Agenda

Breakfast Networking and Registration

Chairman's Welcome

► NIS2 – walking the regulatory talk

Philipp Amann, Group Chief Information Security Officer, Austrian Post (Post AG)

• The EU’s approach to data governance
• Mapping EU regulations to national legislation to organisations
• How to NIS2 in practice?

► Die Cyber-Bedrohungslage in Deutschland, einen Schritt voraus mit der Connectivity Cloud

Dominic Haussmann, Specialist Solutions Engineer - Zero Trust, Cloudflare

• Cyber-Bedrohungslage Internet und Deutschland
• Warum Sicherheitsschulungen für Mitarbeiter zu kurz greifen
• Was Sie heute tun können, um einen der größten Angriffsvektoren zu schließen

► Third-party risk management from a third-party perspective  

Andrea Szeiler, Global CISO, Transcom

• Understanding your third parties and the risks they bring to your organisation  
• Different approaches to third-party risk management and their pros and cons  
• Responsibility sharing matrix 
• Working together 

►Education Seminar Session 1

Delegates will be able to choose from the following education seminars:

• From postcard to a sealed letter – why and how the quality of email communication can and should be improved, Günter Esch, Managing Director, SEPPmail
• Unveiling the Dark Secrets of i-SOON: Insights into China's Cyberspionage Ecosystem, Julian Kanitz, Lead Sales Engineer DACH, Recorded Future

Networking Break

► The business of being a CISO

Simon Brady, Managing Editor & Event Chairman, AKJ Associates (Moderator)
Philipp Amann, Group CISO, Austrian Post (Post AG)
Heidelinde Rameder, CISO Borealis, AG 
Andrea Szeiler, Global CISO, Transcom    

• The role of the CISO as security regulation increases (NIS2, DORA etc.)
• Compliance versus security as a true business driver
• The cyber talent shortage – real or illusion?
• Adopting a risk based approach to securing budgets

►Reduktion der finanziellen Auswirkungen von Cyber-Angriffen

Frank Schwaak, Field CTO EMEA, Rubrik

• Proaktiv die Angriffsfläche verringern 
• Den “Blast-Radius” eines Angriffs bestimmen
• Die Umgebung ohne Re-Infizierung wieder herstellen 
• auf NIS2, DORA und DSGVO Konform reagieren

►Education Seminar Session 2

Delegates will be able to choose from the following education seminars:

• We need to talk about security in our containerized workloads, Gabriel Stein, System Engineer, SUSE
• From threat detection to threat prediction: How generative AI is transforming cybersecurity strategies, Kevin Breuer, Sales Engineer, LogRhythm

Lunch Break and Networking

► Cyber Insurance as a last line of defence

Orion Beci, Cyber Adviser, Austria, CEE & Eastern Mediterranean, Marsh

• Key claims data and current insights
• Shedding light on risks and ways to boost your cyber insurance protection
• Boosting your insurability

►Why Identity Alone Is Not Enough for a Zero Trust Strategy

Paolo Passeri, Principal Sales Engineer and Cyber Intelligence Specialist, Netskope

• The new reality of living in a hyperconnected online world requires a new approach to security, where multiple elements must be taken into account, besides simply blocking/allowing access to a specific service or the user identity to enforcing granular permissions.
• Learn why the context is important to enforce a granular and effective security policy.
• Discover which are the elements that must be considered, besides identity, to adopt an effective zero trust strategy
• Understand how the different security controls, such as data protection, threat protection, behaviour analytics, cooperate to protect the modern enterprise.

►Die Grundlagen von Social Engineering verstehen lernen

 Dr. Martin J. Krämer, Security Awareness Advocate, KnowBe4

• Social Engineering ist bei Angreifern sehr beliebt, und Studien zeigen, dass mehr als 80 % der Angriffe auf menschliches Versagen zurückzuführen sind.
• Lernen Sie, warum Social Engineering ein Problem ist und warum es so erfolgreich ist.
• Verstehen Sie durch die Veranschaulichung grundlegender wissenschaftlicher Konzepte, wie Angreifer Tricks anwenden, um den "menschlichen Faktor" auszunutzen.
• Entdecken Sie, wie Unternehmen ihre Mitarbeitenden schützen und welche Gegenmaßnahmen ergriffen werden können.
   

► Cyber Audit Mastery: Navigating Strategies for Success

Christoph Gruber, Head of IT Security, UNIQA IT Services GmbH

• Understanding the Purpose: clarifying the objectives and goals of cyber audits
• Working with auditors to facilitate a smooth audit process and address concerns effectively
• Achieving collaboration and communication across all parties
• How do we engage our boards and achieve public accountability? 

Networking Break

► LIVE DEMONSTRATION: Weaponising AI for Cyber Attacks & Offensive Operations

Manit Sahib, Ethical Hacker, The Global Fund

• Overview & Threat Landscape: How AI is being leveraged in the wild for malicious activities.
• Weaponising AI for Offensive Operations: Running AI through the Cyber Kill Chain.
• ChatGPT or [insertnamehere]GPT; What’s the level of effort required to build your own AI.
• LIVE DEMO: AI in action 

► Technology Panel discussion

Simon Brady, Managing Editor & Event Chairman, AKJ Associates (Moderator)
Elsa Lischka, Senior IT Security Architect, OMV
Strahinja Miljkovic, Former Deputy CISO, Prinzhorn Group
Marian Kühnel, Information Security Architect, ÖBB
Manit Sahib, Ethical Hacker, The Global Fund

• How do you see the future of AI in security evolving, and what steps can be taken to ensure its responsible and effective use in protecting against cyber threats?  
• What are your thoughts on the outsourcing model in security, and how can organizations ensure that they are effectively managing the risks and benefits associated with outsourcing their security functions?    
• What are your thoughts on the shared responsibility model in security, and how can organizations effectively implement this model to ensure the security of their systems and data?

Event Closes