The C-Suite Edition

This community event is capped at 150 participants.

October 20, 2022

Speakers are what makes our event stand out.

Mattias Wallen

CISO, SSC – Swedish Space Corporation

Anne Hännikäinen

Head of Information Security and Privacy, Inter IKEA Group

Göran Kördel

CIO, Boliden

Fazel Ahmad Azizi

Head Of IT Architecture & Security, Trondheim kommune

Dan Cimpean

The Director of the Romanian National Cyber Security Directorate

Stéphane Duguin

CEO, The CyberPeace Institute

Johanna Molander

Global Compliance, Sandvik

Bjorn Johren - Speaker at Next IT Cyber Security Conference

Björn Johrén

CISO, Max Matthiessen

Erik Blomberg

Head of Security and Risk (CSO), Handelsbanken

Tor Indstøy

VP, Risk Management & Threat Intelligence, Telenor Web Services

Carl-Goran Domeij

CISO, Billerudkorsnas

Georgios Kryparos

CISO, Einride

Baris Färnman

VP & Head of Information Security, Truecaller

Markus Kuchler

Head of Global IT Security, Epiroc

Per Thorsheim

CISO, BankID BankAxept AS

Predrag Gajikj

CISO, Qliro

Rune Ören Skarphagen

CISO, Data protection officer, Mitigram

Teresia Willstedt

CISO, MedMera Bank

Shahid Raza

Director of Cybersecurity Unit, RISE

Klas Elmby

CIO, Semcon

Bjorn Johren - Speaker at Next IT Cyber Security Conference

Jack Swedjemark

Head of Cyber Security, Sinch

Girish Agarwal

CDO/CIO, Piab

Moa Mörner

DSO DPO, SJ AB

Peter Norrhall

Director IT Platform Technology, Etraveli Group

Raviv Raz

Product Owner, ING

Navaz Sumar

CISO, TF Bank

Praveen Raj Santhira

Senior Advisor Risk Management, Telenor Web Services

Jan Olsson

Security Profile of the Year 2022 | Crime Commissioner/ Police Superintendent, Police Agency Swedish Cybercrime Center SC3

Sofia Staaf Frederiksen

Head of Information Security, Apoteket AB

Frans van Ierland

Customer Technology Advisor, EMEA, Wiz

Morgan Jay

SVP EMEA & APAC, Pentera

Gøran Tømte

Field Security Responsible, Germany and NEUR, Rubrik X

Eric Gold

Nordics, Cloud Security Evangelist, Orca Security

John Smith

EMEA CTO, Veracode

Elliot Stocker

Product Marketing Manager, DarkTrace

Rik Ferguson

Vice President Security Intelligence, Forescout

Staffan Truvé

CTO, Recorded Future

Nick Stokmans

Cybersecurity Specialist, Cisco

Paul Newton & Wine

MentalTheft

Rhys Arkins

VP of Product Management, Mend.io

Reut Netzer

Territory Manager- Nordics & Benelux, Mend.io

Elad Harel

Senior Solutions Engineer, Snyk

Agenda

20th October, 2022

08:00

Power Breakfast & The Chairman’s address

08:40

Fire Starter by Darktrace

08:45

Keynote

Connected machines, opportunity or threat? – Why you need to care about Cyber security in manufacturing.

Manufacturing 4.0, Industrial IoT, connected machines and sensors opens up for digital automation in heavy industry. Connecting everything in an industrial environment also creates new risks and threats. What are these threats and how should we address the risks?

  • Technology trends in operational IT
  • Examples from the mining industry
  • Cyber security threats in operational IT
  • Measures & technology to meet the threats
  • 6 things you need to do as an IT leader next week

Göran Kördel

CIO, Boliden

09:10

Innovator

Cloud Security Done Right : Celebrating the Death of Agents!

Problem #1: Security agents don’t scale. Less than 50% of cloud assets are covered by host security solutions i.e. agents.

Problem #2: Alert overload. For every 100 cloud assets there are an average of 10,000 alerts from agents.

Before the cloud, we secured physical hosts. That meant spending time installing multiple security agents—one for each server. However, at least we were living in a reasonably static world. We assigned IP addresses to physical assets, and they seldom changed. Even then, as every security veteran knows, agent integration was tedious, and coverage rarely reached 100% of assets. Then the cloud started making virtual what used to be physical. So we used what we had. We took security agents that ran on physical hosts and ran them on virtual machines. In a cloud environment, one scales utilization up and down frequently—possibly thousands of times per hour across multiple clouds—and all within a CI/CD pipeline that builds one’s infrastructure. One has containers and VMs to deal with, and agents carry substantial operational costs.

To win at cloud security, tools must provide visibility based on the singularity of virtualization. The cloud must be treated holistically as a tightly interconnected web of assets, rather than a collection of independent machines. Context matters—and cloud security risks must be determined both by examining the full-stack within assets and by examining the relationships between them.

Eric Gold

Nordics, Cloud Security Evangelist, Orca Security

09:30

Expert Panel 1

Thought Leaders - Defeating ransomware: Knowledge - the most effective cure

  • Be aware of the dangers: ransomware inside and outside
  • Emerging new models of ransomware
  • Unpatched vulnerabilities at risk
  • Benefits of artificial intelligence (AI) in cyber defense/offense
  • How to battle ransomware: prevention and training

Predrag Gajikj

CISO, Qliro

Elliot Stocker

Product Marketing Manager, DarkTrace

Markus Kuchler

Head of Global IT Security, Epiroc

Raviv Raz

Product Owner, ING

10:10

Coffee Break

10:35

Keynote

Q: Why Automated Security Validation?
A: Semcon’s Roadmap to Exposure Reduction with Pentera

Morgan Jay

SVP EMEA & APAC, Pentera

Klas Elmby

CIO, Semcon

11:00

Expert Panel 2

Thought Leaders - Cyberattacks targeting the financial services sector are on the rise

The banking community takes a number of action steps to keep their institutions, customers and employees safe.

  • The most relevant threats against financial institutions
  • How do new resilience regulations assist in the combat against cybercriminals?
  • The future of payment systems like SWIFT or Fedwire or CHAPs or even central banks?
  • The best defense models

Erik Blomberg

Head of Security and Risk (CSO), Handelsbanken

Per Thorsheim

CISO, BankID BankAxept AS

Teresia Willstedt

CISO, MedMera Bank

Navaz Sumar

CISO, TF Bank

11:30

Innovator

The challenge with modern cybercrime against businesses

Evolution is running as always. This is relevant and good for business, digitalization, and technology. But criminals adopt and evolve with all the changes, revealing new vulnerabilities and all the new capabilities in new technology. It’s important to stay up to date to be best prepared.
Let’s look at the business consequences before, during and after an incident.

Gøran Tømte

Field Security Responsible, Germany and NEUR, Rubrik X

11:55

Firestarter

Little-known facts in Open Source Security

Few points about Open Source security which might sound surprising and hopefully make you interested to learn more

Rhys Arkins

VP of Product Management, Mend.io

12:00

Networking Lunch

13:00

Keynote

Do we understand Security Risk correctly?

Following the learnings from the global pandemic, the Ukraine situation with the geopolitical impact, complex partnerships, insider risk and new technologies – should we refurbish our Security Risk Management Tools?

Traditional security risk assessment as part of enterprise risk management has been known to struggle with methodology to conduct proper risk assessments. Often identification of risks uses compliance oriented approach, giving a false sense of security that the organization is not exposed to risks as long as they fulfill compliance requirements. This session provides insights to the understanding of the benefits of risk scenario analysis using analytical approaches and providing participants with opportunity to conduct practical scenario analysis and risk assessment examples and output within the business security context with the goal to strengthen existing security risk frameworks.

Tor Indstøy

VP, Risk Management & Threat Intelligence, Telenor Web Services

Praveen Raj Santhira

Senior Advisor Risk Management, Telenor Web Services

13:25

Innovator

Securing the Modern Enterprise With Cloud- Native Security Platform

Securing modern enterprise has never been more difficult. Modern applications are assembled
not built and applications are more commonly composed from open source-code instead of authored by hand.

Further complicating the security of modern enterprise software are the Developer and Application Security Professionals who are overwhelmed with vulnerabilities in all layers of code, while facing the need to deliver software quickly and securely.

John Smith

EMEA CTO, Veracode

13:50

Expert Panel 3

Developer security adoption

Many organisations are encouraging their developer teams to adopt a security mindset and take more ownership on security issues earlier in the development process. In this panel we will discuss what can be achieved effectively and what a successful program looks like in practice.

  • Cultivating developer security adoption in the enterprise – what works, what doesn’t?
  • How can we get around siloed application and cloud security tools that focus on severing issues after deployment?
  • How can we create better rapport between developers and security teams?

Georgios Kryparos

CISO, Einride

Shahid Raza

Director of Cybersecurity Unit, RISE

Anne Hännikäinen

Head of Information Security and Privacy, Inter IKEA Group

Elad Harel

Senior Solutions Engineer, Snyk

14:25

Innovator

The Cloud Security pipeline is broken! Are you able to act, react and mitigate?

Cloud environments are characterized by their dynamic nature. It’s easier than ever before to spin up new resources and add new technologies, which leads to an ever-increasing number of people and teams deploying in the cloud. Ephemeral resources like serverless functions and containers mean that workloads are being added and removed at blistering speeds.

From the security perspective, however, these changes have made keeping up with the cloud all the more challenging. The dynamic nature of the cloud has strained some traditional security approaches to the breaking point.

  • The security pipeline is broken.
  • Which context do you need to still be able to get things done?
  • A view on the current, the next, and future of cloud security.

Frans van Ierland

Customer Technology Advisor, EMEA, Wiz

14:50

Innovator

Resilience with Intelligence

Resilience is the ability to fight back and remain strong despite continuous attacks – taking into account that the attackers only need to succeed once, defenders need to succeed every time. This session will argue that resilient cyber defense can only be achieved through automation and that automation requires intelligence that is both timely and tailored to the defending organization.

Staffan Truvé

CTO, Recorded Future

15:15

Coffee Break

15:35

Expert Panel 4

Thought Leaders - Phishing attacks – Emergence of devastating new techniques

Phishing attacks are a subset of social engineering strategy that imitate a trusted source and concoct a seemingly logical scenario for handing over login credentials or other sensitive personal data.

  • Browsing a new way of phishing using a malicious browser extension: what can we do to stay safe?
  • “Browser in the Browser” attacks (BitB attacks): A devastating new phishing technique
  • Sophistication of Spear phishing
  • Prevention of Social Engineering Attacks: Organizational design that minimize attack vector
Bjorn Johren - Speaker at Next IT Cyber Security Conference

Björn Johrén

CISO, Max Matthiessen

Bjorn Johren - Speaker at Next IT Cyber Security Conference

Jack Swedjemark

Head of Cyber Security, Sinch

Carl-Goran Domeij

CISO, BillerudKorsnäs

Jan Olsson

Security Profile of the Year 2022 | Crime Commissioner/ Police Superintendent, Police Agency Swedish Cybercrime Center SC3

16:05

Saviynt

16:10

SHORT BREAK

Paul Newton

MentalTheft

16:20

Expert Panel 5

Thought Leaders - Compliance and information security management: Consequential to overall business success

  • How to stay safe against policy violations
  • Detect atypical behaviors and tracks signatures for potential high-risk events
  • Response and forensic investigations into what happened
  • European Union NIS2 directive: a high common level of cybersecurity across the Member States

Johanna Molander

Global Compliance, Sandvik

Baris Färnman

VP & Head of Information Security, Truecaller

Peter Norrhall

Director IT Platform Technology, Etraveli Group

Girish Agarwal

CDO/CIO, Piab

Moa Mörner

DSO DPO, SJ AB

16:55

Innovator

FUTURE-PROOF YOUR SECURE ACCESS STRATEGY

Recent years have seen a massive shift in trends in the way we work. Cloud services and solutions have been adopted en masse, working from anywhere and everywhere has become a norm and multi-layered approach to access control as a way of preventing the common vulnerabilities has become commonplace.

As exciting as they are, these new trends also pose important questions around security and business resilience. What is the appropriate level of trust to consider and deliver when people or devices access corporate systems and applications? How to maintain great user experience whilst ensuring security isn’t compromised? How to achieve business resilience, turning temporary fixes into future-proof measures?

Join this session to explore how to enable business resilience with a secure access strategy, avoid Push phishing and incorporating new trends such as Passwordless.

Nick Stokmans

Cybersecurity Specialist, Cisco

17:20

Expert Panel 6

Cyberwars and critical infrastructure

CISOs in the middle of warfare

  • The impact of cyber-attacks on businesses and nations
  • Cyber-attacks on critical infrastructure – detection, prevention and investigation
  • How do the laws treat cyber-attacks? State of emergency

Mattias Wallén

CISO, SSC – Swedish Space Corporation

Dan Cimpean

The Director of the Romanian National Cyber Security Directorate

Rik Ferguson

Vice President Security Intelligence, Forescout

Fazel Ahmad Azizi

Head Of IT Architecture & Security, Trondheim kommune

Stéphane Duguin

CEO, The CyberPeace Institute

Sofia Staaf Frederiksen

Head of Information Security, Apoteket AB

18:00

By invitation Only Dinner / Gadgets / Paul Newton

Partners

Networking Partners