Speakers
Chair
Dave Ruedger
CISO, RMS
Dave is the Chief Information Security Office for Risk Management Solutions based out of Newark, CA. Dave holds CISSP and CRISC certifications and has over 25 years of experience developing and managing security programmes for organisations as diverse as pre-IPO startups to large Fortune 500 enterprises. In addition, Dave spent over a decade providing a secure platform for consumer data collection and analytics that drove the distribution of targeted marketing content online.
Presentations
James Clark
Senior Associate, DLA Piper
James is a member of the Data Protection, Privacy and Security team and undertakes a wide range of information law work including data protection, e-commerce, cyber security, direct marketing and freedom of information.
James is the co-editor of the popular DLA Piper Data Protection Laws of the World Handbook and a regular speaker at external conferences and events. He has an international client base, and particular interest and expertise in the Insurance and Life Sciences sectors.
In a cyber security context, James provides advice on to clients on data breach management, including advising on cross-border notification mandates and managing privileged engagement with third party security consultants.
The Changing Face of Privacy Law and Future Costs of Cyber Liabilities
There has been a significant recent increase in the maturity and complexity of privacy laws around the world – beginning most significantly with the introduction GDPR in Europe, and now continuing in its spreading to countries as diverse as the United States, Brazil and India. Data security – and related obligations to notify and respond to breaches of data security, including those caused by cyber-attacks – are a core feature of many of these laws, as well as the more sector specific regulations which are emerging alongside the general privacy laws. This talk will plot the likely future path for the legal regulation of cyber security. In that context, it will examine the different forms of liability – such as regulatory enforcement, claims from affected individuals and contract counterparties, as well as the indirect costs of a legal security breach – which the laws create, and how each of these may change in terms of significance as the laws bed in.
Stephen Burke
CEO & Founder, Cyber Risk Aware
Stephen is a former Chief Information Security Officer (CISO) in the financial services and insurance/reinsurance sectors with over 20 years experience in IT and security roles. He founded Cyber Risk Aware in 2016, having consistently found that cyber criminals were targeting people not systems. Stephen firmly believes that staff are the greatest security asset in a company and are not the weakest link like so many others would make you believe. An effective information security programme must include a human-centric approach, otherwise it will fail.
Changing Workplace Behaviour: Improving the Human Firewalls of Organisations
Domenico del Re
Director, PwC UK
Dom is a Director at PwC’s UK Firm. He leads the work in EMEA supporting clients on the topic of Cyber Risk Management and Quantification. His clients include corporations managing their operational resilience and financial exposure to cyber events, as well as insurance companies seeking better understanding of the cyber risks in their portfolio liabilities.
Dom has a deep technical background in risk management and the development of modelling approaches for complex risks. With a team of cyber experts, actuaries and risk modellers, he supports companies around their exposure and management of cyber risk. Dom has helped companies to quantify their cyber operational risk capital requirements, their cyber insurance purchasing needs, and shown the benefit of quantification frameworks to support board risk reporting and cyber security investment decisions. Dom has an engineering and modelling background, and was previously employed for a risk modelling vendor firm.
The Future of Cyber Risk Management
How can the cyber risk management function be fit for the business threats that lie ahead? Digital strategies are transforming the way corporations are doing business and disrupting traditional revenue models. Technology is king, so investments and talent are firmly on the strategic spending plans. In this session we will present voices from the market on creating a risk function that can stay abreast of the technological transformation, to deliver resilient and secure customer experience and business operations. We will provide examples of where this has succeeded and what this means about the future of the cyber risk management function.