08:00 - 08:50 CET

Login & Networking

08:50 - 09:00 CET

Chairman's Welcome

09:00 - 09:20 CET

► Information Security and Privacy as the 2nd Line of Defense - The Impossible Boundary Drawing between Consulting and Operational Implementation

Matthias Jungkeit, Chief Information Security & Data Protection Officer, Münchener Hypothekenbank

  • What framework to implement?
  • Understanding the theoretical starting point 
  • Analysing the complexities in practice 
  • Highlighting possible solutions to overcome 
  • Discussion
09:20 - 09:40 CET

► Building a Response Strategy to Advanced Threats

Richard Wieneke, Regional Manager, ExtraHop

  • Let’s face it: cyberattackers have the advantage
  • The recent string of advanced campaigns, including those launched against SolarWinds, Colonial Pipeline, and JBL, have made this reality painfully clear for most enterprises.
  • With threats persisting inside the network for months, security teams need a new plan
  • In this session, we discuss strategies, including revising existing mental models and incident response processes, to build resilience and reclaim the advantage in the fight against advanced threats.


09:40 - 10:00 CET

► How Hackers Hack: Attacker Methodology & Lifecycle

Jeremiah Roe, Synack 

  • How the adversary applies the kill chain.
  • Process of the attacker lifecycle and methodologies.
  • Identifying New Exploits (And How to Defend Against Them)
  • How to Add Rigor to Your Pentesting: Where traditional penetration testing stops and crowdsourced penetration testing probes further.


10:00 - 10:20 CET

► Developer Security Awareness

Klaus-E. Klingner, Divisional Information Security Officer, Allianz Technology SE

  • Change of Perspective – Why we need to pay more attention to our developers
  • Analysing concept of embedding security more deeply into the development process
  • Building awareness in the developers for security concepts
10:20 - 10:50 CET

 Education Seminar Session 1

Delegates will be able to choose from the following education seminars:

  • E-Crime: Perception and Reality - Jörg Schauff, Strategic Threat Intelligence Advisor, CrowdStrike
  • Internet Isolation: No Surrender to Cyber Criminals - Brett Raybould, EMEA Solutions Architect, Menlo Security
10:50 - 11:20 CET

Networking Break

09:00 - 09:20

► Current Cyber Threats – (How) Can a 'responsible person' still sleep peacefully?

Dr. Rolf Häcker, CISO, Landtag von Baden-Württemberg

  • Current cyber threats in the space 
  • Need for Action-Options for Risk Reduction
  • External Support for Incidence Response
  • Conclusions


11:40 - 12:00 CET

► IT-Security challenges for 2022 and how to Skyrocket Cyber-Defense-Maturity

Dr. Sebastian Schmerl, Director Security Services EMEA, Arctic Wolf

  • The continuous search for attackers. The fast detection, classification and, if required, automatic reaction to security incidents. And the necessity of this being part of everyday business for all organizations; no matter small or large.
  • Continuous improvement of the security posture, reduction of attacker surfaces and a transition to a more cyber resilient IT infrastructure.
  • Sophisticated detection and rapid response to avoid damages as well as the continuous cyber defense maturity improvement are primary services provided by Arctic Wolf to end your cyber risk. 
  • To overcome cyber risk successfully an efficient, goal-aligned unit of people, processes and state-of-the-art security technology is needed. This presentation delves into these aspects and describes how Arctic Wolf addresses these challenges, avoids typical mistakes and cyber secures organizations as well as stops the hamster wheel of never-ending handling of security incidents.  
12:00 - 12:20 CET

► Six things you need to know to protect against ransomware attacks

Laszlo Stadler, Solutions Engineer, BeyondTrust

  • 6 things to know about ransomware
  • Realistic security practices you can implement to protect against ransomware
  • The role of PAM (privileged access management) in mitigating the risks of ransomware and other cyber threats with a powerful, blended defense
  • For those seeking to strengthen your organization’s long-term immunity and resilience against ransomware, don’t miss this session!


12:20 - 12:40 CET

► How Good IT Asset and Risk Management Can Protect You From Ransomware

Anton Merk, Director Solutions Engineering, OneTrust

  • Analyze tactics to strengthen IT asset management as well as risk & controls management.​
  • Discuss considerations for assurance over third party risk.​
  • Review how technology can help you mature your IT asset and risk management programs​
12:40 - 13:10 CET

► Education Seminar 2 

Delegates will be able to choose from the following education seminars:

  • Leveraging IAM for Effective and Efficient Threat Mitigation - Daniel Gordon, Senior Sales Engineer, OneLogin
  • How AI based ‘Threat Detection & Response’ finds and stops Ransomware - Matthias Schmauch, Regional Sales Manager Central Europe, Vectra AI
13:10 - 14:00 CET

Lunch Break 

14:00 - 14:20 CET

► Cybersecurity in 2022: A Legal Perspective

Daniel Sandmann, Attorney at Law, Senior Lecturer at University of Augsburg and ICN Business School Nancy/BerlinHenrik Becker, Lawyer/Partner, Kristof + Becker Partner Compliance Consulting; Dr. Matthias Orthwein, LL.M. (Boston), Head of the IT & Digital Business, SKW Schwarz

  • What trends have been seen in the enforcement of the GDPR in 2021, and which of these trends are relevant to enterprise cybersecurity and privacy professionals?
  • Digital Operational Resilience Act (DORA)-The solution to mitigate cyber and other systemic risks in payment and financial systems?
  • Cyber insurance: CISOs vs insurers


14:20 - 14:40 CET

► The Battle of Algorithms: How AI is beating AI at its own game 

Beverly McCann, Principal Cyber Security Analyst, Darktrace

In this session, discover:

  • How cyber-criminals are leveraging AI tools to create sophisticated cyber weapons  
  • What an AI-powered spoofing threat may look like, and why humans will not be able to spot them 
  • Why defensive AI technologies are uniquely positioned to fight back  
14:40 - 15:00 CET

► Man and machine in cybersecurity: friend or foe?

Matthias Canisius, Regional Director Central Europe, SentinelOne

  • Artificial intelligence in cybersecurity: hype, job killer or a real opportunity?
  • What artificial intelligence can and may do in security
  • How man and machine become a security team
15:00 - 15:20

► The psychology of a Social Engineering attack

Jelle Wieringa, Security Awareness Advocate, EMEA, KnowBe4

  • Learn how psychology plays a vital role in social engineering
  • Understand the techniques cybercriminals use to fool you
  • Get actionable insight on how to better protect yourself
15:20 - 15:40 CET

► Build in security: from DevOps to SecDevOps?

Brice Abrioux, Lead Architect, Union Bancaire Privée, UBP SA

  • What changes when we integrate security in DevOps process?
  • Examining key SecDevOps, DevOpsSec and DevSecOps definitions
  • Analysing integration and implementation security in DevOps
15:40 - 16:10 CET

Networking Break

16:10 - 16:50 CET

► Cloud, Data Security, Data Protection and Governance

Dr. Sebastian Frischbier, Head of Cloud & IT Compliance, Infront

  • Are enterprise digitisation programs becoming increasingly reliant on cloud infrastructure for data storage, and is cloud migration being pushed to reduce IT costs?
  • The significant security/privacy risks associated with moving to cloud infrastructure and what they are?
  • Managing data breaches and privacy risks as you move workloads to the cloud.
  • How recent security events are changing perceptions of cloud security.


16:50 - 17:00 CET

Chairman's Closing Remarks 

17:00 - 17:30 CET



Conference Close

Education seminars

Internet Isolation: No Surrender to Cyber Criminals

Brett Raybould, EMEA Solutions Architect, Menlo Security

Despite the growing sophistication of cyber-attacks and new pressures of managing remote workers, cyber practitioners remain defiant in their cyber defence. No one is ready to wave a white flag. This session is designed for security professionals who are not content to maintain the cyber status quo and are exploring fundamentally different approaches such as isolation to proactively protect their users and systems.

Join this session to hear two real world case studies of organisations that have transformed risk of infection at speed and scale – outsmarting threats and promoting productivity.

What will attendees learn:

  • How to eliminate risk of infection from browser-based threats
  • How to protect users from credential theft via phishing attacks
  • How quickly isolation’s protective layer around users delivers business value

How AI based ‘Threat Detection & Response’ finds and stops Ransomware

Matthias Schmauch, Regional Sales Manager Central Europe, Vectra AI

Cybercriminals are always looking for easy targets and opportunities to steal personal information. With no application, network, or data centre being invulnerable, decision-makers often harbour a false sense of security about their ability to fend off hackers—especially when they’re not armed with the necessary tools to succeed.

During our presentation we will cover:

  • How prepared your organisation is to detect and respond to a ransomware attack
  • What approaches other organisations are taking to stop ransomware gangs
  • How to detect and respond to Ransomware before it impacts you

Leveraging IAM for Effective and Efficient Threat Mitigation

Daniel Gordon, Senior Sales Engineer, OneLogin

There’s no question that the current cybersecurity landscape is constantly shifting and evolving as new threats and security solutions emerge. Increased cyber attacks and distributed workforces have created new challenges that require innovative solutions.

Faced with the challenge of managing identities and securing access to data and applications from a growing number of endpoints, what are the fundamental controls organizations need to maintain business continuity and secure their remote and hybrid workforce?

Hear from Lonnie Benavides – Head of Infrastructure and Application Security, Onelogin – for a discussion on practical information and advice regarding the utilization of identity and access management solutions to effectively mitigate modern cyber threats to your business.

Key Takeaways:

  • Understanding the key fundamentals of a strong cloud security posture
  • Why passwords alone are not enough
  • Best practices for building a cybersecurity strategy at scale

E-Crime: Perception and Reality

Jörg Schauff, Strategic Threat Intelligence Advisor, CrowdStrike

Cybercrime is a problem. In order to successfully protect one’s organisation it is mandatory to understand the system that hides behind the constantly evolving threat landscape, the increasing number of intrusions and the ever-present ransomware threat.

During our presentation we will cover:

  • Supply chains in the crosshairs of cybercriminals
  • Ransomware: A blessing for attackers, a curse for victims
  • Global Attitude of IT-Security professionals towards E-Crime
  • The benefits of Threat Intelligence for security teams