Agenda
23rd May 2024
THE BEST 2023 Aftermovie - Nordic IT Security
Take your place in THE BEST 2024 Cybersecurity conference and help us to create a unique opportunity for Partners, Delegates and Speakers to connect with the cybersecurity industry and share knowledge.
-
Main Room
08:00
The Chairman's address & 1 to 1 Meetings
09:00
LIVE hacking
David Jacoby
Ethical Hacker
10:10
Workshop: Cybersecurity issues and room to manoeuvre in implementing cyber security strategy in the coming years.
- Ever Evolving Cybersecurity threats
- What has been implemented and the results
- Strategies which are feasible and can show actual results by collaborating in the coming years
13:00 - 17:00
Nordic IT Security HACKATHON 2024
18:00
Annual C level raffle!
09:35
Cybersecurity awareness for the boards!
We have a lot of challenges when it comes to cybersecurity, however the biggest challenge for the CISOs is Cybersecurity awareness for the boards and this challenge is on the top of their agenda.
- How to sell the idea of cybersecurity awareness to the boards?
- How do you speak their language?
- What has been the outcome of an unsuccessful sale to the management and what can be done to achieve their understanding?
10:00
Cyber Risk Quantification. Knowing the unknown territory.
-
Read our article about Cyber Risk Quantification
Measuring cyber risk is the primary framework for any organisation that wants to have control over it, and specially the fintech organisations. Every organisation can fall victim to various cyber attacks like DDoS, ransomware, phishing etc. It is vital for a security risk manager to quantify the risk of the organisation. Hence, we will find out different perspectives of experts from different industries.
- Cyber risk quantification model
- How to measure cybersecurity risk in anything?
- What could be the best CRQ model?
10:35
Ransomware threat may NEVER go.
Ransomware might have receded from the headlines, however it is still causing headaches to many organisations. Out of many organisations, only a few could recover data without paying a ransom. Even worse, many organisations who paid ransom still could not recover their data. How to prevent this cyber disaster?
- Importance of ransomware threat analysis.
- Powerful AI detection tools that can help prevent ransomware
- Will best practice sharing reduce ransomware incidents? What will encourage organisations to share their stories and experience for the greater good?
10:55
Coffee Break & 1 to 1 Meetings
11:15
Going under the radar with MFA.
When nothing can actually stop cyber attacks, we have to go with a solution that fits us the best in order to avoid spotlight from the hackers. MFA could be complicated for the users hence there is a lot of resistance. MFA is not un-hackable however it certainly makes it much harder for the attackers to gain access, and as a result they go for easier targets.
- Education for overcoming user resistance
- Security gaps
- Integration issues
11:40
AI, a blessing in disguise or real curse?
Introducing AI in the world of cybersecurity made it even more fast-burgeoning and people are struggling to cope. There is a rise of adversarial AI tools which comes with both challenges and opportunities. On the other hand generative AI threats.
- What does the future look like with Generative AI?
- Rise of adversarial AI and ML. How to withstand adversarial AI & ML?
- How do we shape the future with AI?
12:15
Implementation of Zero Trust mindset!
There have been a lot of discussions and lectures about pros and cons of zero trust solutions, however the main challenge is the mindset of the users. It is far more important to educate people about adoption of the zero trust mindset than just simply implementing zero trust solutions. Success is highly dependent on the translation to business value
- The future of Zero trust with advanced technology, AI
- What does always verify and never trust mean?
- Zero trust concept in cybersecurity space.
12:35
Lunch Break & 1 to 1 Meetings
13:25
Phishing in your own pond!
There have been a lot of discussions and lectures about pros and cons of zero trust solutions, however the main challenge is the mindset of the users. It is far more important to educate people about adoption of the zero trust mindset than just simply implementing zero trust solutions. Success is highly dependent on the translation to business value
- Rise of phishing attacks with advanced technologies.
- How to run advanced awareness programmes for the users?
- How to stay ahead of the threats?
13:50
Talk of the town, NIS2. Either you are compliant or you pay the bill.
We all know thatNIS2 is coming soon. However it is absolutely indispensable to discuss the NIS2 directives and understand different viewpoints of the industry experts.
- Will you be ready? How to comply?
- What do you think about the stricter security requirements, reporting obligations and enforcement requirements?
- Let’s talk about NIS2 challenges and implementation.
14:25
While technology is taking us to cloud number 9, so is the danger associated with it.
Majority of the organisations from different industries have adopted cloud computing to make their life easier and to rejoice this blessing of technology. This adoption is not fearfree, in fact it brings a lot of headaches as organisations cannot ensure protecting their cloud environments from top security threats. It comes with a lot of challenges like lack of visibility and control over their cloud based infrastructure, unauthorised access, external data sharing etc.
- Cloud security threats 2024 and beyond
- Regulatory compliance, is it helping the cloud or not?
- How to protect the cloud?
14:50
The pressure is real. Reskilling and/or upskilling is paramount to reduce the skills gap.
The cybersecurity industry is lacking over 300,000 experts in Europe, it will take more than 3 years to recruit people and train them adequately. It is becoming more and more challenging for organisations, regardless of industry or sector, to safeguard their assets from threats due to under-staffed security teams and those lacking senior-level cybersecurity professionals.
- What is your strategy to overcome the skills shortage?
- How do you propose to balance your existing work and to train new people to make them experts?
- What will be the consequences of the cybersecurity workforce shortage in your organisation?
Dan Cimpean
Director, Romanian National Cyber Security Directorate
15:20
Coffee Break & 1 to 1 Meetings
15:50
"In knowing nothing, life is most delightful" well in this case life is insider threatful.
Being oblivious can cause irreversible damages to an organisation. Everyone within an organisation needs to understand the gravity of this issue and act accordingly. We all know that the majority of the incidents that take place are due to human error, hence education is the key to success.
- Defining insider threats
- Know your territory in order to be prepared
- Mitigation tactics
Sunette Runhaar
Head of Global Insider Threat Program, Uber
16:25
Mobile threat landscape 2024.
We are in the modern age of digitised society, hence dependency on mobile has reached an unrivalled level. Mobile threat is not going anywhere, therefore we are in a dire need to understand the mobile threat landscape of the near future.
- Mobile phishing is on the rise, what are the ample required steps?
- Mobile malware- A smart way of gaining access to employees’ devices.
- Raising user awareness.
16:50
Technology itself is insufficient, humans are the real asset.
Although we have great cybersecurity solutions in place in order to fight cybercrime and to defend our organisation from cyber attacks, it is not sufficient if human firewalls are not in place. To be able to ensure your security, it is absolutely necessary to include a human firewall in your security strategy.
- Importance of human firewall
- What is the last resort when it comes to cybersecurity?
- Using human firewalls in your cybersecurity.
- How layers of security start and end with people?
09:35
Deepfake for identity fraud and misinformation - AI creates fake videos and audios
Are you aware of the rising threat of misinformation and identity fraud? Deepfake utilises cutting-edge artificial intelligence technology to create incredibly realistic forged content. By seamlessly swapping one person for another in existing source material or generating entirely original content.You need to know how to identify fraudulent ID documents and protect your clients' accounts from unauthorised access.
By identifying manipulated multimedia content, you'll help prevent reputational damage caused by spreading false information or becoming an unwitting party in identity theft.
Don't let cybercriminals outsmart us. Join this session to learn more about how to enhance your ability to recognize misinformation campaigns, identify fake identities, and protect valuable personal information. Take action now – together we can secure a safer future!
10:00
Shadow IT - By 2027, 75% of employees will acquire or create technology outside IT’s visibility.
Shadow IT can include: IaaS, PaaS, and SaaS cloud services, Endpoints like computers and phones, APIs, Servers and networks, Unsanctioned OOTB products, Chrome plugins, Platform-level apps.
Did you know that by 2027, a staggering 75% of employees will acquire or create technology outside the visibility of their organisations IT departments? This means an increasing number of potential vulnerabilities and security breaches.
Attending our comprehensive Shadow IT panel, you'll gain valuable insights into new trends and opinions related to combating shadow IT.
Don't miss out on this opportunity to hear from experts. Together we can ensure organisations are equipped with effective strategies to safeguard against unauthorised technology usage.
10:35
Misconfigurations, inadequate access controls, and vulnerabilities in cloud infrastructure
Are you tired of dealing with misconfigurations in cloud infrastructure? Introducing the Innovator Keynote session!
Gain unparalleled insights from industry leaders who have revolutionised cloud security. Discover cutting-edge strategies and innovative solutions that will empower you to tackle challenges head-on.
Join the Innovator Keynote session and take control of your cloud security journey. Together, we can build a safer digital landscape.
10:55
Coffee Break & 1 to 1 Meetings
11:15
Resilience as a fundamental business driver
Do you think of the disruptive impact cybersecurity incidents can have on business continuity? Don't let your organisation be caught off guard.
Our Innovator Keynote session is here to provide you with the knowledge and tools needed to build cyber resilience in your organisation. We understand that successful cyberattacks can disrupt operations and supply chains, leading to significant financial losses.
Having the ability to quickly recover from these incidents helps minimise disruption in your organisation. With our Innovator Keynote session you'll learn how to strengthen your defences and respond effectively when faced with threats.
11:40
Cybersecurity Leadership Shake-Up: What's Pushing CISOs to Change Jobs at an Alarming Rate?
Are you ready for a cyber-shakeup? The fast-paced world of cybersecurity is witnessing an unprecedented wave of leadership changes, leaving industry experts and professionals alike scratching their heads. With top-tier CISOs jumping ship at an alarming rate, it's time to dive into the heart of this enigma - what factors are pushing these cybersecurity leaders towards new horizons?
Why will, by 2025, nearly half of cybersecurity leaders change jobs?
Join us on this thrilling exploration as we unravel the mysteries behind the great Cybersecurity Leadership Shake-Up and uncover why loyalty seems to be fading faster than ever before in this high-stakes game of digital defence.
12:15
Mobile Device Exploitation
Mobile devices have become an integral part of our lives, making them attractive targets for cyber criminals. In the next year, we can expect an increase in mobile-specific threats, including mobile malware, banking trojans, and phishing attacks targeting mobile users. As mobile devices store a wealth of personal and financial information, their compromise can lead to identity theft, financial fraud, and unauthorised access to sensitive data.
Our session will teach you how to detect vulnerabilities, identify potential threats, and proactively safeguard your valuable information.
Join us for a session where industry-leading experts will share invaluable insights into emerging risks and cutting-edge defence strategies.
12:35
Lunch Break & 1 to 1 Meetings
13:25
Supply chain attacks - Insertion of malicious code or malware into legitimate software packages
Introducing our exclusive session on Supply Chain Attacks, designed specifically for professionals like you. Dive into the intricate world of software supply chain vulnerabilities and learn how to safeguard your organisation against these malicious threats.
Discover solutions to identify potential vulnerabilities within your supply chain and fortify your defences against attacks that can compromise critical systems and sensitive data.
Join us for this transformative session and arm yourself with expertise that will make a significant difference in safeguarding your digital assets.
13:50
IoT standardisation
Are you concerned about the potential risks and vulnerabilities associated with the rapid growth of Internet of Things (IoT) devices?
The only right way to overcome interoperability, security, and scalability issues in the rapidly growing world of the Internet of Things is - standardisation.
By developing and implementing common guidelines, protocols, and frameworks for IoT devices, networks, and applications, we can pave the way for seamless integration and enhanced security in this dynamic industry.
We need to say goodbye to compatibility issues and hello to a secure and scalable IoT ecosystem that inspires confidence among users!
Take charge by embracing standardisation. Together we can unlock endless possibilities while safeguarding against vulnerabilities.
14:25
Ransomware evolves into triple extortion
Are you prepared for the next wave of ransomware attacks? Introducing a groundbreaking session that will delve into the sinister evolution of triple extortion.
Picture this scenario: Threat actors infiltrate a victim's system, infecting it with ransomware. But that's just the beginning - they don't stop there. These cybercriminals take things to a whole new level by exfiltrating sensitive data before encrypting it and locking victims out of their own systems. And finally, attackers threaten the victim's associates, who can be impacted by data exposure, with a data leak to extract money.
Now imagine being equipped with the knowledge and strategies needed to combat this dangerous evolution of ransomware.. You'll learn how to protect your organisation from falling victim to such malevolent acts and safeguard your valuable data.
14:50
Application security segment to grow
Introducing our exclusive Conference Panel on Application Security, where industry leaders and top-notch experts will shed light on the dynamically growing segment. Discover the latest strategies, technologies, and trends that will empower you to safeguard applications and software from relentless security threats.
This is your chance to hear from and discuss with like-minded professionals, gain invaluable insights, and discover cutting-edge strategies.
Don't miss out on the opportunity to be part of this transformative panel, where innovative ideas collide and expertise thrives.
15:20
Coffee Break & 1 to 1 Meetings
15:50
Defend against MFA bombing, EDR evading and SEO poisoning
Are you tired of constantly playing cat and mouse with cyber criminals? Stay ahead of their cunning tactics by attending this session.
Learn how to protect your users and eliminate weak links in your MFA system and maintain complete control over account authentication.
EDR tools often fail to detect polymorphic malware. This session will give you insight on protection across all key assets within your EDR protected ecosystem.
Worried about falling victim to SEO poisoning? Detect fraudulent websites mimicking yours before they cause damage or tarnish your brand reputation.
Arm yourself with the knowledge and safeguard your organisation against unscrupulous individuals who are constantly on the prowl for vulnerabilities.
16:15
Growth of endpoint security segment due to increased BYOD trend
You should be concerned about the escalating risks associated with the growing Bring Your Own Device trend.
This has opened the way for unprecedented cyber threats.There is advanced technology designed to identify and prevent potential cyber threats across all devices, ensuring maximum protection for your organisation's valuable data. By integrating such a solution into your existing security infrastructure, you can effectively mitigate risks associated with BYOD.
16:40
Top 10 ransomware gangs and their ways of operation
Introduce yourself with the top 10 Ransomware Gangs and gain insights into the world's most notorious ransomware groups, their tactics, and how they victimise organisation.
Discover the inner workings of these criminal enterprises, from their sophisticated techniques to identify vulnerable targets to their highly covert operations. Learn about real-life case studies and understand how their attacks have paralyzed businesses worldwide.
Join us at this must-attend session where experts will share practical strategies for preventing ransomware attacks.