
Chainguard : Racing the Machines: Board-Ready Security Metrics for Banking CISOs in the AI Era

Discussing Points
Retiring the vulnerability myths: why severity charts, patch counts, and incident response speed no longer reassure the board, or the regulator
Pricing the backlog: translating open critical/high vulnerabilities into people-hour debt and real remediation cost
From firefighting to resilience: reducing emergency patching and operational disruption in always-on banking environments
Racing the Machines: Board-Ready Security Metrics for Banking CISOs in the AI Era
AI-assisted attackers are finding and exploiting vulnerabilities faster than most security teams can triage, assess, and remediate them. For banks under constant regulatory and board scrutiny, the old vocabulary of severity charts, ticket counts, and remediation velocity no longer answers the question boards and regulators are really asking: is material risk actually declining, and can this environment withstand an attacker working at machine speed?
This roundtable brings together senior security leaders from UK banking to discuss reframing vulnerability management in business and governance terms — translating technical exposure into cost, disruption, and risk metrics that boards and UK regulators (PRA and FCA operational resilience and incident-reporting rules, plus DORA exposure for banks with EU operations) want to see. Drawing on Chainguard’s research, the conversation will explore moving from reactive patching to structurally reducing attack surface, and what “good” looks like when reporting upward.
Agenda
Welcomed attendees are integrated into a curated networking space, fostering direct interactions for ice-breaking and relationship-building before engaging in substantive, collaborative discussions.
Shifting to a sit-down discussion with drinks, this promotes open, thoughtful dialogue on a set topic agenda, aimed at fostering collaboration and deepening connections in a relaxed, supportive setting.
The evening culminates with a luxury meal, offering exquisite cuisine in an elegant setting, enhancing networking opportunities, and providing a memorable experience that strengthens professional bonds among attendees.
The finale features a wrap-up and Q&A session, where sponsors address the roundtable, followed by drinks and networking, enabling direct engagement and planning of actionable next steps in a collaborative environment.
About the hosts
Chainguard is a software security company focused on securing the software supply chain. They provide trusted, hardened open source libraries and container images that help organisations reduce dependency-based vulnerabilities and build more secure applications from the ground up. Chainguard works closely with engineering and security teams to ensure software is secure by default, without slowing development or delivery.



















