Agenda

Breakfast Networking and Registration

Chair's Welcome

►Sweden’s foreign and security policy strategy for cyber and digital issues

Andrés Jato,  Ambassador for International Cyber and Digital Affairs, Swedish Ministry of Foreign Affairs

• Sweden’s strategic vision: Aligning cyber policy with national security, EU frameworks, and international stability.
• Geopolitical challenges: Addressing state-sponsored threats, cyber warfare, and global tensions.
• Public-private collaboration: Strengthening partnerships to enhance cyber resilience and critical infrastructure security.
• Global cyber norms: Advancing cyber diplomacy, regulatory frameworks, and responsible state behavior.

►Defending Data in the Age of AI, how to securely accelerate enterprise AI adoption.

Sami Laurila, Account Excutive, Rubrik X

• Join us for a dynamic session as we unveil how Rubrik is transforming data protection in the era of Artificial Intelligence. 
• AI can be a key business enabler, but with that opportunity come significant potential risks. 
• As custodians of customer data, Rubrik's solutions are uniquely designed to safeguard sensitive data, ensuring robust security and compliance as businesses harness the power of AI. 
• Learn more about Data Security Posture Management (DSPM), and the recently announced Rubrik Annapurna for Amazon Bedrock, and how it helps customers better leverage all their data – regardless of where it resides – to drive customized, secure generative AI applications. 
   

►DDoS – A Nordic Bank’s Perspective   

Rune Espensen, Head of Information Security Office, Nordea

• Overview of the DDoS attack on Nordea in the fall: scale and impact.
• How Nordea detected, mitigated, and responded to the attack in real-time.
• Lessons learned and future strategies to enhance resilience against DDoS threats.

► Education Seminar 1

Delegates will be able to choose from a range of topics:

• From Metrics to Meaning: Proving the True Impact of Your Phishing Training, Maxime Cartier, Head of Human Risk, Hoxhunt
• The Geopolitics of Cyber Crime, Julius Nicklasson, Manager, Intelligence Services, Recorded Future

Networking Break

►Securing Critical Infrastructure with IAM in an elevated threat landscape

Sachin Loothra, Lead Solutions Architect, Telia

• Evolving threat landscape and its impacts on critical infrastructure.
• Regulations on critical infrastructure and demands towards IAM.
• How IAM solutions can be setup to meet the demands.
   

►Fake it till you break it: combating Deepfakes & AI trickery 

Amanda Spångberg, Account Director, Integrity360

• How do you defend against what you can’t trust your eyes or ears to detect? 
• We’ll dive into the growing challenge of deepfake technology.
• Exploring how it can bypass traditional security controls, erode trust, and be weaponised for social engineering and disinformation.
• We’ll also look at the solutions that can combat this new and growing challenge.
   

► Education Seminar 2

Delegates will be able to choose from a range of topics:

• The AI Threat: Protecting Your Email from AI-Generated Attacks, Jake Wardell, Senior Engineer, Abnormal Security
• Effectively Managing Human Risk in Cyber Security, Simon Rosén, Regional Account Executive | Human Risk Management Advocate, KnowBe4

Lunch Networking Break

► Mitigating personal liability: the changing climate for security professionals

Jonathan Armstrong, Partner, Punter Southall Law

• The changing politics of security.
• Current cases. 
• Social Media scrutiny.
• Insurance options for CISOs. 
• Golden parachutes and legal support.

►Cybersecurity in Changing Geopolitical Environment: Lessons Learned in the Baltic States

Edvinas Kerza, Managing Partner, ScaleWolf on behalf of SolutionLab

• The geopolitical situation causes challenges to transform.
• State-funded actors found new ways to hack us.
• Secure by design does not exist.
• There are ways to counter and fight today's challenges.
   

►Untangling the Supply Chain Problem: Managing Concentration Risk

Haydn Brooks, CEO, Risk Ledger

• Explore different types of supply chain risk and how they impact companies ability to deliver against its business goals. 
• How to move past risk management into operational cyber capabilities within the supply chain.
• How to talk to your board in a way that makes this problem not only digestible but also interesting. 
• Leave with actionable insights and key questions to consider when strengthening their organisation’s resilience against these critical threats.

► The Heart of IT Security – Blood, sweat and tears… of joy?

Björn Johrén, CISO, Max Matthiessen

• Security first culture and how will we cope with the change?
• With all AI in the tech around us, do we still need humans? [or will AI prove humans are surplus to requirements?]
• The strongest line of defense and the most vulnerable link – The human paradox.

Networking Break

►Panel Discussion: Critical Functions: What Really Matters?

Fredrik Hertz, Regional Lead Cybersecurity Consulting, EY (Moderator) 
Eric Stenberg, Information Security Officer, Swedbank 
Elnaz Tadayon, Cybersecurity Area Manager, H&M 
Sofia Frederiksen, CISO, Apoteket 
Elin Ryrfeldt, CISO, Axfood 

• Prioritisation: Are you and your stakeholders truly aligned on what’s mission-critical?
• Third-Party Dependence: Trust is good—but how much control do you actually have over critical processes?
• Incident Reporting: With rising regulatory demands for transparency, what does effective cyber incident reporting really involve—and what value does that data bring?

►Leveraging DORA TLPT (Threat-Led Penetration Testing) to enhance Cyber Resilience 

Manit Sahib, Ethical Hacker & Former Head of Penetration Testing & Red Teaming, Bank of England

• How DORA TLPT aligns seamlessly with TIBER-EU, CBEST & DORA to enhance cyber risk management.
• Discover the benefits of an EU-standard approach to threat-led testing.
• See how DORA TLPT boosts readiness for live system testing.
• Learn how to start using DORA TLPT for ongoing cyber resilience and regulatory compliance.