4th Annual e-Crime & Cybersecurity Congress Switzerland

From cybersecurity to national security

10th September 2025 • Courtyard by Marriott Zurich North, Zurich

What must change now that cybersecurity is less about business risk and more about national resilience?

 

Europe’s CISOs at the frontline of the new cold war

At its meeting on 7th March, Switzerland’s Federal Council introduced a reporting obligation for cyberattacks on critical infrastructure, which came into force on 1st April. Operators of critical infrastructure will be required to report cyberattacks to the National Cyber Security Centre (NCSC) within 24 hours of discovery. These reports will enable the NCSC to assist victims of cyberattacks and alert operators of critical infrastructure.

This is just one piece of evidence that reveals just how seriously Switzerland is taking the hybrid warfare tactics hostile nation states are using against the West, which can range from physical acts of sabotage such as arson to cyberattacks and disinformation campaigns.

European governments in general have come to accept that the cybersecurity of the private sector is integral to national security. Why the private sector? First, because most CNI is in the hands of, or relies on, the private sector. Second, because third-party vulnerability means that even wholly state-owned and run organisations will depend on private third parties and in any case the entire commercial ecosystem relies upon countless third-party dependencies both known and unknown.

So, what does this heightened governmental focus on cybersecurity mean for security professionals?

Most obviously it means more investment and an increase in taking concrete actions to boost security. Yes, senior management is now on message but hiring and budgets statistics are not consistent with taking cybersecurity as seriously as is needed.

This requires senior business leaders to understand that everyone is now equally at risk as everyone is a potential weak link in the ecosystem of societal security ready to be exploited by a nation-state aggressor. This also means that narrow risk to the P&L is not the only measure of risk.

Mapping security spend to the (relatively low) average loss statistics might seem like sensible risk management, but it creates systemic weakness that makes those loss stats a significant underestimate. Investment must rise.

Transparency is also critical. The secrecy around security incidents is both absurd and damaging. Hackers know your defences – they are not a secret. Incident reporting does not paint a target on your back because everyone is already a target. And hiding information means everyone, including law enforcement, is underestimating losses and risks.

Transparency also means more meaningful collaboration – necessary because adversaries are good at sharing the latest ‘best practice’ and so we must be too.

And it means getting the basics right: in Switzerland recent attacks have included DDoS attacks and ransomware attacks on a wide range of state and private-sector targets. We are all now in the crosshairs and, as third parties, we are all each other’s security partners, like it or not.
 

 

The e-Crime & Cybersecurity Congress Switzerland will look at how security teams and the business must respond to a new, hybrid-warfare era in cybersecurity.
Join our real-life case studies and in-depth technical sessions from the most sophisticated teams in the market.

  • Making the best use of threat intelligence

    • In a pre-emptive security model, timing is everything — success depends on detecting and neutralizing threats before they become active incidents.
    • To do this, security operations can't just rely on internal telemetry (e.g., endpoint or network logs).
    • They need external, real-time context about emerging threats — where do they get it?
  • Dealing with regulations

    • CISOs now must build a single coherent security program that simultaneously satisfies divergent regulatory demands.
    • They must interpret vague legal standards into technical architectures, and they risk non-compliance if auditors, regulators, or courts interpret those differently later.
    • They face unrealistic expectations around incident reporting and they face personal liability. Can RegTech help?
  • Security Posture Management

    • Traditional vulnerability scanners don’t handle cloud native architectures well.
    • Today’s cloud environments spin up thousands of ephemeral assets without a traditional OS, without an IP address for long.
    • So how do you adapt to that dynamic, API-driven reality? How can traditional tools connect the dots – not just generate tickets?
  • Improving continuous attack surface discovery

    • You need to know what attackers can see and what they can actually attack – and you need it on a continuous basis, not in some static inventory.
    • Ideally you also need assets ranked by risk priority and put into the current threat and vulnerability context.
    • Is this feasible and is it cost effective?
  • The power of automation

    • There’s too much manual intervention in security.
    • SOAR pulls data from SIEMs, EDRs, firewalls, cloud APIs, ticketing systems, threat intelligence feeds, and even email servers.
    • It also coordinates actions across tools via APIs and prebuilt integrations and intelligent playbooks.
    • Well, that’s the theory. How does it work in the real world?
  • Adversary simulation and behavioural analysis

    • Automated adversary simulation identifies telemetry blind spots.
    • They provide prioritized remediation guidance and control effectiveness metrics. They track progress trends and validate security ROIs as well as providing board and audit reporting.
    • How well do they work in practice?

Who attends

Job titles

Chief Information and Digital Officer
Information Security Specialist
IT Security - Wissenschaftlicher Mitarbeiter
Senior Data Privacy Officer
Vice President & Group Data Protection Officer
Information Security Manager
CIO
CISO
Data Privacy and Digital Lawyer, Partner
Director, Senior Cyber Security Program Manager
Enterprise Security Architect
Information Security Officer
Senior Associate Service Manager
Senior IT System Engineer
IT Security Architect
Data Analyst
Deputy Head of IT Infrastructure and Chief Information Security Officer
Head Remote Monitoring & Solution Architecture
Information/Cyber Security Supplier Network
ORM, Global Training, Awareness & Communications Director
Security Awareness Analyst
Senior Full Stack Developer
CISO
CISO
Cybercrime Coordination Unit
Divisional Security Officer
IT Project Manager
Chief Information Security Officer (CISO)
Risk Control Specialist
Teamleiter IT Infrastruktur & IT Security
Academic Director
Anti-Fraud Specialist
CISO
CISO
IAG&GRC Architect
Information Security Manager - EMEA
IT Auditor
IT -Security Manager
Informationssicherheitsbeauftragte CISO
CISO
General Counsel, Chief Information Officer, and Chief of Cybersecurity
Head of Central Delivery, CISO
Head of Cyber Services and Innovation
Head of Internal Audit
Lead Cloud Capability Architect
Head of Operational Risk
SAP Technical Solution Architect
Software Engineering Manager AI & ML, Data, Cloud
Head of IT Systems and Processes
Software Test Engineering Manager
Cyber Security Engineering Manager
Head PCI Compliance
Rechtsanwältin IT-Recht
Security Architect (VP)
Information Security
Global CISO
Senior Cyber Consultant
Abteilungsleiter IT-GRC
Administrator IT Infrastruktur - IT Security Spezialist
Associate Director IT & Security
CISO
CTO Services, Business Area Smart Mobility
Director Global IT Infrastructure and Security
Especialista Cyber
Head eFraud Research & Investigation
Head of Cyber Defence and ISH
Head of Group Security Operations
Head of IT Operation
Information Security Officer
IT Service Manager
Lead Architect
Sales & Partner Manager
Security Manager of Global Digital Consumer Services
Software & Security Engineer
Project Engineer - Infotainment / Diagnostics
Senior Consultant Cybersecurity
CISO
ISO Divisional Information Security Officer
Cyber Risk Engineer
Director Business Transformation
IT-Architect
Security Engineer
Enterprise Security and IaaS Architect
CISO
Cyber Security Officer
Senior IT Risk Manager

Companies

Röchling SE & Co. KG
BMW Group Financial Services
Leibniz-Rechenzentrum
AXA
Habib Bank AG Zurich
Allianz
Intercard
Givaudan SA
Meyerlustenberger Lachenal
UBS
Die Swiss Post
Allianz
PPRO
Marc O'Polo
Credit Suisse
Eurofins
CRX Markets AG
Schindler
BMW Group
Credit Suisse
Amadeus Group
ABB
Julius Baer
TDK Electronics
Swiss Federal Police
Allianz
BMW Group
Siemens Financial Services
UBS
Ehrmann SE
LMU Munich
Scout24
Die Swiss Post
Wealth Management Capital
Hilti
Société Générale Corporate and Investment Banking (SGCIB)
Coop Schweiz
Kraftanlagen Group
University of Basel
CRX Markets AG
Rising Tide GmbH
Credit Suisse
Munich Re
The Coop Group
Credit Suisse
Zurich Cantonal Bank
Richemont
Versicherungskammer Bayern
Webasto Roof & Components SE
Liebherr
MSC Cruises
Six Payment Services
CSW Rechtsanwälte Steuerberater Wirtschaftsprüfer
Credit Suisse
Allianz
Avaloq Group
Munich Re
Union Investment
Ehrmann SE
IWC Schaffhausen
Kanton Aargau
Continental AG
Burckhardt Compression
Santander
Credit Suisse
Flughafen München GmbH
Zurich Insurance Group
Repower
BKW FMB Energy Ltd
PPRO
Union Bancaire Privée UBP
SwissSign
BSH
IWB Industrielle Werke Basel
ABB
Union Bancaire Privée UBP
Allianz
Allianz Technology
AIG Europe
Röchling SE & Co. KG
Versicherungskammer Bayern
Baader Bank
Credit Suisse
AssetMetrix GmbH
Credit Suisse
BMW Group

Industries

Plastics Engineering
Financial Services
Research Institute
Insurance
Commercial Banking
Financial Services
Payments
Food Flavours and Cosmetics
Legal
Investment Banking
Post and Telecoms
Financial Services
Digital Payments
Fashion
Investment Banking
Laboratory Testing
Capital Financing
Engineering
Automotive
Investment Banking
Software
Technology
Wealth Management
Electronics
Law Enforcement
Financial Services
Automotive
Financial Services
Investment Banking
Dairy
University
Digital Real Estate
Post and Telecoms
Wealth Management
Construction
Banking
Retail & Wholesale
Engineering & Design
University
Capital Financing
Philanthropic Foundation
Investment Banking
Insurance
Retail
Investment Banking
Financial Services
Luxury Goods
Insurance
Automotive OEM
Equipment Manufacturing
Cruise Line
Payments
Legal and Tax Consultants
Investment Banking
Financial Services
Software
Insurance
Investment Management
Dairy
Luxury Watches
Government
Automotive Manufacturing
Mechanical Engineering
Financial Services
Investment Banking
Airport
Insurance
Energy
Energy
Digital Payments
Wealth Management
Internet
Home Appliances
Energy
Technology
Wealth Management
Financial Services
Investment
Insurance
Plastics Engineering
Insurance
Investment Banking
Investment Banking
Financial Technology
Investment Banking
Automotive


Venue

Courtyard by Marriott Zurich North

courtyard zurich north

Location:

Courtyard by Marriott Zurich North

Max-Bill-Platz 19, Zurich, Switzerland, 8050
Telephone: +41 44-564 04 04


Accommodation:

Please contact the venue for further information.


Directions:

Please click here