Agenda

08.20 - 09.20

Breakfast Networking & Registration
09.20 - 09.30

Chairman's Welcome
09.30 - 09.50

►Cybersecurity in geopolitically challenging times

Ernst Noorman, Ambassador at Large for Cyber Affairs, Kingdom of the Netherlands

  • Addressing state-sponsored threats, cyber warfare, and global tensions.
  • Advancing cyber diplomacy, regulatory frameworks, and responsible state behaviour
  • Strengthening multiststakeholder partnerships to enhance cyber resilience and critical infrastructure security.
  • And what about the resilience of subsea cables?
09.50 - 10.10

►Identity is the new perimeter; combine prevention and recovery to ensure organisational survivability during and after an attack

Sami Laurila, GTM Leader Northern Europe Identity & AI Technology, Rubrik

  • Data & Identity Focus: How to implement robust cyber-recovery and threat containment across your data and identity estate
  • Beyond prevention: Ensure rapid response and recovery to minimise downtime and business disruption
  • Stay operational under attack: How zero-trust architecture helps you maintain control and protect critical data – even during ransomware events
10.10 - 10.40

►Fireside chat: Beyond Compliance: Building Resilient Cyber Risk Management

Simon Brady, Event Chairman (Moderator) 
Athina Syrrou, Senior Director Tech Risk Operations, Booking.com

  • How can organisations turn risk appetite statements and metrics into practical decision-making tools?

  • With NIS2 and similar regulations, what does “appropriate and proportionate” really look like in practice — and how can risk management guide the response?

  • What makes for strong cyber risk metrics, and how can CISOs and CSOs give the Board real confidence in the organisation’s risk posture?

  • How does a resilience-first mindset shift culture — from blame and prevention to acceptance, preparedness, and recovery?
10.40 - 11.20

►Education Seminar 1

Delegates will be able to choose from a range of topics:

  • Your Perimeter is on the Front Lines: Attack Surface Reduction as a Primary Defence, Dan Andrew, Head of Security, Intruder
  • From Reaction to Resilience: A New Path for Privileged Access, Fred Noordam, Regional Sales Manager Benelux, Silverfort & Al Scott, Senior Sales Engineer EMEA, Silverfort
11.20 - 11.50

Networking break
11.50 - 12.10

►Ransomware 3.0: Weaponizing AI for the Next Generation of Ransomware Attacks

Manit Sahib, Ethical Hacker, Cytadel & Former Head of Penetration Testing & Red Teaming, Bank of England

  • LIVE DEMO - Inside the first AI-powered ransomware attack — See how my custom Agentic Ransomware Gang can take down a network in under 8 minutes

  • Firsthand insights from real-world red team ops — from legacy tech and broken access controls to the critical lack of real-world security testing

  • Why traditional security fails — compliance checklists and conventional tools don’t stop modern ransomware

  • What CISOs and security leaders must do now — real-world, field-tested steps to prove your controls work before attackers do it for you
12.10 - 12.30

►From Control to Continuity: Rethinking Privileged Identity Security for the Hybrid Era

Chris Dearden, Staff Systems Engineer, Delinea

  • Why privileged identities - especially IT admins - are the gateway for today’s advanced threats
  • What evolving regulations like NIS2 and DORA mean for Identity Security 
  • How modern approaches like just-in-time access and privilege elevation reduce standing risk
  • Why unified, platform-based PAM strategies are key to sustaining both security and speed
12.30 - 12.50

►Insights from the 2025 Threat Hunting Report

Vincent Nieuwenburg, Senior Sales Engineer, CrowdStrike Benelux

  • The CrowdStrike 2025 Threat Hunting Report reveals how today’s most advanced adversaries weaponise AI not only for social engineering but also for reconnaissance, malware enhancement, and vulnerability research, while executing malware-free and cross-domain attacks to bypass defences

  • With 81% of hands-on-keyboard attacks malware-free and 320+ organisations infiltrated by AI-enabled insider threats, rapid response is critical

  • CrowdStrike’s AI-native Falcon platform empowers organizations to detect, disrupt, and stop modern threats
12.50 - 14.00

Lunch & Networking break
14.00 - 14.20

►Crypto-Agility in the Cyber Domain

Elif Yesilbek, Cryptographer, ABN AMRO

  • How cryptography secures digital communications, data, and trust in cyberspace

  • The impact of quantum computers on classical cryptography and PQC

  • What is crypto-agility and why we need it?
14.20 - 14.40

►Secure Connectivity for a Critical Era: Cellular and the Future of Infrastructure Protection

Daan Huybregts, Head of Innovation, Zscaler

  • As cyber threats against critical national infrastructure escalate, ensuring secure connectivity is no longer optional—it's essential. This session explores how Zscaler Cellular is transforming the security landscape for critical systems and public sector entities, providing airtight protection against cyberattacks while enabling seamless operations
  • Learn how cellular-native security solutions are redefining resilience for sectors that matter most to public safety and economic stability
14.40 - 15.20

►Education Seminar 2

Delegates will be able to choose from a range of topics:

  • From Cyber Security to Cyber Resilience, Wim Heijs, Senior Security Engineer, Commvault
  • Hacking the Media: The PR Tactics of Cyber Criminals, Julius Nicklasson, Sales Engineer,Recorded Future
15.20 - 15.40

Networking break
15.40 - 16.00

►The Risks and Opportunities that AI brings to Cybersecurity

Gustavo Maniá, Information Security and Risk Manager (Regional CISO), HEINEKEN (AME)

  • Real-world AI-driven cyber risks—from phishing automation to deepfakes and agentic AI threats 
  • Learn how HEINEKEN manages emerging AI risks while harnessing AI to strengthen defence 
  • Gain practical insights to help your organisation embrace AI securely and strategically
16.00 - 16.30

►Panel Discussion: Securing Future Architectures 

Simon Brady, Event Chairman, (Moderator) 
Martin Dimovski, Senior DevOps/DevSecOps Engineer, ABN AMRO Bank 
Gustavo Mania, Information Security and Risk Manager (Regional CISO), HEINEKEN (AME) 
Alan Lucas, CISO, Worldstream
Manit Sahib, Ethical Hacker, Cytadel & Former Head of Penetration Testing & Red Teaming, Bank of England

  • How can security teams design resilient architectures to integrate and leverage emerging technologies such as AI, quantum computing, and IoT?

  • What role does AI play in developing proactive rather than reactive security strategies?

  • What are the best practices for integrating AI without disrupting legacy systems and existing workflows?

  • How can organisations implement zero-trust principles and adaptive access controls to secure ever-evolving environments driven by AI and edge computing?
16.30 - 16.35

Chairman's close

Education seminars


Your Perimeter is on the Front Lines: Attack Surface Reduction as a Primary Defence


Dan Andrew, Head of Security, Intruder

This education seminar will provide a deep-dive into core concepts and practical recommendations for Attack Surface Management (ASM) and Asset Discovery. Your perimeter is on the front line, and good patch management alone is not enough to protect it. You should leave this session with a better idea of how to blend ASM and Asset Discovery with Patch Management for a robust exposure management process.

We'll run through examples of attack surface risks, real-world vulnerabilities affecting internet exposed tech, and why implementing an ASM process is critical alongside patch management. It may be tempting to fall back on just patching your biggest *known* threats, but some of the biggest risks are vulnerabilities that are not yet publicly known. These threats do not have a CVSS score, and attack surface management is your primary defence. Learn how to future-proof your perimeter.

Asset Discovery is also an essential part of managing your attack surface. Keeping track of your internet exposed IPs and domains is far from trivial, and cloud environments in particular make this challenge harder. Losing track of some of your assets is no longer an embarrassing mistake - it's an unavoidable reality. We will show some examples of how this happens, and give a practical approach to asset discovery which helps you keep track, and avoid systems slipping outside of your exposure management process entirely.

Attendees will learn:

  • Integrating Attack Surface Management into your Patch Management process - defining ASM as a Primary Defence that's proactive, not reactive
  • Prioritisation considerations and why Informational risks are Criticals waiting to happen. Why not all 'Criticals' are equal, and why CVSS is not king
  • The importance of Asset Discovery to find Shadow IT and build a realistic view of your Attack Surface. Practical recommendations on how to approach this

From Reaction to Resilience: A New Path for Privileged Access


Fred Noordam, Regional Sales Manager Benelux, Silverfort
Al Scott, Senior Sales Engineer EMEA, Silverfort

As identity becomes the new security perimeter, organisations are realising that the most dangerous attacks no longer exploit technical vulnerabilities; they exploit identity. Modern attackers don’t break in, they log in. In this session, we explore how enterprises can move from reactive controls to proactive identity resilience.

Attendees will learn:

  • Understand why traditional Privileged Access Management (PAM) methods fall short in today’s evolving cyber threat landscape
  • Explore a modern, identity-centric approach that builds resilience at the core—moving from reactive controls to proactive defense
  • Learn about an agentless, continuous strategy for detecting and preventing privileged identity misuse in hybrid and cloud environments
  • Discover how to reduce attack surfaces, enforce adaptive access policies, and gain granular visibility—without disrupting operational workflows

From Cyber Security to Cyber Resilience


Wim Heijs, Senior Security Engineer, Commvault

During this session, Wim Heijs from industry leaders Commvault will explore the ideal response for limiting the impact of a cyberattack and creating a strategic cyber recovery and resilience plan. Discover how the right strategy can best minimise downtime and ensure business continuity and operational robustness. Cyber resilience is an ongoing process, so join us to learn how to anticipate, resist and recover from ransomware attacks, quickly restoring your Minimum Viable Company (MVC) and creating the shortest Mean Time to Clean Recovery (MTCR).

Attendees will learn:


Hacking the Media: The PR Tactics of Cyber Criminals


Julius Nicklasson, Sales Engineer, Recorded Future

This presentation analyses the direct and indirect engagement strategies cyber criminals use to bolster their reputation, increase extortion pressure on victims, and demand more money for stolen data. Defenders can mitigate the impact of these publicity tactics through preparing an intelligence-led incident response plan that includes external communications strategies.