Agenda

Presentations already confirmed include:


►Practical Approaches to Managing Third-Party Risks and Incident Communication

John van Uden, CTO, Nordea

  • Effective Strategies for Third-Party Risk Management: Explore practical steps to identify, assess, and mitigate risks associated with third-party vendors and partners.
  • Enhancing Communication During Cyber Incidents: Learn how to improve internal and external communication to ensure a swift, coordinated response to security incidents.
  • Adapting to a Dynamic Threat Landscape: Gain insights on how organizations can evolve their security practices to stay ahead of emerging threats and continuously improve their cybersecurity posture
     
     

►Maximizing Security Budgets: Integrating People, Processes, and Technology

Jani Räty, CISO/Associate Director, Nordic Investment Bank

  • Avoiding the spiral of tech-doom
  • Finding the root causes
  • Balancing your efforts and choosing  your targets
  • Test, verify, doubt

► Fireside Chat: Mitigating personal liability: the changing climate for security professionals

Simon Brady, Managing Editor & Event Chairman, AKJ Associates (Moderator)
Jonathan Armstrong, Partner, Punter Southall Law

  • The changing politics of security 
  • Current cases 
  • Social Media scrutiny 
  • Insurance options for CISOs 
  • Golden parachutes and legal support

►Securing Critical Infrastructure with IAM in an elevated threat landscape

Sachin Loothra, Lead Solutions Architect, Telia

  • Evolving threat landscape and its impacts on critical infrastructure
  • Regulations on critical infrastructure and demands towards IAM
  • How IAM solutions can be setup to meet the demands

►Leveraging DORA TLPT (Threat-Led Penetration Testing) to enhance Cyber Resilience 

Manit Sahib, Ethical Hacker & Former Head of Penetration Testing & Red Teaming, Bank of England

  • How DORA TLPT aligns seamlessly with TIBER-EU, CBEST & DORA to enhance cyber risk management.
  • Discover the benefits of an EU-standard approach to threat-led testing.
  • See how DORA TLPT boosts readiness for live system testing.
  • Learn how to start using DORA TLPT for ongoing cyber resilience and regulatory compliance
     

►How do we cost effectively build Security into Third-Party Risk Management and Supply Chain Strategies

Simon Brady, Managing Editor & Event Chairman, AKJ Associates (Moderator)
Sami Vellonen, CIO & CISO, Terveystalo

  • Identifying, risk assessing and screening critical vendors – a job for who?
  • Defining contractual obligation: how do you enforce your security requirements, standards and data handling practices?
  • Approaches to continuous vendor monitoring: dealing with problem third-parties
  • Incident Response Planning and managing third-party breaches
  • What about security vendors?

►Navigating Finland's cyber threat Landscape 2025 

Samuli Bergström, Director, Head of CSIRT at Traficom, NCSC-F

  • Overview of Finland's national threat landscape 
  • What kind of cyber incidents are organisations facing?
  • Upcoming cyber threat trends .... being prepared!

►Exposing Shadow Assets: Hidden Risks Online

Jonas Gyllenhammar, Senior Solutions Engineer, Censys
Martin Solang, Regional Sales Director, Nordics and Benelux, Censys

  • Censys Internet Map
  • Trending Vulnerabilities
  • State of the Internet Report
     

►Defending Data in the Age of AI, how to securely accelerate enterprise AI adoption.

Filip Verloy, Field CTO EMEA & APJ, Rubrik X

  • Join us for a dynamic session as we unveil how Rubrik is transforming data protection in the era of Artificial Intelligence. 
  • AI can be a key business enabler, but with that opportunity come significant potential risks. 
  • As custodians of customer data, Rubrik's solutions are uniquely designed to safeguard sensitive data, ensuring robust security and compliance as businesses harness the power of AI. 
  • Learn more about Data Security Posture Management (DSPM), and the recently announced Rubrik Annapurna for Amazon Bedrock, and how it helps customers better leverage all their data – regardless of where it resides – to drive customized, secure generative AI applications. 
     

Education seminars


How Non-Human Identities Create Operational and Cyber Risk for Organisations


Lars Gotlieb, Regional Manager Nordics, Silverfort
Kev Smith, Principal Sales Engineer EMEA, Silverfort

Non-Human Identities (NHIs) pose one of the most significant cyber threats to an organisation as they can pose severe operational risks. In many cases, NHIs have elevated privileges, lack proper oversight, are not documented, and are often not linked to specific individuals. This makes them attractive targets for attackers, who may exploit them to gain unauthorised access, move laterally within systems, and carry out malicious activities without being detected. In our session, Silverfort will examine how organisations can reduce operational risk by understanding and implementing security controls around their Non-Human Identities.

Attendees will learn:  

  • Understand why Non-Human Identities should be a top priority for your board
  • Learn about how to measure and detect the level of risk Non-Human Identities pose for your organisation
  • Grow your knowledge of how to mitigate the risk of Non-Human Identities, before, during and after a cyber breach