Archives: Agenda

• Overview of key cybersecurity regulations
• Managing compliance across jurisdictions
• How to be prepared for evolving data privacy standards?

Edgescan delivers risk-prioritized vulnerability intelligence across applications, APIs, and infrastructure with manual validation baked in.

Let’s take a step back to some fundamentals.

• A reality check and recap on the basics (Find, Prioritize, Fix).
• How to deal with “Too Many Risk Scores”. Edgescan’s effort to simplify an approach to Risk.
• Asset Context – how it plays into Risk and how AI and Metadata can help vulnerability prioritization.
• How to quantify Risk and present options not just problems.

• Designing effective governance frameworks  from policy to implementation  for institutions at different stages of maturity
• How security strategy, governance thinking and policy development is adapting to Ai functionality across major financial institutions
• Practical lessons from early internal adoption, including colleague-facing change, operational readiness and evolving approaches to risk assessment
• The key concerns shared by regulators and large institutions, such as safety, accountability, model transparency and systemic risk
• The organisational impact of AI, from workforce considerations to skills, decision-making processes and oversight structures
• The balance between innovation and regulatory expectations, and what responsible adoption looks like in real operational environments

• Understanding how to frame AI security – novel challenges, similarities, and differences with traditional cybersecurity
• Practical insights for designing safer, more trustworthy AI systems

• Explore how systemic supply chain risks are reshaping the financial services landscape, from corporate dependencies to software and logistical vulnerabilities.
• Understand why traditional TPRM no longer protects interconnected financial ecosystems, and how collaboration is becoming the new resilience strategy.
• Hear real-world insights from government and financial communities on tackling concentration risk and achieving shared visibility across suppliers.
• Discover how network-based
•  security models can strengthen regulatory compliance and operational resilience under frameworks like DORA.
• Learn how to move beyond fragmented risk management and Defend-as-One against evolving third-party threats.

As financial institutions deepen their reliance on cloud infrastructure, managing cyber risk becomes a shared responsibility, but where does the provider’s role end and the institution’s begin? This discussion explores how to cut through the noise of data and alerts to focus on what truly matters for business resilience.

• Too much data, not enough clarity and how that overload hides real financial and operational exposure.
• Cutting noise down to the risks that actually matter to revenue, operations, and regulators.
• Exposing the unknown estate shadow IT, shadow APIs, and forgotten cloud services driving unseen risk.
• Turning thousands of technical “criticals” into one clear, defensible, business-level risk picture.
• Measuring what truly improves resilience: reduced exposure, faster remediation, better prioritisation, clearer audit trails.

Moderator: Jon Bernstein, Freelance Writer, Moderator and Digital Media Consultant