Agenda

►Practical Approaches to Managing Third-Party Risks and Incident Communication

John van Uden, CTO, Nordea

• Effective Strategies for Third-Party Risk Management: Explore practical steps to identify, assess, and mitigate risks associated with third-party vendors and partners.
• Enhancing Communication During Cyber Incidents: Learn how to improve internal and external communication to ensure a swift, coordinated response to security incidents.
• Adapting to a Dynamic Threat Landscape: Gain insights on how organizations can evolve their security practices to stay ahead of emerging threats and continuously improve their cybersecurity posture
   
   

►Maximizing Security Budgets: Integrating People, Processes, and Technology

Jani Räty, CISO/Associate Director, Nordic Investment Bank

• Avoiding the spiral of tech-doom
• Finding the root causes
• Balancing your efforts and choosing  your targets
• Test, verify, doubt

► Fireside Chat: Mitigating personal liability: the changing climate for security professionals

Simon Brady, Managing Editor & Event Chairman, AKJ Associates (Moderator)
Jonathan Armstrong, Partner, Punter Southall Law

• The changing politics of security 
• Current cases 
• Social Media scrutiny 
• Insurance options for CISOs 
• Golden parachutes and legal support

►Securing Critical Infrastructure with IAM in an elevated threat landscape

Sachin Loothra, Lead Solutions Architect, Telia

• Evolving threat landscape and its impacts on critical infrastructure
• Regulations on critical infrastructure and demands towards IAM
• How IAM solutions can be setup to meet the demands

►Leveraging DORA TLPT (Threat-Led Penetration Testing) to enhance Cyber Resilience 

Manit Sahib, Ethical Hacker & Former Head of Penetration Testing & Red Teaming, Bank of England

• How DORA TLPT aligns seamlessly with TIBER-EU, CBEST & DORA to enhance cyber risk management.
• Discover the benefits of an EU-standard approach to threat-led testing.
• See how DORA TLPT boosts readiness for live system testing.
• Learn how to start using DORA TLPT for ongoing cyber resilience and regulatory compliance
   

►How do we cost effectively build Security into Third-Party Risk Management and Supply Chain Strategies

Simon Brady, Managing Editor & Event Chairman, AKJ Associates (Moderator)
Sami Vellonen, CIO & CISO, Terveystalo

• Identifying, risk assessing and screening critical vendors – a job for who?
• Defining contractual obligation: how do you enforce your security requirements, standards and data handling practices?
• Approaches to continuous vendor monitoring: dealing with problem third-parties
• Incident Response Planning and managing third-party breaches
• What about security vendors?

►Navigating Finland's cyber threat Landscape 2025 

Samuli Bergström, Director, Head of CSIRT at Traficom, NCSC-F

• Overview of Finland's national threat landscape 
• What kind of cyber incidents are organisations facing?
• Upcoming cyber threat trends .... being prepared!

►Exposing Shadow Assets: Hidden Risks Online

Jonas Gyllenhammar, Senior Solutions Engineer, Censys
Martin Solang, Regional Sales Director, Nordics and Benelux, Censys

• Censys Internet Map
• Trending Vulnerabilities
• State of the Internet Report
   

►Defending Data in the Age of AI, how to securely accelerate enterprise AI adoption.

Filip Verloy, Field CTO EMEA & APJ, Rubrik X

• Join us for a dynamic session as we unveil how Rubrik is transforming data protection in the era of Artificial Intelligence. 
• AI can be a key business enabler, but with that opportunity come significant potential risks. 
• As custodians of customer data, Rubrik's solutions are uniquely designed to safeguard sensitive data, ensuring robust security and compliance as businesses harness the power of AI. 
• Learn more about Data Security Posture Management (DSPM), and the recently announced Rubrik Annapurna for Amazon Bedrock, and how it helps customers better leverage all their data – regardless of where it resides – to drive customized, secure generative AI applications.