Programme

As regulations, technological advancements and the Agile way of working reshape the industry, it’s critical to move beyond being a controls manager as a CISO. Get a unique look into the latest Gartner research and learn how to become more effective in your role as a CISO. Protect your organization, enhance resilience, and embrace a proactive, responsible leadership with more focus on value creation. Discover strategies for effective leadership and augment your current way of working with scalable (security) operating models to make your organization more resilient.

In this session, Jeroen will not only discuss what DNB is doing around the cyber resilience of its own organization in an open and transparent manner, but he will also pay attention to the role of DNB as a policymaker and supervisor.

During this session, you will get some practical examples on what you should do to prevent incidents and how to respond if shit hits the fan. Can you make a shift from compliance (and what do laws and regulations such as GDPR/AVG, NIS2 and DORA mean for your choices) to risk management? How do you involve the board?

Jeroen will share his vision on how you should consider external factors such as the labour market, Quantum and AI. Sharing experiences instead of covering up will help us make our companies more secure!

Join this engaging session on safeguarding sensitive data in the age of artificial intelligence. This session will explore best practices, emerging challenges, and innovative solutions for ensuring privacy and security in AI-powered systems. We will discuss in how to discover, analyze, classify sensitive data and implement adequate protection measures through pseudonymization, anonymization techniques. This in return will support organizations in their data minimization efforts meeting compliance requirements and protecting sensitive data from being unprotected within LLM environments but also provide adequate protection measures from potential AI driven attacks.

Control over identities and their access empowers you to focus on your core business without sacrificing security. Modern Identity Governance and Administration (IGA) reduces risks, meets compliance needs, and ensures user-friendly access—without the complexity of traditional solutions. Many organizations find traditional IGA approaches too time-consuming and resource-intensive.

Okta and FuseLogic offer a modern, efficient way to streamline IGA. Join us to discover how to:

• Understand Identity Governance
• Start or enhance your IGA project
• Implement IGA in weeks, not years
• Leverage Cloud-based IGA
• Avoid common pitfalls

Simplify IGA and take control today!

With on-going, constant breaches it’s not a matter of if or when, but how often an organization will be breached. The familiar, long-established process of keeping a business up-and-running after a system outage or natural disaster has been changed by ransomware. Due to lack of testing, many organizations are unaware of the gaps in their cyber recovery plans.

As cyberattacks become more pervasive and sophisticated, it’s critical to have a robust, adaptable approach to true resilience. In most cases, ransomware attacks backup environments—meaning malicious code is often hidden in backups and even embedded in the hardware used to recover those backups. Recovering that malicious code can make things worse!

Ransomware thrives in chaos. Join our session to learn how to ensure your business continuity.

Quantum computing is rapidly advancing and poses disruptive challenges to cybersecurity. Many of today’s cryptographic systems could be broken by quantum computers, putting critical infrastructure at risk.

Encrypted data is already being stored by attackers, with plans to decrypt it later using quantum technology (“store-now-decrypt-later” attacks). As a result, migration to quantum-safe solutions is inevitable, and governments are urging industries to prepare for “Post-Quantum Cryptography.”

In this roundtable, led by Arnaud Wiehe, Managing Director IT at FedEx en former CISO of TNT Post we will assess the risks, discuss the urgency, and explore strategies for diagnosis, crypto-agility, migration, and supply chain risk.

A single prompt can compromise your entire DC and Cloud infrastructure and lead to extreme data loss.  Learn how you can protect against authentic sounding verbal and Gen AI fueled social engineering attacks.

Dive into the latest zero trust and AI innovations that empower organizations to stay ahead of evolving threats and secure their digital transformation journeys.

Cyber threats are rising, regulations are becoming more complex, and the pressure on organisations to achieve cyber resilience is growing. How do you manage this? In this interactive fireside chat, Leon van Dongen, Sales Engineer at Arctic Wolf, and cybersecurity expert Godfried Boshuizen from CC Security, discuss key trends, compliance challenges like NIS2 and DORA, and practical solutions for enhancing security.

What can you expect?

• The current state of cybersecurity: Which threats are at the top of the agenda and how are companies responding?
• Regulations as a driving force: What do NIS2 and DORA mean in practice, and how do you meet the requirements?
• Focus on cyber resilience: Why is a strong security strategy more than just technology?
• Arctic Wolf as a SOC partner: Leon explains how Arctic Wolf helps companies stay ahead of cyberattacks with 24/7 monitoring, detection, and response.

This session is unique due to the combination of in-depth knowledge and practical experience, and is a must for anyone wanting to understand how to protect their organisation in a complex digital world. Take advantage of the opportunity to learn from experts and discover how a partner like Arctic Wolf can support you.

In this session, we’ll explore key trends in the evolving ransomware landscape, focusing on the rise of mass-exploitation vulnerabilities, which have become primary entry points for cybercriminals. We’ll also discuss shifting threat actor behaviors, such as increased collaboration within cybercriminal ecosystems and the rise of ransomware-as-a-service. Additionally, we’ll examine the impact of Generative AI, assessing whether it has fundamentally altered the threat landscape by enabling more sophisticated, automated attacks. This session aims to provide actionable insights into these developments and help organizations better prepare for the future of cybersecurity in an increasingly complex and AI-driven environment.

In this session, we will delve into the critical components of Business-to-Business (B2B) Identity and Access Management (IAM), focusing on both Customer Identity and Access Management (CIAM) and Identity Governance and Administration (IGA).

We will explore how streamlining IAM processes in B2B environments not only enhances security but also drives operational efficiency. Join us to learn best practices and see real-world examples of how these strategies can be effectively implemented.

Being the top incident response partner in the region puts us right in the middle of the latest cyberattacks. We see how threat actors work, who they target and how their techniques are evolving over time. And we drive innovation within incident response to deal with those threats in the rapidly changing business and IT landscapes.

This talk highlights on the one hand noteworthy developments in the threat landscape, including shifts in how adversaries get into victim environments, new ways they bypass MFA, evade endpoint protection, and circumvent other security controls.

On the other hand, this talk also dives into the challenges of dealing with these cyberattacks in modern environments. More systems, more virtualization, more cloud, and more supply chain complexity, are all leading to changes in how effective incident response must be done. We are leading a transformation to deliver the speed, scale and diversity required to match the growing threat landscape. And without the need.

The introduction of BIO 2.0, NIS2, Cbw, ISO 27001, Business Continuity Management (BCM), Operational Technology (OT), and ISO 27005 brings new requirements, responsibilities, and challenges. But what does this mean in practical terms for organisations, and how can they prepare effectively?

During this deep dive session, you will have a unique opportunity to engage in an interactive setting with experts and peers. Under the guidance of Renco Schoemaker, an experienced security trainer and CISO, we will explore the impact of these changes on your organisation and discuss actionable steps you can take to remain compliant.

Key takeaways from the session:

• Insight into key changes: Discover the essentials of BIO 2.0, NIS2, and other relevant standards.
• Practical guidance: Learn how to prepare for the new requirements and identify tools and frameworks to support your organisation.
• Sharing best practices: Exchange experiences and strategies with other CISOs and IT security leaders.
• Future trends and challenges: Gain insight into upcoming developments and how to proactively address them.

In an era where digital threats are evolving and organizations are constantly challenged, effective leadership is essential. But what happens when the inevitable happens? How do you prepare yourself to be resilient?

In this interactive session, led by Gayle Anders, Global Head of Business Continuity at Netflix and Former Director, Crisis & Emergency Management at the United States Marine Corps we will discuss how to lead effectively in times of crisis.

This roundtable, led by Jessica Conquet, Global CISO at Randstad addresses the complexities of managing security teams on a global scale. Engage with peers to uncover diverse challenges, gain fresh insights, and build valuable connections in a collaborative setting.

• Team motivation across cultures, with tailored benefits and targeting professional profiles that meet diverse requirements.
• Cultural considerations for security operations and the pitfalls in global outsourcing.
• Building robust service level agreements and standard operating procedures that accommodate local differences while upholding global standards.

As cyber threats continue to evolve, organizations face increasing risks to their digital assets. To address this, it is recommended to take a proactive approach to cybersecurity with Attack Surface Risk Management and the Cyber Risk Index. These tools are designed to help organizations identify, assess, prioritize, and mitigate risks to their attack surface, ultimately enhancing their cybersecurity resilience.

For security leaders, this means having a comprehensive metric that quantifies the overall security risk for their organization and consolidates individual assets and risk factor scores to assess their overall risk posture. By leveraging these tools, they can take proactive measures to protect their digital assets from attacks and manage risks effectively. This approach allows them to minimize risk and maximize resilience, ensuring their organization can continue to operate securely in today’s ever-changing threat landscape.

Emerging technologies are reshaping our environments and lives. In this session, under the guidance of Arnaud Wiehe, Managing Director IT at FedEx and former CISO of TNT we’ll explore the rapid pace of technological advancement and its implications for the future. We’ll delve into the convergence of emerging technologies like AI, blockchain, and IoT and the dependency on cloud ecosystems, highlighting their transformative potential. We’ll reflect on the critical role of innovation in driving progress and the importance of staying educated and adaptable in an ever-evolving technological environment.

First, you must establish a framework that is the right-size approach for your organization and its culture. Too much, too fast and you risk alienating yourself from leadership and your stakeholders. Is your resilience program scalable? If you are not automating the program and its processes it won’t scale across the enterprise. Second, you must generate excitement for your workforce and its leaders to actively participate in the program. This is where influential leadership becomes critical to program success.

In this keynote, Gayle Anders, Global Head of Business Continuity at Netflix and Former Director, Crisis & Emergency Management at the United States Marine Corps will discuss establishing a business continuity and resilience framework and using influential leadership to generate support for the program at a global level.