Building cyber ready NHS organisations for a digital, data driven and AI enabled future
All Convenzis Events Provide 8 CPD Points Per Delegate
Take part in our conference prize draw by visiting all stands and scanning your lanyard at each for a chance to win £100 voucher.
Current Landscape and Challenges
Cyber security is now a patient safety, operational resilience and public trust priority for the NHS.
As health and care services become more digital, the risk profile is changing quickly. EPRs, shared care records, AI tools, cloud platforms, connected devices, remote access, supplier systems and national data platforms are now embedded into how care is delivered. This creates major opportunities for better care, but also increases the need for stronger identity controls, data protection, supplier assurance, incident response and business continuity.
The DHSC Cyber Security Strategy for Health and Social Care 2023 to 2030 sets a clear ambition for health and care organisations to become cyber resilient by 2030. This places cyber security firmly within the wider NHS transformation agenda, not as an IT issue, but as a board level requirement for safe, trusted and sustainable digital care.
Recent incidents have shown the scale of the risk. The Synnovis ransomware attack in June 2024 disrupted pathology services across London, creating delays, cancellations and manual workarounds across multiple care pathways. It highlighted how quickly cyber disruption can move from systems and infrastructure into direct operational and clinical impact.
CyberSecure 2027 will bring together NHS leaders, cyber teams, digital transformation teams, information governance specialists, operational leaders and suppliers to explore how the NHS can move from compliance led assurance to practical, system wide resilience.
Timeliness of the Event
CyberSecure 2027 comes at a critical point for the NHS.
The government’s 10 Year Health Plan places digital transformation, data and technology at the centre of NHS reform. That shift will only be successful if patients, staff and the public can trust the systems, data and suppliers that support it.
Policy is also moving quickly around ransomware, incident reporting and organisational accountability. NHS organisations need to prepare for a future where cyber incidents are judged not only by technical recovery, but by their impact on patient care, continuity, public confidence and board level decision making.
The event is therefore timed to support NHS organisations as they prepare for the next phase of cyber policy, assurance, procurement and operational readiness. It also creates a strong platform for suppliers who can support NHS teams with cyber resilience, identity and access management, endpoint protection, staff awareness, AI threat detection, third party risk, cloud security, business continuity and recovery.
Key Challenges We Will Discuss
Who Would Benefit
This event is designed for NHS and public sector leaders responsible for cyber security, digital transformation, data protection, information governance, operational resilience and patient safety.
It will be particularly relevant for CIOs, CCIOs, CISOs, SIROs, Caldicott Guardians, data protection officers, information governance leads, EPR programme leads, digital transformation teams, risk and governance leads, emergency planning and business continuity teams, clinical safety officers, procurement leads, supplier assurance teams, operational managers and board members.
It will also be valuable for suppliers supporting the NHS with cyber security, identity and access management, endpoint protection, cloud security, data platforms, staff training, resilience planning, managed services, AI governance and secure digital transformation.
We have an invite only option for NHS Senior Managers for our conference, to see if you qualify for a complimentary place please click the button below.
Registration & Networking
Registration - Open from 8:30 am - Closes at 11:00 am
All delegates must complete their registration process before the 11:00 AM cut-off time. Please arrive in a timely manner to allow for registration and to avoid any inconvenience. Delegates who arrive after the registration deadline will be refused entry to the event.
We appreciate your cooperation in helping us maintain the event's schedule and ensuring that everyone can fully participate in the Conference. If you have any questions or require assistance, our event staff will be available to assist you with the registration process.
Thank you for your understanding, and we look forward to an insightful and productive event together!
Chair Opening Address
Nasser Arif, Cyber Security Manager, Digital Services, London Northwest University Healthcare NHS Trust and The Hillingdon Hospitals NHS Foundation Trust
Keynote Presentation - Cyber Resilience by 2030: Board Assurance, Supplier Risk and System Wide Delivery
Invited Speaker - Gourav Manipatruni, Chief Technology Officer, NHS Surrey Heartlands ICS
Session Overview:
This leadership interview will explore what cyber resilience means in practice across an integrated care system, with a focus on board level accountability, assurance and supplier risk. Gourav will share reflections on how NHS organisations can strengthen cyber governance, manage third party risk across the technology estate and ensure digital infrastructure supports safe, resilient transformation.
The session will also consider how system leaders can move from compliance led assurance to practical resilience, supporting the NHS ambition to become cyber resilient by 2030.
Morning Skills Clinic - When Systems Go Down: Ransomware Readiness, Reporting Duties and Clinical Continuity
Session Overview:
This panel will explore how NHS organisations can prepare for ransomware incidents in a changing policy environment.
Discussion points will include payment restrictions, mandatory reporting, executive decision making, communications, operational workarounds, supplier escalation, mutual aid and how to protect patient services when digital systems are disrupted.
Main Sponsor
Main Sponsor
Chair Morning Reflection
Nasser Arif, Cyber Security Manager, Digital Services, London Northwest University Healthcare NHS Trust and The Hillingdon Hospitals NHS Foundation Trust
Case Study
Case Study
Case Study
Case Study
Leadership Interview Session - From the Front Line to the Board: Lessons in NHS Cyber Leadership
Session Overview:
This interview style session will provide a practical leadership perspective on what it takes to manage cyber risk in a live NHS environment.
The conversation should explore board engagement, clinical leadership, risk appetite, incident learning, culture change, investment decisions and how to make cyber security meaningful to staff beyond the IT department.
Case Study
Case Study
Chair Afternoon Address
Nasser Arif, Cyber Security Manager, Digital Services, London Northwest University Healthcare NHS Trust and The Hillingdon Hospitals NHS Foundation Trust
Case Study
Case Study
NHS Deep Dive - Detection, Response and Network Resilience: Building a Cyber Operating Model That Works
Session Overview:
This NHS case study will explore how cyber, network and security teams can work together to strengthen operational resilience across a large NHS trust. The session will focus on practical approaches to threat detection, incident response, network security, escalation routes and service continuity, with reflections on how NHS organisations can build cyber operating models that protect patient services and support safe digital transformation.
Key Delegate Outcomes
Case Study
Case Study
NHS Deep Dive - Securing Shared Data, Digital Trust and Information Governance in the Cyber Resilient NHS
Speaker:
Session Overview:
This NHS deep dive will explore the role of information governance, data protection and risk management in supporting cyber resilience across modern NHS digital environments. Drawing on experience across clinical and non clinical digital projects, Aung will discuss how governance, risk and compliance can be applied in a practical way to support safe data use, protect patient information and build confidence in digital transformation. The session will also consider how NHS organisations can strengthen assurance around shared care records, EPRs, data platforms, AI enabled tools and supplier access.
Key Delegate Outcomes:
Afternoon Skill Clinic - Cyber Ready by 2030: Assurance, Accountability and Practical Action
Speaker:
Session Overview:
The closing panel will bring together NHS cyber, digital, governance and operational perspectives to explore what needs to happen next as the health and care system works towards cyber resilience by 2030.
The discussion will focus on how NHS organisations can move from compliance-led activity to continuous cyber resilience, with practical reflections on assurance, risk reporting, DSPT, NCSC CAF, supplier accountability, incident readiness and board-level ownership. Panellists will also consider how cyber teams can work more closely with information governance, digital, clinical and operational colleagues to protect patient services and build trust in digital transformation.
Key Delegate Outcomes:
End of Day
End of Day