Executive roundtable series · London 2026

Cyber governance for the boardroom

Defending the cyber spend at board level. What NIS2, DORA, CRA and the Cyber Security and Resilience Bill mean for governance.

An invite-only roundtable of senior leaders from large UK enterprises. Chatham House Rule. Peer-level exchange.

Thursday 2 July 2026 Eight Club Moorgate, London 15:00 to 18:00 onwards
Only 4 seats left · Invite by Dom Reid
01 / Reserve your seat

Send a request. We'll be in touch within 24 hours.

If you'd like to be part of the conversation, please share a few details. Each request is reviewed by Dom personally to ensure peer-level balance at the table.

Date
Thursday 2 July 202615:00 to 18:00 + drinks reception
Venue
Eight Club Moorgate, LondonPrivate dining room (PDR)
Format
Roundtable + open receptionEight senior leaders at the table · Chatham House Rule
Hosted by
Dom Reid, CTO CloudEpitechnic

Request a seat

All fields marked with a dot are required. We'll confirm within 24 hours.

By submitting, you confirm we may contact you about this event. Your details are not shared with third parties.

Thank you. Request received.

Dom will personally review your request and come back to you within 24 hours with confirmation and venue details.

From the invitation

"Boards of directors are becoming increasingly accountable for cybersecurity governance. You are already investing enough in technology to support compliance, but the spend is not always aligned with the areas that matter most to your business.

Often, the real challenge is not whether enough is being spent, but whether the organisation can clearly justify why resources are being directed where they are, and defend that position at board level."

02 / Why now

Four regulations reshaping board accountability.

Senior management can now be held personally liable. Fines reach €10M or 2% of global turnover. The window for unprepared boards is closing.

NIS2
EU Directive

In force across the EU since October 2024. Cybersecurity governance for "essential" and "important" entities, with personal liability for senior management and fines up to €10M or 2% of global turnover.

DORA
EU Regulation

Active since January 2025. ICT operational resilience for all EU financial entities, including mandatory third-party risk register, incident reporting, and threat-led penetration testing.

CRA
EU Regulation

Adopted October 2024. Cybersecurity rules for products with digital elements such as hardware, software, and IoT. Security-by-design and mandatory vulnerability disclosure. Fines up to €15M or 2.5% of global turnover.

CS&R Bill
UK Legislation

The Cyber Security and Resilience Bill, expanding scope to managed service providers and critical supply chain. The UK equivalent of NIS2 for British organisations.

03 / What to expect

Three hours roundtable, then open networking drinks.

An external moderator opens the floor. Three to four themes. Lunch and 1:1 follow, then drinks open upstairs at 18:00.

15:00
Arrivals
Welcome drinks, name badges, informal mingling
15:30
Open
Dom welcomes; moderator introduced; Chatham House Rule restated
15:30 – 16:30
Moderated discussion
3 to 4 themes, structured prompts, peer exchange
16:30 – 18:00
Lunch & 1:1
Lunch served ~17:30; 1:1 conversations (1.5 hrs)
18:00
Networking drinks
Canapés upstairs; open to club members
Strictly Chatham House Rule. Anything said in the room is usable, but not attributable. Attendees may speak freely about board-level cyber decisions without concern for media or vendor disclosure.
About Epitechnic

Epitechnic is an AWS Advanced Partner with Security Specialisation, working with executive teams at large enterprises across the UK and EU on cybersecurity governance, AI and cloud regulation, and operational resilience.

We focus on the conversation most consultancies skip: not whether enough is being spent on cyber, but whether the decisions can be defended at board level, in financial terms, and under regulator scrutiny.

AWS Advanced Partner · Security Specialisation