We are very happy to announce that Data Protection Officer, Tina Forrester is to speak at #RISK London, this month.

Tina Forrester 2023

Tina Forrester, University Data Protection Officer and Head of Records Management, Liverpool John Moores University

Taking place on October 18 and 19 at EcXel London, #RISK London addresses the issues impacting organisational risk today, from Governance, Risk and Compliance (GRC), to Environmental, Social and Governance (ESG), organisational culture, and much more.

The event builds on the success of #RISK 2022, allowing organisations to examine the cumulative nature of risk, unite GRC specialities and share views with subject-matter experts.

Tina Forrester is Data Protection Officer at Liverpool John Moores University. Leveraging over 15 years’ experience in Information Governance, Tina is responsible for designing, leading and driving forward the university’s Data Protection and Privacy strategy.

Tina appears at #RISK London on a panel debate to discuss phishing attacks, their rapid evolution, and what organisations can do to mitigate risk.

Risk London 2023 CTA Image

  • How Phishing Attacks Are Getting Better, and What to Do About It - Wednesday 18 October, 14:00 - 15:00 - Security Theatre


We caught up with Tina to hear more about her professional journey to date and for insight into the issues on the table at #RISK London.

Could you briefly outline your career so far?

I am currently the Data Protection Officer for Liverpool John Moore University. I work across the university to raise privacy awareness and to advise and support colleagues on all things data protection.  

I work very closely with our Chief Information Officer and the Information Security Manager to embed a culture where people think about Privacy and Security together.

I am a solicitor with +20 years PQE in Higher Education, Local Government and Private Practice. Previously, I worked for a local authority for over 13 years. I was a Principle Solicitor at West Lancashire Borough Council.  Prior to that I was in private practice.

Could you describe the current phishing attack landscape – what are the latest methods being employed by threat actors to disrupt organisational security?

Cybercrime is increasingly prevalent and threat actors are relentless in targeting business and their employees.  

Phishing emails and social engineering are increasingly sophisticated which makes them difficult for people to easily spot. Threat actors rely on the vulnerability of human error. At Universities, they are not only targeting staff but also thousands of students. 

It is easy to assume that because young people are tech savvy, that they also know about the dangers and consequences of cybercrime but that isn’t necessarily the case. Awareness raising is vital! 

If people know about the issues, they can take steps to protect themselves and the business, but to do that they need to be aware of the issues in the first place.

What are key strategies businesses should be employing in order to mitigate risk?

Businesses need to consider both the technical and human elements. While technical security controls are essential for businesses, a key risk mitigating strategy is awareness raising and training for everyone with access to the business systems.

Many people do not realise the extent of cybercrime or realise that the risk is as big as it actually is.  We have to make it real for people – they don’t want to know about data protection legislation –  that’s my job – or what technical controls IT Services have in place to protect the organisation; they just want to know how it impacts on them and their role and what they can do to protect themselves. 

Don’t miss Tina Forrester discussing these issues in depth in the #RISK London panel debate: “How Phishing Attacks Are Getting Better, and What to Do About It”.

With more and more data available about potential targets, and increasingly advanced methods to impersonate trusted individuals, it can sometimes feel like security teams are fighting a losing battle against social engineering.

But as threat actors develop better tools for tricking employees and consumers, security experts develop more sophisticated methods for stopping them.

This session examines the various technical and organisational measures that your organisation can implement to defend against phishing – one of the most pervasive and effective security threats. 

Also on the panel:

The session sits within a packed two-day agenda of insight and guidance at #RISK London, taking place on October 18 and 19 at EcXel London.

The event unites thought leaders and subject matter experts for a deep-dive into organisational approaches to handling risk. Content is delivered through keynotes, presentations and panel discussions.


  • Session: Day 2, How Phishing Attacks Are Getting Better, and What to Do About It
  • Theatre: Security
  • Time: 14:00 – 15:00 BST
  • Date: Wednesday 18 October 2023

#RISK London is also available on-demand for global viewing. 

Book Your Place at #RISK London