12th Annual e-Crime & Cybersecurity Congress Nordics

More attacks, more regulation, more investment needed

April 25th, 2024, Stockholm, Sweden

 

Sweden is at the frontline: organisations have to raise their cybersecurity game to reflect that

 

The Nordic region is at Europe’s front line when it comes to geopolitical tension and the prime suspect in many recent attacks is Russia, according to senior figures including Major General Gunnar Karlson, head of the Swedish Military Intelligence and Security Service (Must) and Charlotte von Essen, the head of Swedish Security Services (Säpo).

Russia uses cyber-attacks as a geopolitical retaliatory measure as well as for long-term disruption and espionage. (For example, a Swedish government website was hit by DDoS cyberattack just as Swedish and other Nordic politicians met Ukraine's president Volodymyr Zelenskiy).

But there are other tensions: Sweden is also the target of Islamist disinformation campaigns and is attacked by groups who wish to use digital channels to instil fear of physical attack, as well as simply threatening to digitally disable critical national infrastructure. 

For these reasons, in November 2022, the government appointed Henrik Landerholm as the country’s first National Security Adviser. 

The public sector is the key target for many of these attackers: one report says that since 2006, there have been at least 722 cyberattacks on government agencies, 15% of which were reportedly carried out as part of a cyber espionage campaign. Figures from MSB, the Civil Contingencies Agency, show a significant increase in the number of serious DDoS attacks: in the first half of this year, 52 serious cyber attacks were reported to MSB versus 10 during the same period in each of the last three years. The Social Insurance Agency, Försäkringskassan, has seen such attacks double over three years

The private sector is not safe either of course. First, many politically-motivated attacks are expressed by attacks on private-sector CNI or accidentally spillover into the private sector. Second, these threat actors are joined by the many economically-motivated criminals who want to profit from digitally-enabled scams. 

Ransomware is still the most prevalent form of economic attack, and the most damaging. Losses from ransomware are estimated to be running at more than SEK30 billion a year.

No organisation is safe. In November 2023, the website of the Swedish Church (Svenska kyrkan) was knocked out by a ransomware attack preventing, amongst other things, people from arranging funerals. The Church will not pay the ransom (“We will not agree to any demands,” says Pia Dahlén, head of communications) and the problem is ongoing.

In the face of the increased volumes and sophistication of attacks, organisations are finding it hard to respond quickly enough. Sweden is vulnerable to cyberattacks, and more collaboration between public and private actors is needed, to meet the skills gap in the public sector. Åke Holmgren, Head of the Division of Cybersecurity and Secure Communications at MSB says Swedish authorities can't sit back and think they're good enough — because they're not. And Säpo itself has noted that Sweden is lacking in protecting security-sensitive activities across key sectors.

 

So, what should Boards, risk officers and cybersecurity professionals be doing? Where should you be investing – cloud, network hardware protection, server-level DDoS protection, better network data analytics? What other mitigations can you put in place?

Come to the e-Crime & Cybersecurity Congress Nordics to find out:

• How your fellow cybersecurity professionals are coping with these challenges day-to-day? 
• Does NIS2 help and what must you do to incorporate its requirements?
• What practical steps you can take to get better supplier visibility and understanding?
• How to economically enhance the security built into Cloud infrastructure and applications with 
selected additional technologies.
• How new and not-so-new EU Directives are driving the Board view of cybersecurity risk and 
investment.

 

The e-Crime & Cybersecurity Congress Nordics will look at how CISOs are responding to this fast-evolving digital landscape.
Join our real-life case studies and in-depth technical sessions from the security and privacy teams at some of the world’s most admired brands.

  • Insuring the uninsurable?

    • Cyber-insurers need to understand the risks they are insuring if they are to set premiums at a level that makes sense.
    • They also need to know that they are insuring risks that clients have taken steps to mitigate properly.
    • why insure those who leave their digital doors open?
    • What can and can’t be insured?
  • Cybersecurity as a service: the pros and cons

    • MSSP, MDR, CSaaS – all of these offer varying degrees of outsourced cybersecurity services
    • So when does it make sense to outsource?
    • And what outsourcing arrangements make sense for which firms?
  • Cybersecurity for SaaS/IaaS/PaaS

    • Most companies’ core reliance is now upon a small number of monolithic application suites and Cloud services
    • In addition, they are likely to be developing their own software in the Cloud
    • These and other changes fundamentally alter the IT landscape in which cybersecurity operates
    • So do CISOs need a new model for cybersecurity and are legacy solutions still valid?
  • Making the most of next gen tech: automation, AI and the rest

    • The next 20 years will see an ecosystem of small single-issue vendors slim down to a far less complex set of larger platforms
    • These platforms will be able to invest in continuous development and offer to cover all or large chunks of organisations’ security needs
    • But will the winners in this evolution be those at today’s cutting edge?
  • Upskilling security teams

    • Organisations have limited budgets
    • The skills shortage in security staff growing
    • This dynamic affects the type of on prem security operation firms can employ
    • So how can CISOs continuously upskill their teams?
  • NIS2 – changing the game in cybersecurity?

    NIS2 expands the scope of who is included. It adds more regulations and divides the world into two tiers, each with different requirements. And it increases the personal liability of senior officers around cybersecurity failings. So how does this new regulatory environment change the cybersecurity calculus? What do firms need to do now?

  • Ransomware – dealing with the new normal

    • The US Treasury reported that companies paid an estimated $5.2 billion in BitCoin transactions due to ransomware payments for companies in 2021.
    • Only a quarter of ransomware attacks are reported. 
    • Ransomware is here to stay. So how can CISOs stop it being a permanent tax on the business?
  • Here come the cybersecurity regulators

    • Data privacy is only a small part of the picture. 
    • Regulators are looking at operational resilience in key sectors like finance – securing the wholesale payments market is a priority and others will follow. They are looking at disclosure and fining the miscreants.
    • Can you help businesses comply with new regimes?
  • Developing the next generation of security leaders

    • If cybersecurity is to change to meet the evolution of our digital world, then so must those who implement it.
    • CISOs cannot cling to an IT paradigm and companies must move away from hiring on false pretences (on budget and commitment) and firing at the first breach.
    • What does a next-gen CISO look like and are you one of them?
  • Embracing digital risk management

    • If single point solutions are not the answer, then how about a holistic approach?
    • Instead of treating every threat type and actor or network anomaly as a separate variable or alert, step back and look at the whole landscape.
    • Cybersecurity is still not run as a true risk management process. It must be.
  • Building better Cloud security

    • Migrating to the cloud is a priority. But, if not properly managed, cloud migrations result in extra complexity and risk.
    • So how can firms efficiently assess cloud readiness, plan and execute migrations and establish comprehensive cloud governance?
    • Can you help companies transition smoothly and securely to the Cloud?
  • Can zero trust be done?

    • Zero Trust/ZTNA/SASE - they promise solutions to the key problems CISOs face today.
    • But how realistic are they? Do they take into account existing legacy technology, and the ways in which real companies actually do business day-to-day?
    • Can you explain how a real-world implementation works?

Who attends

Job titles

CISO
Developer
Information Security Analyst
Tech Lead
Security Engineer
IT System Administrator
Senior Security Professional
Risk Officer
IT Security Expert & Threat Hunter
Security Generalist
Compliance and Risk Manager
Chief Information Security Officer (CISO)
Information Security Control Manager, Swedish Banking
Information Technology Support Engineer
Cyber Security Compliance Expert
IT Security Specialist
Cyber Security Manager
ISO Information security Officer
Chief Security Officer (CSO)
Risk Officer
Senior IT Security Specialist
Trade and Transaction monitoring Officer - Financial Crime prevention
IT Security Specialist
Cyber security Expert
Senior IT Security Specialist
CIO
Reg Tech
Chief Security Officer (CSO)
Executive Director, Europe
Information Security Officer
Information Security Specialist
Information Security Manager
Director of Operation – R&D Product Management and Technology
Cybersecurity Manager
Data Protection Manager
Director of Information Security
FCP and Cybersecurity professional
Security Operations Manager
Security Advisor
Head of IT Governance
Enterprise Architect | Cybersecurity | Program management
Head of IT
Nordic Head of Cyber Underwriting
Cybersecurity Practice Lead
Group Data Privacy Business Partner
IT Admin
Senior Business Risk Manager
Senior Security Lead | Country Information Security Risk Manager-Sweden
Group CIO
Information Security Manager
IAM Specialist
Junior Information Security Specialist
Senior Advisor Security
CISO
Acting CIO
System Security Manager
IT Architect
CISO
FCP IT-Architect
Head of Information Security
Administrative Support
Head of Financial Crime and Cybersecurity
Data Protection Manager
CISO
IT-säkerhetsansvarig
Systems Engineer IT and Information Security - GRIPEN Divisions
Director - Operational Risk and Information Security
Cyber Incident Management - Nordics Lead
Global Compliance Manager Data Privacy
Information Security Officer
Security Architect
Service & Solution Manager
Information Security Manager for Large Corporates and Institutions
Global Head of Product Security
Information security expert
Head of IT & Infosec
Senior Business Developer
Senior Security Advisor
IT Security Operations Manager
Software Architect
Cyber Security Engineer
Security Specialist
Data Protection Officer
Senior IT Security Officer
Cloud Security Engineer
Vice President
CISO
Head of Information Security (CISO)
Head of Development Group IT
Information Security Officer
IT Security Specialist
Head of Security
Senior Model Risk Manager- Governance and Control
Senior Cloud Architect
Senior Project and Program Manager
Chief Information Security Officer
Cybersecurity Area Manager
Privacy Specialist
IT Development Service Manager
Cybersecurity Associate
Cyber Security Engineer
Cyber Crime
Head of Security & Compliance
Fraud Prevention Specialist
CISO
Project Manager IT
IT Internal Audit Senior Manager
Senior IT Architect
Head of Group Security /CISO
Risk Officer
Information Security Architect
Information Security Manager
Compliance Officer
CISO
IT
Security Product Manager • BNEW DNEW OP SC Security & Compliance
IT Solutions Manager
Chief Security Officer
Group Manager
Mobile App Developer

Companies

Entidade Reguladora dos Serviços Energéticos
Anyfin AB
LeoVegas Group
Swedbank
KRY
EasyPark Group
Telia Company
Bankgirot
PostNord Group AB
Ericsson
Ericsson
Medius
Swedbank
Anyfin AB
Scania
Skandia Banken
EY
Northmill Bank
Bankgirot
Bankgirot
Trygg
Guaranty Trust Bank
Swedish Pensions Agency
H&M
SVT
Entidade Reguladora dos Serviços Energéticos
AFRY Group
Transdev Sverige AB
Financial Services Information Sharing and Analysis Center (FS-ISAC)
PostNord Group AB
H&M
Swedbank
Vizrt Group
Unilabs
Nordic Entertainment Group (Viaplay Group)
OVO Group
Handelsbanken
Ericsson
Ericsson
Lendo Group
Länsförsäkringar AB
Kivra AB
Riskpoint Group
EY
Sandvik AB
Futuraskolan International School of Stockholm
Nordea
Hitachi Energy
Camfil AB
Kommune Kredit
Tele2 (Tele2 Sverige AB)
Trygg
Swedenergy
Max Mattheissen
Handelshögskolan i Stockholm The Stockholm School of Economics (SSE)
Ericsson
Securitas Sverige AB
Ahlsell Sverige
Handelsbanken
Tele2 (Tele2 Sverige AB)
WTW
Finanssiala ry - Finance Finland (FFI)
Nordic Entertainment Group (Viaplay Group)
Wasa Kredit AB
Socialstyrelsen
Swedish Defense Materiel Administration (FMV - Försvarets materielverk)
FCG
Marsh
Sandvik AB
Qliro AB
Swedbank
Bankgirot
Swedbank
Vizrt Group
Sveriges Riksbank
Hemnet
Nordea
Ericsson
Acne Studios
Skandia Banken
Hitachi Energy
Västra Götalandsregionen
ITB-MED AB
Swedish Pensions Agency
Hive Streaming
Stockholm Corporate Finance
Advokatfirman Vinge
Axfood AB
Swedbank
PostNord Group AB
Qliro AB
Starvito
Swedbank
Länsförsäkringar AB
ICA AB
TF Bank AB
H&M
Ericsson
Swedbank
EQT Partners/EQT AB
EQT Partners/EQT AB
Swedish Police Authority
Ericsson
Arelion Sweden AB
Olink Proteomics
Ericsson
Autoliv
Vattenfall
Folksam
Swedbank
ICA AB
Trygg
Saab Group
MedMera Bank AB
Voyado
Ericsson
Lunds Kommun
EVRY Sverige
Scania
Skandia Investment Group

Industries

Regulator
Banking
Casinos/Gaming
Banking
Healthcare Services
Transportation/Shipping
Telecommunications
Banking
Transportation/Shipping
Hardware
Hardware
Software
Banking
Banking
Transportation/Shipping
Banking
Accounting/Auditing
Banking
Banking
Banking
Insurance
Banking
Insurance
Retail
Media
Regulator
Industrial Engineering
Transportation/Shipping
Banking
Transportation/Shipping
Retail
Banking
Software
Pharmaceuticals
Media
Electricity
Banking
Hardware
Hardware
Banking
Insurance
Software
Insurance
Accounting/Auditing
Construction
Education
Banking
Electricity
Retail
Banking
Telecommunications
Insurance
Electricity
Insurance
Education
Hardware
Security Product Vendor
Retail
Banking
Telecommunications
Insurance
Banking
Media
Banking
Healthcare Services
Aerospace/Defence
Insurance
Insurance
Construction
Banking
Banking
Banking
Banking
Software
Banking
Real Estate
Banking
Hardware
Retail
Banking
Electricity
Healthcare Services
Healthcare Services
Insurance
Telecommunications
Banking
Legal
Retail
Banking
Transportation/Shipping
Banking
Software
Banking
Insurance
Retail
Banking
Retail
Hardware
Banking
Banking
Banking
Regional Law Enforcement
Hardware
Telecommunications
Biotechnology
Hardware
Automobiles/Parts
Electronic/Electrical Equipment
Insurance
Banking
Retail
Insurance
Aerospace/Defence
Banking
Software
Hardware
Regional Government
Software
Transportation/Shipping
Banking


Venue

7A Odenplan, Stockholm

loke

Location: 

7A Odenplan

2nd floor, Odengatan 65

113 22 Stockholm


Telephone: +46 8 586 107 00