ISfL Annual Conference 2024

SocitmDate: Thursday 28th March 2024
Time: 10:00am – 4:30pm
Venue: Queen Elizabeth II Centre, Broad Sanctuary, London

Chain of Trust: fortifying supply chain security

SOCThis event is a pivotal opportunity for public sector leaders, cybersecurity experts and stakeholders to converge and explore the critical aspects of securing supply chains in an increasingly complex digital landscape. Gain insights into the latest cybersecurity threats, strategies and best practices aimed at safeguarding supply chains, ensuring uninterrupted public services and fortifying the resilience of critical infrastructure.

This conference includes a supplier exhibition giving attendees the chance to talk about the various solutions on offer from the private sector.

This conference is open to all public sector WARP members and attendance is free. If you are a supplier and are potentially interested in being involved in the conference, please contact ISfL using the contact form.


About the venue:

The Queen Elizabeth II Centre is conveniently located in Westminster on Broad Sanctuary just opposite Westminster Abbey. It is the largest dedicated conference space in central London. See for more information.


09:30 Registration
10:00 Welcome & Chair’s Keynote – Colin Williams, Chair
10:20 Partner Keynote I – Richard Cassidy, CISO, Rubrik
10:40 Cyber Assessment Framework for Local Government – Katie Owen, DLUHC
11:00 CTAG update – Cliff Dean, CTAG Deputy Chair
11:15 Break & networking
11:35 Keynote speaker – Lorraine Dryland, CISO, First Sentier
12:05 Engaging with our suppliers – Jay Saggar, LOTI
12:25 ISfL update – Ranisha Dhamu, ISfL
12:40 Lunch & networking
13:30 Welcome back – Colin Williams
13:35 Supply Chain Assurance – NCSC
13:55 Overcoming the Resource and Upskilling Need in Third-party Risk – Haydn Brooks, CEO, Risk Ledger
14:15 Panel session: Supply Chain – a complex problem or a needless rabbit hole
14:45 Break & networking
15:00 Ambient Cyber City Jazz – Bruce Thomson, ISfL
15:40 Defend as One – Michael Pickett, JISC
16:00 Closing remarks – Colin Williams


CWColin Williams – Chair
After 25 years (almost successfully) pretending to have a clue about anything technical, Colin has (mostly) departed from the commercial realm for a short sojourn in full time academia and embarked on a temporary new existence as a PhD student researching the history of British Cybernetics at the University of Oxford. He continues to be an Honorary Fellow at the University of Warwick and a Visiting Professor at De Montfort University.

Richard CassidyRichard Cassidy – Rubrik
Richard, is a “Forbes Technology Council” member, consulting to businesses on cyber security, resilience and risk management strategies for more than 22 years, working across highly regulated industries. During his career, Richard has been helping organisations to mature their security response, compliance, risk management, automation & orchestration practices.

Richard’s security operations experience includes managing breach response, threat intelligence & threat hunting teams, as well as teaching customers a practical understanding of how their data and assets are targeted by cyber-criminal groups, in a bid to drive effective security practices and mitigation strategies in the industry. Richard has led major breach investigations across CNI (Critical National Infrastructure), Finance, Military and Educational institutions over the past decade.

Katie OwenKatie Owen – DLUHC
Working as part of the Local Government Association’s Cyber, DIgital and Technology team Katie has worked with councils to improve their cyber security for the last five years. She has recently joined the Department for Levelling Up, Housing and Communities’ Local Digital team on a secondment to support the assessment and management of cyber resilience in local government. This involves working as part of the team developing the Cyber Assessment Framework for Local Government.

Jay SaggarJay Saggar – LOTI
At LOTI, Jay works with London Borough Chief Information Officers to experiment with innovative approaches to cyber security. As part of LOTI’s broaders mission to enable collaboration Jay has facilitated multi-borough pilots that test out new cyber security technologies and how they can deliver benefits at both a local and collective – pan London level.

Lorraine DrylandLorraine Dryland – First Sentier
Lorraine has been really fortunate to have worked in some really interesting and challenging roles over the past 25 years, both in the public and private sector.

A seasoned and accomplished Global CISO with a proven track record of developing and implementing comprehensive security and technology strategies, Lorraine has a background that combines strategic, operational and technical experience. She is adept at designing, launching and scaling functions managing vendors and managing multi-million-pound Technical Investments.

With a MSc in Forensic Computing and Cyber Crime Investigation and currently pursuing an Executive MBA, Lorraine is committed to staying on the cutting edge of industry, continuously learning and adapting to new technologies and emerging threats.

BTBruce Thomson – ISfL
Over the last three years, Bruce has delivered presentations, workshops and lectures on various cyber security topics to the UK public sector through the Cyber Technical Advisory Group (CTAG), and is a sought-after speaker at regional cyber security groups (WARPs). He developed the zED application in 2019 which has been helping the broader UK public sector improve its email standards, allowing organisations to understand their risk to inbound email, and the broader community to level up and achieve the Epic email standard.

Recently he has turned his attention to the dark web and ransomware groups, debunking some of the myths as well as providing just-in-time information on when data and attacks are published, this data is already in use by the UK WARPs and indeed consumed by some private sectors SOCs and other organisations. This work makes use of evolving AI techniques and machine learning as well as some good old-fashioned bash scripts!

RDRanisha Dhamu – ISfL
For the past 25 years, Ranisha has dedicated her career to the local authority sector. Her journey into Information Governance and security began roughly 15 years ago, leading her to her current role as the Cyber & Compliance Manager at Shared Services, overseeing Brent, Lewisham, and Southwark. Her expertise in this field extends beyond her immediate responsibilities, as she chairs the Pan London Information Governance Forum (IGfL), participates in the ISfL steering group, and contributes actively to the National Strategic Information Governance Network (SIGN). Additionally, Ranisha has lent her expertise to numerous working groups, collaborating on large-scale projects spanning the Public Sector, including the NHS. She is also a valued member of SASIG and ISACA.

Beyond her professional commitments, Ranisha is involved in her community. She serves as the chair of governors at her children’s former primary school and holds a directorship within a federation of 10 academy primary schools across Buckinghamshire, Hillingdon, and Slough, where she focuses on Information Governance, Data Protection, Information Security, and Safeguarding.

HBHaydn Brooks – Risk Ledger
Originally a Big 4 cyber risk consultant, Haydn experienced the day to day issues that came with running a supply chain assurance programme. He found that current programmes were far from frictionless and actively caused clients and their suppliers’ headaches.

These pain points led him to found Risk Ledger. Risk Ledger is a technology platform that combines a security governance platform with a secure social network. Now one full-time employee can run an entire assurance programme for over 1000 vendors, quickly see where their supply chain concentration risks are and identify potential third-party vulnerabilities.

In the last couple of years, Risk Ledger has gone from strength to strength, winning the Cyber Den/Most Innovative Cyber Company Award and being named as one of Forbes’ Tech Champions of 2022. In addition, Haydn was featured on the Forbes 30 under 30 list.

CDCliff Dean – CTAG
Cliff brings knowledge and in-depth experience of Transformation delivery within Local Government and NHS, Governance, Digital Delivery and Stakeholder Engagement. Innovative leadership of business goal-focused transformational change. His work on National IT initiatives has seen in being active within SOCITM in both Futures Group and the Local CIO Council, working with the LGA, Local Government Digital Committee and on the Cyber Security Focus he Chair’s Cybershare East (WARP) and is the Cyber Technical Advisory Group Deputy Chair. In the day job he looks after North Kesteven an West Lindsey District Council, operating a shared service partnership.

Headline Sponsors

Risk Ledger

Exhibiting Sponsors

Core to Cloud
cds Defence & Security
Human Security