3rd e-Crime & Cybersecurity Congress Austria

Time to transition to NIS2: stepping up to a new era in cybersecurity 

29th April, 2026  •  Vienna, Austria

Austria is finally going to implement NIS2 in 2026. Between 4,000 and 6,000 organisations will be affected.

 

From cybersecurity laggard to leader? 

Austria has now formally transposed the NIS2 Directive into national law through the adoption of the Network and Information Systems Security Act 2026. The new framework significantly expands the number of organisations in scope and tightens cybersecurity, governance, and incident-reporting obligations across critical and important sectors.

While the new rules will only become fully applicable from October 2026, many organisations are not yet where they need to be.

The risk is already clear. According to a recent survey, around one in seven cyberattacks in Austria is successful — a strike rate that makes cybercrime highly profitable and highly effective.

The same survey revealed that:

  • 55% say that Austria is not well prepared to respond to serious cyberattacks against critical infrastructure.
  • More than 1 in 4 attacks (28%) can be traced back to state-backed actors.
  • 1 in 3 companies (32%) had suppliers or service providers that were victims of cyberattacks which had a significant impact on their own company.
  • 62% were able to identify cyberattacks with the help of their own employees — ahead of technical solutions and systems.
  • 1 in 10 social engineering attempts already uses deepfake technology for voice and video messages.

All of this points to the same conclusion: organisations need to act now.

In practice, this means:

  • Expanding incident response plans to cover prolonged disruption — not just recovery.
  • Improving visibility across endpoints and third-party environments.
  • Actively reassessing cyber supply chain risks.
  • Decoupling critical operations from external systems wherever possible.
  • Strengthening real-time detection and internal threat hunting capabilities.
  • Moving beyond disaster recovery towards sustained operational resilience.

How are you preparing?

In Austria, the government wants higher levels of digital public service delivery. Corporations have also committed to high levels of digitalisation. 
But these levels of digitalisation must be backed up by solid security. Without this, public trust in institutions and companies will be eroded, and the benefits of digitalisation will be damaged by the costs of repeated clean-ups.

 

The e-Crime & Cybersecurity Congress Austria will look at how cybersecurity professionals can stay ahead of a rapidly evolving attack environment. Join our real-life case studies and in-depth technical sessions from the most sophisticated teams in the market. 

View details of the previous event

  • Making the best use of threat intelligence

    • In a pre-emptive security model, timing is everything - success depends on detecting and neutralizing threats before they become active incidents. 
    • To do this, security operations can't just rely on internal telemetry (e.g., endpoint or network logs). 
    • They need external, real-time context about emerging threats - where do they get it? 

  • Security Posture Management

    • Traditional vulnerability scanners don't handle cloud native architectures well. 
    • Today's cloud environments spin up thousands of ephemeral assets without a traditional OS, without an IP address for long. 
    • So how do you adapt to that dynamic, APl-driven reality? 
    • How can traditional tools connect the dots - not just generate tickets? 

  • Improving continuous attack surface discovery

    • You need to know what attackers can see and what they can actually attack - and you need it on a continuous basis, not in some static inventory. 
    • Ideally you also need assets ranked by risk priority and put into the current threat and vulnerability context. 
    • Is this feasible and is it cost effective? 

  • The power of automation

    • There's too much manual intervention in security. 
    • SOAR pulls data from SIEMs, EDRs, firewalls, cloud APls, ticketing systems threat intelligence feeds, and even email servers and coordinates actions across tools via APls and prebuilt integrations and intelligent playbooks. 
    • Well, that's the theory. How does it work in the real world? 

  • Adversary simulation and behavioural analysis

    • Automated adversary simulation identifies telemetry blind spots. 
    • They provide prioritized remediation guidance and control effectiveness metrics. 
    • They track progress trends and validate security ROls as well as providing board and audit reporting. 
    • How well do they work in practice? 

  • Dealing with regulations

    • CISOs now must build a single coherent security program that simultaneously satisfies divergent regulatory demands; they must interpret vague legal standards into technical architectures, and they risk non-compliance if auditors, regulators, or courts interpret differently later; they face unrealistic expectations around incident reporting; and they face personal liability. 
    • Can RegTech help? 

  • Achieving visibility across ecosystems

    • From exposed initial access points such as warehouse management systems to complex machine control software, simply understanding your device and application landscape, its connection and data flows and dependencies is a huge challenge.
    • Can you help with asset tracking and endpoint visibility? And what about anomaly detection after that? 

  • Transitioning OT to the Cloud?

    • OT traditionally was localized in particular sites and air-gapped from IT systems. 
    • But connectivity with broader corporate networks and the need to manage technology more centrally (especially during COVID) has seen companies looking at managed services in the Cloud for OT. 
    • Is this a way forward? 

  • Defending against the latest ransomware variants

    • Ransomware is effective precisely because it can exploit whatever weaknesses exist in your security architecture and processes. 
    • The threat and the actors are constantly evolving and that evolution is forcing the hands of government and causing havoc in the insurance market. 
    • What can CISOs do to better defend against ransomware? 

  • OT and the regulations

    • DORA, NIS2 and other regulations put more responsibility for resilience on firms deemed important or critical. 
    • Many have focused on IT networks but the regulations include all resilience and so OT environments matter. 
    • What does this new emphasis from regulators mean practically for OT security? 

  • Why zero trust, isolation and segmentation are key

    • Retail ecosystems now include logistics APls, fintech integrations, marketplace sellers, social-commerce platforms and Saas pricing engines. 
    • Each connection expands attack surface. 
    • Continuous third-party risk scoring, API security testing, software bill of materials (SBOM) validation and zero-trust segmentation become foundational, not optional.

  • Pen testing for OT/SCADA

    • Testing is key to identifying and fixing vulnerabilities before they're exploited. 
    • Regulations like NERC CIP require utilities to assess and mitigate risk. 
    • Testing checks OT security controls are functioning properly shows regulators an organization's commitment to security. 
    • Can you help? 

Venue

Renaissance Vienna Schönbrunn Hotel

Location: 

Renaissance Vienna Schönbrunn Hotel

Linke Wienzeile/Ullmannstraße 71, 
1150 Vienna,  
Austria

Telephone: +43 1-891020

Directions: 

Please click here