Tickets

8 November 2018 07:30-18:00Hotel Birger Jarl

Speakers

Jan-Olof Andersson
CISO, ICA Sverige AB

Jan-Olof Andersson, has 30 years’ experience in the security field and has earned great credibility in the industry. His knowledge stretches from physical protection to information security, focusing on what is best for the organization. Colleagues in the field place great confidence in him, and on several occasions he has been appointed as one of the most prominent persons in the field of information security. He has experience in a variety of businesses in roles as consultant, head of security, head of information security and he has mastered all the disciplines that exist in the security field

Anish Hindocha
Privacy Consultant

Anish Hindocha is a Privacy Consultant for OneTrust, the global leader in privacy management software and marketing compliance software which helps organizations operationalise data privacy compliance and Privacy by Design. At OneTrust, Anish works with privacy project teams and C-level executives across the Nordics to automate and strengthen their core GDPR and ePrivacy processes.

Mats Juhlén
Business Development Manager, Security Atea Sverige AB

Mats has a network & network security background with also 10 plus years experience working with Security. At present he is focusing on Information Security and GDPR, helping customers implement a structured and risk-based way of working with regulatory requirements and also support companies in the role of a data protection officer.

Robert Willborg
SME Cyber Security and Privacy, Junglemap AB

Robert is a lecturer with a broad and extensive background from the armed forces, security work and behaviour-based security. Since 2010, Robert Willborg has been working strategically and in an advisory role in information security focusing on secure digital ecosystems. Robert has also published several articles on security related issues and is a certified DPO. Robert holds a place in IDG´s expert network.

Stuart Beattie
Product Marketing Director, Omada A/S

Stuart is a Senior Business Leader with international management experience with a broad range of technology companies. He has a track record of working for companies ranging from small businesses to Fortune 500 organisations to find and win new customers through the definition and execution of strategic go-to-market plans. Besides he has successfully worked with senior leadership teams to build data-oriented business models to help them define operational requirements.

Johanna Mannung
Enterprise Security Architect, Swedish Police Authority

Johanna Mannung is a security architect at the Swedish police authority, working with all aspects of it- and information security. During her 20 years in the IT sector she has held a number of  varying positions, from researcher into privacy in p2p networks to a developer for IAM solutions. Today she gets to use all her experience in securing one of the most important organizations in Sweden.

Jan Olsson
Chairman - Swedish Police Authority

Jan Olsson has 25 years’ experience in the Swedish Police Force, 10 of which he has dedicated to fighting fraud. Presently, he works as the National Fraud Coordinator and National Fraud Expert at the National Fraud Center (NBC). He is a frequent speaker giving approximately 70 lectures annually both nationally and internationally. He is also a receiver of the prestigious “Great Credit Prize” in 2015 for his dedication to preventing fraud.

Elin van Beesel
Senior Manager, GDPR Specialist

Elin is a lawyer with nearly 20 years of experience in business law. Her speciality is GDPR and data privacy where she currently manages a wide range of GDPR compliance projects at group level. Elin is also appointed as Data Protection Officer for several FCG clients. Besides the client assignments Elin is also often engaged in educations and seminars within the data privacy sector.

Anna Forsebäck
DPO, Schibsted Media Group

Anna is a Stockholm-based lawyer specialized in tech and privacy who has recently taken on the challenge to set up a centralized, scalable DPO-office for all companies in the Media Division of Schibsted Media - a task that comprises some fifty companies in ten European countries. Annas experience includes both external counsel roles and, in-house legal counsel and DPO roles.

Brian O´Toole
CISO, ERICSSON

Brian has been at Ericsson since 2005, working across several different areas including software development, product management and information security. Has been the CISO since 2015, and he is primarily focussed on integration of Information Security Risk Management across Ericsson, which is one of those things that is easy to say, but difficult to do in an organisation of over 100,000 people.

Ina Nordqvist
Senior IT-Security Consultant, Board Member CSA Sweden Chapter

Ina is since 1998 a senior information security consultant focusing on Information Security Management system (ISMS) 27001, Risk Management, Education, Incident Management, Information Classification and Continuity management. Ina has worked with ISMS, polices and documentation for information security, routines and organization of information security the  customers. In 2010 Ina founded U&I Security Group AB and continued the work with ISMS, risk analysis,  security documentations and GDPR. Before U&I Security Group AB Ina worked at Technology Nexus and Ernst & Young as an IT-auditor. Outside work Ina is volunteer as a Crisis Supporter within Red Cross Sweden.

Dimitrios Stergiou
CISO, Trustly

Dimitrios is currently employed as the Chief Information Security Officer for Trustly. He is an experienced senior Information Security and Risk professional with over 20 years’ experience in Risk Management, IT audits and Information security. Before joining Trustly, Dimitrios held positions at Modern Times Group, NetEnt, Entraction, Innova S.A and Intracom S.A. Dimitrios holds a M.Sc. in Information Security and is a Certified Lead Implementer for ISO 27001:2013, Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Risk and Information Systems Control (CRISC) professional and Certified Information Systems Security Professional (CISSP). He is also a Certified Information Privacy Manager (CIPM) and a Certified Information Privacy Professional / Europe (CIPP/E).

Ulf Berglund
President, CSA Sweden Chapter

Ulf Berglund is the president of the Swedish chapter of CSA, Cloud Security Alliance, a worldwide organization. He is also co-author of the book Guide to the Cloud. Ulf has a long experience from leading positions in the field of information security. He has a background as an officer, his last active years he was principal officer, IT security and information security expert at the Military Intelligence and Security Service (MUST). He has held positions as CTO, senior consultant and senior consultant for companies such Pointsec, Ernst & Young and Technology Nexus. Ulf's consultant and the experience derived from companies like Scania, Swedish Match, the Stockholm Stock Exchange (OMX), the Swedish Central Bank, Apoteket AB (pharmacy), H&M and Länsförsäkringar Bank AB. He is the founder and owner of U&I Security Group AB.


Aleksandra Kharlan
Data Privacy Specialist, EnterCard Group AB

Aleksandra has been working with compliance and privacy issues since 2012 within law and compliance department for global FCG company, before that she worked with commercial and IP law questions. 

In 2017 Aleksandra joined Information Security department at Entercard Group AB to work with privacy related issues triggered by implementation of new regulation in EU that significantly affected companies working in financial sector.  EnterCard Group AB is a financing company that offers credit cards and consumer loans to the Scandinavian market. Aleksandra responsible for privacy related questions at department level.  Monitors data protection compliance within the organization and works on identifying actions necessary for remediation. Designs and develops privacy related processes, frameworks, standards and guidelines. She was a part of GDPR project team from Information Security department side. 

Christian Källqvist
CIO, Schneider Electric AB

Han har jobbat med IT-säkerhetsfrågor som en del i hans nuvarande och historiska roller, tidigare på SE-banken och nu på Schneider Electric. De nya möjligheterna med ständigt uppkopplade produkter driver nya penetrationsmöjligheter och därmed säkerhetsutmaningar. Schneider Electric fokuserar t.ex. stort på EcoStruxure. Det är Schneider Electrics IoT-aktiverade, öppna, kompatibla arkitektur och plattform med plug-and-play-funktion för hem, fastigheter, datacenter, infrastruktur och industrier. Säkerheten i dessa lösningar är mycket viktig.

Annette Norman
Senior Advisor National Cyber Security Strategy- Government of Sweden

Hon är jurist och har lång erfarenhet av arbete med informationssäkerhet bl.a. genom tillsyn och rådgivning enligt säkerhetsskyddslagen, utredningssekreterare i utredningen om genomförandet av NIS-direktivet och utredningen om vissa säkerhetsskyddsfrågor.
 

Schedule

07:30

Registration Starts

08:20

Chairman Opening Remarks - Jan Olsson, Swedish Police Authority


Read more
Jan Olsson
Chairman - Swedish Police Authority
08:30

National strategy for society's information and cyber security

  • How does the strategy respond to the new challenges in an increasingly digitized society?
  • What measures have been taken and what will happen in 2019
Read more
Annette Norman
Senior Advisor National Cyber Security Strategy- Government of Sweden
08:55

Information Security Incident Response Strategies - CISO, ICA Sverige AB

Good ability to handle information security incidents is a must for managing the threat to ICA's business. 

  • How incident management is linked to the company's security process and what components are included to enable the company to be able to handle a security incident
  • How they handle personal data incidents at the company
  • Do you have the required skills?
  • How much resources are required for this task?
Read more
Jan-Olof Andersson
CISO, ICA Sverige AB
09:15

Cloud Security (or not!) och Business Continuity Planning (BCP) - President, CSA Sweden Chapter

Read more
Ulf Berglund
President, CSA Sweden Chapter
09:30

Cloud Security (or not!) och Business Continuity Planning (BCP) - Senior IT Security Consultant, CSA Sweden Chapter

Takeaways:

  • What is important to find out before the incident occurs, about your cloud supplier when it comes to BCP
  • Different situations that may occur and which you must have a plan for if they happen 
  • Connect your own BCP-plan to the Cloud suppliers, what should you think about and manage
      Read more
      Ina Nordqvist
      Senior IT-Security Consultant, Board Member CSA Sweden Chapter
      09:40

      “5G & Cybersecurity: Opportunities and Challenges”

      How the evolution to 5G is going to have an impact on Enterprise security when it comes dealing with ubiquitous connectivity, the increase of data globally and the way that IT professionals will have to think about deployment of large scale networks, as in the case with IOT.

      Read more
      Brian O´Toole
      CISO, ERICSSON
      10:00

      Coffee Break and Visit to the Expo Area


      Read more
      10:25

      The psychology of social engineering

      Social engineering is nothing new, but it has become the “king of attacks”, being (relatively) easy to deploy and requiring minimal commitment from the attackers’ side. Key takeaways:

      • The 6 influence principles (by Dr.Cialdini) and how these principles are utilized to improve the success rate of social engineering attacks
      • The driving forces of what makes us “click on the link” and how we should defend against them
      • What one can do to prevent these types of social engineering attacks
      Read more
      Dimitrios Stergiou
      CISO, Trustly
      10:55

      GDPR: Managing 3rd and 4th Party Vendor Risk

      Anish Hindocha
      Privacy Consultant
      11:20

      Identity management and access governance at the heart of your cybersecurity, Omada A/S

      Key takeaways:

      How identity management and access governance helps manage security risk – protect sensitive information, ensure compliance, avoid accidental or illegitimate access, and data theft. Learn how efficient identity management maintains business agility – by providing timely and appropriate access for your employees.

      Read more
      Stuart Beattie
      Product Marketing Director, Omada A/S
      11:45

      “The DPO-role under the GDPR - Who, Why and How?”

      Takeaways on some key aspects of the DPO-role:

      • Who could or should take on this role in your organisation? (The battle between competences)
      • Why should you appoint a DPO? (Or should you?!) How to perform the regulated tasks of the DPO in a manner that adds value to the organisation.
      • (Can the DPO combine its independent role and its montoriting duties with a proactive, supporting approach?)
      Read more
      Anna Forsebäck
      DPO, Schibsted Media Group
      12:05

      Networking Lunch and a visit to the Expo Area


      Read more
      12:50

      "Cyber Security for road warriors and business traveller"

      In todays environment a lot of valuable data are carried around in the laptops of executives, sales representatives and road warrior engineers/ consultants. The threats to these data are numerous:The laptop can be stolen, dropped or damaged, USB inserted which contains viruses and many more.

      • How do we adress these threats? 
      • Which routines can be introduced?
      • How can the business value at stake be presented to decision makers within the company?
      Read more
      Christian Källqvist
      CIO, Schneider Electric AB

      “Just take my password, I don’t care” - Round Table Session

      With all the news around security in the last year, our end users are bombarded with security news from various sources, and are at risk of burning out with "Security fatigue". At the same time, enterprises are more reliant than ever on these users acting responsibly and engaging with an organisation's Security functions. 

      Takeaways:

      • How do we keep these users engaged in the face of this pressure?
      Read more
      Brian O´Toole
      CISO, ERICSSON

      "GDPR and Incident Process" - Round Table Session

      Elin van Beesel
      Senior Manager, GDPR Specialist

      “Preparing for the threats of tomorrow” - Round Table Session

      This round table will focus in creating an IT security agenda that focuses on the most important aspects for your organization

      Takeaways:

      • What security measures does your organization need to have in place?
      • How do you know what to prioritize?

        Read more
        Johanna Mannung
        Enterprise Security Architect, Swedish Police Authority

        "How can ISO27001 support your GDPR and compliance with other regulatory requirements?" - Round Table Session

        GDPR took effect on the  25th  of May and will be followed by many more laws and requirements. 

        Takeaways:

        • How can an Information Security Management System (ISMS) help the organisation with compliance and faster adapting to new requirements
        • How to get the management commitment 
        • Implement privacy controls in your audit routine
        Read more
        Mats Juhlén
        Business Development Manager, Security Atea Sverige AB

        A Privacy and Security Roadmap - Round Table Session

        With a new era of privacy regulations upon us, security and compliance professionals are making the GDPR and a top priority. It is essential to build a roadmap with both privacy and security in mind. 

        Takeaways:

        • You will learn the importance of privacy management within the context of your existing security and compliance ecosystem –– how it fits into the larger puzzle, why it has been precariously overlooked in the past, and how it can be seamlessly integrated as a function among the information security, information technology, risk management, audit and compliance, as well as legal areas in your organisation
        • Lessons learned in the GDPR era and how privacy management can support security and GRC teams
          Read more
          Anish Hindocha
          Privacy Consultant
          14:10

          Afternoon Networking Coffee Break

          14:30

          Data protection measures required by GDPR- Entercard Case-Study

          In 2016 EnterCard Group put a lot of efforts to develop own understanding of data protection measures required by GDPR; what is already in place and what should be added. In 2017 and beginning of 2018 we worked on archiving our GDPR goals. 2018- is a year when we analyse outcome of our work and maintain our achievements. So is there anything to do after GDPR implementation? Is there room for improvement and do we need it? 

          This presentation is dedicated to following questions:

          • We are compliant! What’s next?
          • Technical solutions vs policies and corporate culture. What would work best for your company?
          • Data breach without breach. Is absence of data minimization and privacy by design an actual personal data breach?

          Read more
          Aleksandra Kharlan
          Data Privacy Specialist, EnterCard Group AB
          14:50

          Information Security in a modern digital eco-system, and what you need to relate to -Junglemap AB

          The session explores information security in modern digital eco-systems, with focus on new needs; behaviour, culture and relevant technology. Learn how to step up an IT Security and Information Strategy that captures a more holistic relationship with today's and future needs.

          Takeaways:

          • The aim is that the listener should have a basic understanding of behaviours and cultures as risks and threats in digital ecosystems
          • Another aim is that the listener should have a basic understanding of why a more holistic view is required in digital ecosystems
          • The final goal is to have the listener have a very basic knowledge of where to start in the new strategy regarding security work in their systems


          Read more
          Robert Willborg
          SME Cyber Security and Privacy, Junglemap AB
          15:15

          GDPR after the Implementation date Still a lot of work to do...

          Initiatives, challenges and projects conducted before and after the 25th of May. Shared experiences after the 25th of May:

          • Hired a management consultant firm to help them with the implementation, Intensified the work with which processes to keep soft and which to add application/database support. The number of hours and the resources needed was ramped up significantly for the implementation of the application/database support
          • Nobody knew how to implement this, least of all Datainspektionen
          • Best knowledge within Management consulting firms
          • How to guide DI to better understanding/getting answers?
          • How to avoid doing same work/mistakes at every company


          Read more
          Christian Källqvist
          CIO, Schneider Electric AB
          15:40

          Chairman Closing Remarks

          Jan Olsson
          Chairman - Swedish Police Authority
          15:50

          Networking Cocktail

          ABOUT THE EVENT

          Welcome to the second edition of the IT Security Insights Conference. As was the case with the previous event, we are going to focus mainly on promoting the best customer case-studies and innovative trends within the IT Security industry. Therefore, we are pleased to inform you that the second edition is going to be more insightful with more customer case studies and more speakers. 

          Our mission is to grow the event to be an exceptional user-based networking platform for IT Security professionals on the Swedish market. The main objective of the event is to enable IT Security practitioners to reflect on the challenges, achievements and obstacles overcome during the year while at the same time looking ahead on what the future holds for the IT Security Industry in 2019.

          The focus of the fall event will be: IoT Security, Cloud Security, Security Operations Center (SOC), Information Security Awareness and Training, Cyber Insurance, Artificial Intelligence, Post-GDPR Insights, Cyber Security and Big Data Analytics capabilities.

          Who Should Attend

          We target IT professionals working with or facing IT Security challenges and are interested to learn how to safeguard their organisations from today’s advanced threats. It is a must-attend for persons in the following positions or similar ones: CISOs, CSOs, CIOs ,CTOs, CEOs, IT Directors, Heads of IT Strategy, IT Infrastructure Directors, Cyber Security Specialists, IT Security Architects, DPOs, Data Security Directors, IT Security Managers, Risk and Security Managers, Compliance Directors, Heads of Networks, IT Security Analysts, Head of IT Operations, IT Architects, IT Security Architects, IT Technicians, Service Delivery Managers, IT-solution Managers (ISM), System Administrators, IAM Directors and IT System Managers.

          Why Attend

          • Listen to practical examples of IoT and challenges with IoT Security
          • Get insights on security operations center (SOC)
          • To explore the opportunities and challenges presented by cloud services
          • Learn the importance of having the right cyber insurance policy in this era
          • To share experiences with peers on recent GDPR implementations
          • To engage in Information Security awareness and training sessions
          • To network with existing vendors and potential business partners
          • Check out the latest IT Security products in the Expo Area
          Tickets

          The venue is located in the heart of the city of Stockholm. It's a 3-minute journey by subway from Stockholm's metro station to Rådmansgatan metro station. Then it's a 3-minute walk from a Rådmansgatan metro station to the venue. This contemporary hotel in a mid-century building is 2.1 km from the Royal Palace of Stockholm and 2.9 km from Vasa Museet, a maritime museum

          INTERESTED TO SPEAK? 1 KEYNOTE AVAILABLE FOR GRABS!

          Contact the event's Editorial Director, Robert Kitunzi at robert.kitunzi@itsecinsights.com
          Or email us at info@itsecinsights.com and one of our Sales Representative will contact you.



          Tickets
          © MapTiler © OpenStreetMap contributors

          Organized by