Agenda

08.30 - 09.20

Breakfast Networking and Registration

09.20 - 09.30

Chair's Welcome

09.30 - 09:50

►DDoS – A Nordic Bank’s Perspective   

Rune Espensen, Head of Information Security Office, Nordea

  • Overview of the DDoS attack on Nordea in the fall: scale and impact.
  • How Nordea detected, mitigated, and responded to the attack in real-time.
  • Lessons learned and future strategies to enhance resilience against DDoS threats.
09.50 - 10.10

►Defending Data in the Age of AI, how to securely accelerate enterprise AI adoption.

Sami Laurila, Account Excutive, Rubrik

  • Join us for a dynamic session as we unveil how Rubrik is transforming data protection in the era of Artificial Intelligence. 
  • AI can be a key business enabler, but with that opportunity come significant potential risks. 
  • As custodians of customer data, Rubrik's solutions are uniquely designed to safeguard sensitive data, ensuring robust security and compliance as businesses harness the power of AI. 
  • Learn more about Data Security Posture Management (DSPM), and the recently announced Rubrik Annapurna for Amazon Bedrock, and how it helps customers better leverage all their data – regardless of where it resides – to drive customized, secure generative AI applications. 
     
10.10 - 10.30

► The Heart of IT Security – Blood, sweat and tears… of joy?

Björn Johrén, CISO, Max Matthiessen

  • Security first culture and how will we cope with the change?
  • With all AI in the tech around us, do we still need humans? [or will AI prove humans are surplus to requirements?]
  • The strongest line of defense and the most vulnerable link – The human paradox.
10:30 - 11:10

► Education Seminar 1

Delegates will be able to choose from a range of topics:

  • From Metrics to Meaning: Proving the True Impact of Your Phishing Training, Maxime Cartier, Head of Human Risk, Hoxhunt
  • The Geopolitics of Cyber Crime, Julius Nicklasson, Manager, Intelligence Services, Recorded Future
11.10 - 11.40

Networking Break

14.00 - 14.20

►Securing Critical Infrastructure with IAM in an elevated threat landscape

Sachin Loothra, Lead Solutions Architect, Telia

  • Evolving threat landscape and its impacts on critical infrastructure
  • Regulations on critical infrastructure and demands towards IAM
  • How IAM solutions can be setup to meet the demands
     
12.00 - 12.20

►Fake it till you break it: combating Deepfakes & AI trickery 

Amanda Spångberg, Account Director, Integrity360 
Måns Blacker, Senior Incident Response Analyst, Integrity360

  • How do you defend against what you can’t trust your eyes or ears to detect? 
  • We’ll dive into the growing challenge of deepfake technology.
  • Exploring how it can bypass traditional security controls, erode trust, and be weaponised for social engineering and disinformation.
  • We’ll also look at the solutions that can combat this new and growing challenge.
     
12.20 - 13.00

► Education Seminar 2

Delegates will be able to choose from a range of topics:

  • The AI Threat: Protecting Your Email from AI-Generated Attacks, Jake Wardell, Senior Engineer, Abnormal Security
  • Code, Culture, and Clicks: A Multi-Layered Approach to AI-Driven Threat Mitigation, Dr Martin J Krämer, Security Awareness Advocate, KnowBe4
13.00 - 14.00

Lunch Networking Break

14.00 - 14.30

► Mitigating personal liability: the changing climate for security professionals

Jonathan Armstrong, Partner, Punter Southall Law

  • The changing politics of security.
  • Current cases. 
  • Social Media scrutiny.
  • Insurance options for CISOs. 
  • Golden parachutes and legal support.
14.30 - 14.50

►Cybersecurity in Changing Geopolitical Environment: Lessons Learned in the Baltic States

Edvinas Kerza, Managing Partner, ScaleWolf on behalf of SolutionLab

  • The geopolitical situation causes challenges to transform.
  • State-funded actors found new ways to hack us.
  • Secure by design does not exist.
  • There are ways to counter and fight today's challenges.
     
14.50 - 15.10

►Untangling the Supply Chain Problem: Managing Concentration Risk

Haydn Brooks, CEO, Risk Ledger

  • Explore different types of supply chain risk and how they impact companies ability to deliver against its business goals. 
  • How to move past risk management into operational cyber capabilities within the supply chain.
  • How to talk to your board in a way that makes this problem not only digestible but also interesting. 
  • Leave with actionable insights and key questions to consider when strengthening their organisation’s resilience against these critical threats.
15.10 - 15.30

►Leveraging DORA TLPT (Threat-Led Penetration Testing) to enhance Cyber Resilience 

Manit Sahib, Ethical Hacker & Former Head of Penetration Testing & Red Teaming, Bank of England

  • How DORA TLPT aligns seamlessly with TIBER-EU, CBEST & DORA to enhance cyber risk management.
  • Discover the benefits of an EU-standard approach to threat-led testing.
  • See how DORA TLPT boosts readiness for live system testing.
  • Learn how to start using DORA TLPT for ongoing cyber resilience and regulatory compliance.
15.30 - 15.50

Networking Break

15.50 - 16.30

►Panel Discussion: Critical Functions: What Really Matters?

Fredrik Hertz, Regional Lead Cybersecurity Consulting, EY (Moderator) 
Eric Stenberg, Information Security Officer, Swedbank 
Elnaz Tadayon, Cybersecurity Area Manager, H&M 
Sofia Frederiksen, CISO, Apoteket 
Elin Ryrfeldt, CISO, Axfood 

  • Prioritisation: Are you and your stakeholders truly aligned on what’s mission-critical?
  • Third-Party Dependence: Trust is good—but how much control do you actually have over critical processes?
  • Incident Reporting: With rising regulatory demands for transparency, what does effective cyber incident reporting really involve—and what value does that data bring?
16.30 - 16.50

►Sweden’s foreign and security policy strategy for cyber and digital issues

Andrés Jato,  Ambassador for International Cyber and Digital Affairs, Swedish Ministry of Foreign Affairs

  • Sweden’s strategic vision: Aligning cyber policy with national security, EU frameworks, and international stability.
  • Geopolitical challenges: Addressing state-sponsored threats, cyber warfare, and global tensions.
  • Public-private collaboration: Strengthening partnerships to enhance cyber resilience and critical infrastructure security.
  • Global cyber norms: Advancing cyber diplomacy, regulatory frameworks, and responsible state behavior.

Education seminars


From Metrics to Meaning: Proving the True Impact of Your Phishing Training


Maxime Cartier, Head of Human Risk, Hoxhunt

Phishing simulations are a key component of security programs, but traditional metrics like click rates often fail to reflect their true effectiveness. Instead of focusing solely on failures, how can security teams measure real behavior change and risk reduction? Join Maxime Cartier, Head of Human Risk at Hoxhunt, as he explores advanced phishing training metrics—including report rates, dwell times, and real-world threat detection—that provide a clearer picture of security resilience. Learn how these insights can help identify high-risk groups, refine training strategies, and strengthen overall defense. Backed by success stories from companies like Qualcomm and H&M, this session will equip you with actionable strategies to demonstrate measurable impact, gain leadership buy-in, and align phishing training with broader security goals. Whether you are a CISO, security specialist, or analyst, you will walk away with practical ways to turn phishing training data into meaningful risk insights—and prove its value beyond just the click rate.

Attendees will learn:

  • How metrics influence the way an organisation thinks about security and its culture.
  • Proven interventions that transform high-risk employees into proactive defenders.
  • How companies like Qualcomm overcame their repeat-clicker challenge.
  • How to communicate the impact of human risk resilience efforts to leadership and secure buy-in for long-term security culture improvements.

The Geopolitics of Cyber Crime


Julius Nicklasson, Manager, Intelligence Services, Recorded Future

This presentation explores how geopolitics shapes cybercrime, especially how state relationships with cybercriminals influence the types of attacks we see. Data shows that ransomware and extortion disproportionately target NATO countries, often serving both strategic disruption and financial gain. In contrast, “free market” cybercrime ecosystems focus more on cyber fraud and crypto theft and carry a much wider spread of geographic targeting.

Attendees will learn:

  • A spectrum of state responsibility helps explain these patterns—from state-prohibited environments like China to state-integrated models in Iran and North Korea, where cybercrime is used for geopolitical objectives and economic support to finance government initiatives.
  • Industries like healthcare, manufacturing, and transportation are frequent targets due to their high disruption impact. Meanwhile, state and criminal groups are evolving in parallel, often adopting techniques inspired by one another—criminals adopt espionage techniques such as abusing legitimate services, while states begin to use GenAI and deepfakes.
  • Chinese-language cybercriminal groups are also growing, often operating across Southeast Asia, driven by economic pressures and weak oversight, with some relying on human trafficking and coerced labour in large-scale fraud schemes.

Code, Culture, and Clicks: A Multi-Layered Approach to AI-Driven Threat Mitigation


Dr Martin Krämer, Security Awareness Advocate, KnowBe4

As AI reshapes the threat landscape, cyber attacks increasingly exploit both technical systems and human behavior. This session introduces a multi-layered defense strategy that aligns secure development practices (code), organisational values and norms (culture), and user interaction patterns (clicks). Grounded in practical examples and current research, it demonstrates how combining technical controls with behavioral insights can reduce risk exposure across the entire attack surface. Attendees will leave with a clear model for integrating human and technical mitigation strategies to respond effectively to AI-enhanced threats.

Attendees will learn:

  • Learn how AI-driven attacks exploit both technical systems and human behavior - and why a siloed defense strategy falls short.
  • Discover a multi-layered mitigation model that integrates secure code, organisational culture, and user behavior to reduce risk.
  • Gain actionable insights for aligning technical controls with security awareness initiatives to build resilience across the full attack surface.
     

The AI Threat: Protecting Your Email from AI-Generated Attacks


Jake Wardell, Senior Engineer, Abnormal Security

Email security is at a turning point. The rise of generative AI is transforming the threat landscape, enabling attackers to craft hyper-personalised, convincing phishing emails at scale. Traditional defences—built to detect outdated attack patterns—are struggling to keep up.

Attendees will learn:

  • The Evolution of Email-Based Attacks – How cyber threats have advanced and why AI is accelerating their effectiveness.
  • The New Cybersecurity Reality – With 91% of security professionals reporting AI-enabled attacks in the last six months and 97% acknowledging that traditional defences are ineffective, how can we adapt?
  • Good AI vs Bad AI – How attackers leverage AI to bypass defences, and why security teams need AI-driven solutions to fight back.
  • Taking an Abnormal Approach to Cybersecurity – Real-world examples of AI-generated threats stopped by Abnormal Security, showcasing how behavioural AI can detect and block even the most sophisticated attacks.