Programme

Martijn Hoogesteger is a Digital Detective from the TV Program Hunted. Besides being a digital detective he is a cybersecurity expert. Martijn opens the conference with “The Connection Kickoff”. This interactive networking session will break the ice and is the starting point of meaningful connections.

The Connection Kickoff is the perfect opportunity to meet fellow security leaders, share your interests, and start expanding your network of peers who can inspire and support you during and beyond the conference. Let’s make the first connection count!

We open the conference with an interactive panel discussion on technical and operational sovereignty. As organisations increasingly rely on complex architectures, cloud platforms, and strategic vendors, maintaining control over technology, operations, and risk becomes a key leadership challenge.

From an architecture and risk management perspective, the panel explores what sovereignty means in practice and addresses the difficult choices security leaders face, the dependencies they inherit or create, and the moments where control, accountability, and risk exposure must be deliberately accepted, or challenged.

Building a security program whether from zero in a lean startup or rebooting one in a mature organization is as much about context as it is about controls. There’s no one-size-fits-all blueprint, but there is a repeatable framework that adapts to your organization’s size, risk profile, and growth trajectory.

In this talk, I’ll walk through a practical, four-phase model that helps you build or rebuild security with clarity and purpose. From facing the right direction, to getting the basics right, embedding them sustainably, and if needed scaling to a more strategic and advanced level.

As security demands continue to grow, budgets, resources, and talent do not scale at the same pace. Security leaders must make deliberate choices, recognising that full coverage is neither feasible nor cost-effective.

In this Deep Dive Session, led by Omar Ali, CISO and IT Director at PostNL, we examine how to balance security ambitions with financial reality. Through a risk-based approach, we explore how security leaders can actively control and reduce costs.

The session focuses on identifying overspend, rationalising tooling, optimising the use of people and capabilities, and consciously accepting certain risks to avoid unnecessary expense.

Threats are exponential, AI is only accelerating, and “cloud-first” is no longer a distant vision, but the reality of every global enterprise.

Join Commvault EMEA CTO, Mark Molyneux, as he shares powerful insights into the constantly evolving cyber-attack surface and demonstrates the importance of why a focus on creating an optimised cyber resiliency strategy is imperative.

Key learnings:

• Understanding why unified resilience across security, identity, and recovery teams is critical to defeating modern attackers who exploit organizational silos
• Why clean recovery matters more than fast recovery—and how AI-driven techniques can surgically remove compromised data to prevent reinfection
• How to prepare your organization for the agentic enterprise, where autonomous AI systems require new governance and protection strategies
• Why hybrid infrastructure is permanent, and how to implement resilience strategies that work seamlessly across cloud, SaaS, and on-premises environments

In this Deep Dive Session, we bring security leaders together to explore how organisations can safeguard data in an environment where threats, regulations, and technologies evolve at high speed. Amir Vashkove is an Data Security Industry Leader. During this session he shares his experiences through the realities of building and maintaining resilient data protection and privacy capabilities at scale.

This interactive session encourages participants to actively exchange knowledge with peers, share practical experiences, and challenge each other’s assumptions. Together, we will explore what “robust” data protection really means today: from aligning privacy-by-design with business priorities to integrating modern detection, response, and governance practices. Key discussion themes include the human factor, data handling behaviour, and organisational accountability, offering a holistic view of what it takes to protect sensitive information in complex environments.