Risks, Governance and Crisis Response
The last year has witnessed major hacks on high profile corporations that inflicted massive damage to business confidence and compromised the data of millions of consumers. Attacks such as WannaCry and Not-Petya demonstrated the capability of state-sponsored actors to cause major disruption and highlighted a range of international cyber security vulnerabilities.
As businesses and citizens attempt to understand and protect themselves against these threats, the cyber landscape is experiencing a period of rapid change driven by growth in internet of things (IoT) technologies and the design and deployment of artificial intelligence (AI). Without consideration of the emerging security challenges these technological developments present, a range of potential new risks even more catastrophic than recent attacks could emerge.
While governments attempt to keep up with the pace of change, cyber attacks continue to grow in scale and complexity, putting them under pressure to respond with protectionist policies and in some countries creep towards ever increasing ‘cyber sovereignty’. The risk of an increasingly fragmented cyberspace is now very real.
In this context, Chatham House Cyber 2018 will take stock of the current situation and:
- Identify and explore state-sponsored cyber threats and assess the main reasons behind the targeting of specific businesses and sectors by cyber attackers
- Evaluate where government cyber policy frameworks are keeping up and where they are not
- Explore how the risks posed by the IoT can be managed and how responsibilities for security can be shared
- Assess the impacts and security considerations of AI technologies and systems
- Consider strategic approaches to quantify and control cyber risks and improve cyber crisis management practices when things go wrong
The Chatham House Rule
To enable as open a debate as possible, this conference will be held under the Chatham House Rule.
Thursday 28 June
Session One | New and Ongoing Risks to Business and Nationally Critical Infrastructure
In the context of increasing cyber attacks on major companies and critical national infrastructure around the world, this opening session will address the latest developments and ask what has been attacked, what is still being attacked and why. It will both explore state-to-state threats and assess the main reasons behind the targeting of specific businesses and sectors.
Session Two | Government Policy and Approaches to Cyber Challenges
As cyber attacks continue to grow in scale and complexity, governments are facing increasing pressure to protect their economies and national security. At the same time, technological advances such as IoT and AI are changing how citizens live and work. This session will explore where, in an increasingly connected world, policy frameworks are keeping up, where they are not and what the consequences are for the future.
- How is pressure on national governments to act forcefully on domestic security issues shaping the cyber policy landscape?
- Will moves towards ‘cyber sovereignty’ in some countries intensify? What consequences could increasingly protectionist policies towards data localization and encryption have for the future of the internet?
- What real progress is being made in the fight against cyber crime? Who is leading this?
- One-third of internet users are children. How can the rights of children be protected online and policies developed to reflect the realities of children’s online behaviour?
Session Three | Security and Standards in the Internet of Things (IoT)
With the number of IoT devices across the world projected to more than double by 2020 to more than 20 billion, there is significant potential for new vulnerabilities to be created by increased cyber connectedness. This session will explore how the risks posed by the IoT can be managed and how responsibilities for security can be shared.
- The IoT has exposed systemic weak points in the internet architecture. How can security be built into devices, software applications and network connections?
- To what extent will privacy and security concerns affect the proliferation of the IoT?
- How are national and international standards and product certification initiatives for IoT technologies developing?
- As IoT grows, many established, traditional companies will become de facto technology companies. What new business models and ways of working will, or should, this bring?
Session Four | Impacts and Security Challenges of AI
Although AI presents huge opportunities, the development and use of AI technologies poses significant governance and security challenges. AI will also continue to have a major impact on the internet economy and internet security. This session will address the impacts and security considerations of AI technologies and systems.
- How can AI technology help to address broader cyber security challenges?
- Which security considerations should be addressed in the design and use of AI technologies?
- In which sectors will AI have the most impact? Which established companies are best placed to grow their businesses in this area?
- AI presents enormous opportunities to transform work and industries, but what is being done to plan for disruptions caused by AI to current structures?
- How is AI different from previous technological revolutions?
Friday 29 June
Session Five | Cyber Risk and Defence
Organizations are increasingly cyber reliant, interconnected and vulnerable to potentially damaging shocks caused by attacks and cyber breaches. Given increasing levels of connection and convergence, organizations face challenges not only to secure systems, data and intellectual property, but also in understanding how their assets form part of the wider digital environment in which they operate. This session will assess strategies being deployed to manage cyber risk and explore what more can be done to increase cyber resilience.
- What is the potential for new technologies or approaches to revolutionize cyber security?
- How can penetration testing best be incorporated into security systems? How can independent researchers be incentivized to disclose vulnerabilities responsibly?
- How can cyber risk be effectively quantified?
- In what way could the emergence of cyber insurance for individuals alter the dynamics of risk?
Session Six | Approaches to Cyber Crisis Management
Organizations are becoming increasingly aware that they must operate on the basis that it is not possible to defend against, or even identify, every attack or cyber breach. Cyber security management strategies must now include detailed processes and contingencies for when something goes wrong. In reality, there is often little planning for dealing with the immediate fallout and longer-term consequences of such attacks. This session will explore strategic approaches to cyber crisis management and ask what needs to be done to improve cyber crisis management practices.
- Given the ever increasing scale and cost of attacks, does cyber defence even deter at all? Is there too much emphasis on cyber deterrence and defence?
- What are organizations doing to plan for when the worst happens? What is the right approach to managing the communication of cyber risks and the fallout from cyber security issues?
- Do senior leaders in business have sufficient understanding of cyber security to provide effective oversight? How are leadership structures changing to respond to cyber threats?
- What can we learn from recent high-profile cyber attacks on major organizations and how they have been handled?
1300 End of conference and reception
© The Royal Institute of International Affairs 2018
Pricing and booking information
Register by Friday 27 April 2018 to benefit from the early booking rate.
Ways to book:
- Phone: Call Charlie Burnett Rae on +44 (0)20 7957 5727
- Online: Click here to complete the online registration form
EARLY RATE (+VAT):
|FULL RATE (+VAT): |
AFTER 27 APRIL
|Partners and major corporate members|
|Standard corporate member|
|NGOs and academics||£440||£540|
|NGOs and academics||£490||£595|
Your delegate pass includes:
- Conference attendance
- Lunch and refreshments
Travel and accommodation are not included. View a list of recommended hotels here.
If you are interested in becoming a sponsor for this event, please contact Adam Bowie on +44 (0) 20 7957 5732
If you are interested in becoming a media partner for this event, please contact Ayesha Arif on +44 (0)20 7957 5753
If you are interested in becoming a supporting organization for this event, please contact Ayesha Arif on +44 (0)20 7957 5753
10 St James's Square
Telephone: +44 (0)20 7957 5643
Fax: +44 (0)20 7957 5710
If you wish to book the venue for your own event please phone +44 (0)20 7314 2764
The nearest tube station is Piccadilly Circus which is on the Piccadilly and the Bakerloo Underground lines. From Piccadilly follow Regent Street southwards towards Pall Mall and take the first road on the right called Jermyn Street. Duke of York Street is the second road on the left and leads to St James's Square. Chatham House is immediately on your right.
Although we cannot book accommodation for delegates, we have arranged a reduced rate at some nearby hotels, where you can book your own accommodation. Please inform the hotel that you will be attending a conference at Chatham House (The Royal Institute of International Affairs) to qualify for the Institute's reduced rate.
Please note all rates are subject to availability.
13 Half Moon Street
London - W1J 7BH
Tel: + 44 (0)20 7499 2964
Fax: + 44 (0)20 7499 1817
Classic Double without breakfast: £195 +VAT
The Cavendish London
81 Jermyn Street
London - SW1U 6JF
Tel: + 44 (0)20 7930 2111
Fax: + 44 (0)20 7839 2125
Classic Room without breakfast: £205 +VAT
The Stafford London
St James's Place
London - SW1A 1NJ
Tel: 020 7493 0111
Fax: 020 7493 7121
Classic Queen without breakfast: £247 +VAT
Quote Chatham House