Programme

Postillion Convention Centre Utrecht, Bunnik

6 february

This was the programma of 2024

How do you translate strategy into implementation? How do you prepare yourself so that you are resilient? Risk, Compliance & Business Continuity. Security Awareness. Legislation and regulations. Threats and opportunities of Artificial Intelligence. Security of complex cloud environments. Data protection and privacy. Incident Response. Technology tracks and security best practices.

Welcome

We would like to welcome you to Postillion Convention Centre Utrecht Bunnik. Parking is free and Bunnik Station is only a 10-minute walk away. In addition, the Kosterijland, Bunnik bus stop is right next to the hotel.

The coffee and tea is ready for you!

Meike de Jong

Meike de Jong

Dagvoorzitter Security Leadership

Welcome speech and opening by chair Meike de Jong

Meike de Jong, Chair Security Leadership

Dagvoorzitter Meike de Jong opent de dag geheel in stijl. Meike is met haar enthousiasme en jarenlange ervaring als presentator en redacteur de aangewezen persoon om het congres in goede banen te leiden.

Douwe Groenevelt

Douwe Groenevelt

Vice President & Deputy General Counsel at ASML

Keynote: Security and Governance: Responsible Gen AI in practice

Douwe Groenevelt, Vice President & Deputy General Counsel at ASML

New technologies offer opportunities, but certainly also raise complex issues. Discover how ASML, as a leading organization, deals with the challenges of Generative AI. What does effective internal governance look like? What concerns are there around ethics, information security, privacy and protection of IP, and how are they addressed in practice? What policies are needed for this?

Experience during this presentation (including a live demo) which strategies ASML uses to effectively manage the risks of Gen AI in this rapidly evolving world, and thus arrive at a “Responsible” implementation of Gen AI.

ASML
Dr. Leila Taghizadeh

Dr. Leila Taghizadeh

Global Head of Cyber Risk & CISO IberoLatAm van Allianz Group

Keynote: BUILDING AN ORGANISATION’S RISK FRAMEWORK AND ENGAGING WITH ITS SENIOR MANAGEMENT

DR. LEILA TAGHIZADEH, Global Head of Cyber Risk & CISO IberoLatAm at Allianz Group

In today’s rapidly evolving digital landscape, most if not all organisations face increasing cyber threats that put their (sensitive) information and (critical) systems at risk. Therefore, organisations must take the necessary steps towards understanding and managing their cyber risk. This can only be achieved by implementing an effective risk management framework. By building a risk framework and governance around it, organisations can ensure resilience and security as they will get a clearer view of their organisation’s risks, as it will involve all layers of their organisations, and it will allow senior management to have a clear overview of the organization’s exposure. Join us as we explore the importance of balancing regulation and cyber risk management in the era of cyber threats.

Morning break at the network square with 1-on-1 conversations

Fresh coffee, tea, fruit water, mineral water and brainfoods are ready for you. The first 1-on-1 conversations take place. In the EventManager you can find your planned conversations.

Menno Rippen

Menno Rippen

Principal Sales Engineer – Benelux and Nordics at Blackberry

Break-out 1A: Achieving Cyber Resilience – AI vs AI

Menno Rippen, Principal Sales Engineer - Benelux & Nordics of BlackBerry

The sudden rise in remote work has dramatically increased the number of cyberattacks, successfully due to the sophistication of malware and user environments that have not been able to keep up with the increase in advanced attacks.

Organizations worldwide are struggling to keep up with their security. The urgency is even greater today with the exponential growth of AI-driven malware, while cybersecurity regulations are increasing.

Artificial intelligence and machine learning continue to evolve. But what happens when this technology is used against the most advanced defenses? Can AI-generated malware defeat AI-powered security software? How does Zero Trust apply here?

In this session, learn how to set up an effective defense to achieve cyber resilience.

Sjoerd de Jong

Sjoerd de Jong

Sr. Consulting Engineer bij SentinelOne

Break-out 1B: Turning Data into Action: Strategies for Success with Security Data Lakes

Sjoerd de Jong, Sr. Sales Engineer at SentinelOne

In this break-out session, we will discuss how to turn data into action with security data lakes. We will explore the benefits of security data lakes, best practices for implementation, and strategies for getting value from security big data.

We will also share insights and lessons learned from successful security data lake projects and offer practical tips for organizations looking to implement their own security data lake solutions. By the end of the presentation, you will have a deeper understanding of the role of security data lakes in cybersecurity and how to leverage them to improve their security posture.

Joost Koiter

Joost Koiter

Senior Consultant bij FuseLogic

Break-out 1C: Identity Lifecycle and Governance at the Speed of Business

Joost Koiter, Senior Consultant at FuseLogic

Control over your identities and their access will allow you to safely and securely focus on your core business. Reduce business risks and meet audit and compliance requirements while still maintaining user friendly access processes. This requires modern Identity Governance and Administration (IGA). Traditionally this comes with substantial investments in time, expertise, and technology, making it feasible only for large organizations. And even then, the effort to achieve good IGA levels is often proved to be too difficult still. This is why FuseLogic together with Okta presents a modern approach to IGA. Join us to learn more!

Gemma Jansen

Gemma Jansen

CISO van Provincie Noord-Holland

CISOForum 1D: Critical of the NIS2? Do the right thing with it!

Gemma Jansen, CISO, Provincie Noord-Holland

The NIS2 Directive is the EU-wide legislation on cybersecurity and successor to the NIS (NIB/Wbni) from 2016. It provides legal measures to increase the general level of cybersecurity in the EU. In addition, the NIS2 Directive prescribes more of a Duty of Care, Reporting Duty and Supervision. But when exactly are you critical infrastructure? What requirements are set for keeping the supply chain safe? How is management involved and their responsibility and liability addressed?

In this interactive session, led by Gemma Jansen, we will discuss where to start and what you need for that.

Ivana Nikolik

Ivana Nikolik

FORBES COUNCIL OFFICIAL MEMBER AND MENTOR AT WOMEN IN AI NETHERLANDS

CISOForum 1E: AI Leadership and the Impact on Cybersecurity and Business Resilience

Ivana Nikolik, Forbes Council Official Member and mentor at Women in AI Netherlands

In this interactive session, led by Ivana Nikolik, Forbes Council Official Member, Mentor at Women in AI Netherlands and Top Leadership Voice, we will discuss AI Leadership and its impact on cybersecurity and business resilience. Join this session together with your peers and discuss the impact of AI on being a good leader in cybersecurity and business resilience:

  • What makes you a good leader with upcoming technologies
  • Succes stories about AI-driven data security and privacy
  • Integrated machine learning for effective threat detection
  • Impact of AI on your role as security leader
Bas van Erk

Bas van Erk

Director Benelux & Nordics van SoSafe

Break-out 2A: Hack the brain: Social Engineering Innovations from 2023

Bas van Erk, Director Benelux & Nordics of SoSafe

This session showcases the top 5 cybercrime trends that have been witnessed in 2023 and explaining which psychological factors play a particularly important role in cyber-attacks. The interface between humans and machines remains the number one entry point – more than 85 percent of all attacks start with the human factor. Bas van Erk will detail some innovative approaches to fighting these sophisticated and manipulative types of cybercrimes, as organizations now face an innovative dark economy where cybercrime-as-a-service is the common business model. Tactics are evolving almost by the minute and attackers do not hesitate to use psychological tactics to manipulate our minds.

Peter Maes

Peter Maes

Sales Engineer van CommVault Systems

Wim Heijs

Wim Heijs

Technical Engineer of CommVault Systems

Break-out 2B: Cyber Recovery: Is your company prepared for a Ransomware attack?

Peter Maes, Sales Engineer & Wim Heijs, Sales Engineer of CommVault Systems

This session focuses on cyber recovery and shows you how to protect yourself against cyber threats such as ransomware. With well-thought-out and tested protection against ransomware incidents, advanced preparation, automated validation and rapid recovery options, regardless of where your data resides.

Discover in this session how you can secure your company data, minimize cyber threats (including early detection) and simplify business continuity.

Tiennot van Dilst

Tiennot van Dilst

CTO van Cert2Connect

Break-out 2C: Friday Afternoon 4 o’clock … A CSO story. How BAS saved my weekend

Tiennot van Dilst, CTO of Cert2Connect | CISSP, CEH, CIPP/e, CxCE

What are you going to do? It is Friday afternoon 4 o’clock, just before the weekend. Most of the technical team has already gone home or has a day off. The phone rings and one of the board members calls concerned about an attack that is occurring in the industry.

In this session Tiennot van Dilst, CTO at Cert2Connect and CSO ai at the Hametha, tells how he ended up having a nice weekend on his boat.

Lunch break at the network square and 1-on-1 conversations

An extensive lunch arrangement is ready for you. During lunch there is enough space to have 1-on-1 conversations and network with colleagues.

Edwin van den Heuvel

Edwin van den Heuvel

Director, Technical Account Management van Tanium

Break-out 3A: Risk Management & Compliance: 5 Programs to get ahead of DORA and NIS2

Edwin van den Heuvel, Director, Technical Account Management at Tanium

In this session Edwin van den Heuvel, will delve into the key programs that every organization must implement to prepare for upcoming regulations in cybersecurity.

  • How to streamline Asset Inventory Management and Visibility
  • Enabling Cybersecurity Best Practices and User Awareness
  • Strengthening Vulnerability Management and Patching Processes
  • Proactive Incident Detection and Rapid Response Strategies
  • Real-time Monitoring and Centralized Logging for Enhanced Security
Michiel Appelman

Michiel Appelman

Senior Solutions Engineer bij cloudflare

Break-out 3B: Detecting zero-days on day zero with Machine Learning

Michiel Appelman, Senior Solutions Engineer, Cloudflare

As attackers get more numerous and start to get help from ChatGPT and other LLMs, the amount of malicious payloads that bypass our signature-based defenses are increasing. It’s becoming increasingly unrealistic to expect our Security Analysts to keep up with writing effective mitigation rules. In this session you will hear how we are able to turn the tables and leverage ML and AI to detect and prevent zero-days on day zero.

  • How attackers are evolving and getting help
  • What it takes to train ML models to recognize new attack
  • Help to comply with NIS2 by seeing and blocking new threats immediately
  • What we can do to make your security analysts more effective
Rick Strijbos

Rick Strijbos

Managing Director of Security Academy

CISOForum 3C: The Human Factor in Cybersecurity

Rick Strijbos, Managing Director of Security Academy

Technology alone can never guarantee total cybersecurity, even though technological developments can of course significantly increase it. People are an important link when it comes to the cybersecurity of your organization, playing both the role of causer of cyber insecurity and that of solver. The ‘human factor’ is therefore one of the pillars of an integrated approach to cybersecurity. How have you organized the human factor in your organization or within your partnerships? Which approach do you choose for an effective cybersecurity policy?

During this interactive session, you will discuss with your peers on the basis of statements. This session will be informally moderated by Rick Strijbos of the Security Academy. The aim of the conversation is to exchange knowledge and experience and to learn from each other’s successes and mistakes in order to subsequently grow together.

Security Academy
Ad Krikke

Ad Krikke

CISO executive partner & coach at Gartner

CISOForum 3D: Navigating Cybersecurity Storms: Leadership in Times of Crisis

Ad Krikke, CISO executive partner & coach of Gartner Nederland B.V.

In an era where digital threats are evolving and organizations are constantly challenged, effective security leadership is essential. But what happens when the inevitable happens? How do you prepare yourself to be resilient?

In this interactive session, led by Ad Krikke, we will discuss how to lead effectively in times of cybersecurity crisis, with practical tips and strategies that can be applied immediately.

Maikel Ninaber

Maikel Ninaber

Director, Cyber and Intelligence (C&I) bij Mastercard

CISOForum 3E: Verder dan de NIS2, in gesprek over DORA

Maikel Ninaber | Director, Cyber and Intelligence (C&I) | Mastercard

The DORA legislation makes it mandatory (and verifiable) for organizations in the financial sector to be operationally resilient. But what does it mean to be operationally resilient and what specific measures do organizations need to take to meet this requirement? The official guidelines will be announced in January 2024.

In this interactive session, Maikel Ninaber will provide an update and we will jointly discuss the consequences of DORA and what exactly that means in practice.

Rick Verhagen

Rick Verhagen

Cybersecurity Specialist at Darktrace

Break-out 4A: Effectively and responsibly harnessing the Power of Cyber AI

Rick Verhagen, Enterprise Account Executive at Darktrace

In today’s interconnected digital landscape, the rapid evolution of Artificial Intelligence poses both unprecedented opportunities and formidable threats to cybersecurity. To effectively defend against AI-driven attacks, organizations must adopt a strategic approach that involves selecting the right AI tools and techniques for specific cybersecurity tasks.

This session will explore the critical importance of matching the right AI to the right challenge. Darktrace will delve into the solutions associated with AI-driven attacked showcasing real examples from their Research and Development centre. You will gain insights into the synergy between human expertise and AI capabilities enabling them to make informed decisions on deploying AI for enhanced security

Mark van Staalduinen

Mark van Staalduinen

Trust and Safety Lead van Dutch Blockchain Coalition

Break-out 4B: Trust Technologies: A Game Changer for Security & Privacy

Mark van Staalduinen, Trust and Safety Lead of Dutch Blockchain Coalition

Digital trust is a significant change in perspective compared to cybersecurity: protection from the perspective of the asset owners, to trust in digital services and technologies from the perspective of end users and society. Information security and privacy protection are now high on the agenda for every initiative and every (data) collaboration. We regularly find ourselves in seemingly impossible situations in which security and privacy seem to be at odds. Precisely to stimulate innovation within our digital society and given the fact that digital transformation is irreversible, new technologies are being developed, with safeguards that match the existing challenges and expectations: Trust Technologies. During this breakout session, Mark will provide an overview of international developments surrounding technology that can help strengthen digital trust, using practical use cases.

Afternoonbreak at the network square and 1-on-1 conversations

During the lunch break, various snacks, hot and cold drinks are available. The last round of 1-on-1 conversations is now taking place. You can find your planned conversations in the EventManager.

Marco Kroon

Marco Kroon

Ridder Militaire Willems-Orde en voormalig leidinggevende Korps Commandotroepen

Leadership under extreme circumstances

Marco Kroon | Ridder Militaire Willems-Orde & voormalig leidinggevende Korps Commandotroepen

Marco Kroon, Knight of the Military Order of William and former leader of the Commando Corps, provides insight into what leadership really is and what it means to lead under extreme circumstances during this unique keynote. Using true stories supported by images and sound, he shows that leadership without teamwork, camaraderie and loyalty is pointless. This applies to life-threatening situations, but also in the business world.

Networking drinks

We will end the day in an appropriate manner while enjoying a drink, bitterbal and other snacks. Chat informally with colleagues, professionals, partners and speakers.

Who's speaking?

Curious about who is contributing to the conference and what experience they bring with them? Quickly view the complete overview!