Is artificial intelligence the doom-bringer for penetration testers and cybersecurity professionals - automating us out of relevance? Or can it be harnessed, in combination with human intellect and modern tooling, to enhance and elevate security testing rather than replace it? In this session George will explore how AI has evolved and is starting to reshape offensive and defensive security testing, and how we can adapt to ensure that humans remain at the heart of the cyber arms race.

Security awareness doesn’t have to mean another forgotten poster or tick-box training. In this session, we’ll explore how to drive meaningful, measurable change through proactive behavioural nudges. Using proven behavioural models like MINDSPACE, we’ll show how to move beyond compliance and embed secure habits across your organisation. But changing behaviour is only part of the challenge—how do you prove it’s working? We’ll also cover how to measure the real impact of these interventions, giving you the tools to demonstrate effectiveness and report meaningful results to senior leadership and the board. This talk is for anyone tasked with making security stick—learn how to keep it front of mind for your colleagues, and make your awareness programme something worth noticing.

Daniela will talk about the importance of leadership, how good and bad leadership impacts security and what the consequences can be. She will also be talking about the traits of good leaders and how they impact team and delivery.

Join Lucy Gee, Senior Threat Intelligence Analyst at KnowBe4, for an in-depth exploration of the emerging role of artificial intelligence in advanced phishing techniques.

In this compelling presentation, Gee will provide a comprehensive analysis of how cybercriminals are leveraging AI to elevate the sophistication, delivery, and concealment of phishing attacks.

Key points to be covered:

• The evolution of AI-driven phishing methodologies

• Impact on email security and traditional defence mechanisms

• Strategies for detecting and mitigating AI-enhanced phishing threats As we enter an era of unprecedented digital deception, understanding these advanced tactics is crucial for cybersecurity professionals, business leaders, and IT decision-makers. Gee will offer valuable insights to help organisations stay ahead of this rapidly evolving threat landscape.

This session promises to deliver actionable intelligence for enhancing your organisation's phishing defence strategies in the age of AI.

Overview coming soon

Gone is the era of harmless youthful curiosity; teenage hacking is now serious cybercrime fueled by money, fame, or criminal group recruitment. Joe is investigating this rapid escalation, following the common trajectory from gaming cheats and social media scams to complex cyberattacks.

Exploring the importance of SaaS data protection, with a focus on the human risk factors behind data loss and the critical gaps that exist between backups, recycle bins, and configuration exports.

Chairperson Purvi Kay reflects on the day’s key insights and sets the stage for the afternoon sessions, highlighting emerging cyber trends and the collaborative future of digital security.

Modern Managed Detection and Response (MDR) is no longer just about alerting and reacting — it’s about staying ahead of the adversary. To achieve that, leading MDR programs now embed Continuous

Threat Exposure Management (CTEM) as a strategic capability. CTEM transforms MDR into a living, adaptive system that continuously aligns detection and response to the organization’s real exposures. It does so through three foundational pillars:

1. Threats – Focus on What Matters Most Continuous correlation between threat intelligence and the organization’s environment ensures teams prioritize realistic adversary behaviors, not hypothetical risks.

2. Defenses – Proactive & Offensive Validation By embedding attack simulations and control validation, CTEM verifies whether defenses truly work against current TTPs, exposing gaps before attackers exploit them.

3. Attack Surface – Visibility & Context Continuous asset discovery and contextual tagging deliver full environmental awareness — showing what is exposed, why it matters, and how it connects to business processes.

When these three streams converge, MDR evolves from a reactive detection service into a proactive exposure-management partner — continuously validating both the threat landscape and defensive readiness. Key Takeaway of this Session: “CTEM turns MDR from a 24/7 monitoring service into a continuous readiness program.”

For over twenty years, strategists have been grappling with the implications of cyber in modern geopolitical conflict. From Stuxnet to “digital Pearl Harbors” and through an era of imagined cyber Blitzkriegs, the landscape of conflict has been fundamentally transformed. Cyber attacks can now disrupt critical infrastructure, influence public opinion, and shape the outcomes of geopolitical contests without a single shot being fired. Understanding these developments is no longer optional for enterprise leaders—it is essential for anyone tasked with protecting organizational resilience, or the integrity of digital systems on which modern societies rely. This special session will focus on the key leadership lessons for business we can take from the Ukraine

Cyber threats are constant, but so is our ability to adapt and lead. In this session, Jody Cox from Arctic Wolf explores how organisations can build lasting resilience through collaboration, proactive operations, and community-driven innovation. This is a story rooted in the North East, where Arctic Wolf is investing in talent, partnerships, and purpose. It is not about tools or dashboards. It is about outcomes, confidence, and creating a safer digital future together. Join us to rethink what resilience means and how we build it, starting here in Newcastle and reaching across the world.

Geopolitical volatility, increased digital interconnectivity, more frequent technology related disruptions, and subsequent regulatory focus has now become a boardroom imperative. Declan Burke draws on lived experience to explore how leaders can move beyond traditional technical defence and ‘cyber security’ thinking and reimagine themselves as ‘enterprise resilience’ business leaders; embedding trust, preparedness, and strategic value into their organisations. A must-attend for anyone seeking to elevate their role, emerge stronger after a crisis and help their organisations achieve competitive advantage.

We talk about burnout a lot, but what is the data telling us, and what can we do to really take ownership of our personal outcomes and become as resilient as possible. I'll share some of my life story so you know I understand getting out of a very dark place. Then we'll talk a little about the size and causes of the problem. Finally I'll share my thoughts on how we deal with this and maximise our chances of succeeding in this stressful field.

This promises to be a session not to be missed