Register Now
December 5-8, 2022
ExCel London / United Kingdom

Black Hat Executive Summit

Tuesday, December 6, 2022

ExCel, London


Black Hat Executive Summit offers CISOs and other cybersecurity executives an opportunity to hear from a variety of industry experts who are helping to shape this next generation of information security strategy. The program dissects the latest technologies designed to stay ahead of sophisticated adversaries and provide a peek into future platforms; we'll outline the next-level skills and strategies CISOs need to bolster their relevance and we'll discuss the latest techniques for maintaining a proactive approach to data protection.

For CISOs and executives looking to transform from a mere manager of information into a corporate champion of business growth, it's imperative to stay on top of the latest insight. That journey begins at the Black Hat Executive Summit.

Application Portal is Now closed

The registration window is now closed, thank you for your interest.


*Please note: In order to create an open and candid environment that promotes the sharing of ideas, thoughts, and discussion, the Executive Summit will follow Chatham House Rule; neither media nor event coverage is permitted. This program is designed for executive security practitioners. Solution providers, consultants, and vendor attendees are not permitted, with the exception of event sponsors.


Agenda

Tuesday, December 6th

7:30 AM – 3:00 PM Registration
8:30 – 9:00 AM Networking Coffee
9:00 – 9:15 AM Opening Remarks
  • Steve Wylie, Vice President, Black Hat

  • Jeff Moss, Founder, Black Hat, DEF CON

    U.S. Department of Homeland Security Advisory Council

    Jeff Moss advises companies on security issues, both, electronic and physical, as well as speaking globally on the topic. He sits on several advisory boards helping enterprises make informed decisions on cyber risks.

    In April 2011 Mr. Moss was appointed as the Chief Security Officer for the Internet Corporation for Assigned Names and Numbers (ICANN), a non-profit whose responsibilities include coordinating and ensuring the security, stability and resiliency of the Internet's unique global identifiers as well as maintaining the root zone of the Internet. This position involved managing the IT security of the ICANN networks and information systems, the physical security of ICANN facilities and meetings, and ensuring that ICANN meets its security and resiliency commitments to the multi stake holder community that oversees ICANN. This position involved extensive international travel and coordination with governments, law enforcement, and operational security communities in support of discussions around Internet Governance and security. Mr. Moss left this position at the end of 2013.

    Moss is the founder and creator of both Black Hat and DEF CON, two of the most influential information security conferences in the world, attracting over ten thousand people from around the world to learn the latest in security technology from those researchers who create it. Prior to creating Black Hat, Jeff was a director at Secure Computing Corporation where he helped establish their Professional Services Department in the United States, Asia, and Australia. His primary work was security assessments of large multi-national corporations. Jeff has also worked for Ernst & Young, LLP in their Information System Security division. Because of this unique background Jeff is uniquely qualified with his ability to bridge the gap between the underground researcher community and law enforcement, between the worlds of pure research and the responsible application of disclosure.

    Jeff is currently a member of the U.S. Department of Homeland Security Advisory Council (HSAC), providing advice and recommendations to the Secretary of the Department of Homeland Security on matters related to homeland security. Jeff is a life member of the Council on Foreign Relations, which is an independent, nonpartisan membership organization, think tank, and publisher.

    In 2013, Jeff was appointed as a Nonresident Senior Fellow at the Atlantic Council, associated with the Cyber Statecraft Initiative, within the Brent Scowcroft Center on International Security. In 2014, Jeff joined the Georgetown University School of Law School Cybersecurity Advisory Committee. Jeff is also active in the World Economic Forum, and recently became a member of the Cyber Security Global Agenda Council for 2014-2016. In addition, Jeff earned the ICSA President's Award for Public Service in 2011.


9:15 - 9:55 AM Cyber War 2022
  • Kenneth Geers, Ph.D., Very Good Security, NATO Cyber Centre, Atlantic Council

    Dr. Kenneth Geers works at Very Good Security. He is an Atlantic Council Cyber Statecraft Initiative Senior Fellow, a NATO Cooperative Cyber Defence Centre of Excellence Ambassador, and a Digital Society Institute-Berlin Affiliate. Kenneth served for twenty years in the US Government: in the Army, National Security Agency (NSA), Naval Criminal Investigative Service (NCIS), and NATO. He is the author of "Strategic Cyber Security", editor of "Cyber War in Perspective" and "The Virtual Battlefield", and technical expert to the "Tallinn Manual".


9:55 - 10:30 AM Ethics of Information Security
  • Victoria Baines, Ph.D., IT Livery Company Professor of IT, Gresham College

    Victoria Baines is a leading authority in the field of online trust, safety, and cybersecurity. She frequently contributes to major broadcast media outlets on digital ethics, cybercrime, and the misuse of emerging technologies, including Extended Reality and Artificial Intelligence. Her areas of research include electronic surveillance, cybercrime futures, and the politics of security. She also provides research expertise to a number of international organizations, including Interpol, UNICEF and the Council of Europe.


10:30 - 10:50 AM Networking Break
10:50 - 11:30 AM Laws, Acts and Directives. Do We Need More Cyber Security Regulation and What Should This Look Like?
  • Toks Oladuti, GD CISO, Dentons

    Toks is responsible for the global delivery of information security at Dentons, the world’s largest law firm. He has over 20 years of experience working in security, technology, and privacy, across a number of industries.

    Toks is an experienced and strategic business risk leader. He has a particular passion for team building and development, strategy, security, operations and architecture, data protection, compliance and audits, and enterprise culture, awareness, and training.

    Toks has contributed to the business and technology community through information sharing, groups, speaking engagements, and multi-industry networking. As a strong supporter of education and schools, he has provided support in areas of security, data protection, user awareness, and cloud transformation.


11:30 AM - 12:10 PM What Does the DPO Think of the CISO (What is Reasonable)?
  • Asli Yildiz, Global Head of Privacy, S4 Capital

    Asli Yildiz worked as the Head of Legal for the Data & Marketing Association UK, and boasts a wealth of experience in legal risk management on corporate and company-related matters, distribution channels and systems, data protection, anti-bribery & corruption, competition laws, regulations and regulated markets and mergers & acquisitions. Prior to her work with DMA UK, she was a data privacy and cyber security lawyer at Taylor Wessing LLP and a legal counsel at Canon EMEA HQ for emerging markets.


12:10 - 1:40 PM Networking Lunch
1:10 - 1:40 PM IBM Simulation*
  • Laurance Dine, Global Partner, X-Force Incident Response
  • Stephan Delahunty, IBM Senior X-Force Range Instructor
*optional, 16 people only
1:40 - 2:20 PM Sustainable Security, How Do You Deliver Value to Your Business?
  • Alan Jenkins, Director, Advisory Services, Decipher Cyber Consulting Partners

    Alan Jenkins is a highly confident, effective and adaptable leader, manager & team player, with some 30 years experience in all facets of security, particularly cyber and enterprise security risk management, with a focus on 'value-at-risk'.

    During his career as a senior RAF Police officer, he accrued extensive operational exposure in the UK & overseas, in both multi-national & multi-agency environments, against the backdrop of a broad threat spectrum & across all 3 of the so-called physical, personnel & information security pillars. His ‘hard' experience is complemented by softer skills & broad general management experience, incl corporate governance, strategic planning, program management, business continuity, cyber resilience & crisis/disaster/incident response activities.

    Since leaving the RAF in 2006, Alan has added management consulting plus business development, delivery & pre-sales experience in both Public & Private sectors in the role of a Trusted Advisor & SME. After spells at CSC & T-Systems as UK Chief Security Officer, responsible for end-end security governance, operations and risk, he joined Babcock International Group as their first CISO in Apr ‘13. Alan led the delivery of significant improvements in the Group's cyber security capabilities to the benefit of the wider business & its customers. After a year as an Independent, he joined IBM Security in Nov ‘15 as an Associate Partner leading activities in the UK’s FinSvces Sector; he also led the delivery of a £multi-million security workstream as part of a £1.2 billion contract with a Tier 1 Bank. Alan returned to freelancing in Aug ‘18, working through Cybercorre & then joined a start-up, Guardian Cyber Services, in Jan ‘19, before landing an all-too-brief role @ 2-Sec Consulting. He’s been on contract to Hitachi Europe’s Security Business Group since Oct ‘19. He has also been CISO-in-Residence at CyLon Labs since Mar ‘19 supporting 2 Cohorts of startup/scale ups and supporting a CyLon Spark workshop in Oman in Feb ‘20.


2:20 – 3:00 PM Supply Chain Security Below the Infosec Poverty Line Panel
  • Bev Allen, CISA, Head of Information Security Assurance, Quilter

    Bev Allen is an information security professional with more than 30 years of experience in delivering operational and strategic privacy, information security and information risk management, including the development and delivery of security and privacy policies, standards, and security training, in a variety of culturally diverse organizations and industries. Currently working with tools to analyze and produce data-based metrics and management reporting, using that data to measure and monitor control performance and gaps, underpin and drive corrective action for security control failures, and to support information security assurance reviews.


  • Andrew Rose, Resident Chief Information Security Officer, Proofpoint

    Andrew Rose is Resident CISO for the EMEA Region at Proofpoint. His focus is driving Proofpoint’s people-centric security vision, strategy and initiatives amongst the company’s customer base, bringing hands on experience, knowledge and perspective in managing risk and improving cyber security posture across complex enterprises. Andrew was previously Chief Security Officer of Mastercard subsidiary Vocalink, who are responsible for much of the UK’s instant and bulk payments covering over 90% of UK salaries, over 70% of UK bill payments and nearly all UK benefit payments.

    Andrew brings with him a wealth of additional industry expertise from several CISO roles including at the UK’s Air Traffic Control provider, NATS, where he oversaw a security transformation and contributed to the design of the next-generation air traffic control system. Andrew has also held CISO roles at top-tier global law firms Allen & Overy LLP and Clifford Chance LLP and was a Principal Analyst at Forrester Research where he covered the role of the CISO and Security Culture and Awareness as two of his specialty areas.

    A familiar face in the UK and European cybersecurity community, Andrew was recognized as “European CISO of the year” at the SC Media Europe Awards 2018 and has previously won awards for devising and leading the “Best security awareness program” (UK Cyber Security Awards 2015).

    Andrew holds a Master’s degree in information security and is a regular speaker at global security conferences.


  • Quentyn Taylor, Black Hat Executive Summit Advisory Board

    Quentyn Taylor has a wealth of experience in both the IT and information security arenas and, in recent years, has focused his attention on building business relationships across the world. Quentyn has driven strategy to highlight the importance of document security and help business customers to minimise security risk. Quentyn strongly believes in educating users about the importance of a comprehensive, overall security framework that will allow business customers to improve security in a cost-effective way. During his career, Quentyn has worked in a variety of industries for a number of organisations including outsourced service providers, Internet service providers as well as Dotcom businesses.


  • Alan Jenkins, Director, Advisory Services, Decipher Cyber Consulting Partners
  • Moderator: Jane Frankland
3:00 - 3:20 PM Networking Break
3:20 - 3:50 PM Reducing Corporate Bureaucracy
  • Dinis Cruz, Chief Information Security Officer, Holland & Barrett

    Dinis Cruz is CTO and the CISO of Glasswall. He brings a unique blend of Security and Engineering expertise with 20+ years of experience in Cyber Security and Software Development. Dinis is focused on creating teams and environments where engineering and security are enablers and accelerators for the business, with a big focus on the productization and commercialization of advanced technologies.


  • Alan Jenkins, Director, Advisory Services, Decipher Cyber Consulting Partners
3:50 - 4:30 PM Next Generation Awareness Panel or Managing Human Risk
  • Bev Allen, CISA, Head of Information Security Assurance, Quilter
  • Carole Embling, Information Security Manager – Compliance, Metro Bank

    Carole Embling has worked in the world of Information Security since the turn of the century, first in Royal Mail as the Compliance, Communications and Awareness manager for the whole Group, having spent the 20 years ‘learning the business inside out’. She then spent 6 years at Prudential Group Head Office working on group-wide Information Security compliance. Carole then worked at BMJ Publishing Group as their Information Governance and Data Protection Lead. She joined Metro Bank in May 2019 as Information Security Manager – Awareness and Behavior Change.


  • Naveed Islam, Chief Information Security Officer, Dojo

    Naveed Islam is the Chief Information Security Officer at Dojo - a payment acquirer focusing on Small to medium businesses. He joined at the beginning of 2021 with the remit to build and embed a dedicated security function that aligns with the fast-moving nature of a fintech.

    Prior to Dojo, Naveed was at Currys for 4 years serving as the Deputy CISO and latterly as the CISO. He started his career in consulting working in various client-facing roles at Cisco, Accenture, Dell and PwC.


  • Rob Rodger, Chief Information Security Officer, Admiral Insurance

    Rob Rodger is passionate about building world-class security functions, which are a business enabler; delivering security solutions that enable the organization to explore opportunities that previously they would have been too cautious to exploit, while operationally managing the ever-increasing threat.

    His approach to security is that of common sense; efforts must be equally focused on doing the basics flawlessly and driving systemic improvements through the broad exploitation of intelligence, data, automation, and machine learning in a sound security architecture. Rob is a career security professional with over 25 years of experience in banking security. I have a proven track record of building high-performance teams to deliver quality and effective security practices.


  • Moderator: Jessica Barker, Ph.D., Co-CEO and Co-Founder, Cygenta
4:30 - 4:50 PM Black Hat Briefings Preview
  • Daniel Cuthbert, Black Hat Review Board

    Daniel Cuthbert loves doing security research. With a career spanning over 20 years on both the offensive and defensive side, he's seen the evolution of hacking from a small groups of curious minds to organized criminal networks and nation state we see today. He is the original co-author of the OWASP Testing Guide, released in 2003 and now the co-author of the OWASP Application Security Verification Standard (ASVS) and sits on the UK Government Cybersecurity Advisory Board.


4:50 - 5:00 PM Closing Remarks
  • Quentyn Taylor, Black Hat Executive Summit Advisory Board
5:00 - 6:30 PM Networking Reception, The Bridge at The ExCeL

Advisory Board

Dr. Jessica Barker
Daniel Cuthbert
Jane Frankland
Phil Huggins
Darrin Johansen
Becky Pinkard
Quentyn Taylor

Sponsors

Premium Sponsor

IBM is the global leader in business transformation through an open hybrid cloud platform and AI, serving clients in more than 170 countries around the world. With 28 consecutive years of patent leadership, IBM is committed to being a responsible innovator and a force for good in the world.

www.ibm.com

Laurence Dine
Stephen Delahunty

Foundation Sponsors

Accenture is a global professional services company with leading capabilities in digital, cloud and security. Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services and Accenture Song—all powered by the world’s largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. We embrace the power of change to create value and shared success for our clients, people, shareholders, partners and communities. Visit us at accenture.com.

Jacky Fox

With its next-generation zero trust network access solution (ZTNA 2.0), Cyolo helps organizations in the IT and OT spaces connect their users seamlessly and securely to applications, files, servers, and desktops from any device on their local network or in the cloud. To learn more, visit cyolo.io


Reception Sponsor

At Nokia, we create technology that helps the world act together.

As a trusted partner for critical networks, we are committed to innovation and technology leadership across mobile, fixed and cloud networks. We create value with intellectual property and long-term research, led by the award-winning Nokia Bell Labs.

www.nokia.com


Networking Break Sponsor

BlueVoyant combines internal and external cyber defence capabilities into an outcomes-based platform called BlueVoyant Elements. Elements is cloud-native and continuously monitors your network, endpoints, attack surface, and supply chain plus the clear, deep, and dark web for vulnerabilities, risks, and threats; and takes action to protect your business, leveraging both machine learning-driven automation and human-led expertise. Elements can be deployed as independent solutions or together as a full-spectrum cyber defence platform. BlueVoyant’s approach to cyber defence revolves around three key pillars — technology, telemetry, and talent — that deliver industry-leading cyber security to more than 700 customers across the globe.

www.bluevoyant.com


Become a Sponsor