Agenda

Breakfast & Networking Break

Chairman's Welcome 

►Beyond DORA compliance: Orchestrating Digital Resilience in a VUCA environment

 Thomas Barkias, Principal Supervisor – Cyber Resilience, ICT, Crypto & Operational Risk, European Central Bank

• Understanding the nuanced interplay of technology, processes, and human factors in achieving resilience
• Exploring ways and challenging in orchestrating resilience in today's VUCA environment. 
• Beyond Compliance, emphasising the need for a holistic approach that transcends mere compliance with regulations like DORA.
   

►Cybersecurity in the age of Artificial Intelligence: will the promises of today emerge as powerful threats tomorrow?

André Reichow-Prehn, Managing partner, EMEA, Palo Alto Networks 

• Cyber Threats are emerging and for years among the top three risks on any executive board and government body risk list. 
• Threat intelligence is a base requirement in recent regulation and best practice. 
• Understanding and anticipating the threat landscape and capabilities of threat actors is crucial for risk based decision making and investing. 
• The presentation will provide a recent overview about the global and regional threat landscape, describe relevant use cases  of the most notorious current threat actors and also the impact of new technologies like artificial intelligence on the threat landscape.
   

►Why Identity Alone Is Not Enough for a Zero Trust Strategy

Frank Barthel, Manager Solutions Engineering DACH, Netskope

• The new reality of living in a hyperconnected online world requires a new approach to security, where multiple elements must be taken into account, besides simply blocking/allowing access to a specific service or the user identity to enforcing granular permissions.
• Learn why the context is important to enforce a granular and effective security policy.
• Discover which are the elements that must be considered, besides identity, to adopt an effective zero trust strategy
• Understand how the different security controls, such as data protection, threat protection, behaviour analytics, cooperate to protect the modern enterprise.

►Security 3.0 - Learnings from modern medicine and longevity

Max Imbiel, CISO, Bitpanda Asset Management

•    What do security and medicine have in common?
•    What thoughts and best-practices can we transfer from modern Medicine into modern Security?
•    Applying healthier and more secure ways or working

►Education Seminars Session 1

Delegates will be able to choose from the following education seminars:

• We need to talk about security in our containerized workloads, Gabriel Stein, System Engineer, SUSE
• How 5G is going to play a crucial role, and how can we plan its adoption with an integrated Zero Trust cybersecurity approach? Ivan Majdan, Regional Sales Manager CEUR,  Security Division & Florian Rutsch, Sr. Sales Engineer Consultant CEUR, Security Division, Cradlepoint by Ericsson

Networking Break

► Beyond the Buzzwords, AI's Double-Edged Sword

Francisco Z. Gaspar, Lead Cybersecurity Architect, Telefónica Germany

• Understanding the Evolution of Cybersecurity Paradigms
• The Complexities of the Data Dilemma
• AI's Promises and Pitfalls — the balancing act
• Charting the Course towards a More Resilient and Secure Future

►Why established defences like Web Application Firewall or API Gateways are not enough to protect today’s APIs

Frank Sommer, Senior Solutions Engineer, Akamai

• Why are APIs increasingly used?
• What does this mean for the security department in companies?
• Why are Web Application Firewalls and API Gatways not enough?
• What is needed to secure APIs? 

►Why 24 is the answer to all questions in the cyber security environment!

Stefan Schmugge,  Director Sales Engineering, Rubrik

• Do you know the difference: resilience or resistance? How do resilience and resistance differ in data security and which is really more effective for companies?
• Are cyber incidents really the biggest business risk? Why are cyber risks increasingly becoming a focal point in management and what does this mean for companies?
• Are we investing enough and in the right things? Despite increasing security spending, why are cyberattacks still a problem and what could we do differently?
• How can we do it better? What strategies are there to not only minimize the risk of a cyber attack, but also to mitigate its possible consequences?
   

►Identify Vulnerable Assets and Prioritize Remediation 

André Heller, Director Solution Architects DACH, Armis

• Identify vulnerabilities across all types of connected devices, managed or unmanaged
• Prioritize the vulnerabilities that pose the highest risk to your business
• Build an AI-based early warning system that identifies attacks on your company before vulnerabilities (CVEs) are disclosed
   

►Education Seminars Session 2

Delegates will be able to choose from the following education seminars:

• Resolving incident response challenges in your SOC with automation, speed, and collaboration, Steve Jackson, Senior Vice President of Growth, Binalyze
• Beyond the Dark: A Guide to Secure Your Brand in the Digital Underworld, Mahmut Kamil Özrenk, Sr. Pre-Sales Engineer, Brandefense
   

Lunch & Networking Break

►Managing third-party breaches

Riccardo Riccobene, Head of CSO Security Assurance & Head of Operational Resilience, DWS

• Restoration and post-recovery steps  
• Legal terms and conditions and resulting due diligence
• Data restoration and best practice
• Implementing security enhancements and lessons learnt
   

►Less Cyber More People - Putting People At The Center of Your World (or Cybersecurity Strategy)

Simon Riehle, Sales Engineer, Proofpoint
Marcel Alexander Bayer, Named Account Manager, Proofpoint

Being human-centric means placing humans at the center of design, decision-making, and problem-solving processes. It involves understanding, empathizing with, and prioritizing the needs, preferences, and experiences of individuals.  But how does that help us reduce our risk profile?  How can we consider the needs of each individual when we design our security strategy and deploy that next bit of tech.  How can we collect understand the needs of the individuals we are protecting?  How can we use it to improve our defences and mitigate risk?  How can we make it scale with limited resources?  How can we do more for less?  In this session we will share the secrets of an effective human-centric security strategy.
 

►How To Create Successful Malware and Defend with Zero Trust

Seamus Lennon, Vice President of Operations for EMEA, ThreatLocker

•  In a world where anyone can create successful malware or have AI generate it for them, it's important to know how malware can be successful so you can better defend. 
• Starting from a default-deny posture, learn how adopting Zero Trust principles can keep your data safe and operations running regardless of hacking attempts by man or machine.
   

►The expanding role of generative AI in accelerating elite SOC performance

Frank Lange, Technical Director, EMEA, Anomali

• Today's challenges in Security Operations
• Doing more with less: practical Security Analytics Use Cases based on AI (demo)
• The impact of AI on visibility, speed and scale in the modern SOC

Networking Break

►Ethical hacking explained: why you need ethical hackers in your organization

Michele De Donno, Ethical Hacker, Sky Deutschland GmbH

• Ethical hacking and penetration testing: what and why
• Myths and misconceptions about ethical hacking
• A glimpse into the penetration testing process
• Penetration test (live demo)
   

►Senior Leadership Panel Discussion

Max Imbiel, CISO, Bitpanda Asset Management (Moderator) 
Klaus-E. Klingner, Information Security Officer, Assambeauty 
Ralf Mutzke, Director Cyber Security, Aon Deutschland
Sreedevi Jay, Head of Cyber Threat Unit for EU, PagoNxt (A Santander Company)
Sheetal Joseph, Director, Cybersecurity, Isar Aerospace

• The role of the CISO as security regulation increases (NIS2, DORA etc.)
• Compliance versus security as a true business driver
• Ai — helping or hindering?
• Adopting a risk based approach to securing budgets

Closing Remarks