiveness of AI-led defence

QUICK TECH TALE: Cyber Data Protection - Know Your Data to Protect It

  • Sarith Chandra
    Director - Security, Risk & Compliance GE Healthcare

In an age where data is the most valuable asset, protecting sensitive information from insider threats is more critical than ever. In this fast-paced session, Sarith Chandra shares how GE Healthcare approaches the challenge of safeguarding its “crown jewels” through robust Data Loss Prevention (DLP) strategies and insider risk programs. Learn how to balance security with productivity, detect early warning signs of misuse, and build a culture of trust without compromising control. A sharp, tactical briefing for security leaders facing the human side of cyber risk.

PM BREAK - 1:1 Xchange + Community Conversations

  • Shintaro Takeda
    CISO KDDI Europe
  • Nisha Patel
    CISO Ocorian
  • Martin Covill
    CISO IPSL
  • Executive Accountability and Operational Readiness Under NIS2: Bridging Compliance and Cyber Resilience

    With the NIS2 Directive setting a new bar for cybersecurity governance across critical sectors, executive accountability is no longer optional, it's a legal obligation. This roundtable brings together senior security, risk, and compliance leaders to explore how organizations can meet the directive’s heightened demands while driving meaningful cyber resilience. Key discussion points will include operational readiness, board-level oversight, incident reporting, supply chain risk, and aligning compliance efforts with strategic risk management. Join us for an interactive, off-the-record conversation on what readiness really looks like in a NIS2 world, and how to bridge the gap between policy and practice.
  • How Security is Impacted By AI in the Business

    As AI adoption accelerates across every business function, from operations and customer service to software development, CISOs are under growing pressure to secure systems they may not fully control or understand. This roundtable brings together senior security leaders for a candid conversation on the evolving security implications of enterprise AI. Topics include securing AI models and data pipelines, detecting AI-generated threats, managing shadow AI initiatives, and aligning governance with innovation. Join your peers to explore how CISOs can enable responsible AI use while maintaining visibility, control, and trust in a fast-moving landscape.
  • Leading Through Burnout: Prioritizing Wellbeing for Yourself and Your Security Teams

    As cyber threats escalate and the pressure on security teams intensifies, burnout is becoming a critical leadership challenge. This roundtable invites senior security leaders to candidly discuss the human cost of constant vigilance, and the strategies needed to foster resilience at both personal and team levels. From managing stress and workload to building a culture of psychological safety and sustainable performance, this session explores how to lead with empathy, prioritize wellbeing, and retain top talent in high-stakes environments. Join us for a thoughtful conversation on how strong leadership starts with taking care of your people and yourself.

Take a break, engage in meetings and join a discussion roundtable! During this PM Power Break, fellow enterprise leaders will guide discussions on their favorite topic, fostering an environment of open exchange, exploration of diverse perspectives and experiences. Attendees can grab a coffee and anticipate engaging conversations through 1-2-1 meetings and roundtables. Conversations will be driven by shared challenges and interests, offering valuable insights and opportunities for collaborative learning and networking.

The United Front: Driving Security Awareness, Education and Responsibility Across the Enterprise

  • Reza Salari
    CISO Pacific LifeRe
  • Milena Maneva
    Head of Business Continuity & Resilience EMEA Cantor Fitzgerald
  • Stuart Evans
    Global Director of Internal Audit Travelex
  • Mousa Hayadri
    Group Head of Cyber Security - Europe Metroline

Enterprise protection isn’t just a technical issue, it’s a cultural one. In this closing panel, leading CISOs share how they’re embedding security awareness across their organisations, turning every employee into an accountable link in cyber resilience. From board-level engagement to frontline behaviour change, we’ll explore what it takes to drive lasting awareness, secure executive buy-in, educate employees and build shared accountability. Expect practical insights on making security real, relevant, and everyone’s responsibility. This is your playbook for leading a more secure, aware, and united enterprise!

Key takeaways include:
• Creating a security-first culture through cross-functional leadership
• Moving beyond tick-box training to real behavioural change
• Communicating risk in language the business understands
• Empowering champions beyond the IT and security team

Closing Remarks

Drinks Reception

Apply to Attend

Request an Invitation

Location

County Hall, Belvedere Road, London, UK

County Hall, Belvedere Road, London, UK

Past Events

Testimonials

See what attendees, speakers and sponsors say about our events.

“I attended because the list of speakers was an attraction, and the time of the year also worked for me. It met my expectations. I was planning on leaving earlier, but stayed all through because I did not want to miss anything."

Olusegun Opeyemi-Ajayi

Chief Information Security Officer

NYC DOT

“I enjoyed the people, the interaction, the conversations and insights on what happening currently or near term in the industry, also the exceptional customer service by the team and staff, the intimacy EDS showed me throughout the event, I wasn’t left on an island. "

Alim H. Ali

Chief Technology Strategist

Global Population Healthcare Management

“I had lots of fun and met a lot of great people there & most importantly I learned a few things as well."

Chu Kong

Information Technology Director

Sunnyside Community Services, Inc.

“My overall experience was excellent and very informative, I enjoyed the content of presentations and also discussions. Also interaction with fellow attendees."

Fabio Van Roon

Senior IT Risk Expert

ING NEDERLAND

“The location, timelines, topics put it above many of the other conferences, I would like to participate next time! "

René Pluis

Group Security - Regulatory & Standards

Philips

“I attended last year’s EDS CIO CISO event and thought the speakers and content were excellent. This year was even better with a good mix of topics and some interesting participants."

Michael Pinhorn

Head of Information Security GRC and Deputy CISO

University of Oxford

“I was impressed by all of the speakers and took away some interesting insights from the participants. The EDS team was well organized and made things flow well, and the event location / venue was great."

Regional Information Security & Data Privacy Officer

Texas Instruments

“This was well worth the trip and would certainly attend again if invited."

Laurie Warne

MASS plc

“This event is definitely better than others I've attended - service-oriented and really focused on ensuring a lot of dialogue. Both in 1:1 interactions and at the tables. Very well done."

Sarah Köhl

Director

Hays

“Interesting agenda, top experts and speakers, expectations were fully met by the participants and presentations. The event was great, vibrant until the end and at a great venue!"

Mathias Wilhelm

Managing Director

Universal Investment

“This is in the Top 5 of my best IT conferences to date, including commercial events. I already recommended EDS to my colleagues."

Claudia Preis

Technical Director

Allianz Commercial

“It was a real value for me to be part of your event. You did a great job in organizing and performing."

CIO & Vice President

Hoffmann Group

“Attending EDS events as a CTO opened doors to insightful discussions and connections that felt truly genuine. It's not often you find such a perfect blend of knowledge sharing and camaraderie."

Mark S.

CTO

“Another great event! The atmosphere is relaxed yet intellectually stimulating, making it easy to connect with peers and exchange real-world insights with real CISOs."

Rachel H.

CISO

“Thank you EDS. Your gatherings are refreshing and I always leave feeling inspired and armed with actionable ideas for our digital strategy."

Adam W.

CDO

“Sponsoring EDS events has been a fantastic opportunity for us. The focus on genuine engagement rather than just promotion allows us to build lasting relationships with industry leaders in a natural, authentic way."

Emily C.

Sponsor

“I've been attending EDS dinners as a CIO for a while now, and they never disappoint. The blend of thought-provoking discussions and genuine connections is unmatched in the industry."

Michael B

CIO

“EDS events provide an invaluable platform for CISOs like myself to exchange ideas and best practices in a relaxed, yet professional setting. The conversations are always real and relevant. Thank you EDS team!"

Sarah G.

CISO

“We're repeat sponsors of EDS dinners for a reason! Each time, we get unique opportunities to connect with decision-makers on a personal level. It's not just about business; it's about building authentic relationships, every time"

David L

Sponsor

“EDS events have become a staple for me as a CDO"

Lisa M.

CDO

“Sponsoring EDS events has been a breath of fresh air. The focus on quality over quantity ensures that our brand gets genuine exposure to the right audience in a way that feels natural and human."

Alex T.

Sponsor

FAQs

Who attends?

Attendance is reserved for C-Suite executives and Senior Executives within Cybersecurity, including Chief Information Security Officers, and other senior security decision-makers from a wide array of industries. Joined by our select sponsor partners, enriching networking opportunities and offering cutting-edge solutions.

What does my delegate pass include?

Thanks to our sponsors, your access is entirely complimentary, providing you with full-day access to all presentations, exclusive networking sessions, personalised one-to-one meetings, delectable catering, and an open bar for added networking.

What are the one-on-one meetings?

These 25-minute meetings provide invaluable opportunities to discover new solutions and expand your network with leading innovative providers that can help solve your current or future complex challenges.

What is the dress code?

Professional business attire is appropriate.

Do I need to prepare anything?

No preparation is needed on your part. We take care of all the final details. Simply arrive at the specified time, date, and location, and we’ll handle the rest to ensure you have a seamless and enjoyable experience.

Why attend?

Our events offer unparalleled experiences where interactive sessions spark innovation, keynotes unveil insights from industry luminaries, and exclusive one-on-one meetings with best-in-breed solution providers unfold in some of the world’s most prestigious venues. This unique format ensures that your challenges are addressed directly, providing invaluable insights, connections, and maximising value for your time. With a compact schedule featuring a variety of presentations, you’ll gain a comprehensive view of the latest innovations and have ample opportunity to network with like-minded peers—all under one roof, and in just one day. This fosters collaboration and forges invaluable connections among executives with a genuine influence, setting the standard for elite gatherings in the industry.

Have any more questions?

Get in touch here

Have any more questions?

Get in touch