Agenda

08.00 - 08.50

Breakfast and registration

08.50 - 09.00

Conference welcome

09.00 - 09.20

► FAIL: How to acquire great technical solutions and then mess up their implementation

Stefan Hornke, Senior Manager, 4C Group AG

  • Why do cybersecurity and IT projects fail?
  • A tongue-in-cheek analysis of the commonest mistakes in project management
  • How to ensure successful cybersecurity solution implementation
09.20 - 09.40

► Overcoming Today’s Most Pressing Third-Party Risk Management Challenges

Marco Ratzmann, Enterprise Sales Account Executive, OneTrust

  • Review the drivers and challenges organizations face when managing third-party vendor risk 
  • Identify priorities before, during and after vendor procurement
  • Takeaway a six-step approach for automating the third-party vendor risk lifecycle 
  • Hear real case studies from privacy experts on how to practically tackle the third-party vendor risk
09.40 - 10.00

► How do I implement a ‘Zero Trust’ security policy throughout your organization?

Matthias Heise, Sales Manager, Pulse Secure 

Our dynamic world of mobile and cloud computing requires advancing secure access capabilities based on continuous verification and authorization. How can you improve managing and governing user access ? Pulse Secure will show how you can implement a single access policy to your data, regardless of where it is located, from wherever the person is accessing it from on whatever device.

Key Takeaways : 

  • How to achieve total user and endpoint visibility, and up-scaling device security
  • How you can enable IoT identification in a secure way and set relevant profiles
10.00 - 10.20

► Crisis communication and CRITIS – a new dimension in the perception area of IT security

Andrea-Julia Reichl, Information Security Officer (CISO), Klinikum Ingolstadt

  • Hospital Care as a Critical Infrastructure (KRITIS): Information Security Challenge
  • What does the kDL (critical service) mean in the implementation of (IT) security?
  • The media “paradox of consternation” vs. real crisis communication: a practical discussion
10.20 - 11.00

 Education Seminar Session 1

Delegates will be able to choose from the following education seminars:

  • Enterprise Content Firewall – How to establish a Secure Content Communication Platform - Alexander Kehl, Regional Director, D/CH, Accellion
  • True security comes from within - dealing with privileged accounts - Helmut Brachhaus, Chief Technology Officer, Patecco
11.00 - 11.30

Networking & refreshments break

11.30 - 11.50

► Cloud Security: A Security Benefit or a Risk Factor?

Sebastian Hess, Cyber Risk Executive, American International Group

  • What makes an effective security program and how is the cyber risk posture shifting when moving to the cloud?
  • Are there trade-offs that accompany a cloud-centric IT service provision and/or Cyber security approach?
  • The broader picture of non-technical considerations: Is there clearly preferred choice for one approach over the other?
11.50 - 12.10

► Modern Identity: Unifying Access and Authentication

Peter van Zeist, Sr. Solutions Consultant, LogMeIn

An overwhelming 92% of businesses are experiencing identity management challenges, from lack of resources to lack of security experience. The biggest challenge? Balancing ease of use for employees with increased security for the business. These two goals are critical, yet always at odds. How can IT securely manage users – their devices, apps, behavior, and more – without making it more difficult for employees to do their job? Join us to discuss why having a comprehensive identity solution can balance the control IT needs with the experience users expect, and how LastPass Identity provides simple control and unified visibility across every access point, without the hassle of managing multiple solutions.

Three key takeaways from the session:

  • The most common challenges that businesses face when managing user identity
  • How to achieve both control for IT and a seamless experience that users expect from their identity solutions
  • How to get started with evaluating identity and access needs at your business

 

12.10 - 12.30

► Investigations in Fast Mode: Empowering SOC Analysts

Nikolei Steinhage, Sr. Sales Engineer, Crowdstrike

  • How can SOC workflow can be automated to speed up analysis
  • What tools can be used to improve SOC efficiency
  • How to turn attacks into an opportunity to improve your defense
12.30 - 13.10

 Education Seminar Session 2

Delegates will be able to choose from the following education seminars:

  • Lessons learnt from monitoring Germany's digital footprint - Eward Driehuis, Senior Vice President Strategy, Cybersprint
  • Journey to the Center of the SOC - Babak Badkube, Global and Major Account Manager, Demisto, a Palo Alto Networks Company
13.10 - 14.10

Lunch and networking

14.10 - 14.40

► Catch me if you can - Business, Privacy, Security & Compliance - OneTeam!

Henrik Becker, Director of Compliance & Risk Management, Unitymedia & Carsten Renth, Director Operational Data Protection & Special Affairs, Unitymedia

  • Data protection, security and compliance - all for one (goal)
  • Requirements and chances in the area of tension between the 3 disciplines
  • Understanding risk as the basis for joint and sustainable action
  • One Team - an experience report
  • Conclusion, Do’s and Don’ts
14.40 - 15.00

► e-Crime in Court: Collect facts, convince judges! Spying on employees?

Dr. Andreas Lober, Partner, BEITEN BURKHARDT

  • Not all judges are digitally native - how can you secure evidence and win the lawsuit?
  • Evidence is in the email inbox of a (former) employee - what to do?
  • Being right, getting justice, and enforcing the law: there's more than one option!
15.00 - 15.40

 Education Seminar Session 3

Delegates will be able to choose from the following education seminars:

  • Measuring and increasing the ROI on Cyber Threat Intelligence - Maurits Lucas, Director of Intelligence Solutions, Intel 471
  • Protecting confidential data from unauthorized access and espionage - Jasbir Singh, Partner and Managing Director Europe, Seclore Technologies
15.40 - 16.00

Networking & refreshments break

16.00 - 16.30

► Executive panel discussion

Is privacy the new security?

  • Peter Vahrenhorst, Kriminalhauptkommissar, Landeskriminalamt Nordrhein-Westfalen
  • Christoph Ritzer, Partner, Norton Rose Fulbright LLP
  • Michael Schneider, Data Protection Officer, IKEA IT Germany GmbH
  • Matthias Jungkeit, Chief Information Security Officer / DPO, Münchener Hypothekenbank
  • Gennadij Feldstein, IT Security Officer, Commerzbank
16.30 - 16.50

► Data protection notices and cookie bars (on the web) - sensible or useless?

Michael Schneider, Data Protection Officer, IKEA IT Germany GmbH

  • Why data protection notices - in their current form - don't work
  • Cookie bars - do I need consent for each cookie?
  • Standardised icons: the solution?
16.50 - 17.00

Closing remarks

17.00

Conference close

Education seminars


Journey to the Center of the SOC


Babak Badkube, Global and Major Account Manager, Demisto a Palo Alto Networks Company

It’s easy to feel overwhelmed as part of a security team. Every day, analysts have to stare down the perils hidden at the center of the SOC: too much noise, too many missed threats and too much manual remediation.   

It’s time to integrate automation and machine learning into every step of your security voyage.

We’re presenting a live, thrill-packed session to help you do just that. Join us for this Journey to the Center of the SOC and learn how to:

  • Overcome today’s SOC challenges caused by siloed tools, limited analytics and manual investigations
  • Eliminate alert fatigue by grouping related alerts into incidents, reducing disparate alerts by 98%
  • Automate manual tasks with flexible orchestration to consolidate alerts and reduce incident response time

True security comes from within - dealing with privileged accounts.


Helmut Brachhaus, Chief Technology Officer, Patecco

Privileged accounts continue to move into focus. This is partly because almost all cyberattacks involve the use of hijacked privileged accounts, and partly because the regulatory requirements for privileged accounts are increasing all the time. Therefore it is important to regulate the handling of privileged accounts both organizationally and technically.

Visit our seminar and learn more about the key processes, tools, and best practices around Privileged Access Management (PAM), and benefit from our long-term experience in this area.

What participants are going to learn:

• Who you should involve in dealing with a privileged account

• Which processes have to be introduced for dealing with privileged accounts

• What the technical options are for protecting privileged accounts?


Enterprise Content Firewall – How to establish a Secure Content Communication Platform


Alexander Kehl, Regional Director, D/CH, Accellion 

Prevent Breaches and Compliance Violations With Secure Third Party Communication.

Know more about the Accellion enterprise content firewall and how it helps IT executives lock down and govern the exchange of confidential enterprise information with the outside world without getting in the way of users. Thousands of global CIOs and CISOs trust Accellion to give their organizations protection, privacy and peace of mind. Get a live impression of the First Enterprise Content Firewall!

What do I get out of the presentation?

  • See All Content Exchanged with Third Parties. How to enable a total third-party communication visibility for businesses that need to share sensitive information beyond their enterprise borders. How to make sure the businesses have full visibility into how information is shared, who is accessing it, and where it is stored.
  • Prevent Sensitive Data Breaches and Block Malicious Attacks. How to offer a secure file transfer channel that protects your sensitive information in transit and at rest. Designed with security in mind from the ground up—architecture, data protection, authentication and authorization—how to offer enterprise-class flexibility and scalability that will accommodate your specific security requirements and infrastructure strategy.
  • Ease Adoption and Prevent Shadow IT. Figure out when a user clicks the secure sharing button inside email, web, mobile, office and enterprise apps, they know it’s the safe and secure way to share sensitive information with the outside world. How they also meet their more sophisticated needs for secure collaboration, virtual data rooms, managed file transfer, and SFTP on the same scalable platform, simply leveraging the same security infrastructure and compliance policies across human and machine interfaces.
  • Unify Content Access, Automate Workflows, and Deploy to Fit Your Environment. How to provide robust enterprise content access and workflow automation that allow users to securely access and share confidential enterprise content from applications, content management systems, network file shares, and cloud storage as easily as sharing local files.

Protecting confidential data from unauthorized access and espionage


Jasbir Singh, Partner and Managing Director Europe, Seclore Tehnologies

Protecting confidential data from unauthorized access and espionage is a major challenge for every company. Data theft by employees, storing and sharing data in the cloud and compliance rules require companies to combine robust access control with usage rights. Digital Rights Management (DRM) solutions allow access to information to be controlled and monitored, regardless of data location or transmission path. Besides these advantages, many organizations have hesitated or tried and failed to successfully deploy Digital Rights Management (DRM).  The main problem is that in today's highly fragmented IT landscape, DRM systems are only efficient and productive if they can be implemented across platforms, consistently and with the ease of use, driving adoption.

The session will explain how to approach the above as well as:

  • Introduction of DRM and Data Centric Security
  • Walk through the protection methods & why Automation is important
  • Why ease of use is important especially for protected documents
  • Competitive dive, who does what and how
  • The journey to the cloud while being constantly protected by Seclore

Lessons learnt from monitoring Germany's digital footprint


Eward Driehuis, Senior Vice President Strategy, Cybersprint

In this talk, Cybersprint's Chief Strategist Eward Driehuis will outline what he has learnt from securing dozens of organisations in Germany. By mapping their digital footprint, their strengths and weaknesses become visible. These relate to different kinds of cybercrime, but also regulatory risks such as GDPR misconfigurations. Based on this digital DNA, you'll learn where opportunities and threats lie, and which steps are needed to increase the cyber resilience. Please note: the presentation will be in English.  

Key learnings:

- Insights from analysing thousands of German digital assets

- Some of the most relevant risks and their root causes

- How your organisation's digital footprint is key in combating digital threats


Measuring and increasing the ROI on Cyber Threat Intelligence


Maurits Lucas, Director of Intelligence Solutions, Intel471

Cyber Threat Intelligence can play a key role in managing cyber risk by guiding strategic, tactical and operatinal decision making.However, determining the effectiveness and ROI of the results has been challenging. 

In this session we will show:

  • how using a structured process anchored around Intelligence Requirements allows you to ensure that you are asking the right questions, getting the right intelligence and are able to measure the effectiveness of your CTI program and adjust where necessary.
  • Such an approach not only increases ROI but also vastly increases the contribition Cyber Threat Intelligence can make to reducing risk in your organisation.