Programme 2023

DoubleTree by Hilton | BRUSSELS

IN-PERSON CONFERENCE ON 18 June 2024

ONLINE CONFERENCE STARTING ON 19 June 2024

THIS WAS THE PROGRAMME OF 2023

Surviving the Cyber Tsunami and Protecting your Business

Cyber Resilience Conference is the place to meet experts and colleagues and to gather new information about the security field and the upcoming Cyber Resilience Act. Through, inspiring keynotes, breakout sessions as well as round tables you will get inspired to join, debate en expend your knowledge and gain insight on the latest development in this vast landscape of cybersecurity.

Reception, registration and networking

Erik R. van Zuuren

Erik R. van Zuuren

Chairman of the conference

Opening of the conference by chair Erik R. van Zuuren

Erik is actively engaged in several professional activities. As such he founded TrustCore.EU, he executed several assignment private and public sector sector (European Commission, Federal Government, Flemish Government, Euroclear, Infrabel,  Electrabel, BPost, ENISA, etc)

At current his main focusses are on the topics of Openbanking and Security Architecture at BNP Paribas Fortis  as well as the wide topic of the new Trust Regulation en the European Digital Identity Wallet in collaboration with the EU Member States .

In his spare time, Erik is also Topic Leader “Security Architecture Management” at Solvay Brussels School and a member of the Vlaamse Toezichtcommissie (Flemish DPA).

With his knowledge and experience, Erik is the ideal person to guide the conference as chair of the day. In his opening he will address the conference theme: Surviving the Cyber Tsunami and Protecting your Business.

Phédra Clouner

Phédra Clouner

Deputy Director, Centre for Cybersecurity Belgium

Eric van Cangh

Eric van Cangh

Business Group Leader Digital at Agoria

Keynote 1: Managing the Tidal Wave of New Regulations & Belgium’s Cyber Resilience Act Compass

Phedra Clouner, Deputy Director, Belgian Centre for Cybersecurity and Eric van Cangh, Senior Business Group Leader Digital, Agoria

Clearly, the number of cyber-attacks continues to rise, with increasingly sophisticated attacks coming from a wide range of sources both inside and outside the EU. Therefore, the European Union is putting a strategy in place that will enable a step-change in how we ensure cyber security. It is based on three elements:  resilience, technological sovereignty and leadership;  operational capacity to prevent, deter and respond;    cooperation to advance a global and open cyberspace.

More concretely regulations like the NIS2 directive, the Cyber Security Act, the Digital Services Act, Digital Operational Resilience Act, etc are being or will force us to wake up and act moving forward.  What will be the impact on the industry of the tidal wave of cyber-related regulations? During this keynote session, CCB and Agoria will take the audience on a tour of all those regulations and clarify the opportunities for the Belgian industries to turn trust and resilience into business-added value.

Dr. Leila Taghizadeh

Dr. Leila Taghizadeh

Global Head of Cyber Risk, Allianz

Keynote 2: Building an Organisation’s Risk Framework and Engaging with its Senior Management

Dr. Leila Taghizadeh, Global Head of Cyber Risk, Allianz

In today’s rapidly evolving digital landscape, most if not all organisations face increasing cyber threats that put their (sensitive) information and (critical) systems at risk. Therefore, organisations must take the necessary steps towards understanding and managing their cyber risk. This can only be achieved by implementing an effective risk management framework.  By building a risk framework and governance around it, organisations can ensure resilience and security as they will get a clearer view of their organisation’s risks, as it will involve all layers of their organisations, and it will allow senior management to have a clear overview of the organization’s exposure. Join us as we explore the importance of balancing regulation and cyber risk management in the era of cyber threats.

Morning break at the network square with 1-to-1 meetings

Enjoy fresh coffee, tea and snacks on the network square. And the first 1-to-1 meetings take place.

Break-out Sessions Part 1

Wolfgang Meert

Wolfgang Meert

Security Solution Engineer of CrowdStrike

Break-out session A1: See what they see, know what they know

Wolfgang Meert, Security Solution Engineer of CrowdStrike

At CrowdStrike, we stop breaches. To stop an adversary, you must first understand their tactics, techniques, and motivations. We have to adapt, fast! Throughout 2022, CrowdStrike threat hunting activities covered record volumes of hands-on intrusion attempts with eCrime topping the charts. Adversaries continue shifting away from malware and continue to prove their unabating ability to adapt, splinter, regroup, and flourish in the face of defensive measures. However, 2022 also demonstrated that relentless determination works both ways. How organizations can prepare and protect themselves in this relentless threat landscape.

In this session we will show you who your adversaries are, how they work, and how we can stop them together.

Martin Sandren

Martin Sandren

IAM product lead at Ikea

Speeddate Roundtable B1: How to Implement a Generic Identity Fabric

Martin Sandren IAM product lead of Ikea

The enterprise IAM model is often implicitly assuming that there is a single hierarchy starting with the chairman of the board and going down in neat hierarchies down to the individual contributors. In practice things are a bit more complex and you often end up with a need to interact with sister organisations or close business partners on a peer-to-peer basis.

How do you handle these types of relationships in a modern and multi cloud environment?

After this session you will know:

  • What is an identity fabric?
  • How to implement identity  mesh in a modern multi cloud environment
  • What are the governance and auditing considerations and implications?
Georges Ataya

Georges Ataya

Academic Director - Digital Governance and Trust of Solvay Brussels School

Taco Mulder

Taco Mulder

CISO FPS Strategy and Support of FOD Beleid en Ondersteuning BOSA

Speeddate Roundtable C1: Managing CyberSecurity-Skills in the Digital Age

Georges Ataya, Academic Director - Digital Governance and Trust of Solvay Brussels School and Taco Mulder, CISO FPS Strategy and Support of FOD Beleid en Ondersteuning BOSA

This session shall discuss how to cope with the skills-gap  companies face. This session will start with a presentation of the recent European Cybersecurity framework published by ENISA and discuss the European Study on Cybersecurity profession (HTP, ECSO, Solvay Lifelong Learning). Secondly it will  propose a methodology for assessing competences for required cybersecurity roles and discuss the preliminary results of an ongoing pilot at the Federal Government.

Claudio Bolla

Claudio Bolla

Group Information Security Director (CISO) at INEOS

Workshop D1: NIS2 and its impact on the industry

Claudio Bolla, Group Information Security Director (CISO) of INEOS

The industrial impact from Expanding regulation NIS 2 directive fixes and enlarges the scope for new cyber security laws to be implemented into member states. This expansion will impact more sectors than the directive it will replace. What does this mean for this enlarged scope? Join this session and find out!

logo Ineos
Matias Madou

Matias Madou

CHIEF TECHNOLOGY OFFICER, DIRECTOR, AND CO-FOUNDER AT Secure Code Warrior

Workshop E1: Lessons learned from successful upskilling programs

Matias Madou, CHIEF TECHNOLOGY OFFICER, DIRECTOR, AND CO-FOUNDER AT SECURE CODE WARRIOR

This workshop focuses on achieving success in software security training by analysing the current state of training and presenting a six-step process for effective implementation. The guidance is based on insights gathered from interviews with over ten companies and over 25 years of experience in software security training. The six-step process involves defining success criteria, creating a curriculum, selecting appropriate training methods, providing ongoing support, measuring effectiveness, and continuously improving the program. It is crucial to execute an end-to-end program that includes determining how to measure success.

Break-out Sessions Part 2

Gert-Jan de Jong

Gert-Jan de Jong

Security Expert of One Identity

Break-out session A2: The Year of Connected Identity: Bringing it all Back Home

Gert-Jan de Jong, Security Expert of One Identity

Cybersecurity practitioners agree that Identity is now at the heart of everything we do.  A variety of inescapable forces have brought us to this point and our success in the next years depends critically on how well we exploit the strategically placed Identity center piece.  Rising to this challenge requires our accumulated business analysis and deployment experience as well as the power of modern Identity platforms.  Critical to realizing this vision is an integrated set of connected identity services that communicate seamlessly within the identity fabric but also across the wider Cyber security ecosystem. One Identity lives and breathes connected Identity, and we are happy to share our experience helping organizations achieve value from connected identity security models.  Whether you are struggling to integrate your existing Identity silos, wondering what Zero Trust means for identity or looking to new Identity services like PBAC and decentralized identity, One Identity’s innovative approach and design patterns shared in this session will be of interest.

Bart Asnot

Bart Asnot

National Security Officer at Microsoft

Speeddate Roundtable B2: AI moving from technological support to human expansion thanks to ChatGPT and Security co-pilot?

Bart Asnot, National Security Officer of Microsoft

During this session, Bart will walk through the evolution of AI as a supporting technology in cybersecurity technology towards an human supporting application during cybersecurity operations thanks to ChatGPT and Microsoft Security Co-Pilot.

Jan Populaire

Jan Populaire

CoE Security at BNP Parisbas Fortis

Speeddate Roundtable C2: Brush your teeth! How to change bad security behavior into healthy cyber habits?

Jan Populaire, CoE Security of BNP Parisbas Fortis

Most of you are brushing your teeth at least every evening and morning.  One generation ago, this was not the case. How did we manage to change habits ?  Despite many phishing tests and other awareness actions we keep up bad security behaviours. Is there a way to turn these into healthy cyber habits ? We show you different approaches in different industries and organisations, some are successful and documented with solid metrics on behavioural change.  Other give encouraging intermediate results or contain elements which show progress. And we are not ashamed to share you exercises that did not work so you don’t need to repeat these in your company.  What can you do to decrease the cyber risk in your organisation?  Make people aware they can be the next victim, discuss the risks & threats, stick to their bodies with demo’s, selftests, games, storytelling, incentives, trainings, a lot of carrots and o yeah, sometimes a stick.  But all that might not be enough to change insecure behaviour into a safe attitude.

Lunch break at the network square with 1-to-1 meetings

Enjoy various richly filled sandwiches. During lunch there is enough time for 1-on-1 meetings and networking with colleagues and peers.

Break-out Sessions Part 3

Nicolas Ehrman

Nicolas Ehrman

Technical Security Expert at Wiz

Frans van Ierland

Frans van Ierland

Customer Technology Advisor of Wiz Security

Break-out session A3: Cyber Resilience starts with visibility

Nicolas Ehrman, Technical Security Expert, Wiz and Frans van Ierland, Customer Technology Advisor of Wiz Security

We can all agree that prevention is better than cure. While Cyber Resilience focusses a lot on detecting and responding to cyber incidents, we shouldn’t forget about preventing them in the first place. This prevention is impossible without proper visibility. In this session, we’ll break down how to get that visibility and use it to reduce risk with minimal disruptions to business operations.

Join this sessions and learn:

  • Why you should focus on getting visibility before anything else
  • How to get visibility of all cloud services, virtual machines, containers, apps, etc and how they are interconnected to each other
  • How to mitigate security risks fast without disrupting business operations
Yente Gielen

Yente Gielen

Cyber Security Lead, IT at UZ Leuven

Break-out session B3: Handling Sensitive Data @Scale

Yente Gielen, Security Operations Center of UZ Leuven

Hospitals nowadays are generating and processing enormous amounts of sensitive information. Whilst open to anyone who requires medical help, the difficulty is to keep the bad guys out. Take the ever-changing, continuously expanding dynamic environments that we now manage. Combined with the vast amount of personal health data from IoMT devices you get a rather spicy cocktail. UZ Leuven will show how they try to make a difference and how they think the healthcare industry has to proceed in the future to protect not only themselves, but their most valuable asset, the patients and of course their data

Lluis-Alfons Arino

Lluis-Alfons Arino

Representative of DC4EU-consortium

Jose Manuel Panizo Plaza

Jose Manuel Panizo Plaza

IT Product Officer of European Commission

Workshop C3: Understanding the EU Digital ID wallet and Blockchain as a Trust Service

Lluis-Alfons Arino, Representative of DC4EU-consortium and Jose Manuel Panizo Plaza, IT Product Officer of European Commission

The European Commission has initiated the dream to provide every citizen a wallet that allows the citizen to, identify/authenticate, to present authorization, to present attestations, to sign electronically. In 2023 and 2024 major pilots will be under way to test this wallet through multiple large scale pilot that will test multiple use cases before this wallet will hit us all in 2025.  Given that the wallet will be able to “present” you, clearly security and privacy aspects will be also key.

In addition the updated eIDAS regulation is proposing “Trusted Ledgers” and blockchain has popped-up as a candidate for this. What does that mean a trusted ledger?  What could the added values be? What guarantees does it have to provide in order to be a trust service? What are organizational and technical controls that should be put in place?

Come and hear the vision of DC4EU on how the EUDI should move forward and of The Commission how EBSI is looking to go live.

logo european commission
Chris Kubecka

Chris Kubecka

computer security researcher and cyberwarfare specialist

Workshop E3: OSINT and your Organisation’s Security

Chris Kubecka, CEO, HypaSec, Top100 Fascinating Females Fighting Cybercrime

In this workshop, led by Chris Kubecka, we will discuss how you can use OSINT for your security. What is OSINT Investigation used for? Which OSINT techniques and mechanisms are there? What sources do you use? What danger is associated with OSINT? These questions and more will be debated during the session.

Break-out Sessions Part 4

Alun Jones

Alun Jones

Solutions Engineer at BeyondTrust

Break-out session A4: Cyber Threats: Breaking the Attack Chain

Alun Jones, Solutions Engineer of BeyondTrust

Cyber Threats shows no signs of abating. Projects such as digital transformation, expanding cloud deployments, and increased remote work are all creating new planes of privileges for attackers to exploit.  Yet organizations continue to mishandle such projects, leaving themselves at significant risk of attack. Breaking the attack chain is more vital than ever.

In this session you will learn how Privileged Access Management (PAM) can help break the attack chain and establish a solid foundation for security project success. We will cover:

  • Common attack chain entry points
  • Practical steps you can take to block entry
  • How PAM ensures project success
Tony Fergussen

Tony Fergussen

CISO EMEA of Zscaler

Break-out session B4: Reducing your Attack surface through Zero Trust

Tony Fergussen, CISO EMEA of Zscaler

Cyber Threats shows no signs of abating. Projects such as digital transformation, expanding cloud deployments, and increased remote work are all creating new planes of privileges for attackers to exploit. Yet organizations continue to mishandle such projects, leaving themselves at significant risk of attack. Breaking the attack chain is more vital than ever.

In this session you will learn how Zero Trust can help break the attack chain and establish a solid foundation for security project success. We will cover:

  • Common attack chain entry points
  • Practical steps you can take to block entry
  • How to prevent lateral movement
logo Zscaler
Chris Kubecka

Chris Kubecka

computer security researcher and cyberwarfare specialist

Keynote 3: How to use OSINT for National Defence & Resilience

Chris Kubecka, CEO, HypaSec, Top100 Fascinating Females Fighting Cybercrime

In this session, Chris Kubecka provides surprising insights in Open Source Intelligence to detect and prevent cyber-attacks. With OSINT you can collect and analyse data obtained from publicly available sources by monitoring surface web and dark web paste sites, discussion forums and digital marketplaces to intercept any planned cyber-attacks in time. Listen to Chris’ story and let yourself be taken into the exciting world of OSINT.

Michel van Strythem

Michel van Strythem

Major General, Commander Belgian Cyber Command at Ministry of Defence

Keynote 4: Belgian Cyber Command – Facing the New Reality

Michel van Strythem, Major General, Commander Belgian Cyber Command of Ministry of Defence

On 19 October 2022, the Belgian Ministry of Defence declared the Initial Operating Capability of its new Cyber Command. Responding to the trend of states seeking competitive advantages in a new operational domain – as illustrated by several high-profile cyber-attacks on Belgian State institutions – the choice for developing this new instrument of statecraft has been made. This sessions will outline the growing importance of developing cyber defence capabilities, discuss the organisational set-up for this Cyber Command, and finally zoom in on the challenges ahead.

Erik R. van Zuuren

Erik R. van Zuuren

Chairman of the conference

Wrap up by chair Erik R. van Zuuren

Chair Erik summarizes the day and looks back on the most important lessons.

Network drinks

While enjoying a drink and snack, we close the day in an appropriate way. Discuss what you have learned with colleagues and peers.

John Spencer

John Spencer

Pre-sales leader, Northern Europe of CrowdStrike

Webinar: Stop identity based breaches

John Spencer, Pre-sales leader, Northern Europe of CrowdStrike

When 80 percent of the breaches involve credentials, it is clear that any identity can be compromised to launch large scale, persistent attacks on enterprises. With digital transformation and new market realities like remote workforces, there is an increased focus on Zero Trust security to protect enterprises from cyber threats. During this break-out session we will discuss these questions:

  • In what way do you reduce security complexity?
  • How can you improve your users experience?
  • How will costs be controlled and money be saved?
  • How to reduce time to identify and remediate breaches?
Lee Elliott

Lee Elliott

Director, Solutions Engineering at BeyondTrust

Webinar: The Path to Zero Trust by Securing Privileged Identities

Lee Elliott, Director, Solutions Engineering of BeyondTrust

Attacks on identity and privileged access pathways are relentless, with the stakes of a cyber-breach never higher. Securing privileged identity within your organisation has never been more important as it is the foundation of a successful Zero Trust implementation.

Zero Trust is built on foundations that are essential across your cybersecurity strategy, delivering greater value from existing cyber investments. In this session, we will outline:

  • Why protecting identities is fundamental to achieving Zero Trust
  • Practical steps you can take NOW to secure your privileged identities
  • The pivotal role Privileged Access Management plays in achieving Zero Trust

Meet our partners online

During the online conference you can join the live webinars, plan 1-to- 1 meetings with the experts of our partners and download various whitepapers.

logo Thales

THE PLACE TO MEET AND DEBATE WITH SECURITY-PEERS

Join us at the Cyber Resilience Conference and learn from high-profile speakers and other subject matter experts who share their knowledge and insights on the latest developments in this vast landscape of cybersecurity with you.

Register today and get inspired!

Register

Stay informed!

Don't miss a single conference update and sign up for our newsletter!