skip to navigation skip to content


Cambridge Judge Business School
University of Cambridge
Trumpington Street

Cyber risk changes rapidly from one month to the next. Typically, analysts are prepared to assess cyber risk for the next year ahead. Business executives however, need to plan for multiyear investments, returns on capital, and longer-term assessments of risks to their business strategies. In this conference we challenge cyber risk specialists and business risk managers to consider how the risk could be very different in a five to 10 year horizon, particularly the potential paradigm shifts that could provide strategic shock, and how enterprise risk management strategies can be developed to cope with the uncertain future. 

We invite presentations and attendance from a wide variety of specialists and business managers, including cyber security specialists, ethical hackers, academics studying aspects of cyber crime, motivation, and technology, Chief Information Security Officers and their teams, cyber insurance practitioners, and advisors and specialists.

For an overview of the final session and audience voting on The Future of Cyber Risk, and summary of attendee feedback

Summary of voting and attendee feedback

Wednesday 24 July 2019

09:00-09:30 Registration and coffee
09:30-09:40 Welcome
Professor Daniel Ralph, Academic Director, Cambridge Centre for Risk Studies, and Professor of Operations Research, Cambridge Judge Business School
09:40-10:00 The Future of Cyber Risk
Dr Andrew Coburn, Chief Scientist, Cambridge Centre for Risk Studies
10:00-10:30 Expecting Strategic Surprise: How our Adversaries Could Evolve Their Tactics
Conrad Prince, RUSI Distinguished Fellow and Senior Adviser Pool Reinsurance; formerly Director General for Operations GCHQ, and UK Cyber Ambassador
10:30-11:00 Plus Ça Change: Cybercrime, Past Present and Future
Dr Richard Clayton, Director of Cambridge Cybercrime Centre, Cambridge Computer Laboratories, University of Cambridge
11:00-11:30 Coffee break
11:30-13:00 Parallel Sessions I
Track 1: Cyber Risk Landscape
Lecture Theatre 1
Chair: Tom Harvey, Head of Cyber Product Management, Risk Management Solutions

Software Liability, Hackbacks, and Deep Fakes
Erin Burns, Concinnity Risks

War Games, Simulations, and Scenarios: Preparing Organisations for Long Term Cyber Resilience
Justin Clarke-Salt, Managing Director, Cyber Security, Aon Cyber Solutions

Cybergeddon vs. Cybertopia: Key variables in determining the future of cyber risk
Dr Jennifer Daffron, Cyber Research Lead, Cambridge Centre for Risk Studies
11:30-13:00 Track 2: Cyber Threat Actors
Lecture Theatre 2
Chair: Maria Bada, Research Associate, Cambridge Cybercrime Centre, Cambridge Computer Laboratories, Cambridge University

Trends in Hacker Business Models: Lessons from Negotiating with Extortionists
Winston Krone, Managing Director of Kivu Consulting, Kivu Europe

Game Theory Approaches to Understanding Future Strategies of Threat Actors
Dr Gordon Woo, Catastrophist, Risk Management Solutions

Journey from Black Hat to White Hat: The Psychology, the Tactics and the Future of Cyber Crime
Mike Jones, Security Researcher
11:30-13:00 Track 3: Future Technology and Tools
Lecture Theatre 3
Chair: Vincent Gilcreest,

Red on Blue: Infinity War
Sille Laks, Cyber Security Expert, Clarified Security

The Evolution of Cyber Security Risk Ratings
Jasson Casey, Chief Technology Officer at SecurityScorecard

Tracked, Jacked & Extorted: Today & Tomorrow’s Threat Landscape
Timothy Olsen, Vice President of Cyber Risk and Breach Response, Symantec
13:00-14:00 Lunch at Cambridge Judge Business School
14:00-15:30 Parallel Sessions II
Track 4: Advances in Security
Lecture Theatre 1
Chair: Dr Raveem Ismail, Director, (Re)insurance, QOMPLX: Insurance

Managing Cyber Risk in Digital Transformation
Stephen Boyer, CTO and Founder, BitSight

Cyber Risk Quantification: Risk Dependency and Its Impact on Modeling and Underwriting
Professor MingYan Liu, Chair of Electrical and Computer Engineering, University of Michigan

Interdisciplinary Approaches to Cyber Security for Organisations
Dr Jason Nurse, Assistant Professor in Cyber Security, University of Kent
14:00-15:30 Track 5: Changes in Risk Management
Lecture Theatre 2
Chair: Dave Ruedger, CISO, RMS

The Changing Face of Privacy Law and Future Costs of Cyber Liabilities
James Clark, Senior Associate, DLA Piper

Changing Workplace Behaviour: Improving the Human Firewalls of Organizations
Stephen Burke, CEO & Founder, Cyber Risk Aware

The Future of Cyber Risk Management in Large Organisations
Domenico del Re, Director, PwC UK
14:00-15:30 Track 6: Cyber Insurance
Lecture Theatre 3
Chair: Kelly Malynn, Senior Risk Manager, Beazley Group

Cyber Insurance in 2025
Sarah Stephens, FINPRO Cyber, Media & Technology Practice Leader

The Cyber Market's Present and Future Challenges; the Reinsurers' View and Expectations
Eric Durand, Swiss Re

Future Analytics of Cyber Risk Quantification
Dr Christos Mitas, Vice President of Model Development, Risk Management Solutions
15:30-16:00 Tea break
16:00-17:15 Track Reports and Discussion: Bringing together the Multiple Aspects of the Future of Cyber Risk

The chair of each of the parallel sessions reports back to the plenary attendees about their session. This will be followed by Q&A with the audience and the chairs

Moderated by: Dr Andrew Coburn

  • Cyber Risk Landscape – Tom Harvey, Head of Cyber Product Management, Risk Management Solutions
  • Cyber Threat Actors – Maria Bada, Research Associate, Cambridge Cybercrime Centre, Cambridge Computer Laboratories, Cambridge University
  • Future Technology and Tools - Vincent Gilcreest,
  • Advances in Security – Dr Raveem Ismail, Director, (Re)insurance, QOMPLX: Insurance
  • Changes in Risk Management – Dave Ruedger, CISO, RMS
  • Cyber Insurance – Kelly Malynn, Senior Risk Manager, Beazley Group
17:15-17:30 Concluding Remarks
Simon Ruffle, Director of Research and Innovation, Cambridge Centre for Risk Studies
17:30-19:00 Networking Reception
Cambridge Judge Business School