Speakers

Ulf Berglund
Event Chairman - President, CSA Sweden Chapter

Chairman Opening Remarks

Ulf Berglund is the president of the Swedish chapter of CSA, Cloud Security Alliance, a worldwide organization. He is also co-author of the book Guide to the Cloud. Ulf has a long experience from leading positions in the field of information security. He has a background as an officer, his last active years he was principal officer, IT security and information security expert at the Military Intelligence and Security Service (MUST). He has held positions as CTO, senior consultant and senior consultant for companies such Pointsec, Ernst & Young and Technology Nexus. Ulf's consultant and the experience derived from companies like Scania, Swedish Match, the Stockholm Stock Exchange (OMX), the Swedish Central Bank, Apoteket AB (pharmacy), H&M and Länsförsäkringar Bank AB. He is the founder and owner of U&I Security Group AB.

Martin Schaefer
Head of IT at Group Functions PostNord

Digital Transformation:How to develop a successful digital transformation strategy - Panelist

Martin is a business and technology leader with broad technological and information security background. During his career, Martin has worked at different international and global companies in different industry sectors such as energy and utility with the challenge to enable interconnection of information from critical infrastructure with consumer services across multiple actors, manufacturing paving its path into industry 4.0 and e-commerce and logistics, providing digital services in a heavily disrupted sector.

Helena Örtholm
Group DPO

How can ISO27001 support your GDPR and compliance with other regulatory requirements - Panelist

Helena started out as a lawyer working for the Swedish House Owners Association assisting the organization and its members with property rights and civil law issues. After some years she shifted focus to personal data rights/privacy issues and contract law, information security and IT audits when started working at EY and then later on at Transcendent Group, and she has been working with these topics as a consultant for approximately 15 years before starting to work as Chief Security Officer at the former TDC in 2013. With the Tele2 acquisition of TDC Helena became CISO and DPO for Tele2 Sweden and with the re-organization of Tele2 due to the current merger with ComHem she now holds the role as Group Privacy Officer, Data Protection Officer for Tele2 Sweden and ComHem as well as expanding her role in driving the risk work within the organization in her new role as Head of Operational Risk Management.

Ralph Benton
Head of Information and IT Security

How can ISO27001 support your GDPR and compliance with other regulatory requirements - Panelist

Georgios Kryparos
Head of Security, Tink

Prevention of cyber threats within the banking and finance sector - Panelist

Georgios is currently heading the security department at Tink. Prior to that he was the lead security engineer at Klarna working with everything from security architecture to devsecops and from an information security to an application security perspective. He has more than 14 years of experience in the field and he believes that security work should not be driven by compliance requirements.

John Wallhoff
President, ISACA, Sweden Chapter

Career paths into and within Cyber security

Organisations struggle with skills shortage where it is necessary to identify create career paths for both new and existing employees. There are a few  globally accepted professional security certifications like CISM and CISSP  by ISACA and CISSP by (ISC)² combined with issue or product specific certificates. You can also find some guidance in frameworks like COBIT, but to create a career path you should take a more holistic approach using skills frameworks like Europeane-Competence, SFIA and DASA.

Takeaways:

  • This presentation will provide guidance of where to go for a skill based approach to define career paths into and within cybersecurity

John Wallhoff

John Wallhoff (CISA, CISM, CISSP), President of ISACA Sweden Chapter & independent advisor. He is an experienced expert in the field of IT-Governance, IT Service Management and Information Security. Over the past 25 years he has been working with a wide range of organisations in different industries/sectors

Anna Maria Björklund
Group DPO, Swedbank AB

Compliance & Governance

Anna Maria Björklund (CIPP/E, CIPM) is the Group Data Protection Officer for Swedbank. Previously working as a corporate lawyer in the financial and energy sectors, she has focused solely on the privacy aspects in banking since 2016 when she returned to Swedbank to take up positions as a privacy lawyer within information security and legal teams with Group-wide functional responsibility. The implementation phase of the GDPR brought with it both opportunities to work hands-on with practical implementation tasks as well as advising management on GDPR compliance and taking active part in structuring the bank’s privacy model. She has recently been part of starting up the Swedish Bankers’ DPO Network and is also a member of the Swedish Bankers’ Data Protection Interpretation Group.

Anna Forsebäck
DPO, Schibsted Media Group

GDPR & The Cloud

Anna is a Stockholm-based lawyer specialized in tech and privacy who has recently taken on the challenge to set up a centralized, scalable DPO-office for all companies in the Media Division of Schibsted Media - a task that comprises some fifty companies in ten European countries. Annas experience includes both external counsel roles and, in-house legal counsel and DPO roles.

Janne Haldesten
Chairman, Sig Security

Cyber Attacks beyond financial interests – The Political Battlefield - Panelist

Janne Haldesten is the chairman of SIG Security. He is a fairly seasoned specialist working at Sectyne, a company which he also is the co-founder of. Janne has close to two decades of domain experience where he has worked as an adviser and expert to various government organisations and corporations nationally and internationally

in matters relating to technical cybersecurity, information assurance, national security, cyberspace operations and critical infrastructure protection. 

Pasi Söderberg
CISO, FOREX Bank

Prevention of cyber threats within the banking and finance sector - Panelist

Pasi has been in leading roles within the IT- &  Information security area the last 15+ years in several banks and within the armed forces. He is dedicated to build strong teams and use risk management to identifying and mitigating Cybersecurity threats to enable business success, currently at FOREX Bank as a CSO.

Richard Oehme
Chairman of Cyber Group, SOFF

Cyber Attacks beyond financial interests – The Political Battlefield - Panelist

Richard Oehme is chairman of SOFF’s Cyber Group and he is also Director Cyber security and Critical infrastructure Protection at PwC's Sweden business area Cyber security, risk and resilience. He has decades of experience in Security policy, Crisis preparedness, Civil Defence, Cyber security, Intelligence operations and in the protection of Critical infrastructure as well as years of experience regarding national policymaking. Over the years this has given him a unique insight in national and international security policy and how to build sustainable security solutions in a changing world.

  • 2018- Director Cyber security and Critical infrastructure protection, PwC Sweden.
    2018 – Chairman at the Swedish Security and Defense Industry Associations Cyber group (SOFF)
    2009-2017 Director Office of Cyber Security and Critical Infrastructure Protection, Swedish Civil Contingencies Agency.
    2008-2009 Senior Adviser and Head of Analysis Section, Office of Crisis Management. Prime Minister’s Office.
    2005-2008 Deputy Director and Head of IT- and Protective Security, Government Office.
    2001-2005 Special Adviser, Secretariat for Intelligence co-ordination, Ministry of Defence.
    1989-2000, National Defence Radio Establishment (FRA), Analyst, Head of Section, Head Signals Collection Site,Chief of Staff, Director at FRA management board. 1981- Reserve officer


Åke Holmgren
Head of Cybersecurity Division, MSB

Cyber Attacks beyond financial interests – The Political Battlefield - Panelist

David Jacoby
 Senior Security Evangelist, Kaspersky Lab

Coming soon

Brian O' Toole
CISO, ERICSSON

Coming soon

Brian has been at Ericsson since 2005, working across several different areas including software development, product management and information security. Has been the CISO since 2015, and he is primarily focussed on integration of Information Security Risk Management across Ericsson, which is one of those things that is easy to say, but difficult to do in an organisation of over 100,000 people.

Elin van Beesel
Senior Manager, GDPR, FCG AB

Incident Process - Round Table Moderator

How shall we actually define when a personal data breach is likely to result in a high risk to the rights and freedoms of natural persons?

What does this mean in practice?

Do we have any examples from a data breach that resulted in such high risks and when the breach was also communicated to the data subject?

Elin van Beesel

Elin is a lawyer with nearly 20 years of experience in business law. Her speciality is GDPR and data privacy where she currently manages a wide range of GDPR compliance projects at group level. Elin is also appointed as Data Protection Officer for several FCG clients. Besides the client assignments Elin is also often engaged in educations and seminars within the data privacy sector.

Jabu Mtsweni
Research Group Leader, CSIR

SECURITY OPERATIONS CENTER (SOC)

Dr Jabu Mtsweni is a Research Group Leader for Cyber Defence at the CSIR, Research Fellow at University of South Africa and Advisory Board Member at Tshwane University of Technology and ITWeb Security Summit. He is also the Information Warfare Capability Board member at the Department of Defence (South Africa). His research interests and technical expertise are in cybersecurity, cybercrime, socially relevant computing, and internet of things. He has over 16 years academic and industry experience and has published over 60 peer-reviewed conference and journal papers both in local and international forums. Dr Mtsweni is regularly invited and contributes at local and international forums. Dr Mtsweni has received a number of research and excellent awards for his research work, leadership, human capital development and community engagement.

Dimitrios Stergiou
CISO, Trustly

Coming soon

Dimitrios is currently employed as the Chief Information Security Officer for Trustly. He is an experienced senior Information Security and Risk professional with over 20 years’ experience in Risk Management, IT audits and Information security. Before joining Trustly, Dimitrios held positions at Modern Times Group, NetEnt, Entraction, Innova S.A and Intracom S.A. Dimitrios holds a M.Sc. in Information Security and is a Certified Lead Implementer for ISO 27001:2013, Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Risk and Information Systems Control (CRISC) professional and Certified Information Systems Security Professional (CISSP). He is also a Certified Information Privacy Manager (CIPM) and a Certified Information Privacy Professional / Europe (CIPP/E).

Johan Balck
Head of Information Security, Skanska AB

How can ISO27001 support your GDPR and compliance with other regulatory requirements - Panelist

Registration Starts

40min

Event Chairman - CSA, Swedish Chapter

20min

Career paths into and within Cyber Security

Organisations struggle with skills shortage where it is necessary to identify create career paths for both new and existing employees. There are a few  globally accepted professional security certifications like CISM and CISSP  by ISACA and CISSP by ISC2 combined with issue or product specific certificates. You can also find some guidance in frameworks like COBIT, but to create a career path you should take a more holistic approach using skills frameworks like Europeane-Competence, SFIA and DASA.

Takeaways:

  • This presentation will provide guidance of where to go for a skill based approach to define career paths into and within cybersecurity
20min

Client Case-Study - ERICSSON

20min

Client Case-study

30min

PANEL: Cyber attacks beyond financial interests – The Political Battlefield, Richard Oehme - SOFF

30min

Panelist: Jane Haldesten- Sig Security

10min

Panelist: Åke Holmgren - MSB

COFFEE BREAK

30min

Client Case-Study

30min

Client Case-Study

30min

PANEL: How can ISO27001 Support your GDPR and compliance with other regulatory requirements

Panelist - Helena Örtholm,Tele2 Sverige AB

Panelist: Ralph Benton, Karolinska Hospital

5min

Panelist: Johan Balck - Skanska AB

10min

Round Table Discussion Topics

  • Argument for IoT Security Framework 
  • A look at banking regulations amidst increased cyber threats 

Compliance & Governance - Round Table Moderator

The GDPR did unfortunately not come with an easy-to-use manual on how your organisation should implement and govern GDRP issues, but left it to you to figure out with only the help of some requirements about appointing DPO’s and the need to do impact analyses which does not take you far. It is also clear that a privacy model suitable for one organisation could prove unnecessary burdensome for another. In this round-table discussion we dive into the challenges and solutions around internal privacy governance models and touch on the subject of effective privacy maturity tracking.

  • Which department shall take the GDPR lead?
  • How do we make decision-making and documentation around privacy easy and effective?
  • How do we track privacy maturity and compliance in our organisation?
5min

GDPR & CLOUD - Round Tale Moderator


10min

Incident Process - Round Table Moderator

30min

LUNCH BREAK

60min

Client Case-study

30min

Client Case-Study

30min

PANEL: Prevention of cyber threats within the banking and finacial sector

Panelist: Georgios Kryparos - Tink

5min

Panelist: Pasi Söderberg - FOREX Bank

Round Table Discussion Topics

  • Managed Security Services
  • IAM & IGA 
  • Need for increase information security training & awareness
  • Endpoint Security
  • Fraud prevention
  • DDoS attack prevention & detection tools
30min

COFFEE BREAK

30min

PANEL: Digital Transformation - How to develop a successful digital transformation strategy - Panelist

30min

Panelist: Martin Schaefer- PostNord

Round Table Discussion Topics

  • AI & Machine Learning
  • Blockchain Applications
  • Data Center Security 
  • Cyber Threat Intelligence
  • Managing IoT Connectivity
10min

Career paths into and within the Cyber Security

Key takeaways on this round table:

  • How do you enable new talents to get involved in cybersecurity and provide necessary skills and mindset?
  • How to do make existing staff stay and continue to evolve in the cybersecurity professions

 

10min

Security Operations Center (SOC) - Round Table Moderator

Closing Keynote

30min

Chairman Closing Remarks - CSA, Swedish Chapter

10min

NETWORKING COCKTAIL RECEPTION STARTS

60min

25 April 07:30 - 18:307A Odenplan

It’s our pleasure to welcome you at the 3rd Edition of the IT Security Insights conference that is for the first time being organised in collaboration with the Cloud Security Alliance, Sweden Chapter. We believe the partnership is a win-win for both the IT Security Insights Conference and CSA since we both share a mutual objective of creating awareness of challenges and trends for almost the same target audience. The ultimate goal for co-hosting the event with CSA is to help boost and promote the use of best practices for providing security assurance within Cloud Computing on the  Swedish market.

The conference is going to be more insightful with more speakers and bigger than before with a combination of presentations, panel debates and round table discussions to boost increased interactions between vendors and users of IT/Cloud Security Services.

7A Odenplan is an accessible and modern venue occupying a floor plan of 2000 sqm with a large courtyard. It offers flexible rooms, good food and a roof terrace that overlooks Odengatan with a fantastic panoramic view of the city of Stockholm.

7A Odenplan has a perfect city location with subway, commuter train and most city buses a few steps from the entrance. those who intend to drive a car, there is a parking garage in the house below with direct access up to the meeting room. Warm welcome!

Address: Norrtullsgatan 6, 113 29 Stockholm Visit venue at: http://www.7a.se/konferenseven...

By Subway from T- Centralen: • Take the green line with train no.s: 17, 18 & 19 on the subway from Stockholm Central towards any of the following destinations: Odenplan, Alvik, Åkeshov, Råcksta, Vällingby and Hässelby Strand.

• Get off at Odenplan - approx travel time 4 minutes.

• From the Subway station it takes 2 minutes to the venue, 7A Odenplan. Use Google Maps and you will be there in no time. There is a subway going every 5 minutes.

By Train from Central Station • Take the commuter train from Stockholm Central towards any of the following destinations: Märsta, Kungsängen, Uppsala and Arlanda Airport.

• Get off at Odenplan station - approx travel time 4 minutes

• From the underground it will take at least 3 minutes’ walk to get out of the station. Then approx. 2 minutes to the venue, 7A Odenplan. Use Google Maps and you will be there in no time.

• The commuter trains go 4-6 times per hour.

By car Address: Norrtullsgatan 6, 113 29 Stockholm, Sweden

By taxi We recommend the following companies: Taxi Stockholm +46 88-15 00 00 Taxi Kurir + 46 88-30 00 00 Taxi 020 + 46 20-20 20 20