Agenda

►Secure Your Supply Chain — Secure Your Organisation

Geoffrey Taylor, Information Security Officer, Nordea Asset management

• Understanding how rising supply chain attacks threaten organisations and how to prevent supplier compromise
• Recognising regulatory requirements driving renewed emphasis on effective supply chain management
• Adopting a proactive, risk-based approach beyond basic compliance to strengthen supply chain resilience

►From Awareness to Accountability: Building a Security Culture That Lasts

Heléna Malm, Head of CSO Office, Swedbank AB
Dzana Dzemidzic, BISO, Swedbank AB 

• Learn how human behaviour drives most security incidents and how strengthening engagement, empowerment, and culture supports secure behaviours beyond technology.
• Learn how Swedbank integrates people and culture into its security strategy through real challenges, tested solutions, and key organisational insights.
• Learn how to embed security into everyday business operations, strengthen long-term behavioural change, and build shared ownership for a sustainable security culture.

►Cyber Leadership in an era of Dis-Cooperation

William Dixon, Associate Fellow, Royal United Services Institute and Senior Technology Cyber Fellow, The Ukraine Foundation

• How global trade fragmentation impacts the community
• How the "America First" Foreign Policy is leading to cyber instability
• Actions the Cyber C-Suite can take

►Kill the Click: DNS Blocking That Shut Down Scams at Scale

Timo Wiander, Information Security Officer, LocalTapiola

• How cross-industry collaboration reduced customer fraud losses by up to 70%
• Why stopping fraud before the customer clicks changes the economics of fraud prevention
• Navigating regulatory barriers
• Scaling across operators and markets to protect customers

►Ransomware 3.0: Weaponizing AI for the Next Generation of Ransomware Attacks

Manit Sahib, Ethical Hacker & Former Head of Penetration Testing & Red Teaming, Bank of England

• LIVE DEMO - Inside the first AI-powered ransomware attack — See how my custom Agentic Ransomware Gang can take down a network in under 8 mins
• First-hand insights from real-world red team ops — from legacy tech and broken access controls to the critical lack of real-world security testing
• Why traditional security fails — compliance checklists and conventional tools don’t stop modern ransomware
• What CISOs and security leaders must do now — real-world, field-tested steps to prove your controls work before attackers do it for you

►Panel Discussion: Beyond Compliance — Building Cyber Resilience That Actually Works

• How do we turn risk appetite statements into real decision levers instead of paperwork?
• With NIS2 and similar rules, what does “appropriate and proportionate” really mean on the ground — and how can risk management steer the response?
• Which cyber metrics really matter — and how do we prove our risk posture to the Board, to clients, and across the entire supply chain, right down to nth-party dependencies?
• How does a resilience-first mindset transform culture — moving from blame and unrealistic prevention to readiness, adaptability, and fast recovery?

Simon Brady, Event Chairman (Moderator)
Björn Johrén, Head of Security & IT Operations, Max Matthiessen AB
Marcus Lenngren, Area Manager & Cyber Security Manager, H&M Group
Hanna Rasch, Information Security & Product Cybersecurity Manager, Production & Logistics, Scania

►The Future of Cyber Resilience: Securing the Exposed Edge of Critical Infrastructure

Martin Solang, Sales Director Nordics and Jonas Gyllenhammar, Sr. Sales Engineer, Censys

• Growing attack surface: Connectivity expands exposure across services, ports, and unmanaged assets.
• Internet exposure insights: What Censys data reveals about today’s misconfiguration trends.
• Attacker speed: How adversaries find and exploit exposures within minutes.
• Proactive resilience: Using continuous ASM to secure the exposed edge early.

►AI Impact in Threat Intelligence: What's Changed in Our Life?

Samet Sazak, Senior Solutions Engineer, SOCRadar

• How AI and large language models have changed day-to-day threat intelligence work
• Practical examples of how defenders use AI to analyse underground forums, detect brand abuse, and prioritize real risk faster.
• How threat actors abuse AI, including tools like WormGPT, AI-generated phishing, and automated reconnaissance
• What still requires human judgment in threat intelligence, and how to avoid over-trusting AI-driven insights