ISACA London Conference 2021

Tuesday, 22nd June 2021
09:00-19:00 (London, BST)


ISACA London Chapter’s Annual Conference 2021 coincides with a major landmark for the Chapter - its 40th Anniversary. The Conference is open to over 4,000 of its members in the London area as well as ISACA chapter members from more than 200 chapters around the globe. The ISACA Chapter 2020 Conference hosted over 400 attendees from over 40 countries. ISACA London Conference 2021 will bring together experts and practitioners in the areas of audit, security, cybersecurity, compliance, risk, privacy, control and IT, from a wide range of industries, including finance, banking, tech services, government, insurance, medical and more.

This year the conference will include a keynote speech by a leading authority in cyber and national security, as well as industry experts and thought leaders sharing their practical experiences. The event will focus on risk-based adoption, audit and governance of disruptive technologies (covering but not limited to cloud / AI / IoT / AR / VR / robotics), and provide innovative approaches to deal with cyber security, audit and risk.

There will also be a distinguished panel on SheLeadsTech (part of One In Tech), which is an ISACA global initiative to increase the participation and impact of women in technology leadership and workforce roles.


Tuesday, June 22, 2021

08:45 – 09:00
Login to Conference
09:00 – 09:15

David Samuelson, CEO


ISACA CEO David Samuelson is a seasoned executive with particular strength in strategic and technology leadership, communications and execution. He has a deep foundational expertise in operational execution, product management and leadership, and deep industry experience in global education technology, software development, consumer publishing, television, and theater. Samuelson has had proven success in both creative ideation and tactical execution of ideas, with an excellent track record of working effectively across global, complex and matrixed organizations. His 25 years in education began at the Minnesota Educational Computing Corporation as vice president and executive producer. He worked at Pearson, the leading global education company, for 15 years in a variety of executive roles, including president of global schools, chief marketing officer and product strategist for Pearson’s US School division, and VP of the Family Education Network. Samuelson’s earlier career in theatre and television included an Emmy award-winning children’s television producer.
09:15 – 09:50
Keynote Speech
The Changing Cyber Threat Landscape: What is Cyber Risk and How Can We Reduce It?

Robert Hannigan

Former Director of GCHQ and Chairman of BlueVoyant

Robert is Chairman of BlueVoyant (International), a global cyber security services company specialising in supply chain risk, and a Senior Adviser to McKinsey & Co. He is a former Director of GCHQ, the UK’s largest intelligence agency, and established the UK National Cyber Security Centre in 2016. He retired from Government after 20 years in national security roles, including Prime Minister’s Security Adviser.

Robert writes on cyber, technology and national security issues in the Financial Times and is a Senior Fellow at the Belfer Center, Harvard, the Royal United Services Institute, and the Institution of Engineering and Technology, London.
09:50 – 10:25
Regulating digital investigations

Sarah Hargreaves, Director of Training - International


Sarah started her career in digital forensics in 2003. Previously working in a criminal law practice, Sarah moved over to forensics after working on a number of investigations which inspired her to change career path. Her journey continued with a number of roles in Digital Forensic Laboratories, primarily supporting law enforcement in Child Sexual Exploitation investigation and general crime. Sarah progressed to Laboratory Management and later into Training Management.

Sarah is experienced in digital investigation, laboratory management, ISO17025 and evidential process. Sarah lives in the North West of England and is a mum to two young children. She enjoys days out with her family and travelling
10:25 – 11:00
Risk Quantification – You are what you measure

Scott Bridgen, GRC Offering Lead

OneTrust GRC

Scott Bridgen serves as Head of GRC for OneTrust GRC– a purpose-built software designed to operationalise integrated risk management. In his role, Scott is responsible for driving the development and delivery of OneTrust's integrated risk management product as well as driving the refinement of the toolset and offerings. He advises companies throughout their risk management implementations to establish processes to support operations and align with their enterprise objectives, including adopting industry best practices and adhering to requirements relating to relevant standards, frameworks, and laws (e.g. ISO, NIST, SIG and more). Scott works with clients to realise the extent of their risk exposure, helping clients to map their digital infrastructure, assess risks, combat threats, monitor ongoing performance, and document evidence throughout the risk lifecycle.
11:00 – 11:10
Opportunity to visit Sponsor Booths in the Exhibition Hall to win prizes
11:10 – 11:40
CISOs in the Boardroom: Confidently presenting the cyber risk storyboards

Clemence Beinse, Senior Consultant, Partner Advisory & Enablement


Clemence is responsible for the enablement of Galvanize’s new partners across the EMEA region. She also supports our partners in their GRC implementation projects, drawing on her previous experience helping clients in their adoption of HighBond by delivering complex multi-bonds implementations.

Prior to joining Galvanize, Clemence worked as an information security and data privacy consultant, advising organisations on their risk management policies and business management strategies in order to streamline their information security and GDPR processes. She also carried out audits and assessments of ISO 27001 and GDPR readiness through gap analyses, report productions and suggested action plans.

Nichol Deaddis, Solutions Director, EMEA 


Nichol Deaddis is a seasoned technology solutions leader at Galvanize.He has over15 yearsofexperiencein business transformation and technology management,with a highly successful track record for delivering complex enterprise software implementations within global organisations. Nichol hasanin-depth knowledge of Governance, Risk and Compliance (GRC) technologies, business processesand delivery requirements, supporting risk and assurance teamsacrossvarious industries(BFSI, government and energy)to strengthen and protect their organisation."
11:40 – 12:10
Compliance in the Cloud – How large organisations are approaching governance and compliance in the cloud?

James Fox Director, Technology Consulting 


James is a Director in Protiviti’s UK Technology Consulting practice, with a focus on Enterprise Cloud Transformation. James has extensive global experience working across Asia Pacific and Europe in IT Advisory Consulting.

Prior to joining Protiviti, James was a Director at Deloitte Consulting supporting clients with strategic adoption of cloud services, Consultant at Amazon Web Services enabling enterprise customers to achieve their most challenging business and organisational goals through well-managed transformation and a Consultant at PwC providing Enterprise Cloud Transformation advice.
12:10 – 12:40
Securing the Workforce in times of Uncertainty

Katie Burnell, Specialist Systems Engineer

Absolute Software

Katie is a seasoned cyber security professional, boasting in-depth experience of both the private and public sectors. She has worked as a vendor, a customer and end-user in Financial Services working on Insider threats. Katie is a confident speaker, successful leader and highly-regarded subject matter expert. She has previously presented at Black Hat and several other leading Cybersecurity conferences.
12:40 – 13:00
Opportunity to visit Sponsor Booths in the Exhibition Hall to win prizes
13:00 – 13:45
Financial, Digital, and Algorithm Audit Developments: EU and Other Perspectives

Panel Host:

Olivia Bosch, Director, Government and Regulatory Affairs

ISACA London Chapter

Dr Olivia Bosch is Director, Government and Regulatory Affairs (GRA), ISACA London Chapter. In that role, she and GRA Apprentice Director Rajeev Asuri, write regular features in the London Chapter's Newsletter to inform Members about regulatory aspects of technology, audit and cyber security. They also contributed to ISACA submissions to several mainly UK public consultations (eg, on AI, Cyber Lexicon, UK local authority financial reporting and external audit, UK audit reform). These contributions also underpin the London Chapter's new GRA webpage.

Olivia has served in international governmental organisations (IGOs), non-governmental organisations (NGOs), in companies as non-executive director or director, and as information governance officer. Her PhD on encryption export controls introduced her to algorithms.


David Doyle, EU Financial Services Regulatory Policy Expert

Dr. David P. Doyle is an EU Policy Adviser and Expert specializing in financial services regulation, covering the banking, insurance and securities' sectors. A former long-serving diplomat based on mainland Europe in both multilateral and bilateral assignments, notably with the Irish trade mission (now Enterprise Ireland) in Paris, and ambassador to UNESCO. David is a long-standing member of the Board of the joint MEP-EU industry advocacy body, The Kangaroo Group, and secretary of its Financial Services Working Group at the European Parliament. He also sits on the board of the joint UK cross-parliamentary/SME-owner body at Westminster, The Genesis Initiative, focused on SME policy development. His authored works include Cost Control - A Strategic Guide (CIMA/Elsevier: London, 1994 and 2002) which was translated into 15 foreign languages, as well as contributing EU chapters to The Future of Finance after SEPA (Wiley: London, 2008), and A Practical Guide to Corporate Governance (Sweet & Maxwell: London, 2010). His alumni include the Dublin Institute of Technology, Trinity College, University of Dublin (Ireland), and Kingston University (UK). He is also a Graduate member of the Marketing Institute of Ireland.

Yordanka Ivanova, Legal and Policy Officer

European Commission (DG CNECT)

Yordanka Ivanova is a Legal and Policy officer in the European Commission (DG CNECT) who has worked on the legal proposal on Artificial Intelligence adopted by the Commission on 21 April 2021.

Outside the Commission, she has acted as an attorney-at-law advising companies on EU regulations, including in the area of data protection, digital services, financial services and copyright.

Andrew Clark, Co-founder and Chief Technology Officer 


Andrew Clark is a co-founder and Chief Technology Officer of Monitaur, a machine learning assurance company. Monitaur is a Machine Learning Assurance platform addressing the needs of companies using models to make decisions in regulated industries. Monitaur delivers the transparency and confidence necessary to manage compliance and unlock innovation by the recording, auditing, monitoring, and assurance of machine learning models.

Andrew received a B.S. in Business Administration with a concentration in Accounting, Summa Cum Laude, from the University of Tennessee at Chattanooga, an M.S. in Data Science from Southern Methodist University, and is a Ph.D. candidate in Economics at the University of Reading. He also holds the Certified Analytics Professional and American Statistical Association Graduate Statistician certifications.
13:45 – 14:15
The Right to Privacy in the Digital Age: Different International Perspectives

Ozgur Heval Cinar, Associate Professor

University of Greenwich

Dr Ozgur Heval Cinaris a lawyer. Presently, he is an associate professor at the University of Greenwich, School of Law and Criminology. Hecompleted his PhD at the School of Law, University of Essex. Previously, he was a post-doc fellow at the University of Oxford between 2012-2016.

Aysem Diker Vanberg, Senior Lecturer in Law

University of Greenwich

Dr Aysem Diker Vanberg is a Senior Lecturer in Law at the University of Greenwich. She responsible for teaching Competition Law at postgraduate level. At undergraduate level, she teaches Contract Law and Intellectual Property Law.Aysem’s main research interests lie in data protection law, EU and UK competition law, application of competition law in digital markets, online platforms, competition and technology including Artificial Intelligence, law and economics. She is particularly interested in the interplay between data protection law and competition law.

Prior to joining the University of Greenwich, she worked at Anglia Ruskin Universityas a Senior Lecturer and at the University of Essex as an Associate Lecturer and Research Associate.

Before moving to the UK, she qualified as a lawyer in Turkey and worked as a lead In-house counsel for multinational companies including MAN Nutzfahzeuge AG and Cimpor Cimentos de Portugal.

Aysem has an LLM in European and International Law from the University of Bremen and an LLB from the University of Ankara, Turkey. She holds a PhD in Competition Law from the University of Essex. Her doctoral thesis entitled ""An analysis of the application of Article 102 Treaty on the Functioning of European Union to platform-based businesses: Google as a case study"" draws on Competition Law, Commercial Law, economics and IT Law in order to assess the suitability of EU competition law to digital platforms such as Google and Facebook.
14:15 – 14:30
Opportunity to visit Sponsor Booths in the Exhibition Hall to win prizes
14:30 – 15:00
Industrial Control Systems (ICS) Security

Alex Reniers, Section Chief, Industrial Control Systems Section

Cybersecurity and Infrastructure Security Agency

Alex’s background includes operational, intelligence, and threat analysis – working in these capacities within DHS for over ten years.
15:00 – 15:45

Panel Host:

Zuzana Bitter, Managing Director 

BITTER Solutions Ltd

Zuzana BITTER is the Managing Director of BITTER Solutions Ltd., the Head of Regional Strategic Alliances (United Kingdom) of Cyber Security Forum Initiative (CSFI) and serves as a management committee member for The British Computer Society (BCS, The Chartered Institute for IT) IRMA - Information Risk Management and Assurance specialist group in the UK. She has an MBA degree in Strategic Management from Nottingham Trent University (UK) and is a current PhD Candidate in the Information Security area at Royal Holloway, University of London. Zuzana holds industry certifications such as CISM, ISO27001 Lead Auditor & Lead Implementer and ITIL amongst others. She is also multiple times Czech national powerlifting champion (IPF), holds a number of national records and frequently represents her country in international competitions across the world. She has been working in various business and consultancy positions across a wide range of industries, local authorities, pharmaceutical to oil&gas global companies for over 15 years. Zuzana’s long-term career within Samsung has equipped her with truly global Information Technology skills, Governance, Risk and Compliance knowledge. She follows best practice frameworks in Information Security, Data Privacy, Risk Management, and Business Continuity.


Mirra Sondhi, Global Head of Technology Risk

Schroders Plc

Mirra is the Global Head of Technology Risk at Schroders with over 13 years of experience in technology risk and assurance within the financial services industry. Her key focus is to embed a culture of risk awareness within technology functions that enables faster pace of change and adoption of new technologies to achieve business objectives whilst ensuring security, stability and resilience of business operations. Mirra is a member of the Next Generation Leadership Council at TheCityUK which is an advocacy group that enables members to shape engagement with the highest level of governments, with policymakers and other leading stakeholders on issues relating to the industry. She also sits on the strategic Advisory Board for Global Policy Insights for their AI and public policy programme. Outside of the technology role, Mirra passionately champions Diversity and Inclusion initiatives and was featured in Financial Times - Top 50 Empower list of Ethnic Minority Future Leaders 2018 and UK’s top 100 most influential Black, Asian and Minority Ethnic leaders in Technology sector. More recently, Mirra was recognised as the finalist for the WeQual Award which recognises senior women who have the potential to become C-suit leaders.

Analia Millet, Director, Risk and Quality (Digital Audit)


Analia (Ana) started her career as an auditor in PwC Argentina while she was still at university. In 2007 she moved to the UK where she joined the PwC Technology, Information, Communications, and Entertainment audit practice based in London. During this period, Ana became passionate about working with teams and clients re-imagining the way we audit, with a particular interest in risk and controls associated with transformation and emerging technology. In 2015, Ana moved to Hong Kong, where she helped clients on a variety of tech projects ranging from readiness assessments and audits of information security controls. Since she moved back to the UK, she has joined PwC’s Audit Risk and Quality team advising auditors on technology related matters.
Outside work, Ana is a mum to a 2 year old girl who keeps her on her toes and in her spare time she is trying to pick up gardening, loves cooking and is looking forward to travelling again, especially to Argentina where her family still lives.

Harriet Sharma, EMEA CISO

Dentsu International

Harriet is EMEA CISO at media and advertising firm Dentsu, leading security for the region of approximately 15,000 users across over 40 countries. Harriet has also worked across industry and government sectors, including security consulting in the big four and financial services. Harriet has in-depth experience of security breach response and crisis management, having helped lead the European Equifax business through a large-scale security breach in 2017.

Harriet’s career in information security started almost fourteen years ago, following a high profile data breach in UK Government. Harriet made an unconventional move from a civil service policy role to join a taskforce reviewing and remediating the impact of the breach across the department, and influencing changes to government guidelines on data handling. With a degree in Sociology, Harriet has progressed her security career with a keen focus on security awareness and human behaviour, and a passion to educate users and business leaders to make the right decisions by understanding the security risks in the work that they do.

Harriet holds ISACA CISM certification, is an ISO27001 Lead Auditor and is an EC Council Certified CISO. Harriet is also a mother to an energetic toddler, and is passionate about supporting flexible working for all. "

Sanja Kekic, CISO

Komercijalna Banka

Sanja Kekic, one of 50 Women of Influence in Cybersecurity Europe in 2019 ( SC Magazine UK's list), President of ISACA Belgrade Chapter and SheLeadsTech Liaison, devoted to promoting the visibility of ISACA and its core values in the Serbian market for which she received 2018 ISACA’s Outstanding Leaders Award in Small Chapter category. Besides, she is one of the ISACA Belgrade Chapter founders. In addition, she is a very active International volunteer in raising awareness about the ISACA’s SheLeadsTech program. She has been a member of the ISACA SheLeadsTech Chapter Engagement Working Group. Her specific role has been to include European Chapters in this program by raising awareness of the program's mission and goals.

In her 22-year career path, Sanja has led and executed various complex IT and business processes projects related to GRC, including (or with a focus on) cybersecurity in Serbia and the SEE region. Sanja has gained invaluable experience by working for Big 4, several largest banks and financial institutions in Serbia, and the largest mobile operator in Serbia. Her background is in mathematics and informatics, as well as an Executive MBA in finance. Holds certificate for information system risk and control (CRISC), COBIT 5 Foundation, and Internal audit in the public and private sector.
15:45 – 16:15
Cyber Security to Support Digital Transformation Goals

Sandy Silk, Director of Information Security Education

Harvard University

Sandy Silk is the Director of Information Security Education and Consulting at Harvard University, Founder of Cyber Risk and Resilience Consulting, and a member of the Board of Advisors for Apexa Corporation, Per Scholas Greater Boston, and the MS in Information Security Leadership at Brandeis University. She excels at bringing together executive leaders, business teams, and IT professionals to align cyber risk management with strategic priorities and culture, risk tolerance levels, and positive customer experience. At Harvard, she leads a team that consults with researchers, faculty, and departments on security risks and controls for the high-risk data, technology, and vendors they use within projects. She also oversees the information security awareness campaign at Harvard, coordinates the annual information security policy review, and teaches Information Security Foundations for Harvard’s IT Academy. Sandy is involved in several Women in Technology (WIT) organizations, mentoring and leadership development programs, and seeks opportunities to improve diversity, equity, and inclusion for under-represented populations within the IT profession. Sandy’s prior information security career included positions with Fidelity Investments, Bose Corporation, and Wellington Management Company.
16:15 – 16:30
Opportunity to visit Sponsor Booths in the Exhibition Hall to win prizes
16:30 – 17:00
5G-Enabled Business Transformation – Adopting Cybersecurity Strategies for Addressing Complex Problems

Chris K. Dimitriadis, PhD

Past Chair of the Board at ISACA

Chris is an executive advisor in Business Strategy, Technology and Cybersecurity. Chris has served ISACA as Chair of the board for 2 consecutive terms (2015-2016 and 2016-2017) and as director of the BoD for 9 terms (2010-2014 and 2015-2021). He is a former Group CEO at INTRALOT a leading gaming solutions supplier and operator active in 42 regulated jurisdictions around the world. From 2007 to 2021, Chris has served as Board Member, Group CEO, Group Chief Services and Delivery Officer, Group Director of Technology Operations and Group Director of Information Security. Prior to that role, he held positions in cybersecurity consulting firms. He has also served as a member of the Permanent Stakeholders Group (PSG) of the ENISA from 2012 to 2015. Chris has been working in the area of information technology for 21 years, he holds 3 patents, 6 awards and has authored more than 150 publications. He holds a degree in Electrical and Computer Engineering and a Ph.D. in Cybersecurity.
17:00 – 17:30
Cybercrime – The changing Police response

Andrew Gould, National Cybercrime Programme Lead

National Police Chiefs’ Council

Detective Chief Superintendent Andrew Gould

Detective Chief Superintendent Andrew Gould is the National Cybercrime Programme Lead for National Police Chiefs’ Council responsible for developing the police response to cybercrime at the national, regional and local level. This includes overseeing the operational activity of Regional and Force Cybercrime Units and supporting the response to major national cyber incidents working with the National Crime Agency and National Cyber Security Centre. Andrew is also responsible for the development of an effective police capability on the Dark Web and in cryptocurrencies. He is also a Global Cybercrime Expert for Interpol. Prior to this he ran the Met Police’s Cybercrime Unit having previously led counter terrorism investigations in the UK and abroad.

17:30 – 18:00
Closing Remarks
Prize Draws & Awards
18:00 – 19:00
Last opportunity to visit Exhibition Hall Sponsor Booths


Frequently Asked Questions

Anyone can attend especially if you are interested in Cybersecurity, Information Security, IT Audit, IT Governance, IT Risk are all welcome.
Yes, you’ll need to register for this online event. Simply follow the link at the top of the page and submit your information. Then you’ll receive an email confirming your registration for the event. If you are not an ISACA member please register through our Eventbrite Registration Page.
ISACA London Conference 2021 is FREE to all ISACA members. Non-members are also welcome for a £25 fee and can register on our Eventbrite Registration Page.
Please click here to become a member.
During the event, you can:
  • View speaking sessions in the auditorium.
  • Visit Exhibition Hall for sponsors booths and find out more about their services and products.
  • Networking. You will be able to interact via the chat room with other attendees.
  • You can win prizes by using the gamification feature
Yes. Like any physical event, we will have a delegate bag for you! You can add documents provided by each exhibitor to your online delegate bag and then email them to yourself.
We would like to see you the whole day, but you can drop in and out at your convenience. Please bear in mind that exhibitors will be online from 9am to 5pm.
Your login information is the email address and password you provided during registration.
You can access to this virtual conference with all devices, including laptops, tablets, and smart phones.
No, you do not need to download or install any software to participate. All you need is access to the internet.
We would suggest you use Chrome or Firefox to get the best quality.
No. Some exhibitors may have the ability to request a video chat; it is not required in order to participate.
The on-demand content will be available to view for 30 days following the day after the event, so you can catch up on any content you may have missed. After 30 days it will be moved to WorkCast and there will be only recorded speaker sessions.
If you still have a question that has not been answered above, drop us a line at and a member of our team will get back to you as soon as possible.
You can visit the information desk for any help required.