FREE GRC Workshop

LEARN MORE

Recommended Event: Convene: Boston | Cybersecurity & Human Risk Conference Aug 13 - 14, 2026

Cityforum: Cyber Security and Intelligence 2026

Type Conference
Organization Cityforum
Event Format Physical
Size 51 - 100 approximate delegates
Registration Not Free
SPEAKING OPPORTUNITIES

Search for other Cybersecurity Conferences in the United Kingdom in 2026-2027.

Conference Description

Key Takeaways

  • Sixteenth annual summit addressing cyber threats to the UK’s critical national infrastructure
  • Focus on sectors including energy, transport, telecommunications and finance
  • Discussion of regulatory developments including NIS Regulations and the Cyber Security and Resilience Bill
  • Emphasis on public-private collaboration and operational resilience
  • Designed for senior government officials, CISOs, infrastructure leaders and cyber security professionals
  • Hosted at Here East, Queen Elizabeth Olympic Park, London

Introduction

The 2026 Cyber Security Summit brings together government officials, infrastructure operators, technology leaders and academic researchers to examine the mounting cyber threats facing the United Kingdom’s critical national infrastructure. Now in its sixteenth year, the event hosted by Cityforum in partnership with Plexal addresses a challenge that has grown increasingly urgent as essential services become more digitally interconnected and adversaries deploy more sophisticated attack methods.

Critical national infrastructure encompasses the systems and assets that underpin daily life and economic activity, from power grids and water treatment facilities to financial services and telecommunications networks. A successful attack on any of these sectors could disrupt essential services for millions of people, making their protection a matter of national security. The summit arrives at a time when the UK government is advancing new legislative measures to strengthen cyber resilience requirements across these sectors.

About This Event

The 2026 Cyber Security Summit takes place at Here East in Queen Elizabeth Olympic Park, London. The in-person format combines keynote presentations with panel discussions and networking sessions, creating opportunities for substantive dialogue between participants from different sectors and disciplines.

Cityforum has established this annual gathering as a platform where policymakers can engage directly with the organisations responsible for operating and defending critical infrastructure. Plexal, the innovation centre that serves as host partner, brings connections to the technology startup ecosystem, reflecting the summit’s interest in emerging solutions alongside established approaches to cyber defence.

The event structure is designed to serve both executive and technical audiences. Senior leaders can engage with strategic and regulatory discussions while security practitioners can explore operational challenges and technological developments in greater depth.

Cyber Threats to Critical National Infrastructure

The summit’s agenda centres on understanding how cyber threats to critical national infrastructure have evolved and what this means for defensive strategies. State-sponsored actors, organised criminal groups and hacktivists have all demonstrated capabilities to target essential services, with motivations ranging from espionage and financial gain to disruption and political messaging.

Different infrastructure sectors face distinct vulnerability profiles. Energy networks must secure operational technology systems that were often designed before cyber security was a primary concern. Financial services handle vast quantities of sensitive data while maintaining systems that must remain available around the clock. Transport networks increasingly rely on connected systems for safety-critical functions. Telecommunications providers form the backbone upon which other sectors depend.

The summit examines these sector-specific challenges while also exploring common themes. Incident response capabilities, supply chain security and the challenge of maintaining resilience when systems are under attack feature prominently in the programme. Participants will consider how organisations can prepare not just to prevent breaches but to continue operating and recover quickly when incidents occur.

Regulatory and Legislative Developments

A significant portion of the summit addresses the regulatory environment shaping cyber security requirements for critical infrastructure operators. The Network and Information Systems Regulations, which established baseline security requirements for operators of essential services, continue to evolve as regulators gain experience with implementation and enforcement.

The Cyber Security and Resilience Bill represents the next phase of the UK’s legislative approach, potentially expanding requirements and strengthening enforcement mechanisms. For organisations operating across multiple jurisdictions, these domestic developments must be understood alongside international frameworks and the requirements of trading partners.

Compliance represents both a challenge and an opportunity for infrastructure operators. Meeting regulatory requirements demands investment in security capabilities, governance structures and reporting mechanisms. However, organisations that approach compliance strategically can use regulatory frameworks as a foundation for building genuine resilience rather than treating them as a box-ticking exercise.

Technology and Innovation in Cyber Defence

The summit explores how emerging technologies are reshaping both the threat landscape and defensive capabilities. Artificial intelligence features prominently in these discussions, with applications ranging from threat detection and analysis to automated response capabilities. The same technologies that defenders can use to identify anomalies and accelerate response times are also available to attackers seeking to craft more convincing social engineering campaigns or identify vulnerabilities at scale.

Open-source intelligence has become an increasingly important component of threat intelligence programmes, enabling organisations to monitor for indicators of compromise, track threat actor activities and understand the broader context in which attacks occur. The summit considers how infrastructure operators can effectively integrate these intelligence sources into their security operations.

Sponsors including Configured Things, PQShield and Surevine represent different aspects of the cyber security technology landscape, from secure communications to post-quantum cryptography. Their participation reflects the summit’s interest in connecting infrastructure operators with innovative solutions that address current and emerging security challenges.

Building Effective Public-Private Collaboration

Protecting critical national infrastructure requires coordination between government agencies and private sector operators. Many essential services are delivered by commercial organisations, yet their security has implications for national resilience that extend beyond any individual company’s interests.

The summit provides a forum for strengthening these relationships. Government participants can share threat intelligence and policy direction while private sector leaders can communicate operational realities and resource constraints. Academic researchers contribute longer-term perspectives on emerging threats and potential solutions.

Effective collaboration requires trust, which develops through sustained engagement rather than crisis-driven interactions. Events that bring together stakeholders from across sectors help build the relationships that enable rapid coordination when incidents occur.

Who Should Attend

The summit serves professionals with responsibility for protecting critical infrastructure and shaping the policy environment in which that protection occurs. Chief information security officers and chief technology officers from infrastructure operators will find direct relevance to their operational challenges. Government officials working on national security, defence, transport and energy policy can engage with the organisations implementing their frameworks.

Legal and regulatory professionals advising infrastructure clients benefit from understanding how organisations are interpreting and implementing compliance requirements. Academic researchers gain exposure to real-world challenges that can inform their work. Technology companies and startups developing cyber security solutions can understand the specific needs of infrastructure operators.

The summit’s value lies in bringing these different perspectives together, enabling conversations that would not occur within the boundaries of any single organisation or sector.