Cyber Risk Landscape

Tom Harvey leads product management for the RMS cyber model having joined the company six years ago. In 2016 he worked alongside the University of Cambridge’s Centre for Risk Studies and a team of industry partners to define and release the industry’s first cyber exposure data standard. He has since partnered with many of the leading cyber insurers to improve their quantification of cyber risk and managed the development the industry’s first probabilistic cyber catastrophe model.

Prior to joining RMS, Tom was at Hewlett Packard Software (HPS) in the European consulting team, working closely with several FTSE 100 companies within the energy and finance sectors to support the adoption of HP’s IT management and security products. Tom holds a BSc (Hons) from the University of Leeds in Biochemistry and Bio-informatics.

How can technology bring people together offline and improve lives? That is what Erin tries to answer through her ideas, projects, and explorations of technology. Community drives her passion for technology. To that end, she developed Extraqueericular.com, on online platform connecting the LGBTQ+ community to LGBT-friendly services and events. Her interests lie in web application development and security. You can follow her on Twitter.

Justin Clarke-Salt is a Managing Director in Aon’s Cyber Solutions. He is in charge of Aon’s proactive business development and partnership efforts for the Security Advisory and Security Testing practices for EMEA (formerly parts of Stroz Friedberg and Gotham Digital Science). Justin also oversees the Red Team services and capability development within the firm, as well as directly overseeing individual client engagements globally in his role as a CREST Certified Simulated Attack Manager (CCSAM) for regulatory Red Team testing such as CBEST, iCAST, and TIBER.

Justin has more than 21 years of experience providing organisations with security and risk management services. He is an internationally recognised expert in the field of information security. He has assisted Fortune 500 and FTSE 250 corporations with information security assessment and advisory services, including the management and running of compliance focused security testing programmes for some of the largest financial services organisations in the world.

Justin is a published author in the areas of application and network security, including as the lead author/technical editor of SQL Injection Attacks and Defenses (Syngress 2009, 2nd Edition 2012), co-author of Network Security Tools (O’Reilly 2005), and a contributing author to Network Security Assessment, 2nd Edition (O’Reilly 2007), as well as a speaker at various security conferences and events such as Black Hat, EuSecWest, ISACA, BruCON, OWASP, OSCON, RSA and SANS. Justin is also an active member of OWASP, having recently stepped down from chairing the OWASP London chapter for over seven years.

Dr Jennifer Daffron is the Cyber Research Lead at the Cambridge Centre for Risk Studies. Her research interests include defining and exposing cyber threat vulnerabilities on organisational and human behavioural platforms. Jennifer holds a PhD in Experimental Psychology from the University of Cambridge.