Live TV Studio
Broadcast
Mission
At our unprecedented digital meeting place you will participate in the way that suits you, tie new contacts, interact, be inspired and all this in a new format.
Here you will, among other things, be able to follow the studio broadcast that is brought to you live from Elite Marina Towers situated at the Stockholm archipelago.
You will listen to exciting conversations and interact with inspiring speakers raising:
- How to protect our democracy in the Era of cyber information warfare
- How to safeguard our human rights in the Era of cyber surveillance
- How to stay secured in the Era of internet connected devices
Contributors















The Business Agenda
Tuesday, November 10, 2020
Dear Executives,
Cyberattacks have become an unfortunate reality and major source of damage in today’s digitally focused business environment. As companies increasingly adapt to a digital environment and particularly as COVID-19 makes us work remotely, it is more important than ever for organizations to invest adequately in cybersecurity solutions.
08:00
Gather Town – ICE BREAKER
08:30
LIVE TV Studio – The Morning Show
08:45
Remote workforce and vulnerabilities, Europol’s perspective
- How to protect our democracy in the era of cyber information warfare?
- How to safeguard our human rights in the era of cyber surveillance?
- How to stay secured in the era of internet connected devices?

Edvardas Šileris
Head of Europol’s European Cybercrime Centre (EC3), European Cybercrime Centre – EUROPOL
09:00
Expert Panel: Ransomware - Just being proactive is not enough! What entrepreneurs should do during a cyber attack?
- What trends do you see in cyber security in general and ransomware attacks in specific?- Göran
- What can you do to prevent an attack?- Teemu
- How do you increase awareness amongst users?- Göran
- What could you do to prepare for if you get hit by an attack?- Tony What is your view on cyber security insurance?- Jamie
- How to conduct exercises regarding cyber incidents? (additional question)- Teemu

Göran Kördel
CIO, Boliden

Tony Kylberg
Head of Group Security & Cyber Defence, CSO/CISO, SEB

Jamie Whitcombe
Chief Information Security Officer (CISO), Allianz Insurance

Edwin Weijdema
Global Technologist, Veeam

Teemu Ylhäisi
Chief Information Security Officer (CISO), OP Financial Group
09:30
Innovators’ Power Hour + Networking Break + 1-1 Meetings
IPH A
09:30

TLS, Compliance and Zero Trust – Protecting Users From Themselves

Babur Khan
Technical Marketing Engineer, A10 Networks
09:50

Back to the Future: a Data Breach Prevention Plan Great Scott! Attacks are getting more frequent, more sophisticated and more costly every day.
In this session, Kennet will share a story about how one company was breached, and then we’ll travel back in time to see how setting up the right security measures could have saved it from all the financial loss, legal issues and reputation damage it suffered. Come learn from the mistakes of others so you won’t need a time machine to secure your critical information; instead, you’ll stay ahead of attackers.
- Common security misconceptions: assume being breached any time –
- Story time: two data security incidents in one company –
- Let’s time travel! How the breaches could have been prevented

Kennet Johansen
Manager, Solutions Engineering EMEA/APAC, Netwrix
IPH B
09:30

Modernising Your Cloud Journey with DevSecOps Principles & Architecture
Talk synopsis: Whether you have been on the cloud journey for 5 months or 5 years, over 75% of enterprises are still encountering a variety of architectural and security challenges when migrating legacy applications to the cloud, developing and delivering cloud-native applications, or managing hybrid and multi-cloud environments. Some of these hurdles include understanding dependencies between applications and application components, refactoring application security infrastructure for cloud hosting, and securing the API proliferation.
During this chat, Surag Patel, Chief Strategy Officer at Contrast Security will discuss how CIOs, CTOs, CISOs, and Chief Cloud Architects can overcome many of these obstacles and maximize cloud efficiencies by implementing DevSecOps principles.

Surag Patel
Chief Strategy Officer at Contrast Security, Contrast Security
09:50

Achieving Cyber Herd Immunity: Why Threat Intelligence Sharing Is Relevant
- Recommendations on how to share anonymised threat intelligence
- Producing actionable threat intelligence
- Knowing adversaries’ attack techniques

Gino Rombley
Senior Solutions Consultant, EMEA, Anomali
IPH C
09:30

Cyber Extortion: A threat forecast of current and future trends as he uncovers cyber extortion. Join us as we look at the threat forecast of current and future trends.
- Current and probable future trends regarding cyber extortion
- The professionalization of cybercriminal activity, and the transformation to professional enterprise models
- How threat actors are using a combination of encryption, data loss, and public announcements to accelerate profits
- Recommendation on how to mitigate the threat posed by cyber extortion actors

Christopher Morgan
Senior Cyber Threat Intelligence Analyst, Digital Shadows
09:50

Bug Bounty as an agility driver
API, agility, DevOps, cloud-native, shift-left and are no longer just some buzz words. Whatever their stage of digital transformation, every CIO and CISO face the acceleration of releases and IT project life cycles. Traditional security approaches are often not sufficient enough to meet those new challenges. In this talk, we’ll discuss how crowdsourced security can enable, instead of slowing down IT modernization – and best practices that should be taken into consideration when securing these new environments.

Rodolphe Harand
Managing Director, YesWeHack
IPH D
09:30

The Risky Business of Open Source Libraries and What to Do About It
- The prevalence of open source libraries in applications
- The types of vulnerabilities most common in open source libraries
- The best practices for addressing the security vulnerabilities in open source code

Tom Smith
Solution Architect, Veracode
09:50

Disrupting your cyber adversaries with Threat Intelligence - Short presentation description
- There’s never been a better time to be a bad guy
- Disrupt adversaries using the Security Intelligence Graph
- How to organize and analyze threat data in an entirely new and different way

Staffan Truvé
Co-Founder and CTO, Recorded Future
10:10
Gather Town Networking
10:45
Secure by design
- Why security-by-design is important and who should take the approach into use?
- Where should you start and how, if you want to apply security-by- design?
- What benefits would security-by-design bring to a company in terms of efficiency and competitiveness?

Juhani Eronen
Chief Specialist, Finnish National Cyber Security Centre (NCSC-FI)

Karl Emil Nikka
Security Awareness Trainer and author of the book “Bli säker” (Get Secure)
11:00
ROUNDTABLE DISCUSSION ( 2 x 30min )
12:00
Gather Town Networking
12:40
Cyber security research

Pontus Johnson
Professor & Director of the Center for Cyber Defense and Information Security, Kungliga Tekniska Högskolan
12:50
Moment in time with Peter
- There were several newspaper articles about SVT increasing its spend on security. Why is that necessary?
- Why do you think the threats to SVT keep increasing?
- How important is IT security for SVT?

Peter de Verdier
CFO, includes responsibility for the Security department, Sveriges Television (SVT)
13:00
Vulnerabilities disclosure
- What is your defense methodology regarding vulnerability management?
- What are the criteria by which you decide to act?
- How do organizations respond and what is the effectiveness of the process?

Dana Toren
Head of the Cyber Incident Handling Center, CERT-IL | Israel National Cyber Directorate
13:20
Expert Panel: How to stay cyber secure while working from home?

Anders Jared
CISO, SYSTEMBOLAGET

Jarkoo Rautula
CISO, TomTom

Karl Emil Nikka
Security Awareness Trainer and author of the book “Bli säker” (Get Secure)

Christoffer Eile
CIO, Fora

Karl Castor
IT Security Manager, Swedavia

Tim Barber
SVP EMEA, ForgeRock
13:50
In conversation with

Ishtar Touailat
Innovation, Leadership and Tech Superstar, IT Woman of the year
14:10
Expert Panel: No more compromises: Do new technologies allow us to simultaneously look at security and user experience
2020 has seen a huge shift in online behaviors with businesses striving to meet new digital demands. But with this they’ve also had to battle huge increases in online fraud. So how can businesses both appease and protect their workforce and customers? This session asks whether authentication and identity verification are the solution? With our digital lives as much about trust as it is transactions, can business growth come from the intersection between identity, data and experience?

Amir Nooriala
Chief Commercial Officer, Callsign

Jenny Ahlqvist
Senior Advisor Trusted Services, Sparebank1

Chris Hubbard
FVP – Head of Fraud, Danske Bank

Christopher Taylor
Product Manager – Authentication, Klarna
14:40
Innovators’ Power Hour + Networking Break + 1-1 Meetings
IPH A
14:40

Where is my data!? Despite all security efforts, we still got a breach. Now what?
That is the first question that is being expressed when a Cyberattack shows its true identity. Cyberthreats, including devious attacks such as ransomware, spyware and malware, are among the most common IT challenges for enterprises. What would you do in case your Data is attacked and held ransom? Attacks have increased in numbers and complexity and spread to organisations of any industry across the globe. As a matter of fact, we need to accept that cyberattacks are more present than ever, and they can affect both our professional and personal lives, unless we prepare — this session will help you prepare against Cyber Threats.
- How to prepare against Cyberthreats
- Backup is essential, but Restore is critical
- Can you be 100% Secure?

Edwin Weijdema
Global Technologist, Product Strategy, Veeam
15:00

Reclaim the network!
- Don’ get stuck in details… visualize Your level of protection with Cyber Security Score
- How to have a meaningful discussion with a non tech leader
- Prioritize improvements where it makes the most value

Thomas Vasen
Commercial Solution Manager, Clavister
IPH B
14:40

Security, Report to Platform 1 – The DevSecOps Train Join this speaking session, presented by Adam Brown to take away some key findings from our latest BSIMM 11
- ‘Shift left’ was coined in 2006, then exploded in 2009 – Where are we now?
- What does DevSecOps look like in the top few major firms who really do it?
- Security must stay relevant – How long until true DevSecOps is everywhere?

Adam Brown
Senior Manager/Advisor, Synopsys
15:00

Secure Work Anywhere : Supporting the New Normal from Corporate Policies to Security Practices
The global pandemic and impacts stemming from COVID-19 shook up operations across the globe. Both security and cultural impacts stemming from the pandemic continue to emerge for businesses. As organizations have navigated their way through return to office scenarios, there are a number of new employee expectations and employer considerations to think through. Rather than only focusing on the point-in-time circumstances of “secure work-from-home” operations, many organizations are considering a proactive “secure-work-anywhere” policy. In this webinar, we’ll highlight what aspects of secure work anywhere have been successfully in place prior to regional waves of quarantine, supporting productivity through employee mental and physical health considerations, privacy considerations for employees’ personal environments, empowering your plan with innovative solutions and technology.
KEY TAKEAWAYS:
What disciplines and business structure have already been operating “secure work anywhere”?
How can the extent of your internal governance policies can help or inhibit your employees ability to execute their job effectively?
Considerations to balance security-based monitoring and employee privacy rights within personal environments
Technology and innovative strategies to put your “secure-work-anywhere” plans in motion.

Scott Bridgen
GRC Consulting Director, OneTrust
IPH C
14:40

The future of work remains unpredictable and uncertain.
More than ever before, business leaders need to remain confident that their operations can continue securely in the face of global or even regional crises, and while sections of the economy are slowly re-opening, cyber-attackers are ramping up their campaigns.
As businesses look set to rely on cloud and SaaS tools for the long term, our digital environments are going to be more dynamic than ever. Yet organizations are finding themselves undergoing a delicate balancing act—each new work practice and technology that is introduced also brings unforeseen risk. Static, legacy approaches have become redundant, both unintelligent and ill-equipped to adapt.
Organizations must rethink their approach to security, and rely on new technologies like AI to achieve much-needed adaptability and resilience. Darktrace is the world leader in cyber AI technology, and leverages unsupervised machine learning to seamlessly adapt and integrate into changing environments, and to detect and respond to attacks in the earliest moments.
In the face of an uncertain present and future, Cyber AI enables businesses to continue communicating, operating, and innovating.

Elise Stark-Johansen
Account Executive, Darktrace
15:00

Digital Trust
- Huawei’s end-to-end Cyber Security approach –
- The importance of Transparency and Verification –
- How this helps provide a foundation for Digital Trust

Tor Saltveit
Cyber Security Officer, Huawei
IPH D
14:40

Enabling and securing employees in today's work-from-anywhere world
- Is 2020 the beginning of the end for traditional data centre security stacks?
- What’s the best way to get visibility and control of remote users’ web and cloud activities?
- How does a ‘Secure Access Service Edge’ accelerate user mobility and cloud adoption?

Ross Asquith
Product Marketing Manager, Netskope
15:00

Institutionalizing Incident Response
The 3 keys for incident response are risk
- Reduction
- Crisis preparation and
- Communication.

Arun Singh
Director Product Marketing, Cloudflare

Joe Sullivan
CSO, Cloudflare
15:20
ROUNDTABLE DISCUSSION ( 2 x 30min )
16:20
Expert Panel: The necessity of increased cooperation between the private and public sectors and not least the joint responsibility to participate in the preventive work

Philipp Amann
Head of Strategy, European Cybercrime Centre – EUROPOL

Jan Olsson
SUPERINTENDENT , Polismyndigheten/Swedish Cybercrime Centre

Patrick Cordner
Head of Swedish Cybercrime Center, Polismyndigheten

Ralph Benton
CISO, SCHIBSTED

Jacob Henricson
CISO and CSO, Skanska
16:50
ROUNDTABLE DISCUSSION ( 2 x 30 min )
17:50
Live TV Studio – The Highlights
18:00
GATHER TOWN – One for The Road BYO BEER
The Round Table Concept
ROUND TABLE – (6 rotations x 30 min / rotation)

Feature
20 tables, 20 topics – sitting 10 peers in a round table format discussing business critical issues. This is being moderated by an end user and an innovator that has best practice regarding the topic.

Benefit
Intimate setting where big or small questions are being asked and discussed in a relaxed way. The discussions are vibrant and it’s amazing. The buzz is actually unbelievable and this is going on throughout the whole day. Everyone loves this new concept and thinks that the ROI is top!

Instead of
Instead of the usual….listening to session after session,not knowing in advance which speaker is any good, this followed by a 5min Q&A ..where nobody usually dare put up their hand- because we are so shy…:)
And it all just becomes a little awkward and stiff…
Q: Do you agree with us, in principle, that the ROUND TABLE concept is a great solution? I know we do.
RT 1
IoT, is it a blessing or a curse?
- Are we secured enough? As IoT devices greatly expand the “attack surface”
- Are we delivering what we promised?
- Security: Devices and Network

Per-Olof Persson
Senior Manager/Advisor, Synopsys

Brian O'Toole
Head of Digital Services Security Centre, Ericsson
RT 2
Identify criteria for data protection activity
- Data security
- How can we be on the right track?
- How crucial or valuable is it to know if we are doing too much or too little?

Anwar Sulaiman
Data Protection Officer, Saab
RT 3
How to stay cyber secure while working from home?

Marco Hogewoning
Senior External Relations Officer (Technical Advisor), RIPE NCC

Kaveh Ranjbar
CIO, RIPE NCC
RT 4
Cybersecurity for End Users: Awareness is a method, NOT a goal!
- Is it true that people are the weakest link?
- The shift is more and more towards phishing to the end point
- Awareness is not enough, behaviour needs to change

Rune Skarphagen
CISO, Zenuity (Part of Volvo group)
RT 5
Vendor Risk Management- When we choose our business partners in the form of consultants, maintenance vendors, engineers or even during mergers and acquisitions, we broaden our attack surface. Due diligence is an absolute MUST. While inviting tenders or receiving price quotes, it is paramount to weigh-in the security posture of our potential partners to stay secure.
- A digitalization strategy execution often needs additional hands on project basis. External resources are often hired and once they get access to the in-house systems, they become a part of our attack surface.
- Contracts given to maintenance companies like in oil and gas, defense sector, aerospace etc. must not only be dependent on the price and delivery reputation but security posture too. More often these organizations are the part of the critical infrastructure of a state and it is not only important but critical to be vigilant in these matters. Example – Stuxnet incident.
- During Corona times, all these concerns amply to a higher notch because now these vendors are working from home. It is next to impossible to get an overview of the compliance rates in the information security aspect and secure practices.

Ivan Talwar
CISO, Høyskolen Kristiania
RT 6
Challenges of regulatory compliance
- Changes in the legal requirements are affecting not only global companies – CMMC(USA), Brexit(UK and EU), Cybersecurity Law(China), Cybersecurity Act(EU) and many more
- Impact on IT-strategy
- Best practices in IT solutions in context of regulatory compliance

Sebastian Svärdebrandt
CIO, Nord-Lock

Tor Saltveit
Cyber Security Officer, Huawei
RT 7
Outsourcing and third-party cyber risk management
- Cyber attacks
- Ineffective controls
- Breach of laws and regulation

Jörgen Mellberg
CISO, Head of IT & DPO, Sparbanken Syd
RT 8
How To Successfully Implement an Information Security Management System (ISMS)
- How to successfully use a pragmatic approach to reach strategic and tactical goals in Information Security
- The importance to start with WHY, to get management attention and interest – What’s in it for me.
- Visualize and express an Information Security Plan.
- Train your users in information security – Awareness training.
- Measure and follow up Information Security – See the progress.

Håkan Sonesson
CISO, Jönköping University (JU)
RT 9
Ransomware, according to the Oxford English Dictionary is: “A type of malicious software designed to block access to a computer system until a sum of money is paid.” *. Many organizations are dealing with ransomware attacks, which is part of their initial risk analysis. But what happens when this risk is not mitigated?
- Readiness for a ransomware attack. Do we have what it is needed in place (infrastructures, processes etc)?
- What happens when we are becoming the victim?
- Connections between non-mitigated ransomware attacks and financial aspects.

Elpidoforos Arapantonis
Solution Architect – Safe Vehicle Automation, Volvo Cars

Daniel Eisenberg
Sales Director Nordics, Cybereason

Berndt Frogner
Channel Director Northern Europe, Cybereason
RT 10
"The new normal" - can the corona crisis make e-commerce more sustainable?
- What are the logistic challenges?
- What is Klarna’s viewpoint for the “new normal”?
- What solutions can be implemented when it comes to e-commerce and how can we implement them to have efficient results during this COVID-19 pandemic?

Filip Johnssén
Senior Legal Counsel Privacy/Data Protection Officer, Klarna
RT 11
How to build your organization in the new world?
- How to change your mindset?
- How important is it to have cloud services?
- What is the major challenge covid 19 or lack of knowledge?

Ingela Schmidt
Chief Information Security Officer, SEB Pension & Försäkring

Alex Laurie
SVP Global Solution Architecture, ForgeRock
RT 12
Digitalization of Banking and Finance Sector
- Trust and availability – fundamental components for customer satisfaction
- Digital operational resilience – drawing attention from two perspectives, threat actors and regulatory bodies
- Cloud – opportunities and risks

Erik Blomberg
CISO, Handelsbanken

Mark Dixon
Regional Sales Manager – UK&I, BeNeLux & Nordics, A10Networks
RT 13
Awareness – building the motivation to invest in cybersecurity.
- Bringing down the abstraction of cybersecurity
- Aligning cybersecurity with overall business objectives
- If you can’t see it – it isn’t there; measure, monitor and report!

Eva Throne-Holst
Information Security Officer, Nordnet Bank

Ilia Sotnikov
VP of Product Management, Netwrix
RT 14
The future of data transfers between EU and US
- CJEU ruling invalidated both the EU-US Privacy Shield and Standard Contract Clauses as valid mechanisms for safeguarding personal data that is transferred from the EU to the US.
- This has implications for all organizations that in one way or another is transferring personal data to the US.
- What the CJEU ruling in the so called “Schrems II” case is all about and what you as a company need to do in order to face the new reality?

Elin Ryrfeldt
Informationssäkerhetschef (CISO), Axfood
RT 15
Do we need magicians to help understand the importance of Maturity of knowledge within cybersecurity?
- How can we increase awareness?
- Importance of The Cyber Security Maturity Assessment (CSMA)

Rune Carlsen
CISO || Security Manager KLP, KLP
RT 16
Getting security culture right takes more than a day.
- Current threats
- What the board need to know
- How to get there and how do you know when you have it?

Anne-Marie Eklund Löwinder
CISO, The Swedish Internet Foundation
RT 17
A match made in heaven - security and the digitalization of healthcare
- Patient first – enforcing patient integrity through transparency and digital tooling
- Securing patient data – raising the bar for the minimum level of security within health care
- The digi physical clinician – digital tools enforcing instead of hindering quality care

Hanna Nilsson Andrén
Security Officer, Kry
RT 18
No more compromises: Do new technologies allow us to simultaneously look at security and user experience
2020 has seen a huge shift in online behaviors with businesses striving to meet new digital demands. But with this they’ve also had to battle huge increases in online fraud. So how can businesses both appease and protect their workforce and customers? This session asks whether authentication and identity verification are the solution? With our digital lives as much about trust as it is transactions, can business growth come from the intersection between identity, data and experience?

Dr Philip Bonhard
Head of Customer Experience for Digital Security, Authentication and Identity, Lloyds Banking Group

Andreas Eliasson
Commercial Director, Callsign
RT 19
The profits of data breach and what to do with that knowledge

Thea Sogenbits
Chief Information Security Officer, Estonian Tax and Customs Board
RT 20
Bitcoin Million fraud of today
- Ukrainian companies target Swedish persons and they cover 50 countries in the world.
- Money losses for over millions of Swedish crowns.
- Manipulate you to install online, the software program ANY DESK (any person at all, can control your computer online).
- Sweden has no agreements with countries like Ukraine. Like in the EU.
- Problem to be solved. This makes it difficult to extradite the information to the Swedish police authority.

Elise Revell
Cybersecurity Evangelist