IN-PERSON

DACH CISO Executive Summit

28 November 2023 | Hilton Frankfurt City Centre

28 November 2023
Hilton Frankfurt City Centre

Collaborate with your peers

Get together with DACH's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Securing AI, Automation and New Technology

Enhancing the CISO Role as a Business Enabler

Reducing Risk and Embedding a Resilient Security Culture

DACH CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Governing Body Co-Chairs

Nikk Gilbert

RWE
CISO

Christoph Bernius

Allianz Deutschland
CISO

Sascha Brock

Deutsche Post
VP Chief Information Security Officer

Chuks Ojeme

Brenntag AG
Global CISO

John Petersen

Nestlé
CISO

Aleksandar Radosavljevic

Global Fashion Group
Global CISO

Judith Wunschik

Siemens Energy
Global Chief Cybersecurity Officer

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your DACH CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda


27 November 2023

28 November 2023

18:00 - 21:00  Governing Body Welcome Reception

Governing Body Private Dinner

Ahead of the DACH Summit, Governing Body members will host an exclusive networking reception for all CISO attendees. Please join your peers for an evening of good food, wine, and lively networking at the Ommia Event Restaurant in Frankfurt.

08:15 - 09:00  Registration & Breakfast

09:00 - 09:45  Keynote

Inside the Vipers’ Nest — Shedding Light on the Hackers’ Tactics to Improve Our Defences

Geoff White headshot

Geoff White

Author and Investigative Journalist

As cybercriminal organisations become more aggressive and prolific, they also reveal more about themselves. How can we use these insights to inform our response?

Author and Investigative Journalist, Geoff White has spent years covering tech security for some of the world’s largest media organisations. In this session, he will examine how leaks, infighting, brazenness and desperation in the cyber underworld can yield valuable insights for defenders.

In this opening keynote talk, Geoff will discuss:

  • Uncovering the inner workings of the cyber underworld
  • Exploring how cybercriminals are revealing their hand as they engage in illicit activities
  • Evaluating what this new information on cybercrime means for CISOs and their organisations

09:45 - 10:00  Break

10:00 - 10:45  Breakout Session

Securing Operational Technology in 2023: A CISO Deep Dive

Joachim Fritschi headshot

Joachim Fritschi

CISO

GLS Group

Jorge Moubayyed headshot

Jorge Moubayyed

EMEA CISO

DHL

Klaus Nötzel headshot

Klaus Nötzel

Corporate Information Security Officer

EUMETSAT

Peter Varga headshot

Peter Varga

Group CISO

MOL Group

Timo Wandhöfer headshot

Timo Wandhöfer

Group CISO

Klöckner & Co SE

As the worlds of Information Technology and Operational Technology converge, CISOs hold greater responsibility for safeguarding their assets and ensuring the uninterrupted functioning of their businesses. Join this session to hear inspiring stories of CISOs from various industries, who will share their journeys towards building resilience in their OT infrastructure. They will also explore fundamental questions on the future of OT for CISOs in 2023.

Join this session to discuss:

  • OT maturity – sharing where you are on your OT transformation journey
  • Business continuity management – considering strategies to keep the OT running
  • OT budgets – attaining the right investment, skills, and training

10:00 - 10:45  Breakout Session

Fortifying Cyber Resilience: Breaking the Attack Chain

Kent Breaux headshot

Kent Breaux

Senior Vice President, Europe, Middle East & Africa

Proofpoint

Ulf Feger headshot

Ulf Feger

Group CISO

ARLANXEO

In an increasingly interconnected digital landscape, the role of the CISO has evolved from traditional security measures to embracing a comprehensive approach that emphasizes cyber resilience. As cyber threats continue to grow in sophistication and frequency, legacy cybersecurity approaches fall short of providing adequate protection. This presentation delves into the critical link between cyber resilience and the attack chain, uncovering the strategies that empower organisations to withstand, adapt, and recover from cyber-attacks.

Join this session to:

  • Uncover how cyber resilience serves as a dynamic shield against modern threats
  • Gain a deeper understanding of the stages within the attack chain — from initial reconnaissance to the eventual breach
  • Explore how each phase presents an opportunity to strengthen cyber resilience

10:00 - 10:45  Executive Boardroom

Strategic Pitfalls in Third-Party Risk Management

Mirco Rohr headshot

Mirco Rohr

Solutions Consulting Director

RiskRecon - A MasterCard Company

Christian Kaltenhofer headshot

Christian Kaltenhofer

CISO

Lufthansa Cargo AG

Thomas Zimmermann headshot

Thomas Zimmermann

Group CISO

ASSA ABLOY AB

Managing cyber risk across an enterprise IT infrastructure has never been harder. Remote workers, advancing attack methods, and an ever-expanding vendor network are challenging every firm, as total visibility into threats has become nearly impossible. As digital business strategy matures, more organisations are becoming dependent on the cyber posture and protection of third parties. Third-party risks present a unique challenge because you are depending on vendors and partners to operate securely to keep your data and information safe. How are you mitigating the associated risks and demonstrating this to the business to ensure effective security programs?

Join our session to hear about:

  • Common failings across TPRM programs that led to breach events
  • How executives can provide strategic direction for third-party risk teams
  • Key practices being implemented by leading vendor risk firms to maintain strong supply chain risk management

10:45 - 11:50  Networking Break

10:55 - 11:40  Peer-to-Peer Meetings

Peer-to-Peer Meetings

11:50 - 12:35  Breakout Session

Brainstorming the Response – Considering the Business AI Questions for CISOs

Benedikt Heintel headshot

Benedikt Heintel

CISO

Viega

Michael Krull headshot

Michael Krull

CISO

Bertelsmann

Generative AI has emerged at the forefront of organisations' agendas when considering new ways to propel digital initiatives to the next stage. However, for CISOs, perennial questions around security and governance must be considered before this tool can be effectively scaled and implemented to achieve desired results.

In this interactive session, CISOs will come together to discuss:

  • How to communicate Security's role in AI implementation to governance, risk and legal committees
  • How Security leaders can set expectations on generative AI for the wider business
  • How you are encouraging innovation in use cases whilst also adhering to governance policies

11:50 - 12:35  Breakout Session

Exploring New Paths in Enterprise Security — Innovating Solutions to Keep Businesses Safe

Hjalmar Lundin headshot

Hjalmar Lundin

Nordic & DACH Lead - Chrome Browser Enterprise

Google Chrome Enterprise

Michael Beaupre headshot

Michael Beaupre

Head of Cyber Security

Hays

Max Imbiel headshot

Max Imbiel

Deputy Group CISO

N26

The costs of protecting endpoints are increasing with the constantly growing threats. CISOs face numerous challenges in cybersecurity and administration, requiring game-changing improvements to prevent cyberattacks. Every endpoint is a potential gateway for an attacker to access the corporate network. However, IT organisations can overcome these challenges by combining strong zero-trust protections, controls and innovations in the secure enterprise browser, ensuring strong protection on both managed and unmanaged devices.

Join this session to discuss:

  • Appropriately assigning resources to strengthen your endpoint security – simplifying and maintaining an effective security programme
  • How state-of-the-art security concepts like zero trust and SASE help to be prepared for this next generation of attacks
  • Safeguarding enterprise security while maintaining user productivity

11:50 - 12:35  Executive Boardroom

Security Ownership in the Era of Cloud — Strategies to Cope with New Cloud Native

Maximilian Siegert headshot

Maximilian Siegert

Solutions Engineering Manager, EMEA

Wiz

Ralf Kleinfeld headshot

Ralf Kleinfeld

CISO

Otto GmbH & Co KG

Stefan Baldus headshot

Stefan Baldus

CISO

Hugo Boss

The adoption of cloud-native technologies by businesses has been a significant challenge for CISOs, as it requires adapting to new security risks and maintaining security in a rapidly changing environment. However, many CISOs are adapting to these challenges by implementing new strategies and technologies to secure cloud-native applications and infrastructure.

  • With the number of cloud threats increasing and the adoption of cloud-native technologies, what are the key challenges and risks that CISOs are facing?
  • The importance of correlation across the entire cloud environment to prevent attacks or minimise their impact
  • What strategies CISOs are adopting to transform and secure their cloud security operation model

12:35 - 13:30  Lunch Service

13:30 - 14:15  Keynote

Embracing Risk: Being a CISO Changemaker and Bringing Your Stakeholders on Board

Dirk Fleischer headshot

Dirk Fleischer

CISO

Dürr AG

Tilman Epha headshot

Tilman Epha

Director of Sales

XM Cyber

As we enter another year of uncertainty and global crisis, it has become crucial to protect your organisations from cyber threats and ransomware attacks. CISOs face an immense challenge in achieving this objective and must effectively communicate with the board to mitigate these risks and safeguard their organisations from worst-case scenarios. The cyber threat landscape is continuously evolving and growing, and working together to improve communication and reporting is essential to mitigate these risks effectively. By doing so, you can overcome these challenges and ensure the security of your organisations.

Join this keynote session to discuss:

  • Effectively addressing business risks – using the right metrics that align with the board's goals
  • Adapting and prioritising digital business needs while remaining secure
  • Discussing different methodologies and approaches to cultivate a collaborative and productive relationship between security and business teams

14:15 - 14:30  Break

14:30 - 15:15  Breakout Session

Attack From Hell: The Anatomy of a High-Impact Attack

Azeem Aleem headshot

Azeem Aleem

Managing Director, Client Leadership, EMEA

Sygnia

David Gray headshot

David Gray

Director, Client Leadership, EMEA

Sygnia

In recent years, the Sygnia Incident Response Team has handled numerous nation-state attacks that employed unique attack techniques and posed new challenges to security leaders and incident responders.

In this talk we will guide you through the anatomy of a real-world attack we recently responded to, including attacker TTPs and effective response procedures. This case study will highlight the common pitfalls and key opportunities when defending against even the most sophisticated attacks.

You will come away with:

  • A deeper understanding of current attack trends
  • Actionable insights into the risks and vulnerabilities exploited by attackers targeting highly complex environments
  • Effective defence strategies employed by leading organisations worldwide

14:30 - 15:15  Executive Boardroom

Best Practices for Securing Your Business-Critical SaaS Systems

Brandon Romisher headshot

Brandon Romisher

VP EMEA

AppOmni

Markus Plesch headshot

Markus Plesch

Head of Cybersecurity

Siemens Healthineers

Thomas Mann headshot

Thomas Mann

CISO

K-Businesscom AG

As enterprise SaaS data breaches continue to impact enterprises and make headlines, CISOs must centrally secure and monitor complex and interconnected SaaS ecosystems to mitigate both misconfiguration risk and threat actor attacks. How can security teams monitor highly-dynamic and highly-abstract SaaS systems that are managed outside of the IT function, when tools like CASB have proven ineffective and network-centric?

Join this boardroom to discuss how to:

  • Determine the critical components of a comprehensive SaaS security programme
  • Equip the SOC to monitor for attacks on your SaaS systems
  • Educate SaaS administrators to automate security reviews to better mitigate data exposure caused by misconfiguration

14:30 - 15:15  Executive Boardroom

Navigating Global Regulatory Compliance and NIS-2

Philip Hoyer headshot

Philip Hoyer

Field CTO EMEA

Okta

Hendrik Janssen headshot

Hendrik Janssen

CISO

Bauer Media Group

Thomas Laschet headshot

Thomas Laschet

CISO

Generali Deutschland Holding AG

New regulations such as NIS-2 coupled with an increasingly sophisticated attack surface result in regulatory bodies focusing more on cyber defence than ever before. CISOs must fortify the foundations of their compliance programmes to focus on supply-chain and third-party maintenance so that when the following vulnerability is uncovered, you’re ready to respond as quickly as the regulator demands. In this session, Philip Hoyer, Field CTO EMEA at Okta, will explore with you critical questions surrounding new regulations, such as asking where NIS-2 preparation sits in your strategy, what your strategy milestones are and whether you need to make changes in your investment strategy.

Join Phillip in this Executive Boardroom to discuss:

  • Expansion of NIS to NIS-2 — are you in contact with regulators for the first time and what has been the impact on your incident response?
  • Supply chain security and secure partner access — how are you securing access from your partners and are you planning to adopt more security controls for Supply chain partner access? E.g. Zero Trust security for partner access
  • Reporting duties in case of a breach — discussing new reporting duties and the need to have a single Identity and Access Management Control Plan

15:15 - 15:45  Networking Break

15:45 - 16:30  Breakout Session

Securing the Future: Staying Ahead of the Security and Risk Management Curve

Stefan Simonson headshot

Stefan Simonson

Executive Partner – Security, EMEA

Gartner

Gartner's annual predictions have become a source of inspiration for leaders across multiple industries. In this presentation, we have gathered the top cybersecurity predictions from our expert team, providing a valuable resource for security and risk management leaders seeking to stay ahead in the digital era. By monitoring these trends, leaders can prepare themselves and their organisations for the challenges ahead. With global change a constant factor, the ability to anticipate and adapt to crises is crucial. Join us as we explore the strategies and insights that can help you succeed in an ever-changing world.

In this interactive session, we will cover:

  • What are the major trends affecting the security and risk management leader?
  • What are the top priorities for the security and risk management leader?
  • What actions and best practices should the security and risk management leader initiate?

15:45 - 16:30  Executive Boardroom

Moving Past the Noise — Exploring the Benefits of Generative AI For CISOs

Michael Ebner headshot

Michael Ebner

CISO

EnBW

Gerald Schremser headshot

Gerald Schremser

CISO

Prinzhorn Holding GmbH

Maren Schuettler headshot

Maren Schuettler

Group Business Information Security Officer

Computacenter

Generative AI "Gen AI" is the buzzword of the moment, and it has the potential to bring about transformative changes in the business world. However, it also poses significant risks, such as ad hoc employee adoption that creates new attack surfaces, as well as increased risks to privacy, sensitive data, and intellectual property. Nevertheless, there are ample opportunities for CISOs to capitalise on this AI boom. In this session, we will have an open benefit-focused discussion to explore how you can leverage Gen AI to their advantage.

Join this boardroom to discuss:

  • Sharing AI uses cases that benefited your cyber team
  • Striking the balance between security risks and AI innovation
  • Questioning the limits of where AI can assist your team

15:45 - 16:30  Executive Boardroom

Rethinking Security Awareness — One Size Does Not Fit All

Paul Sester headshot

Paul Sester

Chief Information Security Officer

HORNBACH Baumarkt AG

Maria Fladung headshot

Maria Fladung

IT Security Officer

EDAG GmbH

Fritz Worsch headshot

Fritz Worsch

CISO, Manager Coroporate Information Security & Infrastructure Architecture

Eckes-Granini

Security awareness can often be cliché. Many CISOs have implemented company-wide security awareness training once or twice a year, but is this effective? Not all business units are the same and a tailored, innovative approach is needed to deliver a culture and behaviour change. In this Executive Boardroom, CISOs will discuss different approaches to security awareness and explore ways to engage staff and change their mindset to see security in the same vein as health and safety.

Join this boardroom session to discuss:

  • Debating different approaches to dynamic and bespoke security awareness programmes
  • Keeping an adaptive security awareness programme in line with the pace of business change — accommodating for staff turnover and business transformations
  • Overcoming cultural security awareness challenges from operating across a global footprint

16:30 - 16:45  Break

16:45 - 17:30  Keynote

Tales From the Cybercrime Trenches — A CISO's Reflections on Experiencing Cyber Attacks

Oliver Scherer headshot

Oliver Scherer

CISO

MediaMarktSaturn Retail Group

With cyber-attacks becoming more rampant, it is a challenge for CISOs and their teams to stay ahead of the threats and be ready to respond in case of a breach. Despite investing in the appropriate solutions and conducting numerous tabletop exercises to prepare for a possible attack, the question remains: how will you and your team respond when the attack actually happens? Join Oliver Scherer (CISO, MediaMarktSaturn Retail Group) as he shares tales from responding to a complex ransomware attack at MediaMarktSaturn. Learn from his experiences and discover what lessons he has implemented in response to the attacks.

Join this session to explore the inner workings of a live cyber-attack:

  • Insights into the attacks and the conversations that followed
  • Conversations CISOs need to have with their Board now to ensure preparedness for such an attack
  • Discussing the measures implemented in response to both attacks

17:30 - 18:00  Closing Reception & Prize Drawing

27 November 2023

28 November 2023

We look forward to seeing you at an upcoming in-person gathering


Evanta cares about the health and safety of our community. Please review the following recommendations prior to attending the gathering.

Location


Venue & Accommodation

Hilton Frankfurt City Centre
MORE INFORMATION

A block of rooms has been reserved at the Hilton Frankfurt City Centre at a reduced conference rate. Reservations should be made online or by calling 69-133800. Please mention Evanta to ensure the appropriate room rate.

Deadline to book using the discounted room rate of €259 EUR (plus tax) is 6 November 2023.

Your Community Partners


Global Thought Leader
CISO Thought Leader
Key Partners
Program Partner

Community Programme Manager


For inquiries related to this community, please reach out to your dedicated contact.

Luis Arango Abello

Senior Community Programme Manager

+44 (0)1784 267 880

luis.arangoabello@gartner.com