GC360 Problem-Solving Virtual Roundtable
EU & UK: Cyber Turbulence at Airports – Legal, GRC & Cybersecurity Lessons from the Recent Attacks
Free to Attend | Live GC360 Virtual Roundtable
About the Session
The recent cyberattacks on Heathrow and major EU airports exposed how critical infrastructure vulnerabilities can ripple far beyond aviation, creating cascading risks for legal, compliance, and business continuity leaders. With GDPR and NIS2 obligations tightening, regulators pressing for accountability, and insurers pushing back on liability, the aviation sector’s turbulence offers valuable lessons for all high-risk industries.
This session brings together legal, GRC, and cybersecurity leaders to discuss:
-
How aviation operators, vendors, and regulators responded to the attacks
-
The evolving regulatory landscape for critical infrastructure in the EU & UK
-
Legal, contractual, and insurance challenges when multiple parties share responsibility
-
Practical crisis management playbooks, including regulatory engagement and communications
-
Cross-industry lessons for sectors like financial services, healthcare, and energy
Expect frank insights, benchmarking, and actionable frameworks — not just theory.
All GC360 members will receive post-event access to the full session recording and practical toolkit via GC360Flix.
Agenda Program
Date: November 07, 2025
EU & UK: Cyber Turbulence at Airports – Legal, GRC & Cybersecurity Lessons from the Recent Attacks
12:00 – 12:10 PM BST | Welcome & Introductions
-
Moderator welcome and agenda overview
-
Speaker intros: “What was your first thought when news of the airport cyberattacks broke?”
-
Live poll: “Which part of critical infrastructure is most at risk in 2025?”
12:10 – 12:35 PM BST | Incident Fallout: Disruption Across Airports & Beyond
-
Business continuity impact on flights, logistics, and passenger trust
-
Legal and compliance challenges faced in the immediate aftermath
-
Real-world lessons for resilience planning
What You'll Gain:
Clear understanding of operational and reputational fallout, and legal priorities after a critical infrastructure attack.
12:35 – 01:00 PM BST | Regulatory & Reporting Duties: GDPR, NIS2 & Aviation Rules
-
Breach reporting timelines under GDPR and NIS2
-
Aviation-specific obligations in the EU & UK
-
Dealing with simultaneous investigations by regulators
What You'll Gain:
A roadmap for managing overlapping regulatory demands after a critical breach.
01:00 – 01:20 PM BST | Liability & Contracts: Shared Responsibility or Finger-Pointing?
-
Legal disputes: operators vs. IT vendors vs. insurers
-
Risk allocation in contracts and SLAs
-
Role of regulators in assigning responsibility
What You'll Gain:
Insights on drafting resilient contracts and managing liability disputes.
01:20 – 01:40 PM BST | Crisis Management Playbook: Legal Counsel at the Center
-
Rapid response coordination across legal, IT, and executive teams
-
Handling media, regulators, and stakeholder communications
-
Best practices for incident tabletop exercises
What You'll Gain:
A crisis management toolkit for legal and GRC leaders facing cyber turbulence.
01:40 – 02:00 PM BST | Cross-Industry Implications, Q&A & Closing Reflections
-
Lessons transferable to financial services, healthcare, and energy sectors
-
Peer benchmarking and audience Q&A
-
Speakers’ “One action every legal or GRC leader should take this quarter”
-
GC360Flix access and post-event toolkit details
Post-Event Toolkit (for Members Only)
-
One Key Insight per Speaker (compiled by GC360)
-
Session Summary with Key Lessons
-
Aviation & Critical Infrastructure Legal/GRC Playbook (if shared)
-
Recording Access via GC360Flix
-
Certificate of Participation
Speakers Board
Aakritee Tiwari
Head of Legal & Compliance Officer, VeeOne
Johanna Molander
Security & Compliance Manager,
Tacton
Malcolm Dowden
Senior Practice Development Lawyer, Pinsent Masons
Who Should Attend?
CISOs and Security Leaders
General Counsel & Legal Directors
Chief Risk & Compliance Officers
IT & Operational Resilience Heads
Regulators & Policy Leaders
Why You Should Attend?
Decode the legal and regulatory lessons from the Heathrow & EU airport attacks
Benchmark liability and contract management strategies with peers
Access real-world crisis playbooks for high-stakes environments
Gain cross-industry resilience insights for financial services, healthcare, and more
Unlock GC360Flix tools, recordings, and certificate access
Virtual Events Gallery
Topic: CISOs in the Kingdom: Ensuring Data Privacy and Security in Line with Saudi Arabia’s Vision 2030, Saudi Arabia
Topic: Uncovering Sensitive Data: How CISOs in India Can Use Data Discovery to Mitigate Privacy Risks, India
Topic: Tackling Compliance, Cyber Risk & Supply Chain Security, UAE
Topic: Crisis Management and Litigation Preparedness, APAC
Partners
Global Thought Leadership Partner
Powered By
Digital Content Library Partner
