31 January 07:30 - 18:30 CETHotel Birger Jarl, Stockholm

Speakers

John Wallhoff
Event Chairman & Moderator

John Wallhoff (CISA, CISM, CISSP), Co-Founder and Board Member at B4 Investigate and formerly the  President of ISACA Sweden Chapter & independent advisor. He is an experienced expert in the field of IT-Governance, IT Service Management and Information Security. Over the past 25 years he has been working with a wide range of organisations in different industries/sectors.

Ralph Benton
CSO & CISO, Schibsted Media Group

Accomplished cybersecurity executive with over two decades of experience leading information and IT security transformation in major international organisations. Currently serves as Chief Security and Information Security Officer at the largest media company in the Nordics, previously held different CISO roles or similar at one of the largest and well known hospitals in Europe as well as in a world leading international engineering company. Instrumental in designing and implementing cybersecurity strategies and transformation programs that align with business goals and industry regulations

Jabu Mtsweni
Head of Information and Cyber Security Centre and Chief Researcher , CSIR

Dr Jabu Mtsweni is the Head of Information and Cyber Security Centre and Chief Researcher at the Council for Scientific and Industrial Research (CSIR), NRF-Rated Researcher (C2), and a Certified Cybersecurity Manager, Research Fellow at the Stellenbosch University, and Technical Leader of the National Policy Data Observatory.

Dr Jabu Mtsweni is an accomplished researcher and technology expert in the field of Computer Science, particularly in the areas of Cyber and Information Security. He holds a PhD degree in Computer Science from the University of South Africa.

He has published over 90 peer-reviewed conference and journal articles over the years in different forums focusing on ICT4development, socially relevant computing, information and cybersecurity, and data science. He regularly speaks as an invited speaker at local and international cybersecurity conferences. He has worked with both the public and private sector in large and complex ICT projects.

Reem Alsaaidi
Security Generalist, Ericsson

"Reem Alsaaidi is a Security Generalist with Business Area Cloud Software and Services Security Engineering, Ericsson. She is a security professional in Information Security and Product Security Awareness and Competence. In Ericsson, she is also a member of the AI for Develop core team and the Security Critical Skills core team. She has previously interned at the Cybersecurity Unit, RISE Research Institutes of Sweden. Her work on IoT security is published in the IEEE Xplores journal. She holds a master's degree in information security from the Department of Computer and Systems Sciences, Stockholm University, Stockholm, Sweden."

Brennan Lodge
Head of Analytic Engines Cybersecurity, HSBC

With over 15 years bridging the worlds of financial services and cybersecurity, Brennan Lodge, is the Head of Analytic Engines Cybersecurity at HSBC. Brennan has been at the forefront of tech-driven cybersecurity solutions combining AI for realistic defense tooling. Drawing from his affiliations at JP Morgan Chase, Goldman Sachs, BlockFi and HSBC, he advocates for the integration of advanced technologies into real-world cybersecurity defense scenarios. Now, with the PAWL Patrol Framework, Brennan presents a solution that integrates into this vision, offering businesses a tangible way to harness the power of AI for their cybersecurity needs in a rapidly changing digital landscape.

Shahid Raza
Director of Cybersecurity Unit at RISE

Professor Shahid Raza is the Director of the Cybersecurity Unit at RISE, where he has been working since 2008 and currently leading a team of highly qualified cybersecurity experts. Shahid is also a full professor of cybersecurity at Mälardalen University Sweden. Shahid has envisioned and founded RISE Cyber Range and the Swedish Cybersecurity Research and Innovation Node (cybernode.se) and leading these initiatives. He has also co-founded Cybercampus Sweden (cybercmapus.se). Shahid is an expert cybersecurity researcher; his scientific work is published in prestigious journals and conferences, which has received over 6200 citations. Shahid holds a Docentship, PhD and a Master of Science degree, all in cybersecurity. (http://shahidraza.net)

Benny Sundholm
CISO, Keolis Sverige AB

Benny is passionate about moving organizations forward in their development in various ways and levels. With his 20+ years in the IT industry, he has worked both globally and locally with IT-related topics to lift operations. In various roles, he has done everything from building up IT operations, infrastructures, writing IT strategies and handling internal and external suppliers in procurements. The last few years he has in roles as CIO worked a lot with business development between IT and operations, digitization mixed with tasks related to the data protection regulation (GDPR). He is the area manager in region Mitt for Forum for data protection and is a national internal auditor. He has an ability to explain and see how the digitized society changes in the form of changes buying behaviours, business models and changing preferences of customers - which made him a valued lecturer at, among others, Microsoft. Over the years as a manager and consultant, he has developed a good communicative, rhetorical and pedagogical skills to achieve the best results and presents and explains where and how we are going in both large and small projects. He currently serves as the CISO at Keolis Sverige AB.

Leila Bahri
Privacy IT Specialist, Scania Group

Leila is a Privacy Specialist at the central Data Protection Office at Scania CV AB. She has a computer science background with research work on topics related to privacy-preserving data analytics and security and privacy in the social web. 

Joachim Elevant
Security Specialist, Department of Cybersecurity, MSB

"Joachim works for the Swedish Civil Contingencies Agency as a security expert in cyber-physical systems with a focus on artificial intelligence and operational technology in the energy and healthcare sectors."

Christer Wejke
CISO, Pagero AB

Christer Wejke is the Chief Information Security Officer and Manager of Internal Services at Pagero. His previous titles include R&D Manager at Pagero, Project Manager at Volvo IT and Support Manager at IFS. Christer holds a Master of Science in Information Technology and Computer Science from Linköpings University.

Oliver Keizers
AVP EMEA Central, Semperis Inc.

Accomplished, innovative, and strategy-driven senior Sales Management and Business Development professional with over 30 years of pan-European experience in the IT industry developing, hunting and growing sales results. Track record identifying new business opportunities and developing profitable client, channel, and alliance relationships. Possess well-rounded skills across all facets of the sales and account management process.

Martin Bergling
Coordinator Cybernode, RISE

Christoffer Karsberg
Coordinator, NCC-SE/MSB

Christoffer Karsberg works as Coordinator for the Swedish National Coordination Centre for Cybersecurity Research and Innovation, NCC-SE, hosted by the Swedish Civil Contingencies Agency, MSB. Previously at MSB, Christoffer coordinated the NIS Directive rollout in Sweden. Christoffer also has a background from the cybersecurity consultancy sector, from the European Cybersecurity Agency ENISA and from the Swedish telecom regulator PTS, working with network and information security policy for the telecom sector.

Joel Cedersjö
Principal Sales Engineer, NTT Security Holdings

Per Gustavsson
CISO, Stratsys

Per Gustavsson is a seasoned cybersecurity expert with a wealth of experience in threat analysis, risk assessment, and incident response. With a strong foundation in engineering and a deep passion for strengthening cybersecurity resilience, Per has been instrumental in developing innovative solutions to fortify organizations against cyber threats. His forward-thinking approach and unwavering dedication to cybersecurity excellence make him a dynamic contributor to the industry's ongoing advancement.

Schedule

07:30

Registration & Morning Breakfast

08:15

Opening Remarks, John Wallhoff Event Chairman

John Wallhoff
Event Chairman & Moderator
08:30

Security challenges in the modern Media industry - strategic integration of physical and cyber security, Ralph Benton CSO & CISO, Schibsted Media Group

Key takeaways:

  • How can you work strategically to reduce security risks? 
  • In addition to the threats that all organizations face, source protection poses major challenges to media companies - what demands does it place on the organization and on the security products? 
  • How can organizations effectively collaborate and integrate their physical, personnel and cyber security strategies to protect against different types of security threats and what are the most common challenges in such integration?
Read more
Ralph Benton
CSO & CISO, Schibsted Media Group
09:00

The good and not so good of using generative AI for defending against evolving cybersecurity threats Jabu Mtsweni Head of Information and Cyber Security Centre, CSIR

Generative AI is a powerful new technology with the potential to both improve and degrade our cybersecurity posture. It can be used to generate synthetic data for training and testing cybersecurity systems, identify weaknesses in cybersecurity systems, and automate cybersecurity tasks. However, it can also be used to create new and more sophisticated cyberattacks, automate cyberattacks, and create deepfakes that could be used to spread misinformation and propaganda. In this presentation, we will share real-world uses cases on how generative AI and associated tools can be used by organisations of different form and shape to defend themselves against evolving cyber threats, but also for businesses to be aware of the shortfalls of such technologies when it comes to cyber defence.

Key takeaways:

  • How can generative AI be used to defend against evolving cybersecurity threats?
  • What are some examples of generative AI-powered cybersecurity solutions?
  • What are the potential risks and concerns of using generative AI for cybersecurity?
    Read more
    Jabu Mtsweni
    Head of Information and Cyber Security Centre and Chief Researcher , CSIR
    09:30

    Who has your back when navigating a cybersecurity incident? Joel Cedersjö Principal Sales Engineer, NTT Security Holdings

    It is estimated globally that a business fall victim to ransomware every 40 seconds on average, and surveys show that IT-staff and managers feel increasingly alone in their struggle to prevent that from affecting their organization. With a cybersecurity market filled with over 11 000 products and solutions according to recent estimations, it is not surprising that we feel increasingly overwhelmed. In this presentation we will discuss what we have seen working on the frontlines supporting organizations during critical incidents, what security strategies work best, how can organizations best prepare for the worst, and what does it truly mean to be incident ready?

    Read more
    Joel Cedersjö
    Principal Sales Engineer, NTT Security Holdings
    10:00

    Networking Coffee Break & Visiting The Expo Area

    10:25

    The resilience people of security, Reem Alsaaidi Security Generalist, Ericsson

    The cybersecurity workforce gap has increased, and the shortage is predicted to be a growing problem well into 2025. Companies need to search for strategies to build effective cybersecurity teams as well as to retain employees and help them to grow. Attracting a diverse workforce and providing learning plans and more upskilling opportunities are some of these strategies. By doing so, a positive culture and mindset are promoted, which supports business continuity and strengthens cyber defences. 

    Key takeaways:

    • Is there a shortage of cyber security professionals, why?
    • Succeeding with a diverse security workforce
    • Security is a critical skill for all workforce, to ensure our workforce, culture, and ways of working enable a secured delivery of products and services to the customers, and for protecting the company assets.
    • The security skill learning plans should be continuously evolving, and more upskilling opportunities should be added over time. Different skill levels and different formats of training.

    Read more
    Reem Alsaaidi
    Security Generalist, Ericsson
    10:55

    The Road Ahead: Self-Building Gen AI & RAG Solution for Cybersecurity Defense, Brennan Lodge Head of Analytic Engines Cybersecurity, HSBC

    The Purposeful Advisory Wrangling using LLMs, or PAWL Patrol Framework, is a self-buildable solution for businesses to integrate Gen AI and Retrieval Augmented Generation in their cybersecurity defenses. This session offers an introduction to Gen AI for cybersecurity defense, highlighting its practical applications through diverse use cases.

    Key takeawys:

    • What are the technical intricacies behind integrating Large Language Models into cybersecurity tools?
    • How can businesses tap into a Slack API for integration to transform daily communications into threat monitoring channels with Gen AI?
    • How does this Gen AI framework provide dynamic advisories on emerging threats, especially considering geopolitical situations?
    • How does integrating a company's policy library streamline the intricate compliance landscape, ensuring adherence to evolving regulations?
    • What strategies does Retrieval Augmented Generation employ to discern email authenticity, reducing the impact of sophisticated phishing campaigns?
    • How does can developers identify insecure code with PAWL Patrol to elevate code security and foster proactive defense strategies?
    Read more
    Brennan Lodge
    Head of Analytic Engines Cybersecurity, HSBC
    11:25

    IT Security Insights 2024 Morning Breakout Sessions

    Breakout sessions give you an opportunity to be updated on are variety of technology solutions that will be showcased during the conference. Join 1 of the 3 morning sessions of your own choice ready with pertinent questions on the topic to be discussed. Breakout sessions last for 30 Minutes and are open to all participants.

    Read more

    Breakout Session (Reserved)

    "Hackers don't break in, they log in" Oliver Keizers AVP EMEA Central, Semperis Inc.

    Key takeaways:

    • Are You Prepared for the True AD Disaster? 
    • Why protecting Identities is so Important. 
    • Disaster Recovery success relies on meticulous planning, especially for crucial components like Microsoft AD. Identify triggering events, accelerate with strategic planning, and enhance with backups and communication protocols. 
    • Regular testing and adaptability ensure a resilient IT system
    Read more
    Oliver Keizers
    AVP EMEA Central, Semperis Inc.

    Thales Group's Breakout Session: Topic TBC

    11:55

    Networking Lunch & Visiting The Expo Area

    13:30

    IT Security Insights Round Table Discussions

    Round Table Discussions are designed to give event participants an opportunity to exchange ideas and experiences on some of the hot topics in the security market place in a more intimate setting. The discussions will last for 45 minutes after which the delegates with swap tables to a new table of their own choice for further discussions lasting another 45 minutes. Discussions are open to all participants at the conference.

    Read more

    Practical Threat Modelling

    The good and not so good of using generative AI for defending against evolving cybersecurity threats, Jabu Mtsweni Head of Information and Cyber Security Centre, CSIR

    Jabu Mtsweni
    Head of Information and Cyber Security Centre and Chief Researcher , CSIR

    Privacy-by-design, bringing theory to practice: Leila Bahri Privacy IT Specialist, Scania Group

    Privacy-by-design, one of the principles of the EU GDPR, is a concept for embedding privacy and data protection into products from the design phase rather than retroactively. It is meant to be a proactive measure to risk management where privacy related risks, both to data subjects and to companies, are anticipated beforehand and prevention mechanisms are built-in from the beginning. Privacy-by-Design is often talked about in terms of what it is rather than how it could be implemented and this makes it challenging to companies to adopt. In this session, we will be discussing privacy-by-design from a practical perspective and we will be sharing some of our experiences in building privacy in our products and processes from the ground-up.

    Key Takeaways:

    • What challenges are there with implementing privacy-by-design?
    • Should privacy-by-design be an end goal or a way of living/working?
    • What tools or mechanisms could be utilized to achieve privacy-by-design?
    Read more
    Leila Bahri
    Privacy IT Specialist, Scania Group

    PSD3 EU Directive

    Exploring the ammendments of the EU payments framework

    Read more

    Operational Technology (OT): Joachim Elevant Security Specialist Department of Cybersecurity, MSB

    Key takeaways:

    "What role does artificial intelligence play in industrial cyber security (OT)? In this roundtable discussion, we delve into the topics of AI-enabled defense mechanisms, attack tools and vectors, AI regulatory support and challanges, and how government agencies can best help."

      Read more
      Joachim Elevant
      Security Specialist, Department of Cybersecurity, MSB

      Security Operations Center(SOC), Benny Sundholm Keolis Sverige AB

      Key takeaways:

      • Automation in SOC
      • Integrity
      • Sustainability Social
      Read more
      Benny Sundholm
      CISO, Keolis Sverige AB

      EU AI Act

      How can we increase cybersecurity innovation in Sweden? Christoffer Karsberg (MSB) & Martin Bergling (RISE)

      The digitization of society continues at a rapid pace, but security issuesoften end up in the shadows. The gap between new functionality andsecurity is widening, creating major risks. At the same time, Sweden isin second place in the world in terms of innovativeness. How can we usethis innovative ability to create a more secure Sweden?

      Read more
      Martin Bergling
      Coordinator Cybernode, RISE
      Christoffer Karsberg
      Coordinator, NCC-SE/MSB
      14:50

      Afternoon Networking Coffee Break

      15:05

      IT Security Insights 2024 Afternoon Breakout Sessions

      Checkmarx's Breakout Session: Topic TBC

      Application Security Best Practices

      Hybrid Cloud Solutions & Cloud Security

      15:35

      IoT: From Cybersecurity Research to Certification, Shahid Raza Director of Cybersecurity Unit at RISE

      Traditional methods for one-off and manual certification are not scalable to millions of heterogeneous IoT devices. This is particularly important when regular software updates are necessary, which may break the certificate seal. It is therefore inevitable that automated, lightweight, and cost-effective initial- and re- certification techniques should be available for modern IoT devices. This talk will present such an automated re-certification solution for IoT and its integration with state-of-the-art standardized security solutions for IoT devices.

      Key takeaways:

      • What is the current state of IoT security?
      • How can we be able to update billions of IoT and at the same time keeping them certified?
      Read more
      Shahid Raza
      Director of Cybersecurity Unit at RISE
      16:05

      Closing Keynote TBA

      16:35

      Panel Discussion: ”AI our future or our death” - Resilience in the age of generative AI

      Brennan Lodge
      Head of Analytic Engines Cybersecurity, HSBC
      John Wallhoff
      Event Chairman & Moderator
      Christer Wejke
      CISO, Pagero AB
      Per Gustavsson
      CISO, Stratsys
      17:20

      Chairman's Closing Remarks

      17:30

      Networking Cocktail Reception Starts

      Introduction

      Welcome to the 8th Edition of the IT Security Insights Conference that will bring together the key stakeholders in the cyber security marketplace in Sweden. The event format will be a hybrid one where you will be able to follow the event programme either online or join us in person at the designated venue, Hotel Birger Jarl in Stockholm.

      We have a well planned programme where you get to meet and interact with leading IT Security experts from some of the largest organisations in the Nordic region. The event is a must attend for everyone working with Information Security, Cybersecurity, GRC, Data Protection, AI, ML, Zero Trust and DevOps to mention but a few. 

      With over 30 speakers presenting, keynotes, practical case-studies and workshops on different stages, you are almost guaranteed to pick a thing or two that you can apply in your organisations after the conference. 

      The conference will for the most part address how we are leveraging AI as a defence mechanism in today's digital world. Besides, we shall endeavour to discuss the impact of the ongoing Ukraine-Russian war on businesses in the EU and beyond from both the security and the geo-political side of things. 

      We shall also delve into the current status of EU-US data protection regulations, the proposed AI Act and the recently adopted EU-U.S. Data Privacy Framework whose main goal is to achieve a high level of protection of personal data within the EU member states. We explore efforts being made to attract new talent in the cybersecurity profession to meet the ever increasing demand of cybersecurity experts on the security job market. For instance, we will take a look at the current information security awareness training initiatives of our own workforce. What is common practice since the COVID pandemic between working remotely full time or part time? And what have been the security implications of the remote working phenomenon today?

      We have also invited distinguished guest speakers to talk about the following topics: Risk Management and Control, SOC, IoT, Privacy- by-Design, Threat Modelling, Network Security and Hybrid Cloud Solutions.

      The conference will attract over 20 partners offering a variety of innovative tools and solutions in the Expo area. So, join us to network with your peers and leading cybersecurity vendors that will be exhibiting at the conference. 

      Last but not least, online participants will through the Agorify App be able to browse through the event schedule, build their own agenda, view live presentations, ask questions, connect with fellow online attendees, share contacts and even schedule meetings on the Agorify event platform.

      Hope to see many of you as we celebrate the 8th edition of our event!

      Sincerely,

      Robert Kitunzi

      Event Project Manager

      NOTE: This is a preliminary schedule since more speakers and sponsors are being updated along the way.


      Hotel Birger Jarl

      Hotel Birger Jarl is probably Stockholm city’s most personal business and conference hotel. Step into the welcoming lobby and be greeted with timeless Scandinavian design that is colourful, light, open, and airy. The hotel offers modern conference facilities for up to 550 persons, featuring plenty of rooms for inspiring meetings as well as pleasant relaxation. Staying at the hotel guarantees you a warm welcome with personal care, comfortable beds, and delicious meals. Hotel Birger Jarl is named after the founder of Stockholm, and our feet are firmly planted in our national heritage. When you visit the hotel, you will notice at once that there is combination of these traditions with innovative thinking and considerate service, as well as the best that contemporary design has to offer. This central hotel showcases 271 rooms and among them you find a unique design of rooms decorated by well-known Swedish interior architects and designers.

      Address: Birger Jarlsgatan 61A, 113 56 Stockholm, Sweden.

      Venue website: http://www.birgerjarl.se/en/in...

      Directions

      By Subway from T- Centralen:
      • Take the green line with train no.s: 17, 18 & 19 on the subway from Stockholm Centraltowards any of the following destinations: Odenplan, Alvik, Åkeshov, Råcksta, Vällingbyand Hässelby Strand.
      • Get off at Rådsmangatan and exit towards the side heading to Sveavägen (checkout attached photo) - approx travel time 3 minutes.
      • From the Subway station it takes 3 minutes to the venue, Hotel Birger Jarl.

      *Use Google Maps and you will be there in no time. There is a subway going every 5 minutes.

      By car
      Birger Jarlsgatan 61A,113 56 Stockholm, Sweden.

      By taxi
      We recommend the following companies:
      Taxi Stockholm +46 8-15 00 00
      Taxi Kurir + 46 8-30 00 00
      Taxi 020 + 46 20-20 20 20

      Organized by