Partner event.

Online
Free to attend for all
Book now

Event summary

A plan on paper and a plan that works are two different things.

In this upcoming session, Mitigo, our strategic cyber risk management partner, breaks down why the firms that recover well from a cyber incident are the ones who tested their response before they needed it.

A written plan feels like reassurance - until a real breach exposes what it missed: backups that don't restore, confusion over who owns client communications, third-party providers who don't deliver what was assumed.

The ICO expects evidence that response plans have been tested, not just written. Firms regulated by bodies like ICAS are also under growing pressure to demonstrate adequate systems and controls as part of their wider professional and AML obligations. The government's April 2026 open letter goes further, making cyber resilience a board and partner-level responsibility, not one to delegate to IT

Led by Karl McAree, Mitigo's Head of Technical Development, this live session covers:

  • What firms typically discover the first time they run a simulation
  • What regulators now expect boards to evidence
  • The most common gaps - unclear communication ownership, backups that fail under pressure, and third-party assumptions that don't hold up
  • Why insurers are factoring simulation testing into premiums
  • What leadership teams should prioritise and rehearse before a real incident forces the issue

Why Register

A plan that hasn't been tested is just a document. This session makes the case for testing before a real incident finds your gaps for you.


Sponsored by:

Mitigo

Who is this for?

  • ICAS students and members
  • Non-members
Book now

Event contact details

Contact the events team
Latest

News & Insights

View all