Digital Infrastructure & Security

CyberSecure 2027: The NHS Cyber Security Conference

Book tickets
Start
08:30 am
Finish
17:00 pm
Date
25 Feb, 2027
Location
etc.venues, Prospero House, 241 Borough High St, London, SE1 1GA Plan your visit
CyberSecure 2027: The NHS Cyber Security Conference

CyberSecure 2027: The NHS Cyber Security Conference

Building cyber ready NHS organisations for a digital, data driven and AI enabled future

All Convenzis Events Provide 8 CPD Points Per Delegate

Take part in our conference prize draw by visiting all stands and scanning your lanyard at each for a chance to win £100 voucher.

Sponsors & Partners

Current Landscape and Challenges

Cyber security is now a patient safety, operational resilience and public trust priority for the NHS.

As health and care services become more digital, the risk profile is changing quickly. EPRs, shared care records, AI tools, cloud platforms, connected devices, remote access, supplier systems and national data platforms are now embedded into how care is delivered. This creates major opportunities for better care, but also increases the need for stronger identity controls, data protection, supplier assurance, incident response and business continuity.

The DHSC Cyber Security Strategy for Health and Social Care 2023 to 2030 sets a clear ambition for health and care organisations to become cyber resilient by 2030. This places cyber security firmly within the wider NHS transformation agenda, not as an IT issue, but as a board level requirement for safe, trusted and sustainable digital care.

Recent incidents have shown the scale of the risk. The Synnovis ransomware attack in June 2024 disrupted pathology services across London, creating delays, cancellations and manual workarounds across multiple care pathways. It highlighted how quickly cyber disruption can move from systems and infrastructure into direct operational and clinical impact.

CyberSecure 2027 will bring together NHS leaders, cyber teams, digital transformation teams, information governance specialists, operational leaders and suppliers to explore how the NHS can move from compliance led assurance to practical, system wide resilience.

Timeliness of the Event

CyberSecure 2027 comes at a critical point for the NHS.

The government’s 10 Year Health Plan places digital transformation, data and technology at the centre of NHS reform. That shift will only be successful if patients, staff and the public can trust the systems, data and suppliers that support it.

Policy is also moving quickly around ransomware, incident reporting and organisational accountability. NHS organisations need to prepare for a future where cyber incidents are judged not only by technical recovery, but by their impact on patient care, continuity, public confidence and board level decision making.

The event is therefore timed to support NHS organisations as they prepare for the next phase of cyber policy, assurance, procurement and operational readiness. It also creates a strong platform for suppliers who can support NHS teams with cyber resilience, identity and access management, endpoint protection, staff awareness, AI threat detection, third party risk, cloud security, business continuity and recovery.

Key Challenges We Will Discuss

  • Moving from annual compliance to continuous cyber resilience.
  • Preparing for the DHSC 2030 cyber resilience ambition.
  • Treating cyber security as a patient safety and clinical continuity issue.
  • Preparing for ransomware disruption, reporting duties and potential payment restrictions.
  • Strengthening board level cyber governance, accountability and risk reporting.
  • Improving identity, access control, MFA, privileged access and role based access.
  • Securing EPRs, shared care records, data platforms, cloud environments and AI tools.
  • Managing third party risk across suppliers, managed service providers and digital partners.
  • Protecting connected medical devices, endpoints, networks and operational systems.
  • Building practical business continuity plans for diagnostics, theatres, outpatient services, urgent care, medicines and referrals.
  • Responding to AI enabled phishing, impersonation, social engineering and workforce risk.
  • Improving public trust around health data, supplier access and digital transformation.
  • Aligning DSPT evidence, NCSC guidance, ICO expectations and internal assurance processes.

 

Who Would Benefit

This event is designed for NHS and public sector leaders responsible for cyber security, digital transformation, data protection, information governance, operational resilience and patient safety.

It will be particularly relevant for CIOs, CCIOs, CISOs, SIROs, Caldicott Guardians, data protection officers, information governance leads, EPR programme leads, digital transformation teams, risk and governance leads, emergency planning and business continuity teams, clinical safety officers, procurement leads, supplier assurance teams, operational managers and board members.

It will also be valuable for suppliers supporting the NHS with cyber security, identity and access management, endpoint protection, cloud security, data platforms, staff training, resilience planning, managed services, AI governance and secure digital transformation.

Your Pass Includes....

  • This conference is CPD accredited. Attendees will be eligible to gain 8 CPD points upon completion of the event.
  • Access to a leading conference speaker programme
  • Interactive Q&A sessions
  • Leadership Lessons from the Front Line
  • Cross-sector best practice
  • Meet the supplier opportunities
  • Hot breakfast & Lunch included
  • Access to post event drinks reception and Street food

Tickets For NHS Senior Managers

We have an invite only option for NHS Senior Managers for our conference, to see if you qualify for a complimentary place please click the button below.

Register your place

Convenzis events

Conference Speakers

Barry
Richardson

Head of Cyber Security and Information Security

NHS Blood and Transplant

Read biography

Mayowa
Ogunmoroti

Cybersecurity Lead

Barts Health NHS Trust

Read biography

The programme

08:30

Registration & Networking

Registration - Open from 8:30 am - Closes at 11:00 am

All delegates must complete their registration process before the 11:00 AM cut-off time. Please arrive in a timely manner to allow for registration and to avoid any inconvenience. Delegates who arrive after the registration deadline will be refused entry to the event.

We appreciate your cooperation in helping us maintain the event's schedule and ensuring that everyone can fully participate in the Conference. If you have any questions or require assistance, our event staff will be available to assist you with the registration process.

Thank you for your understanding, and we look forward to an insightful and productive event together!

09:30

Chair Opening Address

Nasser Arif, Cyber Security Manager, Digital Services, London Northwest University Healthcare NHS Trust and The Hillingdon Hospitals NHS Foundation Trust

Provisionally Confirmed
09:40

Keynote Presentation - Cyber Resilience by 2030: Board Assurance, Supplier Risk and System Wide Delivery

Invited Speaker - Gourav Manipatruni, Chief Technology Officer, NHS Surrey Heartlands ICS

Session Overview:

This leadership interview will explore what cyber resilience means in practice across an integrated care system, with a focus on board level accountability, assurance and supplier risk. Gourav will share reflections on how NHS organisations can strengthen cyber governance, manage third party risk across the technology estate and ensure digital infrastructure supports safe, resilient transformation.

The session will also consider how system leaders can move from compliance led assurance to practical resilience, supporting the NHS ambition to become cyber resilient by 2030.

  • What cyber resilience by 2030 means in practice for integrated care systems and NHS digital infrastructure.
  • Strengthening board level accountability, assurance and cyber risk reporting across complex NHS environments.
  • Managing supplier and third party risk to support safe, secure and resilient digital transformation.
Invited
10:00

Morning Skills Clinic - When Systems Go Down: Ransomware Readiness, Reporting Duties and Clinical Continuity

Session Overview:

This panel will explore how NHS organisations can prepare for ransomware incidents in a changing policy environment.

Discussion points will include payment restrictions, mandatory reporting, executive decision making, communications, operational workarounds, supplier escalation, mutual aid and how to protect patient services when digital systems are disrupted.

Confirmed
10:30

Main Sponsor

Main Sponsor

10:50

Morning Break & Networking

11:50

Chair Morning Reflection

Nasser Arif, Cyber Security Manager, Digital Services, London Northwest University Healthcare NHS Trust and The Hillingdon Hospitals NHS Foundation Trust

Provisionally Confirmed
11:55

Case Study

Case Study

12:15

Case Study

Case Study

12:35

Leadership Interview Session - From the Front Line to the Board: Lessons in NHS Cyber Leadership

Session Overview:

This interview style session will provide a practical leadership perspective on what it takes to manage cyber risk in a live NHS environment.

The conversation should explore board engagement, clinical leadership, risk appetite, incident learning, culture change, investment decisions and how to make cyber security meaningful to staff beyond the IT department.

12:55

Case Study

Case Study

13:15

Lunch & Networking

14:00

Chair Afternoon Address

Nasser Arif, Cyber Security Manager, Digital Services, London Northwest University Healthcare NHS Trust and The Hillingdon Hospitals NHS Foundation Trust

Provisionally Confirmed
14:05

Case Study

Case Study

14:25

NHS Deep Dive - Detection, Response and Network Resilience: Building a Cyber Operating Model That Works

Session Overview:

This NHS case study will explore how cyber, network and security teams can work together to strengthen operational resilience across a large NHS trust. The session will focus on practical approaches to threat detection, incident response, network security, escalation routes and service continuity, with reflections on how NHS organisations can build cyber operating models that protect patient services and support safe digital transformation.

Key Delegate Outcomes

  • Understand how cyber security and network teams can work together to improve detection, response and resilience across complex NHS environments.
  • Learn practical approaches to incident escalation, operational response and maintaining service continuity during cyber disruption.
  • Explore how improved network visibility, assurance and security controls can support safer digital transformation and reduce risk to patient services.
Confirmed
14:45

Case Study

Case Study

15:05

NHS Deep Dive - Securing Shared Data, Digital Trust and Information Governance in the Cyber Resilient NHS

Speaker:

  • Aung Tun, Information Governance Manager, St George’s University Hospitals NHS Foundation Trust

Session Overview:

This NHS deep dive will explore the role of information governance, data protection and risk management in supporting cyber resilience across modern NHS digital environments. Drawing on experience across clinical and non clinical digital projects, Aung will discuss how governance, risk and compliance can be applied in a practical way to support safe data use, protect patient information and build confidence in digital transformation. The session will also consider how NHS organisations can strengthen assurance around shared care records, EPRs, data platforms, AI enabled tools and supplier access.

Key Delegate Outcomes:

  • Understand how information governance and cyber security can work together to support safe digital transformation.
  • Explore practical approaches to evaluating, monitoring and managing data protection and security risks.
  • Learn how stronger governance can support digital trust across shared records, data platforms, AI tools and supplier systems.
Provisionally Confirmed
15:25

Afternoon Skill Clinic - Cyber Ready by 2030: Assurance, Accountability and Practical Action

Speaker:

  • Mayowa Ogunmoroti, Cybersecurity Lead, Barts Health NHS Trust

Session Overview:

The closing panel will bring together NHS cyber, digital, governance and operational perspectives to explore what needs to happen next as the health and care system works towards cyber resilience by 2030.

The discussion will focus on how NHS organisations can move from compliance-led activity to continuous cyber resilience, with practical reflections on assurance, risk reporting, DSPT, NCSC CAF, supplier accountability, incident readiness and board-level ownership. Panellists will also consider how cyber teams can work more closely with information governance, digital, clinical and operational colleagues to protect patient services and build trust in digital transformation.

Key Delegate Outcomes:

  • Understand how NHS organisations can turn DSPT, NCSC CAF and wider cyber guidance into practical assurance and improvement.
  • Explore how cyber resilience by 2030 can be supported through stronger accountability, governance and risk reporting.
  • Learn how cyber, digital, information governance and operational teams can work together to protect patient services and build digital trust.
Provisionally Confirmed
15:40

Take part in our conference prize draw by visiting all stands and scanning your lanyard at each for a chance to win £100 voucher.

15:45

Tea, Coffee & Networking

16:45

End of Day

End of Day

Book your tickets

Book your tickets

Charity, Not for Profit and University (In-Person)
£203.99 excl VAT
Limited places
0
Private Sector (In-Person)
£500.00 excl VAT
Limited places
0
Free NHS Ticket
£0.00 No VAT
Limited places
0

Our accreditations

abpco
Manchester Bee
Living Wage Employer
Good Employment
Good Employment Member
Armed Forces Covenant
Tech UK
IHSCM
FSB
Ban The Box
Stockport County
cpdgroup
Q-Park