e-Crime & Cybersecurity Congress Nordics - Copenhagen

From guidelines to mandates: the era of security on-the-cheap is over

30th October 2025 • Radisson Blu Scandinavia, Copenhagen, Denmark 

As governments react more decisively, organisations will be forced to invest more heavily in cybersecurity

 

Better late than never: the growing significance of cyber and digital issues in global affairs

Europe is under attack. There is no longer any attempt to disguise the severity of the threat to our digital and connected infrastructure and there is a scramble at all levels to secure our institutions, CNI, economies and democracies.

In Denmark that has taken several forms: last year, the Danish government relaunched the National Cyber Security Council (NCSC) with an expanded mandate to strengthen digital security across critical sectors while advancing AI capabilities. The NCSC will promote public-private partnerships, enhance data sharing between government, businesses, and academia, and protect critical infrastructure from rising cyber threats.

More recently, in what is technically the first public warning by a European government agency, the Danish Agency for Society Security (SAMSIK) has raised the threat of cyber espionage against the Danish telecoms sector from “medium” to “high” in its latest report.

And governments, including Denmark’s, are finally accelerating the incorporation of key European Directives into local law. So, in February this year the bills for implementing the NIS2 Directive and the CER Directive were presented by the Danish government to the Danish Parliament and came into force in July.

Compliance with this legislation will begin to transform security in Denmark – and the rest of the world.

First, large organisations in critical sectors will have to ensure that their technology and processes are sufficient to comply and, more importantly, deliver the security and resilience governments need in CNI.

Second, this is already forcing regulated entities to properly address their most significant gap: third-party and supply chain security. This in turn forces smaller firms, and those not explicitly caught up in regulation, to maintain the same security standards as those who rely on them. And third, this is

Third, governments themselves are realising that secure and resilient CNI means much more than regulations for the final providers. The entire ecosystem must be secure and they will realise that critical suppliers – regardless of size or location – will need to be subject to some form of oversight. And then what about their suppliers?

Once governments understand that CNI can only be assured by collective security across all sectors, we can expect to see a paradigm shift in their demands. Best-practice security will rapidly become compulsory, and enforcement will start to bite.

 

The e-Crime & Cybersecurity Congress Nordics will look at how cybersecurity professionals need to adapt to this new environment.
Join our real-life case studies and in-depth technical sessions from the most sophisticated teams in the market.
 

View details of the previous event

  • Dealing with regulations

    • CISOs now must build a single coherent security program that simultaneously satisfies divergent regulatory demands.
    • They must interpret vague legal standards into technical architectures, and they risk non-compliance if auditors, regulators, or courts interpret those differently later.
    • They face unrealistic expectations around incident reporting and they face personal liability. Can RegTech help?

  • Defending against the latest ransomware variants

    • Ransomware is effective precisely because it can exploit whatever weaknesses exist in your security architecture and processes
    • The threat and the actors are constantly evolving, and that evolution is forcing the hand of the government and causing havoc in the insurance market
    • What can CISOs do to better defend against ransomware?

  • Making the best use of threat intelligence

    • In a pre-emptive security model, timing is everything — success depends on detecting and neutralizing threats before they become active incidents.
    • To do this, security operations can't just rely on internal telemetry (e.g., endpoint or network logs).
    • They need external, real-time context about emerging threats — where do they get it?

  • OT and the regulations

    • DORA, NIS2 and other regulations put more responsibility for resilience on firms deemed important or critical.
    • Many have focused on IT networks but the regulations include all resilience and so OT environments matter. 
    • What does this new emphasis from regulators mean practically for OT security?

  • Improving continuous attack surface discovery

    • You need to know what attackers can see and what they can actually attack – and you need it on a continuous basis, not in some static inventory.
    • Ideally you also need assets ranked by risk priority and put into the current threat and vulnerability context.
    • Is this feasible and is it cost effective?

  • Adversary simulation and behavioural analysis

    • Automated adversary simulation identifies telemetry blind spots.
    • They provide prioritized remediation guidance and control effectiveness metrics. They track progress trends and validate security ROIs as well as providing board and audit reporting.
    • How well do they work in practice?

  • Security Posture Management

    • Traditional vulnerability scanners don’t handle cloud native architectures well.
    • Today’s cloud environments spin up thousands of ephemeral assets without a traditional OS, without an IP address for long.
    • So how do you adapt to that dynamic, API-driven reality? How can traditional tools connect the dots – not just generate tickets?

  • The power of automation

    • There’s too much manual intervention in security.
    • SOAR pulls data from SIEMs, EDRs, firewalls, cloud APIs, ticketing systems, threat intelligence feeds, and even email servers.
    • It also coordinates actions across tools via APIs and prebuilt integrations and intelligent playbooks.
    • Well, that’s the theory. How does it work in the real world?

  • Achieving visibility across ecosystems

    • From exposed initial access points such as warehouse management systems to complex machine control software, simply understanding your device and application landscape, its connection and data flows and dependencies is a huge challenge.
    • Can you help with asset tracking and endpoint visibility?
    • And what about anomaly detection after that?

  • Why zero trust, isolation and segmentation are key

    • There has been a shift in recent attacks away from the theft of data – now threat actors are concerned with interrupting all operation activity.
    • It is now critical that business functions are separated, and that internet access to OT networks is limited.
    • Can security teams keep up with sophisticated foes? 

  • Transitioning OT to the Cloud?

    • OT traditionally was localized in particular sites and air-gapped from IT systems.
    • But connectivity with broader corporate networks and the need to manage technology more centrally (especially during COVID) has seen companies looking at managed services in the Cloud for OT.
    • Is this a way forward?

  • Pen testing for OT / SCADA

    • Testing is key to identifying and fixing vulnerabilities before they're exploited. 
    • Regulations like NERC CIP require utilities to assess and mitigate risk. 
    • Testing checks OT security controls are functioning properly and shows regulators an organization's commitment to security.Can you help?

Who attends

Job titles

CISO
Developer
Information Security Analyst
Tech Lead
Security Engineer
IT System Administrator
Senior Security Professional
Risk Officer
IT Security Expert & Threat Hunter
Security Generalist
Compliance and Risk Manager
Chief Information Security Officer (CISO)
Information Security Control Manager, Swedish Banking
Information Technology Support Engineer
Cyber Security Compliance Expert
IT Security Specialist
Cyber Security Manager
ISO Information security Officer
Chief Security Officer (CSO)
Risk Officer
Senior IT Security Specialist
Trade and Transaction monitoring Officer - Financial Crime prevention
IT Security Specialist
Cyber security Expert
Senior IT Security Specialist
CIO
Reg Tech
Chief Security Officer (CSO)
Executive Director, Europe
Information Security Officer
Information Security Specialist
Information Security Manager
Director of Operation – R&D Product Management and Technology
Cybersecurity Manager
Data Protection Manager
Director of Information Security
FCP and Cybersecurity professional
Security Operations Manager
Security Advisor
Head of IT Governance
Enterprise Architect | Cybersecurity | Program management
Head of IT
Nordic Head of Cyber Underwriting
Cybersecurity Practice Lead
Group Data Privacy Business Partner
IT Admin
Senior Business Risk Manager
Senior Security Lead | Country Information Security Risk Manager-Sweden
Group CIO
Information Security Manager
IAM Specialist
Junior Information Security Specialist
Senior Advisor Security
CISO
Acting CIO
System Security Manager
IT Architect
CISO
FCP IT-Architect
Head of Information Security
Administrative Support
Head of Financial Crime and Cybersecurity
Data Protection Manager
CISO
IT-säkerhetsansvarig
Systems Engineer IT and Information Security - GRIPEN Divisions
Director - Operational Risk and Information Security
Cyber Incident Management - Nordics Lead
Global Compliance Manager Data Privacy
Information Security Officer
Security Architect
Service & Solution Manager
Information Security Manager for Large Corporates and Institutions
Global Head of Product Security
Information security expert
Head of IT & Infosec
Senior Business Developer
Senior Security Advisor
IT Security Operations Manager
Software Architect
Cyber Security Engineer
Security Specialist
Data Protection Officer
Senior IT Security Officer
Cloud Security Engineer
Vice President
CISO
Head of Information Security (CISO)
Head of Development Group IT
Information Security Officer
IT Security Specialist
Head of Security
Senior Model Risk Manager- Governance and Control
Senior Cloud Architect
Senior Project and Program Manager
Chief Information Security Officer
Cybersecurity Area Manager
Privacy Specialist
IT Development Service Manager
Cybersecurity Associate
Cyber Security Engineer
Cyber Crime
Head of Security & Compliance
Fraud Prevention Specialist
CISO
Project Manager IT
IT Internal Audit Senior Manager
Senior IT Architect
Head of Group Security /CISO
Risk Officer
Information Security Architect
Information Security Manager
Compliance Officer
CISO
IT
Security Product Manager • BNEW DNEW OP SC Security & Compliance
IT Solutions Manager
Chief Security Officer
Group Manager
Mobile App Developer

Companies

Entidade Reguladora dos Serviços Energéticos
Anyfin AB
LeoVegas Group
Swedbank
KRY
EasyPark Group
Telia Company
Bankgirot
PostNord Group AB
Ericsson
Ericsson
Medius
Swedbank
Anyfin AB
Scania
Skandia Banken
EY
Northmill Bank
Bankgirot
Bankgirot
Trygg
Guaranty Trust Bank
Swedish Pensions Agency
H&M
SVT
Entidade Reguladora dos Serviços Energéticos
AFRY Group
Transdev Sverige AB
Financial Services Information Sharing and Analysis Center (FS-ISAC)
PostNord Group AB
H&M
Swedbank
Vizrt Group
Unilabs
Nordic Entertainment Group (Viaplay Group)
OVO Group
Handelsbanken
Ericsson
Ericsson
Lendo Group
Länsförsäkringar AB
Kivra AB
Riskpoint Group
EY
Sandvik AB
Futuraskolan International School of Stockholm
Nordea
Hitachi Energy
Camfil AB
Kommune Kredit
Tele2 (Tele2 Sverige AB)
Trygg
Swedenergy
Max Mattheissen
Handelshögskolan i Stockholm The Stockholm School of Economics (SSE)
Ericsson
Securitas Sverige AB
Ahlsell Sverige
Handelsbanken
Tele2 (Tele2 Sverige AB)
WTW
Finanssiala ry - Finance Finland (FFI)
Nordic Entertainment Group (Viaplay Group)
Wasa Kredit AB
Socialstyrelsen
Swedish Defense Materiel Administration (FMV - Försvarets materielverk)
FCG
Marsh
Sandvik AB
Qliro AB
Swedbank
Bankgirot
Swedbank
Vizrt Group
Sveriges Riksbank
Hemnet
Nordea
Ericsson
Acne Studios
Skandia Banken
Hitachi Energy
Västra Götalandsregionen
ITB-MED AB
Swedish Pensions Agency
Hive Streaming
Stockholm Corporate Finance
Advokatfirman Vinge
Axfood AB
Swedbank
PostNord Group AB
Qliro AB
Starvito
Swedbank
Länsförsäkringar AB
ICA AB
TF Bank AB
H&M
Ericsson
Swedbank
EQT Partners/EQT AB
EQT Partners/EQT AB
Swedish Police Authority
Ericsson
Arelion Sweden AB
Olink Proteomics
Ericsson
Autoliv
Vattenfall
Folksam
Swedbank
ICA AB
Trygg
Saab Group
MedMera Bank AB
Voyado
Ericsson
Lunds Kommun
EVRY Sverige
Scania
Skandia Investment Group

Industries

Regulator
Banking
Casinos/Gaming
Banking
Healthcare Services
Transportation/Shipping
Telecommunications
Banking
Transportation/Shipping
Hardware
Hardware
Software
Banking
Banking
Transportation/Shipping
Banking
Accounting/Auditing
Banking
Banking
Banking
Insurance
Banking
Insurance
Retail
Media
Regulator
Industrial Engineering
Transportation/Shipping
Banking
Transportation/Shipping
Retail
Banking
Software
Pharmaceuticals
Media
Electricity
Banking
Hardware
Hardware
Banking
Insurance
Software
Insurance
Accounting/Auditing
Construction
Education
Banking
Electricity
Retail
Banking
Telecommunications
Insurance
Electricity
Insurance
Education
Hardware
Security Product Vendor
Retail
Banking
Telecommunications
Insurance
Banking
Media
Banking
Healthcare Services
Aerospace/Defence
Insurance
Insurance
Construction
Banking
Banking
Banking
Banking
Software
Banking
Real Estate
Banking
Hardware
Retail
Banking
Electricity
Healthcare Services
Healthcare Services
Insurance
Telecommunications
Banking
Legal
Retail
Banking
Transportation/Shipping
Banking
Software
Banking
Insurance
Retail
Banking
Retail
Hardware
Banking
Banking
Banking
Regional Law Enforcement
Hardware
Telecommunications
Biotechnology
Hardware
Automobiles/Parts
Electronic/Electrical Equipment
Insurance
Banking
Retail
Insurance
Aerospace/Defence
Banking
Software
Hardware
Regional Government
Software
Transportation/Shipping
Banking


Venue

Radisson Blu Scandinavia Hotel, Copenhagen

Radisson Blue Scandinavia Hotel

Location:

Radisson Blu Scandinavia Hotel

Amager Boulevard 70
Copenhagen
DK 2300
Denmark
 

Directions:

Please click here

 

Telephone:

+45 33 965 000