Agenda

►Beyond DORA compliance: Orchestrating Digital Resilience in a VUCA environment

 Thomas Barkias, Principal Supervisor – Cyber Resilience, ICT, Crypto & Operational Risk, European Central Bank

• Understanding the nuanced interplay of technology, processes, and human factors in achieving resilience
• Exploring ways and challenging in orchestrating resilience in today's VUCA environment. 
• Beyond Compliance, emphasising the need for a holistic approach that transcends mere compliance with regulations like DORA.
   

► Beyond the Buzzwords, AI's Double-Edged Sword

Francisco Z. Gaspar, Lead Cybersecurity Architect, Telefónica Germany

• Understanding the Evolution of Cybersecurity Paradigms:
• The Complexities of the Data Dilemma
• AI's Promises and Pitfalls
• Balancing Act
• Charting the Course Forward towards a More Resilient and Secure Future

►Security 3.0 - Learnings from modern medicine and longevity

Max Imbiel, CISO, Bitpanda Asset Management

•    What does Security have in common with Medicine?
•    What thoughts and best-practices can we transfer from modern Medicine into modern Security?
•    Applying healthier and more secure ways or working

►Ethical hacking explained: why you need ethical hackers in your organization

Michele De Donno, Ethical Hacker, Sky Deutschland GmbH

• Ethical hacking and penetration testing: what and why
• Myths and misconceptions about ethical hacking
• A glimpse into the penetration testing process
• Penetration test (live demo)
   

►Senior Leadership Panel Discussion

Max Imbiel, CISO, Bitpanda Asset Management
Klaus-E. Klingner, Information Security Officer, Assambeauty 
Ralf Mutzke, Director Cyber Security, Aon Deutschland

• The role of the CISO as security regulation increases (NIS2, DORA etc.)
• Compliance versus security as a true business driver
• Ai — helping or hindering?
• Adopting a risk based approach to securing budgets

►Managing third-party breaches

Riccardo Riccobane, Head of CSO Security Assurance & Head of Operational Resilience, DWS

• Restoration and post-recovery steps  
• Legal terms and conditions and resulting due diligence
• Data restoration and best practice
• Implementing security enhancements and lessons learnt
   

►Why Identity Alone Is Not Enough for a Zero Trust Strategy

Paolo Passeri, Principal Sales Engineer and Cyber Intelligence Specialist, Netskope

• The new reality of living in a hyperconnected online world requires a new approach to security, where multiple elements must be taken into account, besides simply blocking/allowing access to a specific service or the user identity to enforcing granular permissions.
• Learn why the context is important to enforce a granular and effective security policy.
• Discover which are the elements that must be considered, besides identity, to adopt an effective zero trust strategy
• Understand how the different security controls, such as data protection, threat protection, behaviour analytics, cooperate to protect the modern enterprise.

►Why 24 is the answer to all questions in the cyber security environment!

Thomas Schuchmann, Senior Director Sales Engineering Germany, Rubrik

• Do you know the difference: resilience or resistance? How do resilience and resistance differ in data security and which is really more effective for companies?
• Are cyber incidents really the biggest business risk? Why are cyber risks increasingly becoming a focal point in management and what does this mean for companies?
• Are we investing enough and in the right things? Despite increasing security spending, why are cyberattacks still a problem and what could we do differently?
• How can we do it better? What strategies are there to not only minimize the risk of a cyber attack, but also to mitigate its possible consequences?
   

►Focus on the Vulnerabilities that Matter to you

André Heller, Director Solution Architects DACH, Armis

• Get a complete overview of all vulnerabilities in your organization
• Prioritize and solve vulnerabilities according to the risk to your business
• Get the opportunity to build an AI-based early warning system that identifies attacks on your company even before vulnerabilities (CVEs) are disclosed.
   

►Why established defences like Web Application Firewall or API Gateways are not enough to protect today’s APIs

Frank Sommer, Senior Solutions Engineer, Akamai

• Why are APIs increasingly used?
• What does this mean for the security department in companies?
• Why are Web Application Firewalls and API Gatways not enough?
• What is needed to secure APIs? 

►How To Create Successful Malware and Defend with Zero Trust

Threatlocker

•  In a world where anyone can create successful malware or have AI generate it for them, it's important to know how malware can be successful so you can better defend.
• Starting from a default-deny posture, learn how adopting Zero Trust principles can keep your data safe and operations running regardless of hacking attempts by man or machine.
   

►Less Cyber More People - Putting People At The Center of Your World (oder Cybersecurity Strategy)

Proofpoint 

Being human-centric means placing humans at the center of design, decision-making, and problem-solving processes. It involves understanding, empathizing with, and prioritizing the needs, preferences, and experiences of individuals.  But how does that help us reduce our risk profile?  How can we consider the needs of each individual when we design our security strategy and deploy that next bit of tech.  How can we collect understand the needs of the individuals we are protecting?  How can we use it to improve our defences and mitigate risk?  How can we make it scale with limited resources?  How can we do more for less?  In this session we will share the secrets of an effective human-centric security strategy.