Tickets

29 March 2023 08:00-18:30Hotel Birger Jarl, Stockholm

Speakers

John Wallhoff
Event Chairman, B4 Investigate

John Wallhoff (CISA, CISM, CISSP), Co-Founder and Board Member at B4 Investigate and formerly the  President of ISACA Sweden Chapter & independent advisor. He is an experienced expert in the field of IT-Governance, IT Service Management and Information Security. Over the past 25 years he has been working with a wide range of organisations in different industries/sectors.

Sofie Donovan
Head of IT Security, Svenska Spel

With a passion for cyber security and a drive for change, Sofie, Head of IT-security, and the team at Svenska Spel are set out to secure 10 million dreams, or transactions if you will, each day, every day. This requires the ability to lead and navigate change effectively as the business and threat landscape is ever changing. With 15 years of experience working with IT and Cyber Security, Sofie has a track record of leading and delivering solutions requiring technological and organizational transformation.

Mats Persson
IT Security Consultant, Omegapoint

Mats is a security advocate at Omegapoint and he is passionate about secure development, modern ways of working, and security in the cloud. For the past three years he has been team lead for a software security team helping 100+ product teams integrating security in their daily work.

Christian Abdelmassih
IT Security Specialist, Swedish Police Authority

Christian works with Enterprise-level Security Architecture and InfoSec-related tasks at the IT Security Division of the Swedish Police Authority. Before focusing on security, he was a Full Stack Developer and DevOps enthusiast. He supports developers in building secure web apps and sysadmins in safer operations. Today, he implements access controls, identity and access management solutions, conduct audits and risk analyses and secures one of the most important organizations in Sweden.

Donnie Murray
Senior Presales Architect at NTT Security Holdings

Donnie Murray is a Senior Presales Architect at NTT Security Holdings. He is a subject matter expert for Samurai XDR platform and adjacent cybersecurity services. He has expertise in a range of cybersecurity areas, including threat detection, intrusion analysis, incident response, threat intelligence, and both XDR and Managed Detection and Response. He has extensive experience as a SOC security analyst, where he has been responsible for identifying, responding and mitigating cyber threats. He is a trusted advisor to clients, helping them to understand and take advantage of the latest cybersecurity technologies and best practices.

Christoffer Karsberg
Coordinator NCC-SE, MSB

Christoffer Karsberg works as Coordinator for the Swedish National Coordination Centre for Cybersecurity Research and Innovation, NCC-SE, hosted by the  Swedish Civil Contingencies Agency, MSB. Previously at MSB, Christoffer coordinated the NIS Directive rollout in Sweden. Christoffer also has a background from the cybersecurity consultancy sector, from the European Cybersecurity Agency ENISA and from the Swedish telecom regulator PTS, working with network and information security policy for the telecom sector.

Dimitrios Stergiou
CISO, Wayflyer

Dimitrios is currently employed as the Director of Information Security for the Wayflyer Group. He is an experienced senior Information security and Risk professional with over 20 years of experience. Before joining the Wayflyer Group, Dimitrios held positions at Trustly Group AB, Modern Times Group, NetEnt, Entraction, Innova S.A, and Intracom S.A.Dimitrios holds an M.Sc. in Information Security, as well as an MBA, and is a Certified Lead Implementer for ISO 27001:2013, Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Risk and Information Systems Control (CRISC) professional, Certified Cloud Security Professional (CCSP) and Certified Information Systems Security Professional (CISSP). Dimitrios is also a certified Certified Information Privacy Manager (CIPM) and Certified Information Privacy Professional (CIPP/E).Dimitrios' Information Security focus lies with standards compliance, technical security evaluation, risk management, secure development lifecycle, SecDevOps, and social engineering.

Amelia Wallace
Legal Counsel & Privacy Lead, Hemnet AB

Amelia Wallace is a legal counsel and leads the data protection work at Hemnet. She is specialized in commercial, tech and privacy law. Before Hemnet she's worked at a law firm in Stockholm, nisched in IT, and has several years of experience in working with data protection in different contexts.

Tim Sönderskov
Head of products and services, Omegapoint

To enable a more systematic way of working within information- and cyber security is one of Tim's favorite subjects. For the past 3 years he has been driving digitalization in the compliance area by using Omegapoint's own tool called Ciso. (Compliance & Information Security Organizer).

Ralph Benton
CISO, Schibsted Media Group

Ralph Benton CISA,CRISC & CISM - has more than 15 years’ documented

experience in information security-, IT security- and IT risk management both on

a national and an international level. He is currently the Chief Information Security

Officer at Schibsted Media Group. He has previously served as Head of

Information- and IT security at the Karolinska University Hospital which is one of

Europe's largest university hospitals with 15 800 employees, 1 600 beds and a

turnover of 18 billion SEK. Ralph is also responsible for the change management

of implementing GDPR throughout the hospital. Prior to his current assignment

at Karolinska University Hospital he held a position as “acting CISO and Group

Information Security and IT Risk Manager” at Sandvik AB.

Emilie Alftrén Hasslerud
GRC Advisor, FCG

Emelie works as a Director in the Business Area Insurance for FCG, where she is supporting customers in navigating in a changing and complex regulatory environment, primary in the financial sector. She has almost 20 years of experience working in different GRC roles in all "three lines of an organization". Emelie has in the past years focused on developing and integrating GRC in agile ways of working.

Senad Aruc
Lead Architect Northern Europe, Gatewatcher

Now North Sales Engineer at gatewatcher, Senad is a seasoned cybersecurity professional with more than 22 years of experience in Incident management, CSOC architecture and MDR/MSSP experience. He worked as an evangelist for NDR/EDR and SOAR/XDR solutions and developed extensive knowledge of malware analysis, threat intelligence, and anti-fraud & anti-phishing solutions. As a researcher and conference speaker about breaking inside botnets, his skills include written & verbal communication in 6 different languages. He took over leadership roles focused on advanced threats solutions and served in vital positions, notably at Gatewatcher but also previously as Lead/Architect Cybersecurity at ATS Cisco, Principal Advisor, SOC Senior Lead, Senior Security Specialist, and Security Consultant with organizations such as UL, ServiceNow, Reply, and DfLabs. Senad's educational background covers multiple study subjects and learning about modern developments in organizational leadership, cybersecurity, and information security. He published more than 20 research articles focusing on botnets and malware research.

Martin Bergling
Coordinator Cybernode, RISE

Martin is working at RISE, as coordinator of Cybernode, the Swedish innovation node in cybersecurity. Martin has a broad security background and has previously worked as Deputy Security Manager at the Central Bank of Sweden and as technical manager at FMV / CSEC, Sweden's certification body for IT security. He has also worked with project management, risk analysis, requirements specification, accreditation and security audits at IBM, NIXU, the Swedish Armed Forces and Telia. Martin has several certifications, e.g. CISSP, CISA and CRISC, and he is also involved in SIG Security and Dataföreningen in Sweden.

Conny Larsson
Chairman, Sig Security

Conny is the chairman of Sig Security, a Swedish non-profit organization specialized in information and IT security. Conny has a master degree in Law and IT and is specialized in Telecommunication and Information Technology Law. Between 2009 and 2017 he worked for the Swedish law firm Gärde & Partners AB in Stockholm and now in his own law firm since 2018. Before that he was a corporate counsel at the major Swedish telecom operator TeliaSonera for nearly fifteen years and also at Flextronics Network Services. In addition he was a legal counsel at the Swedish Telecom Agency and the Swedish Enforcement Agency. Altogether he has been working as a lawyer specialized in Law and IT for more than 30 years.

Magnus Juvas
CEO, Solidify

Magnus Juvas is the co-founder and CEO of Solidify, a company focused on accelerating and securing digitalization by creating cultures, processes, and technical platforms that enable software developers. He is also one of the founders of Transcendent Group, a consulting company focused on GRC. He has worked with the risks and opportunities that software provides for over 25 years and holds a master's degree in computer science from the University of Colorado.

Brian O'Toole
Head of Digital Services security center, Ericsson

Brian has been at Ericsson since 2005, working across several different areas including software development, product management and information security. He is currently Head of Digital Services Security Center. Prior to his current role he had served as the CISO where was primarily focussed on integration of Information Security Risk Management across Ericsson, which is one of those things that is easy to say, but difficult to do in an organisation of over 100,000 people.

Emil Dahlin
CIO, Bravida

Emil Dahlin has over 30 years documented experience in the IT industry and he is currently CIO at Bravida. Before joining Bravida he served as a CIO, SVP Digital Business Development & IT of Svevia AB, a company that specialises in building and maintaining road infrastructure, employs about 2,000 staff dispersed across 100 locations in Sweden and Norway. He has also worked as a strategic advisor and consultant on a senior level for different consultant vendors. In addition, he has held top positions such as: Head of Group IT-Infra, PMO & SAM at PostNord AB, CIO at Qbranch AB & Axians SE and CTO at Norsk Hydro AB.

Stefan Funck Pettersson
Senior consultant cyber security GRC, Springflod

Stefan Funck Pettersson is the founder and managing partner of the Stockholm-based boutique consulting firm Springflod which focuses on cyber security within the financial services industry. Stefan specialises in the governance, risk and compliance space of cyber security with experience from traditional as well as fintech institutions.

Ian McShane
VP of Strategy, Arctic Wolf

Ian McShane is the VP of Strategy of Arctic Wolf. Ian has over 20 years experience in cybersecurity and operational IT, with humble beginnings in a tech support call center and live-fire experience leading sysadmin teams for large multi-national organizations. As a former Gartner analyst, Ian has advised the largest and fastestgrowing technology companies in the world as well as tens of thousands of organizations world-wide. He is well known as a trusted advisor and popular commentator in our industry, and prior to joining Arctic Wolf Ian also spent time in various product leadership end executive roles at Symantec, Endgame, Elastic, and CrowdStrike.

Pål Göran Stensson
Cyber Security and Privacy Operations Manager, IKEA Group

Head of Cyber Security, modern, digital leader in a classic space of Security, Privacy, Risk and Compliance. We are constantly in transition and I am energized by leading through change. Eyes on the horizon, hands in the dirt and leading through example.I drive a new agenda where Cyber Security is the enabler of the digital business model. Done right, we promote a dynamic, fast and flexible business where opportunities are found early, successfully converted, developing existing and new revenue to the company while maintaining our core values and principles.Leading self, leading others and leading leaders, building a large organisation delivering on a global scale are my motivators and helps me grow my impact. My work is in developing a vision, a strategy and an approach to deliver with excellence where the work is described by others as quietly brilliant.

Mathias Antonsson
Senior Program Manager

Mathias Antonsson has previous experience from the United Nations, where he pioneered the organisation’s Twitter account and also received a UN 21 Award for his innovation skills. He has also worked for the Embassy of Sweden in Australia, as well as for the Swedish Development and Cooperation Agency (Sida). Additionally, Mathias has a background as a strategic advisor to the innovation phenomenon Ushahidi in Kenya. At Ushahidi he was also part of starting Making All Voices Count – a global Challenge Fund with $50 million focusing on innovative governance projects in Africa and Asia. Mathias co-founded the Right Agenda Accelerator, Sweden's first accelerator for human rights, and was a strategy board member of Design 4 Democracy Coalition, an organisation funded by big tech to improve the democracy and human rights of their social media platforms. More recently he ran the Innovation Initiative at Civil Rights Defenders and was Nordic Communications Manager at Ashoka, before joining MSB in 2020.

Paul Baird
Chief Technical Security Officer, Qualys

Paul Baird is an IT veteran with over 24 years’ experience, and has spent the last seven years focusing his efforts in cybersecurity. Paul’s background has included building a security ethos and security operations centre (SOC) from scratch for several leading enterprises in the UK housing and automotive industries. Having moved to the vendor side to join Qualys as their Chief Technical Security Officer (CTSO) in 2021, he now drives Qualys’ vision for cybersecurity at C-Level across customers and partners in the UK and North EMEA. He is a people-focused leader and passionate about supporting his team. Paul was awarded a fellowship by the Chartered Institute of Information Security (CIISEC) last year for his continued contribution to cybersecurity.

Sebastian Alteryd
Consultant cyber security GRC and devops, Springflod

Sebastian Alteryd strikes a balance between the hands-on technological space and the risk and compliance area. Backed by both an engineering and a law degree, Sebastian is the engineer that will happily explain the intricacies of legislation but also the information security officer that will provide actionable interpretations of the generic regulatory obligations.

Jesper Lundin
Senior Director, Nordics & Baltics f5, Inc

Jesper is currently responsible for the business operations of F5 for the Nordic and Baltic countries. He has a background within the software and IT infrastructure domain and had different roles at companies such as IBM, Cisco, Dell and Veeam. For over 10 years he’s been working with customers on large transformational projects in both the enterprise and public sector market, spanning areas such as IT security, cloud, data management and application performance. He has a passion for technology and a genuine interest in how we best leverage technology to improve business outcomes as well as our society.

Egil Bergenlind
Founder, DPOrganizer

Egil Bergenlind has 12 years experience from data protection, including as lawyer at Bird&Bird and Data Protection Officer at iZettle. In 2016, Egil founded DPOrganizer which provides products and services that helps companies build better privacy programs.

Schedule

08:00

Registration

Conference kicks-off with morning breakfast 

Read more
08:45

Chairman’s Opening Remarks

John Wallhoff, Board member & Co-Founder B4 Investigate

Read more
John Wallhoff
Event Chairman, B4 Investigate
09:00

Cybersecurity Skills Shortage – and how it affects us Emil Dahlin CISO, Bravida

Key takeaways:

  • Continuously changing threats require new ways for protection
  • How we built a fit for purpose security organization and skillset that complies with business risk appetite

Read more
Emil Dahlin
CIO, Bravida
09:30

Security in 5G networks: Brian O'Toole Head of Digital Services security center, Ericsson

Brian O'Toole
Head of Digital Services security center, Ericsson
10:00

Cyber Secure Digitalisation, Mats Persson Security Consultant, Omegapoint

Software is at the very heart of digitalisation. But building software that is cybersecure while keeping desired time to market is often seen as impossible. Until now…

Key takeaways:

  • Cybersecurity and digitalisation as a single discipline
  • Cybersecurity begins with well-designed and well-built software
  • Automation is a critical success factor
    Read more
    Mats Persson
    IT Security Consultant, Omegapoint
    10:30

    Coffee Break & Networking

    10:50

    “GRC is from Venus, Scaled agile is from Mars" - Top reasons why GRC and scaled agile alignment fail and what to do about it - Emelie Alftrén Hasslerud, GRC Advisor FCG

    As of today, there is a need for two major changes in most large organisations. The first is driven from regulatory demands and a rapidly changing risk landscape including cyber security risks. The second is driven by the digital transformation and the agile ways of working that often comes with it. Many organisations struggle with how to align GRC processes with the agile at scale processes that are introduced to accelerate digital transformation.

    Key takeaways:

    • In this session both Emilie and Magnus will address common challenges and what to do about them. They will discuss this both from the GRC perspective as well as the agile perspective and give you hands on tips and tricks on how to meet each other
    Read more
    Emilie Alftrén Hasslerud
    GRC Advisor, FCG

    Magnus Juvas, CEO Solidify

    Magnus Juvas
    CEO, Solidify
    11:20

    Event Breakout Sessions

    Participate in one of the 3 following workshops from our partners that will also be showcasing their own solutions during the conference: 

    • Omegapoint session - Room Congressen
    • Qualys  session - Room Team
    • NTT Security - Room Spirit
    Read more

    Control and manage supplier risk with less effort, Tim Söderskov Head of products and services, Omegapoint

    Management and review of suppliers security status requires a lot of effort. In this workshop we will show you how to manage this more efficiently by using a tool based approach with automation.

    Key takeaways:

    • Manage information security with a tool based systematic approach
    • Manage security requirements for suppliers
    • Assess and manage the security status of your suppliers
    Read more
    Tim Sönderskov
    Head of products and services, Omegapoint

    Converging OT/IT Security Operations in Times of Hybrid Warfare From zero visibility to a mature OT/IT detection capability, Donnie Murray Senior Presales Architect at NTT Security Holdings

    For many organizations their digital transformation strategies are leading towards a convergence of OT and IT. As OT networks that have traditionally had very little visibility become more connected from the subsequent use of modern operational solutions, the attack surface naturally expands. In this workshop you will learn how NTT's Samurai MDR service, which is powered by the Samurai XDR platform provides a holistic detection capability across both OT and IT, and is delivered from a single Security Operations Center by highly trained Security Analysts with competency in both OT and IT threats.

    Key takeaways:

    • Learn how you can move from zero visibility in your OT networks to a mature OT and IT detection capability within a single holistic solution
    • Through a client case study gain insight into how NTT's Security Operations Center in Gothenburg, Sweden has years of demonstrated experience delivering an MDR service for converged OT and IT networks
    Read more
    Donnie Murray
    Senior Presales Architect at NTT Security Holdings

    Why is patch management seen as a financial black hole?, Paul Baird Chief Technical Security Officer, Qualys

    The presentation will provide a comprehensive overview of the current state of patch management and offer practical guidance on how organizations can manage patching effectively through technologies such as automation and prioritisation.

    Key takeaways:

    • Learn about the latest advancements in patch management and how they can be leveraged to improve security, reduce patching times and reduce risk.
    • Seize this valuable opportunity to learn about modern solutions for efficient and secure patch management and stay ahead of the curve in terms of protecting your own digital assets
    Read more
    Paul Baird
    Chief Technical Security Officer, Qualys
    11:50

    Lunch Break & Networking In The Expo Area

    13:00

    IT Security Insights 2023 Round Table Discussions

    Round Table Discussions are designed to give event participants an opportunity to exchange ideas and  experiences on some of the hot topics in the security market place in a more intimate setting. The discussions will last for 45 minutes and are open to all participants. Each round table is limited to 8-10 persons including the moderator. Below is our line-up of round table moderators and the topics to be discussed during the conference.

    Read more

    How can we increase cybersecurity innovation in Sweden? Martin Bergling, Coordinator of the Swedish node for innovation & research in cybersecurity, RISE and Christoffer Karsberg Coordinator NCC-SE, MSB

    The digitization of society continues at a rapid pace, but security issues often end up in the shadows. The gap between new functionality and security is widening, creating major risks. At the same time, Sweden is in third place in the world in terms of innovativeness. How can we use this innovative ability to create a more secure Sweden?

    Key takeaways:

    • What needs can we see in Sweden regarding cybersecurity innovation?
    • Which are the Swedish key actors regarding cybersecurity innovation?
    • Which activities could enhance Sweden’s cybersecurity innovation ability?
    • How can you and your organization benefit from cybersecurity innovation?


      Read more
      Martin Bergling
      Coordinator Cybernode, RISE

      Christoffer Karsberg Coordinator NCC-SE, MSB

      Christoffer Karsberg
      Coordinator NCC-SE, MSB

      Detecting the 1% undetectable threats: Senad Aruc Lead Architect Northern Europe, Gatewatcher

      Detection of 1% of undetected cyber threats can be a challenging task, but there are several techniques that organizations can use to increase their chances of identifying those potential security breaches. It's important to note that no single technique is foolproof and that combining different approaches is often the best way to detect and prevent advanced cyber threats. Join Senad's round-table discussion as he deep dives into the different techniques one could apply in identifying potential security breaches.

      Read more
      Senad Aruc
      Lead Architect Northern Europe, Gatewatcher

      How do we integrate security in SDLC & how do we engage developers and sysadmins in creating a solid security culture?: Christian Abdelmassih IT Security Specialist, Swedish Police Authority

      Background: We security professionals want to improve the security posture of organizations. But to do that we must first decide which security activities we should invest in. Some believe that awareness education is the way to go, others might rely on audits. Join Christian in a round-table discussion on building a secure foundation for resilient organizations.

      Key takeaways:

      • How would you do it? And where would you start? 
      Read more
      Christian Abdelmassih
      IT Security Specialist, Swedish Police Authority

      Where do you draw the line between Cybersecurity, Information Security and IT Security? Conny Larsson Chairman, Sig Security

      Background: What do we mean when we talk about "Security", how do we define the legal interfaces between Cyber Security, Information Security and IT Security? Does it matter from a legal perspective or with regards to how we choose to organize our security work?

      Key takeaways:

      • Are there any legal definitions regarding Cyber Security, Information Security and IT Security?
      • Are there any laws that particularly concerns each different type of security?
      • How can different understanding between lawyers and technicians regarding the different types of Security become a problem?
      Read more
      Conny Larsson
      Chairman, Sig Security

      Security consideration for building blocks of SaaS, John Wallhoff Round Table Moderator & Co-Founder, B4 Investigate

      The cloud shift is evolving strongly where IaaS, PaaS and SaaS has become delivery models that challenge security professionals to keep up-to-speed with business developers and coders. This SaaS insights round table is about identifying security considerations for some of the building blocks that define a SaaS solution. Building blocks can be a specific technical solution such as “serverless” to activities like “penetration testing”. For you as a Security Professional, you will add your experience and thoughts into this framework of shared knowledge and you will also be able to add building blocks that are missing on the table when we start. We will work together in the whole group as well as in break-out constellations, to be able to capture the individual knowledge and experience and we will wrap-it up at the end of the session.

      The round table is intermediate/advanced level and we recommend that you have experience from SaaS solutions that goes beyond 3rd party audits and certifications that a SaaS provider and its Cloud Providers/Subcontractors provides.

      Read more
      John Wallhoff
      Event Chairman, B4 Investigate

      Cyber Resilience – share insights on strategy, components and capabilities: Sofie Donovan, Head of IT Security Svenska Spel

      Background: Cyber resilience refers to the ability of an organization to continue to function in the face of cyber attacks or other cybersecurity breaches. There are big challenges to continuously adapt and uphold resilience! Technological complexity, evolution of threats, resource limitations and cross-functional coordination are just some of the hurdles to overcome.

      Key takeaways:

      • What is your approach? How do you uphold resilience in your organization, what challenges are you facing? - Let’s discuss and share insights on how/if Cyber Resilience requires a different security strategy approach, what the necessary components are and how to adapt to uphold resilience capabilities
      Read more
      Sofie Donovan
      Head of IT Security, Svenska Spel

      The DORA regulation and proportionality: Stefan Funck Pettersson and Sebastian Alteryd Springflod

      The new EU digital operational resilience act (DORA) regulation that recently went into effect brings new challenges to the financial services industry. One of these is its increased scope of applicability – a number of financial institution types that previously had few or no prescriptive obligations regarding cyber security now have. To soften the landing DORA has a lot of provisions regarding proportionality. In this round table both Peter and Sebastian will discuss how DORA implements proportionality and how it can be interpreted.

      Key takeaways:

      • What are the regulators' views of proportionality?
      • How does DORA define proportionality?
      • What are micro-, small and medium-sized enterprises?
      • What should a simplified ICT risk management framework look like?
      Read more
      Stefan Funck Pettersson
      Senior consultant cyber security GRC, Springflod

      Sebastian Alteryd Consultant cyber security GRC and devops, Springflod

      Sebastian Alteryd
      Consultant cyber security GRC and devops, Springflod

      How can we achieve enterprise grade Application security without increasing complexity? Jesper Lundin, Snr. Director, Nordics & Baltics f5, Inc

      Security is often considered as something hindering progress and development. A necessary evil that adds friction to the application delivery process and is cumbersome to scale and operate. As application environments grow across multiple clouds and platforms, adding a complete security framework often implies adding significant complexity. If publishing an application is too complex, it will directly impact the time-to-market and thus the value it can deliver to the business. 

      Key takeaway:

      • Can we overcome this challenge somehow, and add comprehensive security and application delivery capabilities without increasing complexity?
      Read more
      Jesper Lundin
      Senior Director, Nordics & Baltics f5, Inc

      Data Protection Management - Learnings and trends from first 5 years with GDPR, Egil Bergenlind Founder, DPOrganizer

      DPOrganizer will discuss how businesses' approach to GDPR compliance and data protection management has changed over the last few years, and explore what are currently the biggest challenges and focus areas, and what kind of solutions exist to solve them. Participants should have some data protection experience and most importantly an interest in discussing and learning how the work can be improved.

      Read more
      Egil Bergenlind
      Founder, DPOrganizer
      14:30

      Afternoon Coffee Break & Networking

      14:50

      Exploiting Luck, Judgement, Chance, and Choice, Ian McShane VP of Strategy, Arctic Wolf Networks

      Your organization is either the target or the transport. That’s a problem because even if you could do everything right, you can still suffer a breach.Even worse, most organizations can be described as “secured by luck”, through no fault of their own, because the complexity of the security industry has made it impossible for many organizations to get everything right.

      Key takeaways:

      • In this keynote session Ian will talk about cyber security as a long game you can influence and win, whatever the size of your security team, and how you can position luck, judgement, chance, and choice in your favour to mitigate and reduce cyber risk
      Read more
      Ian McShane
      VP of Strategy, Arctic Wolf
      15:20

      How to ensure cybersecurity is considered in the enterprise strategy? Ralph Benton CISO, Schibsted Media Group

      Background: Schibsted is one of the largest media groups in the Nordics with well known media brands like Aftonbladet and Svenska Dagbladet in Sweden but also VG and Aftenposten in Norway. Schibsted also runs the number one digital marketplaces in Norway, Sweden, Finland and Denmark. With a total of almost 1 million visitors per month on their websites, cybersecurity threats are one of the most critical business risks for Schibsted. Over the last 3 years Schibsted has been running a global cybersecurity program to ensure that the cybersecurity posture across the group improved.

      Ralph will take us through their journey on how they improved their cybersecurity posture through their cybersecurity program. He will share how they engaged with top management and the board of the directors not only to get the approval for the program, but also how they throughout the program create a better understanding, security awareness and engagement.

      Key takeaways:

      • How do you engage with top management and the board of directors on cybersecurity?
      • How to build security awareness and improved engagement by top management?
      • What are the learnings from running a multi year global cybersecurity program?
      • How do you ensure that the engagement continues after the closure of a cybersecurity program?

      Read more
      Ralph Benton
      CISO, Schibsted Media Group
      15:50

      Hybrid war in Europe; Lessons learned for Sweden, Mathias Antonsson Senior Program Manager, MSB

      The Swedish Civil Contingencies Agency (MSB) receives it-incident reports from the public sector and all private companies that operates important societal services (NIS-operators). Every year MSB releases its annual it-incident report. This year the report has combined those insights with the results from the Infosec Checkup (Infosäkkollen), as well as a study on the development in Ukraine from 2014 to today. Combined MSB has identified five key lessons learned for an improved Swedish cyber defence.

      Read more
      Mathias Antonsson
      Senior Program Manager
      16:20

      Leadership Panel Discussion: Global Impact of Schrems II

      Almost three years ago, on 16th of July 2020, the Court of Justice of the EU issued its judgement in case Schrems II. The case is named after the privacy activist Max Schrems and was based on his complaint on Facebook's transfer of his personal data from the EU to the US. The case ruled that the EU-US Privacy Shield, which was previously used as a mechanism to transfer personal data between the EU and the US, did not adequately protect the privacy rights of EU citizens under the GDPR. The court also found that the Standard Contractual Clauses, which are widely used by businesses to transfer personal data outside the EU, are valid - but require additional measures to ensure that the data is adequately protected in the destination country. Since then there have been some legal developments, although it's going slow. The European Data Protection Board has issued recommendations on how to implement the Schrems II ruling, including recommendations for additional measures to address concerns about US surveillance practices. Further, the US and EU have been in negotiations to develop a new framework for transatlantic data flows, which would replace the Privacy Shield. So far, no actual agreement has been reached, and companies that previously relied on the Privacy Shield have had to find alternative legal mechanisms for transferring data to the US. Let's deep dive into the crucial questions and challenges ahead!

      Read more

      Panelist: Pål Göran Stensson Cyber Security and Privacy Operations Manager, IKEA Group

      Pål Göran Stensson
      Cyber Security and Privacy Operations Manager, IKEA Group

      Panelist: Amelia Wallace Legal Counsel & Privacy Lead, Hemnet AB

      Amelia Wallace
      Legal Counsel & Privacy Lead, Hemnet AB

      Panelist: Dimitrios Stergiou CISO, Wayflyer

      Dimitrios Stergiou
      CISO, Wayflyer
      17:05

      Chairman’s Closing Remarks: John Wallhoff Event Chairman, B4 Investigate

      John Wallhoff
      Event Chairman, B4 Investigate
      17:15

      Networking Cocktail Reception

      Event Summary

      Welcome to the 7th edition of the IT Security Insights, a leading peer-to-peer conference bringing together IT security practitioners from across the Nordic market working with information security, OT Security, Cybersecurity, cloud services, IIoT, IT Governance, GDPR to discuss among other things; how to detect and mitigate the rising cases of ransomware and data breaches amongst leading Nordic and global organizations in Sweden. The conference will attract 11 leading information and cybersecurity service providers that will showcase their own solutions in the exhibition area at the conference.

      With over 25 top Nordic and International speakers the conference will present numerous learning and networking opportunities via: 7 keynote sessions, 3 workshops, 9 round table sessions, a leadership panel debate and much more. The conference is an in-person format and will end with an exclusive networking cocktail reception for all those in attendance.

      Join us for the long awaited onsite experience on 29th of March 2023 at Hotel Birger Jarl in Stockholm, Sweden!

      Hotel Birger Jarl

      Hotel Birger Jarl is probably Stockholm city’s most personal business and conference hotel. Step into the welcoming lobby and be greeted with timeless Scandinavian design that is colourful, light, open, and airy. The hotel offers modern conference facilities for up to 550 persons, featuring plenty of rooms for inspiring meetings as well as pleasant relaxation. Staying at the hotel guarantees you a warm welcome with personal care, comfortable beds, and delicious meals. Hotel Birger Jarl is named after the founder of Stockholm, and our feet are firmly planted in our national heritage. When you visit the hotel, you will notice at once that there is combination of these traditions with innovative thinking and considerate service, as well as the best that contemporary design has to offer. This central hotel showcases 271 rooms and among them you find a unique design of rooms decorated by well-known Swedish interior architects and designers.

      Address: Birger Jarlsgatan 61A, 113 56 Stockholm, Sweden.
      Venue website: http://www.birgerjarl.se/en/in...

      Directions

      By Subway from T- Centralen:

      • Take the green line with train no.s: 17, 18 & 19 on the subway from Stockholm Central
      towards any of the following destinations: Odenplan, Alvik, Åkeshov, Råcksta, Vällingby
      and Hässelby Strand.
      • Get off at Rådsmangatan and exit towards the side heading to Sveavägen (checkout attached photo) - approx travel time 3 minutes.
      • From the Subway station it takes 3 minutes to the venue, Hotel Birger Jarl. Use Google Maps and you will be there in no time. There is a subway going every 5 minutes.

      By car

      Birger Jarlsgatan 61A,
      113 56 Stockholm, Sweden.

      By taxi

      We recommend the following companies:
      Taxi Stockholm +46 8-15 00 00
      Taxi Kurir + 46 8-30 00 00
      Taxi 020 + 46 20-20 20 20
      Tickets