Agenda

Login and networking

Chairman’s welcome

►BEC attacks: forward-thinking defence strategies for the most financially damaging cybercrime

Terje Aleksander Fjeldvaer, Head of Financial Cyber Crime Center and Sebastian Claydon Takle, Subject Lead - Threat Intelligence for Financial Cyber Crime Center, DNB

• Business Email Compromise attacks: fraudsters are constantly evolving and the price and sophistication of attacks are more damaging than ever
• Case Studies from the Financial Cyber Crime Center at DNB on the current state of Business Email Compromise 
• Analysis of the current threat landscape and strategies for defence and risk mitigation.

► Talking to the Board: the New Realities of IT Security

Jamie Moles, Senior Security Engineer, ExtraHop

• The large-scale adoption of work-from-home technologies, heightened activity on customer-facing networks, and greater use of online services has greatly increased the risk of misconfigurations and cyber threats.
• Hackers have taken advantage of these new vulnerabilities and in recent weeks, ransomware attacks have affected several major organisations. 
• When attacks like these make headlines, board members have one question for CISOs: how can we be sure that won’t happen to us? 
• Join to hear top strategies for CISOs to lead board-level conversations about risk management amidst the stark new realities of IT.

► Reducing time to containment: THE security priority

Jan Tietze, Director Security Strategy EMEA, SentinelOne

With limited resources, an ever-growing skills gap and an escalating volume of security alerts, organisations are left vulnerable to what is perceived to be unavoidable risk. 

This environment is demanding more of already resource-constrained CISOs. In this keynote we will be discussing how automation can help to:

• Drastically reduce the amount of uninvestigated and unresolved alerts
• Automate time-consuming investigations and remediate well-known threats
• Act as a force multiplier for resource-constrained security teams

► Executive Panel Discussion: Preparing for the New Normal: Business Continuity and Cybersecurity 

Up until a few months ago, it was unimaginable that entire workforces would be operating remotely. The COVID-19 crisis was a real test of organisations' Business Continuity Plans. One particular challenge for businesses was ensuring cybersecurity was properly considered, and their critical systems and data remain protected. How have cybersecurity teams adapted to a changing business environment? 

• Peter Granlund, CISO, If Group
• Sverker Forsberg, Information Security Officer, Södersjukhuset

► Education Seminars Session 1

Delegates will be able to choose from the following education seminars:

• Empower your employees to work securely and efficiently from home, Stuart Sharp, VP of Solution Engineering, OneLogin
• Securing cloud environments, staying on top of cloud configurations to prevent data leaks and inadvertent exposure, Paul Norris, Senior Sales Engineer, Tripwire

Networking break

► Cybersecurity Risks in the Manufacturing Industry: How are the Cyber Insurers Adapting? 

Anthony Herring, Head of Cyber – Nordics, Marsh

• “Debunking” the myths of the cyber insurance market
• Overview of loss trends in the Nordics region
• Current challenges for the manufacturing industry and the insurance market, including:
  • • The convergence of IT and OT
    • Managing your supply chain
    • Physical Damage triggered by cyber events
    • Cyberwarfare and geopolitical tensions

►Upskilling security teams through cyber simulation

Rupert Collier, Director of Sales – EMEA and APAC , RangeForce

Exposing teams safely to real threats to help prepare for an actual attack is a smart way to build cyber resilience.

• See how simulation-based training elevates cyber skills, bridges staffing gaps, and improves detection, containment, and remediation of cyberattacks
• Get real evidence of how cutting edge training helps overcome limited budgets and time, as well as train in place requirements.
• See the cyber simulation platform in action and learn how it can help you develop customised training regardless of team size or skills

►Hacking Exposed 

Ronald Pool, Senior Solutions Engineer, CrowdStrike

An in-depth look at the speed of modern-day hacking tactics & techniques

• Join us to observe new attack techniques based on our renowned Threat Landscape, to defeat ransomware, spear phishing attacks and malware-free intrusions.
  Having the ambition to not pay ransomware is great, but is it feasible? Can you handle the infection alone or do you need specialised help? And what are the hidden costs even if you do pay?
• Learn why security hygiene matters and how partnering can help solve the skills shortage in your security team. We will present new tips & tricks to improve your organization’s Time to Respond.​

► Education Seminars Session 2

Delegates will be able to choose from the following education seminars:

• Best Practices for Compliance and Security Testing at Scale, Paul Mote, Senior Director, Solutions Architects, Synack & Justine Desmond, Sr. Product Marketing Manager, Synack

• You get what you pay for - pricing on the Nordic underground economy, Abdelkader Cornelius, Threat Intelligence Analyst, Recorded Future

Lunch and networking break

► The world has changed, and so have the cybercriminals

Jan Olsson, Police Superintendent, Swedish Police Authority, Swedish Cybercrime Center, SC3

• Insights on how cybercrime has changed in the new normal and methods in which criminals have exploited the crisis. 
• ​Overall, fraud cases are down - how do we ensure they continue to decrease and how organizations can avoid getting victimized
• Learnings from recent data breaches in the Nordics region on the evolving tactics of cybercriminals
• ​Why collaboration between law enforcement and industry is critical to successfully tackling cybercrime

►Faking It: Combatting Email Impersonation with AI

Mariana Pereira, Director of Email Security Products, Darktrace

• Today, 94% of cyber-threats still originate in the inbox. ‘Impersonation attacks’ are on the rise, as AI is increasingly being used to automatically generate spear-phishing emails, or ‘digital fakes’ that expertly mimic the writing style of trusted contacts and colleagues.
• Humans can no longer distinguish real from fake on their own, so businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response.
• In an era when thousands of documents can be encrypted in minutes, learn how ‘immune system’ technology can take action in seconds and stop cyber-threats before damage is done.

►  A recipe for SOC productivity: tools and process to help you catch up to the cybercrime landscape

Alex Kirk, Global Principal, Suricata, Corelight

• Lots of people, especially at conferences like these, talk about tracking specific adversaries
• But most of them are only reacting to alerts about adversary activity, not proactively tracking them, because they're already overwhelmed
• See how integrated detection and metadata lets you accelerate/automate your IR enough to have a chance of catching up to bad actors 

►Executive Panel Discussion: Securing the Financial Services: Fraud and Security Priorities

At the onset of 2020, security teams in the financial services tackled a set of intertwined problems; heavy regulatory demands; the inefficiency of legacy systems that seemed posed against digitisation; higher reliance on remote banking services; third-party risk in the supply chain; the heavy appeal financial institutions have for would-be hackers and malicious insiders. The COVID-19 crisis has exasperated old challenges and manifested new problems. How have financial institutions adapted to this new environment to mitigate the ever-increasing cybersecurity risks and protect their organisation and customers?

• Jörgen Mellberg, CISO, Head of IT & DPO, Sparbanken Syd
• Andrew Barnett, Head of Fraud Management, Nordea

► Education Seminars Session 3

Delegates will be able to choose from the following education seminars:

• Monitoring Threats to Areas of Operation, Max Mansson, Client Director, Silobreaker 
• Unleashing Digital Identity to Prevent Online Fraud Without Impacting the Digital UX, Emilio Rocchi, Senior Solutions Consultant, Lexis Nexis Risk Solutions

Networking break

►Cybersecurity in the Age of Disorder

Simon Brady, Managing Editor, AKJ Associates Ltd

Pandemic, digitalisation, climate change, the collapse of Chimerica, Brexit – the list goes on. In all this chaos, cybersecurity, like everything else, has to change. But how? In this session, AKJ’s Managing Editor, Simon Brady, gives his take on where CISOs should be looking in 2021.

• Stop talking about ‘the business’ and start understanding it
• From facilities management to strategic advisory, or….?
• Cyber ROI is dead, good riddance to bad rubbish?
• Making use of enforced transparency: a new solution paradigm

► Executive Panel Discussion: Engaging stakeholders in security: leadership and communication for a cyber-secure business

The transition to remote working and the increasing sophistication of cyber-attacks has forced many organization’s to re-evaluate their approach to addressing the human element of risk. Information security professionals need to ensure business stakeholders at all levels are engaged and that their teams are equipped to cope with the changing landscape. Employees are the frontline of cyber defense: so how can we effectively communicate cybersecurity strategies across the business? 

• Göran Kördel, CIO, Boliden Group
• Hanne Hansen, Interim CISO, Ørsted
• Predrag Gaikj, Head of Information Security and Risk Management, Qliro AB
• Andy Dyrcz, Head of Cyber Security, Linkfire 

Networking break

Conference Close