DAY 1

7.11.2023

9.30-9.55 TBA

Juhan Lepassaar, Executive Director, The European Union Agency for Cybersecurity, ENISA

10.00-10.25 TBA

Phua Puay Li, Senior Director, The Cyber Security Agency of Singapore, CSA

10.30-10.55 Current EU cyber affairs

Henna Virkkunen, MEP

11.00-11.25 How technology helps Ukraine to fight a hybrid war?

Jaanika Merilo, Advisor to Minister of Digital Transformation of Ukraine

BREAK

12.30-13.00 Building Cyber Resilience: A Call to Action for Collective Responsibility

Colm Murphy Senior Cyber Security Advisor, Global Cyber Security Transparency Centre, Huawei

• Cybersecurity is a shared responsibility. It also requires a risk based approach. In theory, this means that the various actors in the ecosystem, from the technology manufactures to the network and infrastructure operators, the policy makers, regulators and standards organisations, each has its role to play and must work together for the benefit of businesses and citizens. But the practical reality is more complicated and nuanced. This presentation will address this reality by focusing on three scenarios, Cloud, AI and Telecoms, offering some practical advice about the considerations all businesses face when making technology decisions.

13.05-13.35 The Cyber Threat Landscape of the Nordics

Valentino De Sousa, Principal Director, Europe Cyber Threat Intelligence Lead, Accenture Security  

• The threat landscape has changed. Cyberattackers come in many forms and with different motivations. In cybersecurity terminology, these disparate groups are often bundled together using the term “threat actors”. In 2022, malicious threat actors adapted quickly to exploit changes in the political, technological and regulatory landscapes. In his presentation, Valentino will go through the Nordics Cyber Threat Landscape, touching what he sees as main trends, but also deep diving into industry incidents, primary threat actors, motivation and attack vectors.

13.40-14.10 ”Click Happens” – how to mitigate emerging endpoint security risks

Pelle Aardewerk, Head of Vertical Solutions, HP Wolf Security, EMEA 

• Why is Endpoint Security an increasing emerging threat? And how will companies practically implement a fit-for-purpose Zero-Trust Endpoint Security architecture as a combination of people, policy and technology? Practical case studies how to effectively: Prevent more frequent / sophisticated malware / ransomware attacks, respond to an incident and ensure resilience & employee productivity, protect your data from stolen laptops. As well as Supply Chain Security emerging threat (new in upcoming NIS2 / CRA / DORA EU cyber security regulations); How to ensure that vendors/suppliers in the supply chain will commit / comply together to cyber security standards/practices (and mitigate risks to an acceptable level)? 

14.40-15.10 Stepping Ahead of Risk: Risk Insights from the Broadest Attack Surface View

Ed Cabera, Chief Cybersecurity Officer at Trend Micro

• Trend Micro’s Chief Cybersecurity Officer, Ed Cabrera talks about the latest analysis and insights and the top stories on AI, ransomware, APT campaigns, and the threat landscape to show a broad view of malicious activities in the first half of 2023. 

15.15-16.00 How the Europe tackles cyber threats

Panelists: Tarja Fernandez,  Ambassador of Cyber Affairs, Ministry for Foreign Affairs of Finland, Jaanika Merilo, Advisor to Minister of Digital Transformation of Ukraine, Henna Virkkunen, MEP

Jaanika Merilo, Henna Virkkunen, TBA

• Europe is working on various fronts to promote cyber resilience, boost cyber defence and diplomacy as well as fighting against cybercrime. How is Europe coping?

16.00-16.15 Cyber Security Nordic Competition Award

DAY 2

8.11.2023

9.25-9.50 The NIST Post-Quantum Cryptography Standardization Project

Angela Robinson, Mathematician, NIST

• The National Institute of Standards and Technology (NIST) initiated a public process to select quantum-resistant public key cryptographic algorithms for standardization in response to the substantial development and advancement of quantum computing. NIST issued the public call for submissions to the PQC Standardization Process in December 2016 and, after three rounds of evaluation and analysis, announced the selection of the first algorithms to be standardized: CRYSTALS-KYBER, CRYSTALS-Dilithium, FALCON, and SPHINCS+.  In this talk we will discuss the three current NIST PQC endeavors: drafting standards for the four selected algorithms, the remaining algorithms under consideration in the 4th round of evaluation, and the call for additional digital signatures to be considered for standardization. 

9.50-10.20 Stories from the frontline

Teemu Ollikainen (SOC & Incident Response Manager) & Nicolas Samaneh (Head of SOC Operations), NetNordic

• How do hackers conduct their operations? Which vulnerabilities do they exploit? What measures can be taken to prevent and mitigate such attacks? NetNordic’s team of cyber security experts provides an exclusive glimpse into our operational methods, ensuring strong protection for your IT infrastructure.

10.50-11.15 TBA

Max Schrems, European Center for Digital Rights, NOYB

11.15-11.45 Why Foreign Malign Influence Matters: Strengthening Government Capabilities in Utilizing Information to Anticipate, Counteract, and Mitigate Destabilizing Consequences

Rochelle M. Eichner, Microsoft Threat Analysis Center (MTAC) Business Leader, Business Development Manager, Microsoft

• Why foreign malign influence matters and how the rapid evolution of the Internet, traditional and social media, as well as emerging domains of virtual and augmented reality, present challenges for entities in keeping pace with these evolving threats.  Microsoft’s Threat Intelligence Analysis Center (MTAC) integrates human analysis, advanced AI capabilities and data analytics to provide analysis, reporting, and briefings on foreign malign influence operations which enables organizations to identify and counter, and ultimately predict and mitigate foreign malign influence operations.

12.50-13.20 Business Resilience as a Strategic Priority

Teemu Salmi, CEO Nixu Corporation

• A view based on multiple data points on how the world is shaping & impacting the cybersecurity industry. Focusing on the future and how to prepare for 2024, Mr. Salmi will analyze the most critical capabilities and top concerns of the field.

13.25-13.55 TBA,

HCL Software

14.00-14.30 Learning from 10000 hours of enterprise forensics

Fabio Viggiani, CTO at Truesec and Alexander Andersson, Principal Forensic Consultant at Truesec

• What did we learn? What mistakes did we make? Are there any similarities between organizations that suffer from major cyber attacks? The session will take us through the entire lifecycle of an incident from start to end. We will cover incident response on a high level, but will also take technical deep dives on advanced forensic methodology and threat actor tactics and techniques. You will also learn how to apply the learnings to better protect your organization. 

15.05-15.50 Discussion Quantum computing and cyber security

Panelists: Angela Robinson Mathematician, NIST, Juha Vartiainen co-founder and COO of IQM Quantum computers, Kimmo Järvinen CTO and co-founder of Xiphera Ltd, Kari Seppänen Licentiate of Science (Technology), Principal Scientist, Project Manager. Senior Scientist VTT

15.50 Conclusion/Summary

DAY 1

7.11.

10.20-10.40 The Finnish Center of Expertise for Cybersecurity was established in Jyväskylä

Dr. Martti Lehto, Coordinator in the Finnish Center of Expertise for Cybersecurity (FICEC) / Research Director in the IT Faculty of the University of Jyväskylä.

• The University of Jyväskylä and the Jamk University of Applied Sciences established in March the Finnish Center of Expertise for Cybersecurity. The Center strengthens the cyber know-how of the Central Finland region in particular, but also supports the Finnish cyber security brand. The Centre of Expertise gathers under its umbrella the cyber security expertise of central Finland, which is known as strong, enabling even higher-quality education, research, and development. Together, we will also be stronger in European cybersecurity forums. The presentation describes the vision and the actions of the Center.

10.45-11.05 Supercharge Detection and Response Across Your Enterprise

Mikkel Planck, Senior Cybersecurity Specialist, CrowdStrike

• Every senior manager will recognize the struggles of hiring the right people, in a job market where security professionals are a resource in high demand, and supply is severely constrained. With employees increasingly working from home and abroad, the ability to respond to adversaries becomes even more complicated and time critical. Tooling, automation and services are key to getting ahead of attackers and stop breaches, and in this session we discuss how technologies help to address skills shortages in a proactive manner.

11.10-11.30 HCL

11.35-11.55 Cyber Security Nordic Competition

• Come to check out new business ideas when early-stage startups get the chance to present their awesomeness to a group of judges. The award winner is selected by a professional jury with the following representatives Kirsi Kokko, Business Finland, Ulla Heinonen, Confederation of Finnish Industries, Juhapekka Ristola, Sitra, Peter Sund, CEO FISC.

12.00-12.20 Feitian

12.25-12.45 The anatomy of a hybrid attack – how cyber resilient are You?

Nial Errity, Director – EMEA Consulting Analyst, Vectra Networks

• Security often thinks in individual, siloed attack surfaces, but hybrid attackers think in one giant attack surface. To get ahead of the hybrid attacker, we need to start thinking like them! In this session, we’ll examine a real-world hybrid attack as seen through the eyes of SOC analysts. Learn why building cyber resilience and stopping advanced, high-speed hybrid attacks starts with one integrated attack signal for one giant attack surface, so advanced, high-speed human intelligence can take over and stop the attacker before the breach.

12.50-13.10 Sec Datacom

13.15-13.35 How to Find the Soft Underbelly of the On-Premises Network 

Petri Saarenmaa, Senior Cyber Security Consultant, Netum

• During this presentation, you will hear lessons learned from years of configuring networks and assessing their security. Includes information on finding vulnerabilities in network devices with a case study example. Finally, what sort of steps should you take to secure your switches and routers?

13.40-14.00 CrowCyber Defence

14.05-14.35 How can ISO 27001 improve your company’s cyber security?

Pekka Virta, Lead Auditor of Information Security Certifications

• Cyber threats such as data breaches, ransomware attacks, and identity theft have the potential to inflict irreparable damage to an organization’s reputation and financial stability. Consequently, businesses need a robust and comprehensive approach to safeguard their data and systems from such threats. In order to protect their data, many companies have integrated information security management systems. During this speech, you will learn more about the ISO 27001 standard and discover how it can help companies secure their confidential information.

14.40-15.00 Fortinet Finland Oy

15.05-15.25 Outcomes in Identity Management

Rasa Siegberg, Fujitsu Finland Oy

• Viewpoints into identities and why should we care? What could happen – and what will? What to do next? 

15.30-15.50 From risks to resilience

Carsten Maartmann-Moe, Head of Cyber and Digital Risk / CEO Transcendent Group Norway 

• When high-consequence, low-probability events such as global pandemics and war materializes, our risk models governing information security and privacy tend to fail. Why is that? And what do we need to change to move our thinking from risks to resilience? Carsten gives an overview of how risk quantification, resilience optimization security and privacy by design will help building more resilient businesses, products and services. 

16.15-19.00 Cybersecurity Annual Forecast 2023 (live stream)

DAY 2

8.11.

9.55-10.15 Digital and Population Data Services Agency

10.20-10.40 Anomali

10.45-11.05 FPGA vs software based security,

Tatu Männistö, Senior Director of Technology, Cyber Security, Insta

• An introduction to the advantages of FPGA-based cryptosystems and why they are considered more secure than pure software implementations.

11.10-11.30 Smart Cyber Security – what are the new tools and methods?

Aapo Cederberg, Chairman of the Boardm Cyberwatch Finland

• Cyber challenges are growing and evolving, old methods are not enough. Cyber war has impact to all of us. EU-regulation is setting new requirements to private sector and authorities. Time to upgrade our cyber security thinking und culture. 

11.35-11.55 Perception vs Reality: A Data-Driven Look at Open Source Risk Management  

Konstantinos Kiourtsis, Principal Solutions Architect, Partners, Sonatype 

12.00-12.20 Westcon

12.25-12.45 End Cyber Attacks – from Stuxnet to Cybereason

Robert Żelazo, Regional VicePresident, Cybereason

• IT defenders must be consistently successful in protecting their network and resources, while hackers only need one successful attack. Moreover, there is no 100% effective prevention, and even the best security can be broken and effectively circumvented. Therefore, we need to focus not only on prevention, but also on ensuring that cyber-attacks that manage to bypass security are quickly detected and completely eliminated in the shortest possible time, preventing them from spreading over the network, stealing data and encryption, or even destroying our resources. What’s more, we have to do it automatically, with the least possible involvement of human resources, which not only is expensive, but also introduces unnecessary delay, and when we are attacked, every second is worth its weight in gold… Robert Żelazo, Regional Vice President at Cybereason, will talk about this and other aspects of effective protection and the most advanced cyber-attacks.

12.50-13.10 Threat Detection & Response with DNS How to see and stop cyberattacks early in the attack chain 

Mikael Rosander, Senior Solutions Architect, Infoblox, Inc. 

• Join our session to understand how you can see and stop cyberattacks earlier in the threat lifecycle and how to unite security with context rich network intelligence for improved SecOps efficiency. Threat Detection and Response with DNS can identity and alert on suspicious activity such as DNS tunneling, domain spoofing, DNS cache poisoning, allowing XDR to quickly respond. 

14.05-14.25 National Emergency Supply Agency (NESA)

14.30-14.50 Data Breaches are inevitable – Data Protection and Risk Mitigation for Customers and Partners

Mr Simon Pamplin, CTO Certes Networks

• You cannot fix a Data problem with an Infrastructure Solution – Change your Focus.

14.55-15.15 Finnish Transport and Communications Agency Traficom

The program is preliminary, changes are possible.