2018IT SECURITYINSIGHTS

Protecting Your Data Through Innovation

8 NOVEMBER, 2018VENUE: HOTEL BIRGER JARL, STOCKHOLM

Editorial Director Robert Kitunzi

robert.kitunzi@matchcorp.com

+46 ( 0) 70 218 71 93

Robert Kitunzi

Register on www.itsecurityinsights.confetti.events IT SECURITY INSIGHTS 2018

It’s my pleasure to welcome you to the second edition of the IT Security Insights Conference. Due to the success of the launch event in the Spring we are pleased to inform you that the second edition is going to be more insightful with more customer case studies and more speakers. Our mission is to grow the event to be an exceptional user-based networking platform for IT Security professionals. The main objective of the event is to enable IT Security practitioners to reflect on the challenges, achievements and obstacles overcome during the year while at the same time looking ahead on what the future holds for the IT Security Industry in 2019.

We have invited top organisations in Sweden to showcase their experiences and knowledge on key IT Security topics and GDPR. We have also introduced a new feature in round table discussions to allow in-depth follow up discussions and interactions with our guest speakers and partner speakers at the event. Besides, we recommend you spare some time to visit our partners in the exhibition area during breaks, so you get acquainted with the new solutions out there on the market.

The tagline of the IT Security Insights conference remains the same as from the previous event, that is, Protecting Your Data Through Innovation. This means we shall continue to look at new innovative technologies such as: Artificial Intelligence, Machine Learning, Blockchain that are shaping the Cyber security industry especially in helping IT Security professionals to stay a step ahead of cybercriminals.

It’s no doubt Cyber Security is at the top of the agenda of many organisations and nations including Sweden which finally adopted a National Cybers Security Strategy as late as recently in 2017. This will function as a guideline to all stake-holders to work effectively on cyber security, and raise the level of awareness and knowledge throughout society. We are delighted to inform our audience that a guest speaker from the Swedish government has been invited to shade some light on this achievement.

The event will also explore practical case studies and workshops on: Cloud Security, IoT, Security Operations Center(SOC), Information Security Awareness and Training and Post-GDPR Insights.

The IT Security Insights Conference is a peer to peer meeting place for knowledge sharing between IT Security Professionals, so grab this opportunity and join us for some meaningful discussions.

EDITORIAL

Welcome to the second edition of theIT Security Insights Conference.

Practical Information:

Date:8 November, 2018

02

Location:Hotel Birger Jarl, Stockholm

Ticket Options:All packages include entrance and refreshments

*All prices are excluding VAT

Standard Single Ticket: SEK 3995

Group Ticket: SEK 2795(Group Ticket applies for group from 2 to 5 people)

www.itsecurityinsights.confetti.events

To Register

Visit the event website:

+46 ( 0) 70 218 71 93Register by phone:

register@itsecurityinsights.comOr send us an email:

07:30 Registration Starts

08:20 Chairman Opening Remarks - Jan Olsson, Swedish Police Authority

09:15 Cloud Security (or not!) och Business Continuity Planning (BCP) - Ulf Berglund, Skandia Norden

09:30 Cloud Security (or not!) och Business Continuity Planning (BCP) - Ina Nordqvist, CSA Sweden Chapter

09:40 Data protection measures required by GDPR - Aleksandra Kharlan, EnterCard Group

10:00 Coffee Break and Visit to the Expo Area

10:25 The psychology of social engineering – Dimitrios Stergiou, Trustly

10:55 Practical implementations - How to use AI to improve the SOC, TBA

11:20 Identity management and access governance at the heart of your cybersecurity - Stuart Beattie, Omada A/S

11:45 “The DPO-role under the GDPR - Who, Why and How?”- Anna Forsebäck, Schibsted Media Group

12:05 Networking Lunch and a visit to the Expo Area

13:05 IT Security Insights Round Table Discussions: Elin van Beesel (FCG AB), Johanna Mannung (Swedish Police Authority), Mats Juhlén (Atea Sverige AB)

14:35 Afternoon Networking Coffee Break

14:55 “5G & Cybersecurity: Opportunities and Challenges” - Brian O´Toole, ERICSSON

15:20 Information Security in a modern digital eco-system - Robert Willborg, Junglemap AB

15:45 GDPR after the Implementation date Still a lot of work to do - Christian Källqvist, Schneider Electric

16:25 Keynote: What the future holds for the IT Security Industry - TBA

17:00 Chairman Closing Remarks – Jan Olsson, Swedish Police Authority

17:10 Networking Cocktail Reception

16:05 Customer Case Study - TBA

08:55 Information Security Incident Response Strategies - Jan-Olof Andersson, ICA Sverige AB

08:30 National strategy for society's information and cyber security - Annette Norman, Government of Sweden

AGENDA OVERVIEW 03

Register on www.itsecurityinsights.confetti.events IT SECURITY INSIGHTS 2018

The IT Security Insights conference is tailor made for IT professionals and organisations working with or facing IT Security challenges and are interested to learn how to safeguard their organisations from today’s advanced threats. If you are working in positions listed below or similar ones, then this is a must-attend event for you.

• CISOs• CSOs• CIOs• CTOs• CEOs• IT Directors• Heads of IT Strategy • IT Infrastructure Directors• Head of Security Operations• Cyber Security Specialists• IT Security Archictects• IT Security Coordinators• Data Security Directors• IT Security Managers

WHO SHOULD ATTEND 04

• Heads of Networks• Network Managers• IT Security Analysts• Business Development Manager• Head of IT Operations• IT Architects• IT Technicians• Data Protection Of�cers• IAM Directors• Service Delivery Managers• IT-solution managers (ISM)• IT Operations Directors• System Administrators• IT System Managers

RESERVE A PLACE WITH A COLLEAGUE TODAY!

EDUCATIVE CONTENTOn Digitization challenges, Best Practice GDPR Examples, Cloud Services, IoT Security,

Cyber Insurance, AI, SOC, Strategies To Mitigate Cyber Threats

GDPR: Learn how your peers are dealing with the new GDPR legislations after the 25th of May!

Excellent Speakers: Listen and learn from the best practice case studies and workshops presented by distinguished guest speakers who are influential in the industry.

Networking: If you go to events to network, here is your chance to shine and network with over 150 IT Security practitioners and industry peers.

New Products: Visit the Expo Area for the latest technology.

Free Wi-Fi: There is high-speed Wi-Fi in case you would like to catch up with urgent work during the conference.

All Inclusive Package: We provide refreshments from breakfast all through breaks including lunch and the closing networking reception.

WHY ATTEND

Register on www.itsecurityinsights.confetti.events IT SECURITY INSIGHTS 2018

SPEAKERS 05

Register on www.itsecurityinsights.confetti.events IT SECURITY INSIGHTS 2018

• How incident management is linked to the company's security process?

• What components are included to enable the company to handle a security incident

Key topics

Jan-Olof has 30 years’ experience in the security field and has earned great credibility in the industry. His knowledge stretches from physical protection to information security, focusing on what is best for the organization. Colleagues in the field place great confidence in him, and on several occasions he has been appointed as one of the most prominent persons in the field of information security.

Speaker(Bio)

Information Security Incident Response Strategies

Session Title

Jan-Olof Andersson

Name

CISO

Job title

ICA Sverige AB

Company name

• How does the strategy respond to the new challenges in an increasingly digitized society?

• What measures have been taken and what will happen in 2019?

Key topics

Annette is a lawyer with extensive experience in information security work including through supervision and counselling under the Security Protection Act, investigating secretary in the investigation of the implementation of the NIS Directive and the investigation of certain safety issues.

Speaker(Bio)

National strategy for society's information and cyber security

Session Title

Annette Norman

Name

Snr. Advisor, National Cybersecurity Strategy

Job title

Government of Sweden

Company name

Jan Olsson has 25 years’ experience in the Swedish Police Force, 10 of which he has dedicated to fighting fraud. Presently, he works as the National Fraud Coordinator and National Fraud Expert at the National Fraud Center (NBC). He is a frequent speaker giving approximately 70 lectures annually both nationally and internationally. He is also a receiver of the prestigious “Great Credit Prize” in 2015 for his dedication to preventing fraud.

Speaker(Bio)

Session Title

Jan Olsson

Name

Event Chairman

Job title

Sweden Police Authority

Company name

Chairman Opening Remarks - Jan Olsson, National Fraud Coordinator

SPEAKERS 06

Register on www.itsecurityinsights.confetti.events IT SECURITY INSIGHTS 2018

Ulf Berglund

Name

CSA Sweden Chapter

President

Ina NordqvistSenior IT Security Consultant

Company name

• What is important to find out before the incident occurs, about your cloud supplier when it comes to BCP

• Different situations that may occur and which you must have a plan for if they happens

• Connect your own BCP-plan to the Cloud suppliers, what should you think about and manage

Key topics

Ulf is the president of the Swedish chapter of CSA, Cloud Security Alliance, a worldwide organization. He is also co-author of the book Guide to the Cloud. Ulf has a long experience from leading positions in the field of information security. He has a background as an officer, his last active years he was principal officer, IT security and information security expert at the Military Intelligence and Security Service (MUST).

Ina is a senior information security consultant since 1998 focusing on Information Security Management system (ISMS) 27001, Risk Management, Education, Incident Management, Information Classification and Continuity management. Ina has worked with ISMS, polices and documentation for information security, routines and organization of information security the customers.

Speaker(Bio)

Cloud Security (or no security!) and business continuity planning (BCP)

Session Title

• We are compliant! What’s next?

• Technical solutions vs policies and corporate culture. What would work best for your company?

• Data breach without breach. Is absence of data minimization and privacy by design can be an actual personal data breach?

Key topics

Aleksandra has been working with compliance and privacy issues since 2012 within law and compliance department for global FCG company. In 2017 she joined Information Security department at Entercard Group AB to work with privacy related issues triggered by implementation of new regulation in EU that significantly affected companies working in financial sector.

Speaker(Bio)

Data protection measures required by GDPR

Session Title

Aleksandra Kharlan

Name

Data Privacy Specialist

Job title

EnterCard Group AB

Company name

Key topics

Dimitrios is currently employed as the Chief Information Security Officer for Trustly. He is an experienced senior Information Security and Risk professional with over 20 years’ experience in Risk Management, IT audits and Information security.

Speaker(Bio)

The psychology of social engineering

Session Title

Dimitrios Stergiou

Name

CISO

Job title

Trustly

Company name

• The 6 influence principles (by Dr. Cialdini) and how these principles are utilized to improve the success rate of social engineering attacks

• The driving forces of what makes us “click on the link” and how we should defend against them

• What one can do to prevent these types of social engineering attacks

SPEAKERS 07

Register on www.itsecurityinsights.confetti.events IT SECURITY INSIGHTS 2018

Key topics

Anna is a Stockholm-based lawyer specialized in tech and privacy who has recently taken on the challenge to set up a centralized, scalable DPO-office for all companies in the Media Division of Schibsted Media - a task that comprises some fifty companies in ten European countries. Annas experience includes both external counsel roles and, in-house legal counsel and DPO roles.

Speaker(Bio)

“The DPO-role under the GDPR - Who, Why and How?”

Session Title

Anna Forsebäck

Name

DPO

Job title

Schibsted Media Group

Company name

• Who could or should take on this role in your organisation? (The battle between competences)

• Why should you appoint a DPO? (Or should you?!) How to perform the regulated tasks of the DPO in a manner that adds value to the organisation

• (Can the DPO combine its independent role and its montoriting duties with a proactive, supporting approach?)

Key topics

Stuart is a Senior Business Leader with international management experience with a broad range of technology companies. He has a track record of working for companies ranging from small businesses to Fortune 500 organisations to find and win new customers through the definition and execution of strategic go-to-market plans. Besides he has successfully worked with senior leadership teams to build data-oriented business models to help them define operational requirements.

Speaker(Bio)

Identity management and access governance at the heart of your cybersecurity

Session Title

Stuart Beattie

Name

Product Marketing Director

Job title

Omada A/S

Company name

• How identity management and access governance helps manage security risk – protect sensitive information, ensure compliance, avoid accidental or illegitimate access, and data theft. Learn how efficient identity management maintains business agility – by providing timely and appropriate access for your employees.

Speaker(Bio)

Name Job title Company name

• How the evolution to 5G is going to have an impact on Enterprise security when it comes dealing with ubiquitous connectivity, the increase of data globally and the way that IT professionals will have to think about deployment of large scale networks, as in the case with IOT.

Key topics

Brian has been at Ericsson since 2005, working across several different areas including software development, product management and information security. Has been the CISO since 2015, and he is primarily focussed on integration of Information Security Risk Management across Ericsson, which is one of those things that is easy to say, but difficult to do in an organisation of over 100,000 people.

“5G & Cybersecurity: Opportunities and Challenges”

Session Title

Brian O´Toole CISO ERICSSON

ROUND TABLE DISCUSSIONS 08

Register on www.itsecurityinsights.confetti.events IT SECURITY INSIGHTS 2018

Johan Mannung

Enterprise Security Architect

Swedish Police Authority

Mats Juhlén

Business Development Manager

Security Atea Sverige AB

Elin van Beesel

Senior Manager

GDPR Specialist

Johanna Mannung is a security architect at the Swedish police authority, working with all aspects of it- and information security. During her 20 years in the IT sector she has held a number of varying positions, from researcher into privacy in p2p networks to a developer for IAM solutions. Today she gets to use all her experience in securing one of the most important organizations in Sweden.

Mats has a network security background with also 10 plus years experience working with Security. At present he is focusing on Information Security and GDPR, helping customers implement a structured and risk-based way of working with regulatory requirements and also support companies in the role of a data protection officer.

Elin is a lawyer with nearly 20 years of experience in business law. Her speciality is GDPR and data privacy where she currently manages a wide range of GDPR compliance projects at group level. Elin is also appointed as Data Protection Officer for several FCG clients. Besides the client assignments Elin is also often engaged in educations and seminars within the data privacy sector.

TBA TBA TBA

Digital Transformation

SecurityOperations

Center (SOC)Cloud Security

Preparing for the threats of tomorrow

How can ISO27001 support your GDPR and compliance with other regulatory requirements?

GDPR and Incident Process

SPEAKERS 09

Register on www.itsecurityinsights.confetti.events IT SECURITY INSIGHTS 2018

Speaker(Bio)

Name Job title Company name

Key topics

Robert is a lecturer with a broad and extensive background from the armed forces, security work and behaviour-based security. Since 2010, Robert Willborg has been working strategically and in an advisory role in information security focusing on secure digital ecosystems. Robert has also published several articles on security related issues and is a certified DPO. Robert holds a place in IDG´s expert network.

Information Security in a modern digital eco-system

Session Title

Robert Willborg SME Cyber Security and Privacy Junglemap AB

• The aim is that the listener should have a basic understanding of behaviours and cultures as risks and threats in digital ecosystems

• Another aim is that the listener should have a basic understanding of why a more holistic view is required in digital ecosystems

• The final goal is to have the listener have a very basic knowledge of where to start in the new strategy regarding security work in their systems

Speaker(Bio)

Name Job title Company name

Key topics

Christian har jobbat med IT-säkerhetsfrågor som en del i hans nuvarande och historiska roller, tidigare på SE-banken och nu på Schneider Electric. De nya möjligheterna med ständigt uppkopplade produkter driver nya penetrationsmöjligheter och därmed säkerhetsutmaningar. Schneider Electric fokuserar t.ex. stort på EcoStruxure. Det är Schneider Electrics IoT-aktiverade, öppna, kompatibla arkitektur och plattform med plug-and-play-funktion för hem, fastigheter, datacenter, infrastruktur och industrier. Säkerheten i dessa lösningar är mycket viktig.

GDPR after the Implementation date Still a lot of work to do...

Session Title

Christian Källqvist CIO Schneider Electric Sverige AB

• Hiring a management consultant firm to help with the implementation

• How to decide which processes to keep soft and which to add application/database support

• How to avoid doing same work/mistakes at every company

Register on www.itsecurityinsights.confetti.events IT SECURITY INSIGHTS 2018

www.itsecurityinsights.confetti.eventsREGISTER ONLINE

REGISTER BY PHONE

REGISTER BY EMAIL

Tel: +46 ( 0) 70 218 71 93

register@itsecurityinsights.com

Included in the package: Conference entry ticket, food and refreshments. All presentations are video recorded. Delegates get full access to post-event video library.

Group Tickets: Available for companies attending in a group of two to five and above.

PRICES & TICKETS OPTIONS 10

Please find below the Passes and Packages available for purchase. Prices are not applicable for IT Security Service Providers. Prices are excluding VAT. International guests are not charged VAT if their organisation has a valid VAT Number.

We look forward to seeing you at the conference.

FEATURE

PRICE

STANDARDSINGLE TICKET

SEK 3995

GROUP TICKET (2-5 Participants)

SEK 2795

Prices are excluding VAT. Your booking is binding. You may substitute a delegate at any time. Please note that substitutions are not permitted unless approved by the organisers. For all cancellations (without an approved substituted delegate) received in writing more than 5 business days prior to the event and, a 500 SEK (+VAT) administrative fee will be charged. For cancellations less than 5 business days prior to the event, the full amount of the delegate pass is non-refundable. Full payment is due 14 days upon invoice and no later than 5 business days prior to the event. Delegates that have NOT submitted payment prior to the event will not be admitted to the event. Admittance is then only granted upon approval of credit card payment directly onsite.

Register on www.itsecurityinsights.confetti.events IT SECURITY INSIGHTS 2018

PARTNERS 11

(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 125,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and EducationTM. For more information on (ISC)², visit www.isc2.org, follow us on Twitter or connect with us on Facebook.

The Cloud Security Alliance is a non-profit organization formed to promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is comprised of many subject matter experts from a wide variety disciplines, united in our objectives: • Promote a common level of understanding between the consumers and providers of cloud computing regarding the necessary security requirements and attestation of assurance • Promote independent research into best practices for cloud computing security • Launch awareness campaigns and educational programs on the appropriate uses of cloud computing and cloud security solutions • Create consensus lists of issues and guidance for cloud security Assurancewww.cloudsecurityalliance.se

SIG Security is a non-profit organization with about 700 members, making it Sweden's largest information security community. The board is appointed by the members at the annual meeting. SIG Security - founded in 1980 - is a community for people working within the information security area, and the members come from all different parts of society. The organization's main issue is to give rise to the understanding of and inspire to the work within the information security area by:• Influencing the development of solutions to critical issues within the information security area• Promoting and developing the members contacts and exchange of experiences within as well as outside SIG Security• Taking initiative to urgent measures for development and spreading of knowledge Promoting and influencing educations and conferences within the information security area• Promoting a sound and positive development of information security within industry, public administration and the society as a wholewww.sigsecurity.org

Since 2000, Omada has focused on using identity to create measurable business value. Identity, managed the Omada way, simultaneously improves security, efficiency, cost control, and regulatory compliance. We have pioneered many of the best practices in use today and are passionate about taking identity management even further. DO MORE WITH IDENTITY www.omada.net

Atea is the market leader in IT infrastructure for businesses and public-sector organizations in Europe’s Nordic and Baltic regions. With 7,200 employees and 4,000 consultants located in 87 offices across seven countries —Norway, Sweden, Denmark, Finland, Lithuania, Latvia and Estonia — Atea combines a unique breadth of competence in IT infrastructure with a powerful local presence in each market we serve. Atea offers a full range of hardware and software from the world’s top technology companies. Our team of specialist consultants has technical certifications and system integration skills to design, implement and operate solutions for even the most complex IT requirements. As a result, we help customers solve problems and get maximum productivity from their IT investments. www.atea.se

Flowmon Networks empowers businesses to manage and secure their computer networks confidently. Through our high performance network monitoring technology and lean-forward behavior analytics, IT pros worldwide benefit from absolute network traffic visibility to enhance network & application performance and deal with modern cyber threats. Driven by a passion for technology, we are leading the way of NetFlow/IPFIX network monitoring that is high performing, scalable and easy to use. The world’s largest businesses, internet service providers, government entities or even small and midsize companies rely on our solutions to take control over their networks, keep order and overcome uncertainty. With our solution recognized by Gartner, recommended by Cisco, CheckPoint and IBM, we are one of the fastest growing companies in the industry. www.flowmon.com

Junglemap invented NanoLearning in 2006 and we strive to make e-learning easier, more effective and affordable through innovative learning methods, platforms and courses. Junglemap has more than 900 clients and 3 million users in 140 countries, but we hope this is only the beginning. www.junglemap.com.

TeleTrusT is a widespread competence network for IT Security comprising members from industry, administration, research as well as national and international partner organisations with similar objectives. TeleTrusT provides interdisciplinary fora for IT Security experts and facilitates information Exchange between vendors, users and authorities. TeleTrusT comments on technical, political and legal issues related to IT Security and is organizer of events and Conferences. TeleTrusT is a non-profit association, whose objective is to promote information Security professionalism, raising awareness and best practices in all domains of information Security. TeleTrust is carrier of the ”European Bridge CA” (provision of public key certificates for secure e-mail Communication), the quality seal ”IT Security made in Germany” and runs the IT expert certification program ”TeleTrusT Information Security Professions Standards Institute (ETSI). The association is headquatered in Berlin, Germany. www.teletrust.de

MatchCorp International AB

111 20, Stockholm Sweden

For more information, email info@matchcorp.com or visit www.itsecurityinsights.confetti.events

+46 ( 0) 70 218 71 93