Event Agenda

The NIS2 Directive and the upcoming Cyber Resilience Act (CRA) aim to reshape the cyber security landscape for critical infrastructure, making it more secure. In this expert panel discussion, we examine the practical implications of these regulations, and the important question of how we prepare ourselves for an era of increased regulation.
.
• What should change in our incident response plans to achieve compliance?
• What are the challenges of compliance across diverse sectors?
• How can we prepare now for a future with increased regulation of critical infrastructure?
• How do we handle cross-border issues with organisations operating multi-nationally?
.
– Moderator: Daniel Reiner Franke, IT/OT Asset Manager, Norsk Hydro
– Alun Jones, Solution Engineer, Xage
– Kristina Blomqvist, OT Security Lead, Vattenfall
– Jacqueline Johnson, ACopenhagen Business School & Former CISO, Utilities and Banking Industry
– Ian Richter Nielsen, CISO, WeStorix
.

Navigating the NIS2 Directive requires more than just implementation; it demands clear and concise communication of progress to your leadership. In this session, we explore a strategic framework for establishing and utilising CMMIs to measure your organisation’s advancement towards NIS2 compliance. Discover how to translate technical efforts into business-relevant metrics, enabling effective board-level reporting and strategic decision-making in the face of evolving cyber threats.
.
– Niels Søby Vesterager, CISO, DAO Distribution A/S
.

In an era of increasingly frequent and sophisticated cyber attacks, the need for effective defense strategies is paramount. This session will explore a comprehensive approach to cyber resilience, focusing on what constitutes a robust strategy for protecting data and systems. We’ll discuss how to combine technology and practices to address modern cyber threats and how an air-gapped recovery can achieve unprecedented results. The session will be closed by a real-life scary ransomware story that will have everybody stunned.
.
– Egon Van Dongen, Systems Engineering Manager EMEA, Zerto
.

The energy sector is among the most critical of public infrastructure, making it a prime target for cyber threats. But navigating the complex landscape of security regulations can feel overwhelming. In this session, we’ll go beyond the jargon and dry text of regulations to provide a high-level, practical overview of security compliance.
.
• Take a high-level view of the impact of regulation on energy operations and infrastructure
• Explore real-world, actionable examples of how organisations are complying with regulation
• Gain valuable insights into building a robust security posture, not just for the sake of compliance, but to truly protect your organisation
.
– Robert Valkama, Senior Manager, Security, Fortum
.

This presentation will walk through a multi-dimensional view of the OT environment, elevating the view far above a simple inventory to a holistic view of the entire ecosystem. Built on over 20 years of working in and around OT regulation in industries such as the North American Power Grid, Pipeline and Refining regulations and others, the following presentation will walk through the fundamental building blocks required for proactive risk identification and reduction. Join us to learn more about:
.
• The OT challenge in data collection and context
• A multi-dimensional model to build a profile
• Contextual Risk Calculation
• Resulting Automated Analysis
• Case Studies from successful OT practitioners
.
– John Speakman, OT Cybersecurity Specialist, Rockwell Automation
.

Asset replacement will never be driven out of security needs, but instead by business incentives. For this reason, it’s imperative that OT security leaders can make a business case for OT security, to drive funding and ultimately replace legacy systems. In this session, we explore how OT security contributes to company value and why it must be prioritised.
.
• Learn how to communicate the consequences of OT system failures or breaches
• See how robust OT security can help mitigate risks associated with cyber attacks
• Discover how to quantify the potential benefits of OT security investments and demonstrate the positive financial impact
.
– Moderator: Petrut Jianu, Head of Cyber Defence Centre, Novonesis
– Jonas Rendahl, CISO, Consilium Safety Group
.

The NIS2 Directive introduces significant changes to cybersecurity regulations. This session delves into the practicalities of NIS2 compliance, offering a step-by-step approach to understanding and implementing the directive’s requirements. We’ll explore the key areas of focus, including risk management, incident reporting, and supply chain security.
.
– Andreas Östrin, Group CIO, LSAB Sverige
.

With the threat of cyber attacks to critical infrastructure increasing, we take an in-depth look at how SektorCERT safeguards the vital systems that underpin Danish society. We will explore their unique operational model, key strategies for threat detection and response, and its collaborative efforts with public and private sector partners.
.
• Discover SektorCERT’s proactive measures in preventing cyberattacks
• Learn about their robust incident response mechanisms and recovery protocols
• See how information sharing and national-level coordination bolsters our collective cyber resilience
.
– Søren Maigaard, CEO, SektorCERT
.

Roundtables:
T1: How To Adjust Your PAM Strategy for Growth
– Jaens Stafren, Cyber Security Principal, Keeper Security
.
T2: The AppSec Maturity Trap (And How to Overcome It)
– Nashat Amer, Application Security Specialist, Ox Security
.
T3: DDoS & Credential Stuffing: Cheap Attacks, Big Risks
– Nils Boman, Senior Solutions Engineer, Fastly
.

The landscape of industrial operations is rapidly evolving, with the cloud emerging as a potential platform for OT. But is it the right fit? In this panel discussion, our experts will discuss the unique security vulnerabilities, real-time demands, and operational complexities of OT environments and analyse how cloud solutions can address—or exacerbate—these challenges.
.
• What are the unique challenges of integrating OT into the cloud?
• What key factors should we consider when evaluating the suitability of the cloud for critical infrastructure?
• What benefits can the cloud bring – if done correctly?
.
– Moderator: Ulf Ståhl, IT Operations Manager Nordics and Baltics, Mediq
– Humayun Khan, Principal Cloud Security Lead, Hempel
– Morten Kromann, Head of Product Development Special Projects, Grundfos
– Chamara Bulathsinhala, IT & OT Security Specialist, Novafos
.