Welcome to the Next IT Security – C-Suites Edition, the most EXCLUSIVE cyber security event in the world, where we will bring together cybersecurity leaders and experts from the Nordic to share knowledge and insights on the latest trends and technologies in the field.
In this edition of C-Suites we will delve with some interesting business critical topics.
- Advanced New Technologies in the Service of Security Awareness: Explore how emerging technologies are reshaping Security Awareness programs, empowering organisations with novel tools and strategies.
- Quantum Computing Takes Center Stage: Witness the practical accessibility of quantum computing with the latest market innovations, unravelling a new era of computational possibilities.
- Unveiling the Vulnerable World of IoT: Embark on a journey to the edge of cybersecurity, where IoT vulnerabilities pose unprecedented challenges, and innovative solutions are paramount.
- NIS2, DORA & GDPR Continuing Impact: Navigate the evolving landscape shaped by NIS2, DORA, and GDPR regulations, influencing cybersecurity strategies and compliance measures.
- Cloud Challenges – Data Loss, Shared Vulnerabilities, and More: Explore the complexities surrounding data loss and recovery, shared vulnerabilities in cloud environments, and the ongoing struggle for control and visibility in the cloud landscape.
Next IT Security aims to equip our readers with insights into the forefront of cybersecurity, where adaptation and innovation are indispensable in safeguarding the digital frontier.
Our goal is to create a collaborative environment where cybersecurity C-Suites can exchange ideas and best practices.
Agenda October 2024
07:45
Registration & POWER BREAKFAST
Let's open the conference with a power breakfast where you will have the opportunity for the first morning networking with colleagues from different industries and a chance to make new acquaintances and exchange business cards.
08:35
- Role of law enforcement: Craig’s presentation delves into how law enforcement, including organizations like INTERPOL, plays a vital role in preventing, detecting, and disrupting cybercrime on national, regional, and global scales.
- Collaborative efforts and innovative strategies: Explore the collaborative efforts and innovative strategies employed by law enforcement agencies and public-private partnerships worldwide to safeguard digital infrastructure and combat cyber threats effectively.
- International cooperation and capacity building: Gain insights into the proactive measures taken by law enforcement and other stakeholders to enhance international cooperation, information sharing, and capacity building, crucial for upholding the rule of law and combating cybercrime amid complex geopolitical dynamics.
Craig Jones
Director Cybercrime at INTERPOL
09:00
Outdated security models are no longer sufficient to protect modern enterprises. It’s time to rethink the fundamentals of your IT infrastructure.
A Zero Trust architecture offers a proactive approach to security, safeguarding your business by:
* Strengthening security: Implementing access controls and continuous verification to prevent unauthorized access and data breaches.
* Simplifying operations: Streamlining IT processes and reducing operational overhead through automation and centralized management.
* Building a resilient future: Adapting to evolving threats and emerging technologies while maintaining a strong security posture.
In this session, you will learn:
* How a Zero Trust architecture can protect your enterprise from today’s cyber threats.
* The steps to embark on your Zero Trust journey.
Sebastian Kemi
CISO
in Residence at Zscaler
09:25
- Everything starts with awareness. A chain is only as strong as its weakest link. Don’t shy away from the new techniques emerging in the market. Embrace them and leverage them to your advantage—this is the path to success.
- Awareness is your responsibility. If it’s not at a basic level, there are no excuses. You will be held accountable if something goes wrong. Therefore, you need to be both a manager and a psychologist, more than just a technician, and find appropriate ways to reach every individual. Use all resources available.
- Trust is key to success in everything, both for people and technology. However, you must always maintain control and manage the business without relying 100% on any single solution. Leaders in their sectors understand this well, especially in alignment with the rigorous Nordics Digitalization Standards.
Kranti Kumar Dasari
Director - Security Operations & Incident Response
Nasdaq
Jakob Stenstave
CISO
The HCI Group
Jan Olsson
Kriminalkommissarie
Polismyndigheten, Nationellt It-brottscentrun (SC3)
Martin Karlsson
CISO
Quinyx
10:00
Having a successful security posture is more easily said than done. It takes a well-designed strategy for a host of multi-faceted parameters to come together to truly bring security to an organization.
Security Culture, being the ideas, customs, and social behaviors of an organization that influence security, is a powerful tool to help nurture and sustain that which keeps your organization safe.
In this session, we’ll be hearing from industry expert Jelle Wieringa about how you can use security culture to your advantage. Based on statistics from academic research, combined with real-world experience, you’ll hear everything you need to know to better understand what it can bring you and your organization.
In this session you will learn:
- What defines a Security Culture;
- How can you measure and better understand your existing security culture;
- What are proven and practical ways to grow your security culture?
Dr. Martin J. Kraemer
Security Awareness Advocate KnowBe4
10:20
Coffee break and 1-1 meetings
10:50
Firestarter Sonatype
10:55
As organizations navigate the complexities of AI adoption, governance and compliance, and digital transformation, cloud security has become a strategic priority. The challenge is not just safeguarding data but leveraging security investments to unlock business value. In this session with Wiz, we’ll explore proven strategies for aligning cloud security with business objectives to drive ROI, operational efficiency, and innovation. Learn how advancing cloud security maturity can fuel growth, mitigate risk, and deliver a competitive edge in an increasingly digital economy.
Prateek Goel
Business Value Advisory
Wiz
11:20
- How are organisations identifying the risk levels within their ICT dependencies?
- What strategies have organisations been adopting to address third-party risk and contracts?
- Do internal and external auditors accept reduction of controls according to risk?
Moderator: Edward Asiedu
Senior Principal Security Strategist
DataBee by Comcast Technologies Solutions
Sofia Staff Frederiksen
Head of Information Security
Apoteket AB
Teresia Willstedt
CISO
MedMera Bank
Jan Öhman
Former CISO
Elisa Polystar
Giovanni Söderman
Vice President Global IT
Consilium Safety Group
11:55
Join Klas Elmby, CIO at Semcon as he shares his journey to reduce exposure and manage security gaps with Automated Security Validation. He will reveal the challenges he faced and how he overcame them to increase his organization’s overall security posture.
Klas Elmby
CIO
Semcon and Daniel Grønbek Regional Leader at Pentera
12:15
Firestarter Illumio
12:15
Lunch Break
13:10
Firestarter Canonical
13:15
We are all aware that we shouldn’t click links in suspicious emails. Then why is it that we do so time and time again.
In this speech we will dive into the human mind and take a look at how our psychology affects us and our colleagues and why mindless e-learnings does not change our behavior.
With an easy 5 step framework you can map your risky behaviors, exchange them with secure behavior and even map your progress.
Sarah Aalborg
CISO
Tivoli
13:40
In the age of AI, where threat actors are starting to use AI, how is threat intelligence changing?
This talk will briefly cover the most important emerging AI-enabled threats, as well as a deep dive into how AI can enable real time threat intelligence, both empowering threat analysts and automating defences.
Staffan Truvé
Co-Founder & Chief Technology Officer (CTO)
Recorded Future
14:05
Moderator: Kaare Mortensen
Presales consultant
Thales
Martin Karlsson
CISO
Quinyx
Nicola Sotira
Head of CERT
Poste Italiane
Alan Lucas
CISO
Homefashion Group B.V.
Per Gustavsson
CISO
Stratsys and Affiliate a Research Faculty,
C4I & Cyber Center GMU
14:40
Join Snehal Antani, CEO of Horizon3.ai, for an eye-opening session where he’ll discuss real-world examples of what NodeZero discovered in networks just like yours. You’ll hear about how fast and easy it is to compromise some of the largest networks in the world – with full domain takeover – often in minutes, and sometimes, without even exploiting a CVE. Discover how autonomous pentesting helps find unknown weaknesses in your infrastructure before attackers do.
During this session, you’ll learn how organizations just like yours are using autonomous pentesting to:
- Secure their supply chains to ensure they’re not accepting someone else’s risk.
- Discover weaknesses in cloud implementations that could result in compromise.
- Set up an early detection system for actual threats in the most high-risk areas.
Snehal Antani
CEO and Co-Founder of
Horizon3 AI
15:00
Coffee Break & 1-1 meetings
15:30
In today’s threat landscape, a multi-faceted cybersecurity strategy is crucial to blocking ransomware and halting lateral movement. By integrating network and identity segmentation both to IT assets and OT/IOT assets with network-layer MFA, organizations can establish a robust defense against attacks while securing unmanaged OT, IoT, and IIoT devices.
Join our interactive roundtable with Benny Lakunishok to discuss key components of a modern, zero trust architecture:
- Microsegmentation: Effectively prevent lateral movement and ransomware attacks, safeguarding your network down to the asset level and unmanageable OT/IoT/IIoT devices.
- Identity Segmentation: Enhance security with granular access controls based on user, device, and application identities, reducing your attack surface.
- Network-Layer MFA: Leverage just-in-time MFA to block unauthorized access even if credentials are compromised.