arrow-circle-full-right arrow-circle-full-up arrow-circle-up arrow-down arrow-right calendar calendar-done facebook flickr home linkedin login pin reload search share signin star twitter video video youtube nav star-plus info signout double-arrow arrow-up checked
Telecoms, Media and Technology

FT Cyber Security Summit Europe 2015

London |
Speakers include:
Ed Vaizey MP

Ed Vaizey MP

Department for Culture, Media and Sport and the Department for Business, Innovation and Skills

Graham Wright

Graham Wright

National Grid

Sorin Ducaru

Sorin Ducaru



Building Safe and Resilient Businesses 

The FT Cyber Security Summit Europe 2015 will bring together boardroom directors, chief executives, senior management and chief information security officers to discuss the current threats in cyberspace and what more should be done to build safer and more resilient businesses.

Following on from the inaugural FT Cyber Security Summit 2014, and the FT Cyber Security Summit USA 2015,  this third in the series will continue to examine the threats facing businesses, not only those in critical infrastructure sectors such as communications and financial services, but in other areas too.

Chaired and moderated by senior FT journalists, the speakers and panellists will include senior officials from government departments responsible for helping public and private sector organisations manage their cyber risks. It will also include consultants, security solutions vendors, researchers and other experts in this area.

2014 Summary Video_resized

Click here to watch the 2014 Summit summary video

fallback Add to my Calendar 09/22/2015 08:30:0009/22/2015 17:45:00trueFT Cyber Security Summit Europe 2015Building Safe and Resilient Businesses The FT Cyber Security Summit Europe 2015 will bring together boardroom directors, chief executives, senior management and chief information security officers to discuss the current threats in cyberspace and what more should be done to build safer and more resilient businesses.Following on from the inaugural FT Cyber Security Summit 2014, and the FT Cyber Security Summit USA 2015,  this third in the series will continue to examine the threats facing businesses, not only those in critical infrastructure sectors such as communications and financial services, but in other areas too.Chaired and moderated by senior FT journalists, the speakers and panellists will include senior officials from government departments responsible for helping public and private sector organisations manage their cyber risks. It will also include consultants, security solutions vendors, researchers and other experts in this area.

2014 Summary Video_resized

Click here to watch the 2014 Summit summary video

Download the free event brochure

Download now

Speakers (23)

Ed Vaizey MP

Ed Vaizey MP

Minister of State for Culture and the Digital Economy
Department for Culture, Media and Sport and the Department for Business, Innovation and Skills

Ed Vaizey MP was appointed Minister of State at the Department for Culture, Media and Sport and the Department for Business, Innovation and Skills, with responsibility for digital industries on 15 July 2014.  He is the Conservative MP for Wantage and Didcot.

He was appointed Parliamentary Under Secretary of State for Culture, Communications and Creative Industries in May 2010. He was previously Shadow Minister for the Arts from 2006 to 2010, and became a political speech writer in 2004.

From 1996 – 2004 he was the Director of a public relations company, and earlier on in his career trained and practised as a barrister.  Prior to this he worked as a political researcher.  Mr Vaizey was educated at Merton College, Oxford.

Graham Wright

Graham Wright

Chief Information Security Officer and Global Head of Digital Risk
National Grid

Graham Wright joined National Grid as CISO and Global Head of Digital Risk in April 2014 after holding senior positions in cyber security with organisations including Northrop Grumman, the UK Office of Cyber Security in the Cabinet Office and the Ministry of Defence. He is an associate fellow for defence and security with the Royal United Services Institute and supports government sponsored-academic programmes on cyber security.

Sorin Ducaru

Sorin Ducaru

Assistant Secretary General for Emerging Security Challenges

Ambassador Sorin Ducaru took over the post of Assistant Secretary General for Emerging Security Challenges at NATO in September 2013. He is responsible for providing support to the North Atlantic Council and for advising the Secretary General on the evolution of emerging security challenges and their potential impact on NATO’s security. Prior to his appointment, he served as Romania’s Permanent Representative to the North Atlantic Council, from September 2006 to September 2013.From 2001 to 2006, he was Romania’s Ambassador to the US. In 2000–2001, he was Permanent Representative of Romania to the United Nations, in New York. Ambassador Ducarua joined the Romanian Ministry of Foreign Affairs (MFA) in 1993, assuming various posts such as member of the Policy Planning team, counsellor to the Minister, spokesman of the MFA and Director for NATO and Strategic Issues. He graduated from the Polytechnic Institute of Bucharest, Romania, in 1988 and the Romanian National School of Political Studies and Public Administration in 1992. He holds an MPhil Degree in International Relations from the University of Amsterdam (1993) and a PhD degree in International Economics from the Academy of Economic Studies in Bucharest (2005).

Troels Oerting

Troels Oerting

Chief Information Security Officer, Global Information Security (GIS)

Troels Oerting joined Barclays as Group Chief Information Security Officer (CISO) in February 2015. Reporting to the Group Chief Operations and Technology Officer, he is a member of the Operations & Technology Executive Committee. Before joining Barclays, he was Director of the European Cybercrime Centre (EC3) in Europol’s HQ, helping law enforcement agencies protect the EU’s 500m citizens in the 28 EU member states from cybercrime or loss of privacy. 

As an expert in cyber security, Mr. Oerting has constantly been looking for new legislative, technical or co-operational opportunities to efficiently protect privacy and security for users of the Internet and has been pioneering new methodologies to prevent crime in cyberspace and protect innocent users from losing their digital identity, assets or privacy online. As director of EC3 he also initiated the establishment of the International ‘Joint Cybercrime Action Task Force’ (JCAT) including global leading law enforcement agencies, prosecutors and Interpol's Global Centre of Innovation and the J-CAT has since been recognised as the leading international response to the increasing threat from Organised Cyber Criminal networks.

He has been cyber advisor for the EU Commission and Parliament and has been a permanent delegate in many governance organisations i.e. ICANN, ITU and The Council of Europe and used by several governments and organisation as an advisor in cyber related questions. He also established a vast global Outreach program including; law enforcement, NGO’s, key tech companies and industry who together with Academic Research Institutes established a multifaceted global coalition against cybercriminal syndicates and networks, with the aim to enhance online security without harming privacy and to invent new ways of protecting internet users.

Before joining Europol, as Director for EC3 Mr. Mr. Oerting held the position as Assistant Director for Europol Organised Crime department as well as the Counter Terrorist Department and he also held positions as Director for Operation in the Danish Security Intelligence Service and Director for the Danish Serious Organised Crime Agency (SOCA).

Mr. Oerting has been an external lecturer in cybercrime and has been acknowledged by global law enforcement agencies for his leadership in fighting cyber and organised crime. He holds a number of International advisory roles, amongst them special advisor to: INTERPOL, The Global Cyber Alliance (GCA), Global Agenda Council on Cyber Security of the World Economic Forum (WEF) and to Global Cyber Security Capacity Centre at the University of Oxford. He is also the author of a Thriller: ‘Operation Gamma’ published in Denmark.

Ciaran Martin

Ciaran Martin

Director General for Government and Industry Cyber Security
Mark Jones

Mark Jones

CISO and Director IT Compliance and Governance
Heathrow Airport Holdings

Mark Jones is Chief Information Security Officer (CISO)and Director of IT Compliance and Governance for Heathrow Airport Holdings (HAH), formerly BAA, with responsibility for the information and cyber security of one of the largest collections of critical national infrastructure in the UK, including civil aviation and rail transport infrastructure. Heathrow Airport is the world’s busiest international hub airport. Prior to his appointment at HAH Mr Jones was Global Director for Risk and Security Services Business at the French consulting and IT services group Atos, where he headed a team of over 1,000 risk and security professionals around the world. He has led risk advisory and IT risk advisory teams for some of the world’s largest enterprises, including Siemens AG, the International Olympic Committee, Zurich Financial Services, ABN AMRO, HSBC, the Chartered Institute of Management Accountants, WilliamHill, Cable & Wireless, theNational Health Service, The Royal Navy, American Water and Colt Telecom. Mr Jones is a trained security auditor, with a degree in computing science and a post-graduate qualification in leadership. He received the honorary appointment of distinguished engineer with the Fujitsu information systems group whilst he was working for KPMG Consulting.

Rocco Mammoliti

Rocco Mammoliti

Chief Information Security Officer, Poste Italiane; Director General
Global Cyber Security Center

Rocco Mammoliti is Chief Information Security Office in the IT Coordination Department of Poste Italiane, and is in charge of the Cybersecurity District and Post Italiane’s CERT (Computer Emergency Response Team). He is also Director General of the Global Cyber Security Center, which is funded by Poste Italiane and other companies and is based in Rome. His main areas of activity are network and information security, creation and management of SOCs, abuse and cybercrime prevention, NTD (Notice and Take Down) and COP (Child Online Protection). He has participated in several working groups at the ITU and GSMA and he is a member of several professional associations including the IEEE and the IEEE Computer Society. Mr Mammoliti has worked for various companies including Ericsson, Bull, IT Telecom and Telecom Italia, where he has held positions such as IT Security Manager and Information Security Manager. He has several years’ experience in scientific research activities in the field of information security, engineering and biomedicine at CNR (Italian National Research Council). He has co-authored several scientific papers on topics related to nonlinear time series modelling, multivariate statistical data analysis, information security, cryptography and data hiding. He has a degree in electronic engineering and a master's degree in security from the CASD (Ministry of Defence - Centre for High Studies).

Udo Helmbrecht

Udo Helmbrecht

Executive Director
European Union Agency for Network and Information Security (ENISA)

Professor Doctor Udo Helmbrecht is the Executive Director of the European Union Agency for Network and Information Security (ENISA). He has been in this position since 2009. His experience in the field of security has been acquired through work in a variety of areas, including the energy industry, insurance, engineering, aviation, defence, and the space industry. In 2010 he was appointed honorary professor at the Universität der Bundeswehr Munich, Germany. He became the president of the German Federal Office for Information Security (BSI) in 2003. He studied physics, mathematics and computer science at Ruhr-University, Bochum, and in 1984 he was awarded a PhD in Theoretical Physics.

David Cass

David Cass

SVP, Chief Information Security Officer
Daniele Gulinatti

Daniele Gulinatti

Head of Security
Telecom Italia

Since June 2015 has been appointed VP Security for the Telecom Italia, being in charge of protecting the human resources, the tangible and intangible assets of the Group, together with the activities of Fraud Management, support to the Public Authorities, Law Enforcement agencies and Crisis Management processes.

He’s CIA – Certified Internal Auditor, CFE – Certified Fraud Examiner and CCSA – Certified in Control Self-Assessment.

He has graduated in Business Administration  at Bocconi University and then joined Pirelli in the newly-created Corporate Security department in 1997.

In December 2000 he was moved to Brazil, as Head of Security for Latin America, for all divisions (Tires and Cables) and countries of the Group (Brazil, Venezuela, Argentina, Mexico, Chile and Colombia).

In May 2002 he was nominated Pirelli’s Internal Audit Manager for Latin America.

In January 2005 he joined Telecom Italia Mobile  in Rio de Janeiro, as  Brazil Security Director.

From August  2010 till June 2015 he moved back to Italy and has been the head of the Fraud Management & Revenue Assurance department of Telecom Italia, being in charge of ensuring the end to end processes of fraud management and revenue assurance.

Rod Wallace

Rod Wallace

Chief Information Security Officer
Dražen  Morog

Dražen Morog

Chief Information Security Officer (Infrastructure)
Deutsche Bahn
Val Rahmani

Val Rahmani

Board Member, Georgia Partnership for Excellence in Education and Board Member
Aberdeen Asset Management

Val Rahmani is a Board Member of Aberdeen Asset Management, a UK-based global asset manager. She is a member of the Risk and Innovation committees. She is also Board Member of the Georgia Partnership for Excellence in Education; and a member of the Executive Advisory Board for Atlanta Telecom Professionals.

She has more than 30 years’ experience in the technology industry, with a strong history of success as a corporate executive, board member and start-up CEO. She consults on technology trends, cyber security, IT risk management, strategy and business models. Ms Rahmani was most recently CEO of Damballa, a venture capital-funded cyber security company in Atlanta. Prior to that, she ran IBM’s Internet Security Systems (ISS) business, following IBM’s acquisition of the company. She was previously the General Manager of IBM’s $3bn Global Technology Services business, IBM’s Sales and Services Strategy unit, IBM’s $3.5bn UNIX business, and IBM’s Mobile Solutions business. She holds an MA and a Doctor of Philosophy in Chemistry from Oxford University, England. In her spare time she is an aerobatic pilot.

Richard Spearman

Richard Spearman

Group Corporate Security Director
Dave Palmer

Dave Palmer

Director of Technology

Dave Palmer is a cyber security technical expert with over ten years' experience at the forefront of government intelligence operations. He has worked across UK intelligence agencies GCHQ and MI5, where he delivered mission-critical infrastructure services, including the replacement and security of entire global networks, the development of operational internet capabilities and the management of critical disaster recovery incidents. At Darktrace, Dave oversees the mathematics and engineering teams and product strategy. He holds a first class degree in Computer Science and Software Engineering from the University of Birmingham.

Sébastien de Brouwer

Sébastien de Brouwer

Executive Director
European Banking Federation
Carlos Moreira

Carlos Moreira

Chairman, Chief Executive Officer and Founder

Founder CEO WISeKey, United Nations Expert on CyberSecurity, Telcos and Trust Models, working for ILO, UN, UNCTAD, ITC/WTO, World Bank, UNDP, ESCAP (83-99). Internet Web Pioneer; Founder, Chairman and CEO of WISeKey SA. Founder and SG International Organization for Secure Electronic Transactions Founding Member of the "Comité de Pilotage Project E-Voting"​ of the Geneva Government, Member of the UN Global Compact, Member of the Global Agenda Council. Founding Member WEF Global Growth Companies 2007-15. WEF New Champion 2007 to 2015, Vice Chair WEF Agenda Council on Illicit Trade 2012/14, Member of the 2014-15 Selection Committee for Europe for the WEF Growth Companies. Founder of the Geneva Security Forum SA, Member Global Clinton Initiative. Member the WEF Global Agenda Council on the Future of IT Software & Services 2014-15 . Member of the New York Forum. Selected as one of the WEF, Trailblazers, Shapers and Innovators

Awards: Nominated by Bilan.CH among the 300 most influential persons in Switzerland 2011 and 2013, top 100 of Who's Who of the Net Economy, Most Exciting EU Company at Microsoft MERID 2005, Man of the Year Economy AGEFI 2007. Nominations as a New Champion by the World Economic Forum in 2007 to 2015 in Dalian and Tianjing , China. Award Global Clinton Initiative. Member of the New York Forum.

Adjunct Professor of the Graduate School of Engineering RMIT Australia (95/99). Head of the Trade Efficiency Lab at the Graduate School of Engineering at RMIT, eCommerce research project leader at the University

Carlos is a regular keynote speaker, lecturer and panelist at events organized by the UN, WEF, Clinton Foundation, Bloomberg, Oracle, Microsoft, INSEAD, MIT Sloan, HEC , JPMorgan, UBS etc.

Robert Duncan

Robert Duncan

Chief Information Security Officer

Robert Duncan has been Chief Information Security Officer for Euronext since August 2014. Euronext operates regulated markets in Belgium, France, the Netherlands, Portugal and the UK, all of which are connected via a single trading platform with a harmonised regulatory framework, with a combined traded market capitalisation of €3.3tr and over €6bn of equity securities traded daily. Mr Duncan is responsible for overall information security strategy along with the oversight of various core teams: Threat and Vulnerability Management, Security Architecture, Application Security, Security Operations, and Security Awareness, as well as managing the relationship with the five core European regulators with regard to the firm's security posture. Mr Duncan has extensive international experience, having been based in New York, London, Hong Kong and Australia. Prior to Euronext, he worked for ANZ Bank in Melbourne, Australia, where he was responsible for Technology Risk and Security for the bank’s International Global Markets division. He was also Head of Global Risk and Governance for Prudential plc PGDS division for many years, supporting the division globally with extensive travel of Asia and the USA. He holds an LLB in Law (London), MBA (Cranfield), and a post graduate qualification in Executive IT Management from Columbia University in New York.

Julie George

Julie George

Head of Information Security and Assurance Group
Post Office
David Cripps

David Cripps

Chief Information Security Officer, Investec; Chairman
Investment Banking Special Interest Group for Information Security
Kevin Mandia

Kevin Mandia


Kevin Mandia is President of FireEye, and has been with the company since December 2013 when FireEye acquired Mandiant, the company he founded in 2004 and had served as chief executive officer. He set up Mandiant to help organisations detect, respond, and contain computer intrusions – making Mandiant the first company to embrace incident response as its core competence. He has spent more than 20 years in information security and has been on the frontline helping organisations respond to computer security breaches for nearly 15 years. Prior to Mandiant, he was the director of computer forensics at Foundstone (acquired by McAfee Corporation) from 2000 to 2003, and the director of information security for Sytex (later acquired by Lockheed Martin) from 1998 to 2000. From 1993 to 1998, Mr Mandia was an officer in the United States Air Force where he served in various capacities including as a computer security officer in the 7th Communications Group at the Pentagon, and later as a special agent in the Air Force Office of Special Investigations (AFOSI).

In 2011 he was named Ernst & Young Entrepreneur of the Year for the Greater Washington area. He has co-authored two books on responding to security breaches: IncidentResponse: Performing Computer Forensics (McGraw-Hill, 2003) and IncidentResponse: Investigating Computer Crime (McGraw-Hill, 2001). He has testified as an expert in federal court, and has also provided testimony in hearings before the House Intelligence Committee. Mr Mandia holds a bachelor of science in computer science from Lafayette College and a master’s of science in forensic science from The George Washington University.

Philippa Gardner

Philippa Gardner

Department of Computing, Imperial College London (ICL); Director, Research Institute in Automated Program Analysis and Verification

Philippa Gardner is a professor in the Department of Computing at Imperial College London (ICL). She is also the Director of the Research Institute in Automated Program Analysis and Verification, at ICL, funded by GCHQ in association with the Engineering and Physical Sciences Research Council (EPSRC). Her current research focuses on program verification, in particular reasoning about web programs (JavaScript and DOM) and reasoning about concurrent programs. Prof Gardner became a professor at Imperial in 2009. She held a Microsoft Research Cambridge/Royal Academy of Engineering Senior Fellowship from 2005 to 2010 at Imperial, having obtained a lectureship there in 2001. She went to Cambridge in 1998 on an EPSRC Advanced Fellowship, hosted by Professor Robin Milner FRS. She completed her PhD thesis, supervised by Professor Gordon Plotkin FRS, at Edinburgh in 1992. 

Jaya  Baloo

Jaya Baloo

Chief Information Security Officer
KPN Telecom

Jaya Baloo is Chief Information Security Officer for KPN Telecom, the Dutch landline and mobile telecommunications company. Her focus is on secure network architecture design, and she has completed projects ranging from Lawful Interception, Deep Packet Inspection, VoIP & Mobile Security to designing national MPLS infrastructures and ISP architectures. She has been working internationally in information security for 15 years and has worked for other telecom providers including Verizon and France Telecom. 


FT Chairs and Moderators (3)

Sam Jones

Sam Jones

Defence and Security Editor
Financial Times

Sam Jones is the Financial Times’ Defence and Security Editor, leading the FT’s coverage on global defence issues, intelligence, cyber warfare and terrorism. He has been with the newspaper since 2007, when he joined as one of the founding writers on FT Alphaville, the markets and finance blog. He has also written for the paper extensively on markets, and on global finance as the paper’s hedge fund correspondent. He was highly commended as Young Journalist of the Year at the British Press Awards in 2009 for investigative work into the rating agencies and their role in the financial crisis. He has also been recognised as a promising journalist by the Harold Wincott Awards and in 2012 was listed as one of MHP’s top 30 journalists to watch. Prior to joining the Financial Times, he was a reporter with Euromoney. He is a graduate of the London School of Economics, from where he has a first class honours degree in History.

Hannah Kuchler

Hannah Kuchler

San Francisco Correspondent
Financial Times

Hannah Kuchler is a San Francisco Correspondent for the Financial Times, writing about technology with a particular focus on cyber security and social media. She enjoys telling the story of the Silicon Valley to the FT's broad international audience, wading through the complex world of cyber security to warn about the threats and attacks faced by companies and the new generation of start ups springing up to protect them. Ms Kuchler has worked for the FT for six years in the US, Europe and Asia, covering everything from Chinese Internet companies to British politics.

Ravi Mattu

Ravi Mattu

Acting Technology Editor
Financial Times

Ravi Mattu is the Acting Technology Editor of the Financial Times. Since joining the FT 15 years ago, he has spoken to CEOs, entrepreneurs, prime ministers and some of the world’s leading management thinkers. From the founders of Uber and Nest, to the CEOs of Microsoft and Vodafone, to the man who came up with virtual reality and Lady Gaga’s manager, Mr Mattu has interviewed some of the most creative people in business today. Through working with thought leaders in a variety of fields, he has developed unique observations on the topics of technology, innovation, entrepreneurship, global trends in business and the changing nature of the workplace. Mr Mattu joined the Financial Times in 2000 and has held a number of senior positions at the newspaper, including Technology, Media and Telecoms News Editor,  Business Life Editor, overseeing the management section of the paper, and Acting Deputy Editor of the FT Weekend Magazine. He is a former editor of Special Reports. He was also launch editor of FT Wealth. He took up his most recent position after being the Editorial Director for FT2, , the FT’s content marketing unit..Before joining the FT, Mr Mattu worked as assistant editor, acting deputy editor and senior editor at Prospect Magazine from 1997 to 2000.

Why Attend

  • Learn from senior executives why cyber security is no longer just an IT issue, but a strategic business concern as well
  • Hear from security experts about what is being done to build safe and resilient businesses
  • Discover why even well-prepared multinational corporations are still vulnerable to cyber attacks
  • Meet PR executives to find out how they communicate with the media, customers and others during a crisis
  • Find out how policymakers in the European Union and member states are liaising with businesses to help them improve their information security
  • Listen to defence chiefs explain what is being done to defend Europe from foreign adversaries

Agenda - 22nd Sep

  • 8:30am
    Registration and refreshments
  • 9:00am
    Chair’s opening remarks

    Sam Jones, Defence and Security Editor, Financial Times

  • 9:10am
    Keynote address: What European governments are doing to make cyberspace safer

    Cyber crime is a major threat, but governments and businesses throughout Europe are working in partnership to improve information and communications security in the public and private sectors.

    • What is the nature of the threat to national security, government departments and agencies, businesses and individuals from cyber attackers?
    • What are the European Commission and EU member states doing to combat cyber crime, and how effective are their strategies?
    • Update on the UK Cyber Security Strategy: who is responsible for implementing the strategy and how is it helping critical infrastructure companies and other businesses improve their security and resilience?

    Ed Vaizey MP, Minister of State for Culture and the Digital Economy, UK Government

  • 9:30am
    Panel discussion: Developing a more effective corporate cyber security strategy

    Most companies have had cyber security strategies in place for some time. But they need constantly to update them to keep up with the changing nature of the threats.

    • How do you re-assess existing and potential risks to the organisation?

    • How do you build those assessments into a re-building of your existing cyber security strategy?

    • The key people responsible for the strategy are those in charge of IT and security, but to what extent should the chief executive and the rest of the senior management team, as well as the board of directors, become involved?

    • Government initiatives: what has been/will be the impact of EU and member state cyber security strategies on companies? What sort of assistance is available from EU institutions like ENISA and member state government agencies, and how useful is it?

    Professor Doctor Udo Helmbrecht, Executive Director, European Union Agency for Network and Information Security (ENISA)

    Carlos Moreira, Founder and Chief Executive Officer, WISeKey

    Val Rahmani, Board Member, Aberdeen Asset Management; Board Member, Teradici; Board Member, Decooda;

    Board Member, Georgia Partnership for Excellence in Education

    Rod Wallace, Chief Information Security Officer, Pearson

    Moderator:Hannah Kuchler, San Francisco Correspondent, Financial Times

  • 10:20am
    Presentation: FuturePerfect – advancing cloud security for emerging risk

    Paul Nicholas, Senior Director, Global Security Strategy and Diplomacy, Microsoft

  • 10:35am
    Networking refreshment break
  • 11:00am
    On-stage interview: The chief executive’s role

    Chief executives have to know how much responsibility for different aspects of the business to delegate to others, and how much to take on themselves. That is as true of cyber security as any other area.

    • Given the serious damage that an attack can inflict, how much responsibility for cyber security strategy should the chief executive adopt? Do chief executives in general give the problem the attention it deserves?
    • How closely should the chief executive work with the chief information security officer and other corporate security managers?
    • Incident response: when there is a serious attack, how does the company limit the damage, keep the business running, inform customer and others, and deal with journalists?

    Kevin Mandia, President, FireEye

    Interviewer:Hannah Kuchler, San Francisco Correspondent, Financial Times

  • 11:20am
    Panel discussion: All channels secured – cyber security in the communications sector

    Certain industries are essential to the functioning of the modern state. When they are disrupted, for whatever reason, daily life for everyone suffers. The communications sector – wired, wireless and satellite – is one of these industries, and falls into the category of critical national infrastructure.

    • What are the cyber threats facing providers of communications services, how well are the threats being managed, and could they be managed better?
    • What are the key elements on a cyber security strategy for a major communications company?
    • Apart from information security managers, who else in a communications company should have responsibility for managing cyber risks?
    • What role do governments play in helping build safety and resilience in the communications sector?

    Julie George, Head of Information Security and Assurance Group, Post Office

    Daniele Gulinatti, Head of Security, Telecom Italia

    Richard Spearman, Group Corporate Security Director, Vodafone

    Moderator:Ravi Mattu, Technology, Media and Telecoms News Editor, Financial Times


  • 12:00pm
    Panel discussion: Different approaches to cyber security – regulated versus unregulated industries

    Companies in sectors that are significantly regulated by the state – such as pharmaceuticals, financial services and utilities – tend to take a different approach to security from those in less regulated or unregulated sectors – such as retail, consumer products and publishing.

    • How important are government regulations in determining a regulated company’s approach to protecting itself and its customers from cyber attack? Is the threat of regulatory penalties a strong incentive to build a safe and resilient business?
    • Do unregulated or less regulated companies take a less robust approach to cyber security, because there is no or little danger of regulatory sanctions?
    • Complying with laws and industry standards. The consequences of a successful cyber attack can be severe for all companies – whether regulated or unregulated – and there is the risk of criminal prosecution or civil action. So how do you ensure your cyber strategy meets all relevant legal requirements as well as standards set by industry bodies?

    David Cass, Former SVP, Chief Information Security Officer, Elsevier

    Mark Jones, CISO and Director IT Compliance and Governance,Heathrow Airport Holdings

    Dražen Morog, Chief Information Security Officer (Infrastructure), Deutsche Bahn

    Moderator:Ravi Mattu, Technology, Media and Telecoms News Editor, Financial Times


  • 12:40pm
    Case study: National Grid – taking a strategic, multi-national approach

    National Grid is an international electricity and gas company based in the UK and north eastern US, and in common with other critical infrastructure companies faces considerable risks in cyberspace. This case study will show how the company:

    • Identifies the nature and scale of the cyber threat across its different countries of operation.

    • Has developed a security strategy that works in all jurisdictions, with a clear three-lines-of-defence governance structure and the latest prevention and detection software.

    • Shares information with other companies, governments, law enforcement agencies, researchers and software developers, and contributes to energy sector information sharing and analysis centres.

    Graham Wright, Chief Information Security Officer and Global Head of Digital Risk, National Grid

  • 1:00pm

    Lunch sponsor:


  • 2:00pm
    Panel discussion: None shall pass – cyber security in the financial sector

    Financial services is a critical national infrastructure. Even a minor disruption can have widespread and costly knock-on effects, so banks, insurance companies, stock exchanges and other organisations must have robust measures in place to deal with online fraud and data theft affecting themselves and their customers, distributed denial-of-service attacks and more.

    • What are the typical cyber security risks facing financial services companies, how are they mitigated, and who is in responsible for managing them?
    • Do the people managing the risks – in particular the chief information security officer – get enough support from other functions such as IT and risk management, and from senior management?
    • Financial regulators are playing an increasingly important role in how banks guard against cyber risks, but their emphasis is very much on guidance and co-operation rather than rules and coercion – is the regulators’ involvement useful?

    Sébastien de Brouwer, Executive Director, European Banking Federation

    Robert Duncan, Chief Information Security Officer, Euronext

    Troels Oerting, Chief Information Security Officer, Barclays

    Moderator:Hannah Kuchler, San Francisco Correspondent, Financial Times

  • 2:45pm
    Presentation: The cyber threat landscape

    The threat landscape is larger than ever and occupied by many different types of cyber attackers with a broad range of expertise and motivations.

    • From state-sponsored and criminal groups, to lone hacktivists or disgruntled employees, the spectrum is wider than ever and calls for a new approach to protect critical assets.

    • How do we find out who the attackers are?

    • How do we direct resources to damage their efforts?

     Dave Palmer, Director of Technology, Darktrace

  • 3:00pm
    Innovation snapshot: Ground-breaking techniques for computer analysis and verification to improve security

    Research into better security measures and tools is helping organisations protect themselves, and some of this work is being financed by the public sector.

    • How a greater understanding of computer software to correct actual, and potential weaknesses,is needed to enhance cyber security.

    • Outline of the work being carried out in this area by the Research Institute in Automated Program Analysis and Verification,set up as part of the UK’s national cyber security programme. The institute isfunded by GCHQ, the Department for Business, Innovation and Skills, and the Engineering and Physical Sciences Research Council.

    • How this research will be applied in the commercial world.

    Professor Philippa Gardner, Department of Computing, Imperial College London (ICL); Director, Research Institute in Automated Program Analysis and Verification, ICL

  • 3:10pm
    Refreshments break
  • 3:40pm
    Presentation: Cyber resilience as a measure of cyber security maturity

    Conventional risk management focuses on the residual risks that organisations face. They are commonly quantified through audits and security testing which provide a snapshot in time of an organisation’s risk profile. This approach does not account for the constantly evolving threat landscape and the ever increasing likelihood that incidents will occur, rather than they might.

    “Cyber resilience” goes beyond risk management and tactical technical solutions, taking a holistic view to prepare organisations for the reality of cyber incidents. Resilient organisations will detect incidents, respond to them and recover from them as part of their normal business routine, and that is a strong sign of “cyber security maturity”.

     Matt Lewis, Technical Associate Director, NCC Group

  • 3:55pm
    Presentation: Crypto is dead, long live crypto! A new episode in the “crypto wars”

    It is essential to install effective security and encryption software on computers, mobile phones and other devices to protect operating systems, data and communications. However, current methods of encryption have become vulnerable and easier to crack. Cryptography therefore needs to be move to higher level in preparation for the next phase of the “crypto wars”.

    • Why is current encryption technology vulnerable, and what must be done to develop it to the next level?

    • What are the global trends in surveillance and legislation?

    • What future developments threaten cryptography?

     Jaya Baloo, Chief Information Security Officer, KPN Telecom

  • 4:15pm
    On-stage interview: Europe under cyber attack – NATO’s response

    The North Atlantic Treaty Organisation (NATO) is increasing its efforts to confront the wide range of cyber threats that target its communications and information systems every day.

    • Where are the main threats coming from: Russia, Ukraine, Islamic State of Iraq and the Levant (ISIL), North Korea?

    • What form do the attacks take, and how much damage are they inflicting on NATO and its members?

    • What is NATO doing to defend itself, and how does it co-operate with members to mutual benefit? What are the main strands of Nato’s Policy on Cyber Defence, endorsed by Allies at the Wales Summit in September 2014?

    • NATO is intensifying its cooperation with industry – what are the objectives and how successful has it been so far?

    Sorin Ducaru, Assistant Secretary General for Emerging Security Challenges, NATO

    Interviewer: Sam Jones, Defence and Security Editor, Financial Times

  • 4:35pm
    Closing keynote addresses: Private and public sectors working together in the face of a common threat

    The importance of the private and public sectors joining forces to deal with a shared problem cannot be over-emphasised. But:

    • Are national cyber security strategies of practical use to companies, or are they just fine words with little substance?
    • What is the best way to engender better co-operation and commitment between businesses and government in the future?

    Ciaran Martin, Director General for Government and Industry Cyber Security, GCHQ

  • 4:55pm
    Chair’s summation and closing remarks

    Sam Jones, Defence and Security Editor, Financial Times

  • 5:00pm
    Networking drinks reception

Attendee Profile and Networking Opportunities


  • Businesses – especially Critical Infrastructure Companies in sectors such as Communications, Financial Services, Transportation and Energy
  • Policymakers – European Commission and other EU Institutions, National Governments, Supranational Bodies
  • Public Sector Organisations – Police, Security and Intelligence Services, Healthcare, Emergency Services, Industry Regulators
  • Service Providers – Software Vendors, Telecommunications Companies, Law Firms, Consultancies
  • Other Influencers – NGOs, Universities, Research Institutes, Industry Associations

Job Titles:

  • Chief Executive Officer
  • Chief Information Officer, Chief Technology Officer, IT Director
  • Chief Security Officer, Chief Information Security Officer, Director of Security/Information Security/Digital Security
  • Chief Risk Officer, Chief Compliance Officer, Director of Risk/Crisis Management/Business Continuity Planning
  • Head or Director of Fraud Prevention, Intelligence, Forensics or Investigations
  • Chief Financial Officer
  • General Counsel, Head of Legal Affairs, Chief Legal Officer
  • HR Director
  • Head or Director of Corporate Communications, Media Relations, Public Relations, Government Affairs, Customer Services or Marketing
  • Network Architect, Head of Database Systems/Cloud Computing

2014 Attendees Included:

ABN AMRO ACE Group Aegon UK Amlin Plc Avecto Aviva BAE Systems Balfour Beatty Bank Of America Merrill Lynch Barclays Bird & Bird BlueBay Asset Management BNY Mellon BP British Embassy BT Capita Asset Services Carillion Carphone Warehouse Citigroup Close Brothers Group CVC Capital Partners Deutsche Bank DMGT Dubai Financial Services Authority Embassy of Israel Embassy of the Federal Republic of Germany Equifax EUROJUST European Banking Authority (EBA) European Commission European Parliament Exane BNP Paribas Experian EY FCA Federal Foreign Office, Germany Foster Wheeler Energy Freshfields Bruckhaus Deringer Genus Green Investment Bank GSK Heathrow Airport Holdings Home Retail Group HSBC Private Bank Hutchison Whampoa ICAP ING Bank International Cyber Security Protection Alliance Investec ITV J Sainsburys Jaguar Land Rover JLT Management Services KPMG KudelskiSecurity LCH.Clearnet Lloyds Banking Group Lombard Street Research McAfee Intel Security Misys National Australia Bank Group National Grid NATO Network Rail NHS TrustDevelopment Authority Nominet Northrop Grumman Norton Rose Fulbright Office for Cyber Security and Information Assurance (OCSIA) Ofgem Pearson Philips PI Capital Prudential Rexam Rockspring Santander Save the Children Schroders Security Intelligence Department, Italy Standard Life  Stroz Friedberg Tellurian Capital The Co-operative Bank The John Lewis Partnership Tindall Riley TNO UBS Unilever United Nations Office for Disaster Risk Reduction (UNISDR) US Government Virgin Atlantic Airways Vodafone Western Union

Networking Opportunities:

The programme has been carefully designed to allow plenty of networking opportunities throughout the day including refreshment breaks, lunch and a drinks reception at the end of the day.  By registering you will also be given access to a secure online attendee directory 2 weeks before the Summit, which will allow you to see who else is attending and to send messages to other participants, before, during and after the Summit.



Marriott Grosvenor Square
Grosvenor Square
(Entrance on Duke Street)
London W1K 6JP

United Kingdom

Tel: +44 (0) 20 7499 6363


Event Background

Building safe and resilient businesses
Cyber attacks against companies are on the increase. They are becoming more sophisticated, destructive and costly. Cyber security is no longer an IT problem, it is major boardroom concern. The risks posed by cyber criminals are enormous – theft of money and data from corporate and customer accounts, disrupted services, sabotaged IT systems and damaged reputations. The most serious attacks can hit revenues and profits so hard that a company’s very existence is threatened.

An effective cyber security strategy is therefore essential. A company’s defences are intended to detect and prevent every assault, but no system is perfect so procedures need to be in place to deal with any breaches quickly and efficiently. There must be risk mitigation and business continuity plans in place to ensure that disruption is minimised, and post-event investigative tools to help law enforcers track down the perpetrators. But even the biggest and best-prepared businesses remain vulnerable. No matter how robust their counter measures, hardly a week goes by without a successful attack on a multi-national corporation hitting the headlines.

The FT Cyber Security Summit Europe 2015 will bring together boardroom directors, chief executives, senior management and chief information security officers to discuss the current threats in cyberspace and what more should be done to build safer and more resilient businesses. Following on from the inaugural FT Cyber Security Summit 2014, and the FT Cyber Security Summit USA 2015, this third in the series will continue to examine the threats facing businesses, not only those in critical infrastructure sectors such as communications and financial services, but in other areas too.

Chaired and moderated by senior FT journalists, the speakers and panellists will include senior officials from government departments responsible for helping public and private sector organisations manage their cyber risks. It will also include consultants, security solutions vendors, researchers and other experts in this area. To encourage an open exchange of ideas and frank discussion, some of the presentations and panel sessions may be held under the Chatham House Rule.


Lead sponsor (1)

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services, devices and solutions that help people and businesses realize their full potential. &

Associate sponsors (4)

WISeKey is a leading information security and identity management company providing specialized security technologies for data protection, and effective identification and authentication of people and objects without compromising trust. Headquartered in Geneva Switzerland, WISeKey has regional subsidiaries around the world.

Darktrace is the world’s leading machine learning company for cyber security. Created by mathematicians from the University of Cambridge, the Enterprise Immune System uses AI algorithms to automatically detect and take action against cyber-threats within all types of networks, including physical, cloud and virtualized networks, as well as IoT and industrial control systems. A self-configuring platform, Darktrace requires no prior set-up, identifying advanced threats in real time, including zero-days, insiders and stealthy, silent attackers. Headquartered in San Francisco and Cambridge, UK, Darktrace has 24 offices worldwide.

NCC Group is a FTSE 250 listed global expert in cyber security and risk mitigation, working with businesses to protect their brand, value and reputation against the ever-evolving threat landscape.
With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate & respond to the risks they face.
We are passionate about making the Internet safer and revolutionising the way in which organisations think about cyber security.
Headquartered in Manchester, UK, with over 30 offices across the world, NCC Group employs more than 1,850 people and is a trusted advisor to 15,000 clients worldwide.

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 3,700 customers across 67 countries, including 675 of the Forbes Global 2000.

Lunch sponsor (1)

LogRhythm, a leader in security intelligence and analytics, empowers organisations around the globe to rapidly detect, respond to and neutralise damaging cyber threats.  The company’s patented award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint monitoring, and advanced security analytics.  In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance, and enhanced IT intelligence.

LogRhythm is consistently recognised as a market leader.  The company has been positioned as a Leader in Gartner’s SIEM Magic Quadrant report for four consecutive years, named a ‘Champion’ in Info-tech Research Group’s 2014-15 SIEM Vendor Landscape report, received SC Labs ‘Recommended’ 5-Star rating for SIEM and UTM for 2016 and earned Frost & Sullivan’s 2015 Global Security Information and Event Management (SIEM) Enabling Technology Leadership Award.  LogRhythm is headquartered in Boulder, Colorado, with operations throughout North and South America, Europe and the Asia Pacific region.

Supporting Partners (2)

Founded in 1989, the Information Security Forum (ISF) is an independent, not-for-profit association of leading organisations from around the world. It is dedicated to investigating, clarifying and resolving key issues in cyber, information security and risk management and developing best practice methodologies, processes and solutions that meet the business needs of its Members.

ISF Members benefit from harnessing and sharing in-depth knowledge and practical experience drawn from within their organisations and developed through an extensive research and work program.

The Institute of Information Security Professionals (IISP) is a not-for-profit organisation, owned by its members and dedicated to raising the standard of professionalism in information security and the industry as a whole. The IISP does this through accrediting skills and competence, by sharing best practice and by providing a network of support and guidance on individual skill development. It speaks with an authoritative voice and its competency based memberships are widely recognised in the information security industry.

Working closely with the Information Security community, the IISP has a growing membership of over 2000 individual members across private and government sectors, 35 Corporate Member Organisations and fifteen Academic Partners. At the heart of the Institute is the IISP Skills Framework©2012 which is widely accepted as the de facto standard for measuring competency of Information Security Professionals. CESG have taken this framework to underpin their Certified Professional Scheme (CCP), for which the IISP is the leading certifying body. The IISP Skills Framework has also been adopted by e-Skills UK to develop a National Occupational Standard for Information Security.

Contact Us

Yemi Otuyemi
Delegate Booking and Registration Enquiries
Financial Times
Toufique Khan
Sponsorship Opportunities
Financial Times
Gareth Pike
Media Partner and Press Enquiries
Financial Times