Agenda

Registration and Networking Break 

Chairman’s welcome 

► Complying with NIS2 in a global organization – impossible or doable?

Bjørn R. Watne, Senior Vice President & Group CSO, Telenor Group

• What are the changes that are coming, and how do they affect a global telco? 
• What lessons are learned from previous regulations and industry standards?
• Telenor’s global approach. 

► Both prevention and recovery

Filip Verloy, Field CTO EMEA & APJ, Rubrik

To build a cyber resilient organisation you need to focus both on prevention, by raising your security posture, and recovery capabilities, in the assumption that when the worst happens you are operational again as quickly as possible.

• Data has the ability to both transform your business and ruin your day. As the most critical asset of any organization, securing data is paramount.
• Organizations everywhere have been on a drive to innovate and compete on the global stage, resulting in data being spread between on-premises environments, public clouds, and SaaS applications.
• In order for IT and Security teams to regain control over these islands of data, a new and modern approach is needed.
• Cyber Resiliency brings together cyber posture and cyber recovery to give you a safe path in dangerous times.

► Cybersecurity’s Entangled Landscape

Dr. Manfred Boudreaux-Dehmer, CIO, NATO

We often approach cybersecurity improvements as if we were on an island where protection starts at the shore. But, while we may be on an island, it is part of an archipelago where we are all interconnected with bridges. What we do affects our customers and what suppliers do affects us and vice versa.  

• How can we approach security with a view on the entire ecosystem?  
• NATO’s approach to the challenges of cybersecurity interconnectedness between independent entities within an ecosystem

Networking Break

► Resilience in the times of uncertainties 

Jani Räty, CISO/Associate Director, Nordic Investment Bank & Matias Virta, Chief Business Continuity & Security Manager, Nordic Investment Bank

• How does Nordic Investment Bank react to sudden changes in threat landscape? 
• Scenarios as key items to improve resilience and communicate threats 
• Lessons learned 

► Education Seminar Session 1

Delegates will be able to choose from the following education seminars:

• Generative AI: Amplifying attackers and defenders, Julius Nicklasson,  Manager, Intelligence Services, Recorded Future
• The Importance of Zero Trust in Kubernetes Environments, Olli Tuominen, Solutions Architect, SUSE

Lunch and Networking Break 

► Third-party risk management from a third-party perspective  

Andrea Szeiler, Global CISO, Transcom

• Understanding your third parties and the risks they bring to your organisation  
• Different approaches to third-party risk management and their pros and cons  
• Responsibility sharing matrix 
• Working together 

► Living in a world of fakes

Jelle Wieringa, Security Awareness Advocate, EMEA, KnowBe4

•  Deepfakes are here, and they are here to stay. And with technology ever advancing, it is no longer a matter of simply knowing what a deepfake is
• Organisations will have to actively decide how they can utilize them to grow their business, and at the same time defend against the malicious use of this technology
• In this talk, we'll be looking at the evolving role of deepfakes in our lives. What you can do with them, and how you can protect against them

► Merging Security with DevOps Practices

Sami Vellonen, Director, InfoSec & Engineering, Terveystalo
Ahsan Habib, DevSecOps Architect & Security, Terveystalo

• Why early security integration is so important
• How to do risk mitigation with proactive security measures
• Example of effective DevSecOps implementation 
• Cultivating a collaborative security mindset in DevOps teams

► Rise and fall of a fraudster www-site

Timo Wiander, CISO, Enfuce

Enfuce's www-pages were copied by an external attacker. They used a copied version of enfuce.com and used our real job advertisements for phishing user id's etc. This presentation will go through:

• The process of taking down the fraudulent site with capabilities of a SME 
• Lessons learnt
• Proposed improvements for the community

Networking Break

► CISO Panel Discussion

Vesa Tupala, Group CISO, Mandatum;
Thomas Stig Jacobsen, Head of IT Security, Lunar;
Noora Hammar, Director, Head of Security Assurance, Volvo Group;
Zane Nieminen, Information Security Officer, University of the arts, Helsinki

• Integrating cybersecurity into wider enterprise risk management frameworks
• Becoming a more strategic partner to the business?  
• Building resilience against third-party security threats
• Web 3.0 and the next generation of the internet: securing new technologies and services

Conference Close