5th Annual e-Crime & Cybersecurity Congress Switzerland

A new security operating model for a new security era 

17th September 2026 • Courtyard by Marriott Zurich North, Zurich

Switzerland's unique corporate and geographical role is amplifying the challenges of Al, quantum, digital sovereignty and resilience. Is it time to focus on what works - and time for the business to back off

 

Time to focus on the practical 

Swisscom's latest cybersecurity threat radar headlines geopolitics and Al as critical accelerants of cybercrime and says the situation is far worse than in 2025. Their view is that cybersecurity is no longer primarily an IT security problem. It is becoming a systemic business, geopolitical and operational resilience problem. 

From this perspective, the Swiss threat environment has materially worsened because several forces are converging simultaneously: Al, geopolitical instability, cloud/platform dependency, software supply-chain fragility and IT/OT convergence.

And these trends amplify one another rather than existing independently. 

It certainly seems, from talking to security leaders, that organisations are under pressure to deploy Al tools far faster than security teams are comfortable with. Software suppliers are incorporating Al into their products faster than CISOs can evaluate the impact. 

But that is far from the only near impossible challenge on Swiss security teams. How about digital dependency? Organisations face Cloud concentration risk, dependence on US hyperscalers, dependence on foreign security vendors, issues of data sovereignty, concentration risk in identity providers... the list goes on. 

If organisations must now think strategically about who controls their infrastructure, which jurisdictions suppliers fall under and where dependencies create hidden exposure then security just became a much bigger problem.

So firms need to accelerate their current BAU security programmes whilst adding additional AI- and other risk-related initiatives: 

  • Replace network-centric security with identity security because the former failed: identity lifecycle management & privileged-access hardening; unifying 1AM, PAM, CIEM, and SSO into a coherent identity fabric; conditional access with continuous risk scoring; identity threat detection (ITDR); MFA hardening+ phishing-resistant methods (FIDO2, passkeys).
  • Replace prevention with resilience because prevention doesn't work and doesn't scale: so go 'unglamorous' - focus on the practical and operational: immutable backup architecture, isolated recovery environments, recovery testing, segmentation of critical functions, blast-radius reduction.
  • Reduce complexity: attack tool sprawl, privilege sprawl, architecture sprawl.
  • Modernise detection and response modernisation: XOR+ Al-augmented SOC; automated incident response and playbooks; adversary-simulation tooling to tune detections.
  • Third-party and SaaS risk: Continuous external attack-surface monitoring of vendors; Automated evidence collection & assurance workflows; contract-level visibility of data access, and
    attack/threat data.
  • Data security and data governance (especially in Al-driven environments): data discovery; DSPM (Data Security Posture Management); guardrails for LLM/AI usage: data leakage prevention, policy enforcement.

The e-Crime & Cybersecurity Congress Switzerland will look at how at how security teams and the business must respond to a new era in cybersecurity. Join our real-life case studies and in-depth technical sessions from the most sophisticated teams in the market. 

 

Key Themes: AI and Quantum

Identity, authority, and control for non-human actors 
CISOs must rethink core identity and governance frameworks, including the adoption of robust agent identity models (spanning machine, service, and workload identities), and clearly defined delegation structures that determine what authority an agent holds and who grants it. What technologies can help them maintain visibility and control? 

Data protection and leakage risks 
What does "insider threat" mean when the actor is non-human? For CISOs, the focus shifts to monitoring the behaviour of agents as well as users, developing capabilities to detect anomalous machine activity, and establishing effective controls that balance guardrails, detection, and containment. Do you need Al defences to do that? 

Al anti-phishing and social engineering defences 
Al is shifting defence from static filtering to behavioural detection at scale, flagging anomalies that rules/ signatures miss. It can also enable pre-emptive defence against social engineering, identifying manipulation cues. The result is a move from reactive blocking to adaptive defence reducing both successful attacks and analyst workload. Can you help? 

Who needs to be quantum-ready? 
Anyone responsible for long-lived sensitive data or critical infrastructure has a quantum problem. That means banks, governments, telecoms, energy, healthcare whose datasets need to last decades. If your encryption protects value over time, you need crypto-agility and a migration path now, not when quantum arrives. How does this work in the real world? 

Integrity and the Al-enabled supply chain 
Al-native operating models imply dependence on a complex supply chain of foundation models, internal systems, and external APls and orchestration layers that collectively produce legal work. Imagine the consequences of hacking such a system. So how do CISOs stop that happening? 

Intelligent Threat Detection 
CISOs now must build a single coherent security program that simultaneously satisfies divergent regulatory demands; they must interpret vague legal standards into technical architectures, and they risk non-compliance if auditors, regulators, or courts interpret differently later; they face unrealistic expectations around incident reporting; and they face personal liability. Can RegTech help? 

 

Key Themes: Building Better Security

Making the best use of threat intelligence 
In a preemptive security model, timing is everything - success depends on detecting and neutralizing threats before they become active incidents. To do this, security operations can't just rely on internal telemetry (e.g., endpoint or network logs). They need external, real-time context about emerging threats - where do they get it? 

Security Posture Management 
Traditional vulnerability scanners don't handle cloud native architectures well. Today's cloud environments spin up thousands of ephemeral assets without a traditional OS, without an IP address for long. So how do you adapt to that dynamic, APl-driven reality? How can traditional tools connect the dots - not just generate tickets? 

Improving continuous attack surface discovery 
You need to know what attackers can see and what they can actually attack- and you need it on a continuous basis, not in some static inventory. Ideally you also need assets ranked by risk priority and put into the current threat and vulnerability context. Is this feasible and is it cost effective? 

The power of automation 
There's too much manual intervention in security. SOAR pulls data from SIEMs, EDRs, firewalls, cloud APls, ticketing systems threat intelligence feeds, and even email servers and coordinates actions across tools via APls and prebuilt integrations and intelligent playbooks. Well, that's the theory. How does it work in the real world? 

Adversary simulation and behavioural analysis 
Automated adversary simulation Identifies telemetry blind spots. They provide prioritized remediation guidance and control effectiveness metrics. They track progress trends and validate security RO is as welI as providing board and audit reporting. How well do they work in practice? 

Securing the Cloud: still a problem 
The cloud may be secure but misconfiguration, API proliferation, federated identity challenges, third­-party compromise and a misplaced trust in shared responsibility all make Cloud environments extremely complex to understand and secure. So is the answer CSPM/CIEM tooling? What about CNAPP/CWPP? How to push your controls into SaaS providers and MSSPs? Can vendors help? 

 

Key Themes: Best Practice Fundamentals

Achieving visibility across ecosystems 
From exposed initial access points such as warehouse management systems to complex machine control software, simply understanding your device and application landscape is a huge challenge. Can you help with asset tracking and endpoint visibility? And what about anomaly detection after that? 

Transitioning OT to the Cloud? 
OT traditionally was localized in particular sites and air-gapped from IT systems. But connectivity with broader corporate networks and the need to manage technology more centrally (especially during COVID) has seen companies looking at managed services in the Cloud for OT. Is this a way forward? Or does the Cloud just create more problems? 

Defending against the latest ransomware variants 
Ransomware evolution is forcing the hands of government and causing havoc in the insurance market. So firms must go back to basics (see below) but also invest in immutable back-ups and real resilience. Detecting early-stage infiltration is also critical. What else can CISOs do to better defend against ransomware? 

Securing the basics 
The endpoint and email are still a critical cybersecurity battleground. So, organisations still need EDR/XDR everywhere; they need advanced emaiI security; they need more aggressive patching of internet-facing anything. They need to move from awareness training to behavioural conditioning. What does that mean practically for CISOs? 

Why zero trust, isolation and segmentation are key 
There has been a shift in recent attacks away form the theft of data - now threat actors are concerned with interrupting all operation activity. It is now critical that business functions are separated, and that internet access to OT networks is limited. Can security teams still keep up with sophisticated foes? Should they upgrade their capabilities? 

Dealing with regulations 
CISOs now must simultaneously satisfy divergent regulatory demands; they must interpret often vague legal standards into technical architectures, and they risk non-compliance if auditors, regulators, or courts interpret those regulations differently later; they face unrealistic expectations around incident reporting; and they face personal liability. Can RegTech help? 

View details of the previous event

Who attends

Job titles

Chief Information and Digital Officer
Information Security Specialist
IT Security - Wissenschaftlicher Mitarbeiter
Senior Data Privacy Officer
Vice President & Group Data Protection Officer
Information Security Manager
CIO
CISO
Data Privacy and Digital Lawyer, Partner
Director, Senior Cyber Security Program Manager
Enterprise Security Architect
Information Security Officer
Senior Associate Service Manager
Senior IT System Engineer
IT Security Architect
Data Analyst
Deputy Head of IT Infrastructure and Chief Information Security Officer
Head Remote Monitoring & Solution Architecture
Information/Cyber Security Supplier Network
ORM, Global Training, Awareness & Communications Director
Security Awareness Analyst
Senior Full Stack Developer
CISO
CISO
Cybercrime Coordination Unit
Divisional Security Officer
IT Project Manager
Chief Information Security Officer (CISO)
Risk Control Specialist
Teamleiter IT Infrastruktur & IT Security
Academic Director
Anti-Fraud Specialist
CISO
CISO
IAG&GRC Architect
Information Security Manager - EMEA
IT Auditor
IT -Security Manager
Informationssicherheitsbeauftragte CISO
CISO
General Counsel, Chief Information Officer, and Chief of Cybersecurity
Head of Central Delivery, CISO
Head of Cyber Services and Innovation
Head of Internal Audit
Lead Cloud Capability Architect
Head of Operational Risk
SAP Technical Solution Architect
Software Engineering Manager AI & ML, Data, Cloud
Head of IT Systems and Processes
Software Test Engineering Manager
Cyber Security Engineering Manager
Head PCI Compliance
Rechtsanwältin IT-Recht
Security Architect (VP)
Information Security
Global CISO
Senior Cyber Consultant
Abteilungsleiter IT-GRC
Administrator IT Infrastruktur - IT Security Spezialist
Associate Director IT & Security
CISO
CTO Services, Business Area Smart Mobility
Director Global IT Infrastructure and Security
Especialista Cyber
Head eFraud Research & Investigation
Head of Cyber Defence and ISH
Head of Group Security Operations
Head of IT Operation
Information Security Officer
IT Service Manager
Lead Architect
Sales & Partner Manager
Security Manager of Global Digital Consumer Services
Software & Security Engineer
Project Engineer - Infotainment / Diagnostics
Senior Consultant Cybersecurity
CISO
ISO Divisional Information Security Officer
Cyber Risk Engineer
Director Business Transformation
IT-Architect
Security Engineer
Enterprise Security and IaaS Architect
CISO
Cyber Security Officer
Senior IT Risk Manager

Companies

Röchling SE & Co. KG
BMW Group Financial Services
Leibniz-Rechenzentrum
AXA
Habib Bank AG Zurich
Allianz
Intercard
Givaudan SA
Meyerlustenberger Lachenal
UBS
Die Swiss Post
Allianz
PPRO
Marc O'Polo
Credit Suisse
Eurofins
CRX Markets AG
Schindler
BMW Group
Credit Suisse
Amadeus Group
ABB
Julius Baer
TDK Electronics
Swiss Federal Police
Allianz
BMW Group
Siemens Financial Services
UBS
Ehrmann SE
LMU Munich
Scout24
Die Swiss Post
Wealth Management Capital
Hilti
Société Générale Corporate and Investment Banking (SGCIB)
Coop Schweiz
Kraftanlagen Group
University of Basel
CRX Markets AG
Rising Tide GmbH
Credit Suisse
Munich Re
The Coop Group
Credit Suisse
Zurich Cantonal Bank
Richemont
Versicherungskammer Bayern
Webasto Roof & Components SE
Liebherr
MSC Cruises
Six Payment Services
CSW Rechtsanwälte Steuerberater Wirtschaftsprüfer
Credit Suisse
Allianz
Avaloq Group
Munich Re
Union Investment
Ehrmann SE
IWC Schaffhausen
Kanton Aargau
Continental AG
Burckhardt Compression
Santander
Credit Suisse
Flughafen München GmbH
Zurich Insurance Group
Repower
BKW FMB Energy Ltd
PPRO
Union Bancaire Privée UBP
SwissSign
BSH
IWB Industrielle Werke Basel
ABB
Union Bancaire Privée UBP
Allianz
Allianz Technology
AIG Europe
Röchling SE & Co. KG
Versicherungskammer Bayern
Baader Bank
Credit Suisse
AssetMetrix GmbH
Credit Suisse
BMW Group

Industries

Plastics Engineering
Financial Services
Research Institute
Insurance
Commercial Banking
Financial Services
Payments
Food Flavours and Cosmetics
Legal
Investment Banking
Post and Telecoms
Financial Services
Digital Payments
Fashion
Investment Banking
Laboratory Testing
Capital Financing
Engineering
Automotive
Investment Banking
Software
Technology
Wealth Management
Electronics
Law Enforcement
Financial Services
Automotive
Financial Services
Investment Banking
Dairy
University
Digital Real Estate
Post and Telecoms
Wealth Management
Construction
Banking
Retail & Wholesale
Engineering & Design
University
Capital Financing
Philanthropic Foundation
Investment Banking
Insurance
Retail
Investment Banking
Financial Services
Luxury Goods
Insurance
Automotive OEM
Equipment Manufacturing
Cruise Line
Payments
Legal and Tax Consultants
Investment Banking
Financial Services
Software
Insurance
Investment Management
Dairy
Luxury Watches
Government
Automotive Manufacturing
Mechanical Engineering
Financial Services
Investment Banking
Airport
Insurance
Energy
Energy
Digital Payments
Wealth Management
Internet
Home Appliances
Energy
Technology
Wealth Management
Financial Services
Investment
Insurance
Plastics Engineering
Insurance
Investment Banking
Investment Banking
Financial Technology
Investment Banking
Automotive


Venue

Courtyard by Marriott Zurich North

courtyard zurich north

Location:

Courtyard by Marriott Zurich North

Max-Bill-Platz 19, Zurich, Switzerland, 8050
Telephone: +41 44-564 04 04


Accommodation:

Please contact the venue for further information.


Directions:

Please click here