We prepared these hot topics crucial for you just in November 2024 due to the unique BeNeLux cyber landscape including: highly interconnected supply chains, dependance on third party vendors, and the region’s high adoption of multi-cloud which is the next frontier. All these raise the need for a new cloud security operations model and the need for safeguarding your IoT ecosystems.
In addition, increased cyber threats during the holiday season impose development of a strong cybersecurity workforce, with you as a leader of building cyber resilience.
That is why you must stay updated on the latest trends to effectively protect your leadership position and your organization.
Agenda November 2024
08:00
Registration
08:15
Power Breakfast
Let's open the conference with a power breakfast where you will have the opportunity for the first morning networking with colleagues from different industries and a chance to make new acquaintances and exchange business cards.
08:50
Firestarter Digicert
09:00
- An in-depth overview of the Threat Intelligence-based Ethical Red Teaming (TIBER-EU) framework, designed by the European Central Bank to enhance cyber resilience across the financial sector.
- Ransomware Attack: A detailed analysis of a recent ransomware attack on a financial institution, demonstrating how TIBER-EU protocols can identify vulnerabilities, mitigate risks, and improve response strategies.
- Practical recommendations and best practices derived from TIBER-EU implementation experiences, focusing on strengthening defenses, enhancing threat intelligence, and ensuring robust incident response mechanisms.
Jelena Zelenović Matone
CISO at European Investment Bank, Member of World Economic Forum and founding board member and first president of Women4Cyber & Woman Cyber Force
09:25
- What does being a “business enabler” even mean?
- Does the (C)ISO have the opportunity and resources to enable business?
- Do organisational structures and perspectives need to change for business enablement by (C)ISOs?
- Does a high-profile, customer-facing CISO look distracted from the day job?
Moderator: Edward Asiedu
Senior Principal Security Strategist
DataBee by Comcast Technologies Solutions
Jeroen Prinse
CISO
Nationaal Cyber Security Centrum
(NCSC-NL)
Jim Leseman
CISO & COO
Clear.bio
Erik Frambach
CISO
Pensioenfonds Rail & Openbaar Vervoer
Steven Furnell
Professor of Cyber Security
University of Nottingham
10:00
As organizations navigate the complexities of AI adoption, governance and compliance, and digital transformation, cloud security has become a strategic priority. The challenge is not just safeguarding data but leveraging security investments to unlock business value. In this session with Wiz, we’ll explore proven strategies for aligning cloud security with business objectives to drive ROI, operational efficiency, and innovation. Learn how advancing cloud security maturity can fuel growth, mitigate risk, and deliver a competitive edge in an increasingly digital economy.
Richard Hensen
Enterprise Solutions Engineer
Wiz
10:20
Coffee break and 1-1 meetings
10:50
Why does social engineering work and how can we prevent it? To better understand this age-old question we will delve into the mindset of social engineering attacks, exploring why they work and how we can fight back. We will share insights on using nudges to guide people towards better cybersecurity decisions and emphasise the importance of building a strong cybersecurity culture.
Key takeaways:
- Understand the mindset and behavioural principles that make social engineering attacks so effective
- Learn how nudges can be used to encourage better cybersecurity habits
- Discover the importance of fostering a strong cybersecurity culture within organisations
Javvad Malik
Lead Security Awareness Advocate
KnowBe4
11:15
- Increasing Importance of Data Privacy;
- Rise of Zero-Trust Architectures and Approach;
- Integration of Cybersecurity and Business Strategy;
- Cyber Security In The Board Room;
- Cyber Resilience – Beyond Cyber Security;
- Cybersecurity Priorities in 2025
Sofia Staff Frederiksen
Head of Information Security
Apoteket AB
Jan Öhman
CISO
Polystar OSIX
Jean-Yves Mathieu
CISO
Banque Internationale à Luxembourg
11:40
- What are some leading edge technologies the leaders on the panel are seeing?
- How do they balance the risk of new technologies with the benefits?
- Does the consolidation of technology via marketplaces or cloud hyperscalers damage access to innovative technologies?
Craig Roberts
Field CTO
Rapid7
Tiago Teles
Head of Advanced Analytics & AI
ABN AMRO BANK
Dr. Martijn Dekker
Global CISO
ABN AMRO BANK
Arnaud Wiehe
Director Information Security
FedEx
12:10
Firestarter Illumio
12:20
Lunch Break & 1-1 Meetings
13:20
Generative AI has taken the world by storm and we’ve seen this taken up in the realm of Security as well. Let’s go through some of the developments from an organisational and technical perspective on what we can do, what we can’t do, and what forces we have to deal with to leverage this technology in the current world. With real world examples and innovations we’ll also talk about guardrailing these technologies properly so they can be made fit for purpose.
Arno Van de Velde
Principal Solutions Architect
Elastic
13:45
The challenges posed by shadow IT and its impact on the visibility and control of assets are getting bigger.
• The risks associated with unauthorized IT deployments and the potential consequences for organizational security are neglected too often.
• Develop strategy for identifying and mitigating shadow IT risks as well as for enhancing the visibility and control of your organization’s assets.
• Don’t let shadow IT compromise your organization’s security. Don’t play dead. Join us on this session to gain actionable insights into managing shadow IT and turning it to official IT. This will strengthen your overall cybersecurity posture and make you sleep well at night.
Lyzia van Iterson
Cybersecurity Leader
LKQ Europe
Jack Krul
CISO
Exact
Alain De Maght
Former CISO/DPO
at Hopitaux Iris Sud Brussels - Senior Lead implementer ISO 27001
Sümeyra Arda Çirpili
Cyber Security Project Manager
Rabobank
14:20
This presentation, Emerging Vulnerabilities Every Enterprise Should Know About, examines critical vulnerabilities in internet-connected devices and software. Attendees will learn to assess these threats, with a focus on the risks facing edge and SOHO devices and the common exposure of certain software platforms, particularly Windows. We’ll cover strategies for minimizing attack surfaces, securing the supply chain, and improving detection within attack surface management (ASM) frameworks. Join us to gain essential insights for strengthening your organization’s security posture against evolving threats.
Jonas Gyllenhamma
Senior Solutions Engineer
Censys
14:45
Firestarter Teleport
14:55
Coffee Break & 1-1 meetings
15:25
Malcolm Larri, Host of the Next IT Security conferences will provide you with the history of Next IT Security. How everything started, what is the mission statement, and as well the plans for expansion for 2025.
Malcolm Larri
Host of
Next IT Security
15:35
98% of organizations have experienced a breach via a third-party. This talk will explore the challenges of integrating and managing third-party services in today’s SaaS-dominated environment. We will discuss practical strategies for effective due diligence, overcoming false security assurances, questionnaire exchanges and fairy tales often provided by vendor documentation. We are going to look forward to how the evolving regulatory requirements are shaping this domain. The session aims to arm CISOs and business leaders with actionable insights for enhancing third-party risk management, ensuring both operational resilience and compliance.
- Due Diligence Realities: Examine the challenges and limitations of current due diligence practices in revealing true third-party risks and the steps to enhance the process.
- Lifecycle Management: Strategies for managing the lifecycle of third-party relationships, from onboarding to offboarding, to prevent security breaches despite vendor security assurances.
Impact of Regulations: Analyze how recent regulatory changes are reshaping organizational strategies for third-party risk management and what measures can be taken to comply.
Zsolt Fabian
Group Cybersecurity Lead
Byborg Enterprises
16:00
AI: A potential paradise alley for cybersecurity advancements, promising enhanced threat detection, automated response, and efficient risk mitigation.
The road to a dystopian future: Concerns arise regarding AI’s susceptibility to manipulation, biases, and unintended consequences, posing new security challenges.
Balancing innovation with caution: Embracing AI in cybersecurity requires careful consideration of ethical implications, regulatory frameworks, and proactive risk management strategies.