Welcome to the Next IT Security – C-Suites Edition, the most EXCLUSIVE cyber security event in the world, where we will bring together cybersecurity leaders and experts from the Nordic to share knowledge and insights on the latest trends and technologies in the field. 

In this edition of C-Suites we will delve with some interesting business critical topics.

  • Advanced New Technologies in the Service of Security Awareness: Explore how emerging technologies are reshaping Security Awareness programs, empowering organisations with novel tools and strategies.
  • Quantum Computing Takes Center Stage: Witness the practical accessibility of quantum computing with the latest market innovations, unravelling a new era of computational possibilities.
  • Unveiling the Vulnerable World of IoT: Embark on a journey to the edge of cybersecurity, where IoT vulnerabilities pose unprecedented challenges, and innovative solutions are paramount.
  • NIS2, DORA & GDPR Continuing Impact: Navigate the evolving landscape shaped by NIS2, DORA, and GDPR regulations, influencing cybersecurity strategies and compliance measures. 
  • Cloud Challenges – Data Loss, Shared Vulnerabilities, and More: Explore the complexities surrounding data loss and recovery, shared vulnerabilities in cloud environments, and the ongoing struggle for control and visibility in the cloud landscape.

Next IT Security aims to equip our readers with insights into the forefront of cybersecurity, where adaptation and innovation are indispensable in safeguarding the digital frontier. 

Our goal is to create a collaborative environment where cybersecurity C-Suites can exchange ideas and best practices.

Agenda October 2024




Power Breakfast

Let's open the conference with a power breakfast where you will have the opportunity for the first morning networking with colleagues from different industries and a chance to make new acquaintances and exchange business cards.


  • Role of law enforcement: Craig’s presentation delves into how law enforcement, including organizations like INTERPOL, plays a vital role in preventing, detecting, and disrupting cybercrime on national, regional, and global scales.
  • Collaborative efforts and innovative strategies: Explore the collaborative efforts and innovative strategies employed by law enforcement agencies and public-private partnerships worldwide to safeguard digital infrastructure and combat cyber threats effectively.
  • International cooperation and capacity building: Gain insights into the proactive measures taken by law enforcement and other stakeholders to enhance international cooperation, information sharing, and capacity building, crucial for upholding the rule of law and combating cybercrime amid complex geopolitical dynamics.

Craig Jones

Director Cybercrime at INTERPOL


  • Everything starts with awareness. A chain is only as strong as its weakest link. Don’t shy away from the new techniques emerging in the market. Embrace them and leverage them to your advantage—this is the path to success.
  • Awareness is your responsibility. If it’s not at a basic level, there are no excuses. You will be held accountable if something goes wrong. Therefore, you need to be both a manager and a psychologist, more than just a technician, and find appropriate ways to reach every individual. Use all resources available.
  • Trust is key to success in everything, both for people and technology. However, you must always maintain control and manage the business without relying 100% on any single solution. Leaders in their sectors understand this well, especially in alignment with the rigorous Nordics Digitalization Standards.

Kranti Kumar Dasiri

Director - Security Operations & Incident Response

Jakob Stenstave

The HCI Group

Jan Olsson

Polismyndigheten, Nationellt It-brottscentrun (SC3)

Jimmi Ernberg

Chief Security Governance


  • Evolving IoT Threat Landscape:

Uncover the dynamic nature of threats surrounding IoT devices, from sophisticated attacks to emerging vulnerabilities, demanding a proactive cybersecurity stance.

  • Edge Computing Amplifying Risks:

Explore how the adoption of edge computing intensifies cybersecurity risks, necessitating novel strategies to secure decentralized networks and sensitive data at the edge.

  • The Human Element in IoT Security:

Delve into the often overlooked human factors contributing to IoT vulnerabilities, emphasizing the significance of user awareness, training, and responsible device usage.


Coffee break and 1-1 meetings


  • Biometric Authentication Education:

Delve into the realm of biometric authentication and its role in enhancing security awareness. Understand the principles and practices of biometrics, emphasizing the importance of biometric literacy in the modern cybersecurity landscape.

  • Interactive Simulations and Incident Response Training:

Discover the impact of interactive simulations in preparing users for real-world cyber threats. This topic emphasizes incident response training through lifelike simulations, enabling users to practice and refine their responses to security incidents.

  • Cybersecurity Virtual Labs for Hands-On Experience:

Explore the concept of cybersecurity virtual labs, providing hands-on experiences for users to interact with cybersecurity tools and scenarios. Understand the significance of practical learning in building a strong security awareness foundation.


  • How are organisations identifying the risk levels within their ICT dependencies?
  • What strategies have organisations been adopting to address third-party risk and contracts?
  • Do internal and external auditors accept reduction of controls according to risk?
  • What types of measures can be taken to maintain CIAA whether data is at rest, in use or in transit?

Moderator: Edward Asiedu

Senior Principal Security Strategist
DataBee by Comcast Technologies Solutions

Sofia Staff Frederiksen

Head of Information Security
Apoteket AB

Jan Öhman

Polystar OSIX

Jacqueline Johnson

Danish Energy Grid

Giovanni Söderman

Vice President Global IT
Consilium Safety Group


  • Updates on NIS2 Compliance Requirements:

Explore the latest developments in the Network and Information Systems Directive (NIS2), unraveling the compliance requirements and implications for organizations. Gain insights into strategies for aligning cybersecurity practices with NIS2 standards.

  • DORA Framework for Enhanced Operational Resilience:

Delve into the Depository Trust & Clearing Corporation’s (DTCC) DORA (Distributed Ledger Technology Open-source Regulatory Reporting) framework. Understand how DORA influences operational resilience and cybersecurity practices in the financial sector, providing valuable lessons for diverse industries.

  • GDPR’s Ongoing Impact on Data Protection:

Examine the ongoing influence of the General Data Protection Regulation (GDPR) on data protection practices. Uncover the evolving expectations for data privacy, emphasizing the importance of adapting cybersecurity strategies to ensure continuous compliance with GDPR provisions.


Lunch Break


  • We are all aware that we shouldn’t click links in suspicious emails. Then why is it that we do so time and time again.

    In this speech we will dive into the human mind and take a look at how our psychology affects us and our colleagues and why mindless e-learnings does not change our behavior.

    With an easy 5 step framework you can map your risky behaviors, exchange them with secure behavior and even map your progress.

Sarah Aalborg



  • Immersive Learning Experiences:

Dive into the world of immersive technologies like virtual reality (VR) and augmented reality (AR) to revolutionize security training, creating lifelike scenarios that enhance user engagement and retention.

  • Gamification for Active Participation:

Uncover the power of gamification in transforming mundane security awareness programs into interactive and engaging experiences, fostering active participation and knowledge retention among users.

  • AI-Driven Personalized Training:

Explore the role of artificial intelligence in tailoring security awareness training, leveraging personalized content delivery, adaptive learning paths, and real-time feedback to address individual learning needs.


  • Targeting of Internet of Things (IoT) Devices. With the proliferation of IoT devices, cyber criminals will increasingly focus on exploiting their vulnerabilities
  • IoT devices often have weak security measures, making them attractive targets for hackers. We can expect attacks targeting smart homes, connected cars, and industrial IoT systems to become more prevalent.

With the widespread adoption of the internet of things (IoT) , compromise of devices can be used for data theft, botnets, or even physical damage in critical sectors.

Sharon Larsson

CISO Svenska Spel

Ola Pontén


Lyzia van Iterson

Cybersecurity Leader
LKQ Europe

Anders Björklund

Anticimex Group


  • Holistic Approach to Regulatory Compliance:

Discuss the need for a holistic approach to regulatory compliance, integrating NIS2, DORA, and GDPR requirements into a unified cybersecurity strategy. Highlight the benefits of an integrated approach for streamlined compliance efforts.

  • Cybersecurity as a Business Enabler:

Explore how organizations can leverage cybersecurity measures not just for compliance but as a strategic business enabler. Understand the role of cybersecurity in enhancing operational efficiency, customer trust, and overall business resilience within the regulatory framework.

  • Preparing for Future Regulatory Shifts:

Anticipate and prepare for future shifts in cybersecurity regulations. Discuss proactive measures organizations can take to adapt swiftly to evolving regulatory landscapes, ensuring a future-proof cybersecurity posture that goes beyond compliance.


Coffee Break & 1-1 meetings


  • Explore the concept of adaptive security frameworks tailored for the IoT environment, offering dynamic threat detection, real-time response mechanisms, and continuous security updates.
  • Blockchain Integration for Trustworthiness:

Uncover the potential of blockchain technology in establishing trustworthiness within IoT ecosystems, providing transparent and tamper-proof transactional records to enhance device integrity.

  • AI-Powered Threat Intelligence:

Embrace the role of artificial intelligence in IoT cybersecurity, leveraging advanced threat intelligence algorithms to predict, detect, and respond to evolving threats, ensuring a proactive defense strategy.


AI: A potential paradise alley for cybersecurity advancements, promising enhanced threat detection, automated response, and efficient risk mitigation. The road to a dystopian future: Concerns arise regarding AI’s susceptibility to manipulation, biases, and unintended consequences, posing new security challenges. Balancing innovation with caution: Embracing AI in cybersecurity requires careful consideration of ethical implications, regulatory frameworks, and proactive risk management strategies.

Per Gustavsson

Stratsys and Affiliate a Research Faculty, C4I & Cyber Center GMU

Team Blue

Magnus Carling

Stena AB, a book author of Svart Kod Trilogy and Monster

Team Red


The transformative impact of quantum computing on cybersecurity. The potential of quantum technologies to disrupt current encryption methods, What will the emergence of quantum-safe cryptographic solutions look like? Strategic implications for securing sensitive data in the quantum era

Martin Karlsson


Petri Ala-Annala


Aleksei Lutsenko

Information Security & Data Privacy Leader

Jörgen Ottosson

Bits Data


In Mergers and Acquisitions (M&A), cybersecurity emerges as a critical but often overlooked dimension. The talk explores the unique cybersecurity challenges that companies face during M&A transactions, emphasizing the role of the CISO and the security team. We will explore why traditional due diligence processes frequently fall short in adequately assessing risks and the strategies we can employ to manage risks under the pressure of tight deadlines and uncertainty. Using real-world examples and practical tips for effective risk mitigation, the talk aims to equip executives and CISOs with the tools necessary to navigate these high-stakes situations, ensuring a secure and beneficial outcome for all parties involved.

  • Due Diligence Challenges: Discuss the inherent weaknesses in M&A due diligence processes regarding technology and cybersecurity, and why these can lead to unexpected threats.
  • Strategies for CISOs: Proactive strategies and techniques for CISOs to enhance due diligence, have a wide view on risks while understanding the investment narrative and navigate throughout the process without surprises.
  • Post-Merger Integration: How to continue cybersecurity efforts after signing the deal, ensuring the progress of security and integration of the acquired target.

Zsolt Fabian

Group Cybersecurity Lead
Byborg Enterprises


Book singing by

Sarah Aalborg



Networking Dinner Cruise

Nordics Edition

C-Level IT Security Event

BeNeLux Edition

C-Level IT Security Event

DACH Edition

C-Level IT Security Event