08.00 - 08.50

Breakfast networking and registration 

08:50 - 09:00

Chairman's Welcome 

09:00 - 09:20

► How to manage the evolution of regulatory risk

Felix Czwikla, DPO, GlaxoSmithKline Consumer Healthcare

  • Adaptations since GDPR and lessons learnt
  • How does GSK manage regulatory risks and resulting incident response models?
  • How has the prioritisation of data privacy shifted and what does this mean for future security roles?
09:20 - 09:40

►Harnessing the Power of a Digital Identity Network: Reducing eCrime, Building Trust

Andy Renshaw, Senior Director - Market Planning - Fraud and Identity, ThreatMetrix

  • How harnessing a global view of trust, and risk, helps detect and block advanced fraud
  • Building trust using digital identity intelligence can help better distinguish between good customers and fraudsters in near real time
  • An analysis of recent attack patterns and fraud typologies from the ThreatMetrix Digital Identity Network, which analyzes 110 million transactions a day
09:40 - 10:00

► Implementing a compliance and governance control framework within the business

Stefan Bosnjakovic, IAM & GRC Architect, Deutsche Kredit Bank

  • Affording the appropriate members of the business the correct level and scope of access
  • How to manage intertwined business processes and IT while conforming to ever increasing compliance standards
  • Shedding light on the compliant implementation of Segregation of duties
10:00 - 10:20

► Machine Identity Protection – the next hot category in IT Security

Georg Gann, Regional Sales Director DACH & Eastern Europe, Venafi

  • What are machines?
  • What are Machine Identities?
  • Day-to-day challenges to overcome around Machine Identities
  • How to gain Visibility, Intelligence and Automation to protect your Machine Identities
10:20 - 10:50

Networking and refreshments break 

10:50 - 11:10

Executive Panel Discussion 

Demystifying cyber threats with law enforcement 

  • Heiko Lohr, Head of Cybercrime from the German Federal Police (BKA)
  • Tolga Yilmaz, Vulnerability & Penetration Test Manager, MAN Truck & Bus
  • Ruben Caris, Anti Financial Crime, HypoVereinsbank – UniCredit Bank AG
  • Patricia Andre, Business Continuity Manager, Allianz
11:10 - 11:30

► Your users don't care about the network, so why try and push them there?

Nathan Howe, Principal Solution Architect, Zscaler

  • Secure Application access for your users regardless the location of the app or the user
  • Decoupling your users from your applications and networks
  • Your apps exist everywhere, on prep and the cloud, etc. therefore the Internet is already become part of company
  • Elimination of the need for network-centric solutions such as remote access VPN
11:30 - 11:50

► How to manage cyber risk on a daily basis for your company and the affiliates, your suppliers and peers (Live view in the BitSight Portal)

Jirko Kaeding, Account Executive – DACH Region, BitSight

Participants will see a live view into the BitSight Portal. We will demonstrate how continuous cyber risk monitoring works for your company and the affiliates, your suppliers and peers.

  • How the Cyber Risk Rating can be improved in the easiest way. All risk vectors and the results will be demonstrated
  • How Cyber Risk for your own company and its affiliates, suppliers and peers can be managed based on qualified events and ratings
11:50 - 12:10

► Enterprise password management and reporting – best practice

Peter van Zeist, Sr. Solutions Consultant, LogMeIn

Besides multi-factor authentication, single sign-on and biometric data, passwords are still the most common form of authentication. In our session we will talk about how:

  • Organizations are better able to reconcile the needs of IT departments and users
  • Companies can counteract bad password habits
  • LastPass makes companies more secure in an unconventional way
  • You enable your employees to do the same without much effort
  • You'll be safer in five steps
12:10 - 12:30

Networking and refreshments break 

12:30 - 12:50

► Protecting yourself inside out 

Jake Curtis, Information Security Officer, BurdaForward

  • The human risk factor: are your employees aware they are being targetted?
  • How do you adequately sensitise employees to these risks?
  • Password management and multi-factor authentication for overall safety
12:50 - 13:10

►Cyber Investigations in Fast Mode

Tobias Schubert, Enterprise Sales Engineer DACH, CrowdStrike

  • How to achieve automated investigation TODAY
  • How to apply intelligence and cutting-edge technology to incident response
  • How to turn attacks into an opportunity to improve defense - automatically
13:10 - 13:30

► OneLogin Access Management: Leading Cloud Transformation

Marcus Mueller, VP of Enterprise Sales EMEA, OneLogin

  • The Dynamic Future: 2025
  • Evolution Across Three Domains of Business
  • The Rise of the Dynamic Marketplace
  • Unifying Access Across the Enterprise
13:30 - 14:20

Lunch and networking 

14:20 - 14:50

► How AI can improve Cyber Defense - Building Security Analytics platform at UBS
Marek Pietrzyk, Director and Program Manager, UBS Switzerland

  • The evolution of critical persisting cyber threats – impacting the growing attack surface of modern digital business environments
  • Leveraging AI, Big Data Analytics and Machine Learning technologies to automate detection of abnormal behaviors of devices, users or networks
  • Lessons learnt from the successful global implementation from technological, operational and managerial perspectives
14:50 - 15:10

► 3 steps to establish a data-centric security framework

Christoph Kumpa, Director DACH & EE Region and Jakob Oberascher, Senior Sales Engineer DACH and Eastern Europe, Digital Guardian

Forrester has created a framework to help security and privacy leaders implement a security strategy focused on the data. Their data security & control framework breaks down the problem into three areas:

  • Defining the data
  • Dissecting and analyzing the data
  • Defending and protecting the data

During this session, Christoph and Jakob will quickly drill into this framework and suggest how to derive tangible results from its three core disciplines.

15:10 - 15:30

► How Risk Intelligence Derived from Threat Actors Can Inform Software Vulnerability Management

David Anumudu, CISSP,CSSLP,CISM, Solution Architect, Flashpoint

  • Why managing vulnerabilities represents a huge challenge for enterprises
  • Triage Troubles - what makes prioritisation so difficult?
  • Techniques your organisation can use to ensure that the most important emerging vulnerabilities are addressed
15:30 - 15:50

► Privacy and Cybersecurity – Legal Framework and Case Study

Dr. Christoph Ritzer, Partner, Norton Rose Fulbright

  • Legal implications in case of a cyber incident – How to deal with the incident and comply with the law?
  • Overview on Legal and Regulatory Risk Landscape
  • GDPR aspects and NIS Directive
  • Cyber incident response – case study: Legal and regulatory best practices
15:50 - 16:10

► Offensive Security Testing with a Hacker Mindset

Ron Peeters, Managing Director EMEA, Synack

  • There is exponential growth in cyberattacks and attacks are increasingly sophisticated with greater break-in success
  • Traditional vulnerability scanning and compliance-based Penetration Testing prove ineffective to detect many serious vulnerabilities in live systems
  • Hear about a revolutionary new security testing approach using large teams of highly-vetted international, top-class security researchers who can find serious vulnerabilities in any live system often within a matter of hours
  • Several supporting case studies are discussed including how Synack was able to break in the Pentagon within just four hours
16:10 - 16:30

Networking and refreshments break 

16:30 - 16:50

► Executive Panel Discussion

Security and business synergy – aligning cybersecurity  with organisational goals

  • Henrik Becker, Director Compliance & Risk Management, Unitymedia Kabel
  • Frank Borchard, Head of IT, Otto Group 
  • Georg Mattern, Information Security Officer, Siemens
  • Wolfgang Fricker, IT Compliance Manager, Lotto24
16:50 - 17:10

► Compliance and competitivity; balancing regulation and innovation 

Daniel Sandmann, Attorney at Law, Senior Lecturer at University of Augsburg and ICN Business School Nancy/Berlin

  • Enforcing GDPR and beyond
  • The race for xtech and IT due diligence
  • The future of regulation
17:10 - 17:30

► Staying one step ahead: insights into cybercrime and the importance of collaboration
Heiko Löhr, Head of Section Cybercrime Unit, German Federal Criminal Police Office

  • If co-operation between the private industry and the police in case of a cyberattack is to yield success it should preferably begin ahead of the incident: mutual trust and short information channels reduce and prevent damage in a crisis
  • The identification of reasons for and originators of cyberattacks and data leaks is also in the interest of the affected enterprises and their customers
  • The confiscation of attacking IP infrastructures and the arrest of those involved in cybercrime are unique features of the law enforcement agencies