Thursday 26 March, Edinburgh International Conference Centre (EICC)

​

BREAKFAST BRIEFING

08:20    Delivering innovation in the age of AI: Shipping secure AI features at product speed

​​​

• How has secure-by-design product engineering and DevOps expertise has supported GMVi in developing innovative AI features for Eikos? 

• New capabilities are being integrated into a trusted, live product at pace. 

• Rapid development brings challenges, particularly around maintaining security and resilience. 

• How are GMVi keeping cyber security central throughout the development lifecycle. 

• Improving customer outcomes and helping bridge the “uncertainty gap” through smarter, more accurate process management in complex environments. 

​​

John McIntosh, CIS, GMVi 
Ben Owen, Practice Lead, Sword 

​

08:50   End of Breakfast Briefing

​

SESSION 1

The opening session will contextualise the threat landscape for 2026, and examine some of the key issues that security leaders should be prioritising. We will consider how the AI arms race is evolving attacks, how privilege sprawl is compromising defences, and how the velocity of change requires a new level of anticipation and foresight. 

​

​09:15    Welcome from the Conference Chair

​

Mark Stephen, Journalist & Broadcaster, BBC Scotland

09:25    Would You Like AI With That? The Cyber Threat Combo Meal with Geopolitical Tensions on the Side

​​​

• AI is driving a global cyber arms race, with nations leveraging artificial intelligence as a strategic asset, fuelling geopolitical tensions and state-sponsored cyber campaigns. 

• McDonald’s sees the scale of modern cyber risk - a globally connected enterprise with vast digital infrastructure, making it a prime target for AI-powered attacks  

• AI-automated malware represents the next frontier, capable of autonomously adapting, generating polymorphic code, and optimizing ransomware strategies  

• AI-powered phishing and social engineering are evolving rapidly, using generative AI for hyper-personalised attacks, voice cloning, and deepfake fraud at unprecedented scale. 

• The convergence of AI & geopolitics amplifies threats, demanding international collaboration, AI-driven defence strategies & proactive governance to mitigate systemic risks 

​

Ellie Hallam, Sr Threat Intelligence Analyst, McDonald’s  

09:50   Beyond the Login: A PrivilegeCentric Playbook for Identity Security​

​

• Why “logging in” is the new breaking in: How modern attackers exploit identity and where traditional security models fall short. 

• The hidden risk inside privilege sprawl: Why fragmented tools, siloed teams, and exploding human and nonhuman identities create blind spots attackers love. 

• How to limit the blast radius with privilegecentric security: How visibility and control over privileged access changes the outcome of breaches. 

• From point PAM to identity security foundation: What it takes to unify access, entitlements, and teams - and turn privilege into a force multiplier for security. 

​

James Maude, Field CTO, BeyondTrust 

10:10    Anticipatory Governance: Strategies for Navigating Cyber Risk Complexity in the AI Era 

​​

• Disruption is no longer a point in time - but a constant state, the missing risk assessment vector is Velocity 

• Anticipatory governance helps make sense of an ‘un-vice’ world of complex and constantly changing risk factors, using 3 techniques  

• Apply foresight, using horizon scanning = think creatively 

• Tune into weak signals, listen for the whisper before the scream, and filter = validate rigorously 

• Take a pre-mortem approach, reverse engineer and plan for potential impacts of ‘theoretical’ threats - abandon the grand design and learn from the storm = act adaptively 

​

Laure Lydon, VP of Security and Infrastructure, Flo Health  

​

10:35    Combined Q&A​​

​

11:00    Networking & Refreshments

SESSION 2

Session 2 will explore a series of key topics with a longer presentation format. The session will be run in a breakout format across four parallel streams, providing delegates the opportunity to attend two options live. 

#

11:35    First Breakout Option (A-D)​

​

A. The Good, the Bad, and the Backups: Vaulting & Recoverability You Can Prove ​

​

• Myth busting, common cloud safety assumptions that put you at risk  

• Sourcing a product, what we did differently 

• Knowing what to do first  

• Lessons learned, surprises we hit and the fixes we’d implement from day one 

 

Samantha Leeman, Cloud Product Lead, Lloyds Banking Group  

B. Beyond the Perimeter: A Proactive, End-to-End Attack Surface Management Strategy​​

​​​

• In an era of rapid digital expansion, your attack surface is likely growing faster than your visibility 

• This session moves beyond basic asset discovery to explore how organisations can build a sustainable, proactive process for managing exposure 

• The Visibility Gap: Identifying recurring challenges in modern environments 

• Defining the Lifecycle: A breakdown of the ASM maturity model 

• Prioritisation over Proliferation: How to filter out the "Noise"? 

• The Modern Toolkit 

• Lessons from the Trenches: My own experiences in Attack Surface Management

​

Becca Liddle, Principal Security Engineer, Ovo  

C. Getting Comfortable with the Uncomfortable: How to Prove Security Awareness Can Be Done Differently? ​

​​

• Explaining the gap in how people learn versus how security awareness tries to teach  

• Case studies of where traditional awareness activities have measurable impact  

• Translating these untraditional activities into meaningful impact for your senior leaders  

​

Lucy Findlay, Human Risk Consultant & Culture Specialist 

​

D. Building the Foundation for Scotland’s Digital Future: Sovereign, Secure and Built for AI 

​

• Scotland’s digital future demands resilience, security and innovation, yet legacy systems, tight budgets, spiralling costs and escalating security threats have slowed progress.  

• Explore a new way to accelerate AI adoption, deliver guaranteed performance, and tackle the core challenges facing public and private sector. 

• Brightsolid Cloud is a sovereign, self-service cloud platform developed in partnership with Canonical, Cisco and Druva. 

​​

Andy Sinclair, Chief Technology Officer, Brightsolid 

Ian Heptinstall, MSP Sales Engineer, Druva 

​​

​12:10    Transition

​

12:20    Second Breakout Option (E-H)

​

E. The West Lothian Council Cyber Incident 1 Year On

​

• One year after a major ransomware attack that disrupted schools and essential services, West Lothian Council reflects on the lasting impact and recovery. 

• How the incident reshaped cybersecurity strategy, operations, and culture across the organisation in the year since. 

• ongoing role post-incident, including long-term recovery, system modernisation, and rebuilding confidence and trust beyond the initial response. 

• what changed after the crisis: improvements to resilience, governance, preparedness, and communication, and which lessons only became clear months later. 

 

Ian Forrest, IT Manager, West Lothian Council & Iain Slater, Director & COO, Barrier Networks 

​

F. How to “Sell” Cyber Security Investments to Your Board 

​

• Is obtaining budget for Cyber Security investments a challenge in your organisation?  

• Do your stakeholders struggle to understand how Cyber Security supports and protects business growth? 

• Join this session where ESET will share its Point of View [PoV] and strategies on how to secure budget and support for Cyber Security projects.  

​

Nigel Pink, Head of Corporate Solutions UK, ESET 

​

​G. The future of AI use in Cyber Security within the Public Sector ​

​

• Why public sector must use AI within security detections  

• What security AI tools to avoid and why 

• When AI in cyber security detection and response is detrimental  

• How defenders are innovating and integrating AI into modern security operations  

 

Rob Demain, Founder & CTO, e2e-assure 

​

H. The Future of Defence: Managed Security Leadership in an Era of Unprecedented Cyber Threats

 

• Traditional cyber security tools cannot keep up with today’s threats. 

• We will explore why layered products fail – and how a unified platform, built on zero trust, least privilege and AI-powered automation, redefines modern defence.  

• Learn how seamless access control, real-time threat response and machine-level protection come together to secure every user, device and session. 

​

Martin Sawczyn, Sales Engineer, Keeper Security ​​

- Actionable recommendations for developing sustainable security capabilities. 

12:50    Lunch and Networking

​

​

SESSION 3 

The afternoon session will look at specific measures to improve resilience and response. We will explore how to adopt a more data-driven approach to measuring your defence, how to address the most common points of failure in your incident response, and how to ensure AI tools really enhance your security posture. ​

​

13:40    Cyber Risk Quantification: A Framework-Driven Approach to Measuring Defensive Capability 

​​​​​

• In an era of escalating threats, organisations must move beyond qualitative assessments and embrace structured, data-driven methodologies 

• A practical implementation of Cyber Risk Quantification, leveraging industry-standard frameworks such as MITRE ATT&CK and NIST to assess effectiveness of security controls  

• Quantify the likelihood and impact of cyber threats 

• Prioritise security improvements based on measurable gaps 

• Enhance board-level reporting with defensible metrics 

• Support strategic decision-making through scenario modelling 

​

Kev Milne, Cyber Threat Intelligence Manager, NatWest  

​

​14:05    Proactive Incident Response: Learning from When it Hits the Fan

​

• Addressing the most common points of failure which undermine incident response 

• External Team: critical time is often wasted by not having the right partners lined up - ensure you have all the required vendors identified, approved by insurance, and ready to go 

• Backups: too often backups are inadequate and this massively impacts BC and DR - map everything you really need and make sure it’s properly backed up 

• Culture: organisational culture can make or break the effectiveness of your response - make sure you have the right people empowered to lead and manage during an incident 

​​

Ffion Flockhart, Global Head of Cybersecurity, A&O Shearman  

​

14:30    The Dual Challenge: Shifting Left with AI, Securing the AI You Shift With

 

• The critical, two-part strategy of modern Platform Security 

• Leveraging AI/ML to embed security early into the Software Development Lifecycle (SDLC) for proactive defence 

• Securing the AI models and workflows you introduce.  

• How AI guides secure coding, flags vulnerabilities and helps to threat model 

• Actionable steps to build necessary trust and govern AI usage 

• Maintaining the professional scepticism to ensure new tools strengthen security posture, not introduce new risk 

​

Dan Conn, Staff Platform Security Engineer, Trustpilot  

14:55   Combined Q&A

​​​​15:20    Closing Remarks

​

​

NETWORKING DRINKS RECEPTION

​

​15:20    Networking & Drinks Reception

16:00    End of Summit

*The conference agenda is provisional and subject to change