Speakers

Emma is CEO of the IASME Consortium Ltd, an organisation that delivers accessible cyber security certification for organisations of all sizes and supply chains.  IASME is best known for being the UK Government’s sole Delivery Partner for the Cyber Essentials scheme.  Emma is also Founder and Manager of IASME Community CIC, a not-for-profit organisation leading an initiative to train unemployed neuro-divergent adults in cyber security and supporting them to find employment.  In 2019 Emma was awarded an MBE for services to cyber security.

Heather is a Chartered Engineer, Chartered Cyber Professional and Fellow of the BCS -  The Chartered Institute of IT. She is currently Principal Cyber Specialist for the ICO. With over 25 years’ experience in IT, Cyber Security and Information Governance Heather is passionate about highlighting the importance of cyber security in safeguarding our communities. She believes security should be user focussed, incorporated by design, and communicated clearly to stakeholders at every level.

Prior to her current role, Heather was Cyber Policy Lead for the DfE, where she spearheaded work on digital and technology standards in schools and colleges. She has previously developed and led award winning Local Authority data, online safety and cyber services, led national projects for the NCSC and managed government Cyber Security programmes. Heather is part of a number of national and international regulatory forums, steering groups, and advisory boards, including the EMCRC and iCSS. She has authored numerous, published, peer-reviewed articles and whitepapers, focussing on digital security and digital safety for children, including work with 5Rights and the Digital Futures Commission.  

Heather holds a number of certifications, including Certified Information Security Manager (CISM), Certified Data Privacy Solutions Engineer (CDPSE), Certified Information Privacy Professional (CIPP/E) Certified Information Privacy Manager (CIPM), and is an active member of the IEEE, IAPP and ISACA.   

Ceri is an Information Security Specialist at Mindera, working in tech for over 20yrs and over a decade of experience focused on people, behaviour, and how humans shape security.

She enjoys exploring creative ways to see security through a different lens — one that starts with people and their real working lives. Rather than prescribing rules that are impossible to achieve, Ceri believes in listening, understanding, and co-creating approaches that make sense for individuals and teams.

Her mission is to make security feel human, approachable, and possible. By using positive language and focusing on building confidence in others, she works to shift security from being a topic for the few, to becoming something people can genuinely connect with and benefit from.[BM1] 

Nathalie Lowe is the Director of Projects and Operations at the Digital Regulation Cooperation Forum (DRCF). 

She is a regulatory leader at the forefront of innovation, technology, and public trust. At the DRCF, she united the FCA, CMA, Ofcom, and ICO on high-profile initiatives, pioneering cross-regulator collaboration with real impact. 

At the FCA, she modernised regulation, while championing artificial intelligence and emerging technologies to drive smarter compliance and unlock innovation. 

With a clear vision for technology-positive regulation, she is dedicated to harnessing innovation to deliver lasting impact for markets and society.

Kate Jones is the Chief Executive Officer of the Digital Regulatory Cooperation Forum. Kate leads this innovative team, working to increase and deepen coordination between regulators of online services and technology for the benefit of both businesses and their customers.

Before joining the DRCF, Kate was an expert consultant and researcher on the governance of emerging technologies, with particular regard to human rights law, public international law and diplomacy. She was an Associate Fellow with the International Law Programme at Chatham House, Senior Associate with Oxford Information Labs, and member of the advisory board of an AI ethics company. She has published and spoken widely on aspects of national and international tech governance, with specialisms in artificial intelligence, disinformation and foreign interference, and the role of technical standards.

Stuart is a Cyber and Digital leader who joined Ofgem in 2019. He has been responsible for setting up the Cyber Regulatory function at Ofgem, leading to the implementation of Downstream, Gas & Electricity Network & Information Systems (NIS) compliance frameworks, as well as technical guidance for RIIO Price Control investment.  In his career, he has led global digital teams; designing, building and delivering on new innovative technology platforms and was previously the Microsoft Chief Information Security Advisor and Accenture Partner.

Nihal leads Ofcom’s security and resilience policy work, setting strategic policy direction in relation to the telecommunication and internet infrastructure sectors., which are part of the UKs critical national infrastructure. She is responsible for overseeing policy aspects of Ofcom’s regulatory supervisory regimes, including design and implementation of new or enhanced responsibilities.

Nihal has a business management background, with a breadth of cross-sector experience and deep expertise in navigating complex regulatory and governance environments. She has led strategic policy and technical programmes and is a member of Ofcom’s Operations Board, Senior Leadership Group and Technology Profession.

She is passionate and committed to diversity, equity and inclusion, driving change at sectoral level by leading Ofcom’s initiative in 2023, Women in Tech pledge in the telecoms sector and is Patron of the Institute of Telecoms Professionals (ITP).

Prior to joining Ofcom, Nihal has worked in the transport and infrastructure, travel and tourism sectors, leading business management functions.

Prior to joining Darktrace, Toby spent 15 years in the UK Government, including as the UK National Cyber Security Centre’s Deputy Technical Director for Incident Management. He has specialist expertise in Security Operations, having worked across Cyber Threat Intelligence, Incident Management, and Threat Hunting. He has presented at several high-profile events, including the NCSC’s flagship conference, CyberUK, the SANS CyberThreat conference, and the Cheltenham Science Festival. He was a lead contributor to the first CyberFirst Girls Competition, championing greater gender diversity and works with the 93% Club to promote social mobility more broadly.

M. Angela Sasse is the Professor of Human-Centred Security at Ruhr University Bochum, Germany, and at University College London, UK. 

She holds an MSc in Occupational Psychology from Sheffield University and an PhD in Computer Science from the University of Birmingham. She started to researching usability and acceptance issues with IT security in the 90s, and carried out many industry-based studies showing friction between security and other organisational goals, leading to compliance “on paper” but not “in practice”.  She was the founding Director of the UK Research Institute for Science of Cyber Security (RISCS – www.riscs.org.uk) from 2012-2017, which promotes multidisciplinary evidence-based research into cyber security policies and measures. Since 2018 she been a speaker of the Exzellzcluster CASA https://casa.rub.de/en/. She is a Fellow of the Royal Academy of Engineering and of the German National Academy of Sciences “Leopoldina”.

Gerry McQuaid is the Director for Telecoms and Internet Security at Ofcom with a focus on regulating the technical aspects of security within the regimes of the Telecoms Security Act and NIS Directive. Prior to this role he took a detour for a number of years in The Hague securing an international organisation’s operations. With thirteen years working for Vodafone Group and seven for Ericsson, he was responsible for managing the various national security obligations globally from lawful interception, data retention through to security assurance. He has chaired or participated in a number of security standards committees, Additionally, he has invested time advising various international bodies (EuroPol and ENISA) particularly on capacity building and specific vendor related oversight e.g. evaluation centres and supply chain security.

Ola Michalec is a Lecturer in Digital Futures at the Bristol University. Ola’s research interests revolve around understanding how experts from diverse fields resolve tensions between maintaining and innovating critical digital infrastructures. Her recent project produced advice to the UK Government on growing the cyber security industry and workforce. Ola plays an active role in several communities such as the Research Institute for Sociotechnical Cyber Security or the Advisory Board for the UKRI Digital Twin Network+.

Liz is the Deputy Director for Cyber Security and Resilience Strategy and Legislation for the Department for Science, Innovation and Technology, and directly oversees the government's work for the upcoming Cyber Security and Resilience Bill. She joined the department in April 2025, having previously worked in the No10 as an advisor to the Prime Minister for three years, covering housing, local government, and local growth. Liz has worked in the civil service for over ten years, across various departments in policy, economist and Secretary of State private office roles.

Professor Carsten Maple is the Director of the NCSC-EPSRC Academic Centre of Excellence in Cyber Security Research and Professor of Cyber Systems Engineering at the University of Warwick. He is also Director for Research Innovation at EDGE-AI, the National Edge Artificial Intelligence Hub, and a Professor and Fellow of the Alan Turing Institute, where he is a principal investigator on a $9 million project developing trustworthy digital infrastructure.  Carsten is also a Research Affiliate at Judge Business School, and is a departmental visitor at the Computer Laboratory for 2025-2026, both University of Cambridge. He has an international research reputation, having published over 450 peer-reviewed papers. His research has attracted millions of pounds in funding and has been widely reported through the media.

Tim Capel is currently acting as Interim Executive Director for Regulatory Supervision at the Information Commissioner’s Office (his substantive role is a Legal Director). In his current role, he is responsible for leading supervision and enforcement matters, one of the biggest directorates at the ICO. This includes ensuring that we are positioned to effectively regulate in the digital landscape and that our investigations, regulatory cyber, audit and assurance teams deliver their strategic plans. He has oversight of some of our most high-profile work, reporting directly to and being a part of the ICO’s Management Board and Executive Team.

Tim joined the ICO as a Legal Director in September 2022 from the Competition & Markets Authority, where he was also a Legal Director. Prior to this, Tim worked at the law firm Hogan Lovells in London as a senior associate in the Antitrust, Competition and Economic Regulation team.

Shiv Kaul is the Deputy Chief Information Security Officer at the Financial Conduct Authority where he leads the Cyber Strategy, Defence & Intelligence and Operational Assurance functions in the Cyber & Operational Resilience Directorate. He also leads the FCA’s cyber transformation programme - the largest multi-year technology investment programme ever made by the Authority. His extensive experience in digital business and cyber security provides him with unique expertise in secure and resilient digital operations.

Prior to joining the FCA, he was a Divisional CIO at BP where he owned the technology agenda for several corporate risk functions, including Group Risk, Group Legal (in-house legal operations for 1000+ lawyers), Group Compliance, Group Safety and Operations and Group Audit. Shiv is a former management consultant and has also published research on biologically-plausible learning models based on computational neural networks.

A keynote speaker on the convergence of cyber and operational resilience, Shiv draws on hands-on operating experience to provide a practitioner’s perspective on the evolving regulatory environment.