Programme

Chairman of the day, Magnus Aschan will open the day and walk you trough todays programme.

Forrester’s research into the role of the CISO has led us to define six CISO archetypes:

1. The transformational CISO;
2. The post-breach CISO;
3. The tactical/operational expert;
4. The compliance guru;
5. The steady-state CISO;
6. The customer-facing evangelist.

By identifying your desired CISO type, you can then seek out opportunities where your strengths and interests match the needs of the company, so that you can be the optimal fit for the company’s strategy.  This session will give you the framework to do two key things:

1. Determine the best CISO-type for a business’s goals; and
2. Select the optimal type of CISO role for you.

In today’s rapidly evolving digital landscape, most if not all organisations face increasing cyber threats that put their (sensitive) information and (critical) systems at risk. Therefore, organisations must take the necessary steps towards understanding and managing their cyber risk. This can only be achieved by implementing an effective risk management framework. By building a risk framework and governance around it, organisations can ensure resilience and security as they will get a clearer view of their organisation’s risks, as it will involve all layers of their organisations, and it will allow senior management to have a clear overview of the organization’s exposure. Join us as we explore the importance of balancing regulation and cyber risk management in the era of cyber threats.

Protecting data must look different! To safeguard data from emerging threats, today’s businesses need comprehensive and multi-faceted tools that transcend traditional ‘backup’ for holistic protection, compliance, and recoverability. A new way is needed that focuses on the security, durability, and the recovery of data for organizations to remain resilient and survive. One that is progressive, meets threats head-on with advanced capabilities that safeguard entire data estates without sacrifice. Commvault has been a Gartner Magic Quadrant leader for 12 years. More than safeguards more than 100,000 organizations around the world rely on Commvault and they secure 3 EB of cloud data and have a unique FedRAMP High cyber resilience platform.

This presentation delves into the fascinating world of endpoints – the devices at the heart of our digital landscape.  Thomas Berglund, Director, Technical Account Management at Tanium will explore their lifecycle, from initial provisioning to ongoing security measures.

By understanding the Life of an Endpoint, we can:

• Strengthen our cyber resilience: Identify and address vulnerabilities throughout the endpoint lifecycle.
• Optimize security practices: Streamline processes and leverage technology to maximize protection.
• Empower people: Equip users with the knowledge and tools to play their part in cybersecurity.

In the landscape of modern cybersecurity, Artificial Intelligence (AI) plays a pivotal role, offering unparalleled speed and power to both defenders and adversaries. The integration of machine learning, bolstered by vast data lakes, has emerged as a cornerstone in defense strategies. However, as AI continues to evolve, leaders face the challenge of maintaining a delicate balance between leveraging its efficiency and accuracy, while ensuring meaningful human engagement. This session explores the dynamics of human-AI collaboration in cybersecurity, highlighting the imperative for strategic interaction between AI-driven automation, human intuition and the wealth of insights stored within data lakes in real-world scenarios.

In this session, we’ll take you on a journey into the world of political and religious hacktivists to understand the growing threats they cause. We’ll show you how hackers use social networks to spread their messages and develop innovative tactics. You will also get insights into how hacktivists use AI to create powerful attack tools that skillfully bypass traditional defenses. Why do companies often struggle to defend themselves against these new sophisticated threats? We’ll elaborate on how hacktivists use advanced evasion techniques to disguise their attack vectors from traditional network and application detection tools. We will also introduce you to a new attack vector called Web DDoS Tsunami, explain why it bypasses all prevention measures, and show you how you can use AI to stay protected. In this session, Nichlas Ströberg, Sales Engineer Nordics at Radware, will guide you through the world of cyber defense and explain how you can stay ahead of cyber threats.

The world of cyber security is changing, with more dynamic highly connected systems than ever. With an explosion of apps, accounts and access, the battleground has shifted from traditional perimeter and endpoint security into the world of identity security, effectively meaning the hacker has been replaced by the credentials thief.

With Identity compromise common to almost every cyber-attack, distinguishing between how a legitimate user is leveraging an identity and the misuse of that identity by an unauthorized user is difficult. This leaves the door open for threat actors to use impersonated identities to access resources, compromise systems, move laterally and achieve their illicit objectives. Today this is effectively making identity the new security perimeter.

Join this discussion as Lee shares what is driving this paradigm shift, and how attackers are successfully exploiting the gaps in visibility between IAM and security tools.

In an era where cyber threats are constantly evolving, the need for robust and proactive cyber security measures has never been more critical. Join us for an insightful session on “Empowering a People-Centric Approach to Cyber Security,” where Virginia Parotta and Elnaz Tadayon will dig into the essential strategies for building a strong security culture within your organization. Discover how engaging employees, fostering a security-minded workforce, and leveraging innovative techniques like gamification can transform your organization’s cyber defense.

This event is designed for industry leaders, security professionals, and anyone passionate about strengthening their organization’s cyber resilience. Don’t miss this opportunity to learn from experts and network with peers dedicated to driving a people-centric approach to cyber security. Secure your spot and be part of the conversation that shapes the future of cyber security.

Identity and Access Management (IAM) is crucial in today’s digital landscape, empowering organizations to control user access, safeguard data, and drive efficiency. A solid IAM strategy is not just an option—it’s a strategic imperative for cybersecurity leaders. Join Emil as he reveals Schibsted’s IAM journey, sharing critical insights and strategic decisions that shaped their success. Discover how Schibsted transitioned from complex, custom-built RBAC tools to streamlined, self-service IAM solutions, and understand the thought process and impactful results behind these changes. Gain actionable insights to refine your IAM approach.

Information security policies (ISPs) are among the most critical formal controls in organizations. However, the actionable advice within these policies is not always clear and easy to understand. Through recent research, we realized that about two-thirds of the actionable advice in ISPs in the Swedish public sector is not sufficiently clear, leading to confusion among employees. To address this, Elham will present the method Loss of Keyword Specificity Metrics to measure the quality of actionable advice and also provide some recommendations for ISP developers to create clearer, more understandable advice that employees can easily follow.

With each passing day, new and increasingly advanced cyberattacks are published. Pretty much every company and organization has had attacks from cybercriminals and many don’t even know about it. In a world that is painted more and more like an ongoing Armageddon, one wonders if there are even opportunities to protect oneself and one’s business. The answer is that it is easy to significantly reduce the risks of an attack and therefore significantly minimize damage in the event of a completed attack. What are the consequences of cybercrime, who is behind it, what the police and other actors are doing and what is fast approaching regarding the new Modus Operandi are some of the things I intend to talk about.

In this session, Krzysztof Socha, Head of Sector – FORCE (Forensic Operations and Response to Cyber Events) of CERT-EU, will provide an overview of the significant impact AI has on cybersecurity, exploring its dual role as both a protector and a threat. The discussion will cover the advancement of AI-driven security measures, which are becoming increasingly effective at anticipating and mitigating cyber threats, thereby enhancing the protection of essential data and infrastructure.

At the same time, the session will address the challenges posed by adversaries who utilize AI for sophisticated cyberattacks, adding new complexities to the security landscape. Participants will gain insights into how AI is reshaping the field, presenting both opportunities for enhanced defense and emerging risks.