Frankfurt

November 27, 2025

" The time is always right to do what is right."
Martin Luther King Jr.

Media Partners

Click on the Fast Link buttons to learn more

Agenda

Venue

Limited to 150
BIO C-Suites

Partners

Register

WHY YOU SHOULD JOIN
OUR CONFERENCE

Focus:

Critical Infrastructure in DACH – Why Now and Why Here

Complex regulatory compliance/universe – Unified Solutions Needed

Zero Trust implementation for 3rd Party security risks

AI and Automation in Security – Consolidation to augment human capabilities for incident response and threat detection   

Shared Responsibility Model – Issues & Solutions

  • Keynotes & Fireside Chat

Helmut Spoecker

Vice President,
Chief Security Officer
ECS Partner Management
SAP

Andrew Byrd

Cyberspace & Cyberdefence Officer
NATO

Gianclaudio Moresi

Corporate CISO
Forbo Group

Florian Jörgens

CISO, Author & Lecturer

Jelena Zelenovic Matone

CISO, Author & Lecturer
European Investment Bank

Filip Nowak

Global Head of Cyber Defense
Ferrero

David Gerhardt

Senior Manager Risk & Security
Norma Group

  • Round Table Captains

Patrick Ghion

Chief Cyber Strategy Officer
Geneva State Police

Roelof
Kroon

Cyber Risk Officer
Transdev

Michael Ruppe

Group CISO
Adcubum AG

Dr.-Ing. Joachim Fox

Director Product Governance
ZF Group

Benjamin Bachman

CISO
Bilfinger

Dennis Pokupec

CISO
Creditplus Bank

Burakhan Tahmaz

European Group Information Security Officer
KYOCERA Document Solutions Europe

Trish Mcgill

Security IT/OT Manager
Illonix

Dr. Michael Ebner

Former Group CISO & Director Information Security
EnBW Energie Baden-Württemberg AG

Marius Ebel

Senior Cyber Security Specialist
Bilfinger

Book Author

Florian Jörgens

CISO, Author & Lecturer
Florian Jörgens initially developed his professional interest in information technology in 2002. Whilst working as an IT specialist for system integration at T-Systems International GmbH, in application and system support he earned his BSc. in Business Information Systems.

Gaining further experience in IT auditing at PricewaterhouseCoopers and completing a MSc. in IT Management, Florian Jörgens then worked for E.ON in Essen as a manager leading information security for their entire German sales organization.

In March 2019, as Chief Information Security Officer at LANXESS AG in Cologne, he took over holistic responsibility for the Group's information security.

Today, Florian Jörgens is Chief Information Security Officer of the Vorwerk Group. Additionally, he is active as a keynote speaker, lecturer, author and research assistant at various universities. Furthermore, he gives expert lectures on the topics of information security, awareness and cyber security.

Florian Jörgens was awarded the Digital Leader Award in the category "Cyber-Security" by CIO magazine.



Author of the book
"The Human Firewall: Wie eine Kultur der Cyber-Sicherheit geschaffen wird".

WHY YOU SHOULD JOIN
OUR CONFERENCE

Focus:

Critical Infrastructure in DACH – Why Now and Why Here

Complex regulatory compliance/universe – Unified Solutions Needed

Zero Trust implementation for 3rd Party security risks

AI and Automation in Security – Consolidation to augment human capabilities for incident response and threat detection   

Shared Responsibility Model – Issues & Solutions

Partners

Ticket Price

990 €

Get your FREE ticket
with a PROMO CODE

Apply for The C-Suite Edition

27th of November 2025


Welcome to Next IT Security – C-Suites Edition in Frankfurt: Redefining Cyber Resilience for the DACH Region

On 27 November 2025, Frankfurt will host the most exclusive gathering of cybersecurity executives in the DACH region. The C-Suites Edition of Next IT Security is designed for senior decision-makers looking to stay ahead of the curve on cybersecurity strategy, innovation, and regulation.

This edition focuses on the distinct challenges facing Germany, Austria, and Switzerland, with five business-critical areas driving the agenda:

Critical Infrastructure in DACH – Why Now and Why Here
 With increasing geopolitical pressures and digital interdependence, the DACH region’s critical sectors are under unprecedented scrutiny. This session explores why a proactive, region-specific defense strategy is more urgent than ever.

Complex Regulatory Compliance – Unified Solutions Needed
 GDPR, NIS2, DORA and beyond—organizations today face an expanding universe of compliance mandates. We’ll examine the practical ways companies are navigating regulatory complexity and moving toward harmonized, scalable compliance solutions.

Zero Trust Implementation for Third-Party Security Risks
 The third-party ecosystem is often the soft underbelly of enterprise security. Discover how forward-looking organizations are applying Zero Trust principles to secure external access and reduce exposure from partners and vendors.

AI and Automation in Security – Consolidation to Augment Human Capabilities
 AI-driven automation is reshaping threat detection and incident response. This track explores how tools are consolidating to support human teams, speed response times, and make cybersecurity more agile and intelligent.

Shared Responsibility Model – Issues and Solutions
 Cloud adoption has blurred the lines of responsibility. This session tackles the shared responsibility model head-on, identifying what works, what breaks down, and how to design accountability into cloud-first strategies.

Next IT Security in Frankfurt is not just an event—it is a leadership summit where innovation meets action. We invite you to take part in high-level discussions, gain practical insights, and help define the strategic direction of cybersecurity in the DACH region.

Agenda

  • Round Table Captains

Patrick Ghion

Chief Cyber Strategy Officer
Geneva State Police

Roelof Kroon

Cyber Risk Officer
Transdev

Michael Ruppe

Group CISO
Adcubum AG

Dr.-Ing. Joachim Fox

Director Product Governance
ZF Group

Benjamin Bachman

CISO
Bilfinger

Dennis Pokupec

CISO
Creditplus Bank

Burakhan Tahmaz

European Group Information Security Officer
KYOCERA Document Solutions Europe

Trish Mcgill

Security IT/OT Manager
Illonix

Dr. Michael Ebner

Former Group CISO & Director Information Security
EnBW Energie Baden-Württemberg AG

Marius Ebel

Senior Cyber Security Specialist
Bilfinger

08:00

Registration

08:15

POWER BREAKFAST

Let's open the conference with a power breakfast where you will have the opportunity for the first morning networking with colleagues from different industries and a chance to make new acquaintances and exchange business cards.

09:00

  •  In 2025, cyberattacks on critical infrastructure—ranging from power grids to healthcare systems—are expected to increase exponentially. The DACH region is already a prime target for sophisticated cyber adversaries.
  •  The intersection of IoT, smart infrastructure, and cyber vulnerabilities necessitates immediate strategic investments. Cyber threats are now not only technical but are deeply tied to national security and economic stability.
  •  Attendees will hear about how enhanced security investments not only protect critical infrastructure but also serve as catalysts for national growth and resilience. By safeguarding operations, organizations gain a competitive advantage in securing public trust and ensuring service continuity in the face of evolving threats.
  •  This keynote will highlight why prioritizing cybersecurity investments in critical infrastructure is the most pressing issue for the DACH region.

Helmut Spoecker

Vice President, Chief Security Officer ECS Partner Management
SAP

09:25

As cyber threats escalate, protecting critical infrastructure in the DACH region demands more than traditional security measures. With IoT and smart systems expanding, organizations must embrace cutting-edge innovations to stay ahead.

This session will showcase how AI-driven threat detection, zero-trust architectures, and next-gen security solutions are transforming resilience in energy, healthcare, and transportation sectors. Investing in cybersecurity not only mitigates risks but also drives operational efficiency and public trust.

Dr Martin J Kraemer

Security Awareness Advocate
KnowBe4

09:50

  • Cyberattacks are increasingly targeting essential services like energy grids, healthcare, and transportation, creating major disruptions in the DACH region.
  •  This expert panel will cover the intersection of regulatory compliance and operational resilience, offering insights from CISOs who have successfully navigated recent threats to critical infrastructure. With KRITIS and NIS2 mandating specific measures for essential services, this session provides critical knowledge for compliance and threat mitigation.
  •  Discover how to build a resilient defense strategy that aligns with evolving regulations and addresses the unique vulnerabilities of critical infrastructure. Hear expert advices on how companies can successfully thwart attacks on essential services.
  • After this session you will be equipped with strategies to cope with emerging threats while ensuring uninterrupted operations.

10:20

Coffee Break & 1:1 meetings

10:50

Supply chain attacks have surged in recent years, and third-party vendors often represent a significant weak link in security defenses.

With Zero Trust, every interaction is verified, and access is restricted to only what is necessary.

This keynote will feature practical insights into implementing Zero Trust across third-party vendors, with real-world examples from organizations that have successfully minimized risk. you will gain a clear understanding of how to implement a Zero Trust model.

Learn to safeguard your network by ensuring every interaction—whether from an external supplier or an internal employee—is treated with the highest level of scrutiny.

Gianclaudio Moresi

Corporate CISO
Forbo Group

Florian Jörgens

CISO, Author & Lecturer

11:25

  • With increasing external security threats in 2025, Zero Trust principles offer a way to redefine organizational security from the inside out.
  • Zero Trust is not just a buzzword—it’s a necessity for organizations looking to mitigate risks posed by external threats. This session will discuss how adopting a Zero Trust framework minimize risks of breach.
  • CISOs will learn practical steps for implementing a Zero Trust framework, cultivating a security-centric culture across employees and third-party partners. Discover how Zero Trust can enhance your overall security posture by ensuring that every user, device, and system is verified before access is granted.
  • Attendees will get empowered with actionable strategies to adopt and implement Zero Trust principles that reduce external threats.

Rob Otto

EMEA Field CTO
Ping Identity

11:50

As organizations increasingly rely on third-party vendors, partners, and contractors, the attack surface expands, making them vulnerable to supply chain breaches and unauthorized access. Traditional perimeter-based security models are no longer sufficient to protect critical assets.

This session explores how implementing a Zero Trust approach can effectively mitigate third-party security risks by enforcing continuous verification, least privilege access, and strict segmentation. Attendees will gain insights into real-world use cases, key implementation strategies, and common pitfalls to avoid. Learn how Zero Trust can help organizations secure third-party interactions without compromising operational efficiency.

12:20

Lunch Break

13:20

  • Regulations such as NIS2, DORA and KRITIS place increased scrutiny on the security of critical infrastructure.
  • Learn how to conduct holistic risk assessments to ensure compliance with these regulations. Recent incidents, involving critical infrastructure breaches, underscore the importance of staying ahead of evolving regulatory requirements.
  • Attendees will discover how to leverage advanced technologies and collaborate with public sector entities to protect critical services.
  • This session will provide the strategic knowledge about fostering a culture of collaboration between compliance, security, and operational teams ensures that regulatory demands are met while simultaneously addressing broader business risks.

Jelena Zelenovic Matone

CISO
European Investment Bank

David Gerhardt

Senior Manager Risk & Security
Norma Group

13:45

  • With new regulatory frameworks being enforced, the protection of critical infrastructure is at the top of every CISO’s agenda in the DACH region.
  • This keynote will explore the importance of conducting comprehensive evaluations of critical infrastructure, helping organizations not only meet new regulatory requirements but also identify existing vulnerabilities that need urgent attention.
  • Gain expert insights who have successfully adapted to new regulatory demands, leveraging advanced security technologies and fostering collaboration with government bodies and industry partners. Real-world advices will demonstrate how cross-sector collaboration enhances infrastructure protection.
  • Attendees will walk away with an actionable strategy for implementing holistic risk assessment and utilizing cutting-edge security technologies to safeguard their critical infrastructure against evolving threats.

14:10

  • Compliance management is one of the most critical areas in cybersecurity today, especially as regulations grow more complex.
  • This session will discuss the development of a unified compliance approach, addressing how to simplify the management of multiple regulations like NIS2, DORA, GDPR and others.
  • Discover how you can streamline compliance efforts, reduce redundancies, and meet regulatory demands more efficiently by fostering cross-functional collaboration and leveraging compliance management technologies.
  • You will leave this session with actionable insights into developing a unified, scalable approach to regulatory compliance.

14:40

  • As cloud adoption continues to grow across DACH, so too do concerns about shared responsibility. Recent incidents highlight the confusion over where a service provider’s responsibility ends and the client’s begins.
  • This session will examine best practices for defining clear roles and responsibilities between cloud service providers and clients. 
  • Attendees will gain insights into how to manage risk in multi-cloud environments, conduct joint risk assessments, and establish communication protocols that reduce the chance of the costly consequences of blurred lines.
  • Attendees will get practical advice on forging partnerships with cloud providers to secure their environments and ensure compliance.

15:00

Coffee Break & 1:1 meetings

15:30

  • Redefining Defense: Explore how AI enhances threat detection and incident response, but also introduces new attack vectors and vulnerabilities.
  • Human Intuition vs. Machine Logic: Debate the effectiveness of human judgment compared to algorithmic precision in identifying complex threats.
  • Automation vs. Accountability: Discuss the challenges of assigning responsibility when AI systems make security decisions autonomously.
  • Innovation or Risk Amplifier?: Examine whether AI-driven security tools are a safeguard or a double-edged sword, potentially exploited by sophisticated attackers.

Filip Nowak

Global Head of Cyber Defense
Ferrero

Team Red

Andrew Byrd

Head CIS Security Office / CISO
NATO

Team Blue

16:05

  • In 2025, AI and machine learning are no longer “future technologies”—they’re essential. With cyberattacks increasing in frequency and sophistication, human security teams cannot keep pace alone.
  • This session will delve into how AI enhances human capabilities, analyzing vast datasets to detect patterns and anomalies that human eyes might miss. German organizations have seen notable success in deploying AI to predict and mitigate cyber threats in real-time.
  • Attend and hear from experts using AI to augment their security operations, improving threat detection rates, reducing response times, and freeing up human resources to tackle complex threats. 
  • This keynote will inspire you to adopt AI-driven solutions to improve efficiency, resilience, and threat mitigation.

16:30

  • Cyberattacks continue to increase in scale and complexity, and automation is no longer a luxury—it’s a necessity. In 2025, AI-driven automation is changing the game for cybersecurity operations.
  • This expert panel will focus on the collaboration between human security teams and AI algorithms in automating threat response. By analyzing vast amounts of data in real-time, AI tools can identify potential security incidents more quickly, suggest and even execute responses.
  • Learn from leading CISOs in the DACH region who have successfully integrated AI into their security operations, streamlining detection, response, and mitigation efforts. Discover how automation can significantly reduce response times and limit damage, while continuous learning algorithms improve security strategies over time.
  • Attendees will gain insights on how to balance automation and human oversight in their cybersecurity operations, ensuring quicker, more effective threat responses.

17:00

Book signing by Florian Jörgens, CISO, Author & Lecturer, author of the "The Human Firewall: Wie eine Kultur der Cyber-Sicherheit geschaffen wird".

18:00

Networking dinner

STEIGENBERGER ICON FRANKFURTER HOF – YOUR LUXURY HOTEL IN FRANKFURT

In the heart of the financial district and the historical city center, we have been welcoming guests in the tradition-steeped Steigenberger Icon Frankfurter Hof since 1876. 

Nordics Edition

C-Level IT Security Event

October 24, 2024

BeNeLux Edition

C-Level IT Security Event

2024

DACH Edition

C-Level IT Security Event

COMING SOON
Nordics, 24 October, 2024
Benelux, 14 November 2024