B7: Penetration Testing and scenario exercising

In this workshop we will discuss best practices in the management of cyber security risk, particularly in relation to the mitigation of current and emerging threats.

With reference to the stated goals of the EU’s General Data Protection Regulation (GDPR), this session will:

  • Address the development and expansion of an organisation’s information security policy and cyber risk management strategies
  • Demonstrate how critical security controls, such as incident response planning, reduce the impact of a cyber-attack and mitigate the risk of threats to an organisation’s information systems
  • Present contemporary case studies

We will also cover:

  • Penetration testing as an ongoing requirement and commitment both as a potential regulatory requirement and as an effective risk mitigator
  • Tabletop exercises which can provide insight into the level of your vulnerability readiness

This workshop is intended for any person with a responsibility for mitigating cyber risk or indeed anyone with an interest in cyber security. This session will not focus unduly on technology.


  • Joe Coltson, Managing Director, Forensic Technology, eDiscovery and Cyber Security, Duff & Phelps
  • Nick Johnston, Vice President of Cyber Security, Duff & Phelps
  • James Weare, Vice President of Cyber Security, Duff & Phelps