
DACH CISO Community
Executive Summit
26 November 2024 | Hilton Frankfurt City Centre
26 November 2024
Hilton Frankfurt City Centre
Collaborate with your peers
Get together with DACH's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.
Join your peers to discuss the most critical issues impacting CISOs today:
Balancing Risk Mitigation and Value Creation
Facilitating Secure Decision-Making with Outcome-Driven Metrics
Thriving Amidst Complexity and Uncertainty
DACH CISO Governing Body
The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven By CISOs, For CISOs®.
Governing Body Co-Chairs

Christoph Bernius
Allianz
CISO

Sascha Brock
Deutsche Post
VP CISO

Nikk Gilbert
RWE
CISO

John Petersen
Nestlé
CISO

Aleksandar Radosavljevic
Global Fashion Group
CISO

Judith Wunschik
Siemens Energy
Global Chief Cybersecurity Officer
What to Expect
Agenda
08:00 - 09:00 Registration & Breakfast
09:00 - 09:45 Keynote
Strategic Leadership and the CISO — Championing a Smart, Digital and Secure Future
Hosted by Akamai

Nikk Gilbert
CISO
RWE
Today’s CISOs face lofty expectations and a changing set of skills necessary to be successful. They are expected to deal with sophisticated AI-enabled attack techniques, manage high levels of ambiguity, align with corporate objectives and the list goes on. To meet this moment, how can CISOs support their business to enable secure digital business in complex organisations? Join Nikk Gilbert, CISO at RWE as he shares his stories, and recommendations, about how CISOs can lead their organisations towards a sustainable future enabled by technology. Specifically, Nikk will share his thoughts into:
- Driving Business Transformation through security at RWE
- Maintaining control over the narrative of emerging technologies, like AI to drive secure business
- Forging partnerships across the business to drive positive change and security awareness
09:45 - 10:00 Break
10:00 - 10:45 Breakout Session
Modern Workforce, Modern Security Strategy — Secure Enterprise Browsing to Protect Organisations
Hosted by Google Chrome

Hjalmar Lundin
Nordic & DACH Lead - Chrome Browser Enterprise
Google Chrome Enterprise

Kai Riecke
CISO
Knorr-Bremse AG

Ralf Kleinfeld
Information Security Officer
Otto Group

Jimmy Heschl
Global Head of Digital Security
Red Bull
Remote and hybrid work models open the door to a new wave of browser-based cyber threats. With sensitive data constantly flowing online, businesses face escalating risks and costly attacks. This session explores how to fortify your business against cyberattacks by securing the browser—the gateway to your sensitive data—all without disrupting the flow of work.
Join this session and hear from your peers about:
- The browser's role in a business's security strategy
- How the browser can secure your workers and company data on managed or non-managed devices
- Managing resources for cybersecurity in a time of economic uncertainty
10:00 - 10:45 Breakout Session
CISOs & Security Posture — How to Stop the Attack Before it Happens
Hosted by XM Cyber

Tilman Epha
Director of Sales
XM Cyber

Stefan Höller
CISO
SVD Büromanagement
The cyber threat landscape continues to grow, and CISOs need to make faster, more confident decisions about which exposures to fix and which to safely ignore. With 82% of security leaders reporting an increasing gap between vulnerabilities/exposures and their ability to address them, what are the strategies CISOs should employ to continually improve their security posture? Join this session to learn how continuous threat exposure management (CTEM) strategies can greatly enhance security posture. Specifically, you’ll hear:
- Why the disconnect exists and CTEM’s 5-step approach.
- How to reduce risk and increase efficiency with a comprehensive exposure management approach.
- How to measure and report security posture gains to the board
10:00 - 10:45 Executive Boardroom
Risk to the Nth-Party Degree
Hosted by RiskRecon, a Mastercard Company

Rigo Van den Broeck
EVP, Cyber Security Product Innovation
Mastercard

Jochen Klein
CISO
1&1 Telecommunication SE

Michael Fontner
Head of Global IT Security
Herrenknecht AG

Steffen Hoffmann
CISO
Boehringer Ingelheim
Third party relationships are closest and may prove to be the most tangible risks to your business, yet the whole supply chain of your business partners still pose a substantial threat. Most organisations’ vendor relationship extend to the 8th party. CISOs need to understand this web of connectedness in order to better manage and communicate enterprise risk.
Join this session to discuss:
- Gaining visibility into risk across the whole supply chain
- Strategies for effective risk management and monitoring business partners
- Overcoming resource challenges to prioritise third party risk
10:00 - 10:45 Executive Boardroom
Embedding Resiliency with Business Continuity Management
Hosted by Cloudflare

Christian Reilly
Field CTO
Cloudflare

Thomas Gigerl
CISO
ARXADA

Michael Ebner
Group CISO & Director Information Security
EnBW

Sybil Kleinmichel
ICT Risk Management Specialist, Managing Director
Commerzbank
For many organisations, the question isn't if they'll be attacked, but when and, crucially, how it will happen. IT and Security leaders must address the evolving nature of cyberthreats and work with business counterparts to continuously update their strategies and mitigate the risks of distributed work, cloud adoption, and third-party code.
This discussion will focus on comprehensive strategies security and IT leaders should use to embed resilience within business continuity management and protect sensitive data in a world where attacks are inevitable. Specifically, you’ll discuss:
- Understanding your risk profile through scoring, analysis and metrics to prioritise response
- Protecting sensitive data sets to ensure business continuity in the face of changing compliance
- Engaging business partners to foster a culture of shared responsibility when keeping the business secure
10:45 - 11:50 Networking Break
10:55 - 11:40 Peer-to-Peer Meetings
Peer-to-Peer Meetings
11:50 - 12:35 Breakout Session
A Tale of Two Incidents from the Front Lines — the Small Rock that Diverted the Mightiest Flood
Hosted by Sygnia

David Gray
Director, Client Leadership, EMEA
Sygnia
The impactful role of small and simple changes in safeguarding organisations can make all the difference when beating attackers and staying secure. Through a comparison of two real-life attacks by the same threat actor, witness how seemingly basic and obvious measures like awareness, effective tool usage, and swift response can prevent major disasters. Hear about a compelling example that sometimes, the simplest solutions stand as the strongest defense against cyberattacks. During this presentation, you will learn:
- The impactful role that small and simple changes can make in safeguarding organisations
- How a swift response is critical when preventing major disasters
- The measures, tool usage and reporting needed to beat attackers and stay secure
11:50 - 12:35 Breakout Session
Conflicts in Trust — An Exploration of Who the CISO can Trust
Hosted by Proofpoint

Kevin Leusing
EMEA Chief Technologist
Proofpoint
We trust that trains will run on time and weather forecasts are accurate. But when it comes to cybersecurity, we must navigate conflicts in trust to best secure our organisations. As a CISO, trust comes in many forms, such as the trust you place in your employees to remember their security training, how you trust cybercriminals to return your ransomed data and how you trust your suppliers to care about their security posture as much as you care about yours.
This is no traditional session; this will be a competition, where you’ll be tasked with choosing the right risk mitigation option as our gamemaster takes you from one scenario to the next. Will you choose the option favoured by our gamemaster? Or will you identify the Darwin Award?
Are you putting your trust in the right places? In this session, you'll:
- Identify four key elements of trust in cybersecurity
- Discuss and evaluate risks, implications, and mitigations for each key element
- Develop a Trust Matrix that you can complete for your organisation
11:50 - 12:35 Executive Boardroom
Unleashing AI Potential by Empowering Security Teams as Business Innovators
Hosted by Wiz

Maximilian Siegert
Solutions Engineering Manager, EMEA
Wiz

Christoph Peylo
Chief Cyber Security Officer
Bosch

Robert Poehlmann
CISO
Voith
Nearly every organisation today faces the challenge of shadow AI — unauthorised or unsanctioned AI tools being used within the organisation. CISOs must address shadow AI through robust governance programmes to ensure security and compliance. According to Wiz, 70% of organisations use cloud-based AI services, yet many struggle with effective governance. By empowering their security teams, organisations can create a secure framework that accelerates AI innovation and protects cloud assets.
Join this Executive Boardroom to explore strategies to:
- Identify and manage shadow AI within your governance framework
- Discover priority use cases for cloud-based AI services
- Learn how to support AI adoption while maintaining robust cloud security
11:50 - 12:35 Executive Boardroom
Securing SaaS — Tackling Key Vulnerabilities Across an Evolving Attack Surface
Hosted by AppOmni

Brandon Romisher
VP EMEA
AppOmni

Tim Reichert
ISO
SPS Solutions

Nikk Gilbert
CISO
RWE

Linus Plum
CISO
Aldi Süd
SaaS applications power today’s business, and downtime or compromise will pause operations. Despite the increase in SaaS-first strategies, Security teams continue to rely on perimeter-based SASE and IDP solutions which do not match the complexity of the SaaS-native attack surface. This boardroom will encourage you to look inside your SaaS systems to match secure configuration with advanced detection and response capabilities. Specifically, you will discuss how to:
- Bypass Zero Trust strategies and the mitigating controls to consider
- Advance your detection & response programme to maintain a cohesive security posture
- Ensure your metrics to measure SaaS Security are effective to keep up with attack surface
Apply to Participate
Apply to participate in the DACH CISO Community Executive Summit.
Gartner facilitates exclusive, C-level communities by personally qualifying and understanding the priorities, challenges and interests of each member.
Our selective approach maintains the high quality of the network and ensures top-level discussions with peers from the world’s leading organizations.
Each application will be reviewed, and once your participation is confirmed, you will have access to year-round community programs.
Location
Venue & Accommodation
Hilton Frankfurt City CentreHilton Frankfurt City Centre - Room Block Cancellation Policy:
Any cancellations made after the Cut Off (November 4, 2024) are subject to a cancellation fee of one (1) night room charge plus tax.
Parking
- There is Valet Parking availale at the Hilton Frankfurt. This is 5 EUR per hour, or 39 EUR per day.
A block of rooms has been reserved at the Hilton Frankfurt City Centre at a reduced conference rate. Reservations should be made online or by calling 69-133800.
Deadline to book using the discounted room rate of €260 EUR (plus tax) is 4 November 2024.
Community Programme Manager
For inquiries related to this community, please reach out to your dedicated contact.