Agenda

Presentations already confirmed include:


►Navigating the Shifting Tides: Preparing for NIS2 and Raising Awareness

Benjamin Bachmann, Group CISO, Bilfinger Group

  • Understanding NIS2: What it means for organizations and the key compliance steps.
  • Awareness is Not Enough: Why a proactive and engaged cybersecurity culture is essential in today's threat landscape.
  • From Knowledge to Action: How tailored awareness training can move the needle on organizational readiness
     

►Enhancing Web Security Without Breaking the Bank

Ashar Javed, Head of Security Technology – Security Technology Section, Hyundai AutoEver Europe GmbH

  • AI-Powered Custom WAF Solutions
  • Undercovering Strategies for Finding Needles in the Haystack of
  • Daily Web Traffic
  • Maximizing Your Existing Security Stack Within Budget
  • Raising the Bar: Making Attackers Think Twice

►United in the Fight Against Global Cybercrime

Chris Robbins, Assistant Legal Attaché, LEGAT Berlin/Frankfurt Sub-office, Federal Bureau of Investigation

  • How do the FBI  collaborate with German authorities to dismantle international cybercrime networks?
  • Insights into joint operations that target cybercriminal groups and disrupt their infrastructure.
  • The role of cryptocurrency tracing in cutting off cybercriminal funding across borders.
  • Strategies for public-private partnerships that enhance cybersecurity resilience in both nations.

►Resourcing priorities in Third-Party Risk Management and Supply Chain Security 

Sneha Parmar, ISO, Lufthansa Group Digital Hangar
Chuks Ojeme, Global Chief Information Security & Compliance Officer, Brenntag 
Julian Dube, Information Security Officer, E.ON Digital Technology

•    Identifying, risk assessing and screening critical vendors – a job for who?
•    Defining contractual obligation: how do you enforce your security requirements, standards and data handling practices?
•    Approaches to continuous vendor monitoring: dealing with problem third-parties
•    Incident Response Planning and managing third-party breaches
•    What about security vendors?


►Redefining Security Strategy under EU AI Act: Prioritizing Human Factors in AI Integration

Meri Roboci, AI Security Strategist, DWS Group

  • Adapting Security Strategies to EU AI Act – Understand practical steps to align security practices with the EU AI Act’s standards.
  • Building Trust in AI Tools through Human-Centric Design – Learn how to address biases, ethical issues, and build trust in AI systems for effective security operations. 
  • Incorporating Human Oversight in AI Risk Management – Discover methods to improve AI risk assessment and response with human input.

►Leveraging DORA TLPT (Threat-Led Penetration Testing) to enhance Cyber Resilience

Manit Sahib, Ethical Hacker & Former Head of Penetration Testing & Red Teaming, Bank of England

  • How DORA TLPT aligns seamlessly with TIBER-EU, CBEST & DORA to enhance cyber risk management.
  • Discover the benefits of an EU-standard approach to threat-led testing.
  • See how DORA TLPT boosts readiness for live system testing.
  • Learn how to start using DORA TLPT for ongoing cyber resilience and regulatory compliance

 


►8 things your NG SIEM must do 

Christian Schramm, Enterprise Sales Engineer, CrowdStrike

  • Many traditional SIEM and logging tools [crowdstrike.com] were developed more than a decade ago and can no longer adequately handle today's data volumes. With the volume of log data growing faster than IT budgets, SecOps teams need a solution that can keep pace with the demands for speed, scalability and efficiency to support the growing volumes of data. Modern log management can deliver high performance and sub-second latency at low cost.
  • Learn from Christian Schramm, Sales Engineer at CrowdStrike:
    • The typical drawbacks and blind spots of legacy SIEM systems
    • How changing security requirements have turned the SIEM market on its head
    • Eight key features to look for when evaluating your next SIEM system

       

►The pivotal role of security culture in addressing CISO’s top challenges in 2025 

Dr. Martin Krämer, Security Awareness Advocate, KnowBe4

  • Information security professionals are navigating an increasingly complex threat landscape shaped by geopolitical shifts and rapid technological advancements. Key challenges include AI-driven threats, evolving regulatory demands, talent shortages, skill gaps, data security and privacy concerns, and the need to strengthen operational resilience.
  • To address these issues effectively, professionals must harness the power of a strong security culture to drive sustainable, organization-wide change. Attend this session to explore:
    • How fostering a robust security culture can serve as a critical strategy in overcoming these pressing challenges.
    • Leverage security culture as a strategic enabler
    • Navigate complex threat landscapes
    • Drive sustainable change to enhance organizational resilience

►The Cybersecurity Crystal Ball: Proactive Threat Detection with Internet Intelligence from Censys

Harald Roeder, Senior Solutions Engineer, Censys 
Tabatha von Koelichen, Regional Sales Director for DACH and Central Europe, Censys

  • The State of Cybersecurity in 2024: Emerging threats and the expanding attack surface.
  • Why Visibility Matters: Uncovering hidden risks with comprehensive internet asset discovery.
  • Real-Time Threat Detection: Leveraging global internet scanning to identify vulnerabilities before attackers do.
  • Actionable Insights: How to integrate Censys into your security stack for maximum impact.
     

Education seminars


Why Do Employees Steal Data from Their Own Company? – Hunting Insiders with Varonis


Florian Raack, Sales Engineer, Varonis

In our modern IT world, we are constantly focused on preventing external threats. However, we often overlook one of the biggest threats: insiders within our own ranks. Corporate espionage, high employee turnover, and corruption are just a few reasons why individuals might steal data from their own companies.
Moreover, it only takes a single compromised identity for an attacker to transition from an outsider to an insider. These acts often go unnoticed because they occur under the guise of legitimate authorization. Additionally, employees typically have access to far more data than they need to perform their jobs. Generative AI adds another layer of complexity to this issue.

Attendees will learn:

  • How the Varonis Data Security Posture Management Platform can help you tackle this problem and effectively protect your data in a hybrid world.
  • Remember, a data breach can never be undone.

Email Security Today: The Role of DMARC


Antony Seedhouse, Customer Engineer, Red Sift

  • Understanding the Risk: Explore the increasing prevalence of email spoofing and phishing attacks and their impact on businesses that lack robust domain protection.
  • Why DMARC Matters: Gain insights into how DMARC works to prevent email impersonation and safeguard your organization’s email ecosystem.
  • DMARC Trends and Challenges: Understand common challenges and what the data reveals about organizational progress in securing domains.
  • Streamlining with a Managed OnDMARC Provider: Learn how using a managed DMARC provider such as Red Sift’s OnDMARC makes implementation and management straightforward, helping organizations achieve enforcement and stay secure without added complexity.
  • OnDMARC in Action: Hear how businesses have strengthened email security and protected their brands with OnDMARC.