Agenda

Presentations already confirmed include:


►How to define and manage ICT risk in line with regulatory requirements (such as DORA and MiCA)

Dr. Gulnara Hein, CISO, Chintai

  • Building visibility by combining top-down business and bottom-up technology perspectives to map processes, systems, information assets and third parties
  • Distinguishing real risks from control gaps, and why this matters for prioritisation, reporting and decision-making
  • Do current risk structures underestimate the role of ICT controls in mitigating broader operational risks such as process failure, human error, and third-party disruption?

►Lock It Down vs. Let It Flow: The Eternal Tug-of-War Between Security and Usability

Julian Dube, Information Security Officer, E.ON Digital Technology

  • How the clash between security and agility shapes today’s cloud-first organisations
  • Why BYOD remains the Trojan horse of convenience — and a growing security risk
  • The truth behind the “secure cloud” myth and shared responsibility gaps
  • How developer practices can weaken even the strongest security pipelines
  • Actionable steps for CISOs to establish security faster together with the business

►Ransomware 3.0: Weaponizing AI for the Next Generation of Ransomware Attacks

Manit Sahib, Ethical Hacker & Former Head of Penetration Testing & Red Teaming, Bank of England

  • LIVE DEMO - Inside the first AI-powered ransomware attack — See how my custom Agentic Ransomware Gang can take down a network in under 8 minutes
  • Firsthand insights from real-world red team ops — from legacy tech and broken access controls to the critical lack of real-world security testing
  • Why traditional security fails — compliance checklists and conventional tools don’t stop modern ransomware
  • What CISOs and security leaders must do now — real-world, field-tested steps to prove your controls work before attackers do it for you

►Zero Trust—Beyond the Buzzword: separating Strategy from Implementation

Igor Podebrad, Director, Office of the CISO, Google Cloud

  • How the core principles of Zero Trust differ from how it’s commonly implemented across enterprises
  • Insights into real-world challenges and pitfalls organisations face when operationalising Zero Trust
  • Strategies for aligning policy, identity, and architecture to achieve genuine Zero Trust outcomes
  • Practical guidance on measuring Zero Trust maturity and closing the gap between intent and execution

►Operational Resilience by Design in the Age of DORA

Thomas Barkias, Principal Supervisor, Cyber Resilience, ICT, Crypto & Operational Risk,  European Central Bank

  • Redefining resilience beyond compliance, moving past DORA as a checkbox into a true resilience mindset
  • Identifying the minimum viable business, mapping the critical services and dependencies that must endure disruption
  • Shifting from perimeter-based security to risk-based resilience, prioritising continuity over threat-specific controls
  • Integrating ICT, third-party, and operational risk, into a single, unified resilience strategy

►Building Cyber Resilience and Managing Risk Across Critical Industries

Sachin Gaur, Cybersecurity Manager, Continental (Moderator)
Sheeba Baskaran, Lead Security Architect, Lenovo, Deutschland GmbH 
Andrea Szeiler, Group CISO, MVM Ltd 
Riccardo Riccobene, MD - Senior Information Security Officer, State Street Bank International
Maximilian Moser, Consultant Industrial & Product Security, VDMA

  • How should boards and executive teams manage cyber risk as an enterprise-wide issue rather than a technical one?
  • With IT and OT convergence happening in industries from energy to transportation to manufacturing, what are the key challenges in securing both business systems and operational environments?
  • How can organisations strengthen resilience against third-party and supply chain risks in today’s globally interconnected economy?
  • As digital transformation accelerates through technologies like AI, IoT, and automation, how can leaders balance innovation with effective cyber risk oversight?
  • Looking ahead, what governance models, cross-industry collaborations, and cultural shifts will be most essential to strengthening resilience across critical national infrastructure

►European Threat Reality 2025: How Adversaries Operate Today

Nikolei Steinhage, Senior Sales Engineer, CrowdStrike

  • Why Europe faces an intensified threat environment and why organisations across the region are increasingly targeted by extortion- and espionage-driven campaigns
  • Which adversary groups are most active right now – including their preferred tactics, from rapid ransomware operations to highly convincing social engineering
  • Which industries are most at risk and the clear patterns emerging from recent attacks across Europe
  • What organisations must prioritise now to build resilience against today’s European adversary techniques

►Countering Cyber ​​Threats with Zero Trust Cyber ​​& Identity Resilience

Frank Schwaak, Field CTO, Rubrik

  • In a world of increasingly sophisticated cyberattacks, pure prevention is reaching its limits
  • Why companies need to rethink their strategies: moving away from mere defence and towards genuine cyber and identity resilience
  • How organisations can not only prevent attacks but also respond effectively and maintain critical business processes during and after incidents
  • Operational resilience thus becomes a key strategic competency for sustainable security

Education seminars


Shadow API: Find Them, Test Them, Fix What Matters


Mark Schembri, Field Software Engineering Manager, Invicti Security

Your business is increasingly API-driven, yet partially blind when it comes to API security. Often, security teams are unsure of the number of APIs they have, let alone which ones are exposed, undocumented, or vulnerable. Join us to learn how you can apply Invicti’s multilayered approach to shadow API discovery and schema reconstruction. Once discovered, you test these APIs with the industry's best DAST.  Validating difficult-to-find vulnerabilities like BOLA and BLFA, business logic errors, and the presence of weak authentication with proof-based scanning to achieve AppSec’s charter that only secure apps reach production.

Attendees will learn:

  • Sensorless API discovery and schema reconstruction
  • API management system integration
  • Network traffic analysis (NTA) across F5, NGINX, and Cloudflare
  • OWASP Top 10 for API testing and reporting

Purchase Scams Uncovered: A Look at the Dark Web's “Opportunity Economy” and Advanced Resilience Tactics


Joël Giger, Senior Intelligence Consultant, Recorded Future

Purchase scams are a major emerging fraud threat using fake e-commerce stores to steal data and accept payments for non-existent goods. The dark web's "opportunity economy" amplifies these scams through market promotions for criminal services and emerging AI tools for content generation and scale. Threat actors also employ advanced strategies to ensure resilience, which complicates detection and investigation. Effective mitigation requires scam merchant intelligence and increased customer awareness.

Attendees will learn:

  • The role of the dark web "opportunity economy" and emerging AI tools in rapidly scaling and amplifying purchase scam infrastructure and campaigns.
  • The advanced resilience tactics prolonging the scams' lifespan and complicating investigations.
  • How to mitigate purchase scam risk using scam merchant intelligence for proactive detection and the importance of robust customer awareness and education programs for card issuers and merchant acquirers.

Your Perimeter is on the Front Lines: Attack Surface Reduction as a Primary Defence


Dan Andrew, Head of Security, Intruder

This education seminar will provide a deep-dive into core concepts and practical recommendations for Attack Surface Management (ASM) and Asset Discovery. Your perimeter is on the front line, and good patch management alone is not enough to protect it. You should leave this session with a better idea of how to blend ASM and Asset Discovery with Patch Management for a robust exposure management process.

We'll run through examples of attack surface risks, real-world vulnerabilities affecting internet exposed tech, and why implementing an ASM process is critical alongside patch management. It may be tempting to fall back on just patching your biggest *known* threats, but some of the biggest risks are vulnerabilities that are not yet publicly known. These threats do not have a CVSS score, and attack surface management is your primary defence. Learn how to future-proof your perimeter.

Asset Discovery is also an essential part of managing your attack surface. Keeping track of your internet exposed IPs and domains is far from trivial, and cloud environments in particular make this challenge harder. Losing track of some of your assets is no longer an embarrassing mistake - it's an unavoidable reality. We will show some examples of how this happens, and give a practical approach to asset discovery which helps you keep track, and avoid systems slipping outside of your exposure management process entirely.

Attendees will learn:

  • Integrating Attack Surface Management into your Patch Management process - defining ASM as a Primary Defence that's proactive, not reactive
  • Prioritisation considerations and why Informational risks are Criticals waiting to happen. Why not all 'Criticals' are equal, and why CVSS is not king
  • The importance of Asset Discovery to find Shadow IT and build a realistic view of your Attack Surface. Practical recommendations on how to approach this