Agenda

►Encryption in the Cloud: Safeguard or expensive Security Theater?

Klaus Hallar, Senior IT Security Architect, AXA

• Discover where clouds and workloads in the cloud apply encryption
• Uncover the power of diverse encryption approaches in mitigating real-life risks
• Understand how post-quantum impacts our cloud workloads
   

► LIVE DEMONSTRATION: Weaponising AI for Cyber Attacks & Offensive Operations

Manit Sahib, Ethical Hacker, The Global Fund

• Overview & Threat Landscape: How AI is being leveraged in the wild for malicious activities.
• Weaponising AI for Offensive Operations: Running AI through the Cyber Kill Chain.
• ChatGPT or [insertnamehere]GPT; What’s the level of effort required to build your own AI.
• LIVE DEMO: AI in action 

►Why third party risk management is much more important than you think

Guillaume de Benoit, Head of Information Security Operations, Caisse des Médecins

• Outlining the purpose, scope, and principles of your third-party risk management programme
• Establishing detailed SOPs for each stage of the third-party lifecycle
• Developing strategies for avoiding, transferring, mitigating or accepting risk
• Implementation and monitoring

►CISO daily challenges:

Sandro Waelchli, CISO, Bank Avera
Hélène Mourgue d’Algue, Chief Information Officer (CIO) and Head of Information Systems & Digital Technology, City of Bienne 
Christophe Monigadon, CISO, Visana Services AG 
Richard Kearney, CISO, Octapharma
 

• What are your biggest challenges in the day-to-day battle of protecting your customers and organisation? What threats worry you the most?
• Security versus resilience: aligning security priorities with organizational objectives. How do you prioritize, and do you feel supported and heard when airing concerns?
• How do you assess and prepare for the threat of state-sponsored cyber-attacks targeting your organization? What strategies do you have in place to ensure cloud security and manage associated risks?
• In the event of a significant cyber incident, what are the key components of your incident response strategy, and how do you ensure that your organization can quickly recover and continue operations?
• With the regulatory environment continually evolving, and with new data protection laws and cybersecurity regulations being introduced, how do you ensure your organization remains compliant with both local and international regulations, and what challenges does this bring?
• What are the primary advantages you see in integrating AI into your organization's cybersecurity framework, and how have these benefits manifested so far?
• What challenges have you encountered while implementing AI-driven cybersecurity solutions, and how have you addressed these obstacles?

►Mitigating personal liability: the changing climate for security professionals 

Simon Brady, Event Chairman, AKJ (Moderator)
Philipp Grabher, CISO, Canton Zurich
Juan Carlos Lopez Ruggiero, CISO, Enotrac 
Dr Michel Verde, Attorney at Law, Lustenberger + Partners

• With increasing personal liability for CISOs under new regulations and the emotional toll of being held accountable for cyber incidents — including potential fines and criminal charges — how do you balance legal accountability and personal responsibility?
• How can CISOs guard against their own liability?
• Are you worried about personal liability? Is insurance a consideration?
• Addressing ethical challenges such as balancing business interests with security needs along with the personal consequences of these decisions.
• With the psychological impact on CISOs, does your organisation offer support for stress management and mental health and what’s out there for CISOs?
   

►Adapting Your Security Strategy with the Rise of SaaS Solutions

Hélène Mourgue d’Algue, Chief Information Officer (CIO) and Head of Information Systems & Digital Technology, City of Bienne

• Identifying the Legal Framework: Understanding the relevant laws and regulations for your information security and determining the necessary measures for compliance.
• Understanding the Shared Responsibility Model: Clarifying the division of security responsibilities between your organization and the provider.
• Managing Interfaces: Address the security aspects of interfaces and integrations with the SaaS solution.
• Integration into Security Monitoring: Ensure that the SaaS solution is fully integrated into your existing security monitoring systems for comprehensive oversight.

►Knowing how an attacker thinks puts you once step ahead!

Dominic Haussmann, Specialist Solutions Engineer - Zero Trust, Cloudflare 

• Learn how to get on top of the different risks, and develop a holistic approach to fighting cyber-criminals.
• Understanding and Mitigating SaaS Security Risks
• Developing a Holistic Cybersecurity Strategy
• Addressing Security Gaps in the Era of Digital Transformation with SaaS

►Protecting Service Accounts - Are Safeguarding Non-Human Identities with High Privileges a Luxury or a Critical Necessity?

Dr. Shahriar Daneshjoo, VP Sales - EMEA Central, Silverfort

• Why Machine-to-Machine (M2M) accounts, also known as service or non-human accounts, are so difficult to protect.
• How to automatically discover, monitor and protect every service account in your environment.
• Why the visibility and protection of service accounts have become indispensable elements of a comprehensive cybersecurity strategy.
• Which approaches currently exist to mitigate this risk and their limitations.
   

►How to Protect People and Defend Data in the Age of Generative AI

Thomas Bräuer, Senior Sales Engineer, Proofpoint

• As Generative AI tools continue to evolve, both cyber criminals and your employees are using them in ways that can pose risks to your organization. Bad actors are creating more sophisticated social engineering schemes and deep fakes, and your internal users are potentially sharing sensitive corporate data. 
• In this dynamic and evolving environment, how can security teams best protect people and defend data?
• Top trends in the cyber threat landscape
• Proactive actions to protect your people against human-targeted threats
• Best practices to defend data in the new age of GenAI