The C-Suite Edition

This community event is capped at 150 participants.

October 20, 2022

Speakers are what makes our event stand out.

Mattias Wallen

CISO, SSC – Swedish Space Corporation

Anne Hännikäinen

Head of Information Security and Privacy, Inter IKEA Group

Göran Kördel

CIO, Boliden

Fazel Ahmad Azizi

Head Of IT Architecture & Security, Trondheim kommune

Dan Cimpean

The Director of the Romanian National Cyber Security Directorate

Stéphane Duguin

CEO, The CyberPeace Institute

Johanna Molander

Global Compliance, Sandvik

Bjorn Johren - Speaker at Next IT Cyber Security Conference

Björn Johrén

CISO, Max Matthiessen

Erik Blomberg

Head of Security and Risk (CSO), Handelsbanken

Tor Indstøy

Vice President, Security Management, Telenor Global Services

Carl-Goran Domeij

CISO, Billerudkorsnas

Georgios Kryparos

CISO, Einride

Baris Färnman

VP & Head of Information Security, Truecaller

Markus Kuchler

Head of Global IT Security, Epiroc

Per Thorsheim

CISO, BankID BankAxept AS

Predrag Gajikj

CISO, Qliro

Rune Ören Skarphagen

CISO, Data protection officer, Mitigram

Teresia Willstedt

CISO, MedMera Bank

Shahid Raza

Director of Cybersecurity Unit, RISE

Klas Elmby

CIO, Semcon

Bjorn Johren - Speaker at Next IT Cyber Security Conference

Jack Swedjemark

Head of Cyber Security, Sinch

Girish Agarwal

CDO/CIO, Piab

Moa Mörner

DSO DPO, SJ AB

Peter Norrhall

Director IT Platform Technology, Etraveli Group

Morgan Jay

SVP EMEA & APAC, Pentera

Frans van Ierland

Customer Technology Advisor, EMEA, Wiz

Eric Gold

Nordics, Cloud Security Evangelist, Orca Security

John Smith

EMEA CTO, Veracode

Gøran Tømte

Field Security Responsible, Germany and NEUR, Rubrik X

Rik Ferguson

Vice President Security Intelligence, Forescout

Agenda

20th October, 2022

08:00

Power Breakfast & The Chairman’s address

08:45

Keynote

Connected machines, opportunity or threat? – Why you need to care about Cyber security in manufacturing.

Manufacturing 4.0, Industrial IoT, connected machines and sensors opens up for digital automation in heavy industry. Connecting everything in an industrial environment also creates new risks and threats. What are these threats and how should we address the risks?

  • Technology trends in operational IT
  • Examples from the mining industry
  • Cyber security threats in operational IT
  • Measures & technology to meet the threats
  • 6 things you need to do as an IT leader next week

Göran Kördel

CIO, Boliden

09:10

Innovator

Cloud Security Done Right : Celebrating the Death of Agents!

Problem #1: Security agents don’t scale. Less than 50% of cloud assets are covered by host security solutions i.e. agents.

Problem #2: Alert overload. For every 100 cloud assets there are an average of 10,000 alerts from agents.

Before the cloud, we secured physical hosts. That meant spending time installing multiple security agents—one for each server. However, at least we were living in a reasonably static world. We assigned IP addresses to physical assets, and they seldom changed. Even then, as every security veteran knows, agent integration was tedious, and coverage rarely reached 100% of assets. Then the cloud started making virtual what used to be physical. So we used what we had. We took security agents that ran on physical hosts and ran them on virtual machines. In a cloud environment, one scales utilization up and down frequently—possibly thousands of times per hour across multiple clouds—and all within a CI/CD pipeline that builds one’s infrastructure. One has containers and VMs to deal with, and agents carry substantial operational costs.

To win at cloud security, tools must provide visibility based on the singularity of virtualization. The cloud must be treated holistically as a tightly interconnected web of assets, rather than a collection of independent machines. Context matters—and cloud security risks must be determined both by examining the full-stack within assets and by examining the relationships between them.

Eric Gold

Nordics, Cloud Security Evangelist, Orca Security

09:35

Expert Panel 1

Thought Leaders - Defeating ransomware: Knowledge - the most effective cure

  • Be aware of the dangers: ransomware inside and outside
  • Emerging new models of ransomware
  • Unpatched vulnerabilities at risk
  • Shortcomings of artificial intelligence (AI) in cyber defense
  • How to battle ransomware: prevention and training

Predrag Gajikj

CISO, Qliro

Rune Ören Skarphagen

Global Compliance Manager Data Privacy, Mitigram

Markus Kuchler

Head of Global IT Security, Epiroc

Elpidoforos Arapantonis

Chief Product Security Officer, ECARX

10:05

Coffee Break

10:35

Innovator

Automated Security Validation

Morgan Jay

SVP EMEA & APAC, Pentera

Klas Elmby

CIO, Semcon

11:00

Expert Panel 2

Thought Leaders - Cyberattacks targeting the financial services sector are on the rise

The banking community takes a number of action steps to keep their institutions, customers and employees safe.

  • The most relevant threats against financial institutions
  • How do new resilience regulations assist in the combat against cybercriminals?
  • The future of payment systems like SWIFT or Fedwire or CHAPs or even central banks?
  • The best defense models

Erik Blomberg

Head of Security and Risk (CSO), Handelsbanken

Per Thorsheim

CISO, BankID BankAxept AS

Teresia Willstedt

CISO, MedMera Bank

11:35

Innovator

The challenge with modern cybercrime against businesses

Evolution is running as always. This is relevant and good for business, digitalization, and technology. But criminals adopt and evolve with all the changes, revealing new vulnerabilities and all the new capabilities in new technology. It’s important to stay up to date to be best prepared.
Let’s look at the business consequences before, during and after an incident.

Gøran Tømte

Field Security Responsible, Germany and NEUR, Rubrik X

12:00

Networking Lunch

13:00

Keynote

Do we understand Security Risk correctly?

Following the learnings from the global pandemic, the Ukraine situation with the geopolitical impact, complex partnerships, insider risk and new technologies – should we refurbish our Security Risk Management Tools?

Traditional security risk assessment as part of enterprise risk management has been known to struggle with methodology to conduct proper risk assessments. Often identification of risks uses compliance oriented approach, giving a false sense of security that the organization is not exposed to risks as long as they fulfill compliance requirements. This session provides insights to the understanding of the benefits of risk scenario analysis using analytical approaches and providing participants with opportunity to conduct practical scenario analysis and risk assessment examples and output within the business security context with the goal to strengthen existing security risk frameworks.

Tor Indstøy

VP, Security Management, Telenor Web Services

13:25

Innovator

Securing the Modern Enterprise With Cloud- Native Security Platform

Securing modern enterprise has never been more difficult. Modern applications are assembled
not built and applications are more commonly composed from open source-code instead of authored by hand.

Further complicating the security of modern enterprise software are the Developer and Application Security Professionals who are overwhelmed with vulnerabilities in all layers of code, while facing the need to deliver software quickly and securely.

John Smith

EMEA CTO, Veracode

13:50

Expert Panel 3

Cloud security against compliance mandates, risk, and the equally fast-growing list of security threats

Shifting your existing security strategies to be more cloud-focused.

  • The migration of large volumes of data to the cloud increases the chances of cyber-attack.
  • Incidents in the cloud – What do you see as being the main drivers for security incidents in the cloud and what advice would you give to mitigate them?
  • Tackling privacy regulations and protecting your company’s sensitive data -What data policies should we apply to the cloud?
  • How can we test incident response plans in the cloud, where you have only limited control over the cloud-based infrastructure on which we are dependent?

Georgios Kryparos

CISO, Einride

Shahid Raza

Director of Cybersecurity Unit, RISE

Anne Hännikäinen

Head of Information Security and Privacy, Inter IKEA Group

14:25

Innovator

The Cloud Security pipeline is broken! Are you able to act, react and mitigate?

Cloud environments are characterized by their dynamic nature. It’s easier than ever before to spin up new resources and add new technologies, which leads to an ever-increasing number of people and teams deploying in the cloud. Ephemeral resources like serverless functions and containers mean that workloads are being added and removed at blistering speeds.

From the security perspective, however, these changes have made keeping up with the cloud all the more challenging. The dynamic nature of the cloud has strained some traditional security approaches to the breaking point.

  • The security pipeline is broken.
  • Which context do you need to still be able to get things done?
  • A view on the current, the next, and future of cloud security.

Frans van Ierland

Customer Technology Advisor, EMEA, Wiz

14:50

Innovator

Resilience with Intelligence

Staffan Truvé

CTO, Recorded Future

15:15

Coffee Break

15:35

Expert Panel 4

Thought Leaders - Phishing attacks – Emergence of devastating new techniques

Phishing attacks are a subset of social engineering strategy that imitate a trusted source and concoct a seemingly logical scenario for handing over login credentials or other sensitive personal data.

  • Browsing a new way of phishing using a malicious browser extension: what can we do to stay safe?
  • “Browser in the Browser” attacks (BitB attacks): A devastating new phishing technique
  • Sophistication of Spear phishing
  • Prevention of Social Engineering Attacks: Organizational design that minimize attack vector
Bjorn Johren - Speaker at Next IT Cyber Security Conference

Björn Johrén

CISO, Max Matthiessen

Bjorn Johren - Speaker at Next IT Cyber Security Conference

Jack Swedjemark

Head of Cyber Security, Sinch

Carl-Goran Domeij

CISO, BillerudKorsnäs

16:05

Expert Panel 5

Thought Leaders - Compliance and information security management: Consequential to overall business success

  • How to stay safe against policy violations
  • Detect atypical behaviors and tracks signatures for potential high-risk events
  • Response and forensic investigations into what happened
  • European Union NIS2 directive: a high common level of cybersecurity across the Member States

Johanna Molander

Global Compliance, Sandvik

Baris Färnman

VP & Head of Information Security, Truecaller

Peter Norrhall

Director IT Platform Technology, Etraveli Group

Girish Agarwal

CDO/CIO, Piab

Moa Mörner

DSO DPO, SJ AB

16:40

Innovator

FUTURE-PROOF YOUR SECURE ACCESS STRATEGY

Recent years have seen a massive shift in trends in the way we work. Cloud services and solutions have been adopted en masse, working from anywhere and everywhere has become a norm and multi-layered approach to access control as a way of preventing the common vulnerabilities has become commonplace.

As exciting as they are, these new trends also pose important questions around security and business resilience. What is the appropriate level of trust to consider and deliver when people or devices access corporate systems and applications? How to maintain great user experience whilst ensuring security isn’t compromised? How to achieve business resilience, turning temporary fixes into future-proof measures?

Join this session to explore how to enable business resilience with a secure access strategy, avoid Push phishing and incorporating new trends such as Passwordless.

17:05

Expert Panel 6

Cyberwars and critical infrastructure

CISOs in the middle of warfare

  • The impact of cyber-attacks on businesses and nations
  • Cyber-attacks on critical infrastructure – detection, prevention and investigation
  • How do the laws treat cyber-attacks? State of emergency

Mattias Wallén

CISO, SSC – Swedish Space Corporation

Dan Cimpean

The Director of the Romanian National Cyber Security Directorate

Rik Ferguson

Vice President Security Intelligence, Forescout

Fazel Ahmad Azizi

Head Of IT Architecture & Security, Trondheim kommune

Stéphane Duguin

CEO, The CyberPeace Institute

17:35

GADGETS, GADGETS, GADGETS Lottery

18:15

By invitation Only Dinner

Partners

Previous Agendas

Sum of All Fears
Edition

27th of January 2022

The C-Suite
Edition

15th of September 2021

Financial Institutions

Edition

15-16th of April 2021