08:00 - 08:50

Registration and Networking Break 

08:50 - 09:00

Chairman’s welcome

09:00 - 09:20

► Mapping, Collaborating, and Securing

Claudia van den Beld, Advisor International Cooperation, National Cyber Security Centre of the Netherlands

  • We strive to encapsulate the current threat landscape in laws and regulations, and the need for coordination is ever more relevant. - Case study: From star-gazing to law-gazing — the Observatory
  • We are trying to navigate this landscape through cross-border alliances which we sorely need. - Case study: Choosing your cross-border partners — the Consortium
  • Finally, there is a great deal we can learn from each other once we appreciate the need to share information. - Case study: Lowering the thresholds to heighten the insight — the Platform
09:20 - 09:40

► Human Machine Teaming: The Indispensable Human Element of Cybersecurity

Sjoerd de Jong, Senior Sales Engineer, SentinelOne

Artificial Intelligence is a pervasive part of our lives today and cybersecurity teams and adversaries alike have learned to harness the speed and power of machines to strengthen their capabilities. With machine learning becoming one of the most important tools of defense, leaders must balance the overwhelming speed and accuracy advantage of AI with the need for measured and intuitive interactions with a real-world human element.

  • What these trends mean for the hands-on practitioner 
  • When velocity of innovation outpaces the capabilities of human intellect 
  • The role of automation in the effective practice of securing our digital world


09:40 - 10:00

► Keeping your data incidents from becoming data breaches with Data Security Posture Management

Filip Verloy, Field CTO EMEA & APJ Rx, Rubrik

  • Data Security Posture Management (DSPM) is essential for securing data across diverse environments.
  • DSPM enables organizations to discover, protect, and manage data assets in on-premises, cloud, and SaaS environments.
  • Discover how by using DSPM, organizations can enforce security policies, ensure data sovereignty, and meet governance, risk, and compliance (GRC) requirements.
10:00 - 10:20

► NIS2: Beyond compliance, a catalyst for transformation

Arash Rahmani, CISO a.i., Nederlandse Zorgautoriteit

  • The transformative opportunity of NIS2
  • The strategic impact of NIS2
  • The evolving role of the Chief Information Security Officer (CISO) in the age of NIS2
10:20 - 11:00

► Education Seminar Session 1

Delegates will be able to choose from the following education seminars:

  • Generative AI: Amplifying attackers and defenders, Lewis Brand, Senior Sales Engineer, Recorded Future
  • Hack the brain – Social Engineering Innovation in 2023, Bas van Erk, Director Benelux & Nordics, SoSafe
11:00 - 11:30

Networking Break

11:30 - 11:50

► Implementing Robust Measures to Secure the Supply Chain 

Siegfried Moyo, Head of Cybersecurity EU, APAC, & LATAM, Americold Logistics

  • Identifying Potential Threats & Implementing Physical Security Measures 
  • Conducting Supplier and Partner Due Diligence: Visibility and Traceability 
  • Business Continuity Planning & employee awareness 
  • Compliance with Regulations 
11:50 - 12:10

► Living in a world of fakes

Jelle Wieringa, Security Awareness Advocate, EMEA, KnowBe4

Deepfakes are here, and they are here to stay. And with technology ever advancing, it is no longer a matter of simply knowing what a deepfake is. Organisations will have to actively decide how they can utilise them to grow their business, and at the same time defend against the malicious use of this technology.

In this talk, we'll be looking at:

  • The evolving role of deepfakes in our lives
  • What you can do with them
  • How you can protect against them
12:10 - 12:30

► Nowhere to hide – Key Insights into Adversary Tradecraft 2023

John Spencer, Sales Engineering, Crowdstrike

Get a frontline snapshot of the current threat landscape, threat actors and their victims.

  • Learn about the latest trends in adversary operations and tradecraft
  • Understand why the human factor is more relevant than ever before
  • Explore the 5 key steps to stay ahead of the threat actor


12:30 - 12:50

► NDR and NIS2: How to turn your compliance obligation into an opportunity

Jürgen Verniest, Sales Director Benelux & Nordics, Gatewatcher

In this presentation, we will tackle:

  • How we allow organisations, both essential and critical, to meet the NIS 2 compliance requirements by providing full network and cloud visibility
  • An unparalleled detection including the support of AI and ML, quick and effective response and compliancy support 
  • Concluding NDR serves as a key tool to enable a more secure and resilient infrastructure and ensure the desired business continuity and competitive edge


12:50 - 13:30

► Education Seminar Session 2

Delegates will be able to choose from the following education seminars:

  • The Future of Security Operations, Rasham Rastegarpour, ReliaQuest
  • ​​​​The Cyber Arms Race: Staying Ahead, Martijn Hoogesteger, Head of Cybersecurity Benelux, S-RM
13:30 - 14:30

Lunch Break

14:30 - 14:50

► How to build a highly automated third-party security risk management (TPSRM) programme

Elli Tsiala, Product Owner of Supply Chain Security, ABN AMRO Bank

  • How to start your TPSRM with resources you already have
  • How to increase your automation and minimise onboarding effort
  • Lessons learned from our journey 
14:50 - 15:10

► Using Zero Trust to Improve Cyber-resilience in the age of AI

Trevor Dearing, Global Director of Critical Infrastructure Solutions, Illumio    

As we transform our business models to deliver more agile services the increasing threat of AI generated attacks on critical infrastructure can potentially disrupt services causing an impact on society. Complying with any changes potentially coming with implementations of NIS2 could be complex and add cost. Taking a Zero Trust approach can simplify compliance and reduces costs.

In this session we will address the following topics:

  • How to identify and define risk
  • How to reduce the attack surface
  • How to contain a attacks
  • How to respond and restore services during an attack


15:10 - 15:30

► Network evidence for defensible disclosure

Nico Roosenboom, Systems Engineer, Corelight

  • Do you consider network evidence a crucial part of your SOC strategy?
  • How do you really know which alerts are the most serious?
  • What’s the best way to shift from responding to alerts to hunting for threats?
  • Understand how to stay ahead of ever-changing attacks by using a data-first approach for detection and response
15:30 - 16:10

► Education Seminar Session 3

Delegates will be able to choose from the following education seminars:

  • The Future of the Human Risk Reduction, Petri Kuivala, Strategic Advisor, Hoxhunt
  • Defending with an Attacker's Mindset, Boudewijn van Lith, Senior Manager Technical Sales, Proofpoint 
16:10 - 16:30

Networking Break

16:30 - 17:00

► CISO Panel Discussion

Peter Avamale, Director, Cyber Strategy & Transformation Practice, PwC — Netherlands, (Moderator);
Marc Berns, CISO, Allianz Benelux;
Marnie Wilking, CISO,;
Mario Beccia, Deputy CIO for Cybersecurity, NATO;

Daniela Lourenço, CISO, Tinka B.V

  • Becoming a more strategic partner to the business
  • Integrating cybersecurity into wider enterprise risk management frameworks
  • Building resilience against third-party security threats
  • Enabling the organisation to leverage AI while managing the associated risks
17:00 - 17:30

► Bypassing Multi-Factor Authentication (MFA) via Phishing Techniques

Manit Sahib, Ethical Hacker & Raj Sandhu, Ethical Hacker

  • Introduction to MFA Bypass Phishing Techniques
  • Live Demonstration of MFA Bypass Attack
  • Countermeasures and Best Practices
  • Conclusion of Demo and Presentation

Conference Close

Education seminars

The Cyber Arms Race: Staying Ahead

Martijn Hoogesteger, Head of Cybersecurity Benelux, S-RM

  • Cyber criminals have had free reign for years, but organisations are better defended, driving them to develop new methods
  • Understand the current lay of the cyber-criminal landscape
  • Learn about new techniques being used by ransomware groups
  • Hear S-RM's insights on the future of cyber threats

Generative AI: Amplifying attackers and defenders

Lewis Brand, Senior Sales Engineer, Recorded Future

Generative AI empowers scalable consumption and production for both attackers and defenders, ushering in a wave of surprising use cases. This presentation shifts the focus from potential malicious uses to practical takeaways. Join us to explore how generative AI can be harnessed for positive impact, providing you with actionable insights and strategies to navigate transformative possibilities. Main topics to be discussed:

  • Real world examples and use cases
  • A practical lens for defenders
  • Think about things differently
  • Recorded Future AI in action

The Future of the Human Risk Reduction

Petri Kuivala, Strategic Advisor, Hoxhunt

Cyber Security comes together in a holy marriage of People, Processes and Technology. CISO´s needs to engage people as their force multipliers as they will not survive alone in the constantly evolving world.

Join this interactive session to learn more about;

  • The CISO veteran & start-up coach thoughts about the People role in Future with the Cyber Security context
  • Be ready with your phone having open to donate your ideas back in to the conversation. “Hold on your chair as Texas is going bye bye….the Matrix”.

Hack the brain – Social Engineering Innovation in 2023

Bas van Erk, Director Benelux & Nordics, SoSafe

The human factor remains a gateway for cybercriminals as phishing and ransomware attacks continue to increase. Cases like those of Uber and Rockstar Games have also shown how cybercriminals are evolving at a rapid pace, exploiting human psychology and our emotions - and hacking our brains. But how do attackers use behavioral science specifically against us? What can we do to protect those around us?

  • Emotional Manipulation Tactics: Insight into how cybercriminals exploit emotions, emphasizing the need for psychological awareness in cybersecurity
  • Behavioral Science in Attacks: Understanding how attackers use behavioral science for effective phishing and ransomware, highlighting the importance of this knowledge in defense strategies
  • Strengthening Defenses: Practical strategies for enhancing resilience against social engineering, focusing on team education and recognition of sophisticated threats

The Future of Security Operations

Rasham Rastegarpour, ReliaQuest

Security operations are changing rapidly and require a more holistic approach to security. Streamlining threat detection, investigation, and response is a good start in managing risk, but also important are utilising threat intelligence and digital risk protection, reviewing suspect employee-submitted emails via the abuse mailbox, and measuring your program to communicate better with your stakeholders and service providers. Additionally, security operations will become more streamlined, with the automation of routine tasks and incident-response procedures becoming the norm. This session will help organisations achieve efficient and effective detection and response to security incidents. 

Five benefits for delegates attending the session: 

  • How a security operations platform helps proactively detect and mitigate cybersecurity risks and support future changes in your business 
  • The benefits of complete visibility across cloud, on-premises, and endpoint environments to mitigate security risks and enable rapid remediation 
  • How automation at key junctures can streamline security operations, speed resolution, and reduce the risk of human error 
  • The need for a more collaborative approach between providers and enterprises that avoids a “black box” method and provides measurable improvements in security operations  
  • How integration with existing security toolsets enables organisations to extract more value out of existing investments while streamlining security response 

Defending with an Attacker's Mindset

Boudewijn van Lith, Senior Manager Technical Sales, Proofpoint

The organisation chart is the new zero-day — and today, it’s publicly available on social media.
•    It’s easier to find someone who will click a link than to find an exploit for an operating system. The attacker simply needs to know who has access to the data they want, then get creative.
•    Most security teams don’t have the same perspective that the threat actors do — they think of their attack surface in terms of VLAN and IP address, instead of the department or job title.
•    Effective defence comes when you can anticipate your attackers’ moves. By combining threat landscape insights with data on which of your users are targeted with which threats, organisations can build more effective security awareness training programs, and users can better defend themselves from the threats they are most likely to see.