12 February 2025 07:30-18:307A Odenplan, Stockholm

2025 Speakers

Ulf Berglund
Event Chairman & Moderator

Anders Jonsson
Senior Advisor Cyber Security, NIS2 & GDPR Expert ENISA

Martin Bergling
Coordinator Cybernode, RISE

Niclas Kjellin
CTO/Cybersecurity Officer, Shift Everywhere

Fredrix Blix
Associate Professor, Stockholm University

Björn Persson
Senior Lawyer Advokatfirman Singularitylaw AB

Ronja Alhberg
Director Cyber Defence, The Swedish Security & Defence Industry Association (SOFF)

Michael Popoff
Senior Scientist, RISE

Nathaly Bodell
Cyber Security Solution Architect, PostNord Stråfors

John Wallhoff
Co-Founder, B4 Investigate

2025 Schedule

07:30

Registration Opens

08:15

Chairman's Opening Remarks: Ulf Berglund, Event Moderator

Event Chairman & Moderator
08:30

Implications of NIS2, CER, CSA/CRA Regulatory Frameworks - Anders Jonsson Senior advisor & Cyber security expert , ENISA

Regulations (NIS2, CER, CSA) will have major impact on the IT-security market and shall enforce quality and resilience of products, services and processes at essential and important entities across EU.

Key takeaways:

  • How will the impact of NIS2/CER directives be on the Swedish market?
  • How can you manage the challenge to secure your supply chain?
  • Why is security certification schemes (CSA/CRA) central in the EU strategy?
  • How will the certifications schemes work with AI Act?
    Read more
    Senior Advisor Cyber Security, NIS2 & GDPR Expert ENISA
    09:00

    Better Risk Management with Quantitative Risk Analysis: Martin Bergling, Cybernode Coordinator, RISE

    Qualitative risk analysis has gained a strong foothold in the IT industry. We need to change this, and - like many other industries - use quantitative methods instead. This lecture presents a simple way to test the quantitative methodology, using Monte Carlo simulation in Excel. The demo shown is based on Douglas Hubbard's book "How to measure anything in cybersecurity risk". 

    • Problems with qualitative risk analysis 
    • A better method based on qualitative risk analysis
    • Demo with Excel
    Read more
    Coordinator Cybernode, RISE
    09:45

    Aligning IT and legal strategies, Björn Persson Senior Lawyer Advokatfirman Singularitylaw AB

    The presentation will focus on the IT and legal challenges the coming 3-5 years and what you can do to align your work. We will look into the IT-topics of AI, zero trust, biometric identification, next generation cloud/homomorphic encryption and how they interact with sourcing, privacy/secrecy, freedom of expression, IPR, cybersecurity accountability and cyber insurance. 

    Key takeaways:

    • Björn will also share some tips on how you can get IT and legal to cooperate with less friction
    Read more
    Senior Lawyer Advokatfirman Singularitylaw AB
    10:15

    Networking Coffee Break & Visiting The Expo Area

    10:30

    IT Security Insights 2025 Breakout Sessions

    Breaking the Next Factor - Evil will own you LIVE DEMO, Niclas Kjellin CTO/Cybersecurity Officer, Shift Everywhere

    For a long time, you have been told that multi-factor authentication (MFA) is the solution to any authentication-related security issue. It is the go-to remedy for unauthorized access. It provides a robust additional layer of security beyond mere passwords, or so they say. More than a million MFA bypass attacks happen monthly, yet professionals believe MFA is the solution for a good night's sleep.

    Key Takeaways:

    The presentation will delve into the intricacies of malicious actors' modern techniques to circumvent MFA safeguards and pwn (takeover) your accounts... live. Attendees will witness firsthand the seamless takeover of MFA-protected accounts, showcasing the efficiency of advanced attack vectors. Interestingly, as always, it comes down to familiarity, trust, and the exploitation of human psychology

    The presentation highlights the real security issues and provide an understanding of the evolving threat landscape of MFA. Attendees will learn that the real enemy is human susceptibility and the crucial coexistence of technology and awareness in defending against the evil that  tries to own us.

    Read more
    CTO/Cybersecurity Officer, Shift Everywhere

    Leading the Charge: Building Teams That Don’t Wait for Threats to Strike: Nathaly Bodell Cybersecurity Solutions Architect, PostNord Stråfors

    In the ever-evolving landscape of cybersecurity, success isn’t just about technical skills—it’s about building teams that can anticipate threats and act with precision. This keynote will explore the critical shift from reactive to proactive defense strategies, focusing on the importance of high-performing teams. Drawing on real-world insights from building and leading top-tier SOC, CSIRT, and CERT teams, this session will reveal the key principles behind cultivating resilient, agile, and forward-thinking cybersecurity units. With a focus on leadership and team empowerment, discover how to create a culture of trust, accountability, and open communication—elements that drive performance and resilience in the face of constant cyber threats. This keynote will provide actionable insights for leaders aiming to foster collaboration, agility, and effectiveness within their teams.

    Key Takeaways:

    Practical strategies for shifting your cybersecurity team from a reactive to a proactive stance.The role of trust, communication, and accountability in building resilient cybersecurity teams.Leadership approaches that foster a proactive cybersecurity culture focused on threat anticipation.

    Read more
    Cyber Security Solution Architect, PostNord Stråfors

    Post-quantum resilience: living in a post-quantum world: Michael Popoff Senior Scientist, RISE

    Quantum computers have the potential to break widely used public-key cryptosystems, such as RSA and elliptic-curve cryptography, which are a part of our current communication infrastructure. Post-quantum resilience is a field to address these vulnerabilities to ensure the long-term security of our data and communications.

    • What is cryptography and what its role in current secure communication?
    • What is vulnerable to an attack from a quantum computer and why?
    • What is a quantum computer and how it can make our data vulnerable?
    • What can we do to protect our digital assets long term?
    Read more
    Senior Scientist, RISE

    PCI DSS Compliance (PCI DSS version 4.0)

    Practical Case Studies for IT/OT

    10:55

    Cybersecurity Skills Shortage Ronja Alhberg, Director Cyberdefense SOFF

    11:20

    DORA: Fredrix Blix, Associate Professor Stockholm University

    Associate Professor, Stockholm University
    11:45

    IT Security Insights 2025 Breakout Sessions TBA

    Best practices of application security: How to secure your applications

    Bug Bounty Programs

    Active directory security best practices

    Critical Infranstructure: Best practices for improving critical infrastructure security

    12:10

    Networking Lunch & Visiting The Expo Area

    13:10

    IT Security Insights 2025 Round Table Sessions

    Join our round table discussions that are designed to give event participants an opportunity to be heard. Each attendee gets to exchange ideas and experiences on some of the hot topics in the security market place in a more relaxed atmosphere. Each table is limited to 10 delegates and the duration is 40 minutes per rotation. Delegates will be swapping tables every 40th minute. A total of 10 round tables will be available to choose from. Below is a list round table sessions confirmed to-date.

    Read more

    NIS2

    Senior Advisor Cyber Security, NIS2 & GDPR Expert ENISA

    Better Risk Management with Quantitative Risk Analysis

    Coordinator Cybernode, RISE

    Breaking the Next Factor

    CTO/Cybersecurity Officer, Shift Everywhere

    DORA

    Associate Professor, Stockholm University

    Aligning IT and legal strategies, Björn Persson Senior Lawyer Advokatfirman Singularitylaw AB

    Senior Lawyer Advokatfirman Singularitylaw AB

    Bridging the Gap between Top Management and the Board of Directors, John Wallhoff Co-Founder B4Investigate

    Key takeaways:

    Exploring how to foster a deeper understanding of cybersecurity risks and investments at the executive level

    Read more
    Co-Founder, B4 Investigate
    14:30

    Short Coffee Break & Visiting the Expo Area

    14:45

    Vendor led Elevator Pitches

    15:00

    Co-Host Partner Keynote TBA

    15:25

    Partner Keynote TBA

    15:50

    Partner Keynote TBA

    16:15

    Closing Keynote

    16:40

    Chairman's Closing Remarks

    Event Chairman & Moderator
    16:50

    Evening Networking Reception Starts

    Welcome To IT Security Insights 2025

    Welcome to the 9th Edition of the IT Security Insights Conference! A premier event that gathers key stakeholders in the cybersecurity space:IT security practitioners, technology providers, regulators, and academics, to tackle the latest trends and challenges in the ever-evolving world of cybersecurity, particularly within leading Nordic organisations.

    Key topics for this edition will include:  Quantitative Risk Analysis, SOC, ISO Certification, PCI DSS, NIS2, Cyber resilience Act (CRA), Supply Chain Attacks, OT, Cloud Security, Cyber Insurance, Data Privacy and Data Protection, critical infrastructure cybersecurity, Bug Bounty Programs, Human Risk Management and Application Security

    With 30+ Nordic and international speakers spread across the programme as keynote presenters, workshop and round table moderators, this year's edition promises to deliver invaluable learning opportunities and foster connections that will help you stay ahead of today’s cybersecurity challenges..

    In addition, the exhibition will feature 25+ exhibitors showcasing a wide ranges of tools and solutions. So, we encourage you to pay a visit to the Expo area and make connections that may probably last forever.

    The conference ends with an exclusive networking reception, which again offers you a perfect opportunity to build meaningful relationships with like-minded peers.

    Stay tuned for updates on speakers and content as the event progresses!

    Sincerely,

    Robert Kitunzi

    Event Project Manager

    Organized by

    7A ODENPLAN

    7A Odenplan is an accessible and modern venue occupying a floor plan of 2000 sqm with a large courtyard. It offers flexible rooms, good food and a roof terrace that overlooks Odengatan with a fantastic panoramic view of the city of Stockholm.7A Odenplan has a perfect city location with subway, commuter train and most city buses a few steps from the entrance. those who intend to drive a car, there is a parking garage in the house below with direct access up to the meeting room.

    Warm welcome!

    Address: Odengatan 65, 113 29 Stockholm

    Visit venue at: https://www.7a.se/odenplan

    By subway from T- Centralen:

    • Take the green line with train no.s: 17, 18 & 19 on the subway from Stockholm Central towards any of the following destinations: Odenplan, Alvik, Åkeshov, Råcksta, Vällingby and Hässelby Strand.

    • Get off at Odenplan - approx travel time 4 minutes.

    • From the Subway station it takes 2 minutes to the venue, 7A Odenplan. Use Google Maps and you will be there in no time. There is a subway going every 5 minutes.By Train from Central Station

    • Take the commuter train from Stockholm Central towards any of the following destinations: Märsta, Kungsängen, Uppsala and Arlanda Airport.

    • Get off at Odenplan station - approx travel time 4 minutes

    • From the underground it will take at least 3 minutes’ walk to get out of the station. Then approx. 2 minutes to the venue, 7A Odenplan. Use Google Maps and you will be there in no time.

    • The commuter trains go 4-6 times per hour.

    By car 

     Address: Odengatan 65, 113 29 Stockholm

    By taxi

    We recommend the following companies:

    Taxi Stockholm +46 8-15 00 00

    Taxi Kurir + 46 8-30 00 00

    Taxi 020 + 46 20-20 20 20