Welcome to the Next IT Security – C-Suites Edition, the most EXCLUSIVE cyber security event in the world, where we will bring together cybersecurity leaders and experts from the Nordic to share knowledge and insights on the latest trends and technologies in the field.
In this edition of C-Suites we will delve with some interesting business critical topics.
- Advanced New Technologies in the Service of Security Awareness: Explore how emerging technologies are reshaping Security Awareness programs, empowering organisations with novel tools and strategies.
- Quantum Computing Takes Center Stage: Witness the practical accessibility of quantum computing with the latest market innovations, unravelling a new era of computational possibilities.
- Unveiling the Vulnerable World of IoT: Embark on a journey to the edge of cybersecurity, where IoT vulnerabilities pose unprecedented challenges, and innovative solutions are paramount.
- NIS2, DORA & GDPR Continuing Impact: Navigate the evolving landscape shaped by NIS2, DORA, and GDPR regulations, influencing cybersecurity strategies and compliance measures.
- Cloud Challenges – Data Loss, Shared Vulnerabilities, and More: Explore the complexities surrounding data loss and recovery, shared vulnerabilities in cloud environments, and the ongoing struggle for control and visibility in the cloud landscape.
Next IT Security aims to equip our readers with insights into the forefront of cybersecurity, where adaptation and innovation are indispensable in safeguarding the digital frontier.
Our goal is to create a collaborative environment where cybersecurity C-Suites can exchange ideas and best practices.
Agenda October 2024
07:45
Registration & POWER BREAKFAST
Let's open the conference with a power breakfast where you will have the opportunity for the first morning networking with colleagues from different industries and a chance to make new acquaintances and exchange business cards.
08:35
- Role of law enforcement: Craig’s presentation delves into how law enforcement, including organizations like INTERPOL, plays a vital role in preventing, detecting, and disrupting cybercrime on national, regional, and global scales.
- Collaborative efforts and innovative strategies: Explore the collaborative efforts and innovative strategies employed by law enforcement agencies and public-private partnerships worldwide to safeguard digital infrastructure and combat cyber threats effectively.
- International cooperation and capacity building: Gain insights into the proactive measures taken by law enforcement and other stakeholders to enhance international cooperation, information sharing, and capacity building, crucial for upholding the rule of law and combating cybercrime amid complex geopolitical dynamics.
Craig Jones
Director Cybercrime at INTERPOL
09:00
Outdated security models are no longer sufficient to protect modern enterprises. It’s time to rethink the fundamentals of your IT infrastructure.
A Zero Trust architecture offers a proactive approach to security, safeguarding your business by:
* Strengthening security: Implementing access controls and continuous verification to prevent unauthorized access and data breaches.
* Simplifying operations: Streamlining IT processes and reducing operational overhead through automation and centralized management.
* Building a resilient future: Adapting to evolving threats and emerging technologies while maintaining a strong security posture.
In this session, you will learn:
* How a Zero Trust architecture can protect your enterprise from today’s cyber threats.
* The steps to embark on your Zero Trust journey.
Sebastian Kemi
CISO
Residence
09:25
- Everything starts with awareness. A chain is only as strong as its weakest link. Don’t shy away from the new techniques emerging in the market. Embrace them and leverage them to your advantage—this is the path to success.
- Awareness is your responsibility. If it’s not at a basic level, there are no excuses. You will be held accountable if something goes wrong. Therefore, you need to be both a manager and a psychologist, more than just a technician, and find appropriate ways to reach every individual. Use all resources available.
- Trust is key to success in everything, both for people and technology. However, you must always maintain control and manage the business without relying 100% on any single solution. Leaders in their sectors understand this well, especially in alignment with the rigorous Nordics Digitalization Standards.
Kranti Kumar Dasari
Director - Security Operations & Incident Response
Nasdaq
Jakob Stenstave
CISO
The HCI Group
Jan Olsson
Kriminalkommissarie
Polismyndigheten, Nationellt It-brottscentrun (SC3)
Jimmi Ernberg
Chief Security Governance
Bankgirot
10:00
Having a successful security posture is more easily said than done. It takes a well-designed strategy for a host of multi-faceted parameters to come together to truly bring security to an organization.
Security Culture, being the ideas, customs, and social behaviors of an organization that influence security, is a powerful tool to help nurture and sustain that which keeps your organization safe.
In this session, we’ll be hearing from industry expert Jelle Wieringa about how you can use security culture to your advantage. Based on statistics from academic research, combined with real-world experience, you’ll hear everything you need to know to better understand what it can bring you and your organization.
In this session you will learn:
- What defines a Security Culture;
- How can you measure and better understand your existing security culture;
- What are proven and practical ways to grow your security culture?
Dr. Martin J. Kraemer
Security Awareness Advocate KnowBe4
10:20
Coffee break and 1-1 meetings
10:50
- Biometric Authentication Education:
Delve into the realm of biometric authentication and its role in enhancing security awareness. Understand the principles and practices of biometrics, emphasizing the importance of biometric literacy in the modern cybersecurity landscape.
- Interactive Simulations and Incident Response Training:
Discover the impact of interactive simulations in preparing users for real-world cyber threats. This topic emphasizes incident response training through lifelike simulations, enabling users to practice and refine their responses to security incidents.
- Cybersecurity Virtual Labs for Hands-On Experience:
Explore the concept of cybersecurity virtual labs, providing hands-on experiences for users to interact with cybersecurity tools and scenarios. Understand the significance of practical learning in building a strong security awareness foundation.
11:15
- How are organisations identifying the risk levels within their ICT dependencies?
- What strategies have organisations been adopting to address third-party risk and contracts?
- Do internal and external auditors accept reduction of controls according to risk?
- What types of measures can be taken to maintain CIAA whether data is at rest, in use or in transit?
Moderator: Edward Asiedu
Senior Principal Security Strategist
DataBee by Comcast Technologies Solutions
Sofia Staff Frederiksen
Head of Information Security
Apoteket AB
Jan Öhman
CISO
Polystar OSIX
Jacqueline Johnson
CISO
Danish Energy Grid
Giovanni Söderman
Vice President Global IT
Consilium Safety Group
11:50
Join Klas Elmby, CIO at Semcon as he shares his journey to reduce exposure and manage security gaps with Automated Security Validation. He will reveal the challenges he faced and how he overcame them to increase his organization’s overall security posture.
Klas Elmby
CIO
Semcon
12:10
Firestarter Illumio
12:10
Lunch Break
13:10
Firestarter Canonical
13:15
We are all aware that we shouldn’t click links in suspicious emails. Then why is it that we do so time and time again.
In this speech we will dive into the human mind and take a look at how our psychology affects us and our colleagues and why mindless e-learnings does not change our behavior.
With an easy 5 step framework you can map your risky behaviors, exchange them with secure behavior and even map your progress.
Sarah Aalborg
CISO
Tivoli
13:40
- Immersive Learning Experiences:
Dive into the world of immersive technologies like virtual reality (VR) and augmented reality (AR) to revolutionize security training, creating lifelike scenarios that enhance user engagement and retention.
- Gamification for Active Participation:
Uncover the power of gamification in transforming mundane security awareness programs into interactive and engaging experiences, fostering active participation and knowledge retention among users.
- AI-Driven Personalized Training:
Explore the role of artificial intelligence in tailoring security awareness training, leveraging personalized content delivery, adaptive learning paths, and real-time feedback to address individual learning needs.
14:05
AI: A potential paradise alley for cybersecurity advancements, promising enhanced threat detection, automated response, and efficient risk mitigation. The road to a dystopian future: Concerns arise regarding AI’s susceptibility to manipulation, biases, and unintended consequences, posing new security challenges. Balancing innovation with caution: Embracing AI in cybersecurity requires careful consideration of ethical implications, regulatory frameworks, and proactive risk management strategies.
Per Gustavsson
CISO
Stratsys and Affiliate a Research Faculty,
C4I & Cyber Center GMU
Team Blue
Magnus Carling
CISO
Stena AB, a book author of Svart Kod Trilogy and Monster
Team Red
14:40
Join Snehal Antani, CEO of Horizon3.ai, for an eye-opening session where he’ll discuss real-world examples of what NodeZero discovered in networks just like yours. You’ll hear about how fast and easy it is to compromise some of the largest networks in the world – with full domain takeover – often in minutes, and sometimes, without even exploiting a CVE. Discover how autonomous pentesting helps find unknown weaknesses in your infrastructure before attackers do.
During this session, you’ll learn how organizations just like yours are using autonomous pentesting to:
- Secure their supply chains to ensure they’re not accepting someone else’s risk.
- Discover weaknesses in cloud implementations that could result in compromise.
- Set up an early detection system for actual threats in the most high-risk areas.
Snehal Antani
CEO and Co-Founder of
Horizon3 AI
15:00
Coffee Break & 1-1 meetings
15:30
- Why detection and response are bound to fail
- Networks are too open, accounts are too permissive
- Actionable solutions that help prevent
Pieter Wigleven
Director of Customer Engineering at
Zero Networks
16:30
Annual C-Suite Cruise
16:30
- Targeting of Internet of Things (IoT) Devices. With the proliferation of IoT devices, cyber criminals will increasingly focus on exploiting their vulnerabilities
- IoT devices often have weak security measures, making them attractive targets for hackers. We can expect attacks targeting smart homes, connected cars, and industrial IoT systems to become more prevalent.
With the widespread adoption of the internet of things (IoT) , compromise of devices can be used for data theft, botnets, or even physical damage in critical sectors.
Sharon Larsson
CISO Svenska Spel
Ola Pontén
CISO
SCA
Lyzia van Iterson
Cybersecurity Leader
LKQ Europe
Anders Björklund
CISO
Anticimex Group
16:55
The transformative impact of quantum computing on cybersecurity. The potential of quantum technologies to disrupt current encryption methods, What will the emergence of quantum-safe cryptographic solutions look like? Strategic implications for securing sensitive data in the quantum era
Martin Karlsson
CISO
Quinyx
Petri Ala-Annala
CISO
Nobia
Alan Lucas
CISO
Homefashion Group B.V.
Jörgen Ottosson
CISO & DPO
Bits Data
17:30
In Mergers and Acquisitions (M&A), cybersecurity emerges as a critical but often overlooked dimension. The talk explores the unique cybersecurity challenges that companies face during M&A transactions, emphasizing the role of the CISO and the security team. We will explore why traditional due diligence processes frequently fall short in adequately assessing risks and the strategies we can employ to manage risks under the pressure of tight deadlines and uncertainty. Using real-world examples and practical tips for effective risk mitigation, the talk aims to equip executives and CISOs with the tools necessary to navigate these high-stakes situations, ensuring a secure and beneficial outcome for all parties involved.
- Due Diligence Challenges: Discuss the inherent weaknesses in M&A due diligence processes regarding technology and cybersecurity, and why these can lead to unexpected threats.
- Strategies for CISOs: Proactive strategies and techniques for CISOs to enhance due diligence, have a wide view on risks while understanding the investment narrative and navigate throughout the process without surprises.
- Post-Merger Integration: How to continue cybersecurity efforts after signing the deal, ensuring the progress of security and integration of the acquired target.