Event Agenda

● How are rising geopolitical tensions globally, reshaping the cyber threat landscape for organisations in the DACH region?
● What lessons can be drawn from recent nation-state cyber operations targeting a variety of sectors and how can resilience in these industries be strengthened?
● How can DACH-based enterprises and public institutions anticipate and counter the increasing use of cyber tools as instruments of geopolitical conflict?
● In what ways can the private sector, government bodies, and international organisations foster stronger collaboration to address cyber threats driven by geopolitical interests?
.
– Moderator Daniel Schatz, CISO, Qiagen
– Patrick Ghion, Head Regional Cyber Competence Centre for Western Switzerland, State of Geneve
– Riccardo Sepe, Global CISO, Guess
– Cesar Oliveira, CISO, CMS
.

Artificial intelligence has long become part of everyday business operations. Humans and AI agents now work side by side, yet many existing security strategies are not designed for this reality. Companies are increasingly facing risks that arise both from human error and from the autonomous behavior of AI systems.
Based on an international study involving 4,200 experts from 14 countries, the presentation illustrates how the risk profile of organizations is shifting. While email continues to be the most important attack channel—where people are manipulated or make mistakes—AI-related risks are emerging as the fastest-growing threat area. At the same time, employees expect the productive use of AI tools, placing additional pressure on existing security and governance models.
.
Key messages:
43% of organizations report incidents involving AI
AI is considered the biggest challenge for cybersecurity leaders
56% of employees are dissatisfied with their company’s AI strategy
.
– Dr. Martin Krämer, CISO Advisor, KnowBe4

European security teams are under pressure from every side: more audits, more evidence requests, more supplier scrutiny, and more regulatory complexity. Compliance remains essential, but many organisations are asking a harder question: does passing audits actually mean we are more resilient?
This session explores where audit-heavy operating models help, where they fall short, and what mature security leaders are doing to connect compliance activity to real operational readiness – across controls, suppliers, incident response, and ownership.
.
– Niya Raina, GRC Subject Matter Expert, Vanta
.

This session explores the often-overlooked strategic dimensions of cyber security that get lost amid the urgency of day-to-day security routine. By examining incident readiness, threat intelligence, and long-term resilience, it highlights how organisations can move beyond reactive defence toward proactive, strategic security planning. Join us to reimagine cyber security not just as a series of firefights, but as a pathway to building your “castle on the hill”: a vision of sustained strength, foresight, and preparedness.

.
– Boris Awdejew, Chief Security Officer, Rakuten
.

As generative AI becomes a mainstream software development tool, an urgent question emerges: can AI be trusted to write secure code? This session shares findings from the 2025 GenAI Code Security Report, an assessment of over 100 language models across Java, Python, C#, and JavaScript. The research identifies weaknesses, including high failure rates on critical security tasks and no meaningful security improvement as models scale. Attendees will learn where AI introduces vulnerabilities, which issues are most common, why larger models are not safer, and other interesting statistics about AI secure code capabilities.
.
– Julian Totzek-Hallhuber, Senior Principal Solution Architect, Veracode
.

Identity is the new perimeter, yet many organizations remain blind to the hidden risks within their own directories. As AI transforms the threat landscape, the stakes for managing critical account permissions have never been higher. This session breaks down how to identify every identity: human or machine, and quantify their real-world risk. We will explore the intersection of AI and identity management, offering a roadmap to translate complex security intelligence into automated policies and decisive actions that harden your infrastructure without adding operational friction.
.
– Andreas Müller, VP Solutions Central Europe, Delinea
.

• How are NIS2, DORA, and CRA reshaping compliance obligations across industries in Germany, Austria, and Switzerland?
• How can we align cyber security, operational resilience, and AI governance strategies without disrupting business operations?
• What new expectations and obligations are under these evolving regulatory frameworks?
• What practical steps and best practices can we undertake to prepare for enforcement, reduce risk, and build long-term compliance resilience?

– Moderator: Eva Rustler, Head of Information Security & Deputy CISO, Allianz Global Investors
– Daniel Lemmer, CISO, Confidential
– Romain Pradelle, CISO, Roland Berger
– Tushar Shring, Senior Cybersecurity and System Expert, Volkswagen
– Alex Goller, Principal Solutions Architect, Illumio
.

Can an LLM master L2 depth triage? After 24 months and 60 experts, we have the answer. This session explores the technical journey of moving AI from basic filtering to deep contextual analysis. Learn to bridge the gap between human intuition and automation to redefine your SOC. Shift from alert fatigue to strategic defense. AI has finally earned its stripes
.
– Jaryd Hickman, Director of Solutions Development, D3 Security
.

The session will focus on overarching themes and underlying challenges that DORA brings, why these are more complex for some than for other organizations, and what organizations can do to navigate them, drawing from practical experiences and insights from regulatory engagements.
.
Christian Götz, Deputy CISO, Deutsche Börse
.

In this technical session, Mischa Rohleder at DATAPROTECT AG (on behalf of CoreView) will walk through a practical approach to Microsoft 365 tenant resilience: how to continuously enforce secure baselines, detect and investigate configuration drift/tampering, and ensure you can recover your tenant configurations after an incident.
You’ll see how CoreView helps teams regain control at enterprise scale with:

• • Configuration backup & restore, plus rapid drift detection and change management
  • Out of the box configuration baselines based on CIS standards
  • Virtual Tenant Segmentation to enforce least privilege without sacrificing operations
  • Automation for day-to-day security, governance, and administration, without weeks of PowerShell and spreadsheets

.
– Mischa Rohleder, Co-Founder & Cloud Security Architect, DATAPROTECT AG (on behalf of CoreView)
.

T1: From Data Chaos to Control — Securing M365, Cloud & AI in the Real World
– Tobias Gerhardt, Senior Solution Architect,Varonis
.
T2: Transforming Third Party Risk into Business Opportunity
– Eric Litowsky, Regional Director, Bluevoyant &  Jacques Noupoua, Client Executive, Bluevoyant
.
T3: AI in Development – Speed vs Security
– Florian Hundhausen, Strategic Account Manager, CheckMarx
.

• How is the widening cyber security talent shortage across the DACH region affecting us and why does the gap persist despite rising investment.
• How can we attract, train, and retain skilled professionals while equipping existing teams to leverage AI-driven tools and automation.
• How can we foster a culture that values continuous learning, embraces diversity, and integrates cross-disciplinary expertise as part of the solution to the skills shortage?
• What lessons from past workforce challenges to inform strategies for developing the next generation of AI-ready cyber security professionals?

– Moderator: Ali Baccouche, Regional CISO & Data Privacy Officer – EMEA, Texas Instruments
– Michael Paci, Senior Information Security Officer / Managing Director, State Street Corporation
– Tim Estermann, CISO, Thalia Bücher
.

● What vulnerabilities do AI models introduce, including data poisoning, model inversion, prompt injection, and adversarial attacks, and how can they be mitigated?
● How should traditional security controls evolve to cover a full AI life cycle, from model training and deployment to monitoring and retraining?
● What technical safeguards can be applied to protect training data, enforce model integrity, and ensure secure access across AI pipelines?
● How can continuous monitoring and anomaly detection be used to identify and respond to AI-specific threats in real time?
● What lessons are emerging from early technical case studies of AI exploitation, and how can these inform more resilient architectures for the future?
.
– Moderator: Cesar Oliveira, CISO, CMS
– Daniel Maier-Johnson, CISO, Kuehne+Nagel
– Ali Baccouche, Regional CISO & Data Privacy Officer – EMEA, Texas Instruments
– Katarzyna Bukowska, Head of Cyber Security Operations, Continental
.

Even the strongest cybersecurity measures can be breached, making DFIR essential to cyber resilience. This session explores today’s most pressing investigative challenges and how modern DFIR teams are tackling them, with practical lessons informed by real-world teams and their experiences. We’ll cover how teams decide which tools to use, what data truly matters, and how to accelerate workflows without sacrificing precision and completeness. Attendees will gain actionable guidance they can apply to improve speed, clarity, and outcomes during incident response and internal investigations.
.
– Niels Renken, Solutions Consultant, Magnet Forensics

.

The regulatory landscape is expanding, yet corporate resilience often lags, fostering a compliance-heavy mindset. Responsibility remains fragmented: GDPR sits in Legal, ISO27001 in Risk, and the CRA in Product, while NIS2 and AI demand holistic oversight. As the primary orchestrator, the CISO must lead across silos, despite often being anchored within IT departments. This session explores how CISOs can bridge these functional gaps and transition from technical influencers to strategic business leaders. Join us for practical, cross-vertical insights on navigating this increasingly complex governance maze.
.
– John-Erik Horn, CEO, Difesa
.

As AI technology advances, cybercriminals are using it to increase the speed, scale, and sophistication of attacks, from generative AI and automated phishing to deepfakes and agentic AI. This session examines how these AI-enabled threats exploit vulnerabilities faster than ever, and explores strategies for real-time detection, anomaly monitoring, and automated defenses. Attendees will learn how to adapt security architectures and incident response processes, while gaining practical insights on leveraging AI defensively to anticipate, respond to, and mitigate rapidly evolving cyber threats.
.
– Roger Klose, CISO, Heidelberger Druckmaschinen
.

How can enterprises grow their business with a scalable SASE solution while protecting their applications and data with a common platform? Since work and the use of applications/data do not take place in a secure location, a consolidated and flexible security environment is essential for protecting corporate communications and intellectual property. A centrally managed platform forms the basis for relieving the burden on NOC/SOC and keeping pace with increasing threats and demanding corporate initiatives. In addition to the usual cloud-based offerings, a truly sovereign solution is becoming increasingly important.
.
– Richard Kunkel, DACH Solutions Consultant, Versa Networks
.

To defeat the adversary, we must move beyond tracking their tools—we must understand their mind. The traditional approach to cybersecurity has focused relentlessly on the technical what (malware signatures, TTPs) and the macro why (geopolitical tension, economic drivers). However, the next decisive frontier in intelligence and defence requires a pivot to the who: the personality dynamics that fuel cyber threat actor groups and using autonomous tools to follow in their footsteps.
.

• • What 200,000 real attacks taught us that your security stack probably missed
  • Why attackers keep winning (and how to start thinking like they do)
  • How autonomous pentesting is changing the economics of defence

.
– Thomas Esslinger, Regional Sales Manager, DACH, Horizon3.ai
.

Many organisations commit substantial resources to security programmes, yet find that the final outcomes do not meet anticipated value. In most cases, the challenge is not the technology or the strategic intent, but weaknesses in execution and operationalisation. This session will focus on how to better align implementation with long-term security performance by embedding operational considerations at every stage of the project lifecycle.
.
– Moderator: Oğuz Şirin, CISO, RMR – mbh
.

.

• • Ensure recoverable backups for on-premises, cloud, and SaaS data
  • Protect, analyze, and restore identity systems—from AD to Entra ID and Okta
  • Accelerate AI transformation while maintaining control and rolling back when necessary

.
– Frank Schwaak, Field CTO EMA, Rubrik
.

AI is rapidly reshaping the cyber security landscape, creating both sophisticated threats and novel defensive capabilities. This session examines technical risks arising from generative AI, agentic AI, automated phishing, deepfake attacks, and other AI-driven cybercrime techniques. This session will outline practical strategies for mitigating these threats, including model monitoring, anomaly detection, and secure deployment practices, while also demonstrating how AI can be harnessed to enhance defensive operations. Attendees will gain actionable insights on implementing AI securely and effectively within their security architecture.
.
– Moderator: Tim Estermann, CISO, Thalia Bücher

.

Brain–computer interfaces (BCIs) are offering exciting opportunities in healthcare, accessibility, and human–machine interaction. Yet this innovation brings new cyber security challenges. Neural data transmission introduces unique vulnerabilities, from privacy breaches and data manipulation to threats against cognitive integrity. This session examines the dual nature of BCIs: how they may strengthen authentication and adaptive systems, while also creating unprecedented risks. Attendees will explore emerging threats, ethical considerations, and strategies for resilience.
.
– Patrick Ghion, Head Regional Cyber Competence Centre for Western Switzerland, State of Geneve
.

.
● What are the key cyber security threats to sensitive data in cloud environments, and how are attackers evolving their tactics?
● How can organisations with limited resources prioritise breach prevention while IT and security teams are stretched thin?
● How can organisations in the DACH region achieve cloud sovereignty through local or EU-based providers, strong data residency and encryption controls, and compliance with CRA, DORA, and NIS2?
.
– Moderator Romain Pradelle, CISO, Roland Berger
– Daniel Lemmer, CISO, Confidential
– Riccardo Sepe, Global CISO, Guess
– Roger Klose, CISO, Heidelberger Druckmaschinen
.