International Cyber Expo 2025 Agenda

Howard will talk about the latest updates in the regulatory landscape and how new legislation is shaping our future. He will talk about how to find easy routes to compliance to help you win more business using regulation and certification as a business enabler. He will also remind you about your responsibilities under the GDPR and why Cyber Essentials is a very powerful business enabler.

Here’s the hard truth: doing great work is no longer enough.

If people don’t see your impact, they can’t benefit from it.

Yet most professionals still shy away from personal branding , thinking it’s about bragging, self-promotion, or being “louder” than everyone else.

That misconception doesn’t just stall careers, it silences leaders and it robs workplaces of the authentic role models they need.

In this talk, I’ll show you why personal branding is the skill every professional needs, whether you’re just starting out or already leading at the top. You’ll discover:

• Why visibility is now as important as performance
• The mindset shift that makes branding authentic, not cringey
• Practical tools to uncover your unique value and communicate it with confidence
• How investing in your brand translates directly into promotions, pay rises, and accelerated career growth

This isn’t about turning yourself into something you’re not. It’s about making sure others see the full value of what you already bring — and amplifying your ability to lead, influence, and open doors for yourself and others.

If you want to future-proof your career and your leadership impact, this is a session you won’t want to miss.

Traditional pentesting stares into the abyss - snapshots, static reports, false certainty. Blind spots multiply while attackers move faster in the light of the present. This talk breaks the comfort of false confidence and demonstrates how AI-driven continuous pentesting drags security out of the dark, exposing risks as they emerge and arming defenders to move faster, sharper, and earlier than their adversaries.

Whilst low-hanging terms like “master/slave” and “black/whitelist” are no longer as embedded in system architecture and team vocabulary, Franky Biles explores how your organisation can go further. By overturning legacy terminology, coding conventions, and everyday expressions in tech and cyber that perpetuate exclusion and bias in security design and recruitment, you'll leave with actionable insights to help build a more inclusive digital future.

Have you ever giggled at ‘Penetration Testing’? Got a graphic sense of ‘male to female’ ports? How might you rephrase ‘Terminated User’ or ‘Repeat Offender’ so your colleagues become a stronger line of defence? And just how would you ‘kill two birds with one stone’?

At today’s crawl, cyber won’t hit parity until 2075, while we face a 4.8 M‑person talent gap and teams with 30 % women see 40 % fewer breaches. Yet just 17 % of CISOs are female.

Ukraine’s Fast‑Track Proof: War drafted the men; thousands of women pivoted into cyber and tech roles in months, showing parity can happen at warp speed when survival demands it.

Session Promise: In 30 minutes, we’ll torch the “slow progress” myth, steal Ukraine’s playbook, and slash 50 years to five.

Key Takeaways

Data > Diversity Talk: Use stats to win board buy‑in.

Mid‑Career Hinge: Sponsor & retain women where the pipeline leaks worst.

Live‑Fire Training Hack: Practical, real-world education (Ukraine‑style) to upskill twice as fast.

Discover how to apply behavioural models such as MINDSPACE and proactive nudges to drive lasting security behaviour change. Learn how to keep security front of mind across your organisation—and how to measure and report its impact effectively to leadership, proving the value of your awareness efforts.

As cyber threats grow in scale and sophistication—driven by automation, geopolitical tensions, and evolving attacker tradecraft—resilience strategies must keep pace. This panel brings together leaders in national infrastructure, cyber defence, and policy to explore how organizations are adapting to a threat landscape where disruption, not just data theft, is the goal.
The discussion will move beyond AI hype to focus on practical resilience measures, including dynamic risk response, Zero Trust integration, and intelligence-led defence. Drawing on current and emerging frameworks and regulations like NIST CSF The Cyber Resilience Act, panellists will share real-world insights into defending critical systems under sustained and advanced attack conditions.

• Overview – Evolving Threat Landscape
• Why Ai skills matter
• Where will Ai in cybersecurity take us in the next 10 years
• why Ethical Hacking and pen testing need Ai skills today
• how EC-Council helps to enhance Ai skills,
• Why continuous learning in Cybersecurity and Ai is important.

One of the world leading researchers on anonymisation (and related topics of Statistical Disclosure Control and data synthesis) discusses whether the concept and methods of anonymisation still have a role to play in the world including AI. He discusses his 2014 prediction that Anonymisation would cease to be useful within 15 years whether this looks likely to be true and if so, what do we need to do instead?

Key Takeaways:

• What is anonymisation?
• Is it dead or about to die?
• What do we need to do instead?

Most professionals are underpaid, overperforming, and quietly hoping someone will notice. According to Yota Trom, that’s not a strategy—it’s a trap.

In this fireside chat, Yota shares the exact system she’s used to help over 500 professionals—from individual contributors to senior executives—get promoted, negotiate 6- and 7-figure salary increases, and finally speak about their value with confidence.

Listeners will discover:

• How to uncover their true market value (and back it up with data)
• A step-by-step approach to asking for a raise or promotion—without the cringe
• How to build visibility with personal branding that feels authentic, not salesy

Packed with real stories, scripts, and mindset shifts, this conversation goes far beyond typical career advice. Whether you’re early in your career or already leading teams, Yota’s insights are a wake-up call, a confidence boost, and a practical guide to owning your ambition and asking for what you deserve.

Get ready to stop waiting for recognition—and start getting it.

Building inclusive pathways into cyber requires intentional design — from outreach to executive development. This session explores how to attract and grow diverse talent without relying on outdated models.
Key Takeaways:

Create frictionless entry for untapped talent

Promote equity in career progression

Align hiring with long-term capability

Enhace your USPs

Cybersecurity careers are as diverse as the threats we face. This panel brings together hiring managers, educators, and security leaders to explore what employers are really looking for today—from technical skills to adaptability and AI literacy. Learn how certifications, hands-on experience, and non-traditional pathways are shaping the modern cyber workforce—and how to position yourself in a skills-first market. The session will include extended audience Q&A, offering a chance to gain personalised advice, guidance, and insight directly from seasoned professionals.

As cybercrime becomes more sophisticated and widespread, traditional law enforcement faces new pressures to adapt. This session examines how we are evolving to meet the demands of the digital age, tackling issues like data breaches, online exploitation, and digital evidence collection. Charlie will discuss real-world investigations, challenges in attribution and jurisdiction, and the importance of collaboration with cybersecurity professionals and tech companies. We will gain a deeper understanding of how law enforcement is working to stay ahead of cybercriminals and where the gaps remain.

Are you curious as to how impactful leaders seem to effortlessly control a meeting, a discussion or even a room no matter how technical the subject? What tips and tricks are they using that you could incorporate to ensure that you also lead with impact. Then join this session where Cheryl will discuss some of the techniques that she has used in the very technical world of cyber and how she has coached and mentored individuals and teams to unlock their potential.

In this fireside chat, Dr Zimeta, Head of Digital and Data Policy at Which?, and Andy Laughlin, an investigative journalist, will explore the intersection of tech scrutiny and policy advocacy in consumer technology. Andy will share insights from years of investigative work uncovering how smart home devices and apps collect excessive and often unclear data, such as in the viral “Why is my air-fryer spying on me?” exposé. Dr Zimeta will discuss how these revelations shape the policy landscape, from influencing regulators like the ICO to setting future priorities for product security. Together, they will offer a lively and thought-provoking look at how journalism and policy can work hand in hand to protect consumers in an increasingly connected world.

An overview of the Cyber Growth Action Plan, covering how it will strengthen the British cyber ecosystem

Cybersecurity is no longer a binary state of “secure or not secure.” An organization’s posture depends on its risk appetite and how it manages third-party dependencies. Traditional vendor risk assessments — from self-assessments and audits to certifications — offer partial insight but often lack transparency and objectivity. In this fireside chat, we’ll explore the challenges of Cyber Rating &  Third-Party Risk Management (TPRM), highlight innovative approaches for understanding vendor security posture, and present how transparent, inside-out measurement is already being adopted across the Spanish financial sector and beyond.

In an increasingly interconnected global economy, the resilience and reliability of supply chains have become critical to business success. This presentation examines the vital role of third-party assurance in managing supply chain risk, ensuring compliance, and maintaining stakeholder trust. It explores key frameworks, emerging standards, and real-world case studies that demonstrate how independent verification can uncover vulnerabilities, enhance transparency, and drive continuous improvement. We will gain insights into best practices for evaluating third-party partners, mitigating operational and reputational risks, and fostering a culture of accountability throughout the supply network.

In this fireside chat, Gordon will discuss his new book, The Spy in the Archives. This session will explore the real-life espionage and historical research that informed the book, revealing how hidden records and overlooked details can reshape our understanding of intelligence, security, and international affairs. With reflections on the craft of research and the enduring relevance of archival material, this session offers a compelling look at the intersections between history, secrecy, and statecraft.