3rd NHS Cyber Security Conference: Future-proofing the NHS

Digital Infrastructure & Security

08:30 am
05 Mar, 2025
15Hatfields Conference Centre, London SE1 8DJ

3rd NHS Cyber Security Conference: Future-proofing the NHS

Digital Infrastructure & Security

08:30 am
05 Mar, 2025
15Hatfields Conference Centre, London SE1 8DJ

Current Landscape and Challenges

The NHS continues to face a growing wave of cyber threats as the healthcare landscape becomes more digitised and interconnected. Recently, attackers have exploited newer vulnerabilities within both legacy systems and emerging technologies like IoT-connected medical devices. The shift to remote work and increased reliance on digital communication channels has expanded the attack surface, exposing the NHS to sophisticated threats, including supply chain attacks and advanced persistent threats (APTs). The escalation of AI-powered malware, ransomware-as-a-service (RaaS), and deepfake technologies poses a heightened risk to patient data security and service continuity, underscoring the need for robust, adaptive defences.

Given these evolving threats, the NHS must enhance its cyber resilience by focusing on pre-emptive measures, such as predictive threat modelling and AI-enhanced threat detection. This conference will address these critical areas, providing insights into risk assessment, system fortification, and resilience strategies tailored to the healthcare sector.

Timeliness of the Event

This conference arrives at a pivotal time as the NHS intensifies its cybersecurity efforts to achieve full resilience by 2030. The increasing frequency and sophistication of attacks, such as the recent Log4j vulnerability exploitations that affected healthcare systems worldwide, underline the urgency for proactive defence measures. With the NHS striving to align with the UK government's cybersecurity objectives, including the 2022 National Cyber Strategy, this event offers a timely platform to discuss the latest threats, regulatory updates, and best practices in healthcare cybersecurity.

Key Topics

  • Ransomware and Advanced Malware Defence: Delve into the latest ransomware trends, including RaaS, and explore effective strategies for preventing and mitigating these attacks within healthcare settings.
  • Medical Device and IoT Security: As more IoT-connected medical devices are deployed, securing these endpoints becomes paramount. This session will cover safeguarding medical devices and integrating IoT security within broader cybersecurity frameworks.
  • Cloud and Data Storage Security: With increasing volumes of patient data stored and processed in cloud environments, this discussion will focus on cloud security architectures, data encryption, and access management to prevent unauthorised access and breaches.
  • Supply Chain and Vendor Risk Management: Recent breaches have highlighted vulnerabilities in supply chains, particularly with third-party vendors. This topic will cover how to vet, monitor, and secure third-party providers to mitigate supply chain risks.
  • Incident Response and Resilience Planning: Learn how to build and implement effective incident response frameworks that minimise operational disruptions, prioritise patient safety, and enable rapid recovery from attacks.
  • Identity and Access Management (IAM): Effective IAM practices, including multi-factor authentication (MFA) and role-based access control (RBAC), are essential in mitigating unauthorised access. This session will explore the latest IAM solutions and best practices.

Why Attend?

This conference is essential for NHS leaders, IT professionals, and cybersecurity specialists aiming to navigate the rapidly evolving cyber threat landscape. Participants will benefit from:

  • Expert Insights: Gain in-depth knowledge on the latest cybersecurity strategies tailored to healthcare, presented by industry leaders and cybersecurity experts.
  • Collaborative Knowledge Sharing: Engage with peers across the NHS, private sector, and governmental bodies to share experiences, challenges, and solutions.
  • Real-World Case Studies: Access actionable insights from case studies showcasing how healthcare organisations are effectively addressing cybersecurity challenges.

Attendees will leave the event with advanced strategies and tools to protect against sophisticated cyber threats, ensuring that the NHS remains resilient, safeguarding patient data, and maintaining continuity of services amidst growing cybersecurity risks.

Headline Sponsor

Who will Attend

  • Chief Information Officer (CIO)
  • Chief Information Security Officer (CISO)
  • IT Director
  • Chief Technology Officer (CTO)
  • Data Protection Officer (DPO)
  • Chief Medical Information Officer (CMIO)
  • Clinical Informatics Director
  • Head of IT Security
  • Risk Manager
  • Chief Privacy Officer (CPO)
  • Director of Compliance
  • Director of Information Governance
  • Head of Digital Transformation
  • Director of Network Security
  • Director of Health Informatics
  • Chief Operating Officer (COO)
  • Director of Emergency Medicine
  • Director of Nursing Informatics
  • Chief Financial Officer (CFO)
  • Director of Health Services

Sponsors & Partners

The programme

08:30

Registration & Networking

Registration - Open from 8:30 am - Closes at 11:00 am

All delegates must complete their registration process before the 11:00 AM cut-off time. Please arrive in a timely manner to allow for registration and to avoid any inconvenience. Delegates who arrive after the registration deadline will be refused entry to the event.

We appreciate your cooperation in helping us maintain the event's schedule and ensuring that everyone can fully participate in the Conference. If you have any questions or require assistance, our event staff will be available to assist you with the registration process.

Thank you for your understanding, and we look forward to an insightful and productive event together!

09:30

Chair Opening Address (Confirmed)

Bharat Thakrar
CISO
CyberBTX

Chair Opening Address (Confirmed)

09:40

Keynote Presentation - Mike Fell, executive director of national cyber security operations at NHS England (Invited)

Navigating the Evolving Cyber Threat Landscape: Challenges and Strategies for the NHS

Session Overview:

Mike Fell, Executive Director of National Cyber Security Operations at NHS England, will deliver an insightful session on the latest cyber trends and challenges affecting the National Health Service. As cyber threats become increasingly sophisticated, the NHS must adapt to protect critical healthcare infrastructure and patient data.

In this session will cover:

  • Emerging Cyber Threats: An analysis of the latest threats targeting the healthcare sector, including ransomware attacks, phishing schemes, and exploitation of remote working vulnerabilities.
  • Impact of Digital Transformation: How the rapid adoption of digital technologies within the NHS introduces new security challenges and what can be done to mitigate associated risks.
  • Regulatory Compliance: Updates on compliance requirements such as GDPR and the NHS Data Security and Protection Toolkit, and how they influence cybersecurity strategies.
  • Building Cyber Resilience: Strategies for enhancing the NHS's ability to prevent, detect, and respond to cyber incidents, including the implementation of advanced threat monitoring and incident response plans.
  • Collaborative Defense Initiatives: The importance of collaboration between different NHS organizations and with external partners to strengthen overall cybersecurity posture.

10:00

Navigating the Cyber Threat Landscape: Challenges and Best Practices in NHS Cyber Security Panel Discussion

Barry Richardson
Head of Cyber Security and Information Security
NHS Blood and Transplant

Overview:

This opening session addresses the increasing complexities and challenges facing the NHS in its cyber defense efforts. Panelists, including experts in healthcare IT and cybersecurity, will explore vulnerabilities within legacy systems, emerging technologies, and the recent surge in sophisticated attacks like ransomware-as-a-service (RaaS) and supply chain intrusions.

Key discussions will focus on lessons learned from recent incidents, approaches to predictive threat modelling, and best practices to enhance NHS cybersecurity resilience. Attendees will gain insights into developing a proactive approach to cyber threats that is responsive to both immediate and long-term risks.

Panellists:

  • Barry Richardson, Head of Cyber Security and Information Security, NHS Blood and Transplant (Confirmed)
  • Mike Fell, executive director of national cyber security operations at NHS England (Invited)
  • Tej Gudka Head of Cybersecurity, NHS Arden & GEM Commissioning Support Unit (Invited)
  • Anna Evans, Threat Hunter, NHS England (Invited)

10:30

Main Sponsor - Crowdstrike

Main Sponsor - Crowdstrike

10:50

Morning Break & Networking

Morning Break & Networking

11:50

Chair Morning Reflection (Confirmed)

Bharat Thakrar
CISO
CyberBTX

Chair Morning Reflection (Confirmed)

11:55

Case Study - boxxe

Case Study - boxxe

12:15

Case Study - StratoDesk Software

Case Study - StratoDesk Software

12:35

Interview session - The Next generation of CISO – What should the Executive Board look for in this crucial appointment? (Confirmed)

Azeem Bashir
Group Chief Information & Security Officer - CIO\CISO - President - Chair - Cyber Committee Member for EMEA & Asia-PAC -
Hamilton Group

The lasting effects of the global economic downturn have also forced many organisations to introduce significant efficiencies in their operations. This means businesses are now far more likely to adopt new technologies or approaches that reduce costs, irrespective of the risks they might introduce. And too often, businesses still lack a dedicated, board-level owner of cyber security and risk management who is engaged in the overall strategy of the business.

Organisations must move quickly to understand and manage fast-changing cyber and other social media threats, or risk being caught out. Equally, managing these new cyber opportunities and risks can bring benefits in innovation, productivity, competitiveness and customer engagement.

One answer to this is to implement a next-generation chief information security officer (CISO). Building on the traditional skills of information security officers, next-generation CISOs have a wide skillset that includes an understanding of cyber security and risk management, as well as an ability to communicate at C-suite level.

Traditional Chief Information Security Officer skills are no longer enough!

Of course, the basics remain the same: information security (IS), information risk management (IRM), data protection and classification, and oversight of audits, governance and compliance, as well as technical, operational, legal and regulatory risks. But the basics are no longer enough. 

Too many businesses are leaving themselves vulnerable to today’s cyber security threats by relying on an outdated structure that includes a traditional information security risk manager typically reporting to the chief information officer. With cyber threats growing daily, a dedicated owner of cyber security and information risk management at board level is now vital.

The business and threat landscape is changing rapidly, and organisations that don’t keep up are at serious financial, reputational, legal and regulatory risk.

Ultimately, the boards will be held accountable.

12:55

Case Study

Case Study

13:15

Lunch & Networking

Lunch & Networking

14:00

Chair Afternoon Address (Confirmed)

Bharat Thakrar
CISO
CyberBTX

Chair Afternoon Address (Confirmed)

14:05

Case Study

Case Study

14:25

Keynote Presentation - Dr Shahrzad Zargari, YCSC: South Yorkshire Chapter Lead. Principal Lecturer and Subject Group Lead in Cyber Security & Forensics at Sheffield Hallam University (Invited)

Keynote Presentation - Dr Shahrzad Zargari, YCSC: South Yorkshire Chapter Lead. Principal Lecturer and Subject Group Lead in Cyber Security & Forensics at Sheffield Hallam University (Invited)

14:45

Case Study

Case Study

15:05

Closing Panel Debate: Building Resilience: Incident Response and Resilience Planning in the NHS

Steven Furnell
Professor of Cyber Security
University of Nottingham

Overview:

This final session brings together a panel of cybersecurity leaders to discuss the crucial topic of incident response and resilience planning within the NHS. As cyber threats continue to evolve, the NHS must be prepared with robust frameworks for rapid detection, containment, and recovery.

This debate will cover the essential elements of an effective incident response plan, including prioritising patient safety, minimising operational disruptions, and collaborating with third-party vendors to enhance resilience. Attendees will gain a deeper understanding of the strategies and tools that can help the NHS remain resilient against future cyber threats.

Panellists:

  • Dr. Shahrzad Zargari, Principal Lecturer and Cyber Security & Forensics Subject Group Lead at Sheffield Hallam University. (Invited)
  • Dr Saif Abed, Medical Doctor | Cybersecurity Expert | AI Risk Management | Expert Witness | The AbedGraham Group | European Commission | World Health Organisation (Invited)
  • Steven Furnell, Professor of Cyber Security at the University of Nottingham (Confirmed)

15:35

Hot Buffet Food & Drinks

Hot Buffet Food & Drinks

17:00

End of Day

End of Day

Convenzisvents

Your Pass Includes....

  • Access to a leading conference speaker programme
  • Interactive Q&A sessions
  • Fireside interviews
  • Cross-sector best practice
  • Meet the supplier opportunities
  • Hot breakfast & Lunch included
  • Access to post event drinks reception and Street food

Tickets For NHS Senior Managers

We have an invite only option for NHS Senior Managers for our conference, to see if you qualify for a complimentary place please click the button below.

Register your place

Book tickets

Ticket
Price
Quantity
Charity, Not for Profit and University (In-Person)
£203.99 excl VAT
Limited places
0
Private Sector (In-Person)
£500.00 excl VAT
Limited places
0
Free NHS Ticket
£0.00 No VAT
Limited places
0

Our accreditations

abpco 2021
Manchester Bee
CPD Member
Living Wage Member
Good Employment - Sponsor
Good Employment - Member
Armed Forces Covenant
Tech UK
IHSCM
FSB
Ban The Box
Stockport County
cpdgroup