Agenda

09:00 - 09:50

Breakfast & Networking Break
09:50 - 10:00

Chair's Welcome 
10:00 - 10:20

►Navigating Finland's cyber threat Landscape 2025 

Samuli Bergström, Director, Head of CSIRT at Traficom, NCSC-F

  • Overview of Finland's national threat landscape 
  • What kind of cyber incidents are organisations facing?
  • Upcoming cyber threat trends .... being prepared!
10:20 - 10:40

►Exposing Shadow Assets: Hidden Risks Online

Jonas Gyllenhammar, Senior Solutions Engineer, Censys
Martin Solang, Regional Sales Director, Nordics and Benelux, Censys

  • Censys Internet Map
  • Trending Vulnerabilities
  • State of the Internet Report
     
10:40 - 11:00

►Practical Approaches to Managing Third-Party Risks and Incident Communication

John van Uden, CTO, Nordea

  • Effective Strategies for Third-Party Risk Management: Explore practical steps to identify, assess, and mitigate risks associated with third-party vendors and partners.
  • Enhancing Communication During Cyber Incidents: Learn how to improve internal and external communication to ensure a swift, coordinated response to security incidents.
  • Adapting to a Dynamic Threat Landscape: Gain insights on how organizations can evolve their security practices to stay ahead of emerging threats and continuously improve their cybersecurity posture
     
     
11:00 - 11:30

Networking Break
11:30 - 11:50

►Securing Critical Infrastructure with IAM in an elevated threat landscape

Sachin Loothra, Lead Solutions Architect, Telia

  • Evolving threat landscape and its impacts on critical infrastructure
  • Regulations on critical infrastructure and demands towards IAM
  • How IAM solutions can be setup to meet the demands
11:50 - 12:20

► Fireside Chat: Mitigating personal liability: the changing climate for security professionals

Simon Brady, Managing Editor & Event Chairman, AKJ Associates (Moderator)
Jonathan Armstrong, Partner, Punter Southall Law 

  • The changing politics of security 
  • Current cases 
  • Social Media scrutiny 
  • Insurance options for CISOs 
  • Golden parachutes and legal support
12:20 - 13:00

►Education Seminars 

Delegates will be able to choose from the following education seminars:

  • How Non-Human Identities Create Operational and Cyber Risk for Organisations, Lars Gotlieb, Regional Manager Nordics & Kev Smith, Principal Sales Engineer EMEA, Silverfort
  • Threat Landscape Trends, Julius Nicklasson, Sales Engineer,Recorded Future 
13:00 - 14:00

Lunch & Networking Break
14:00 - 14:20

►Maximizing Security Budgets: Integrating People, Processes, and Technology

Jani Räty, CISO/Associate Director, Nordic Investment Bank

  • Avoiding the spiral of tech-doom
  • Finding the root causes
  • Balancing your efforts and choosing  your targets
  • Test, verify, doubt
09.50 - 10.10

►Defending Data in the Age of AI, how to securely accelerate enterprise AI adoption.

Sami Laurila, Account Excutive, Rubrik

  • Join us for a dynamic session as we unveil how Rubrik is transforming data protection in the era of Artificial Intelligence. 
  • AI can be a key business enabler, but with that opportunity come significant potential risks. 
  • As custodians of customer data, Rubrik's solutions are uniquely designed to safeguard sensitive data, ensuring robust security and compliance as businesses harness the power of AI. 
  • Learn more about Data Security Posture Management (DSPM), and the recently announced Rubrik Annapurna for Amazon Bedrock, and how it helps customers better leverage all their data – regardless of where it resides – to drive customized, secure generative AI applications. 
     
14:40 - 15:00

►Leveraging DORA TLPT (Threat-Led Penetration Testing) to enhance Cyber Resilience 

Manit Sahib, Ethical Hacker & Former Head of Penetration Testing & Red Teaming, Bank of England

  • How DORA TLPT aligns seamlessly with TIBER-EU, CBEST & DORA to enhance cyber risk management.
  • Discover the benefits of an EU-standard approach to threat-led testing.
  • See how DORA TLPT boosts readiness for live system testing.
  • Learn how to start using DORA TLPT for ongoing cyber resilience and regulatory compliance
     
15:00 - 15:20

Networking Break
15:20 - 16:00

►How do we cost effectively build Security into Third-Party Risk Management and Supply Chain Strategies

Simon Brady, Managing Editor & Event Chairman, AKJ Associates (Moderator)
Sami Vellonen, CIO & CISO, Terveystalo 
Hanna Katargina, Deputy CISO, Luminor Bank 
Kalle Seppälä, Chief Information Security Officer, Pihlajalinna

  • Identifying, risk assessing and screening critical vendors – a job for who?
  • Defining contractual obligation: how do you enforce your security requirements, standards and data handling practices?
  • Approaches to continuous vendor monitoring: dealing with problem third-parties
  • Incident Response Planning and managing third-party breaches
  • What about security vendors?
16:00

Conference Close 

Education seminars


How Non-Human Identities Create Operational and Cyber Risk for Organisations


Lars Gotlieb, Regional Manager Nordics, Silverfort
Kev Smith, Principal Sales Engineer EMEA, Silverfort

Non-Human Identities (NHIs) pose one of the most significant cyber threats to an organisation as they can pose severe operational risks. In many cases, NHIs have elevated privileges, lack proper oversight, are not documented, and are often not linked to specific individuals. This makes them attractive targets for attackers, who may exploit them to gain unauthorised access, move laterally within systems, and carry out malicious activities without being detected. In our session, Silverfort will examine how organisations can reduce operational risk by understanding and implementing security controls around their Non-Human Identities.

Attendees will learn:  

  • Understand why Non-Human Identities should be a top priority for your board
  • Learn about how to measure and detect the level of risk Non-Human Identities pose for your organisation
  • Grow your knowledge of how to mitigate the risk of Non-Human Identities, before, during and after a cyber breach

Recorded Future


Julius Nicklasson, Sales Engineer, Recorded Future

The Emerging Threat Landscape

Attendees will learn:

  • Which key trends have emerged in the ransomware landscape over the past year
  • The rise of mass-exploitation vulnerabilities
  • Emerging threat actor behaviour
  • Has Generative AI already changed the threat landscape for good?