This document provides information about the Nordic IT Security 2014 conference that will take place on November 5th, 2014 in Stockholm, Sweden. The one-day conference will focus on key topics related to IT security, such as building security frameworks, automating compliance processes, and addressing security issues related to cloud environments, mobile devices, and the Internet of Things. It will include sessions, demonstrations, roundtable discussions, and a keynote on securing and protecting user information online. Over 300 security professionals from the Nordic region are expected to attend to learn and network.
Complet Documnetation for Smart Assistant Application for Disabled Person
Nordic IT Security 2014 agenda
1. Nordic IT Security 2014
YOUR ESSENTIAL EXECUTIVE TOOLKIT 7A Odenplan, November 5th, 2014, Stockholm, Sweden
PLUS
SECURING
Building together a community to secure
our IT infrastructures - Thomas Igou, Editor
YOUR
IT INFRASTRUCTURE
AGAINST
“NEXT-GEN”
THREATS
Säkerhetsdagen
Find out more at
@ www.nordicitsecurity.com a
event
Partners 2014
Tagline Font:
Myriad Pro RegularBold
12pt
laninet
solutions
2. By: Thomas Igou
2 Nordic IT Security 2014
A note from the editor
As organizations rely more and more on IT systems, as the workforce gets more and more
mobile, as services become more and more intertwined with products, and as devices get
more and more connected to the internet, the security of an organization’s IT infrastructure
becomes more and more critical.
Last year, we saw over 200 participants and 52 partners join us in Stockholm to discuss issues related to IT Security
in the Nordics. This year’s Nordic IT Security will take place on November 5th, 2014 in Stockholm and will, yet again,
gather senior IT security professionals from across the Nordics and industry verticals to cover key areas of concerns
for organizations from both public and private sector.
Key topics that will be addressed:
• Building a comprehensive security architecture framework that aligns with business strategies
• Automating the compliance, risk and governance process
• Addressing and understanding security issues in cloud environments
• Authentication tools and solutions for secure access controls
Over the course of one day, you will experience recent case studies, insightful demos, dedicated roundtables, in-depth workshops, technological
lightning talks, and plenty of networking opportunities to give you greater insight on strategic implementations of the latest technology showcased
in the Exhibition Hall.
Do not miss this unique opportunity to network with your peers from across the Nordic!
I look forward to meeting you this November in Stockholm.
Sincerely,
http://www.linkedin.com/in/thomasigou
https://twitter.com/tomigou
Thomas Igou
The Editor - Nordic IT Security 2014
www.nordicitsecurity.com
Nordic IT Security 2014 is researched
and developed for:
• CSO’s
• CISO’s
• IT Managers
• IT Security Managers
• CTO’s
• Risk Managers
• Infrastructure Managers
• Network Managers
• Head of Compliance and Governance
• Business Continuity Managers
• Data Security Analysts
• Heads of Security Architecture
• Head of IT Strategy
3. Nordic IT Security 2014 3
Sponsor our upcoming Nordic IT
Security 2014 event
Few areas of business are as fast evolving and business critical as IT Security is in 2014.
Continuing migration to the cloud, BYOD issues and an increasing focus on identity access management requires both
public and private enterprise to have strategic partnerships with companies on the leading edge of IT security solutions.
This year´s Nordic IT Security Summit gives your solution the strongest platform for you to network directly with
numerous key decision makers in a setting where your brand can be seen as the preferred solution.
This is a golden opportunity for you to educate, network and prospect to the wider Nordic market in one world
class conference/expo forum.
Why should you become a partner today?
1Achieve wide brand
exposure through
our dedicated event
website & pre event
marketing activities
2
Exclusive speaking
opportunities with
only 4 partners selected
to speak on each topic
stream
3
Generate new partner-ship
opportunities
through the networking
sessions and expo
activities
4
Direct access to key
decision makers from
both the public and
private sector
5Be part of business
critical conversations
with people taking IT
Security to the next
level
6
Tailored partnership
packages ensure you
achieve your specific
business objectives
7
Our proven conference/
expo model ensures
the perfect mix of
education, networking
and brand building
activities
CERTIFIED DATA ERASURE
Thanks to our Partners 2013
We tailor make your
individual business
package to fit your
specific business
objectives
Anastasia Lodhi
Partner Manager
+46 (0)8 502 55 235
anastasia.lodhi@copperberg.com
www.nordicitsecurity.com
4. 4 Nordic IT Security 2014
Features
This one-day conference is full of various features and designed specifically to enhance your experience.
Here is a glimpse of what you can experience at the Nordic IT Security 2014:
Educational Rooms: The conference will be divided into several tracks running in parallel throughout the
day, so you can pick and choose which sessions you want to attend and personalize your day. This will be
your opportunity to listen to great case studies from your peers, learn about processes and get insight on
future threats.
Expo Area: You can’t protect your infrastructure without the latest security technology. The expo area is
your opportunity to discover the latest technologies and source the vendors that best fit your organization
and infrastructure.
Meeting Area: With over 300 participants expected, you will not have the time to meet everyone during the
course of the day. So, take advantage of our pre-event meeting system to meet the peers of your choice in
our dedicated meeting area.
Knowledge Bar Area: This area is dedicated to short lightning talks about the latest technological solutions
available to secure your infrastructure.
Demo Room: Show, don’t tell. There is nothing more powerful than experiencing something live - and that
is exactly what you will get in the Demo Room, a dedicated area for product demos.
Roundtable Room: The most powerful experience of attending conferences is to share with peers. Round-tables
give you that opportunity. Around a specific topic, sit with your peers and discuss, share experiences,
success and failures to truly dig into the topic.
Testimonials
“Well balanced, all was perfect.”
- Schneider Electric
“Very nice opportunity to meet strategic people,
keep up with innovations and share knowledge.”
- 24 Solutions AB
“So many IT-security experts and customers
under the same room just makes me excited!”
- SecMaker AB
“For partnering possibilities the event was great.”
- Tieto
“I got a really good impression on the challenges
that companies are facing … most of the speakers
were really good.”
- Santander Consumer Bank Denmark
“Good organization and excellent speakers.”
- Arbetsförmedlingen
“Good and interesting conference.”
- Erik Thun AB
“Good all round review of the latest in IT Security
… on the whole a rewarding day.”
- Ekelöw AB
“It was great meeting security peers and listening
to their experiences.”
- Projectplace
“High quality of attendees.”
- Moreware AB
www.nordicitsecurity.com
5. Nordic IT Security 2014 5
November 5th - Conference Programme
08.50
09.25
Track 1:
Business Continuity &
Incident Recovery
Critical business information
protection at Andritz
Business Continuity &
Incident Recovery Tools
Track 2:
Cyber Security
The Threat Landscape in
Scandinavia
SecuriConnect, the game
changer
Track 3:
Mobile Workforce & Cloud
Getting the Hacker’s Eye
View through Continuous
Monitoring from the Cloud
Tools and solutions to lower
threat of mobile workforce
08.15 General registration
Expo Room Demo Room RT Room
10.00
11.55
Track 4:
Future Trends and
Innovations
Identity and Trust in a digital
world
Hacking of Things:
a concrete look at IoT and
how secure it is
Track 5:
Compliance, Risk and
Governance
Case Study: Risk
Management framework
Track 6:
Identity & Access
Management
Tools and solutions for
successful IAM practice
Strong authentication for
each user, on each device,
towards each application -
Secmaker
14.00
14.35
17.05 Networking Reception
www.nordicitsecurity.com
Coffee Break &
1-to-1 Meetings
Open Open
Lunch Break &
1-to-1 Meetings
Open Open
Coffee Break &
1-to-1 Meetings
Open Open
Exhibition will
be open to
visitors
Exhibition will
be open to
visitors
Security, Trust
and Assurance:
3 pillars of
confidence in
the cloud
Exhibition will
be open to
visitors
Sessions to be
finalized
Sessions to be
finalized
Sessions to be
finalized
Sessions to be
finalized
Sessions to be
finalized
Sessions to be
finalized
Sessions to be
finalized
Sessions to be
finalized
Risk based security
program at Lantmännen
Benefits and methodology
of implementing a BCM
program
Building a comprehensive
security architecture
framework
Automating Disaster
Recovery for the security
and network infrastructure
Securing Mobile, the New
Enterprise Desktop
Securing Mobile: Constraints
or opportunities?
11.20
Expo Room Demo Room RT Room
Protecting your social media
against hackers
Protecting your Social
Media against hackers
Tools and solutions to
simplify compliance and
governance
How to make the case for
security ROI
A look at the latest user
authentication methods and
technology
The key is under the doormat
15.10
15.55
16.30
Compliance: a look at the
upcoming data protection
reforms from the EU
10.45
13.00 Plenum Session: Securing and protecting user information online
6. 6 Nordic IT Security 2014
Advisory Board
Troels Oerting, Head of European Cybercrime Centre, Europol
Assistant Director Troels Oerting is Head of the European Cybercrime Centre (EC3), which under his leadership was
established by the EU Commission, 28 Member States and the European Parliament the 1st January 2013 by which date
it launched activities. EC3, as part of EUROPOL, has the task to assist EU member states law enforcement authorities
in – primarily: developing criminal intelligence, capacity building, awareness, protection of EU critical infrastructure, forensic
support, coordination, investigation, R&D, creating strategic and operational direction and initiate all relevant measures that
will help securing a free, transparent but also safe Internet now, and in the future. EC3 has a vast Outreach programme and
have established MoU with a high number of private and public partners in- and outside Europe and provide a secure environment
for high profile investigations carried out by Law Enforcement Agencies with the support of EC3. Assistant Director Oerting
is also, ad interim, Head of Europol’s Counter Terrorist and Financial Intelligence Centre. Before joining Europol in 2009 Mr.
Oerting was a senior officer in the Danish National Police with more than 30 years’ experience during which he have held
positions as Director of the National Criminal Intelligence Service (NCIS), Director of the National Crime Squad, Director of
the Danish equivalent to the Serious Organized Crime Agency (SOCA) and Director of Operations in the Danish Security Intelligence
Service. He has also been Head of NCB Copenhagen, Head of Europol National Unit and DK delegate in the Baltic Sea Task
Force, Europol’s Management Board and numerous other International Law Enforcement cooperation entities.
Anne-Marie Eklund Löwinder, Head of Security, .SE
Anne-Marie Eklund Löwinder is Head of Security at .SE. She has been ranked as one of Sweden’s foremost experts on IT
security by the magazine Computer Sweden. She is a member of the board of CENTR (an association of internet Country
Code Top Level Domain Registries), of IRI (The Swedish Law and Informatics Research Institute), the foundation for Development
of Telematiques (TU-stiftelsen) and SNUS (the Swedish Network Users’ Society). She is furthermore a member of the
information security council of the Swedish Civil Contingencies Agency (MSB) and is one of the handful of individuals assigned
as Trusted Community Representative and participates in the DNSSEC key generation for the internet root zone as Crypto
Officer, appointed by ICANN (the internet Corporation for Assigned Names and Numbers). Since january 2013 she is
also a member of the swedish Digitalization Commissions expert group. Ms. Eklund Löwinder was also a member of the
very first groups that helped the Swedish Standards Institute (SIS) and Swedac to develop what now is known as the ISO
27000-standard for information security management. She regularly comments on government proposals regarding internet
and security related issues. Among her previous employers are the Swedish Agency for Public Management and the ICT
Commission. Ms. Eklund Löwinder holds a degree in systems science from Stockholm University.
Paolo Balboni, Founding Partner of ICT Legal Consulting & Scientific Director of the European Privacy Association
Paolo Balboni (Ph.D.) is a top tier European ICT, Privacy & Data Protection lawyer and serves as Data Protection Officer
(DPO) for multinational companies. Lead Auditor BS ISO/IEC 27001:2013 (IRCA Certified). Dr. Balboni (qualified lawyer admitted
to the Milan Bar) is a Founding Partner of ICT Legal Consulting (ICTLC), a law firm with offices in Milan, Bologna, Rome, an
International Desk in Amsterdam, and multiple Partner Law Firms around the world. Together with his team, he provides
legal counsel across Europe to multinational companies specializing in the fields of Personal Data Protection, Data Security,
Information and Communication Technology (ICT), and Intellectual Property Law. Dr. Balboni has considerable experience in
Information Technologies including Cloud Computing, Big Data, Analytics, and the Internet of Things, Media and Entertainment,
Healthcare, Fashion, Insurance, Banking, Anti-Money Laundering (AML) and Counter-Terrorist Financing (CFT); and he also
advises personalities on privacy and copyright matters. Dr. Balboni is the Scientific Director of the European Privacy Association
based in Brussels, the Cloud Computing Sector Director and Responsible for Foreign Affairs at the Italian Institute for Privacy
based in Rome.
Mika Kataikko, Director, Cyber Security
Mika Kataikko is director for Cyber Security both in the Jyväskylä Regional Development Company Jykes Ltd. and in the national
Cyber Security business development program driven by the Finnish Funding Agency for Innovation (Tekes). Mika has a long and
diverse background in the Telecom, ICT and Security businesses, in the positions from supervisory role to product and product
area life cycle management, including also quality and security related management and development responsibilities. His versatile
job history gives him a wide experience and viewpoint in the different areas of businesses and business making, especially in the
areas of ICT and Cyber Security.
Ulf Bergund, M.Sc, CISM, President, Cloud Security Alliance Sweden
Ulf Berglund is the president of the Swedish chapter of CSA, Cloud Security Alliance, a worldwide organization. He is also
co-author of the book Guide to the Cloud. Ulf has a long experience from leading positions in the field of information security.
He has a background as an officer, his last active years he was principal officer, IT security and information security expert
at the Military Intelligence and Security Service (MUST). He has held positions as CTO, senior consultant and senior consultant
for companies such Pointsec, Ernst & Young and Technology Nexus. Ulf’s consultant and the experience derived from
companies like Scania, Swedish Match, the Stockholm Stock Exchange (OMX), the Swedish Central Bank, Apoteket AB
(pharmacy) and Hennes&Mauritz AB. He has his own company, U&I Security Group AB.
Per Thorsheim, Security Adviser, God Praksis AS
Per Thorsheim works as an independent security adviser, based in Bergen, Norway. He is the founder and main organizer
of PasswordsCon.org, the worlds first and only conference about passwords. First started in 2010, the conference currently
runs annually in Las Vegas and in Norway. Gathering security professionals & academic researchers from all around the
world, the conference has provided valuable input to improve security worldwide, and made international headlines. He has
a personal project on convincing the world to implement RFC3207 STARTTLS support for opportunistic email encryption.
During the past 9 months this project have shown some amazing results on a global scale. Per Thorsheim was a finalist for
the annual Rosing IT security award in 2012, and was awarded the Commanding General of the Norwegian Armed Forces
Cyber Defence Coin in spring 2014 for his contributions to information security. He also claims to know your next password.
He currently holds the CISA and CISM certifications from ISACA, and CISSP-ISSAP from (ISC)2.
www.nordicitsecurity.com
7. Nordic IT Security 2014 7
Session highlights
Keynote Session
n 13.00 Securing and protecting user information online
Cloud computing is a technology that is transforming how many of us conduct business today. It has tremendous
economic benefit to the users and wider society. However, there is still much speculation around the security
and privacy implications of applications in the cloud. With speculation comes fear, and with fear comes
misinformation and myths. In this session, James Snow, Trust Product Strategist for Google Enterprise will
address many of these myths and uncertainties about working in the cloud and will offer a glimpse into how
Google protects the data and the privacy of its users.
www.nordicitsecurity.com
James Snow
Trust Product Strategist
Google for Works
About James:
James Snow is a Product Strategist for on Google Apps for Work, focusing on security, privacy, and legal compliance.
James’ mission is to enable Customers and Partners.
In previous roles, James Snow was responsible for security and compliance in EMEA for Google for Work. James has
deep product knowledge in Google Apps for Work, Google Cloud Platform, Google Search for Work, and Message Security
products. James has been the lead engineer on some of the largest apps, search, and security deals in the world to date
including Ahold, Randstad, KLM, among many others. Prior to working at Google, James was a Program Manager at
Microsoft (Redmond) in the Connected Systems Division (SQL Server, BizTalk, Host Integration Server). Before Microsoft,
James worked at Accenture in their Global Integration Practice implementing systems integration and BI solutions for
Fortune 500 clients in Asia, Europe, and the Americas.
James was grew up in Virginia Beach in the US, but has lived internationally for over a decade including London, Amsterdam,
and Manila. James studied Computer Science and Business at James Madison University. When not lobbying for Trust
at Google, James is an avid scuba diver and snowboarder.
8. 8 Nordic IT Security 2014
Session highlights
Track 1: Business Continuity & Incident Recovery
n 08.50 Critical business information protection at
Andritz
As ANDRITZ is globally leading technology supplier in it’s
field intellectual property is highly valued and needs to be
protected accordingly. This session covers how ANDRITZ´s
information security program addresses risks and problems
related to intellectual property protection and data leakage.
Teemu Ylhäisi
IS Security Officer
Andritz
About Teemu:
Teemu Ylhäisi is responsible for IT and Information security in ANDRITZ group and he is heading the ANDRITZ global Security Competence
Center. His responsibilities include management of IT security strategy and governance as well as IT security related projects and operations.
Prior to working at ANDRTIZ Mr. Ylhäisi has managed a PCI consulting team at nSense and work on various IT and Information security roles
at Nokia Oyj.
n 10.45 Risk based security program at Lantmännen
More and more security programs are taking a risk based
approach to their security work. But how do you align this
with the overall risk program in the organization? And how
do you educate the business (and the risk function) to
understand the connection between different risk types and
the potential gains of coordinating risk management with
traditional security? At Lantmännen, we have adopted a
bottom-up approach in order to slowly work IT and information
risks into the overall risk map.
Robert Mungenast
Head of Information and IT Security
Lantmännen
Learning points
+
• Hear how ANDRITZ classifies intellectual property
data
• See how we protect the confidentiality of critical
business information
• Learn from our experiences of building security
controls that focus on intellectual property
Learning points
+
• Risk is (or should be) the foundation for all security
work
• It is vital to establish cooperation between the risk and
security programs
• Businesses need to understand that they face several
types of risks, and that they stand to gain a lot from
managing them in a structured and coordinated manner
About Robert:
Robert is an experienced professional within the Risk and Information Security areas. He currently holds the position as Head of Information and
IT Security in the Lantmännen Group, where he runs a security program focused on basing as many decisions and actions as possible on
risk awareness. His background also gives him a solid understanding of the technical aspects of IT security.
Track 2: Cyber Security
n 08.50 The Threat Landscape in Scandinavia
Listen in on a presentation by IT Security expert Peter Kruse, who will give you an overview of the threat landscape in the
Nordic region so you can better prepare how to protect your business.
Peter Kruse
Head of CSIS eCrime Unit
CSIS security Group A/S
About Peter:
Peter Kruse co-founded the Danish IT-security company CSIS in 2003 and is currently leading the eCrime department, which provides
services mainly aimed at the financial sector. His ability to combine a keen appreciation of business needs and a profound technical
understanding of malware has made CSIS a valued partner of clients not only in Scandinavia but also in the rest of Europe. Today, Peter is
by far the most quoted IT-security expert in Denmark and considered among the most recognized in Europe. He has a long history of active
participation in several closed and vetted top IT-security communities and has numerous international connections in the antivirus- and
banking industry, law enforcement and higher education institutions.
9. Nordic IT Security 2014 9
Session highlights
n 09.25 SecuriConnect, the game changer: Revolutionizing customer data privacy in Managed Security Services
In this talk we will introduce a new version of SecuriConnect, a VPN appliance with unique security innovation, Three Domain
Separation. The innovation enables mitigation of unauthorized disclosure of sensitive information. The Three Domain Separation
is a true paradigm shift in VPN management. Administrative task can finally be performed by administrative departments
without compromising the privacy of sensitive data. Three Domain Separation eliminates cross contamination when VPN
management is outsourced enabling true cost-effective Managed Security Services. Many organizations such governments
and public sector agencies, handle sensitive information. In high security environments, set of regulations require that
networks hosting sensitive information are isolated from open networks, such as the Internet, effectively creating zones
of different security clearances. These isolated networks are often geographically separated but interconnected by Virtual
Private Networks (VPN). Traditionally, VPN architecture has two domains, RED domain with secure data and BLACK domain for
transport e.g. Internet. The RED and BLACK domains cannot exchange information. Management of a VPN unit is possible
from the RED domain or through a separate Out Of Band network. Thus, VPN administrative personnel are able to access
sensitive information on the RED domain potentially causing, intentional or unintentional, unauthorized disclosure of sensitive
information, effectively creating “ghost users”.
Stefan Chevul, Product Manager,
Advenica
About Stefan:
Stefan is a technologically skilled product manager who excels at bridging business, technology and user experience. Passionate about
discovering products that are valuable, usable and feasible while maximising business value. Stefan holds a Tec.Lic. degree in telecommunication
systems and also a M.Sc. in Electrical Engineering. He currently works at Advenica AB where he manages the VPN product portfolio.
n 11.20 Automating Disaster Recovery for the Security & Network Infrastructure
BackBox enables security and network operations team to fully automate and schedule device configuration backup and
recovery. BackBox eliminates the need to write scripts, manually backup devices or use multiple management system in order
to enable quick disaster recovery for all Security and network devices. BackBox allows in addition to Automate configuration
push to multiple devices with a single-click saving the organization time and effort. Supporting over 95 of the leading Security and
Networking vendors, BackBox is the only solution that enables configuration backups for all security and network devices in the
network.
Rafi Zvi, CTO, BackBox
About Rafi:
Rafi has over 18 years of experience in the information systems field and over 15 years in information security. Starting in 1995 Rafi managed the
information systems group at Sequel Technology, based in Bellevue, Washington, an Internet access control software development company. Rafi
joined NetVision, the leading ISP in Israel in 1997 and managed the Professional Services team servicing enterprises both locally and globally. In
2000 Rafi co-founded Spider Solutions which grew to be the leader in Information Security services for enterprises in Israel. Safeway Solutions, the
company behind BackBox was founded by Rafi Zvi and Arik Elias in cooperation with the largest Telco in Israel, Cellcom.
10. 10 Nordic IT Security 2014
Session highlights
Track 3: Mobile Workforce & Cloud
n 08.50 Getting the Hacker’s Eye View through
Continuous Monitoring from the Cloud
Hackers, cyber-criminals and state actors are probing your
perimeters constantly, yet until recently the tools were
not available for enterprises to keep pace, and instead a
monthly “patch in a batch” mentality was the norm. This
session will talk about:
Chantal ‘t Gilde, Managing Director, Netherlands
& Nordics,Qualys
Learning points
+
• Moving on from an outdated monthly “patch in a
batch” mentality
• How cloud-based security solutions give you a
“hacker’s eye view” and empower organizations
• Global, yet cost effective continuous monitoring
practices
About Chantal’t:
Chantal’t has been working as a specialist in the field of IT security for 15 years. He works with many of the large Enterprises in the Benelux &
Nordics region. His areas of focus have been: Overall Strategy to increase security and compliance, best Practices and common security issues
within Enterprises. His varied industry experience has allowed for an understanding of security teamed with a strong technical back-ground,
experience in enterprise related security concerns and challenges and detailed knowledge of Vulnerability management, Policy
Compliance and Web Application scanning.
n 09.25 AirWatch, Empowering the Mobile Enterprise
AirWatch by VMware is the leading Enterprise Mobility Man-agement
(EMM) provider with more than 1,800 employees
across nine global offices. More than 12,000 organizations
in 150 countries leverage the AirWatch EMM platform, which
includes industry-leading mobile device, email, applica-tion,
content, laptop and browser management solutions.
Organizations can implement these solutions stand-alone
for unique Bring Your Own Device (BYOD) requirements, in
the AirWatch Workspace™ containerized solution, or as a
comprehensive, highly scalable enterprise-grade mobility
platform. With the largest research and development team
in the industry, AirWatch ensures:
Lars Vestergaard
Enterprise Account Executive Nordics
AirWatch by VMware
www.nordicitsecurity.com
Learning points
+
• The broadest mobile platform support
• Develops innovative solutions like Secure Content
Locker™ integrates with the leading device manu-facturers
and technology solution providers in the
mobile ecosystem
• Learn how our solutions are enhancing and securing
the mobile enterprise and the benefits that we provide
to empower your workforce
About Lars:
Lars Vestergaard is an enterprise account executive at AirWatch by VMware, the leading enterprise mobility management (EMM) provider.
In this role, Vestergaard matches Scandinavian-based clients with AirWatch solutions to simplify mobility and improve their business functions.
Vestergaard has more than 15 years of experience working in the mobile and telecommunication industry. Prior to joining AirWatch, he
spent three years as managing director at Mobilethink, selling operator MDM and analytics solutions to mobile operators on a global scale.
Earlier in his career, Vestergaard worked at IDC, the premier global provider of market intelligence, advisory services, and events for the
information technology, telecommunications and consumer technology markets. While at IDC, Vestergaard established the company’s
enterprise mobility research division in the EMEA region. He spent 11 years managing a broad customer base consisting of operators, vendors,
investment banks, management consulting companies, and CIOs across all verticals. As a respected industry commentator, Vestergaard
has been a keynote speaker at mobile industry events around the world. In 2009, he was named the most influential mobile analyst in the
EMEA region by the Institute of Industry Analyst Relations (IIAR). Vestergaard received a Master of International Business degree from
Aarhus University. He has also studied at the Royal Melbourne Institute of Technology and the Singapore Institute of Management.
11. Nordic IT Security 2014 11
Session highlights
Track 3: Mobile Workforce & Cloud
n 10.45 Securing Mobile, the New Enterprise Desktop
The mobile device is rapidly becoming the new desktop for
employees. This shift, combined with the trend of BYOD, is
driving exponential growth in the number of digital identities
associated with an individual. At the same time malware
threats continue to attack identities with increasing sophis-tication.
The evolution of these two worlds has them on a
collision course. The good news is that mobile devices offer
organisations an opportunity to blend user experience and
security like never before.
Speaker TBA
+
n 11.20 Securing Mobile: constraints or opportunities?
A presentation about the increased use of smartphones in the industry, the gains we get but also the constraints & risks
we have. We will also provide a closer look to the market segments, the different deployment models (BYOD, COPE,…) and
their consequences.
www.nordicitsecurity.com
Charles d’Aumale, VP Sales & Marketing
Security Products, ERCOM
Learning points
• Why the mobile platform is more resilient to attack
than the traditional desktop
• How mobile devices help meet real world security
needs such as authentication, malware protection and
fraud protection
• How strong digital identities for the mobile desktop
can enable business applications, transactions and
processes.
About Charles:
Charles d’Aumale, sales and marketing VP for security products at ERCOM, has 15 years experience in telecommunications. He joined ERCOM
in 2008 after working for Orange where he hold different positions in MNVO, NFC and regulation fields. He also worked for Bouygues
Telecom as machine to machine manager and for start-ups focus on storage and picture recognition. Charles holds an MSc in engineering
from Telecom ParisTech and an MBA from INSEAD.
Track 4: Future Trends and Innovations
n 14.00 Identity and Trust in a digital world
I dare to challenge: that what you state as your digital identity today, is not a digital identity at all! This is why information
security programs do not work. Your so called ‘digital identity’ is the weakest link in the chain; in a verbose, connected and
dynamic digital society. What’s more is that your digital identity can be stolen. Identity fraud is on the rise, even in Sweden.
So how did we get into such a mess and what is the future for our digital identities?
Karen Lawrence Öqvist
CEO of Dgtlb Information Security AB
and President of Digital TRACE
About Karen:
Privacy Advocate & Expert - Cannot be Controlled - Cannot be Manipulated - Let the Voice of the Citizen be heard!” is her
personal tagline. Karen cares passionately about the right to personal privacy and the right of ownership of our digital
identities, Personal Identifying Information (PII), and our digital footprint. She is an author, speaker and entrepreneur, with
an MSc Information Security (Royal Holloway University of London) and an MBA (Henley, Reading University). With over 20
years experience in information security, her career has taken her from UK to: Cern in Geneva, Novell in Zurich, Stockholm,
and Hewlett-Packard. She is today CEO of Dgtlb Information Security AB and President of Digital TRACE in Sweden and
Norway.
12. 12 Nordic IT Security 2014
Session highlights
Track 4: Future Trends and Innovations
n 14.35 Hacking of Things: a concrete look at IoT and
how secure it is
The Internet of Things is on everyone’s lips, these days.
The potential from connecting all types of devices to the
internet, and the ability to interact with them remotely and
extract analytical data can bring great value to organiza-tions
across different industries. However, as these devices
go online, what is the real threat that companies and their
customers are exposing themselves to? David Jacoby has
conducted extensive research on the real threat of IoT in
terms of security, taking a look specifically at the Home
Entertainment sector, to which most can relate to.
David Jacoby
Senior Security Researcher
Kaspersky Lab
Track 5: Compliance, Risk & Governance
+
n 16.30 Secure mechanisms for transparent financial reporting
AIG, Fannie Mae, Freddie Mac and mortgage-backed securities, each tell their own story. Where were the real values, who
was responsible for presented figures, what did the resulting reports tell the world? Lack of transparency and traceability
in financial reporting left in its wake a devastating impact that rocked the global economy. We are now faced with a huge
challenge to avoid a reoccurrence; by the implementation of solutions universally and globally, for absolute transparency
and traceability in the reporting/presentation of financial information. In a digital world this needs to be done using secured
and efficient mechanisms; as the enabler for traceability, and protector of information integrity. All of this needs to be done
in a simplified way for financial reporting to public authorities in the SME-sector. How do we solve this? Well surprise, the
knowledge and instruments are at our fingertips! All that is missing are some change triggers; individuals with a burning
ambition to make these changes a reality….. Is this you?
Lars Berglöf, Senior advisor Financial Information
Infrastructures, TS Solutions AB
About Lars:
Keep IT simple is his mission for the SME-sector. He strives for transparent and traceable financial reporting using a global
universal standard; as an enabler of trust in a digital world. Lars is a seasoned entrepreneur in both national and interna-tional
financial markets. The cornerstone of his success was placed almost 40 years ago when he built the business of
distributed financial reporting services to 15,000+ SMEs served by 250 local service agencies in Sweden.
www.nordicitsecurity.com
Learning points
• What is IoT?
• What are real security threats in the home entertainment
sector?
• How is IoT affecting our daily lives, and how could that
affect us if our devices our hacked?
About David:
David is a security evangelist who is currently working as Senior Security Researcher for Kaspersky Lab. He is responsible
for not only research but also technical PR activities in the Nordic and Benelux region where his tasks often include vulnerability
research and management, penetration tests, security research and public speaking engagements. His day to day job is
about improving awareness of the current and future threats and vulnerabilities to which Internet users are exposed and
fight cybercrime. David has about 15 years of experience working in the IT security field. This have given him the opportunity
to work in many interesting fields such as: Vulnerability and Threat Management, Customer Experience, Penetration Testing,
Development and Fighting Cybercrime.
13. Nordic IT Security 2014 13
Session highlights
www.nordicitsecurity.com
Track 6: Identity & Access Management
n 16.30 Adaptive User Authentication – for a more intelligent and convenient solution
More info to come soon
Nikolaj Holm Vang, Global Enterprise Sales
Manager, SMS Passcode
About Nikolaj:
Nikolaj Holm Vang has worked in the authentication-space in nearly 7 years always interested in the difficult balance of user
experience and always-strengthened security. Nikolaj leads the Innovation team within SMS PASSCODE and has fronted
several Adaptive Authentication features that gives costumer users a better understanding and respect for strengthened
security. Prior toSMS PASSCODE Nikolaj had a few years working with different MDM solutions – securing data when opening
the IT infrastructure to mobile and demanding users worldwide.
Expo Room
n 14.00 Security, Trust and Assurance: 3 pillars of confidence in the cloud
In his presentation Erkan Kahraman will show his methods to address common customer concerns from a cloud service
provider point of view and provide useful insight to the industry and what cloud users should consider when purchasing
solutions.
Erkan Kahraman
Chief Trust Officer
Projectplace International AB
About Erkan:
Starting on January 2014, Erkan assumed the Chief Trust Officer role at Projectplace where he continues to oversee the security program as
well as taking on the responsibility to maintain customer trust, regulatory compliance and third party assurance. They designed Projectplace
Security, Trust and Assurance ecosystem to cover all aspects of cloud computing risks and address common concerns. Before that, Erkan
was CISO at Projectplace.
14. 14 Nordic IT Security 2014
Past - attendees
24 Solutions AB, Business Developement Manager
24 Solutions AB, Senior Security Manager
24 Solutions AB, Security Manager
24 Solutions AB, Account Manager
3G-Consult, Sr. Project Manager
4Secure Limited, Operations Manager
4Secure Limited, Director
4Secure Limited, Developer
AB Nya Grand Hôtel, Security Manager
Absolute Software, Regional Manager
Absolute Software, Territory Manager
Accolm AB, Key Account Manager
Accolm AB, Technical Specialist
Ahlsell AB, IT Technical Manager
AirWatch, Marketing & Events Manager
AirWatch, Enterprise Account Executive
AirWatch, Account Executive
Anticimex AB, GruppChef Systemutveckling och Arkitektur
Anticimex AB, IT SystemMangaer
Arbetsförmedlingen (Swedish employment agency), Security strategist
Arbor Networks, Senior Marketing Manager, EMEA
Arbor Networks, Consulting Engineer
Arthur D. Little AB, IT Manager
Avanza Bank AB, Systems Administrator
Avanza Bank AB, IT Säkerhetschef
Avanza Bank AB, Senior IT infrastructure architect
Avanza Bank AB, Networking
Betsson Group, Team lead Network & Security
Blancco, Country Manager
Blancco, Sales Manager
Cambrex, IT Director
CAR-O-LINER, IT Tekniker
Carspect AB, IT administratör
Codenomicon Oy, Account Executive
Codenomicon Oy, Event Coordinator
Computer Sweden, Editor
Consistor WebTech, CEO
Co-worker technology, Sales manager
Co-Worker Technology, Sales Executive
Cuebid AB, Security Services Director
Cybercom, Consultant
Danderyds Sjukhus AB, IT-samordnare
Datainspektionen, IT-security specialst
Dell SecureWorks, Marketing Manager
Dell SecureWorks, Security Solutions Specialist
Dell SecureWorks, Security Specialist
DigitalB, CIO
DigitalB AB, Founder/CEO
Eden Springs, IT Ansvarig
Egloo System AB, VD
Ekelöw AB, consultant infosecurity
Elektronikåtervinning i Norden AB, CEO
EMULEX, Senior Manager, EMEA Marketing
EMULEX, Technical Sales Consultant
Ericsson, Product Manager
Ericsson, IT Security Manager
Ericsson AB, Head of SPO
Erik Thun AB, Deputy Managing Director
Erik Thun AB, IT Director
Euroclear Sweden, Head of Risk Mansgement
Excitor, Regional Sales Director
Excitor, Sales Director
Excitor, Solutions Architect
Exclusive Networks AB, Channel Sales Manager
Exclusive Networks AB, Inside Sales
Exportkreditnämden, Säkerhetssamordnare
FM, Discloused
FMV, Project Manager
Folksam, IT Architect IT & Security
Folksam, IT Arkitekt
FOREX Bank AB, CISO / Ansvarig IT och Informationssäkerhet
Fortinet, Senior Consultant
Fortinet, System Engineer, Northern Europe
Fortinet, Enterprise Business Manager
Fritidsresor AB, Technical Architect
Försvarets Radioanstalt FRA, Teknik
Försvarets Radioanstalt FRA, Production Lead
Försvarsmakten, Supervisor FMKE
GMO GlobalSign Ltd, UK Marketing Manager
H&M Hennes & Mauritz AB, Infrastructure Security Architect
Haglöfs Sweden, IT Manager
HMS Industrial Networks AB, IT Manager
Holmen AB, IT Technical Manager
Holmen Skog, Controller
Huhtamaki Sweden AB, CEO
IBM, Nordic Lead for Industry Leadership Program
IBM, Senior Management Consultant
IBM, Global Technology Services
IBM, Communication Advisor
IBM Denmark, Security Services & BCRS IBM Nordic
IBM Svenska AB, Enterprise Services Sales
ICA AB, CISO
If, Chief Information Security Officer
Imperva, Regional Sales Manager
Imperva, Business Operations
Imperva, Sr Security Engineer
Inuit, Marketing Manager
IT Total, Försäljningschef
iZettle, CTO
iZettle, CSO
Järfälla kommun, Informationssäkerhetsansvarig
Karolinska Institutet, IT-Säkerhetsansvarig
Kaspersky Lab, Senior Security Researcher
Keynectis, Area Sales Director EMEA
Kikusema AB, CEO
KMPG, Head of Information Security
KPMG Oy Ab, Information security specialist
KTH University, Student – Information and Communication Systems Security
LAN Assistans, Sales Manager
Lan Assistans, Säljare Datacenter
Lan Assistans, Key Account Manager
Landstinget Blekinge, IT Security Manager / Risk Assisment
Landstinget i Jönköpings län, CISO
Lanteam Consulting AB, Sales
Logica SE, Security Director
Lüning Consulting AB, Ph.D. Infomation Security consultant
M4M HR Consulting & Products, Owner
Mfex, Driftchef/Infrastructure Specialist
Moreware AB, CEO
Moreware AB, Technical trainer
Nets Denmark A/S, Nordic Sales Manager, eSecurity
NIU IFMO, Cyber security researcher
15. Nordic IT Security 2014 15
Nixu Oy, Head of Sales & Marketing
Nordea, Sub-unit Manager - Infrastructure Security
Nordea, IT Security Architect
Nordea, Senior IT Security Specialist
Nordea Bank AB, IT Security Specialist
Nordic Processor, FLM Secure Access
Nordic Processor, Nordic Team leader, Secure Access
Norwegian Armed Forces, Chief Information Officer and Commanding
General Cyber Command
Norwegian Armed Forces, Staff Officer
nSense Oy, MD
OP-Pohjola Group, ICT Development Manager
Panda Security, Product Technical Presale Manager
Patentbesvärsrätten, IT-avdelningen
Projectplace, Chief Information Security Officer
Projectplace, CISO
Projectplace, IT & Operations Engineer
Q-Sisto Oy, Managing Director
Rebendo Konsult AB, Managing director
Rezidor Hotel Group AB, System Manager & Systems Analyst
Rezidor Hotel Group AB, IT Manager
Riksarkivet, Information Security Coordinator
Riksbank, Information Security Officer
Rikspolisstyrelsen, Gruppchef
Rikspolisstyrelsen, IT säkerhetsspecialist/stateg
Rikspolisstyrelsen, PVS, Verksamhetsskyddschef RPS/PVS
Royal Institute of technology, Network-security student
Safe-Net, Regional Sales Director
Safe-Net, Regional Sales Manager
Safeside Solutions AB, Sales
Safeside Solutions AB, MD
SALAR, epSOS Project Coordinator
Samport Payment Services AB, Product & Security Manager
Samport Payment Services AB, Title IT Manager
Santander Consumer Bank AS, Nordic IT Director
Santander Consumer Bank AS, Security Officer Norway Cards Div
Santander Consumer Bank AS, Security Officer Norway Loans Div
Santander Consumer Bank AS, Nordic Business Develope
Santander Consumer Bank AS, Nordic Security Officer
Santander Consumer Bank AS, Security Officer Denmark Loans Div
Santander Consumer Bank AS, Security Officer Finland Loans Div
Schneider Electric, IT Security Officer (EMEA)
SecMaker, President and Chief Executive Officer
SecMaker, VP Sales
SecMaker, CEO
Sectra Communications AB, CTO
Sectra Secure Solutions AB, President
Secur-view AB, Director
Sentor MSS AB, COO
Sentor MSS AB, CEO
SG Finans, IT-auditor
Sineqra.com, Information security
SJ AB, Chief Security Officer
Skatteverket, Security Strategist
Skatteverket, Chief Security Strategist
Skatteverket, Informationssäkerhetsspecialist
SL, IT Security Manager/Director (CISO)
Smittskyddsinstitutet, CIO
SMS PASSCODE A/S, Area Manager
Sodertalje Hospital, IT-engineer
Sophos, VD
Past - attendees
Sophos, Sales Engineer
SpareBank 1 -alliansen, Leder IT-sikkerhet, CISA, CISSP
SSAB, CISO
SSH, VP Business Development EMEA
Stockholms läns landsting, System Custodian
Stockholms Läns Landsting, Information Security Manager
Stockholms Universitet, Högskoleadjunkt
Stora Enso Fors AB, Teleansvarig
Swedbank, Manager
Swedbank, Infrastructure Engineer
Swedish National Debt Office, Head of security
Swedish Public Employment Service, Information Security Strategist
Swedish Rails (SJ), Chief Security Officer
Svenska Fönster, IT- Manager
Svenska Fönster, IT-Coordinator
Teknikföretagen, IT-Manager
Teknikföretagens Service AB, IT Security Manager
Tele2, Network Manager
TeliaSonera, Senior Manager
TeliaSonera, Global Product Manager
Teliasonera, Product Manager
TeliaSonera, Sr.Product Development Manager
TeliaSonera, Senior Product Manager Security
The Institution JSPM AB, MD
The Institution JSPM AB, Sales Director
The Institution JSPM AB, Product Developer
Tieto, Head of Security Services & Operations
Tieto, Manager
Tieto, Senior Security Consultant
Tieto, Lead Security Architect
Tieto Sweden AB, Senior Business Security Consultant
Tmi K.Loman, IT Manager
Trend Distribution AS, Sales & Marketing Manager
Trustwave, Enterprise Account Manager
Trustwave, Senior Systems Engineer
Trustwave, Account Manager
Trustwave, Director, Delivery
UC AB, IT chef
Uppsala universitet, Utredare
Uppsala University, Assistant Chief of Security
WatchGuard technologies Inc., Channel Manager Nordics
WatchGuard technologies Inc., Senior Sales Engineer
Vattenfall, Information Technology-strateg
Vattenfall, IT Architect/Manager
WeCloud AB, VD
WeCloud AB, Account Manager
Weop, Managing IT and Security
Veriscan Security AB, CEO
Veriscan Security AB, Informationssäkerhets konsult
WhiteHat Security, MD EMEA
Wilh. Wilhelmsen Holding ASA, Group Security Officer
Volvo Cars Corp., IT Security & Control Mgr
Volvo Cars Corporation, IT security specialist
Örebro Läns Landsting, IT-konsult/Systemtekniker
16. 16 Nordic IT Security 2014
Information - venue
The Venue for this year’s event is 7A Konferens Odenplan
Located very close to the subway, the venue on Odenplan an unbeatable
proximity to transport links.
Recently refurbished, the floor plan has beautiful natural light and there are
both small group rooms, and excellent expo and networking areas.
We are excited that we have found a venue that is both beautiful and functional
in such a convenient central location.
n CONFERENCE LOGISTICS
Registration:
To register for the conference go to:
www.nordicitsecurity.com/register-today.
Once you have submitted your information,
we will send you final confirmation that your
application has been successfully processed
providing you meet our delegate criteria.
Please note, we do reserve the right to refuse
applications from companies considered as
“vendors” in this space.
Attire:
Business casual attire is recommended for the
conference.
Event Coordination:
If you have any general queries about the logistics
of the conference, please contact:
Malcolm Larri
Email: malcolm.larri@coordinatum.com
Tel: +46 8 650 02 70
Emilia Rollan
Email: emilia.rollan@coordinatum.com
Tel: +46 8 650 02 70
Venue Address
7A ODENPLAN
Odengatan 65
113 22 Stockholm
Website: www.7a.se
Nearest Subway Station: Odenplan
Do you need a hotelroom in Stockholm during
Nordic IT Security?
We have negotiated prefered rates for attendees
to this years Nordic IT Security conference at
the Clarion Hotel in Stockholm.
Clarion Hotel Stockholm is located in Södermalm,
a district known for its cultural heritage, boutiques,
restaurants, galleries and parks.
We will have transport arranged from the hotel
to the conference venue on the morning of the
conference day and encourage all out of town
visitors to make use of this service.
Book a hotel room:
You can book by emailing: groups.stockholm@
choice.se and use reference: 2059R593509.
Room price is 1 595 SEK including VAT/room &
night and inclues WiFI and breakfast buffett.
Transport from the hotel to the conference:
To arrnage your transport to the conference
on the conference day November 5th, please
email: malcolm.larri@coordinatum.com with
“conference transfer” in the subject line.
Hotel address:
Clarion Hotel Stockholm
Tel: +46 (0) 8 462 10 00
Ringvägen 98
Stockholm
Website: www.clarionstockholm.com
Nearest subwaystation: Skanstul (green line
south)
17. Nordic IT Security 2014 17
Information - stay updated
+
Standard Rate
690 EUR
1090 EUR
All prices are excluding tax
Join our
LinkedIn Group!
(Nordic IT Security Group)
+
Follow us
on Twitter!
Twitter: @eurosecforum
+
3 Easy ways
to register:
Phone:
+46 8 651 10 90
Email:
registration@midfieldmedia.com
Website:
www.nordicitsecurity.com
Register your seat today
Packages available
Conference Pass for end-users*
Conference Pass for Solution Providers
* the organizer reserves the right to define your category. End Users are organizations that do not sell
solutions, services, or consultancy to participants.
For packages available for Solution Provides, please contact:
Anastasia Lodhi
Email: anastasia.lodhi@copperberg.com
Team Send Program
Our agenda is the perfect opportunity for you to bring a cross-functional team.
When attending as a team of five or more you’ll receive additional benefits,
including complimentary registrations or discounts.
Group Booking Offer!
Book 3 get 1 free = 4 delegates
Book 5 get 2 free = 7 delegates
Book 8 get 3 free = 11 delegates
Use code BOOK3, BOOK5 or BOOK8 in the message field and we will contact
you for the additional attendees
Email: registration@midfieldmedia.com
or call hotline: + 46 8 651 10 90
TERMS & CONDITIONS
+
Your booking is binding. You may substitute a delegate at any time. Please note that substitutions are not permitted unless approved by the
organizers. For all cancellations (without an approved substituted delegate) received in writing more than 5 business days prior to the event and,
a €120 (+VAT) administrative fee will be charged and a credit voucher for the remaining amount will be issued. Credit vouchers may be used at
any Midfield Media conference within one year of issuance. For cancellations less than 5 business days prior to the event, the full amount of the
delegate pass is non-refundable. Full payment is due 10 days upon invoice and no later than 5 business days prior to the event. Delegates that
have NOT submitted payment prior to the event will not be admitted to the event. Admittance is then only granted upon approval of credit card
payment directly onsite.