Agenda

08:00 - 08:50

Breakfast networking and registration 

08:50 - 09:00

Chairman's Welcome 

09:00 - 09:20

► Measuring Information Security in a Diverse Organisation 

Dimitrios Stergiou, Chief Information Security Officer, Modern Times Group 

  • Measuring information security within the Modern Times Group, a collection of unrelated businesses
  • Why use a maturity model instead of a standard
  • Project execution and initial results
  • Next steps and lessons learned from the project
09:20 - 09:40

► Reducing Organizational Risk Through Security Awareness

Terry Conroy, Territory Manager DACH, Wombat Security Technologies

  • Hear an overview of an effective security awareness programme
  • Learn why educating your employees can be your best line of defense against a phishing attack
  • See real life examples of how companies have significantly reduced successful phishing attacks and malware infections
09:40 - 10:00

► What Do You Know About Securing Your Critical Data?

Paul Steen, Vice President, Global Product Strategy, Imperva Inc

  • Is Data Security suffering from an information overload problem?
  • Based on our original research, what specific information is vital for solving data security?
  • How can AI and Machine Learning simplify the task of data security?
10:00 - 10:20

► Threat Intelligence Insights: Keeping Your Business Safe from Malware, Ransomware, and Data Exfiltration

Stefan Mardak, Senior Enterprise Security Architect, Akamai

  • The attack industry invests in more sophisticated attacks 
  • DNS is a fundamental detection component
  • Effective defense requires a layered approach
  • Global & hybrid data visibility is key
10:20 - 10:55

► Education Seminar Session 1

Digital Identities and the ThreatMetrix ID: Authenticating Identities in the Digital Age

Stephen Topliss, VP of Products, ThreatMetrix, and Alexander Frick, Sales Director DACH,  ThreatMetrix 

10:55 - 11:25

Networking and refreshments break 

11:25 - 11:45

► Secure Application Development: Working With Third Parties

Rainer Rehm, Information Security Officer, RIO - a Brand of Volkswagen Truck and Bus

  • Bad security in APP development
  • Necessary security protocols
  • Vulnerabilities that can be exploited
  • In-depth issues in IoT
11:45 - 12:05

The Enterprise Immune System: Using Machine Learning for Next-Generation Cyber Defense

Lisa Lutgen, Cyber Security Account Executive, Darktrace

In this session, learn:

  • How new machine learning and mathematics are automating advanced cyber defense
  • Why 100% network visibility allows you to detect threats as they happen, or before they happen
  • How smart prioritization and visualization of threats allows for better resource allocation and lower risk
  • Real-world examples of unknown threats detected by ‘immune system’ technology
12:05 - 12:25

► Human Factor 2018 – Cybercriminals targeting people 

Werner Thalmeier, Senior Director Systems Engineering EMEA, Proofpoint

  • Your employees today use the most versatile work tools like email, social, mobile apps & SaaS applications
  • Cybercriminals are attacking your employees within these different channels and working methods, your protection should do the same
  • Cross-platform security strategies ensure "People Centric Security"
  • Learn how to protect the "human factor" and your company
12:25 - 12:45

► Big Data Analytics Under the GDPR?  Purpose Limitation, Anonymisation and Pseudonymisation 

Axel Kessler, Head of Legal Data Privacy, Siemens

  • Big data and purpose limitation
  • Legal aspects like consent and legitimate interest
  • Anonymisation - when is data anonymised?
12:45 - 13:20

► Education Seminar Session 2: CloudFlare

A False Sense of Security: Overlooked Ways Data can be Breached 

Christian Paulus, Head of Product Marketing, CloudFlare

13:20 - 14:20

Lunch and networking 

14:20 - 14:40

► Investment and Awareness in Cybersecurity Programmes

Christian Paul, Head of Security, Österreichische Post

  • Information security awareness in a diverse organisation
  • Email-delivered malware is still the most popular attack vector, because it works.  What works against it?
  • Gaining board investment in new cybersecurity initiatives
  • Becoming the “Department of How”, not “Computer says No"
14:40 - 15:00

► Down to Earth Security: Lessons Learned in Defense

Chris Meidinger, Sales Engineer DACH, CrowdStrike
Tuncay Eren, Director of Sales, CrowdStrike

  • Defending against modern attacks
  • Key metrics to measure SOC operations
  • Future attack trend predictions
15:00 - 15:20

► Why Cyber Threat Intelligence (CTI) is becoming increasingly more important to the business?

Gerhard Beeker, Director Business Development DACH, Recorded Future

  • Contextualized threat intelligence, learn about the importance of context in threat intelligence
  • Methods of uncovering emerging threats, using multiple data sources such as the open, deep and dark web
  • Popular use cases for Threat Intelligence within your organisation

15:20 - 15:55

► Education Seminar Session 3: SABSAcourses

Architecting a Multi-Tiered Control Strategy 

Charles Lewis, Principal Consultant, SABSAcourses 

15:55 - 16:15

Networking and refreshments break 

16:15 - 16:35

► Are We Still Doing Business?  Isn't There Enough to do Complying With Laws and Regulations?

Matthias Jungkeit, Chief Information Security Officer, Münchener Hypothekenbank

  • Must business and regulation be mutually exclusive?
  • Finding synergies in the regulatory framework to reduce the overall effort
  • Integrating regulatory requirements into the value-added process
  • Incorporating a model of centralised/decentralised responsibilities, in which employees contribute to the process step that they understand best
16:35 - 16:55

► Executive Panel Discussion

There's no Such Thing as Cyber Risk... or is There?

  • Branko Džakula, Group Information Security Officer, HolidayCheck Group
  • Alam Mohammad, Head of Cybersecurity & Privacy, Voith 
  • Dimitrios Stergiou, Chief Information Security Officer, Modern Times Group 
16:55 - 17:00

Close of Conference 

Education seminars


Cloudflare - A false sense of security: Overlooked ways data can be breached


Christian Paulus, Head of Product Marketing, Cloudflare

The Uber, Equifax and Yahoo data breaches have highlighted enterprise vulnerability to cyber attacks focusing on data exfiltration. As enterprises embrace remote workforces, replace monolithic applications with microservices, expose new APIs, and move server side functionality to the client, new security challenges emerge. Securing legacy environments from familiar attacks while also monitoring newer stacks and responding to zero day vulnerabilities to safeguard from data breaches remains a challenge.

Join this session to learn: 

  • Insights on why data breaches are likely to increase in frequency
  • Overlooked attack vectors and software engineering trends that adversely impact security postures
  • Guidance on security frameworks that can help enterprises reduce the risk of data breaches while handling these new challenges

SABSAcourses - Architecting a Multi-Tiered Control Strategy


Charles Lewis, Principal Consultant, SABSAcourses

Information Security departments are spending increasing amounts, and contributing more resources to standards compliance & security controls, but yet there’s no guarantee of being safe and secure.
Isn’t the idea of security to avoid business disruption and ensure there is a robust, fit-for-purpose, business enabling and end-to-end solution? 
In this session, we will look at an engineered approach, applying some structured thinking through the SABSA Multi-Tiered Control Strategy to ensure information security contributes in a risk-proportional manner to the business. This defence-in-depth approach avoids concentrating only on limited best practices by looking at a more holistic approach to selecting capabilities to avoid business disruption. 

What attendees will learn:

  • What the SABSA Multi-Tiered Control Strategy looks like
  • How to identify the right type of control, in the right place and at the right time
  • How to incorporate, integrate & fully utilise existing control sets to build on current strengths and fill the gaps
  • How to respond in a risk-proportional manner, identifying weak-links in the security chain

ThreatMetrix – Digital Identities and ThreatMetrix ID – authenticating identities in the digital age


Stephen Topliss, VP of Products, ThreatMetrix

Alexander Frick, Sales Director D/A/CH, ThreatMetrix

The concept of identity in the digital age is being fundamentally reimagined. The jigsaw pieces of an individual identity are being collated and compiled by fraudsters to create near perfect stolen pictures, which no longer belong solely to their true owner but are scattered across the globe having been bought, sold and traded by criminal networks.  What constitutes an identity in the age of digital commerce.   The digital identity, and in particular ThreatMetrix ID, is a new way of understanding, authenticating and validating user identities, raising the lowest common denominator from a device to the person and looking beyond static data to the dynamic intricacies of how people transact online.

What attendees will learn:

  • A review of the latest cybercrime trends based on actual attacks detected by the ThreatMetrix Digital Identity Network.
  • Proven ways to leverage digital identities and ThreatMetrix ID to fight fraudulent account takeovers
  • How behavioural analytics coupled with remote desktop detection techniques can mitigate social engineering attacks.