13 October 07:30 - 18:307A Odenplan, Stockholm

Speakers

Ulf Berglund
Event Chairman & Information Security Officer, Länsförsäkringar AB

Ulf Berglund has a long experience from leading positions in the field of information security. He has been an honourable President of the CSA Sweden Chapter which he  launched in Sweden back in 2012. He is also co-author of the book Guide to the Cloud. He has a background as an officer, his last active years he was principal officer, IT security and information security expert at the Military Intelligence and Security Service (MUST). He has held positions as CTO, senior consultant and senior consultant for companies such Pointsec, Ernst & Young and Technology Nexus. Ulf's consultant and the experience derived from companies like Skandia, Scania, Swedish Match, the Stockholm Stock Exchange (OMX), the Swedish Central Bank, Apoteket AB (pharmacy), H&M and Länsförsäkringar Bank AB. He is the founder and owner of U&I Security Group AB.

Björn Gustafsson
Head of National Security, Telia Sverige AB

Björn Gustafsson is currently Head of National Security at Telia Sverige AB since 2016. Before joining Telia he served as a CISO of Stockholm's municipality and City for 8 years where he was responsible for effectively managing and coordinating the development of the Stockholm City’s security work. During his tenure he led numerous projects and processes in information security, security protection and the city's risk and vulnerability analysis. Björn has also 20 years of experience at the Swedish Armed Forces where he worked at the command and control regiment security department as chief information security officer. Besides, he is a renowned educator that shares his works and findings to others in the security community.

Sofia Cerwall
Group Security Advisor, Ericsson

“Sofia Cerwall is a Security Specialist and Group Security advisor at the multinational telecommunications company Ericsson. During her years at Ericsson she has gained insights in multiple parts of the security organization. Sofia is today the Global Domain Lead of Crisis Management within Ericsson. Prior to her  current role she has worked with cybersecurity related to corporate investigations and forensics. Sofia has a background within Computer Science, and holds a Bachelor´s degree from Stockholm University. She is also has a particular set of skills in global management, and is a well appreciated leader and colleague at Ericsson.”

Anders Jared
CISO, Systembolaget

Anders has during his 20 years in the area of security a broad technological and information security knowledge. Anders has his background in law enforcement, primarily analyzing security breaches in criminal investigations. He has then evolved to a security director which, in all, renders him a unique understanding of both threats and prevention possibilities in our digitized world. Anders has worked in large organizations, mostly government, in different sectors with the challenge of delivering adequate security on all levels in order to contribute both to efficiency and to business advantage.

Josef Joo
Head of Global Cyber Defense & Incident Response, Schneider Electric

Josef has extensive experience in the IT Industry spanning over 28 years, 15 of which he has spent at Schneider Electric in various senior roles. He is currently the Head of Global Cyber Defence & Incident Response. Prior to that he served as the Regional EMEA CISO for 8 years and he was the Regional Nordic IT manager for the company for over 5 years before assuming the EMEA position

Emil Dahlin
Group CIO, Bravida

Emil Dahlin has over 30 years documented experience in the IT industry and he is currently CIO, SVP Digital Business Development & IT of Svevia AB, a company that specialises in building and maintaining road infrastructure, employs about 2,000 staff dispersed across 100 locations in Sweden and Norway. He has also worked as a strategic advisor and consultant on a senior level for different consultant vendors. In addition, he has held top positions such as: Head of Group IT-Infra, PMO & SAM at PostNord AB, CIO at Qbranch AB & Axians SE and CTO at Norsk Hydro AB. 

Dimitrios Stergiou
CISO, Trustly

Dimitrios is currently employed as the Chief Information Security Officer for Trustly. He is an experienced senior Information Security and Risk professional with over 20 years’ experience in Risk Management, IT audits and Information security. Before joining Trustly, Dimitrios held positions at Modern Times Group, NetEnt, Entraction, Innova S.A and Intracom S.A. Dimitrios holds a M.Sc. in Information Security and is a Certified Lead Implementer for ISO 27001:2013, Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Risk and Information Systems Control (CRISC) professional and Certified Information Systems Security Professional (CISSP). He is also a Certified Information Privacy Manager (CIPM) and a Certified Information Privacy Professional / Europe (CIPP/E).

Johan Schauman
Head Digital Co-development, Swedish Tax Agency

Johan/Mr Schauman has been working at the Swedish tax agency for almost twenty years in many different roles. More recently as a change leader for the agency´s digital transformation and currently as head of co-development, creating prerequisites and enabling external parties to develop solutions with the agency´s data, code or professional experience and expertise. He is utterly convinced that the only way to create a sustainable digital community is through collaboration between the private and the public sector.


Christopher Abdelmassih
IT Security Specialist, Swedish Police Authority

Christian works with Enterprise-level Security Architecture and InfoSec-related tasks at the IT Security Division of the Swedish Police Authority. Before focusing on security, he was a Full Stack Developer and DevOps enthusiast. He supports developers in building secure web apps and sysadmins in safer operations. Today, he implements access controls, identity and access management solutions, conduct audits and risk analyses and secures one of the most important organizations in Sweden

Jan Branzell
CEO, Veriscan Security AB

Jan Branzell is the CEO of Veriscan Security and has a background within management and communications. He has a vast experience in supporting organizations in implementing or enhancing their ISMS based on the ISO 27000 series. He has been involved in the development of ISO standards since 2000 and is the editor for various standards such as ISO/IEC 27003 on guidance of the ISMS requirements. He is also the ISO editor of the concept called Information Security Library, connecting the controls of ISO/IEC 27002 to other security standards within ISO. Controls for privacy is one aspect that is covered and integrating ISO/IEC 27001 (ISMS) and GDPR requirements has been and is an ongoing topic where experience can be shared. Jan has the strong view that standards must be of help to organizations; support their business and increase their trust.

John Wallhoff
President, ISACA Sweden Chapter

John Wallhoff (CISA, CISM, CISSP), President of ISACA Sweden Chapter & independent advisor. He is an experienced expert in the field of IT-Governance, IT Service Management and Information Security. Over the past 25 years he has been working with a wide range of organisations in different industries/sectors.

Mark De Simone
VP Global Sales Operations, WALLIX

Mark De Simone is an energizing global CEO and entrepreneur for innovative businesses which create significant customer, employee and shareholder value. He leads the international operations of Cybersecurity leader WALLIX, the Privilege Access Expert from Europe with a focus on Nordics, UK, Italy, Middle East, Pakistan, Africa, Asia Pacific and India. He is also leading the Industrial Cybersecurity Practice for the company focusing on vulnerability challenges of Industry 4.0 and the interaction between OT and IT in today’s factory environments. 

Mark is a McKinsey alumnus and spent his business formative years with General Electric in the Healthcare sector in the USA and France, then as a Cisco VP driving the adoption of new services models in telecom leading the emerging markets, as an entrepreneur led a Management Buy In and created a Cloud Telco in 2012 called Clouditalia where he was CEO . Mark has been active in Cybersecurity starting at Cisco and Safety as CEO of Aegate to verify Medicine authenticity. Mark is based in London and has also an office in Paris.

Andrew Beckett
Managing Director and EMEA Cyber Risk Leader, Kroll

Andrew Beckett is a managing director and EMEA leader for Kroll's Cyber Risk Practice. Andrew began his career at GCHQ where he held a variety of roles including head of the branch responsible for providing cyber security advice to government departments and penetration testing.  He also served in the Organization for the Prohibition of Chemical Weapons (OPCW). This is an International Civil Service organization operating under the auspices of the UN where Andrew was the first head of the Office of Confidentiality and Security and charged with setting up this team. Andrew went on to run his own commercial consultancies before joining Airbus Defense and Space in the UK as the head of Cyber Defense, a role he filled for five years before joining Kroll. Andrew is a visiting professor of Cyber Security at the University of South Wales.

Conny Larsson
Chairman, Sig Security

Conny is the chairman of Sig Security, a Swedish non-profit organization specialized in information and IT security. Conny has a master degree in Law and IT and is specialized in Telecommunication and Information Technology Law. Between 2009 and 2017 he worked for the Swedish law firm Gärde & Partners AB in Stockholm and now in his own law firm since 2018. Before that he was a corporate counsel at the major Swedish telecom operator TeliaSonera for nearly fifteen years and also at Flextronics Network Services. In addition he was a legal counsel at the Swedish Telecom Agency and the Swedish Enforcement Agency. Altogether he has been working as a lawyer specialized in Law and IT for more than 30 years.

Alexandra Searle
Privacy Director, Ericsson

Alexandra, a regulatory expert by profession now runs the implementation of Ericsson Privacy Programme. With experience working with governments, regulators and legislators in high risk jurisdictions Alexandra has transitioned easily into the space of regulatory compliance for sensitive products and services. With more than a decade of success building organisational momentum, strengthening existing programmes and building workable solutions – Privacy and the intersection with other critical frameworks is an engaging and exciting task

Kjell Löfgren
President, CSA Sweden Chapter

Kjell has 15 years of experience in Cyber ​​Security. In 2018 he became chairman of the Cloud Security Alliance Swedish chapter. He also works at NCC Group as Regional Manager, Sweden. Among other things, Kjell participated and built up Stay Secure, which became the Swedish market leader in E-mail Security. He also has many years of experience in EDR, Endpoint Detection and Response, SIEM and Web Security. 

Jacob Eborn
Senior Privacy Consultant, OneTrust

Jacob Eborn is a Senior Privacy Consultant for OneTrust EMEA, the #1 most widely used privacy, security and trust technology platform trusted by more than 5,000 companies to comply with the CCPA, GDPR, ISO27001 and hundreds of the world’s privacy and security laws. At OneTrust Jacob, works with GDPR Project teams and C-level stakeholders in the Nordics to automate and strengthen their core privacy processes. Jacob has over 10 years of software industry experience, working with organisations throughout the Nordics and globally to help enable change and transformation programs. Jacob has a Master of Science, Business and Administration and holds a CIPP/E Certification.

Sarah Backman
Cybersecurity Consultant

Sarah Backman is a cybersecurity consultant at Secana AB and a PhD-student at Stockholm University with a focus on cyber crisis management. Sarah has extensive experience working with strategic cybersecurity issues, crisis management and privacy issues in both private and public sectors.

James Tucker
Sales Engineering Manager, Zscaler

Originally from the Washington, D.C. Area, James Tucker has been working in network security since 2006. He is passionate about Intrusion Prevention and gateway security. For the past 11 years, he has been based in Stockholm Sweden, working for many of the top security vendors. Today, he leads Zscaler's sales engineers in Northern Europe. He is also interested in Intellectual Property and privacy laws, and enjoys craft beer, a good cigar, and malicious packet captures

Sivan Harel
Regional Sales Director, Northern Europe & Israel, Pcysys

Sivan specializes in consultative sales to C-Level executives at large corporations. Sivan has held several Sales Management and Account Management positions in global companies, such as Comverse, Hewlett-Packard, Earnix, and now Pcysys. Sivan combines people and process consulting, with deep cybersecurity subject matter expertise to solve business problems while introducing a complete solution

Chris Sherry
Regional VP, Central Region-ForeScout Technologies Inc.

Chris Sherry joined ForeScout Technologies in 2016 as Regional Director for UK&I and Northern Europe. After successfully growing the team and increasing revenue consistently over three years, he recently took on a new challenge and now leads the Central Team which covers the DACH region, Nordics and Benelux. 

In this role, he provides strategic and commercial leadership for ForeScout’s private and public sector programs in this region as well as driving customer awareness on technology use cases such as IT/OT convergence, ransomware and disruptionware. 

Chris is passionate about helping organizations embrace the proliferation of IoT devices and cloud adoption to enable better service and protect customer data. He regularly participates in speaking engagements on continuous monitoring, visibility, access control and automation. 

Prior to joining ForeScout Technologies, Chris worked in senior leadership roles for F5 and Dell. 

Martin Bergling
Board Member, Sig Security

Martin is a Senior Security Consultant at NIXU. Martin has a broad security background and has previously worked as Deputy Security Manager at the Central Bank of Sweden and as technical manager at FMV / CSEC, Sweden's certification body for IT security. He has also worked with project management, risk analysis, requirements specification, accreditation and security audits at IBM, the Swedish Armed Forces and Telia. Martin has several certifications, e.g. CISSP, CISA and CRISC, and he is also involved in SIG Security, ISACA and Dataföreningen in Sweden.

Schedule

Registration Starts


Chairman Opening Remarks


Cyber Security for critical infrastructure: How to prepare and respond to cyber threats?

Critical infrastructure requires different aspects for risk management to be considered and enforce different priorities when designing the infrastructure due to potential impact from failures, but still the basics of cyber security remain the same. In this session we will touch some of the concerns in relations to sectors of critical infrastructure addressing following questions; 

  • What specific risks are necessary to manage?
  • How can providers of infrastructure products assist?
  • Is it feasible to use cloud services?

Swedish National Security in a global business perspective

This presentation will explore how the "New Swedish National Security Protection Act" is putting a lot of demands on those who are engaged in “Security sensitive activities” 

Key takeaways:

  • How does the protection Act apply to a multinational and global business?
  • For whom is the Swedish National Security important?
  • Who is responsible for Swedish National Security?
  • Who will pay for the needed investments?

How to allow change and stay secure: A case study of the Swedish Police Authority

In this keynote, Christian talks about the challenges facing the Swedish Police authority. Due to the nature of police work modern tools, high availability and mobility is needed without compromising information security and confidentiality. By combining information security and technical testing and surveillance the police authority allows modernization with a high degree of control.
Key  takeaways:

  • How do you stay on top of  IT-security in a complex environment and a rapid development pace? 

1500+ Cyber Investigations Later: Trends To Beware

Having investigated over 1,500 cyber incidents worldwide in 2019 across a wide range of industries, Andrew will share battle-tested insights – a deep dive into the growing sophistication and latest threats, as well as actionable steps to strengthen preparedness, detection and response within your organization. 

Key takeaways:

  • What are the latest developments in ransomware, and how does the growing trend of data exfiltration impact organizations?
  • The ever-present threat posed by social engineering, and examples of how a strong security culture can help mitigate it

Coffee Break & Networking In The Expo Area


The Breakout Sessions


Automated Penetration Testing: The Latest Advance in Security Validation

In this session Pcysys will discuss the value Automated Penetration Testing brings by enabling continuous risk validation and raising and maintaining your cyber resilience to the highest level. Get a glimpse of how this unique technology will provide you with prioritized cost-effective remediation and improve your network's cyber security posture.

  • Why is manual penetration not enough?
  • How does Automated Penetration testing work?
  • How can Automated Penetration testing reduce cost, increase security resilience and provide contextualized remediation suggestions?
  • How can automated penetration testing enable you to continuously validate your risk and challenge all of your security investments?

Device Visibility and Control: Build and Deploy Network Segmentation at Scale

The mass expansion and proliferation of IT, IoT and OT devices poses new questions to network security: Legacy and vulnerable devices, non-compliant and misconfigured endpoints, and IoT and OT devices must all be identified. Without a complete picture of connected devices across network domains, the ability to act quickly to mitigate risks is all but lost.The increased inter-connectivity across the campus, data center, cloud and operational technology, drives a further growth in complexity in today’s networks and associated security risks

Key Takeaways:

  • Please join Forescout Technologies, Inc. in this session to learn how to build and deploy network segmentation at scale.

Risk Exchanges: The Key to Vendor Risk Management Efficiency Powered By OneTrust

Your vendors often handle your most sensitive data. This presents new challenges as third-party risk, security, privacy, legal and IT teams struggle to vet and manage the vendors they rely on most. 
Key takeaways:

  • OneTrust will discuss emerging vendor management trends and breaks down how risk exchanges are key to more efficient business operations

It’s time to rethink your model: Sassy new ideas

The future of network security is in the cloud! - There have been several major shifts in computing technology, networking, mobility and cloud. Each has caused us to rethink the ways in which we do business. In this presentation, James will provide some insights into how we got here, what the future may hold, and what you can do today to better enable your digital business. 

Lunch Break - One-to-One Meetings


Round Table Discussion Sessions

Security and Compliance

Many regulations and contractual requirements are addressing information and cyber security requirements. The session has ISO 27000 series as a possible base.

Key takeaways:

  • What are the expectations and solutions for an effective approach?
  • 3-Compliance – Yes or No – Is that the question?
  • What is expected from the security organization?
  • How will compliance affect the strategic business development?
  • How does compliance regulations affect the view on security risk management and security control sets?

Information Security Awareness & Training Initiatives

In this round table session, Secana will explore information security awareness and cyber hygiene as a mean to improve cyber security within organizations and, by extension, in society at large. The session will entail discussions on best practices to improve information security awareness within organisations in various sectors and at various levels, including training initiatives and exercises.

Key takeaways:

  • What does it mean to have sufficient information security awareness/cyber hygiene in an organisation?
  • What role does information security awareness play in the enhancement of societal cybersecurity and resilience?
  • What measures have been proven effective to improve information security awareness in organisations?
  • How can training initiatives and exercises improve information security awareness and skills within an organisation?

Penetration testing: Godsend or necessary evil?

The expansion of regulatory frameworks in multiple domains (e.g. PSD2, NIS, GDPR) had led to increased focus in how organizations manage their Information Security and how they verify that the deploy effective controls. One of the verifications methods suggested is the execution of a penetration test on regular (or well-defined) intervals. But, do these mandatory penetration tests add value to the target organization? Or is it just to check one more box in a long compliance checklist? 

Key takeaways:

  • What are your experience with penetration testing?
  • How can one select the most appropriate vendor for the activity?
  • What do you (as a customer of the test) want to see more of (or less of)?

Cyber Security for critical infrastructure: How to prepare and respond to cyber threats?

In this round table session John will use the ENISA definition of security measures for operators of essential services (OES) to discuss what best practice and baseline security measures to be applied and relate it to our joint experience from working with cyber security. 

The targeted sectors for this session include; Energy (Electricity, Oil & Gas), Transport (Air, Rail, Water, Road), Financial & Banking, Healthcare, Drinking Water Supply & Distribution, Digital Infrastructures.

How Should Security Leaders Embrace the Intertwining of Compliance, Privacy, and Cybersecurity?

We’re seeing a deeper convergence of compliance, privacy, and cybersecurity as key elements of a core business strategy. This round table will explore whether security leaders are equipped to support the business and how security can influence other areas of the business without posing obstacles.  

Key takeaways:

  • Successful examples of security leaders effectively working with and supporting the general counsel, compliance, and other areas of the business
  • How security leaders can help structure a privacy management program that’s embraced by the business
  • The role of security and compliance leaders in the implementation of AI projects to avoid biases and oversight

Cloud requirements and opportunities - how can technology, law and business meet?

This round table session will be hosted by Conny Larsson and Martin Bergling  who are both Board Members at SIG Security.

Key takeaways:

  • "Everything should be outsourced to the cloud!"- But is there information that cannot be outsourced? If so, which one?- How can one handle a separation between the two types of information?
  • Our confidence in the cloud suppliers- Can we have confidence in that security requirements are met? How?- What role does the Cloud Act and Patriot Act play for our trust in suppliers affected by these requirements?
  • Conflicts of interest between new business opportunities and regulatory changes- How should legislation or other regulation be modified so that new business opportunities, e.g. based on cloud services or other new technology, can be utilized?- Is it eg appropriate to specify requirements and conditions in law, or should they be given in regulations or other directions from the regulator or supervision authorities?
  • About 95% of personal data incidents reported to the Swedish Data Inspection Board (‘Datainspektionen’) are closed, and as a private individual you can never receive relevant compensation in a possible dispute.- Can we, as individuals or companies, trust GDPR to work?- Or is GDPR and ‘Datainspektionen’ just window dressing?

Cloud requirements and opportunities - how can technology, law and business meet? - Co-Host

TIBER EU, the European framework for Threat Intelligence-based Ethical Red Teaming

The TIBER-EU has been developed by the European Central Bank. The purpose is to establish a common framework for testing, and improving, resilience against sophisticated cyber attacks. The TIBER-EU framework has been designed for companies and organizations that are part of the core financial infrastructure, whether national or European. However, it can also be used for all types or sizes of companies and organizations in the financial and even in other sectors.
Key takeaways:

  • Advantages and disadvantages of TIBER EU?
  • What obstacles need to be crossed to implement TIBER EU?
  • How can / should we prepare for the introduction of the TIBER EU framework?
  • How will TIBER EU affect your organization and your daily work?  

“When can we achieve sufficient efficiency? With infinite ways of breaching security how do we implement countermeasures to be secure enough?”

It is hard to keep track of our it-environment as new initiatives are taken, transformation to cloud and mobility is constantly moving. This session is a discussion about how we manage to take control over a complex situation and how we decide what countermeasures are needed to obtain adequate security.

Key takeaways:

  • How do we keep track of all attack vectors in our it-environment?
  • Guidelines, standards, ways-of-working.
  • How do we avoid overlapping, cluttering and gaps in our protection?
  • Who has the IT-security map for real?
  • How do we define enough?

Coffee Break & Networking In The Expo Area


“Tax by design – the Swedish model goes tech”

The Swedish tax agency does not think that just smoothing och tuning  it's old processes is enough to maintain trust from it's own customers. If we want people and businesses to keep paying tax voluntarily, we need to step up and offer them the possibility to handle tax in their own preferred environment, integrated in real time transactions. To pull this through, we need completely new technical solutions and business models. This offers many serious challenges, not the least from an it-security perspective.

Key takeaways:

  • Everyone is talking API´s, and so are we. But why has it been so hard for us to walk the talk? 
  • Why is the API strategy so crucial for our transformation? 
  • Securing data and the integrity of the customer in house is hard enough; How will we manage security if we share your data to others? 

    New Technologies and the changing Cyber Security Landscape

    Today's increased cyber attacks and breaches have prompted us to act fast and with precision thanks to the new emerging technologies. With Ai, Machine Learning, Blockchain, Big Data, IoT and Cloud, it's  safe to say we are facing a paradigm shift.

    Key takeaways:

    • What are biggest challenges in terms of the new landscape?
    • Do we have sufficient skilled security workforce to drive current and future projects? Or do we need the same people in the near future as we have now?

    Panelist

    Panelist


      Panelist

      Navigating the landscape of global regulatory developments for Data Protection and Privacy; Finding a path in a global company

      More than a year on from GDPR, one could assume we all know what is needed and are implementing it all flawlessly? Are we really? Or has GDPR triggered a global evolution on data privacy regulatory reform? And do we know how to handle it? Or Who to handle it? Or who is best to handle it? These are all questions that all of us in the privacy space have encountered at least once, and we have come up with some solutions, some workable ways, in the companies we work in and the teams we drive.  The session is set up to be a knowledge sharing session, to provide some insights into how I believe a workable solution can be found, and lessons we have learnt along the way. 

      Key takeaways:

      • Implementing GDPR; what are the common challenges and how to overcome them
      • How does one keep track of all the global requirements?
      • Navigating agendas for Privacy; Legal, Security Compliance – working towards seamless implementation and workable synergies

      Privilege Access Management Applied to Industrial IT-OT Processes

       A photograph of the current challenges in adapting Cybersecurity policies and discipline across the continuum of IT and OT. Existing risks and vulnerabilities in extending the perimeter of Cybersecurity protection across operating environments in critical infrastructures, factories, and office environments with an explosion of IOT devices and gateways. The cultural challenges of understanding what are the differences between the well standardised world of IT and the heterogenous world of operations and industrial controls. The session presents several use cases and examples from several segments. It highlights the practical challenges from companies in automotive, transport, energy and public sector who are implementing projects at the global level and are faced with significant change management processes

      Ket Takeaways:

      • What IT-OT security approaches have been tried and failed . Which have worked and Why?
      • What are the key principles underlying a positive outcome?
      • What are the overall benefits in mitigating what is in essence the reputation risk of large and complex organisations?
      • What can we expect from future developments?


      Event Chairman's Closing Remarks

      Networking Cocktail Reception Starts

      7A Odenplan is an accessible and modern venue occupying a floor plan of 2000 sqm with a large courtyard. It offers flexible rooms, good food and a roof terrace that overlooks Odengatan with a fantastic panoramic view of the city of Stockholm.

      7A Odenplan has a perfect city location with subway, commuter train and most city buses a few steps from the entrance. those who intend to drive a car, there is a parking garage in the house below with direct access up to the meeting room. Warm welcome!

      Address: Norrtullsgatan 6, 113 29 Stockholm Visit venue at: http://www.7a.se/konferenseven...

      By Subway from T- Centralen: • Take the green line with train no.s: 17, 18 & 19 on the subway from Stockholm Central towards any of the following destinations: Odenplan, Alvik, Åkeshov, Råcksta, Vällingby and Hässelby Strand.

      • Get off at Odenplan - approx travel time 4 minutes.

      • From the Subway station it takes 2 minutes to the venue, 7A Odenplan. Use Google Maps and you will be there in no time. There is a subway going every 5 minutes.

      By Train from Central Station • Take the commuter train from Stockholm Central towards any of the following destinations: Märsta, Kungsängen, Uppsala and Arlanda Airport.

      • Get off at Odenplan station - approx travel time 4 minutes

      • From the underground it will take at least 3 minutes’ walk to get out of the station. Then approx. 2 minutes to the venue, 7A Odenplan. Use Google Maps and you will be there in no time.

      • The commuter trains go 4-6 times per hour.

      By car Address: Norrtullsgatan 6, 113 29 Stockholm, Sweden

      By taxi We recommend the following companies: Taxi Stockholm +46 88-15 00 00 Taxi Kurir + 46 88-30 00 00 Taxi 020 + 46 20-20 20 20

      Welcome to the 4th Edition of the IT Security Insights 2020. This year's edition will take place in the fall as opposed to the Spring time which is normally the period we run the conference. However, we are maintaining the same format and it will still be a 1- day event. The program comprises: top customer case-studies, a leadership panel debate and round table discussions and handful of product-oriented breakout sessions from leading cyber security vendors. Customer case studies will be presented in front of the whole audience whereas breakout sessions will be held in closed rooms. The delegates will be required to tailor their own agenda with respect to breakout sessions and select those sessions that are a good fit for their needs.

      The agenda covers a wide spectrum of IT Security topics and other major topics that are of great value to our IT Security Community in Sweden. The main themes of the event include: Vendor Risk Management, Cyber Security for Critical Infrastructures, The New Swedish Protective Security Act, Information Security Training Initiatives, IoT Security & Device Visibility Control, Penetration Testing, Cloud Requirements & Opportunities, TIBER EU Framework, Regulatory Developments for Data Protection and Privacy, Impact of Emerging Technologies on the Cyber Security landscape and Security & Compliance.

      With over 22 speakers confirmed to-date, 9 round tables sessions, 6 breakout sessions, a panel debate, 18 partners so far in the exhibition area and the closing cocktail reception, this year's conference offers a lot of networking and discussion opportunities you cannot afford to miss.

      Looking forward to seeing you in October.

      Yours sincerely,
      Robert Kitunzi,
      Event Project Manager