Agenda

08.30 - 09.30

Breakfast Networking & Registration
09.30 - 09.40

Chair's Welcome
09.40 - 10.00

►Strengthening Cybersecurity Competence in Austria and the EU

Marlies Hofmann, Legal and Policy Officer, NCC-AT 
Lydia Lindner, Programme Manager, FFG & NCC-AT

  • The National Coordination Centre for Cybersecurity in Austria: Roles, Impact, and Strategic Vision
  • The European Cybersecurity Competence Centre: Mission, Objectives, and Governance
  • Unlocking Opportunities: EU Funding for Cybersecurity Innovation and Collaboration
10.00 - 10.20

►How Turkish Escort Websites Made Protecting the Eurovision Song Contest Possible. Cybersecurity in a Globally Connected World

Matthias Lutz, Senior Account Manager, Cloudflare

  • The true art of cybersecurity lies in recognising patterns within complex contexts. Discover the story that links Turkish escort websites, the Eurovision Song Contest, the head of Iran’s state-backed cyber attack unit, and the entry ban of our CEO into Russia. 
  • Learn why it’s essential for even regional companies to implement global security mechanisms.
  • Uncover the hidden connections between Turkish escort sites, Eurovision, and international cyber warfare, explore how a regional incident led to a geopolitical ripple effect — including our CEO’s ban from Russia and earn why global security strategies are crucial, even for locally operating companies
10.20 - 10.40

►Cyber Resilience for the Cloud

Filip Verloy, Field CTO EMEA & APJ Rx, Rubrik

  • Cloudfocus: How to implement robust cyber recovery and threat containment across your cloud environments
  • Beyond prevention: ensure rapid response and recovery to minimise downtime and business disruption
  • Stay operational under attack: How zero-trust architecture helps you maintain control and protect critical data—even during ransomware events
10.40 - 11.00

►AI-Enhanced Cybersecurity at Banco Sabadell   

 Eduardo Gonzalez, Global Advanced Cybersecurity Director, Banco Sabadell

  • AI as the new Gold Rush
  • Impact on Cybersecurity
  • Regulations and Frameworks for AI
  • Leveraging AI for Cybersecurity
  • Creating a custom Machine Learning model
11.00 - 11.30

Networking Break
11.30 - 12.00

►Fireside Chat: Mitigating Personal Liability: The Changing Climate for Security Professionals

Jonathan Armstrong, Partner, Punter Southall Law

  • The changing politics of security
  • Current cases
  • Social Media scrutiny
  • Insurance options for CISOs
  • Golden parachutes and legal support
12.00 - 12.20

►Cybersecurity in the age of genAI - Human Centric Security to Protect Against Modern Cyber Risks Proofpoint-Customer Session

Michael Krüger, Senior Sales Engineer, Proofpoint

  • In this session we will uncover hidden risks of GenAI and inform you how to protect your employees & data
  • The risks associated with GenAI and how GenAI can be misused by threat actors and by employees
  • How to gain insight into the use of GenAI in your organisation, enforce acceptable use policies and train employees
  • How a human-centered approach to security can prevent the loss of sensitive data
12.20 - 13.00

►Education Seminars

Delegates will be able to choose from a range of topics:

  • Protection of Service Accounts: A Luxury or an Urgent Necessity for Highly Privileged Non-Human Identities? Michael Lindner, Regional Sales Manager, Silverfort  
     
  • Understanding DORA – Aligning Cybersecurity and Compliance, Nico Richters, Account Director, Recorded Future 
13.00 - 14.00

Lunch & Networking Break
14.00 - 14.20

►Securing Critical Infrastructure with IAM in an elevated threat landscape

Sachin Loothra, Lead Solutions Architect, Telia

  • Evolving threat landscape and its impacts on critical infrastructure
  • Regulations on critical infrastructure and demands towards IAM
  • How IAM solutions can be setup to meet the demands
     
14.20 - 14.40

►Defending against multi-channel and multi-media AI-fuelled social engineering

Dr. Martin Krämer, Security Awareness Advocate, KnowBe4

  • Phishing emails are a popular choice for social engineering but by far not the only one. Messaging services, social media platforms, corporate communication channels, and online meetings are all communication channels leveraged to manipulate people. 
  • Attackers increasingly launch multi-channel attacks. No longer are cybercriminals limited to text-based communication. Voice and even video are frequently used in business contexts to communicate information. Thanks to new AI capabilities, text, voice, and video can now be easily manipulated or synthesised. Cybercriminals leverage the power of AI and multi-channel communication to step up their manipulation game.
  • Join this session to learn; how cybercriminals are changing tack, what that means for your organisation and how you should prepare for it
     
14.40 - 15.00

►How CyberProof and Google Transformed a Healthcare Provider’s Security Operations with Adaptive MxDR

Christopher Schrauf, Senior SIEM & Cybersecurity Architekt, CyberProof 
Pietro Verzi, Partner Engineering Global Security Sales, Google on behalf of CyberProof

  • Healthcare organisations face unique cybersecurity challenges that require innovative solutions. 
  • In this session, CyberProof and Google will show how their partnership delivered adaptive MxDR services for a leading healthcare provider. We’ll walk you through a real-world case study, showing how we overcame security challenges and achieved significant business outcomes.
  • Learn about; the client’s business problem statement and security challenges, how CyberProof and Google collaborate to deliver better security, together and business outcomes, including measurable improvements in security and higher ROI 
15.00 - 15.30

►Panel Discussion: Future-Proofing Security Architectures

Marian Kühnel, Information Security Architect, ÖBB
Philipp Amann, Group CISO, Österreichische Post AG 
Daniele Sangion, CISO & CSO & Head of Digital Transformation, UniCredit Bank Austria

  • How can security teams design resilient architectures to accommodate and leverage new technologies like AI, quantum computing, and IoT?
  • What role does AI play in developing proactive, rather than reactive, security postures?
  • Best practices for integrating AI without disrupting legacy systems or existing workflows
  • How can organisations implement zero-trust principles and adaptive access controls to secure evolving environments driven by AI and edge computing?
15.30 - 16.00

Networking Break
16.00 - 16.20

►Herding Cats: Building a Security Governance Structure That Actually Works

Florian Polt, Head of Group Security & Resilience, UNIQA Insurance Group

  • Navigating conflicting legal requirements and diverse stakeholders
  • Creating a governance blueprint and aligning roles across entities
  • Tackling legal complexities while maintaining sanity
  • Real-world insights, practical lessons, and governance war stories
16.20 - 16.50

►Panel Discussion: Battling Nation-State Hackers: Winning the Cyber War 

Utz Nisslmüller, Security Specialist, City of Vienna 
Nikolaus Brandstetter, CISO, MM Group 
Florian Polt, Head of Group Security & Resilience, UNIQA Insurance Group 
Philipp Amann, Group CISO, Österreichische Post AG

  • How can organisations effectively leverage threat intelligence to proactively counter nation-state attacks? Can they?
  • Do regulatory standards actually enhance defense against nation-state actors, or do they merely add compliance burdens without improving security?
  • Are we doing enough to address supply chain vulnerabilities, or is this an overlooked entry point for nation-state threats?
  • What strategic, forward-looking investments are essential for effectively countering the evolving tactics of APTs?
16.50 - 17.00

Chair's Closing Remarks

Education seminars


Protection of Service Accounts: A Luxury or an Urgent Necessity for Highly Privileged Non-Human Identities?


Michael Lindner, Regional Sales Manager, Silverfort 

Machine-to-Machine (M2M) accounts, also known as service or non-human accounts, are essential to IT infrastructure but pose significant security risks if not properly protected.

Attendees will learn:

  • Why are service accounts a prime target for attackers?
  • How can compromised service accounts enable lateral movement?
  • Why is their security often insufficient, and how can organisations gain visibility?
  • What strategies ensure the long-term protection of these privileged identities?

Understanding DORA – Aligning Cybersecurity and Compliance


Nico Richters, Account Director, Recorded Future

DORA is a new EU regulation requiring companies to make their digital systems more resilient to disruptions and cyberattacks. It affects not only banks, but all key players in the financial system. DORA brings cybersecurity and compliance closer together than ever before. For security and IT teams, this means new priorities and increased responsibility. The requirements are complex: companies must adapt processes, reporting, and technical controls. One of the toughest parts is identifying and documenting risks in real time. Recorded Future provides the threat intelligence needed to detect risks early and support compliance reporting. This helps organisations meet regulatory demands more efficiently.

Attendees will Learn:

  • What the Digital Operational Resilience Act (DORA) is all about
  • Why DORA is a game changer for security and IT teams
  • Key challenges organisations face when implementing DORA
  • How Recorded Future helps meet DORA compliance requirements