Resilience in the Age of Al: Threat or Opportunity?

Event Title: Resilience in the Age of Al: Threat or Opportunity?

Format: Live webinar - after registration via Eventbrite. 1 CPE for attendance.

Synopsis:

Building cyber resilience requires more than policies, tools, or even talented teams it demands proof that your defenses can withstand real-world threats. Testing your environment before attackers do is essential. Controlled, realistic simulations such as penetration testing, red teaming, and cyber tabletop exercises expose vulnerabilities in systems, processes, and people under safe conditions. This proactive approach turns potential weaknesses into opportunities for improvement, reducing the likelihood and impact of a successful attack. Testing not only validates security controls but also strengthens response coordination, builds confidence in incident management, and ensures that resilience is embedded in the organization’s DNA not just in theory, but in practice.

How do you build a cyber resilience testing program from the ground up?

1. What should be tested in an organization to truly strengthen resilience systems, processes, people, or all of the above?
2. How often should resilience tests be run, and how do you balance frequency with operational impact?
3. Can you share a real-world example of a cyber testing scenario and how it helped uncover gaps or improve response?
4. What strategies have you found most effective for building cyber resilience within an organization?

Key takeaways:

1. Start with a structured framework and threat-based scenarios to build your resilience testing program.
2. Test systems, processes, and people together to uncover real vulnerabilities.
3. Run tests regularly but tailor frequency to business impact and criticality.
4. Simulated attacks reveal hidden gaps and drive meaningful improvements.
5. Leadership, culture, and layered defenses are essential for lasting cyber resilience.

Speaker Details :

Speaker 1: Ramona Ratiu- MS, CISM, CISA, GSTRT, GCCC, Head of Cyber Resilience Testing, Zurich Insurance

Ramona Ratiu is a distinguished cybersecurity leader with over 15 years of global experience in cyber resilience,governance, risk, and compliance. As Head of Cyber Resilience Testing at Zurich Insurance, she drives strategic initiatives to prepare organizations for AI-driven threats and emerging digital risks.

Ramona is the U.S. Ambassador for the Global Council for Responsible AI and serves as an adjunct professor at DePaul University, where she shapes the next generation of It risk professionals. She has held multiple leadership roles with ISACA, including two terms as President of the Chicago Chapter and currently serves as Strategic Advisor.

Widely recognized for her contributions to the field, Ramona is the recipient of ISACA's 2025 Technology for Humanity Award, among other global accolades. A vocal advocate for inclusive innovation and women in tech, she champions global collaboration, mentorship, and ethical Al practices to build a resilient digital future.

Speaker 2: Alex Islamov, Managing Director - Head of Cybersecurity at DLA, LLC 

With over 19 years of experience, Alex Islamov is a seasoned cybersecurity leader known for helping organizations successfully navigate complex regulatory and compliance landscapes. He specializes in delivering end-to-end operational, IT, and information security risk management solutions across both private and public sectors, including federal, state, and local government agencies. Throughout his career, Alex has held leadership and management roles at top global accounting firms, financial institutions, and technology companies, where he has built a strong track record of driving enterprise-wide risk and compliance programs for multinational organizations. His expertise lies in bridging technical execution with strategic oversight, ensuring cybersecurity programs not only meet regulatory mandates but also align with broader business objectives.

Alex brings extensive cross-industry experience, having advised clients in software and technology, healthcare, manufacturing and distribution, financial services, and the public sector. His core areas of specialization include IT audit, SOX compliance, IT/IS governance, regulatory readiness, data privacy, cybersecurity, enterprise risk management (ERM), and third-party risk management (TPRM).

Speaker 3 - Robert Duncan, Group Chief Information Security Officer at Ardagh Group

Robert Duncan serves as the Group Chief Information Security Officer for Ardagh​​ Group, a global supplier of sustainable, infinitely recyclable, metal and glass packaging for brand owners around the world. Ardagh operates 65 metal and glass production facilities in 16 countries, employing 20,000 people with sales of approximately $10bn, producing over 35 billion containers a year. He is also very active on the European speaking circuit, attending and speaking at events such as the Financial Times Cyber Security Summit, the e-Crimes congress, EU focused conferences in Brussels and various others.

He has extensive international experience, having been based in New York, London, Hong Kong, and Australia. Prior to Ardagh, he was CISO of Direct Line Group, a large UK Insurance firm for over six years. Additional past experience includes being CISO of the Euronext Stock Exchange, which lists roughly 7 trillion Euro of financial products, along with past experience in Cyber Security and Technology at ANZ, Prudential plc, and Maersk.

He holds a BA from Florida State University, an L.L.B. in Law (London), M.B.A. (Cranfield UK), and a postgraduate qualification in Executive IT Management from Columbia University in New York.

Speaker 4: Matthew Whale, Group Head of Information Security at FNZ Group

He has been working in Information Security for over 12 years, leading specialist teams for more than 15 years and a Global Head of Function for around 7 years. Prior to moving into Information Security, He is spent around 10 years in technical roles across infrastructure and development.

Much of his experience has been gained in medium to large sized financial service organisations (Hargreaves Lansdown, AXA, Computershare). He has been in this role as Group Head of Information Security at FNZ since August 2023 and became the Group Deputy CISO in October 2024.

He has a degree educated (Computing & Information Systems) as well as having a myriad of technology and security professional qualifications (including from ISACA, CompTIA, Microsoft, SANS and the Cloud Security Alliance). Most recently, he completed an Oxford Artificial Intelligence Programme with the University of Oxford.

In his role at FNZ, He manages Group and Regional teams. An example of the services covered includes security consultancy, security risk, audit (i.e. SOC2, ISO27001, PCI DSS, Swift), security engagement (i.e. client, regulator) and security assurance (internal & external)

Any questions? Please contact admin@isaca-london.org