13 October 07:30 - 18:00Scandic Infra City

Speakers

Sofia Cerwall
Event Moderator & Crisis Management Lead, Ericsson

Åke Holmgren
Head of Cybersecurity Division, The Swedish Civil Contingencies Agency (MSB)

Dr. Åke Holmgren is head of the Cybersecurity and Critical Infrastructure Protection Department at the Swedish Civil Contingencies Agency (MSB). Dr. Holmgren has more than 20 years of experience in cyber security and critical infrastructure protection from various government functions in Sweden. He has been a member of the Norwegian Commission on the digital vulnerability of society. Dr. Holmgren has been Visiting Scholar at the Institute for Civil Infrastructure Systems, Wagner Graduate School of Public Service, New York University. He holds a Ph.D. degree in Risk and Safety Analysis and a M.Sc. degree in engineering, both from the Royal Institute of Technology (KTH) in Stockholm, and a B.Sc. degree in business administration and economics from Stockholm University. At Paranoia 2019 Dr. Holmgren will give the talk "Countering Hybrid Threats - Civil Cyber Defence".

Fredrik Blix
Associate Professor Cybersecurity, Stockholm University

Karin Winberg
CISO, Eskilstuna Municipality

Karin Winberg has more than twenty five years of experience within cybersecurity, risk, compliance, internal audit. Over the years she has served in various roles in leading organisations such as: the Swedish Reserve Bank, KPMG, IBM, Cybercom Group Transcendent Group, Swedbank to mention but a few. She believes that "compliance can become real only if everyone understands the value of the information and can put it into context".  Karin is currently serving as CISO at Eskilstuna Municipality.

Anna Fors
Senior Digital Strategist, Försäkringskassa

Anna Fors, senior Digital strategist at Swedish Social Insurance AgencyAfter 20 years in the private sector, including startups and global companies such as TUI, Anna works for the public sector since 2015. Focus since 2016 has been on digital fraud detection, digital strategy, sourcing and security issues in the digital world. 2019 she was a co-writer of the whitepaper Cloud Services in Sustaining Societal Functions – Risks, Appropriateness and the Way Forward and has since worked to increase the awareness of the importance of Digital sovereignty in Sweden.

Anders Åhlgren
CISO, Jönköping Energi AB

Anders is CISO at Jönköping Energi in Sweden. Anders also works for the European Commission DG ENER with Network codes on Cybersecurity for the European electric energy sector.

Kaj Paananen
SIRT Leader, Hitachi ABB Power Grids

Juha Härkönen
Vice President, Corporate Security, Fortum Oyj

Juha has worked in cyber security since 1986. He founded and led the cyber security team in the Central Criminal Police.In addition, Juha has served as a cyber security consultant in KPMG. In his current position, he has been responsible for Fortum's Security since 2002 including cyber. At the moment, he is particularly interested in situational awareness.

Johan Åtting
Group CISO, Sectra AB

Sverker Forsberg
Cyber Security Manager Unilabs Region North

Sverker has been involved in information security issues for 20 years, first as a consultant and later holding information security positions at the Swedish National Police Board and at Södersjukhuset. He has extensive experience with ISMS, compliance auditing and IT systems requirements, as well as with end user awareness training.Since 2014 Sverker has been involved in Healthcare information security. As CISO of Södersjukhuset and Cyber security manager at Unilabs he has dealt with compliance with national and European legislation, but also with the nitty gritty details of how to secure medical devices that need to attach to the corporate network and integrate with medical information systems.

Jörgen Olofsson
CISO, Praktikertjänst AB

“Jörgen Olofsson is an information security specialist with over 20 years’ experience in a wide area of disciplines including forensic investigations, penetration testing, security architecture, coding, risk/threat assessments, ISO 27001, PCI-DSS and information security management systems. Jörgen is currently the Chief Information Security Officer at Praktikertjänst, the largest private dental and health care group in Sweden. Previously, Jörgen has held senior roles in in various industries and government, related to technology and information security. Big fan of old computers and retro gaming."

Carl-Göran Domeij
CISO and Information Management Lead, Billerudkorsnäs AB

Patrick Andersson
CISO, Stora Enso

Ulf Berglund
Cyber Security Architect, U&I Security Group AB

Fredrik Malmström
Head of Group Information Security, Handelsbanken AB

Fredrik Malmström, 41 years old married with 3 kids. He is a Risk Manager by trade and has worked in different security fields for 20 years Operational, Tactical and Strategic in different International companies both in Sweden and abroad. Loves to train when time is given, His motto is; Stay relevant or wind down

Johanna Mannung
Enterprise Security Architect, Swedish Police Authority

Ulf Bergman
DPO, Technical IT Security, Moderna Försäkringar AB

Ulf has a background from the Armed Forces where he served as an officer for seventeen years. He also worked as a Signal Protection Officer and System Operator during his tenure in the Armed Forces. He has also a wide experience within the IT industry in which he has held various positions in the last twenty years including positions such as: CIO, Network Manager, Client System Manager, Network and DC Manager, Head of Infrastructure Development. He possesses high competence in the outsourcing, infrastructure security business area in relation to banking/insurance and communication area. Today he is DPO and also responsible for IT-Security at Moderna Försäkringar.

Åsa Schwarz
Security Specialist & Novelist, Knowit AB

Åsa Schwarz has more than twenty years of experience within cybersecurity and is Head of Business development at Knowit Cybersecurity & Law. She is also a novelist writing about crime, horror and security. Her lasts novel, Master of Dolls is a riveting crime novel that also investigates risks and moral dilemmas surrounding robots and humanity (co-author Lena Karlin).

Peter Johansson
Regional Sales Manager, Nordic and Baltic Region

Ulf Holmerin
Information Security Manager, FMV

"Ulf Holmerin is an Information Security specialist who has worked on all levels. From helprunner to advisor to Senior Management in both in the private and public sectors. He is since 2014 Vice President in the ISACA Swedish chapter. Ulf is also active in ISACA International. Ulf has been a moderator for lots events and was during a period the recurrent facilitator for the yearly ISACA day."

Surinder r S. Rait
Head of IT Security Assurance, Ericsson

Surinder is a Cyber Security professional with more than 20 years of experience working and leading various aspects of Information/ Cyber security including but not limited to implementing regulatroy & leading industry frameworks, Security Operations Centers (Red/ Blue Team), Business Continuity, Risk Management. Currently serving as a board member in CSA Sweden Chapter.”

Angelique Dawnbringer
Senior Information Security Officer, SEB

Let me introduce myself, Angelique Dawnbringer is my name and for the past 20 years of my life I've been working as a CIO/CTO, IT consultant and IT specialist. I specialize in cloud architecture, information security and data protection. I have worked in most industries, from building and maintaining datacentres, ISP’s to Banking, Medical, Insurance, HiTech-Physics and Automobile. Privacy and Data Protection or simply security has always been a big interest of mine and bringing awareness to people around the dangers and the potential in creating solutions. Regardless of industry, security is a must have quality aspect which is often overlooked. At this moment, I work as an Information Security Officer for SEB at Group & Tech Level at Group Security & Cyber Defense on Strategic Positioning and Threat Intelligence.Not knowing the balance between risk and opportunity is one of the biggest issues within the industries as such and hopefully, we can make the world a little better by sharing our knowledge and learn something new. I hope to share my insight from working in several industries with you.

Gerhard Giese
Industry Strategist, Akamai Technologies

Gerd is Industry Strategist at Akamai Technologies. He started at Akamai in 2010 and is now strategist in the Financial Sector, responsible for customer advisory, information sharing and consulting. With more than 20 years of experience in the security field, Gerd has accumulated in-depth expertise in network security as well as distributed denial of service (DDoS) mitigation and data theft prevention. He continues to interact directly with clients as a trusted security advisor, to identify the most pressing challenges for online businesses. In addition, he regularly delivers talks at industry conferences and works as an independent consultant for federal state authorities such as The German Ministry of IT Defense. Prior to Akamai, Gerd was a senior network engineer at McAfee. Gerd holds CISSP and CCSP certifications and is a certified ethical hacker.

Anish Hindocha
Privacy Consultant, OneTrust

Anish Hindocha is a Privacy Consultant for OneTrust, the global leader in privacy management software and marketing compliance software which helps organizations operationalise data privacy compliance and Privacy by Design. At OneTrust, Anish works with privacy project teams and C-level executives across the Nordics to automate and strengthen their core GDPR and ePrivacy processes.

Arwa Ginwala
Solution Engineer, Cloudflare

Jan Branzell
CEO, Veriscan Security AB

Sam Graflund Wallentin
Head of Information Security Governance, Swedbank

Banking & Finance Panelist: Sam Graflund Wallentin, Head of Information Security Governance, Swedbank

You probably need to give need to give me some feedback on the BIO based on how others have done and what you expect. Btw, who’s the moderator? Sam Graflund Wallentin has more than a decade of experience in IT, risk, resilience and security at leading consulting firms, always focusing on business enablement and governance. In 2020 though, he moved to the country side, got a dog, built a house, returned to amateur ice-hockey and switched to the client side. More specifically, information security in financial services and Swedbank. At Swedbank, Information Security Governance is a part of Group Information Security, which also includes Offensive and Defensive Cyber Security functions. Across four teams, Information Security Governance is responsible for Swedbank’s security risk, governance and frameworks; security assurance; security architecture; and security awareness. Challenges ahead include adapting, improving and optimising information security to the swift changes in the risk and threat landscape, among regulations and not the least, the tech, work and business environment.

Vijay Chauhan
Senior Product Marketing Director, Cloudflare

Vijay Chauhan is Senior Director of Product Marketing at Cloudflare, where he leads Product Launches and Content. Prior to Cloudflare, Vijay ran Product Marketing at Illumio. Before that, Vijay spent 4+ years at Splunk running Product Management and Strategic Alliances for Splunk’s Security business. Vijay started his career as a Security Practitioner in Financial Services, spending 7+ years at Barclays Bank, handling core information security functions including Security Operations, Risk, Security Engineering, Application Security, and Identity & Access Management

Sarah Backman
Cybersecurity Consultant, Omegapoint

Sarah Backman is a Consultant with Omegapoint & PhD Candidate in International Relations at Stockholm University. Her research interests focus on cyber crisis management and national/international cyber security. She has a background in Security Studies from the Swedish Defence University. Beyond the academic realm, Sarah is an experienced consultant in the field of cyber security and crisis management with a specific focus on exercises.

Ingvar Johansson
Pre-Sales Engineer, EMEA ONE IDENTITY

Ingvar Johansson: Ingvar is an IT professional with 35+ years in the IT industry, Ingvar has been focusing on Identity and Access Governance for the last 15+ years working for several leading IGA vendors. Ingvar is currently working at One Identity as a Principal Solutions Architect focusing on IAM in the EMEA region, where his primary responsibility has always been as a solutions architect in a pre-sale role with the additional responsibility as a technical architect/consultant.

John Wallhoff
Founder & CEO, Scillani Information AB

Schedule

Registration & Morning Breakfast Starts

Opening Remarks By Event Moderator: Sofia Cerwall

How to define assets in the digital era – Time to leave 1990:s thinking?, Jan Branzell CEO, Versican Security AB

ISO 27000 series requires risk assessments and an asset register linked to classification also plays a big role. Assets are key for both these activities but what approaches to assets would yield great results for the organization today?

Key Takeaways:

  • What was behind the “system” approach?
  • What assets should we protect today?
  • How does this affect the classification schemes and risk assessment approaches?
  • All in context of an organization that wants to benefit from using ISO 27000 series


      Schrems II: What The EDPB Recommendations & Modernized SCCs Mean For You: Anish Hindocha Privacy Consultant, OneTrust

      Since the Court of Justice of the European Union’s ruling in "Schrems II", companies have been eagerly anticipating detailed guidance from regulators in how to manage EU data transfers to third countries, and particularly those that rely on standard contractual clauses. Those recommendations have now been released by the European Data Protection Board, as well as new SCCs by the European Commission.

      Key Takeaways:

      • The presentation will discuss how to take a risk-based approach to the EDPB’s guidelines, an overview of the new SCCs, and the way ahead for international data transfers

      A history of disruption - a journey through the latest Web (attack) trends: Gerhard Giese Industry Strategist, Akamai Technologies

      Powered by necessity, 2020 saw a gigantic boost for digital strategies. This helped to maintain critical services through online availability but it also gave new incentives for cyber criminals claiming their share of the profit. In this session, Gerdhard will share the latest threats the world has been experiencing, and explain how corporations managed to recognize fight them.

      “5 steps for improving organizational cyber crisis management capacity”, Sarah Backman Cybersecurity Consultant, Omegapoint

      Cyber crises or crises with digital aspects are increasingly becoming potential scenarios for various organizations. This development must be considered by crisis management and response groups as well as leadership in any organization. In this session, Sarah Backman introduces 5 steps for developing or improving organizational capacity to efficiently deal with cyber crises.

      Coffee Break & Networking in the Expo Area

      Panel Discussions: Post-COVID-19 Cybersecurity Challenges, Banking & Finance, Public & Manufacturing Panels

      Manufacturing Sector Panel Moderator: Ulf Holmerin Information Security Manager, FMV

      Manufacturing Sector Panelist: Patrick Andersson CISO, Stora Enso

      Manufacturing Sector Panelist: Carl-Göran Domeij, CISO and Information Management Lead, Billerudkorsnäs AB

      Manufacturing Sector Panelist: Ingvar Johansson Pre-Sales Engineer, EMEA ONE IDENTITY

      Public Sector Panel Moderator: Åke Holmgren, Head of Cybersecurity Division, MSB

      Public Sector Panelist: Karin Winberg, CISO, Eskilstuna Municipality

      Public Sector Panelist: Anna Fors, Senior Digital Strategist, Försäkringskassa

      Public Sector Panelist: Fredrik Blix, Associate Professor Cybersecurity, Stockholm University

      Banking & Finance Panel Moderator: Ulf Berglund Cyber Security Architect, U&I Security Group AB

      Banking & Finance Panelist: Fredrik Malmström, Head of Group Information Security, Handelsbanken

      Banking & Finance Panelist: Angelique Dawnbringer, Senior Information Officer, SEB

      Banking & Finance Panelist: Sam Graflund Wallentin, Head of Information Security Governance, Swedbank

      Panel Discussions: Post-COVID-19 Cybersecurity Challenges, Healthcare & Energy Sector

      Healthcare Panel Moderator: Sverker Forsberg, Cyber Security Manager, Unilabs Region North

      Healthcare Panelist: Jörgen Olofsson, CISO, Praktikertjänst AB

      Healthcare Panelist: Johan Åtting, Group CISO, Sectra AB

      Energy Panel Moderator: John Wallhoff Founder & CEO, Scillani Information AB

      Energy Sector Panelist: Juha Härkönen, Vice President, Corporate Security, Fortum Oyj

      Energy Sector Panelist: Anders Åhlgren, CISO, Jönköping Energi AB

      Energy Sector Panelist: Kaj Paananen, SIRT Leader, Hitachi ABB Power Grids

      Lunch Break & Networking in the Expo Area

      IT Security Insights Workshops

      Achieve Secure Access to Your Critical Resources with Zero Trust and Least Privilege: Ingvar Johansson, Pre-Sales Engineer, EMEA ONE IDENTITY

      In this live workshop, learn how Zero Trust and Least Privilege Can Secure Access to Your Critical Resources. With the majority of large organisations using Active Directory (AD) and Azure AD (AAD) to control user permissions and access, it is a primary target of attackers. With the rise of privileged access management (PAM) as an aspect of functions that AD/AAD controls, PAM must be a critical part of any operational and security strategy for privileged resources.

      Key takeaways:

      • How to enhance privileged security for your hybrid AD environment
      • What is Zero Trust
      • How to achieve Zero Trust by using just-in-time activation of privileged accounts and entitlements
      • In addition, you will see a demo of Zero Trust from One Identity.

      Live Learning Session By both Vijay Chauhan Senior Product Marketing Director & Arwa Ginwala, Cloudflare

      Network Security as-a-service:

      One of the most profound shifts we've been hearing about is that legacy appliance-based approaches, that our customers around the globe are using to secure their networks, aren't working anymore. Evolving your network for remote work has opened it up to risks.

      Key Takeaways:

      • Join Cloudflare's session to discover how delivering network security at the edge - not data centers - can better protect your applications, your data, and your users.

      Arwa Ginwala Solutions Engineer, Cloudflare

      The Cyber Security Dilemma – And How Deep Instinct Breaks the Mold: Peter Johansson, Regional Sales Manager, Nordic and Baltic Region

      The cybersecurity landscape has evolved significantly from the earliest days of AVprotection in the 1990s. Business customers can now choose from a variety ofoptions to architect a security stack, including vendors in the EDR, MDR, and XDRspaces. But what do these acronyms mean and how do they differ? And, more importantly,what benefits do they offer to enhance your existing security posture and to preventcyberattacks and the loss of business-critical data?

      Key  Takeaways:

    • Why EDR/MDR/XDR were created and what problems they were built to solve?
    • How cybercriminals are evading common detection and response frameworks (and why they do not prevent many threats)?
    • Why Deep Instinct’s prevention-first approach is the next evolution in cybersecurity defence?
    • The CSA Cloud Controls Matrix (CCM: Surinder S. Rait Head of IT Security Assurance, Ericsson

      The CSA Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing. In this session Surinder will  discuss how this framework can be used to help improve security posture of the respective cloud environment with clear roles and responsibilities.

      Keynote Content Coming Soon, Erik de Jong, NCC Group


      Networking Afternoon Coffee Break

      Keynote TBC

      Panel: Benefits of Diversification in Cybersecurity

      Panel Moderator, Sofia Cerwall, Crisis Management Lead, Ericsson

      Panelist: Ulf Bergman, DPO, Technical IT Security, Moderna Försäkringar AB

      Panelist: Åsa Schwarz, Security Consultant and Author, Knowit AB

      Panelist: Johanna Mannung, Enterprise Security Architect, Swedish Police Authority

      Closing Remarks By Event Moderator: Sofia Cerwall, Crisis Management Lead,Ericsson

      Closing Cocktail Reception

      Conference Ends With Evening Dinner Reception

      Editor's Note

      I am delighted to welcome you at the 5th edition of the IT Security Insights Conference which is going to be the most exciting and biggest edition so far. The conference will bring together leading IT Security practitioners and stakeholders in the Nordic region to discuss business critical issues and IT Security trends in 2021.

      This year’s conference will also be hybrid-event format where one can either follow the event programme online or join us in person at the designated venue, Scandic Infra City in Upplands Väsby, Sweden.

      According to NORDVPN Cyberattacks are up 400% a day compared to pre-COVID-19 levels. At the beginning of 2020, the FBI reported that complaints of cyberattacks received by its cyber division had risen to almost 4,000 a day, a 400% increase over pre-coronavirus numbers. In one four-month period (January to April), 907,000 spam messages, 737 incidents related to malware, and 48,000 malicious URLs all related to COVID-19, were also detected by one of INTERPOL's private sector partners.

      Good examples of high profile recent cyberattack victims in 2020 include: the French IT service giant Sopra Steria that was attacked by Ryuk ransomware on the evening of 20th October, 2020. It’s estimated that this particular attack cost the company around £ 50 million. FireEye, one of the leading cybersecurity firm via their CEO, Kevin Madia came out and stated ”Based on my 25 years in the cybersecurity and responding to incidents, I have concluded that we are witnessing an attack by a nation with top-tier offensive capabilities. This attack is different from the tens of thousands of incidents we have responded to throughout the years”. This clearly shows IT Security should be a top priority for not only end users but also suppliers of IT Security products and solutions. But what are the underlying reasons for this upsurge of cyberattacks? How can we successfully mitigate these ongoing data breaches?

      Due to the increased surge in COVID-19 cases, we are seeing more companies and workplaces encourage it’s employees to work more remotely than ever before. Though this phenomenon is here to stay it would require most organisations to adopt and implement right tools to ensure that remote access capabilities are tested, secure, and endpoints used by employees are patched effectively. This developement has, however exacerbated a rapid escalation of insider threats. ”According to Forrester, the insider data breaches are poised to increase by 8% in 2021 and account for 33% of all cybersecurity Incidents”

      The conference is tailored for CISOs, CIOs, IT practitioners working with Information Security, Data Security, Cloud Services and GDPR matters. The main themes to be explored include: cloud services, cyberssecurity skills shortage, research in cybersecurity, diversity in cybersecurity, state of GDPR compliance, IIoT, Zero Trust Access Networks (ZTAN) and New Emerging Technologies.

      The conference will attract over 37 speakers and 20 partners offering a variety of innovative tools and solutions in the Expo area on the day. In addition the even offers a lot of networking and discussion opportunities via onsite peer-to-peer interactions and also via the virtual event platform, agorify for our online participants.

      The conference will also host a book signing by Åsa Schwarz and Lena Karlin. They will  be both signing their renowned book "Dockfabriken" that addresses risks of Artificial Intelligence.

      Join us at this fantastic event as we celebrate our 5th Anniversary filled with an exclusive networking program including both a closing cocktail reception and an evening dinner reception at Scandic Infra City.

      Looking forward to seeing you in October.

      Sincerely.
      Robert Kitunzi

      Event Project Manager

      Organized by