Agenda

08:00 - 08:50

Registration and Networking Break 

08:50 - 09:00

Chairman’s welcome 

09:00 - 09:20

► Fighting cybercrime is teamwork! – Co-operating with the police in cyber attacks on companies

Dominik Mauer, Analyst & Cooperation Manager, Federal Criminal Police Office/Bundeskriminalamt, Cybercrime Division

  • What is the current situation in the field of cybercrime
  • Who is responsible in the event of a cyber attack on a company and who are the contacts?
  • Why is it important for a company to cooperate with the police in the event of a cyber attack?
  • Myth check: reservations about cooperation with the police and our answers to them
09:20 - 09:40

► Why 24 is the answer to all questions in the cyber security environment!

Thomas Schuchmann, Senior Director Sales Engineering Germany, Rubrik & Stefan Schmugge, Director Sales Engineering, Rubrik

  • Do you know the difference between resilience and resistance? How does resilience and resistance differ in data security and which is really more effective for businesses?
  • Are cyber incidents really the biggest business risk? Why are cyber risks becoming more of a management focus and what does this mean for businesses?
  • Are we investing enough and in the right things? Despite increasing security spending, why are cyber attacks still a problem and what could we do differently?
  • How can we do better? What strategies are there to not only minimize the risk of a cyberattack, but also to mitigate its potential consequences?
09:40 - 10:00

► Looking Back at the Threat Landscape in 2023 (And What to Expect for 2024)

Paolo Passeri, Principal Sales Engineer and Cyber Intelligence Specialist, Netskope 

This session will provide an overview of the main security trends observed in 2023, providing some indications on what to expect for 2024.

  • Cloud and SaaS adoption continue to rise in enterprise environments with users constantly adopting new apps and increasing their use of existing apps.
  • Adversaries, recognizing this trend, are abusing and targeting popular apps in their operations more frequently, with social engineering having become the most common method used to gain access into victims’ environments.
  • In parallel, the utilization of Generative AI apps, virtually non-existent in the enterprise a year ago, has increased exponentially exposing organizations to new risks such as corporate data leakage and themed social engineering campaigns.

 

10:00 - 10:20

► Threatcasting: disrupt the threat and enable the future 

Sonia Neffati, Regional Chief Security Officer, Europe, Mastercard

  • Using threatcasting to model a range of possible and potential futures and threats in a complex and uncertain environment 
  • Working with organisations via subject matter expert (SME) interviews, workshops and operationalisation exercises  
  • Identifying indicators that threats or desirable futures are manifesting  
  • Suggestions and actions that can be taken to disrupt the threat or enable the future
10:20 - 11:00

► Education Seminar Session 1

Delegates will be able to choose from the following education seminars:

  • Ransomware Revealed: The Changing Landscape of Ransomware and Data Exploitation, Christian Buhrow, Regional Sales Director, SpyCloud
  • Browser security – the proven prevention layer for enterprise cybersecurity, Tom McVey, Solution Architect, Menlo Security
11:00 - 11:30

Networking Break

11:30 - 11:50

► The Utopia of European Cybersecurity Certification – Automation of Compliance

Dr. Jesus Luna Garcia, Cybersecurity Governance – Cloud and AI, Robert Bosch GmbH

  • The challenges and opportunities of the upcoming certifications derived from the European Cybersecurity Act
  • The benefits of automating traditional cybersecurity certification processes, summarizing practical experiences related to the upcoming EU certification scheme for cloud services (EUCS)
  • How automation can support cybersecurity certifications related to new EU Regulations (e.g., NIS2, and AI Act)? A view on our ongoing activities
11:50 - 12:10

► The Cyber Threat Landscape Germany

Marvin Schneider, Customer development, Cloudflare

  • Cyber threat landscape Internet and Germany
  • Why employee security training falls short
  • What you can do today to shut down one of the biggest attack vectors
12:10 - 12:30

► NIS 2.0 - Burden or Opportunity?

Roland Stritt, SentinelOne

  • The introduction of the NIS 2.0 directive (Network and Information Security Directive) represents a significant development in the cybersecurity landscape. 
  • What does NIS 2.0 mean for your company?
  • This presentation aims to provide food for thought and highlight opportunities and challenges that companies may face in the course of implementing NIS 2.0. 
  • Insights and ideas for managers and security experts.
12:30 - 12:50

► Email Authentication: Are You Ready for Stringent Email Acceptance Rules at Google and Yahoo? 

Giovanni Pascale, Proofpoint

To help address the high number of fraudulent emails hitting their users accounts, Google and Yahoo announced new email authentication requirements that could impact your company’s deliverability. The new requirements will be enforced as early as 1st February 2024. 

Join our session to hear from our subject matter expert Giovanni Pascale on key aspects of the new requirements, such as SPF, DKIM, DMARC, and DMARC alignment. We will discuss: 

  • Overview of the new requirements 
  • Overview of SPF and DKIM and things to consider 
  • The role of DMARC and the challenges associated with getting alignment 
  • Tools, technology and resources to help reduce the impact to your organisation 
12:50 - 13:30

► Education Seminar Session 2

Delegates will be able to choose from the following education seminars:

  • Insights into the dark web: cybercrime forums, markets and threats to watch out for, Bernd Knippers, Senior Sales Engineer DACH , Recorded Future
  • Network Traffic Visibility & Zero Trust Security in Kubernetes Environments, Bettina Bassermann, Business Strategist, Pre-Sales DACH, SUSE
13:30 - 14:30

Lunch and Networking Break 

14:30 - 14:50

► The role of CISO in the evolving new frontiers of cybersecurity regulations

Chuks Ojeme, Global Chief Information Security & Compliance Officer, Brenntag

  • NIS2: What does it imply? 
  • How does it affect the Role of a CISO 
  • Regulations and Geo-Politics, the impact on Cyber risk management
14:50 - 15:10

► It’s all about readiness! Why you may have been doing cyber training wrong!

Rupert Collier, VP Global Sales, RangeForce

Rupert will provide some insights into the following: 

  • How realistic, hands-on, simulation-based readiness training helps companies elevate cyber skills, fill specialist staffing gaps, and save training budget.
  • How and why a focussed, continuous, cyclical training program called AR(2) uses a unique combination of self-paced learning and live-fire team exercises to improve their security team's ability to detect, contain, and remediate cyberattacks.
  • How and why this approach is much more effective and efficient than old fashioned classroom-based, instructor-led, certification-centric methodologies.
  • How some other German customers have seen huge benefits for their SOC and cyber defence teams from the RangeForce platform.
  • How RangeForce makes it easier to personalize relevant training for larger teams with a diverse range of backgrounds and skill sets.
15:10 - 15:30

► The challenges of NIS2: Just compliant or also secured?

Nikolei Steinhage, Enterprise Sales Engineer DACH, CrowdStrike

NIS2 stellt viele Unternehmen vor enorme Herausforderungen. Statt NIS2 einfach nur als eine Compliance-Anforderung zu betrachten, wollen wir zwei Fragen in den Mittelpunkt stellen:

  • Wie kann man die Anforderungen schnell umsetzen (time-to-value)?
  • Wie kann man NIS2 nutzen, um flexible auf zukünftige Herausforderungen reagieren zu können?
  • Wie lassen sich trotz NIS2 Kosten sparen?
15:30 - 16:10

► Education Seminar Session 3

Delegates will be able to choose from the following education seminars:

  • Fraud prevention, AML, and KYC with Mobile Intelligence, Gerhard Sahner, Business Development Mobile Intelligence, JT Global
  • The anatomy of online fraud: How AI is changing the battlefield in favor of the attacker and what we can do about it, Julian Wulff, Director, Cyber Security Central Europe, Red Sift
16:10 - 16:30

Networking Break

16:30 - 16:50

► Why CISOs should care about resilience

Dr. Timo Wandhöfer, Group CISO, Klöckner & Co

  • Resilience is what you need when security has failed. It’s DR and BCP. So what is the role of the CISO in these activities?
  • If companies assume successful hacks, then should they divert resources away from security that is doomed to fail to DR/BCP? 
  • Shouldn’t we be taking a different approach to security itself: should CISOs focus on protecting key business processes not simply data? 
  • What do CISOs bring to the resilience party?
16:50 - 17:30

► CISO Panel Discussion

Chuks Ojeme, Global Chief Information Security & Compliance Officer, Brenntag (Moderator);
Gulnara Hein, CISO, Chintai;
Moona Ederveen-Schneider, Executive Director EMEA, FS-ISAC;
Riccardo Riccobane, Head of CSO Security Assurance & Head of Operational Resilience, DWS;
Ashar Javed,Head of Security Technology – Security Technology Section, Hyundai AutoEver Europe GmbH
 

  • Integrating cybersecurity into wider enterprise risk management frameworks
  • Becoming a more strategic partner to the business?  
  • Building resilience against third-party security threats
  • Web 3.0 and the next generation of the internet: securing new technologies and services
  • Preparing for NIS2
17:30

Conference Close

Education seminars


Browser security – the proven prevention layer for enterprise cybersecurity


Tom McVey, Solution Architect, Menlo Security

According to Google, 98% of attacks originate from internet usage and 80% of those target end user browsers – sadly all too successfully. Combine this stark reality, with users’ relentless demand for new SaaS and private applications, often collaborating with external stakeholders, and security pros are always running to stand still.  

Join us for a practical session where we will cover: 

  • Security – The proven value of robust browser security across managed and unmanaged devices – automating browser configuration and establishing enhanced browser forensics 
  • Connectivity – Your users and third parties need access to SaaS applications, private web apps and data, including the use of GenAI. We share how organisations are enhancing user protection and productivity while reducing the cost and complexity of solutions such as VDI 
  • Compliance – How browser security supports organisations striving to comply with key NIS 2 requirements for incident management and prevention 

We will provide real world examples of how to increase cyber prevention through improved browser security including a case study of a major German car manufacturer. 

 


Network Traffic Visibility & Zero Trust Security in Kubernetes Environments


Bettina Bassermann, Business Strategist, Pre-Sales DACH, SUSE Software Solutions Germany GmbH

Deep network visibility is the most important part of container security at runtime.

With traditional perimeter-based security, administrators use firewalls to isolate or block attacks before they reach the workload. Inspecting container network traffic reveals how an application communicates with other applications and is the only way to stop attacks before they reach the application or workload. NeuVector is the only 100% open source security platform for containers with continuous auditing throughout the lifecycle.

  • Supply chain Security
  • Vulnerability and Compliance Management
  • Zero Day Attack Prevention
  • Perform Deep Packet Inspection (DPI)
  • Monitor east-west and north-south container traffic

Insights into the dark web: cybercrime forums, markets and threats to watch out for


Bernd Knippers, Senior Sales Engineer DACH , Recorded Future

The dark web is a hidden area of the World Wide Web and operates through specialized software that allows users and websites to remain anonymous. In this presentation, we will discuss the nature of the dark web and the potential threats it poses, as well as appropriate detection and defence strategies through applied threat intelligence.


Ransomware Revealed: The Changing Landscape of Ransomware and Data Exploitation


Christian Buhrow, Regional Sales Director, SpyCloud

  • Trends in the shifting ransomware landscape, including frequency of attacks, costs to organizations, and emerging new threats to be aware of 
  • The riskiest entry points, as well as the connection between specific infostealer malware infections and the probability that a company will subsequently experience a ransomware event
  • Gaps in remediation that are contributing to a proliferation of entry points for follow-on ransomware attacks
  • A live demonstration on how to turn recaptured darknet data into your greatest defense against ransomware, next gen account takeover & online fraud
     

The anatomy of online fraud: How AI is changing the battlefield in favor of the attacker and what we can do about it


Julian Wulff, Director, Cyber Security Central Europe, Red Sift

There are a few key components in the making of online fraud. Some of these elements are becoming an order of magnitude faster to execute for attackers thanks to Generative AI. But not everything about this new technology is a gift to attackers, and there are some common-sense things that organizations can do to defend themselves more effectively

  • What makes a very effective online fraud
  • How is Generative AI accelerating and making fraud easier to carry out effectively
  • What actions can we take to counteract this? How can defenders use Generative AI themselves?

Fraud prevention, AML, and KYC with Mobile Intelligence


Gerhard Sahner, Business Development Mobile Intelligence, JT Global

The use of real-time mobile intelligence data for customer authentication based on verified subscriber data from mobile network operators enables a higher level of security, especially in the fields of finance and e-business. These mobile data are already being used to establish robust cybersecurity measures, combat cybercrime, and reduce risks associated with mobile fraud. Additionally, they provide the ability to verify SIM integrity, identify high-risk transactions, and conduct age verification. Furthermore, they contribute to assessing the creditworthiness of customers for Buy Now, Pay Later (BNPL) and credit services. Gerhard Sahner's (Jersey Telecom) presentation offers an interesting overview of the various possibilities of this innovative technology."