CYBER INTELLIGENT Infrastructure

EFFECTIVE & PRACTICAL
CYBER RESILIENCE STRATEGIES
FOr CRITICAL NATIONAL INFRASTRUCTURE

may 2026
london, Uk

Practical, Actionable Insights and Hands-on Learning Opportunities to Protect Against Cyber Threats

Operators of CNI face constant challenges in balancing 24/7 system accessibility with robust security. Maintaining legacy systems that weren't designed with modern security in mind, or running outdated software that can't easily be patched or upgraded risks major service disruption. Many of you are struggling with the growing complexity of interconnected operational technology and IT systems, where securing one component might inadvertently impact others. And where do you even begin to ensure cyber-resilience without efficient organisational governance in place?

The rapid evolution of threats poses another significant challenge, with operators needing to defend against both automated attacks and sophisticated state-sponsored actors while maintaining compliance with regulatory frameworks. Supply chain security has become particularly problematic, as operators must trust numerous third-party vendors and contractors with system access while having limited visibility into their security practices. And the increasing adoption of remote access capabilities, accelerated by recent workplace changes, has created new attack vectors that must be constantly monitored and secured.

Cyber Intelligent Conferences’ Cyber Intelligent Infrastructure Summit 2026 has been specifically designed to provide you with practical, actionable solutions and hands-on learning opportunities for you to overcome your day-to-day cyber security challenges.

50% OF DELEGATES ARE OPERATORS OF ESSENTIAL SERVICES

SUMMIT AGENDA

08:00 Coffee and Networking in the Solutions Hub

08:25 Chairman’s Welcome Address

Strategic and Regulatory Framework

08:30 Opening Keynote Address: The Evolving Nature of Cyber Threats to Critical National Infrastructure and NCSC Strategy for the Future

• Current threat landscape and emerging cyber risks to UK infrastructure
• NCSC's strategic approach to enhancing national cyber resilience
• Key provisions of the Cyber Security and Resilience Bill and implementation timeline
• How the Bill builds upon NIS 2018 and addresses emerging threats
• Enhanced mandatory incident reporting requirements and regulatory powers
• Understanding the UK regulatory framework in the context of EU NIS2 developments
• Future Supply Chain Policy

09:00 Are You Regulation Ready? A Practical Roadmap of Critical Compliance Steps for CNI Operators

• Conducting a gap analysis: Where does your organisation stand today against NIS 2018 and the new CS&R Bill requirements?
• Governance and accountability requirements under the new legislation
• Mandatory incident reporting: What, when, and how to report under the new Bill
• Supply chain security requirements and third-party risk management obligations
• Board-level responsibilities and potential personal liability under enhanced regulatory powers
• Funding cybersecurity improvements: Building the business case for investment
• Working with regulators: What to expect during audits and assessments
• NIS2 impact on UK organisations: Understanding indirect compliance requirements through EU partnerships
• Navigating overlapping regulatory requirements: NIS 2018, Cyber Security and Resilience Bill, and NIS2 considerations

Urgent Operational Cyber Security Challenges & Needs

09:30 Morning Keynote OES Panel Discussion - Sharing Day-to-Day Operational Challenges: How

are we Currently Balancing Security, Compliance, and Business Continuity?

• Managing legacy systems and aging infrastructure with limited replacement options
• Resource constraints: Budget limitations and critical cybersecurity skills shortages
• Coordinating security across IT and OT (Operational Technology) teams
• Maintaining 24/7 critical operations while implementing security updates
• Managing third-party and supply chain risks in interconnected ecosystems
• Key struggles: What do we need from the NCSC and solutions community?

10:30 Coffee and Networking in the Solutions Hub

Cyber Security in Action:
Unmissable Reports and Advice from the Coalface

11:00 OES Cyber-Crisis Reaction Panel Discussion: Real-World Cyber Incident Experiences

What happened?
What did we get wrong?
What did we get right?
What would we do differently?

This panel brings together CNI operators who have faced significant cyber threats and lived to tell the tale. Panellists will share candid accounts of cyber incidents that threatened their critical operations, the immediate tactical responses that contained the damage, and the strategic transformations that followed. This is not about theory—it's about what actually worked when operations were at risk.

11:45 OES Cyber-Crisis Prevention Panel Discussion: Building Defensive Moats - Proactive Security Transformations To Stop Threats Before They Became Incidents

This panel features CNI operators who identified significant vulnerabilities and threat patterns before they resulted in major incidents. Panellists will share how they detected emerging threats, the proactive security measures they implemented, and the tangible results of their defensive investments. This session focuses on prevention and detection—the unglamorous but critical work that keeps threats from becoming headlines.

12:30 Practical Steps for Right Now: How to Order your Short Term and Long-Term Cyber Security Priorities

13:00 Lunch and Networking in the Solutions Hub

Peer to Peer Roundtable Discussion Groups: Share Your Challenges – Find Solutions!

Choose the informal discussion group that best addresses your current challenges. Whether you're looking to leverage cutting-edge technology; secure your supply chain; improve incident response; or build a stronger cybersecurity team, these sessions offer targeted insights and strategies.

14:00 - 14:40 Roundtable Discussion Groups – Rotation One

14:40 - 15:20 Roundtable Discussion Groups – Rotation Two

TABLE 1 - Key Incident Response and Recovery Strategies

TABLE 2 - Enterprise-wide Cyber Hygiene Fundamentals for Protecting Critical Infrastructure

TABLE 3 - Workforce Development: Addressing the Cybersecurity Skills Gap

TABLE 4 - AI and Machine Learning in Cyber Threat Detection

TABLE 5 - Completing Your Cyber Assessment Framework: Top Tips to Avoid Panic!

TABLE 6 - Best Practice Threat Modelling for Critical Infrastructure

TABLE 7 - Open Q&A Clinic – Share your Cyber Resilience Challenges and Find Solutions

TABLE 8 - Practical Tips for Handling Legacy Systems

15:20 Coffee and Networking in the Solutions Hub

15:50 Practical Work-Around Tips for Handling Legacy Systems

Developing a comprehensive patch management policy
Balancing security updates with operational stability
Tools and techniques for efficient patch deployment
Handling legacy systems and unpatchable vulnerabilities

16:15 Ensuring Supply Chain Security for Critical Infrastructure

Identifying and managing risks in the digital supply chain
Strategies for vetting and monitoring third-party vendors
Securing hardware and software components from tampering
Compliance requirements for supply chain security

16:45 Live Cyber Attack Simulation for CNI Operators

Witness a Realistic Scenario Involving a Multi-Vector Attack on Critical Infrastructure
Watch Real-time, Under-Pressure Decision-Making with Operational Constraints
Appreciate the Need for Cross-Functional Coordination During an Active Incident
Consider the Regulatory Reporting Requirements During Active Incidents
Experience a Post-Exercise Debrief to Identify Strengths and Areas for Improvement

17:30 Closing CNI Operator Panel Discussion With Q&A - The Path Forward to Build Resilient Infrastructure Together

Summary of key takeaways from the day – what have we each learned?
Immediate actionable steps for CNI operators
Resources and support available from NCSC and industry bodies
Building collaborative approaches to CNI protection

18:00 Networking Drinks Reception

19:00 Close of Cyber Intelligent Infrastructure 2026