CISO DACH Summit | June 21, 2022 | Munich, Germany

agenda

Registration & Networking Breakfast

8:30 AM - 9:00 AM

Welcome Address

9:00 AM - 9:05 AM

Keynote Presentation | The Human Firewall: How To Create A Culture Of Cyber Security

9:10 AM - 9:40 AM

70% of all information security attacks target humans. Only 30% target systems.

Increasing the awareness of employees is therefore the greatest lever for improving the general level of security in a company.

Awareness campaigns are the key to mindful employees.

When building a campaign, many questions arise

  • How does a didactic thread succeed?
  • How are high participation rates achieved?
  • What is essential content, what does not belong in it?
  • Which stakeholders have to be picked up?
  • Where can I get free material?

In this keynote, Florian Jörgens will give an overview of past awareness campaigns with which he won the Digital Leader Award 2020 in the Cyber Security category.

Takeaways:

  •  Illustration of the development of awareness campaigns
  • Do’s and don’t’s
  • Best practice tips
  • Sources for free material

Florian Jörgens

Chief Information Security Officer

Vorwerk

Google Keynote | Welcome To The Era Of Flexibility: Why Agility Is The Key To Getting Ahead

9:45 AM - 10:15 AM
There is no doubt that the workplace has undergone an unprecedented transformation in the last few years. As IT leaders prepare for what’s next, it’s key that they are strategic in determining which technology best supports their workforce and keeps them secure and productive. Hear from the Chrome Enterprise team on workplace trends, how to keep your competitive edge and how leaning into solutions that provide flexibility and agility will future proof your business.

Kevin Peacock

Sales Specialist

Chrome Enterprise

Innovation Partner | The Journey to AIOps: Empowering Intelligent Automated IT Operations

10:20 AM - 10:30 AM
A successful digital transformation requires AIOps. Artificial intelligence for IT Operations (AIOps) is widely defined as the result of big data and artificial intelligence/machine learning. It’s a framework designed to help CIOs and CISOs master today’s dynamic IT landscape. Major advances in distributed architectures, multi-clouds, containers, and microservices, to name a few, have created copious, multi-dimensional data flows that create excessive noise and stifle IT’s ability to identify and resolve service incidents. To transform operations, forward-looking leaders enrich IT data with context, enabling automation and better business outcomes. No matter where you are along the path to AIOps, ScienceLogic SL1 offers you the capabilities to progressively improve service visibility and automate your IT workflows to demonstrate business impact.

Sabrina Fuchshuber

Associate Account Executive

ScienceLogic

Networking Session

10:35 AM - 10:45 AM

Innovation Partner | Agentless Device Security for Industry 4.0 - Making the Digital Transformation

10:50 AM - 11:00 AM

For years, industrial companies have relied upon air-gapping devices and leveraging proprietary protocols and software to protect their ICS and OT assets. They were insignificant targets for hackers as there were limited networked interfaces to attack and little to gain, or destroy, or take hostage. OT and IT didn’t integrate much and didn’t have the same kinds of vulnerabilities. But this has changed recently.

Learn how to; 

  • Discover All Assets
  • Identify Risks and Gaps
  • And how to Automate Enforcement to achieve better IT/OT security and to stay compliant across all assets.

 

Think Tank | Secure Access Management – GRC-Konzeption & S4-Journey

11:05 AM - 11:30 AM

Jan-Peter Hazebrouck

VP Technology Transformation Management â?" Technology & Infrastructure

Deutsche Telekom

Think Tank | Digital Resilience through insiders’ risk management

11:05 AM - 11:30 AM

Some of the most volatile and ambiguous adversaries to identify, contain and isolate are those within the household.

Insider threats could be likened to bomb and bread fiery darts firing and causing collateral damages from many fronts and within close ranges but shielded by privileges and internal dynamics

This Session will attempt to;

  • Dissect the enormity of this evasive risk
  • How it  has evolved
  • Pragmatic, collaborating approaches to minimizing the likelihood of occurrence and impacts.

Chuks Ojeme

Global Chief Information Security and Compliance Officer

BrennTag Group

Innovation Partner | Postgres - The Most Transformative Open Source Technology Since Linux

11:35 AM - 12:15 PM
Enterprises are shifting to next gen data-driven operating models. IT stacks are increasingly defined by open source, and Postgres is at the heart of the data infrastructure supporting modern applications. Many organizations are ill-equipped to take advantage of the ensuing economic and innovation opportunities, to drive the necessary skills transformation, and to successfully adopt ‘as a service’ centric operating models that value business outcomes over IT requirements. EDB has been the heartbeat of Postgres for 18 years with enterprise-focused software distributions, cloud solutions, and best practices - all focused on accelerating our customers’ Postgres strategy for powering modern applications.

Marc Linster

Chief Technology Officer

EDB

Think Tank | Leading Security In The New

12:20 PM - 12:45 PM

In todays complex world, the Security Leader experiences several challenges. Not only in the IT domain, but also in other domains like OT, IoT and physical security but also defender's dilemma, war for talent, the new normal, agile working and leadership, and so much more. 

During this presentation, I will share:

  • What does this mean for today’s Security Leader
  • How can you lead your business to cyber success in today’s world? 
  • And my personal experiences within security leadership

Boris Ortolf

Head of Enterprise & Cyber Security

Fujitsu

Executive Boardroom | Why your MFA Will Not Keep The Bad Guys Out

12:50 PM - 1:15 PM

Why your MFA Will Not Keep The Bad Guys Out

MFA Requirements Have Changed. Cybercriminals have become more sophisticated in their attacks, and traditional MFA that relies on passwords and other weak factors can’t keep up. Remote working has expanded, and rapid cloud adoption demands that companies ensure the identity of the user behind every device, and assess the level of risk before access. 

How are you protecting your data from advanced attacks? 

Traditional MFA relies on weak factors like passwords and one-time codes.

In this session, learn now you can better protect your organization by eliminating passwords and only use strong factors like asymmetric cryptography and biometrics to protect your organization from phishing, ransomware attacks, and other password-based attacks. Gain control over all users and devices requesting access.

 Takeaways: 

  • Are you on the right path to protecting your organization? 
  • Find out how to best roll out MFA while removing friction, empowering your users and removing productivity killers plus reducing costs.

Chris Medidinger

Technical Director, EMEA

Beyond Identity

Executive Boardroom | Three Questions About Cyber Recovery

12:50 PM - 1:15 PM

When it comes to cyber attacks, the question is not IF but WHEN an attack will happen. What if the attack was successful? Did I ask myself the right questions beforehand and did I take the right actions to be sure I can recover?

Join the session to hear from Commvault about their experience around successful cyber attacks and their aftermath. How did customers make sure that their data was safe and how did they recover their losses. What worked well and where was room for improvement?

 

Christian Kubik

Principal Advisory Consultant

Commvault

Innovation Partner | Go Fast, Go Safe.

1:20 PM - 1:30 PM

Go Fast, Go Safe. How to achieve the Holy Grail of Software Delivery,  with Secure, Compliant Processes that don't slow down your Business.

If 95% of C-Suite Executives say that Software Supply Chain Security is top of mind, but only 23% of them confirm that their Supply Chain Security project is 'almost finished', whilst 75% of them believe that Security can be the 'department of slow', then in reality, how ready are most companies to deploy DevOps at scale, safe in the knowledge that they're both secure and responsive to changing market demands?

Bartosz Niwinski, Sales Director EMEA Central, at CloudBees, will explain why supply chain security is hard to achieve, and why a holistic, ground-up approach to securing the software supply chain (through Development, Delivery and into Production) is the only way to really address the challenge of ensuring secure DevOps.

 

Bartosz Niwinski

Sales Director EMEA Central

CloudBees

Networking Lunch

1:30 PM - 2:20 PM

Innovation Partner | Context is King....reducing risk in the cloud.

2:25 PM - 2:35 PM
The burndown of traditional vulnerability and compliance KPIs/metrics fails to capture the true essence of risk in the cloud. This talk challenges both the traditional metrics security professionals are evaluated against as a well as the siloed workflows that produce these datapoints. This talk introduces Context as the missing factor when assessing about what is truly risky and what to do about it.

Michael Dielman

Account Executive

Wiz DACH

Think Tank | The Benefits & Challenges of Low-Code Adoption In A Global Organisation

2:40 PM - 3:05 PM

Low-code adoption is the present and future for many companies, and its benefits are widely recognised due to the growing need to either accelerate or finish your digital transformation journey. During this session, I'll be presenting some of the main challenges, the lessons learnt  and opportunities available to on how you can maximize the potential of low-code. Key takeaways include:

  • How you can make friends with your platform, holistically with low-code.
  • Re-using your ready-made apps and components to support your users.
  • Ways you can retrieve the feedback you need faster
  • What you can do to avoid neglecting the low-code community and your users
  • And most importantly, how you can keep calm and try low-code

Jered Markoff

CTO, Emergency Operations

World Health Organization

Thought Leadership | Delivering Value with Data - The Key Principles to Success

3:10 PM - 3:35 PM
Building a data-driven culture across the enterprise no longer has to add layers of complexity that impact business agility. As the growth and distribution of data continues, businesses must provide employees easy access to the data needed to make the right decisions. In this session we will explore the distribution of data and analytics, wherever the data is sourced, how modern data architectures are helping drive optimised processes, supported by consistent security and compliance across the Hybrid Data Cloud. We believe where data flows, ideas follow.

Paul Mackay

EMEA Cloud Lead

Cloudera

Romain Picard

Senior Vice President

Cloudera EMEA

Think Tank | Innovation As A Tool, Sustainability As A Goal

3:40 PM - 4:05 PM
Climate change will be one of the most challenging problems of the next decade. Sustainability has become the Objective of most companies, but not all of them have been capable to achieve this goal with the good set of strategies. In the presentation you will learn how Enel has shaped its digital transformation programme around sustainability and how digital innovation is accelerating the completion of this journey.

Marco Moretti

Head of Digital Innovation and Sustainability

enel group

Think Tank | The Needs Of The Few; Why Security Awareness For Developers Matters

3:40 PM - 4:05 PM
Our modern world is moving more and more away from hardware to code based infrastructure. More and more the security and the reputation of our businesses rely on the skills of developers. However most Security Awareness programs fail to take the special requirements of developers into account. But as with all Security Awareness programs this also requires the support of the management. In this talk I would like to show that Security Awareness for Developers is not just an investment to improve the skills of your developers, but also into the security and reputation of your company.

Klaus-Erdmann Klingner

Information Security Officer

Allianz

Executive Boardroom |Third Party Identity - The Risk Hiding In Plain Sight

4:10 PM - 4:35 PM
For the last 30 years virtually every company, agency and organisation has been forced to accept the risks associated with identity management and control for third parties and all the other identities that are not directly addressed by today's workforce or customer access management solutions. The universe of "all other identities" is enormous, numbering in the billions and maybe even the trillions of distinct and unique identities. In the absence of solutions and processes to actively manage and control the identities of contractors, service providers, agencies, franchisees and all the possible variations of people, devices, and entities that your organisation interacts with, accepting risk but not being able to mitigate it has been the normal course of business. It is past time that these risks are acknowledged,  addressed, and mitigated. Phil Allen explains the current state of third and n-th party identity risk, how to recognize it and what to do about it in this presentation on a new frontier in security and risk

Phil Allen

VP & GM EMEA

SecZetta

Executive Boardroom | Building Business Resilience Against Ransomware Attacks With Zero Trust Data

4:10 PM - 4:35 PM

Building Business Resilience Against Ransomware Attacks With Zero Trust Data Security.

As everyone works in more digital, distributed environments amidst a pervasive new ransomware economy, cyber resilience has become a board-level discussion. IT and Security teams must rethink their approach to data management to reduce the risk of paying ransom payments, while decreasing the mean time to respond and recover when ransomware-attacks occur. A unique approach to Zero Trust Data Management delivers business resilience by ensuring that data remains safe from attacks.

  • Be prepared to      ransomware attacks by analyzing anomalous activity
  • Have immutable      and quickly recoverable backups available
  • Automatically      test recovery operations in a sandbox environment
  • Simplify cyber      investigations with incident containment
  • Combine your      SIEM and SOAR infrastructures with your backup operations

Frank Schwaak

Field CTO EMEA

Rubrik

Innovation Partner | Kofax

4:40 PM - 4:50 PM

Networking Session

4:55 PM - 5:10 PM

Knowledge Exchanges | Topic Tables

5:15 PM - 5:40 PM

Peer To Peer Topic Tables: Please choose one

How To Enable Digital Transformation Through Emerging Technologies - Led By Murat Akturk, Global Director Of Innovation and Partnership / AI & Digital Health - GE Healthcare

Security At The Heart Of The Organisation - Led By Max Imbiel, Deputy CISO - UniCredit Bank

The Role Of The CIO - Led by Dirk-Andrew Heil, CIO, BDO

Business Continuity and IT Disaster Recovery Led by Alexander Zhitenev, Group CISO at IFCO Systems

Murat Akturk

Global Director of Innovation and Partnership / AI & Digital Health

GE Healthcare

Dirk-Andrew Heil

Chief Information Officer

BDO Germany

Max Imbiel

Deputy CISO

UniCredit Bank

Alexander Zhitenev

Head of Information and Cyber Security

IFCO Systems

Closing Keynote Panel | The CIO vs. The CISO

5:45 PM - 6:05 PM

Believe it or not, tech and security leaders aren’t always aligned. The last couple of years put unique stresses and strains on both leaders. It wasn’t long ago that CIOs moved from being technologists to having a much larger role as key strategists for their organisations. Many CISOs found themselves in similar situations going through the pandemic as workers across the globe got thrust into a work-from-home world. Keeping organisations safe and secure moved from a line-item on an agenda to the main initiative at the top of every meeting. CISOs are having a seat at the table more than ever before. Companies had to find a way to work remotely and secure with minimal lead time. For many industries that created tension between the CIO and the CISO. But as our panel will point out, there doesn’t have to be a turf war and a well-planned alignment between the two executives can overcome roadblocks to success and lead organisations to a brighter future. Join this session to find out how an environment that features give-and-take between smart, motivated, and innovative executives can help drive optimal business outcomes.

Dirk-Andrew Heil

Chief Information Officer

BDO Germany

Max Imbiel

Deputy CISO

UniCredit Bank

Alexander Zhitenev

Head of Information and Cyber Security

IFCO Systems

Anke Sax

COO/CTO

KGAL GmbH & Co. KG (KGAL)

Closing Remarks

6:05 PM - 6:10 PM

Summit Happy Hour

6:15 PM - 7:15 PM