Ralf Helkenberg is a research manager with the European security research team, responsible for leading IDC’s European Privacy and Data Security research practice. His core research coverage includes the impacts of data protection regulation, such as the GDPR on the technology sector, with key insight into market dynamics, vendor activities in privacy workflow management and data security (including data discovery, DLP, encryption), end-user trends and the future of digital trust.

Prior to IDC, he worked as a B2B marketer within a variety of industries, including IT Governance, Risk & Compliance where he built-up a product and marketing programme for GDPR compliance solutions.

Ralf holds a BA in European Business Administration from Middlesex University, London.

Duncan Brown is associate vice president, European Security Practice, at IDC EMEA and leads the firm’s security research program in Europe. He specializes in providing strategic advice to his clients, informing and validating their corporate, product, and marketing plans. Brown is an expert in analyzing the security market globally, and his list of security-related clients includes enterprises, central banks, government organizations, and security product suppliers and services providers. Brown’s expertise spans the gamut of security topics including incident response, threat intelligence, and global privacy issues. He established and leads IDC’s coverage of the global impact of the GDPR, the RPEC (ePrivacy Directive update) and NIS Directive on technology companies and their customers. His analysis and opinions are widely sought by industry leaders and investors, while his comments on industry trends and developments frequently appear in the leading business and trade publications.

You can find Duncan on Twitter here.

Glen Hymers Dip CSMP®, Cert HE, CIS LI, M_o_R, GDPR-P, MInstLM

Glen has spent his working life involved in Policing and Security, he fell into Policing of a fashion joining the RAF Police in 1998 when he discovered University was expensive and as such he was running out of funds.

During his time in the RAFP Glen was employed all aspects of policing finally settling into the role of Counter Intelligence, responsible for carrying out Counter Espionage and Counter Terrorism duties for the RAF at home and abroad in some notable locations some you’d want to go on holiday to but most you wouldn’t. Glen parted ways with the RAF as a regular in 2012 as part of the Strategic Defence Review of that year and began his journey into the private sector with stops at Fujitsu Defence and National Security as their Head of Operational Security & Risk Management, before moving to Sopra Steria as Head of Operational Security for Government accounts.

In 2016 he moved to the Prince’s Trust taking up the role of Chief Security and Risk Officer as well as being appointed as the DPO in 2017. After a successful tenure at The Prince’s Trust during which he introduced both GDPR and Cyber Essentials Plus at the organisation he moved to Save The Children International where he is currently employed as the Global Chief Information Security Officer and Head of Data Protection. In his spare time Glen is still an active member of the RAF Reserve having completed two operational tours abroad one in 2014 to Afghanistan as part of Op HERRICK and again in 2018 to Cyprus as part of Op SHADER and most lately within the UK where he was employed on Op RESCRIPT the UK Government response to COVID-19 during which he was a Mobile Testing Unit Commander running testing sites in the East of England.

When he is not doing this he is an advocate for all things Cyber Security and especially getting the basics right, as from the basics comes good security so to that end he has now joined the South East Cyber Resilience Centre as one of its founding board members in September 2020.

Steve is the Cyber Security Manager for Everywhen, one of the UKs largest insurance broker networks, managing the Security Operations. Before this Steve was in the British army for 10 years, serving in the Royal Signals where he did tours of Iraq & Syria.

Gary Osborn is the Head of Information Security at the world’s largest Human Rights organisation (150 countries and territories, movement of 10 million people), where he spends his time solving the kinds of security challenges that don’t fit neatly into textbooks. His role blends strategy, risk, resilience and recovery across a very unusual operating landscape — one where protecting people is even more important than protecting systems.

Gary has become a trusted voice within leadership circles, helping executives navigate technology risk, geopolitical uncertainty, and the realities of operating across different jurisdictions. He is known for bringing clarity to complex security challenges and for championing proportionate and pragmatic, human‑centred approaches to risk. His work spans risk modelling, third‑party assurance, incident preparedness, secure device management, digital sovereignty, and the integration of velocity and proximity into modern risk reporting. His focus is consistently on safeguarding staff, activists, and vulnerable communities working in high‑risk contexts.

He also mentors emerging leaders in the security community, championing proportionate, people‑centred approaches and encouraging a culture where security is understood as an enabler rather than an obstacle.

At Custodian360, we have built something I’m genuinely proud of: a human-led, UK-based SOC-as-a-Service that delivers 24/7 detection and response without the jargon or the enterprise price tag. We protect SMEs with clarity and care , combining the speed of automation with the instinct and experience of real analysts who act fast, contain threats, and keep businesses running.

Our services have evolved far beyond endpoint protection, from Managed Detection & Response (MDR) and Vulnerability Management to C360RED, our ethical hacking and red-team service. Whatever the size of the organisation, our goal is the same: to make cybersecurity simple, affordable, and human.

Outside of Custodian360, I am deeply rooted in the cybersecurity community. I am part of the team at Cyber House Party, a volunteer-run not-for-profit that raises funds and awareness for the NSPCC and other incredible UK charities, while creating safe, inclusive spaces for everyone in cyber. I am also involved in grassroots meetups like CSIDES, Berks Cyber, and OxCyber, helping people find their tribe, build connections, and have the real conversations that keep our industry moving forward.

Cybersecurity is not just my career, it is very my community.
Because when we come together, we make the industry stronger, safer, and a little more human.