Reflecting on the 2019 CIO CISO Conference

On Monday 11^th and Tuesday 12^th November 2019, the Inspired CIO and CISO conference was held at the Hilton London Syon Park.

The conference brought together more than 100 senior executives from Information Technology and Information Security for an immersive learning experience. The agenda included educational masterclasses, networking opportunities, and a programme of pre-qualified, one-to-one meetings that allowed executives to establish new connections with vendors offering solutions to their key business challenges.

The Hilton London Syon Park is located on the edge of the historic, 200-acre Syon House estate. With luxurious décor and scenic views of the beautiful gardens, the stylish venue provided a premium setting for the conference.

The event began on the evening of 11^th November, with a luxury three-course dinner and networking drinks in the Grand Syon Ballroom. Guests were seated across nine tables, where enthusiastic discussions took place on a range of relevant, thought-provoking topics.

Within the CIO industry track, Edosa Odara, Head of Data at AXA Insurance, led an interactive roundtable discussion on whether data silos should be viewed as obstacles or opportunities.

At another table, attendees shared their thoughts on the evolving role of the CIO in a conversation led by Kim Harris, Director of PreSales Engineering at Box.

A discussion on digital employee experience was led by Paul Bulmer of Citrix, inviting executives to consider if their technology strategies are helping to attract and retain talent within their organisations.

Oliver Davey, Head of Data Development at Macmillan Cancer Support, hosted a roundtable discussion on breaking down siloed interests, discussing where the most common silos are found and how they can be brought back to a common organisational-wide focus.

A conversation on cloud adoption and securing access was led by Tom Broom, Regional Sales at OKTA, discussing how to build agility into a business and the benefits of moving to newer solutions.

For the CISO industry track, Hugo Bishop, UKI Lead SecOps Portfolio at Cisco Umbrella, hosted a discussion on managing security breaches and the ways that organisations can stay ahead of ongoing threats.

Ben Trethowan, Information Security Manager at Square Enix, led a conversation on securing the past, asking if the cyber lessons of yesterday are being forgotten in pursuit of tomorrow.

A discussion on compliance took place at the table led by John Wallworth, Information Security Leader at Virgin Care, considering if compliance is just a box-ticking exercise to protect against litigation.

Many new business connections were made at the roundtable dinner, with lively discussions and interesting ideas shared among peers.

“The most valuable part of the conference for the Cisco reps is the roundtable dinner – sitting down with the CISOs, having that as an icebreaker and building those relationships,” said Mayur Patel of Cisco Umbrella.

The next morning, the conference day was opened with an inspiring panel discussion for each industry track.

CIO executives attended an opening panel discussion on ‘Agents of Change – How the IT leader of today is the catalyst for business improvement’, moderated by Joann McCann, Director UK and Ireland at Unilever. The panel included Linda Nwokobia, Global Head of IT Delivery and Portfolio Management at Reckitt Benckisser; Lynton Oelofsen, IT Director at Associated British Food Ingredients; and Shubhi Rajnish, IT Director at BP.

The panel discussed the roles that IT teams play in driving overall cultural change within the business. Each speaker was asked to consider the changes within their own organisations, including how their teams have had to adopt different methodologies and their experiences in influencing the C-suite to take on a different mindset. Some interesting thoughts were shared on the skills needed for IT leaders and CIOs in the future.

Joann also asked the panel to discuss the obstacles and challenges they have faced on their digital transformation journey, as well as sharing any tips and advice for any CIOs about to embark on their own journey.

The CISO panel discussion was moderated by Brian Littlefair, former CISO and CEO at Cambridge Security Advisors. The topic of ‘The New CISO’ was discussed by John Wallworth of Virgin Care; Mahbubal Islam, Head of Government Transformation Security at Government Digital Service; and John Rouffas, CISO at Go Ahead PLC.

Each panelist was asked to share their opinion on where the new CISO should be structured within an organisation, and how CISOs can ensure that people are engaged to get the culture right. An interesting discussion on chartering took place, considering whether CISOs should have to pass a chartering exam to validate their experience for the role.

A number of engaging questions were also put forward from the audience, sparking a debate on whether standardising the CISO role is a good idea. The speakers were also asked to comment on the challenges for a CISO working alongside a CIO.

After a short networking break, two headline sponsor masterclasses took place.

Kim Harris, Director of PreSales Engineering at Box, was joined by John Sullivan, CIO at Virgin Trains to discuss ‘The Blueprint for the Best-of-Breed Digital Workplace’ with the CIO industry track. Kim and John shared their blueprint for the deep cultural, organisational and technological changes demanded by the future of work, from collaboration to AI.

The CISO keynote session saw Hugo Bishop, UKI Lead SecOps Portfolio at Cisco Umbrella, lead a session titled ‘Breach Defence: Protecting what’s now and what’s next’. Hugo explained why prevention-only strategies eventually failed and shared an insight into building a strong security posture and integrated defence system.

An informative programme of CIO and CISO masterclasses followed throughout the day, with executives selecting which sessions would be the most valuable to their roles and businesses.

“I liked the choice I was given about the sessions I attended,” said Donna Bates, CIO at Chelsea FC. “I think my experience today will really help shape the strategy for Chelsea Football Club. My journey is ongoing and it will help give me some perspective, move the IT team forward, take some of the shared experiences and put them into practice.”

Auriol Stevens, Global IT Director at Unilever, led a session titled ‘Why Diversity and Inclusion will help your company thrive’. Auriol discussed the ways a diverse and inclusive workforce can boost financial performance, innovation and employee motivation, as well as helping companies to anticipate and meet the needs of their value chain.

An interesting presentation on ‘Driving tangible benefits through adopting a full-lifecycle digital twin approach’ was hosted by Simon Evans, Director of Digital Engineering at Atkins. This session discussed the benefits of digital twins, the barriers to adoption, and how they are being categorised in the industry through the digital twin maturity spectrum.

Toby Hayes, Global Data Protection Controller at Pladis Global, shared a valuable insight into how Brexit might change the landscape of data protection. In this session, ‘Privacy, Data Protection and Brexit: Questions to ask your Data Protection Officer’, Toby discussed how organisations can prepare for the legislative, regulatory and operational changes to how personal data is processed.

In an informative workshop titled ‘Accelerate your journey to Cloud and AI’, Mark Osborn of IBM discussed the flexibility needed for the next chapter of cloud.

Dan Gordon of GitLab shared an insight into how a single application can ensure the success of DevOps. In his session, ‘Manage your toolchain before it manages you’, Dan discussed how the software delivery toolchain can be the hidden reason many organisations have not achieved the benefits of DevOps.

Jacob Eborn, Privacy Consultant at OneTrust, hosted a session on ‘Managing third-party vendor risk’. Jacob shared a six-step approach for automating third-party vendor risk management, with tips and advice for automating third-party privacy and security risk programs.

A networking break took place after each masterclass, giving delegates an opportunity to enjoy refreshments and view expo stands while building on new relationships with their peers. Conversations on the workshop topics continued throughout each break, with attendees sharing their own ideas and experiences of the issues raised.

Pre-qualified business meetings were also held during each networking break session. All senior executives were interviewed prior to the conference in order to identify their key challenges and create a programme of one-to-one meetings with the most relevant solution providers.

Important new business connections were made between vendors and the attending CIOs and CISOs with valuable discussions on how the vendors can assist with their latest projects.

“The most valuable part of the conference has been the quality of the discussions I’ve had,” said Mark Osborn, Cloud Architect Executive for IBM. “Everybody here has a real, genuine interest in talking about our products and the challenges they have.”

A networking lunch took place in The Restaurant before more insightful masterclasses and one-to-one business meetings continued in the afternoon. 

Keith Baxter, Group CIO at Anthony Nicholas Group, led a masterclass on ‘The emergence of a hybrid and multi-cloud strategy’. Keith explored the ways businesses are adopting cloud functionality as hybrid cloud and multi-cloud deployments are becoming the new norm.

A thought-provoking discussion on ‘Why the InfoSec status quo costs CIOs too much and fails to deliver’ was hosted by Greg van der Gaast, Head of Information Security at the University of Salford. Greg shared his thoughts on how today’s reactive approach to security does not address the root causes of issues.

Jon Cosson, Head of IT and CISO at JM Finn & Co, led an interesting discussion on the human element of cyber security in a session titled ‘Circumventing the Human Firewall’.

CIO attendees were given an insight into the ‘Badoo Data Story’ by Artem Ivanov, Director of BI at Badoo. Artem explained how Badoo has gained five years of business value from Big Data by using Exasol’s data analytics platform.

Daniel Yin, Head of Product and Innovation EMEA at RingCentral, explored ‘The Future of Work’ in his inspiring masterclass on how to transform communications in the digital age. Daniel outlined the key challenges in how modern businesses communicate and suggested how these problems can be solved.

In a masterclass titled ‘Keeping your business safe in a Cloud World’, executives learned about the differentiating features of Chromebooks around security. Matt Stevens, Chrome Enterprise Sales Lead at Google Chrome Enterprise, explained how Chromebooks can help to keep company data secure.

In the final sessions of the conference, Gerwyn Jenkins, Director at Barclays, hosted a workshop on ‘Open Innovation’ to discuss the ways open innovation can develop new opportunities for growth.

A masterclass on ‘Transformation in a Constrained Environment’ was led by Donna Bates, Head of IT at Chelsea FC. This session considered the internal and external constraints in technology transformation and how IT departments can find ways to move forward and innovate.

Dinis Cruz, CISO at Independent, finished the day with a session on ‘Modern Security using Graphs, Automation and Data Science’. This presentation demonstrated how serverless environments can enable event-driven workflows that dramatically change the scalability and cost of security operations.

The conference ended with closing networking drinks, where attendees were able to reflect on all of their learning and the new business connections they had made.