The programme
08:20
Registration & Networking
Registration - Open from 8:20 am - Closes at 11:00 am
All delegates must complete their registration process before the 11:00 AM cut-off time. Please arrive in a timely manner to allow for registration and to avoid any inconvenience. Delegates who arrive after the registration deadline will be refused entry to the event.
We appreciate your cooperation in helping us maintain the event's schedule and ensuring that everyone can fully participate in the conference. If you have any questions or require assistance, our event staff will be available to assist you with the registration process.
Thank you for your understanding, and we look forward to an insightful and productive event together!
09:20
Chair Opening Address (Confirmed)
Dr Avi Mehra
Associate Partner & Clinical Safety Officer
IBM
Chair Opening Address
Setting the tone for a skills-first day on cyber resilience.
09:30
Leadership Lessons from the Frontline - Ransomware in Healthcare: What It Is and How the CAF Helps Us Defend Against It (Confirmed)
Barry Richardson
Head of Cyber Security and Information Security
NHS Blood and Transplant
Session Overview:
The presentation includes three practical takeaways:
- A five‑minute review sheet to assess ransomware readiness against CAF principles.
- A fifteen‑minute light‑touch review of the ten top cyber threats published by the NCSC, mapped to CAF readiness.
- A 90‑day plan to help organisations either strengthen their ransomware‑prevention posture or surface key risks to support investment decisions.
09:50
Morning Skill Clinic - Cyber Resilience in Practice: Lessons from the Past, Realities of Today, and Preparing the Next Generation of NHS Leaders (Confirmed)
Barry Richardson
Head of Cyber Security and Information Security
NHS Blood and Transplant
Dr Avi Mehra
Associate Partner & Clinical Safety Officer
IBM
Manash Rich Ray
Head - Customer Success (UKI)
ManageEngine
Panel Overview:
This panel brings together senior NHS and cyber leaders for an open and honest discussion on how the cyber landscape has evolved, what has genuinely changed in practice, and where the most significant challenges now sit.
The discussion will explore:
- How the NHS cyber threat landscape has shifted over recent years
- Key lessons learned from major incidents, policy changes, and operational pressures
- What has moved the needle in practice, and what has not
- How integrated IT security management and system-wide visibility support effective decision-making
- Why operational insight and unified oversight are critical to building a resilient cyber culture
Panel members will reflect on how cyber resilience has evolved beyond technical compliance towards culture, behaviour, and shared accountability across clinical, digital, and operational teams.
10:30
Mike Culshaw
Security Specialist
Zscaler
Main Sponsor - Zscaler
Zscaler (NASDAQ: ZS) accelerates digital transformation so that customers can be more agile and secure. The Zscaler Zero Trust Exchange, a SASE-based platform, is the world’s largest inline cloud security platform, protecting thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications over any network.
10:50
Morning Break & Networking
Morning Break & Networking
11:50
Chair Morning Reflection (Confirmed)
Dr Avi Mehra
Associate Partner & Clinical Safety Officer
IBM
Chair Morning Reflection (Confirmed)
11:55
Case Study - Modernising the SOC: Enhancing NHS Security Capabilities by Unleashing the Power of Existing Investments
Alex Noble
Head of Public Sector
Rapid7
Case Study - Rapid7
NHS Trusts are increasingly data-rich but operationally overstretched. While the transition to Microsoft has provided a foundational security layer, many Integrated Care Boards (ICBs) and Trusts find their lean teams buried under alert fatigue and a chronic clinical-to-technical skills gap.
This session explores the evolution of Managed Detection and Response (MDR) specifically within the healthcare context. We will move beyond the "tools" conversation to focus on transforming existing telemetry into tangible operational outcomes. By aligning with DSPT mandates and the 2030 NHS Cyber Strategy, we’ll discuss how to leverage your current infrastructure to drastically reduce Mean Time to Respond (MTTR)—ensuring your security investment delivers the operational resilience required for uninterrupted patient care.
12:15
Case Study - Cyber Risk Lives in the Gaps: Organisational Fragmentation and Information Security
Lisa Washer
Head of Cyber
IntaForensics Ltd
Case Study - IntaForensics
As NHS organisations undergo rapid digital and cyber transformation, fragmented organisational structures are creating information security risks that technology alone cannot resolve. This session explores how siloed ownership of information, cyber capability and governance undermines organisational resilience, and why integrated accountability is critical to delivering safer, more secure digital care.
12:35
From Compliance to Culture: The critical need for Cybersecurity in healthcare (Confirmed)
Dr Saritha Arunkumar
Chief Technology Officer Healthcare
IBM Technology
Session Overview:
Healthcare organisations have made significant progress in meeting cybersecurity compliance requirements, yet serious cyber incidents continue to disrupt clinical services and threaten patient safety. This highlights a critical gap: compliance alone does not create cyber resilience. This session explores the shift from a rules-based approach to a culture of shared responsibility for cybersecurity across healthcare. It examines how cyber risk intersects with clinical safety, operational resilience, and leadership decision-making. Attendees will gain practical insights into how healthcare leaders can embed cybersecurity into everyday practice, align it with patient outcomes, and build resilient organisations that protect care delivery in an evolving threat landscape.
12:55
Case Study - Beyond the AI Buzz: What Adversaries Are Really Doing to Healthcare Organisations
James Burchell
Sales Engineer Manager
CrowdStrike
Case Study - CrowdStrike
Session Overview:
AI dominates today's cybersecurity conversations, but what good is AI if you don't understand the threats targeting your patients, research, and critical care systems? CrowdStrike's 2025 Threat Hunting Report reveals that 81% of intrusions are malware-free and cloud attacks are up 136%. Healthcare remains one of the most consistently targeted sectors in Europe, with threat groups like FAMOUS CHOLLIMA and SCATTERED SPIDER already weaponizing AI, while nation-state adversaries like MUSTANG PANDA and CASCADE PANDA persistently target healthcare and biotechnology entities to steal intellectual property on vaccines, biomedical research, and Western medical innovations.
This session cuts through the hype, exposing real tactics used against healthcare providers and demonstrating how adversary intelligence turns AI into a decisive defensive advantage for protecting patient care, PHI, medical research, and clinical operations.
14:15
Chair Afternoon Address (Confirmed)
Dr Avi Mehra
Associate Partner & Clinical Safety Officer
IBM
Chair Afternoon Address (Confirmed)
14:20
Case Study - Beyond Users: Strengthening Privileged Access and Identity Security in the NHS
Josh Neame
Chief Technology Officer
BlueFort Security Ltd
Peter Batchelor
Regional Sales Director
Silverfort
Case Study - BlueFort
Join BlueFort Security and Silverfort for an insightful session on how their partnership can and has greatly assisted the NHS in navigating the complexities of MFA and IAM requirements outlined in the NCSC Cyber Assessment Framework (CAF) . The session will also showcase how Silverfort was successfully deployed into a large London based NHS Trust and several other trusts in the north west of England to meet CAF compliance. Finally, we will discuss how BlueFort Security, as Silverfort’s premier partner, ensures expert deployment, configuration, and ongoing optimisation to maximize the technology’s value, thereby strengthening the NHS’s overall security resilience.
14:40
Interactive Workshop - What Would a Hacker Do? Practical Cyber Habits for Everyday NHS Life (Confirmed)
Nasser Arif
Award Winning Cyber Security Manager
London Northwest Healthcare NHS Trust and The Hillingdon Hospitals NHS Foundation Trust
Session Overview:
This hands-on cyber workshop will take delegates inside the mindset of a cybercriminal, exploring the simple, everyday vulnerabilities that can lead to major incidents and how you can protect against them.
Focusing on social media awareness, personal device security, and internal skill-building, attendees will leave with tangible actions they can apply immediately to their own digital lives and teams.
Rather than discussing past incidents, this interactive session will empower staff to recognise risk patterns, identify internal cyber champions, and embed a culture of proactive security across their organisations and homes.
15:00
Case Study - Proving Cyber Readiness: Turning NHS Security Expectations into Operational Control
Adam Pilton
Cyber Security Advisor
Heimdal Security
Case Study - Heimdal
NHS cyber expectations continue to evolve, but the challenge remains consistent: how do organisations move from policy compliance to defensible, measurable assurance that supports clinical safety and operational continuity? This session explores how cyber assurance can be translated into clear accountability, actionable governance, and evidence that stands up to board scrutiny. It will outline pragmatic approaches to improving visibility across endpoints, identity, and security awareness, while supporting teams to reduce risk without adding unnecessary operational burden.
Using real world case studies and lessons learned, the talk will highlight what “good” looks like in practice, where programmes commonly stall, and how teams can demonstrate progress in ways that are meaningful to both technical stakeholders and senior leaders. Rather than prescribing a single model, the session will focus on practical principles that support DSPT aligned improvement while enabling measurable progress within constrained capacity. It will also consider how integrated security platforms, such as Heimdal Security, can help reduce complexity by consolidating visibility, automation, and reporting, supporting both technical execution and leadership assurance.
15:20
Afternoon Skill Clinic - Board-Level Cyber Governance: Turning Risk Appetite into Real Resilience (Confirmed)
Jessica Figueras
Director & Co-Founder
CxB - Cyber Governance for Boards
Session Overview:
Cyber risk is no longer just a technical issue — it is a strategic, operational and governance challenge that shapes the resilience of every NHS organisation. In this practical Skill Clinic, cyber governance specialists Jessica Figueras and Olu Odeniyi unpack what board-level cyber oversight should really look like in 2026.
Moving beyond “zero risk” slogans, this session will help NHS digital, cyber and executive leaders interpret cyber risk appetite, understand the trade-offs that influence decision-making, and build governance frameworks that turn policy into day-to-day organisational behaviour.
Using real-world NHS and wider public-sector examples, delegates will explore:
- How to define and communicate a meaningful cyber risk appetite.
- The difference between governance reality and governance theatre.
- How AI, automation and discovery tooling are changing board expectations.
- Practical approaches to reporting, escalation and cyber risk assurance.
- How to strengthen relations between CISOs, Boards, NEDs and clinical leaders.
Outcome:
Attendees leave with templates, discussion prompts and governance models that can be used immediately to strengthen board engagement, improve decision-making, and embed accountability across digital, clinical and corporate teams.
15:40
Panel Discussion - Shared Care, Shared Risk: Strengthening Cyber Resilience Across Health and Social Care (Confirmed)
Dr Avi Mehra
Associate Partner & Clinical Safety Officer
IBM
Michelle Corrigan
Chief Executive Officer
Digital Care Hub
Dr Trudie Fell
CEO and Founder
BelleVie Care Home
Session Overview:
As health and social care services continue to integrate, the security of shared systems and data has become increasingly critical. This session brings together leaders working across the care ecosystem to explore practical approaches to strengthening cyber resilience.
We will discuss lessons learned from recent cyber incidents, the shared impact of system outages, and the importance of consistent standards, clear communication, and collaboration between NHS organisations, local authorities and social care providers.
The panel will highlight what good looks like in real-world settings and how to build a culture of security that supports safe, joined-up care.
Pannelists:
- Michelle Corrigan, CEO, Digital Care Hub (Confirmed)
- Dr Trudi Fell, CEO and Founder at BelleVie Care Home (Confirmed)
15:40
Afternoon Breakout Clinic - The Future of NHS Identity: Cryptography, Zero Trust & Secure Access by Design (Confirmed)
Bill Buchanan OBE FRSE
Professor
Edinburgh Napier University
Facilitator:
- Prof Bill Buchanan OBE FRSE – Professor of Applied Cryptography, Edinburgh Napier University (Confirmed)
Session Overview:
Identity and Access Management (IAM) is rapidly becoming the backbone of NHS cyber resilience — yet most organisations are still operating with fragmented credential models, inconsistent access policies, and legacy authentication systems.
In this hands-on Skill Clinic, Professor Bill Buchanan OBE, one of the world’s most cited experts in applied cryptography and digital identity, will demystify the building blocks of modern IAM and outline what secure-by-design identity needs to look like across a connected NHS.
Using real-world demonstrations and practical frameworks, Bill will explore:
- What zero-trust really means in NHS settings.
- Cryptography foundations for strong identity (in plain English).
- Lessons from decentralised identity models and where they fit.
- How to redesign access governance for shared care, FDP, virtual wards and cloud-first estates.
- Common NHS vulnerabilities linked to identity — and how to mitigate them.
- What IAM readiness looks like for 2030 cyber maturity.
Outcome:
Delegates will leave with simple, actionable IAM principles, sample access control models, and a clearer understanding of how to uplift identity assurance without creating friction for clinicians.
16:10
Food, Drinks & Networking
Food, Drinks & Networking
