Agenda

08.30 - 09.30

Breakfast Networking & Registration
09.30 - 09.40

Chair's Welcome
09.40 - 10.00

►Strengthening Cybersecurity Competence in Austria and the EU

Marlies Hofmann, Legal and Policy Officer, NCC-AT 
Lydia Lindner, Programme Manager, FFG & NCC-AT

  • The National Coordination Centre for Cybersecurity in Austria: Roles, Impact, and Strategic Vision
  • The European Cybersecurity Competence Centre: Mission, Objectives, and Governance
  • Unlocking Opportunities: EU Funding for Cybersecurity Innovation and Collaboration
10.00 - 10.20

►Wie türkische Escort-Websites den Schutz des Eurovision Song Contests möglich gemacht haben. Cyber-Security in der global vernetzten Welt

Matthias Lutz, Senior Account Manager, Cloudflare

Die große Kunst der Cybersecurity ist es, Muster in komplexen Zusammenhängen erkennen zu können. Erfahren Sie die Geschichte, was türkische Escort-Websites, der Eurovision Song Contest, der Chef der staatlichen iranischen Cyber-Angriffs-Truppe und das Einreiseverbot unseres CEOs nach Russland verbindet. Weshalb ist es auch für regionale Unternehmen wichtig, globale Sicherheitsmechanismen zu installieren.

  • Cybersecurity bedeutet, Muster in komplexen Zusammenhängen zu erkennen
  • Was verbindet türkische Escort-Websites, Eurovision, Irans Cyberchef und das Russland-Einreiseverbot unseres CEOs?
  • Globale Sicherheitsmechanismen sind auch für regionale Unternehmen unerlässlich
10.20 - 10.40

►Widerstandsfähig statt nur sicher: Cyber Resilience für die Cloud

Jerry Rijnbeek, Vice President Cloud & Security Technology, Rubrik

  • Cloud im Fokus: wie Cyber Resilience speziell in Cloud-Umgebungen effektiv umgesetzt werden kann
  • Schutz allein reicht nicht: Reaktion und Wiederherstellung sind ebenso entscheidend
  • Cyber Resilienz ist der Schlüssel: trotz erfolgreicher Angriffe handlungsfähig bleiben und Schäden minimieren
10.40 - 11.00

►AI-Enhanced Cybersecurity at Banco Sabadell   

 Eduardo Gonzalez, Global Advanced Cybersecurity Director, Banco Sabadell

  • AI as the new Gold Rush
  • Impact on Cybersecurity
  • Regulations and Frameworks for AI
  • Leveraging AI for Cybersecurity
  • Creating a custom Machine Learning model
11.00 - 11.30

Networking Break
11.30 - 12.00

►Fireside Chat: Mitigating Personal Liability: The Changing Climate for Security Professionals

Jonathan Armstrong, Partner, Punter Southall Law

  • The changing politics of security
  • Current cases
  • Social Media scrutiny
  • Insurance options for CISOs
  • Golden parachutes and legal support
12.00 - 12.20

►Cybersecurity im Zeitalter von genAI – Human Centric Security zum Schutz von modernen Cyberrisiken Proofpoint-Kunden-Session

Michael Krüger, Senior Sales Engineer, Proofpoint

In dieser Session werden wir versteckte Risiken von GenAI aufdecken und Sie informieren, wie Sie Ihre Mitarbeiter & Daten schützen können.

  • In die mit GenAI verbundenen Risiken und wie GenAI von Bedrohungsakteuren und von Mitarbeitern missbraucht werden kann
  • Wie Sie Einblick in die Nutzung von GenAI in Ihrem Unternehmen erhalten, Richtlinien für die akzeptable Nutzung durchsetzen und Mitarbeiter schulen können
  • Wie ein menschenzentrierter Sicherheitsansatz den Verlust von sensiblen Daten verhindern kann
12.20 - 13.00

►Education Seminars

Delegates will be able to choose from a range of topics:

  • Protection of Service Accounts: A Luxury or an Urgent Necessity for Highly Privileged Non-Human Identities? Michael Lindner, Regional Sales Manager, Silverfort  
     
  • Understanding DORA – Aligning Cybersecurity and Compliance, Nico Richters, Account Director, Recorded Future 
13.00 - 14.00

Lunch & Networking Break
14.00 - 14.20

►Securing Critical Infrastructure with IAM in an elevated threat landscape

Sachin Loothra, Lead Solutions Architect, Telia

  • Evolving threat landscape and its impacts on critical infrastructure
  • Regulations on critical infrastructure and demands towards IAM
  • How IAM solutions can be setup to meet the demands
     
14.20 - 14.40

►Defending against multi-channel and multi-media AI-fuelled social engineering

Dr. Martin Krämer, Security Awareness Advocate, KnowBe4

  • Phishing emails are a popular choice for social engineering but by far not the only one. Messaging services, social media platforms, corporate communication channels, and online meetings are all communication channels leveraged to manipulate people. 
  • Attackers increasingly launch multi-channel attacks. No longer are cybercriminals limited to text-based communication. Voice and even video are frequently used in business contexts to communicate information. Thanks to new AI capabilities, text, voice, and video can now be easily manipulated or synthesised. Cybercriminals leverage the power of AI and multi-channel communication to step up their manipulation game.
  • Join this session to learn; how cybercriminals are changing tack, what that means for your organisation and how you should prepare for it
     
14.40 - 15.00

►How CyberProof and Google Transformed a Healthcare Provider’s Security Operations with Adaptive MxDR

Christopher Schrauf, Senior SIEM & Cybersecurity Architekt, CyberProof 
Pietro Verzi, Partner Engineering Global Security Sales, Google on behalf of CyberProof

  • Healthcare organisations face unique cybersecurity challenges that require innovative solutions. 
  • In this session, CyberProof and Google will show how their partnership delivered adaptive MxDR services for a leading healthcare provider. We’ll walk you through a real-world case study, showing how we overcame security challenges and achieved significant business outcomes.
  • Learn about; the client’s business problem statement and security challenges, how CyberProof and Google collaborate to deliver better security, together and business outcomes, including measurable improvements in security and higher ROI 
15.00 - 15.30

►Panel Discussion: Future-Proofing Security Architectures

Marian Kühnel, Information Security Architect, ÖBB
Philipp Amann, Group CISO, Österreichische Post AG 
Daniele Sangion, CISO & CSO & Head of Digital Transformation, UniCredit Bank Austria

  • How can security teams design resilient architectures to accommodate and leverage new technologies like AI, quantum computing, and IoT?
  • What role does AI play in developing proactive, rather than reactive, security postures?
  • Best practices for integrating AI without disrupting legacy systems or existing workflows
  • How can organisations implement zero-trust principles and adaptive access controls to secure evolving environments driven by AI and edge computing?
15.30 - 16.00

Networking Break
16.00 - 16.20

►Herding Cats: Building a Security Governance Structure That Actually Works

Florian Polt, Head of Group Security & Resilience, UNIQA Insurance Group

  • Navigating conflicting legal requirements and diverse stakeholders
  • Creating a governance blueprint and aligning roles across entities
  • Tackling legal complexities while maintaining sanity
  • Real-world insights, practical lessons, and governance war stories
16.20 - 16.50

►Panel Discussion: Battling Nation-State Hackers: Winning the Cyber War 

Utz Nisslmüller, Security Specialist, City of Vienna 
Nikolaus Brandstetter, CISO, MM Group 
Florian Polt, Head of Group Security & Resilience, UNIQA Insurance Group 
Philipp Amann, Group CISO, Österreichische Post AG

  • How can organisations effectively leverage threat intelligence to proactively counter nation-state attacks? Can they?
  • Do regulatory standards actually enhance defense against nation-state actors, or do they merely add compliance burdens without improving security?
  • Are we doing enough to address supply chain vulnerabilities, or is this an overlooked entry point for nation-state threats?
  • What strategic, forward-looking investments are essential for effectively countering the evolving tactics of APTs?
16.50 - 17.00

Chair's Closing Remarks

Bildungsseminare


Protection of Service Accounts: A Luxury or an Urgent Necessity for Highly Privileged Non-Human Identities?


Michael Lindner, Regional Sales Manager, Silverfort 

Machine-to-Machine (M2M)-Accounts, auch Service- oder Non-Human-Accounts genannt, spielen eine zentrale Rolle in der IT-Infrastruktur, bergen jedoch erhebliche Sicherheitsrisiken, wenn sie nicht ausreichend geschützt werden.

Die Teilnehmer erfahren:

  • Warum sind Service Accounts ein bevorzugtes Ziel für Angreifer?
  • Wie können kompromittierte Service Accounts für laterale Bewegungen genutzt werden?
  • Warum bleibt ihre Absicherung oft unzureichend, und wie schaffen Unternehmen Transparenz?
  • Welche Strategien ermöglichen eine nachhaltige Absicherung dieser privilegierten Identitäten?
     

Understanding DORA – Aligning Cybersecurity and Compliance


Nico Richters, Account Director, Recorded Future

DORA is a new EU regulation requiring companies to make their digital systems more resilient to disruptions and cyberattacks. It affects not only banks, but all key players in the financial system. DORA brings cybersecurity and compliance closer together than ever before. For security and IT teams, this means new priorities and increased responsibility. The requirements are complex: companies must adapt processes, reporting, and technical controls. One of the toughest parts is identifying and documenting risks in real time. Recorded Future provides the threat intelligence needed to detect risks early and support compliance reporting. This helps organisations meet regulatory demands more efficiently.

Attendees will Learn:

  • What the Digital Operational Resilience Act (DORA) is all about
  • Why DORA is a game changer for security and IT teams
  • Key challenges organisations face when implementing DORA
  • How Recorded Future helps meet DORA compliance requirements