DACH CISO Executive Summit

Ahead of the DACH Summit, Governing Body members will host an exclusive networking reception for all CISO attendees. Please join your peers for an evening of good food, wine, and lively networking at the Ommia Event Restaurant in Frankfurt.

As we enter another year of uncertainty and global crisis, it has become crucial to protect your organisations from cyber threats and ransomware attacks. CISOs face an immense challenge in achieving this objective and must effectively communicate with the board to mitigate these risks and safeguard their organisations from worst-case scenarios. The cyber threat landscape is continuously evolving and growing, and working together to improve communication and reporting is essential to mitigate these risks effectively. By doing so, you can overcome these challenges and ensure the security of your organisations.

Join this keynote session to discuss:

• Effectively addressing business risks – using the right metrics that align with the board's goals
• Adapting and prioritising digital business needs while remaining secure
• Discussing different methodologies and approaches to cultivate a collaborative and productive relationship between security and business teams

In recent years, the Sygnia Incident Response Team has handled numerous nation-state attacks that employed unique attack techniques and posed new challenges to security leaders and incident responders.

In this talk we will guide you through the anatomy of a real-world attack we recently responded to, including attacker TTPs and effective response procedures. This case study will highlight the common pitfalls and key opportunities when defending against even the most sophisticated attacks.

You will come away with:

• A deeper understanding of current attack trends
• Actionable insights into the risks and vulnerabilities exploited by attackers targeting highly complex environments
• Effective defence strategies employed by leading organisations worldwide

As enterprise SaaS data breaches continue to impact enterprises and make headlines, CISOs must centrally secure and monitor complex and interconnected SaaS ecosystems to mitigate both misconfiguration risk and threat actor attacks. How can security teams monitor highly-dynamic and highly-abstract SaaS systems that are managed outside of the IT function, when tools like CASB have proven ineffective and network-centric?

Join this boardroom to discuss how to:

• Determine the critical components of a comprehensive SaaS security programme
• Equip the SOC to monitor for attacks on your SaaS systems
• Educate SaaS administrators to automate security reviews to better mitigate data exposure caused by misconfiguration

New regulations such as NIS-2 coupled with an increasingly sophisticated attack surface result in regulatory bodies focusing more on cyber defence than ever before. CISOs must fortify the foundations of their compliance programmes to focus on supply-chain and third-party maintenance so that when the following vulnerability is uncovered, you’re ready to respond as quickly as the regulator demands. In this session, Philip Hoyer, Field CTO EMEA at Okta, will explore with you critical questions surrounding new regulations, such as asking where NIS-2 preparation sits in your strategy, what your strategy milestones are and whether you need to make changes in your investment strategy.

Join Phillip in this Executive Boardroom to discuss:

• Expansion of NIS to NIS-2 — are you in contact with regulators for the first time and what has been the impact on your incident response?
• Supply chain security and secure partner access — how are you securing access from your partners and are you planning to adopt more security controls for Supply chain partner access? E.g. Zero Trust security for partner access
• Reporting duties in case of a breach — discussing new reporting duties and the need to have a single Identity and Access Management Control Plan

Gartner's annual predictions have become a source of inspiration for leaders across multiple industries. In this presentation, we have gathered the top cybersecurity predictions from our expert team, providing a valuable resource for security and risk management leaders seeking to stay ahead in the digital era. By monitoring these trends, leaders can prepare themselves and their organisations for the challenges ahead. With global change a constant factor, the ability to anticipate and adapt to crises is crucial. Join us as we explore the strategies and insights that can help you succeed in an ever-changing world.

In this interactive session, we will cover:

• What are the major trends affecting the security and risk management leader?
• What are the top priorities for the security and risk management leader?
• What actions and best practices should the security and risk management leader initiate?

Generative AI "Gen AI" is the buzzword of the moment, and it has the potential to bring about transformative changes in the business world. However, it also poses significant risks, such as ad hoc employee adoption that creates new attack surfaces, as well as increased risks to privacy, sensitive data, and intellectual property. Nevertheless, there are ample opportunities for CISOs to capitalise on this AI boom. In this session, we will have an open benefit-focused discussion to explore how you can leverage Gen AI to their advantage.

Join this boardroom to discuss:

• Sharing AI uses cases that benefited your cyber team
• Striking the balance between security risks and AI innovation
• Questioning the limits of where AI can assist your team

Security awareness can often be cliché. Many CISOs have implemented company-wide security awareness training once or twice a year, but is this effective? Not all business units are the same and a tailored, innovative approach is needed to deliver a culture and behaviour change. In this Executive Boardroom, CISOs will discuss different approaches to security awareness and explore ways to engage staff and change their mindset to see security in the same vein as health and safety.

Join this boardroom session to discuss:

• Debating different approaches to dynamic and bespoke security awareness programmes
• Keeping an adaptive security awareness programme in line with the pace of business change — accommodating for staff turnover and business transformations
• Overcoming cultural security awareness challenges from operating across a global footprint

With cyber-attacks becoming more rampant, it is a challenge for CISOs and their teams to stay ahead of the threats and be ready to respond in case of a breach. Despite investing in the appropriate solutions and conducting numerous tabletop exercises to prepare for a possible attack, the question remains: how will you and your team respond when the attack actually happens? Join Oliver Scherer (CISO, MediaMarktSaturn Retail Group) as he shares tales from responding to a complex ransomware attack at MediaMarktSaturn. Learn from his experiences and discover what lessons he has implemented in response to the attacks.

Join this session to explore the inner workings of a live cyber-attack:

• Insights into the attacks and the conversations that followed
• Conversations CISOs need to have with their Board now to ensure preparedness for such an attack
• Discussing the measures implemented in response to both attacks