Stockholm
March 16, 2023
Click on the Fast Link buttons to learn more
Agenda
07:45
Registration
08:00
Hundreds of millions of people work in Chrome every day, and Chrome gives enterprises the controls and protections that keep corporate data safe. When paired with BeyondCorp Enterprise, businesses can secure hybrid and remote workforces and enforce context-aware access controls across managed and unmanaged devices. Google’s approach to secure enterprise browsing protects organizations for internal and external threats. By applying data loss prevention, extension controls, phishing and malware protections and more right within the browser, and giving security teams the reporting and visibility they need, Google is raising the bar on browser security.
Oliver Madden
Browser Specialist EMEA
Google Chrome Enterpris
08:05
Seated Working Roundtable Breakfast powered by Google
08:55
- The FBI’s most recent takedown targeted some of the world’s top DDoS for hire services, and required partnerships with organizations throughout the world.
- Learn how DDoS is likely to affect your organization, what common attacker motivations are, and tips for defense.Learn how DDoS is likely to affect your organization, what common attacker motivations are, and tips for defense.
- DDoS is a subset of the cyber criminal ecosystem. Learn about the criminal organizations promoting these services, what they cost, and where they are sold.
Elliott Peterson
Federal Bureau of Investigation (FBI)
08:55
Having a successful security posture is more easily said than done. It takes a well-designed strategy for a host of multi-faceted parameters to come together to truly bring security to an organization.
Security Culture, being the ideas, customs, and social behaviors of an organization that influence security, is a powerful tool to help nurture and sustain that which keeps your organization safe.
In this session, we’ll be hearing from industry expert Jelle Wieringa about how you can use security culture to your advantage. Based on statistics from academic research, combined with real-world experience, you’ll hear everything you need to know to better understand what it can bring you and your organization.
In this session you will learn:
- What defines a Security Culture;
- How can you measure and better understand your existing security culture;
- What are proven and practical ways to grow your security culture?
Jelle Wieringa
Security Awareness Advocate
KnowBe4
09:20
- The zero-trust strategy dispenses with the conventional notion that businesses should trust everyone or everything that is connected to a network or protected by a firewall
- System and network administrators should regulate access to business networks or systems based on individual users’ roles, which are defined by their job title, level of authority, and responsibility within the business
- Human and device identification – digital identities both for humans and devices (aplications)
Teresia Wilstedt
CISO,
MedMera Bank
Anders Wockatz
CISO,
The municipality of Dals-Ed
Tomi Dahlberg
Senior Advisor Cyber Security
Valtiokonttori (State Treasury of Finland)
Thomas Evertsson
Head of IT Northern Europe
DNB Bank
Chris Dearden
Senior Sales Engineer
Delinea
09:55
Turning Level 1 Analysts into Threat Hunters
Staffan Olsen
Senior Sales Engineer
ExtraHop
10:30
As organizations have accelerated their move to the cloud, a common problem is the shortage of trained professionals with cloud security expertise. Recent research found that 84% of organizations rank themselves at the lowest level of cloud security maturity, and more than 80% of those organizations also admitted to not having a dedicated cloud security team/team lead*.
At this session, we’ll explain how to determine the cloud security maturity level of your organization and how to leverage Cloud-Native Application Protection Platform (CNAPP) to advance the maturity level.
You will learn how to:
- Automate complex cloud security operations through meaningful visualization and step- by-step guidance.
- Take an identity-first approach to dramatically reduce your cloud attack surface and enforce least privilege at scale.
- Leverage Ermetic to empower stakeholders across the organization to drive accurate risk prioritization and remediation across multicloud environments.
Arick Goomanovsky
CBO & Co-Founder
Ermetic
10:55
- What are the biggest global trends that will impact the IT and cybersec landscape (sustainability, net zero targets – people keeping laptops/phones longer – quantum computing)
- Where does the greatest danger come from?
- How adversely this situation has affected the industry
- Which markets can be the target group
- How to overcome and handle things within these situations
Thea Sogenbits
CISO,
Estonian Tax and Customs
Elpidoforos Arapantonis
Senior IT security manager
Volvo Autonomous Solutions
Anders Jared
CISO
Bravida
Lars-Gunnar Marklund
IT Security & Risk manager
Boliden Group
Fredrik Forslund
VP & GM of International Business
Blancco
11:30
Modern cloud native technologies enable you to build, deploy, and scale rapidly. But this increased complexity exposes your application to new risks and vulnerabilities. Each layer of your cloud native application – spanning your code, third party dependencies, containers, and clusters – exposes you to new security concerns. Learn how you can protect your application through clear remediation actions and best practices for each attack scenario.
Mathias Conradt
SNYK
11:55
5 Lesser-Known Open Source Security Facts
Rhys Arkins
VP of Product Management
Mend
12:00
Seated Lunch & 1-1 meetings powered by Mend
13:00
Information security are more than just protecting the business assets with help of technology. It’s even a fair deal of developing procedures, processes and employees. During this talk Tobias will guide us into why information security culture is important, but also what we need do to to get the whole organization to participate in protecting the information.
Tobias Ander
CISO
Örebro Kommun
13:25
- Historically, shifting left has been seen as a silver bullet to reduce risk
- Modern DevSecOps should have a strong focus on production environments
- Fast resolution times should be prioritized over shifting left to add business value
Rickard Carlsson
Rickard Carlsson, CEO & Co-founder
Detectify
13:50
- Many cyberattacks fall into a murky region below the threshold of total war since there are no international norms
- CI (Critical Infrastructure) assets that supports transportation, food delivery, utilities and commerce in general, as main target
- Onsite attacks against the Wi-Fi networks of target organizations
- What do we need to know about CUBA organisation (a group of Russian e-criminals who are targeting Swedish national institutes in maner to spread fear)
Sofia Staaf Frederiksen
Head of Information
Apoteket AB
Jacqueline Johnson
CISO
Danish Energy Grid
Khalid Khan
Business Transformation Lead – EMEA
Forcepoint
Anthony Herring
Nordic Head of Cyber Underwriting
RiskPoint Group
14:25
- Cybersecurity disruption using AI technology
- Codefix: Enhancing Application Security Testing accuracy by teaching AI to read code and look for vulnerabilities
- PurpleAI: Augmenting Red-Team exercises by teaching an AI agent to autonomously infiltrate corporate networks and bypass security controls
- Recent technology advancements and impact on future Cyber warfare
Raviv Raz
Cloud Security Manager
ING BANK
14:50
- What happens to trust when clients of a critical supplier get encrypted? Can the supplier be trusted and how to restore a breach of trust? Insights and learnings will be discussed and shared from 2021 when REvil used zero-days in Kaseya VSA to encrypt COOP and three other major retailers.
- What happens when you return to “normal”? Is trust restored once the incident is resolved?
- How does past learnings impact future discussions when it is time to procure next generation technology?
- How to balance interpersonal trust with legal/compliance requirements on cybersecurity supply chain risks.
Elin Ryrfeldt
CISO
Axfood
Johan Nordin
Director of IT & IS
Extenda Retail<
15:10
NETWORKING & 1-1 meetings
15:30
Get ready to take your cloud security to the next level and take control of your cloud defence. In this action-packed case study, unveil the secret to detecting and thwarting attack paths that exploit vulnerabilities to target over privileged users.
Discover how to fortify your cloud security with just a simple click by applying the least privilege approach. Join us to supercharge your cloud security and say goodbye to complex fixes with the agentless approach.
Guy Rubinger
Cybersecurity Field Engineer
Orca Security
15:55
- Data migration is the best time to attack
- Denial of service – history or still the greatest danger
- How long does it take to detect an inside threat – weeks? months? years?
Nigel Gibbons
Director, Senior Adviser & Global Cloud Security Practice Lead
NCC Group
Johanna Molander
Global Compliance Manager Data Privacy
Sandvik
Shahid Raza
Director of Cybersecurity Unit
RISE
Bernard Helou
Head of IT Governance
Lendo Group
Antanas Kedys
Chief Information Security Officer
Nexpay
16:30
You can only protect the assets you know of, so it’s important to have a high visibility on all your internet-facing assets. Even more in times like these in which states/hackers/the bad guys try to cause havoc. They do not need to target you specifically, but they will find your assets, you do not know about.
Benjamin Bachmann
Vice President Group Information Security
Ströer SE & Co. KGa
16:50
- Understanding the offensive side first
- Reduces disciplinary sanctions in the event of a cyber attack
- Benefits of cybersecurity architecture
- Constant improvement of the system as a solution for the most secure architecture
Aubrey Turner
Executive Advisor
Ping Identity
Patrick Kall
Head of Security GRC
Einride
Jonas Rendahl
CISO
Aurobay
Prashant Agarwal
Program Leader
Booking.com
17:20
Leg Stretcher & 1 to 1 Meetings
17:40
Ransomware attacks are on the rise, and no one is safe. Businesses of all kinds, particularly those with vulnerable online systems, need to remain vigilant and take proactive steps to protect themselves.
This includes regularly updating software and hardware, implementing strong security protocols, training staff in cybersecurity best practices, and having a backup system in place in case of an attack. Finally, businesses should keep up to date with the latest attack trends and consider engaging with a cybersecurity specialist for additional advice and guidance.
Ståle Risem-Johansen
Former CISO
SpareBank SMN1
18:00
Paul will be speaking about how social engineering and mind reading techniques can be used to attack companies. After the release of his book “MentalTheft” where he explains how a mind reader can steal personal information from anyone, he now speaks about attacks that he has organised, how we can stop people like him and how your frontline staff can be prepared to be the best form of defence possible.
