IN-PERSON

DACH CISO Executive Summit

29 November 2022 | Hilton Frankfurt City Centre

29 November 2022
Hilton Frankfurt City Centre

Governing Body Agenda Location Partners Contact

Governing Body Co-Chairs

Nikk Gilbert

RWE
CISO

Christoph Bernius

Allianz Deutschland
CISO

Sascha Brock

Deutsche Post
VP Chief Information Security Officer

Jimmy Heschl

Red Bull
Head of Digital Security

Chuks Ojeme

Brenntag AG
Global CISO

John Petersen

Nestlé
CISO

Aleksandar Radosavljevic

Global Fashion Group
Global CISO

Judith Wunschik

Siemens Energy
Global Chief Cybersecurity Officer

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your DACH CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda

28 November 2022

afternoon

29 November 2022

morning mid-afternoon afternoon

18:00 - 21:00 Governing Body Welcome Reception

Governing Body Welcome Reception

Exclusive to Governing Body members and select guests, this dinner is a can’t-miss opportunity to connect with your peers prior to tomorrow’s Executive Summit. Please join your colleagues for an evening of good food, wine, and lively networking.

Venue - Main Tower Restaurant - Neue Mainzer Str. 52-58, 60311 Frankfurt am Main, Germany

08:00 - 09:00 Registration & Breakfast

09:00 - 09:45 Keynote

Assessing the European Cybercrime Landscape — Staying Resilient in Uncertain Times

Carsten Meywirth

Director of Cyber Division

Bundeskriminalamt

Cybercrime hits the headlines, and the number of cases has been rising for years. Now more than ever, organisations globally are looking at cybersecurity and cybercrime through a new lens of severity – with international cyber-attacks taking place more frequently and threats rapidly on the rise, increasing knowledge and awareness of the subject is of peak importance to CISOs. With over 30 years of experience in the Bundeskriminalamt and being the Director of the Cybercrime Division, since its foundation in 2020, Carsten Meywirth will share first-hand insights and assessments of the current situation.

In this keynote session, Carsten will discuss the following:

Understanding the real threats from the virtual world & how is the cybercrime scene is organised
Assessing how you can effectively fight crime in the borderless virtual space despite national responsibilities
Sharing methods private companies can use to cooperate with authorities and respond wisely when cyber-attacks happen

09:45 - 10:00 Break

10:00 - 10:45 Breakout Session

The Modern Security Function — Finding Efficient Solutions

Michael Krull

CISO

Bertelsmann

Judith Wunschik

Global Chief Cybersecurity Officer

Siemens Energy

A modern architecture function must consider continuous delivery and identity-centric security solutions. Moving away from legacy solutions to the cloud could lead to improving cost efficiencies, simplifying operational processes, and reducing staff burnout; but how can CISOs move towards a more innovative model?

Collaborate in this session to dive deep on:

What makes for the perfect fit when it comes to a SOC for your organisation
How to optimise your budget across your operations strategy
Using data to improve your strategy and improve your understanding of it across the business

10:00 - 10:45 Breakout Session

Walking Through the World Health Organization’s Journey to Cyber Resiliency

Flavio Aggio

Chief Information Security Officer (CISO)

World Health Organization

Think back: it’s the beginning of 2020, amidst the onset of the COVID-19 pandemic. Across the globe, organisations are confronted by a myriad of new challenges while struggling to adapt to the ‘new normal. As CISO, you must continue overseeing your organisation’s cybersecurity posture and mitigating its risks in this new uncertain environment: a reality that many have now experienced.

Now, let us imagine it’s the beginning of 2020, but you are the new CISO at the World Health Organization, which has rapidly become the preeminent target for cyber criminals and APT groups everywhere. There are virtually no cybersecurity solutions in place other than typical firewalls, anti-virus, mandatory cybersecurity training, and phishing exercises. Budget is extremely limited. This was the reality faced by Flavio Aggio, CISO at the WHO.

In this session, Flavio will outline how he was able to improve WHO’s cybersecurity posture in a perfect storm of a global pandemic by employing innovation, collaboration, agility, and resiliency.

Join him and discuss:

Identifying the immediate challenges presented by cybercriminals targeting the WHO, such as (website impersonations, etc.)
Overcoming challenges and building out an extensive cybersecurity team
Key lessons learned and the ongoing journey towards resiliency

Disclaimer: Institutional affiliation is provided for identification purpose only and does not constitute an institutional endorsement. Any views and opinions expressed are personal and belong solely to the individual and do not represent any people, institutions or organizations that the individual may be associated with in a personal or professional capacity unless explicitly stated.

10:00 - 10:45 Executive Boardroom

Keeping Pace With Security Talent Acquisition

Christian Schwendemann

Global Product Go-To-Market Owner, Analytics

Citrix Systems, Inc.

Thomas Mann

CISO

K-Businesscom AG

Dörthe Pult

Head of IT Security

ista International

The threat landscape continues to evolve faster than hiring efforts, and CISOs' security teams can’t get left behind. It’s no longer enough to manage your team and hope they stick around. Instead, long-term retention calls for a plan.

Join this boardroom to discuss:

Identifying and addressing skill gaps within internal talent mobility
Leveraging career development opportunities to attract and retain talent
Sharing best practices for talent retention and attracting new staff

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CxOs).

To reserve your seat, please contact:

Luis Arango Abello at +447736473727 or luis.arangoabello@gartner.com

10:45 - 11:30 Networking Break

10:55 - 11:20 Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:30 - 12:15 Breakout Session

Navigating A People-Centric Approach to Security

Bert Skaletski

Resident CISO, EMEA

Proofpoint

Chuks Ojeme

Global CISO

Brenntag AG

With remote work, organisations around the world are at a greater risk of cyber threats than ever before, and cybercriminals are taking advantage of the situation. In this session, you will examine the biggest challenges security leaders face, and why a people-centric approach to security is everyone’s biggest opportunity to better protect their organisation.

In this session, you will explore:

How remote work and the move to the cloud has changed the nature of threats to data
The ways in which organizations are building controls to better understand and protect their employees
The impact of changing behaviors, employee culture and workplace environment on people risk

11:30 - 12:15 Executive Boardroom

Surviving the “Golden Age” of Ransomware

Michael von der Horst

Managing Director CyberSecurity

Cisco Systems

Markus J. Krauss

Head of Cisco Cloud Security - EMEA Central & Northern Europe, Germany and UK/I

Cisco Secure

Florian Brandner

Teamhead Information Security

Puma

Hendrik Hartje

CISO

Coca-Cola European Partners Deutschland

Experts are warning that we are experiencing a “golden age” for ransomware. With new attacks reported almost daily, the pressure is on for CISOs to protect against not only sophisticated networks and Ransomware-as-a-Service (RaaS) schemes, but also outdated security mindsets within their own organisations.

Join this session to learn:

Key lessons from recent high-profile attacks
Emerging and evolving trends among threat actors and their targets
Innovative ways to reduce risk and improve resilience

To reserve your seat, please contact:

Luis Arango Abello at +447736473727 or luis.arangoabello@gartner.com

11:30 - 12:15 Executive Boardroom

The Modern CISO’s API Security Strategy – What’s Next?

Filip Verloy

Field CTO EMEA

Noname Security

Jorge Moubayyed

EMEA CISO

DHL Supply Chain

Michael Schmidt

Information Security Manager (global)

H.B. Fuller Company

In today’s climate, having a holistic view on API security is key to protecting organisations from the ever-expanding API attack surface. Proactively securing your environment from API security vulnerabilities, misconfigurations, and design flaws are among the biggest challenges that security leaders face. But how can CISOs identify and eliminate attack surfaces before an attack, and actively test APIs for vulnerabilities throughout the lifecycle, in addition to preventing real-time attacks?

Join this session to discuss:

Remediating management and configuration issues before they become a problem
Security testing for DevOps that integrates into the tools your team is already using
How to build a framework and network architecture to support the rise in remote employees

To reserve your seat, please contact:

Luis Arango Abello at +447736473727 or luis.arangoabello@gartner.com

11:30 - 12:15 Executive Boardroom

From Asset Management to Asset Intelligence: Crossing the CAASM

Daniel Grice

Senior Sales Engineer

Axonius

Paul Sester

Chief Information Security Officer

HORNBACH Baumarkt AG

As IT and security teams struggle to manage a complex sprawl of devices, users, cloud services, and software, there is one certainty we can rely on: complexity will only increase. But there's good news.

Join this Executive Boardroom to discuss:

Deploying a new strategy of asset intelligence
The emerging Cyber Asset Attack Surface Management capabilities
Automation for improving security hygiene and remediation

12:15 - 13:15 Lunch Service

13:15 - 13:50 Keynote

Third-Party Cyber Risk — Zero-Day Findings and Mitigation

Ewen O'Brien

Senior Vice President - Cyber Third Party Risk

BlueVoyant

Managing distributed risk is today’s defining cybersecurity challenge. Mitigation of zero-day vulnerabilities is critical as adversaries exploit supply chain entities. This session explores how to identify all third parties impacted by zero-day vulnerabilities and guide their mitigation efforts. Your vendor, supplier, and partner ecosystem is now your enterprise attack surface.

Join this session to learn:

How to manage distributed risk associated with hundreds and even thousands of vendors, suppliers, and partners
Approaches to identify, prioritise, and mitigate active threats and critical/zero-day vulnerabilities
Strategies to reduce supply chain/external ecosystem risk associated with zero-day

13:50 - 14:00 Break

14:00 - 14:45 Executive Boardroom

Could XDR be the Answer to Improving Threat Detection and Response?

Tanja Hofmann

Security Architect

Trellix

André Loske

CISO

Heidelberger Druckmaschinen AG

Boris Awdejew

CISO

Fiege Logistik Stiftung & Co. KG

CISOs today are looking for more proactive and adaptive approaches to threat detection, attack surface reduction and response. Understanding what threats are out there by increasing visibility across all data, including endpoint, network, and cloud data, whilst staying ahead of threats are amongst the most vital priorities that CISOs have to address. So, what are the key elements needed to approach threat detection in a truly effective way?

Join this Executive Boardroom to hear how with XDR, cybersecurity teams can:

Identify hidden, stealthy and sophisticated threats proactively and quickly
Consolidate alerts and enable teams to do more with less
Learning what other CISOs are doing to adapt posture with insights and new technologies

14:00 - 14:45 Executive Boardroom

Streamlining Security Operations in 2022

Uri May

Co-Founder & CEO

Hunters

Joachim Fritschi

CISO

GLS Group

Demand for security roles is constantly increasing and organisations everywhere are facing the same issues time and again – from difficulties hiring and retaining staff to keeping up with security operational challenges. So how can CISOs make their SOCs run more effectively to enhance their security posture and ultimately evolve their security strategy around their workforce?

Join this boardroom to hear more on:

Improving data retention through automation and efficient processes
Amplifying and correlating the right signals while filtering out the noise
Dealing with complex supply chain attacks, insider threats and vulnerabilities

To reserve your seat, please contact:

Luis Arango Abello at +447736473727 or luis.arangoabello@gartner.com

14:00 - 14:55 Breakout Session

Flipping the Asymmetry with Attackers: An Interactive Wargame

Sharon Isaaci

VP Cyber Security Services, Europe

Sygnia

Yotam Meitar

Incident Response Manager

Sygnia

David Gray

Director Cyber Services EMEA

Sygnia

It’s time to play!

Preparing for a cyber crisis is imperative and can determine whether it becomes a major catastrophe or a manageable incident. What needs to be done in the first hours of a highly disruptive incident? What are the common options, dilemmas and pitfalls? And how can we get it right?

Join our interactive incident simulation, based on a true story. Your decisions as executives will be presented and help shape the future of the victim organisation.

During this session, we will:

Leverage the wisdom in the room to tackle complex challenges and get ahead of the attackers
Understand the impact of technical and stakeholder management decisions on the business
Discuss key pitfalls commonly overlooked by security teams

14:45 - 15:30 Networking Break

15:00 - 15:20 Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

15:30 - 16:15 Breakout Session

Interactive Workshop — Thinking Outside the Box, Discussing Disruptive Ideas to Talent Shortages

Angelo La Penna

CISO EMEA

Swiss Re

Matthias Muhlert

CISO

Haribo

Cyber wages are inflating at an increasing rate, and new employees are being poached days before they start their new roles. What can a CISO do to compete with these enormous challenges? Recruitment and retention demands require out-of-the-box thinking to stay ahead of the curve. In this discussion, we'll consider ideas to combat this fundamental issue within the industry.

In this interactive session, you’ll come together to brainstorm:

How CISOs are encouraging their teams and retaining their rosters — what makes your employees happy?
What can be done to combat staff turnover — overcoming exponential wage inflation
Rethinking your job requirements — diversifying the entry point to the security profession
Reviewing automation’s role in alleviating the impact of this crisis?

15:30 - 16:15 Executive Boardroom

Shine a Light on Dark Data: How to Take a Data-centric Approach to Modernise Data Protection

Nick Maxwell

VP EMEA/APJ

BigID

Daniel Cisowski

CISO

BDO AG

Benedikt Heintel

CISO

Viega

It’s the data that you don’t know about that represents the most risk. As the volume of dark data expands, so does your attack surface. A data-centric approach shines a light on dark data to give you the visibility and control you need to mitigate risk. In this executive boardroom, we’ll explore how to improve your data security posture management (DSPM) by accelerating visibility, classification, and actionable insight across all types of enterprise data (including dark data). You’ll learn how to proactively reduce risk and take an AI approach to data-centric security.

Join this session to discuss:

What are the key elements of a data-centric strategy when protecting your data?
How to leverage AI and automation to shine a light on dark data?
How to get more from your existing tech stack and close gaps in your data security strategy?

To reserve your seat, please contact:

Luis Arango Abello at +447736473727 or luis.arangoabello@gartner.com

15:30 - 16:15 Executive Boardroom

Reframing the Perception of Cyber Risk

Tilman Epha

Sales Director

XM Cyber

Daniel Schatz

CISO

Qiagen

Thomas Steinich

Director IT Strategy, Security Architecture

Linde Plc

The cyber threat has never been greater, and identifying the impact associated has never been easier, yet successfully reporting this to the board remains a critical hurdle to overcome. Operational teams drown in alerts and long lists of technical weaknesses to fix but can’t see how these all combine to form paths that attackers exploit to disrupt the business.

Join this Executive Boardroom to discuss:

Resetting the security function to become an enabler of modern digital business
Examining how digital business models are driving greater integration with suppliers and partner
Understanding how current reporting fails to get buy-in from the board

To reserve your seat, please contact:

Luis Arango Abello at +447736473727 or luis.arangoabello@gartner.com

16:15 - 16:25 Break

16:25 - 17:00 Keynote

Debating the CISO Roadmap — How Could the Role Evolve?

David King

CISO

Omnicom Media Group

Peter Gerdenitsch

Head of Group Information & Cyber Security / Group CISO

Raiffeisen Bank International

Nikk Gilbert

CISO

RWE

Joao Moita

Group CISO

Merck

Heiko Seidel

CISO

Volkswagen Financial Services

The modern CISO is an ever-changing role, with differing responsibilities per industry and organisation. Fundamental questions still need to be answered about how the CISO could develop, these include: Should the CISO be on the management board? Should IT report to the CISO? Should the CISO be a CSO? Should the CISO focus on the business or technology side? Will a CISO operate across multiple by offering CISO-As-A-Service? Join this discussion to see if there are any answers to these essential questions.

In this closing keynote panel we'll explore:

Assessing the CISO’s longevity in its current form
The shifting responsibilities of the CISO over the next five to ten years
The importance (or lack thereof) of having a clear roadmap for the CISO

17:00 - 18:00 Closing Reception & Prize Drawing

28 November 2022

afternoon

29 November 2022

morning mid-afternoon afternoon

We look forward to seeing you at an upcoming in-person gathering

Location

Venue & Accommodation

Hilton Frankfurt City Centre

A block of rooms has been reserved at the Hilton Frankfurt City Centre at a reduced conference rate. Reservations should be made online or by calling +1-888-225-9664.

Deadline to book using the discounted room rate of €239 EUR (plus tax) is 7 November 2022.

RESERVE ROOM