12 February 07:30-18:307A Odenplan, Stockholm

2025 Speakers

Ulf Berglund
Event Chairman & Moderator

Anders Jonsson
Senior Advisor Cyber Security, NIS2 & GDPR Expert ENISA

Martin Bergling
Coordinator Cybernode, RISE

Niclas Kjellin
CTO/Cybersecurity Officer, Shift Everywhere

Fredrix Blix
Associate Professor, Stockholm University & COO at Visente

Dr. Fredrik Blix is the COO of Visente, a strategic cybersecurity firm based in Stockholm, Sweden. With over 30 years of experience in the cybersecurity field, he has consulted with more than 100 companies and government agencies worldwide. His primary expertise lies in cybersecurity governance, where he has played a key role in the development of practical frameworks such as the SBA Check Method and the MSB Method.

Dr. Blix serves as an Associate Professor of Cybersecurity at Stockholm University, where he was instrumental in establishing a cybersecurity master's program and continues to lead cutting-edge research. He has taught thousands of business professionals and students, sharing his extensive knowledge on cybersecurity governance. Furthermore, Dr. Blix is a contributor to international standards such as ISO/IEC 27001 and 27002, solidifying his position as a leading authority in the field of cybersecurity.

Björn Persson
Senior Lawyer Advokatfirman Singularitylaw AB

Ronja Alhberg
Director Cyber Defence, The Swedish Security & Defence Industry Association (SOFF)

Michael Popoff
Senior Scientist, RISE

Nathaly Bodell
Cyber Security Solution Architect, PostNord Stråfors

John Wallhoff
Co-Founder, B4 Investigate

Magnus Jansson
Senior Security Solutions Engineer, Rapid7

Isabella Södergren
Board Member, Women4Cyber Sweden

2025 Schedule

07:30

Registration Opens

08:15

Chairman's Opening Remarks: Ulf Berglund, Event Moderator

Event Chairman & Moderator
08:30

Opening Keynote Powered By Thales Group TBA

08:55

Implications of NIS2, CER, CSA/CRA Regulatory Frameworks - Anders Jonsson Senior advisor & Cyber security expert , ENISA

Regulations (NIS2, CER, CSA) will have major impact on the IT-security market and shall enforce quality and resilience of products, services and processes at essential and important entities across EU.

Key takeaways:

  • How will the impact of NIS2/CER directives be on the Swedish market?
  • How can you manage the challenge to secure your supply chain?
  • Why is security certification schemes (CSA/CRA) central in the EU strategy?
  • How will the certifications schemes work with AI Act?
    Read more
    Senior Advisor Cyber Security, NIS2 & GDPR Expert ENISA
    09:25

    Better Risk Management with Quantitative Risk Analysis: Martin Bergling, Cybernode Coordinator, RISE

    Qualitative risk analysis has gained a strong foothold in the IT industry. We need to change this, and - like many other industries - use quantitative methods instead. This lecture presents a simple way to test the quantitative methodology, using Monte Carlo simulation in Excel. The demo shown is based on Douglas Hubbard's book "How to measure anything in cybersecurity risk". 

    Key takeaways:

    • Problems with qualitative risk analysis 
    • A better method based on qualitative risk analysis
    • Demo with Excel
    Read more
    Coordinator Cybernode, RISE
    10:10

    Networking Coffee Break & Visiting The Expo Area

    10:30

    IT Security Insights 2025 Breakout Sessions

    Join our breakout sessions to stay informed about a wide range of security solutions showcased by our partners during the conference. Open to all event participants, these sessions will cover five distinct topics, offering valuable insights into the latest advancements in security technology. 

    Read more

    Post-quantum resilience: living in a post-quantum world: Michael Popoff Senior Scientist, RISE

    Quantum computers have the potential to break widely used public-key cryptosystems, such as RSA and elliptic-curve cryptography, which are a part of our current communication infrastructure. Post-quantum resilience is a field to address these vulnerabilities to ensure the long-term security of our data and communications.

    • What is cryptography and what its role in current secure communication?
    • What is vulnerable to an attack from a quantum computer and why?
    • What is a quantum computer and how it can make our data vulnerable?
    • What can we do to protect our digital assets long term?
    Read more
    Senior Scientist, RISE

    Exploiting the Human and Technological Intersection: Social Engineering, AI, and Advanced Threat Actors in the Era of Industry 4.0.

    The convergence of Operational Technology (OT) and Information Technology (IT) within Industry 4.0 ecosystems has revolutionized manufacturing and critical infrastructure, when it comes to efficiency, automation, and interconnectivity. Industry 4.0 bring an expanded attack surface, exposing vulnerabilities that advanced threat actors increasingly exploit. 

    Artificial Intelligence (AI) is a dual edged sword, used both by attackers and defenders. Threat groups use AI to amplify their capabilities when targeting human and technological vulnerabilities. Social engineering techniques have grown more sophisticated, exploiting cognitive biases and human error to infiltrate critical systems. Attackers weaponize AI to automate reconnaissance, craft targeted phishing campaigns, and generate deepfake content for deception.

    The weaponization of AI extends beyond social engineering to include cyber warfare and supply chain attacks, with critical infrastructure becoming a primary target. These developments underscore the urgent need for security strategies to address the challenges posed by Industry 4.0's innovations

    Key takeaways:

    • How does the convergence of Operational Technology (OT) and Information Technology (IT) in Industry 4.0 expand the attack surface for advanced threat actors?
    • In what ways do advanced threat actors leverage Artificial Intelligence (AI) to enhance their social engineering techniques?
    • What are the key implications of AI weaponization for cyber warfare and supply chain security, particularly concerning critical infrastructure?
    • What security strategies are necessary to mitigate the dual challenges of Industry 4.0 innovations and AI-driven cyber threats?

    Read more
    Board Member, Women4Cyber Sweden

    DORA: Empowering Board-Level Cybersecurity Governance in Financial Entities"

    The EU's Digital Operational Resilience Act (DORA) mandates that boards of directors ultimately own and govern ICT risk. This is vital for financial institutions aiming to protect their operations, stay competitive, and ensure long-term sustainability amid rapidly evolving cyber threats.

    Key takeaways:

    • Are you aware of your board's ultimate responsibility for cybersecurity under DORA?
    • How can regular, specific training for board members strengthen organizational resilience?
    • What governance model do you need to effectively manage and oversee ICT risk?
    Read more
    Associate Professor, Stockholm University & COO at Visente
    10:55

    Cybersecurity Skills Shortage: Ronja Alhberg, Director Cyber Defence SOFF

    Companies in the defense sector face a critical shortage of cybersecurity skills, creating vulnerabilities amid growing threats from sophisticated actors. Securing critical infrastructure requires investments in education, technology, and stronger collaboration between industry, academia, and government. This is not just a technical challenge—it is about safeguarding our society and future. 

    Key takeaways:

    • How can we together solve this problem?
    Read more
    Director Cyber Defence, The Swedish Security & Defence Industry Association (SOFF)
    11:20

    Breaking the Next Factor - Evil will own you LIVE DEMO, Niclas Kjellin CTO/Cybersecurity Officer, Shift Everywhere

    For a long time, you have been told that multi-factor authentication (MFA) is the solution to any authentication-related security issue. It is the go-to remedy for unauthorized access. It provides a robust additional layer of security beyond mere passwords, or so they say. More than a million MFA bypass attacks happen monthly, yet professionals believe MFA is the solution for a good night's sleep.

    Key Takeaways:

    The presentation will delve into the intricacies of malicious actors' modern techniques to circumvent MFA safeguards and pwn (takeover) your accounts... live. Attendees will witness firsthand the seamless takeover of MFA-protected accounts, showcasing the efficiency of advanced attack vectors. Interestingly, as always, it comes down to familiarity, trust, and the exploitation of human psychology

    The presentation highlights the real security issues and provide an understanding of the evolving threat landscape of MFA. Attendees will learn that the real enemy is human susceptibility and the crucial coexistence of technology and awareness in defending against the evil that  tries to own us.

    Read more
    CTO/Cybersecurity Officer, Shift Everywhere
    11:45

    Aligning IT and legal strategies, Björn Persson Senior Lawyer Advokatfirman Singularitylaw AB

    The presentation will focus on the IT and legal challenges the coming 3-5 years and what you can do to align your work. We will look into the IT-topics of AI, zero trust, biometric identification, next generation cloud/homomorphic encryption and how they interact with sourcing, privacy/secrecy, freedom of expression, IPR, cybersecurity accountability and cyber insurance. 

    Key takeaways:

    • Björn will also share some tips on how you can get IT and legal to cooperate with less friction
    Read more
    Senior Lawyer Advokatfirman Singularitylaw AB
    12:10

    Networking Lunch & Visiting The Expo Area

    13:10

    IT Security Insights 2025 Round Table Sessions

    Join our round table discussions that are designed to give event participants an opportunity to exchange ideas and experiences on some of the hot topics in the security market place in a more relaxed atmosphere. Each table is limited to 10 delegates and the duration is 40 minutes per rotation. Delegates will be swapping tables every 40th minute. A total of 10 round tables will be available to choose from. 

    Read more

    Exploiting the Human and Technological Intersection: Social Engineering, AI, and Advanced Threat Actors in the Era of Industry 4.0.

    Board Member, Women4Cyber Sweden

    NIS2 Directive

    Senior Advisor Cyber Security, NIS2 & GDPR Expert ENISA

    Better Risk Management with Quantitative Risk Analysis

    Coordinator Cybernode, RISE

    Breaking the Next Factor

    CTO/Cybersecurity Officer, Shift Everywhere

    DORA

    Associate Professor, Stockholm University & COO at Visente

    Aligning IT and legal strategies, Björn Persson Senior Lawyer Advokatfirman Singularitylaw AB

    Senior Lawyer Advokatfirman Singularitylaw AB

    Bridging the Gap between Top Management and the Board of Directors, John Wallhoff Co-Founder B4Investigate

    Key takeaways:

    Exploring how to foster a deeper understanding of cybersecurity risks and investments at the executive level

    Read more
    Co-Founder, B4 Investigate
    14:30

    Afternoon Coffee Break & Visiting the Expo Area

    14:45

    Leading the Charge: Building Teams That Don’t Wait for Threats to Strike: Nathaly Bodell Cybersecurity Solutions Architect, PostNord Stråfors

    In the ever-evolving landscape of cybersecurity, success isn’t just about technical skills—it’s about building teams that can anticipate threats and act with precision. This keynote will explore the critical shift from reactive to proactive defense strategies, focusing on the importance of high-performing teams. Drawing on real-world insights from building and leading top-tier SOC, CSIRT, and CERT teams, this session will reveal the key principles behind cultivating resilient, agile, and forward-thinking cybersecurity units. With a focus on leadership and team empowerment, discover how to create a culture of trust, accountability, and open communication—elements that drive performance and resilience in the face of constant cyber threats. This keynote will provide actionable insights for leaders aiming to foster collaboration, agility, and effectiveness within their teams.

    Key Takeaways:

    Practical strategies for shifting your cybersecurity team from a reactive to a proactive stance.The role of trust, communication, and accountability in building resilient cybersecurity teams.Leadership approaches that foster a proactive cybersecurity culture focused on threat anticipation.

    Read more
    Cyber Security Solution Architect, PostNord Stråfors
    15:10

    Vendor Elevator Pitches

    We are thrilled to welcome new partners to this year's conference! Each will deliver a brief presentation highlighting their unique value propositions, their key areas of focus for 2025, and compelling reasons why you should visit them in the exhibition area. Don’t miss this chance to discover innovative solutions and connect with our newest partners.

    Read more

    Rapid7's Presentation

    Senior Security Solutions Engineer, Rapid7
    15:25

    IT Security Insights 2025 Afternoon Breakout Sessions TBA

    15:50

    Partner Keynote TBA

    16:15

    Closing Keynote

    16:40

    Chairman's Closing Remarks

    Event Chairman & Moderator
    16:50

    Evening Networking Reception Starts

    Welcome To IT Security Insights 2025

    Welcome to the 9th Edition of the IT Security Insights Conference! A premier event that gathers key stakeholders in the cybersecurity space:IT security practitioners, technology providers, regulators, and academics, to tackle the latest trends and challenges in the ever-evolving world of cybersecurity, particularly within leading Nordic organisations.

    Key topics for this edition will include:  Quantitative Risk Analysis, SOC, ISO Certification, PCI DSS, NIS2, Cyber resilience Act (CRA), Supply Chain Attacks, OT, Cloud Security, Cyber Insurance, Data Privacy and Data Protection, critical infrastructure cybersecurity, Bug Bounty Programs, Human Risk Management and Application Security

    With 30+ Nordic and international speakers spread across the programme as keynote presenters, workshop and round table moderators, this year's edition promises to deliver invaluable learning opportunities and foster connections that will help you stay ahead of today’s cybersecurity challenges.

    In addition, the exhibition will feature 25+ exhibitors showcasing a wide ranges of tools and solutions. So, we encourage you to pay a visit to the Expo area and make connections that may probably last forever.

    The conference ends with an exclusive networking reception, which again offers you a perfect opportunity to build meaningful relationships with like-minded peers.

    We are looking forward to seeing you on the 12th of February at 7A Odenplan!

    Sincerely,

    Robert Kitunzi

    Event Project Manager

    Organized by

    7A ODENPLAN

    7A Odenplan is an accessible and modern venue occupying a floor plan of 2000 sqm with a large courtyard. It offers flexible rooms, good food and a roof terrace that overlooks Odengatan with a fantastic panoramic view of the city of Stockholm.7A Odenplan has a perfect city location with subway, commuter train and most city buses a few steps from the entrance. those who intend to drive a car, there is a parking garage in the house below with direct access up to the meeting room.

    Warm welcome!

    Address: Odengatan 65, 113 29 Stockholm

    Visit venue at: https://www.7a.se/odenplan

    By subway from T- Centralen:

    • Take the green line with train no.s: 17, 18 & 19 on the subway from Stockholm Central towards any of the following destinations: Odenplan, Alvik, Åkeshov, Råcksta, Vällingby and Hässelby Strand.

    • Get off at Odenplan - approx travel time 4 minutes.

    • From the Subway station it takes 2 minutes to the venue, 7A Odenplan. Use Google Maps and you will be there in no time. There is a subway going every 5 minutes.By Train from Central Station

    • Take the commuter train from Stockholm Central towards any of the following destinations: Märsta, Kungsängen, Uppsala and Arlanda Airport.

    • Get off at Odenplan station - approx travel time 4 minutes

    • From the underground it will take at least 3 minutes’ walk to get out of the station. Then approx. 2 minutes to the venue, 7A Odenplan. Use Google Maps and you will be there in no time.

    • The commuter trains go 4-6 times per hour.

    By car 

     Address: Odengatan 65, 113 29 Stockholm

    By taxi

    We recommend the following companies:

    Taxi Stockholm +46 8-15 00 00

    Taxi Kurir + 46 8-30 00 00

    Taxi 020 + 46 20-20 20 20