13 October 07:30 - 18:307A Odenplan, Stockholm


Ulf Berglund
Event Chairman & Information Security Officer, Länsförsäkringar AB

Ulf Berglund has a long experience from leading positions in the field of information security. He has been an honourable President of the CSA Sweden Chapter which he  launched in Sweden back in 2012. He is also co-author of the book Guide to the Cloud. He has a background as an officer, his last active years he was principal officer, IT security and information security expert at the Military Intelligence and Security Service (MUST). He has held positions as CTO, senior consultant and senior consultant for companies such Pointsec, Ernst & Young and Technology Nexus. Ulf's consultant and the experience derived from companies like Skandia, Scania, Swedish Match, the Stockholm Stock Exchange (OMX), the Swedish Central Bank, Apoteket AB (pharmacy), H&M and Länsförsäkringar Bank AB. He is the founder and owner of U&I Security Group AB.

Björn Gustafsson
Head of National Security, Telia Sverige AB

Björn Gustafsson is currently Head of National Security at Telia Sverige AB since 2016. Before joining Telia he served as a CISO of Stockholm's municipality and City for 8 years where he was responsible for effectively managing and coordinating the development of the Stockholm City’s security work. During his tenure he led numerous projects and processes in information security, security protection and the city's risk and vulnerability analysis. Björn has also 20 years of experience at the Swedish Armed Forces where he worked at the command and control regiment security department as chief information security officer. Besides, he is a renowned educator that shares his works and findings to others in the security community.

Sofia Cerwall
Group Security Advisor, Ericsson

“Sofia Cerwall is a Security Specialist and Group Security advisor at the multinational telecommunications company Ericsson. During her years at Ericsson she has gained insights in multiple parts of the security organization. Sofia is today the Global Domain Lead of Crisis Management within Ericsson. Prior to her  current role she has worked with cybersecurity related to corporate investigations and forensics. Sofia has a background within Computer Science, and holds a Bachelor´s degree from Stockholm University. She is also has a particular set of skills in global management, and is a well appreciated leader and colleague at Ericsson.”

Anders Jared
CISO, Systembolaget

Anders has during his 20 years in the area of security a broad technological and information security knowledge. Anders has his background in law enforcement, primarily analyzing security breaches in criminal investigations. He has then evolved to a security director which, in all, renders him a unique understanding of both threats and prevention possibilities in our digitized world. Anders has worked in large organizations, mostly government, in different sectors with the challenge of delivering adequate security on all levels in order to contribute both to efficiency and to business advantage.

Josef Joo
Head of Global Cyber Defense & Incident Response, Schneider Electric

Josef has extensive experience in the IT Industry spanning over 28 years, 15 of which he has spent at Schneider Electric in various senior roles. He is currently the Head of Global Cyber Defence & Incident Response. Prior to that he served as the Regional EMEA CISO for 8 years and he was the Regional Nordic IT manager for the company for over 5 years before assuming the EMEA position

Emil Dahlin
Group CIO, Bravida

Emil Dahlin has over 30 years documented experience in the IT industry and he is currently CIO, SVP Digital Business Development & IT of Svevia AB, a company that specialises in building and maintaining road infrastructure, employs about 2,000 staff dispersed across 100 locations in Sweden and Norway. He has also worked as a strategic advisor and consultant on a senior level for different consultant vendors. In addition, he has held top positions such as: Head of Group IT-Infra, PMO & SAM at PostNord AB, CIO at Qbranch AB & Axians SE and CTO at Norsk Hydro AB. 

Dimitrios Stergiou
CISO, Trustly

Dimitrios is currently employed as the Chief Information Security Officer for Trustly. He is an experienced senior Information Security and Risk professional with over 20 years’ experience in Risk Management, IT audits and Information security. Before joining Trustly, Dimitrios held positions at Modern Times Group, NetEnt, Entraction, Innova S.A and Intracom S.A. Dimitrios holds a M.Sc. in Information Security and is a Certified Lead Implementer for ISO 27001:2013, Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Risk and Information Systems Control (CRISC) professional and Certified Information Systems Security Professional (CISSP). He is also a Certified Information Privacy Manager (CIPM) and a Certified Information Privacy Professional / Europe (CIPP/E).

Johan Schauman
Head Digital Co-development, Swedish Tax Agency

Johan/Mr Schauman has been working at the Swedish tax agency for almost twenty years in many different roles. More recently as a change leader for the agency´s digital transformation and currently as head of co-development, creating prerequisites and enabling external parties to develop solutions with the agency´s data, code or professional experience and expertise. He is utterly convinced that the only way to create a sustainable digital community is through collaboration between the private and the public sector.

Christian Abdelmassih
IT Security Specialist, Swedish Police Authority

Christian works with Enterprise-level Security Architecture and InfoSec-related tasks at the IT Security Division of the Swedish Police Authority. Before focusing on security, he was a Full Stack Developer and DevOps enthusiast. He supports developers in building secure web apps and sysadmins in safer operations. Today, he implements access controls, identity and access management solutions, conduct audits and risk analyses and secures one of the most important organizations in Sweden

John Wallhoff
President, ISACA Sweden Chapter

John Wallhoff (CISA, CISM, CISSP), President of ISACA Sweden Chapter & independent advisor. He is an experienced expert in the field of IT-Governance, IT Service Management and Information Security. Over the past 25 years he has been working with a wide range of organisations in different industries/sectors.

Mark De Simone
VP Global Sales Operations, WALLIX

Mark De Simone is an energizing global CEO and entrepreneur for innovative businesses which create significant customer, employee and shareholder value. He leads the international operations of Cybersecurity leader WALLIX, the Privilege Access Expert from Europe with a focus on Nordics, UK, Italy, Middle East, Pakistan, Africa, Asia Pacific and India. He is also leading the Industrial Cybersecurity Practice for the company focusing on vulnerability challenges of Industry 4.0 and the interaction between OT and IT in today’s factory environments. 

Mark is a McKinsey alumnus and spent his business formative years with General Electric in the Healthcare sector in the USA and France, then as a Cisco VP driving the adoption of new services models in telecom leading the emerging markets, as an entrepreneur led a Management Buy In and created a Cloud Telco in 2012 called Clouditalia where he was CEO . Mark has been active in Cybersecurity starting at Cisco and Safety as CEO of Aegate to verify Medicine authenticity. Mark is based in London and has also an office in Paris.

Andrew Beckett
Managing Director and EMEA Cyber Risk Leader, Kroll

Andrew Beckett is a managing director and EMEA leader for Kroll's Cyber Risk Practice. Andrew began his career at GCHQ where he held a variety of roles including head of the branch responsible for providing cyber security advice to government departments and penetration testing.  He also served in the Organization for the Prohibition of Chemical Weapons (OPCW). This is an International Civil Service organization operating under the auspices of the UN where Andrew was the first head of the Office of Confidentiality and Security and charged with setting up this team. Andrew went on to run his own commercial consultancies before joining Airbus Defense and Space in the UK as the head of Cyber Defense, a role he filled for five years before joining Kroll. Andrew is a visiting professor of Cyber Security at the University of South Wales.

Conny Larsson
Chairman, Sig Security

Conny is the chairman of Sig Security, a Swedish non-profit organization specialized in information and IT security. Conny has a master degree in Law and IT and is specialized in Telecommunication and Information Technology Law. Between 2009 and 2017 he worked for the Swedish law firm Gärde & Partners AB in Stockholm and now in his own law firm since 2018. Before that he was a corporate counsel at the major Swedish telecom operator TeliaSonera for nearly fifteen years and also at Flextronics Network Services. In addition he was a legal counsel at the Swedish Telecom Agency and the Swedish Enforcement Agency. Altogether he has been working as a lawyer specialized in Law and IT for more than 30 years.

Kjell Löfgren
President, CSA Sweden Chapter

Kjell has 15 years of experience in Cyber ​​Security. In 2018 he became chairman of the Cloud Security Alliance Swedish chapter. He also works at NCC Group as Regional Manager, Sweden. Among other things, Kjell participated and built up Stay Secure, which became the Swedish market leader in E-mail Security. He also has many years of experience in EDR, Endpoint Detection and Response, SIEM and Web Security. 

Jacob Eborn
Senior Privacy Consultant, OneTrust

Jacob Eborn is a Senior Privacy Consultant for OneTrust EMEA, the #1 most widely used privacy, security and trust technology platform trusted by more than 5,000 companies to comply with the CCPA, GDPR, ISO27001 and hundreds of the world’s privacy and security laws. At OneTrust Jacob, works with GDPR Project teams and C-level stakeholders in the Nordics to automate and strengthen their core privacy processes. Jacob has over 10 years of software industry experience, working with organisations throughout the Nordics and globally to help enable change and transformation programs. Jacob has a Master of Science, Business and Administration and holds a CIPP/E Certification.

Sarah Backman
Cybersecurity Consultant

Sarah Backman is a cybersecurity consultant at Secana AB and a PhD-student at Stockholm University with a focus on cyber crisis management. Sarah has extensive experience working with strategic cybersecurity issues, crisis management and privacy issues in both private and public sectors.

James Tucker
Sales Engineering Manager, Zscaler

Originally from the Washington, D.C. Area, James Tucker has been working in network security since 2006. He is passionate about Intrusion Prevention and gateway security. For the past 11 years, he has been based in Stockholm Sweden, working for many of the top security vendors. Today, he leads Zscaler's sales engineers in Northern Europe. He is also interested in Intellectual Property and privacy laws, and enjoys craft beer, a good cigar, and malicious packet captures

Sivan Harel
Regional Sales Director, Northern Europe & Israel, Pcysys

Sivan specializes in consultative sales to C-Level executives at large corporations. Sivan has held several Sales Management and Account Management positions in global companies, such as Comverse, Hewlett-Packard, Earnix, and now Pcysys. Sivan combines people and process consulting, with deep cybersecurity subject matter expertise to solve business problems while introducing a complete solution

Chris Sherry
Regional VP, EMEA Central - ForeScout Technologies Inc.

Chris Sherry joined ForeScout Technologies in 2016 as Regional Director for UK&I and Northern Europe. After successfully growing the team and increasing revenue consistently over three years, he recently took on a new challenge and now leads the Central Team which covers the DACH region, Nordics and Benelux. 

In this role, he provides strategic and commercial leadership for ForeScout’s private and public sector programs in this region as well as driving customer awareness on technology use cases such as IT/OT convergence, ransomware and disruptionware. 

Chris is passionate about helping organizations embrace the proliferation of IoT devices and cloud adoption to enable better service and protect customer data. He regularly participates in speaking engagements on continuous monitoring, visibility, access control and automation. 

Prior to joining ForeScout Technologies, Chris worked in senior leadership roles for F5 and Dell. 

Martin Bergling
Board Member, Sig Security

Martin is a Senior Security Consultant at NIXU. Martin has a broad security background and has previously worked as Deputy Security Manager at the Central Bank of Sweden and as technical manager at FMV / CSEC, Sweden's certification body for IT security. He has also worked with project management, risk analysis, requirements specification, accreditation and security audits at IBM, the Swedish Armed Forces and Telia. Martin has several certifications, e.g. CISSP, CISA and CRISC, and he is also involved in SIG Security, ISACA and Dataföreningen in Sweden.

Fredrik Forslund
Vice President, Enterprise & Cloud Erasure Solutions

Vice President, Enterprise & Cloud Erasure Solutions

Fredrik Forslund serves as Vice President, Enterprise & Cloud Erasure Solutions for Blancco. With a keen eye for streamlining corporate IT security efficiencies and maintaining compliance with data privacy legislation, he is often regarded as a trusted advisor among customers. Forslund understands the operational, financial and cultural nuances of driving global business growth. When he’s not guiding customers through data erasure, or working with Blancco’s internal teams, he can be found speaking at industry conferences.

Tilman Epha
Sales Director

XM Cyber – Defense by Offense

Even when your organization has deployed and configured modern security controls, applied patches and refined policies, can you be assured no attack vectors still exist from mistakes and human error? By the current way you are checking your security, how can you know that you haven’t made your security posture vulnerable? Are you able to prioritize your security projects to remediate issues that could directly impact your most critical digital assets?

Join Tilman while he discusses the most advanced attack simulation modeling system available for today’s complex networks and get decisive answers:

  • Are your organization's most critical assets really safe?
  • Do you see your network with the eyes of a hacker?
  • Do your blue and red teams work in perfect harmony, continuously and 24/7 to simulate and remediate breaches?
  • Do you get a prioritized actionable report of most critical issues to be fixed and how to fix them?

Tilman Epha

Tilman Epha is responsible for the DACH region at XM Cyber as Sales Director from the Munich office. Tilman Epha has worked in the IT industry for more than 20 years. After studying economics in Erlangen and Nuremberg, the 54-year-old worked as a consultant in the aviation industry with stations in East Africa, South America, and the Caribbean. He then began a successful career in the IT industry with stations at a Munich system integrator, Aladdin Knowledge Systems/SafeNet, CyberArk, Cyberbit, and Exabeam.

Robert Kitunzi
Editorial Director


Registration Starts

Moderator's Opening Remarks

Cyber Security for critical infrastructure: How to prepare and respond to cyber threats?

Critical infrastructure requires different aspects for risk management to be considered and enforce different priorities when designing the infrastructure due to potential impact from failures, but still the basics of cyber security remain the same. In this session we will touch some of the concerns in relations to sectors of critical infrastructure addressing following questions; 

  • What specific risks are necessary to manage?
  • How can providers of infrastructure products assist?
  • Is it feasible to use cloud services?

Swedish National Security in a global business perspective

This presentation will explore how the "New Swedish National Security Protection Act" is putting a lot of demands on those who are engaged in “Security sensitive activities” 

Key takeaways:

  • How does the protection Act apply to a multinational and global business?
  • For whom is the Swedish National Security important?
  • Who is responsible for Swedish National Security?
  • Who will pay for the needed investments?

How to allow change and stay secure: A case study of the Swedish Police Authority

In this keynote, Christian talks about the challenges facing the Swedish Police authority. Due to the nature of police work modern tools, high availability and mobility is needed without compromising information security and confidentiality. By combining information security and technical testing and surveillance the police authority allows modernization with a high degree of control.
Key  takeaways:

  • How do you stay on top of  IT-security in a complex environment and a rapid development pace? 

1500+ Cyber Investigations Later: Trends To Beware

Having investigated over 1,500 cyber incidents worldwide in 2019 across a wide range of industries, Andrew will share battle-tested insights – a deep dive into the growing sophistication and latest threats, as well as actionable steps to strengthen preparedness, detection and response within your organization. 

Key takeaways:

  • What are the latest developments in ransomware, and how does the growing trend of data exfiltration impact organizations?
  • The ever-present threat posed by social engineering, and examples of how a strong security culture can help mitigate it

Coffee Break & Networking In The Expo Area

The Breakout Sessions

A Strong Finish: Disposing of Data Securely & Completely in a Post-Covid World

Drawing on industry research, best practices and case studies, we’ll explore why enterprises must address end-of-life data more efficiently and precisely than ever before. We will show you how enterprises can ensure data security throughout the data lifecycle, comply with data protection laws, and align data disposal policies with regulators and environmental goals.We’ll also look at how to target regulated data within traditional endpoints (including remote workplaces), live environments (onsite or in the cloud) and decommissioned IT assets (drives and devices). You’ll also learn how application integrations and cross-vendor cooperation can help you comply with regulations and secure your data.


  • Current innovations and best practices for data sanitization in the post-Covid hybrid work environment
  • Adequate and inadequate disposal methods for active data and end-of-life IT assets
  • How many large enterprises are putting data at risk with current practices
  • How data erasure supports environmental stewardship and social responsibility policies
  • How to address sensitive data in the cloud (including AWS and Azure public clouds) and overcome data migration “spillage”
  • Best practices for automation and integration into third-party asset management solutions like ServiceNow

Automated Penetration Testing: The Latest Advance in Security Validation

In this session Pcysys will discuss the value Automated Penetration Testing brings by enabling continuous risk validation and raising and maintaining your cyber resilience to the highest level. Get a glimpse of how this unique technology will provide you with prioritized cost-effective remediation and improve your network's cyber security posture.

  • Why is manual penetration not enough?
  • How does Automated Penetration testing work?
  • How can Automated Penetration testing reduce cost, increase security resilience and provide contextualized remediation suggestions?
  • How can automated penetration testing enable you to continuously validate your risk and challenge all of your security investments?

Device Visibility and Control: Build and Deploy Network Segmentation at Scale

The mass expansion and proliferation of IT, IoT and OT devices poses new questions to network security: Legacy and vulnerable devices, non-compliant and misconfigured endpoints, and IoT and OT devices must all be identified. Without a complete picture of connected devices across network domains, the ability to act quickly to mitigate risks is all but lost.The increased inter-connectivity across the campus, data center, cloud and operational technology, drives a further growth in complexity in today’s networks and associated security risks

Key Takeaways:

  • Please join Forescout Technologies, Inc. in this session to learn how to build and deploy network segmentation at scale.

Risk Exchanges: The Key to Vendor Risk Management Efficiency Powered By OneTrust

Your vendors often handle your most sensitive data. This presents new challenges as third-party risk, security, privacy, legal and IT teams struggle to vet and manage the vendors they rely on most. 
Key takeaways:

  • OneTrust will discuss emerging vendor management trends and breaks down how risk exchanges are key to more efficient business operations

It’s time to rethink your model: Sassy new ideas

The future of network security is in the cloud! - There have been several major shifts in computing technology, networking, mobility and cloud. Each has caused us to rethink the ways in which we do business. In this presentation, James will provide some insights into how we got here, what the future may hold, and what you can do today to better enable your digital business. 

Lunch Break - One-to-One Meetings

Round Table Discussion Sessions

Cyber Security for critical infrastructure: How to prepare and respond to cyber threats?

In this round table session John will use the ENISA definition of security measures for operators of essential services (OES) to discuss what best practice and baseline security measures to be applied and relate it to our joint experience from working with cyber security. 

The targeted sectors for this session include; Energy (Electricity, Oil & Gas), Transport (Air, Rail, Water, Road), Financial & Banking, Healthcare, Drinking Water Supply & Distribution, Digital Infrastructures.

“When can we achieve sufficient efficiency? With infinite ways of breaching security how do we implement countermeasures to be secure enough?”

It is hard to keep track of our it-environment as new initiatives are taken, transformation to cloud and mobility is constantly moving. This session is a discussion about how we manage to take control over a complex situation and how we decide what countermeasures are needed to obtain adequate security.

Key takeaways:

  • How do we keep track of all attack vectors in our it-environment?
  • Guidelines, standards, ways-of-working.
  • How do we avoid overlapping, cluttering and gaps in our protection?
  • Who has the IT-security map for real?
  • How do we define enough?

Penetration testing: Godsend or necessary evil?

The expansion of regulatory frameworks in multiple domains (e.g. PSD2, NIS, GDPR) had led to increased focus in how organizations manage their Information Security and how they verify that the deploy effective controls. One of the verifications methods suggested is the execution of a penetration test on regular (or well-defined) intervals. But, do these mandatory penetration tests add value to the target organization? Or is it just to check one more box in a long compliance checklist? 

Key takeaways:

  • What are your experience with penetration testing?
  • How can one select the most appropriate vendor for the activity?
  • What do you (as a customer of the test) want to see more of (or less of)?

Information Security Awareness & Training Initiatives

In this round table session, Secana will explore information security awareness and cyber hygiene as a mean to improve cyber security within organizations and, by extension, in society at large. The session will entail discussions on best practices to improve information security awareness within organisations in various sectors and at various levels, including training initiatives and exercises.

Key takeaways:

  • What does it mean to have sufficient information security awareness/cyber hygiene in an organisation?
  • What role does information security awareness play in the enhancement of societal cybersecurity and resilience?
  • What measures have been proven effective to improve information security awareness in organisations?
  • How can training initiatives and exercises improve information security awareness and skills within an organisation?

TIBER EU, the European framework for Threat Intelligence-based Ethical Red Teaming

The TIBER-EU has been developed by the European Central Bank. The purpose is to establish a common framework for testing, and improving, resilience against sophisticated cyber attacks. The TIBER-EU framework has been designed for companies and organizations that are part of the core financial infrastructure, whether national or European. However, it can also be used for all types or sizes of companies and organizations in the financial and even in other sectors.
Key takeaways:

  • Advantages and disadvantages of TIBER EU?
  • What obstacles need to be crossed to implement TIBER EU?
  • How can / should we prepare for the introduction of the TIBER EU framework?
  • How will TIBER EU affect your organization and your daily work?  

How Should Security Leaders Embrace the Intertwining of Compliance, Privacy, and Cybersecurity?

We’re seeing a deeper convergence of compliance, privacy, and cybersecurity as key elements of a core business strategy. This round table will explore whether security leaders are equipped to support the business and how security can influence other areas of the business without posing obstacles.  

Key takeaways:

  • Successful examples of security leaders effectively working with and supporting the general counsel, compliance, and other areas of the business
  • How security leaders can help structure a privacy management program that’s embraced by the business
  • The role of security and compliance leaders in the implementation of AI projects to avoid biases and oversight

Cloud requirements and opportunities - how can technology, law and business meet?

This round table session will be hosted by Conny Larsson and Martin Bergling  who are both Board Members at SIG Security.

Key takeaways:

  • "Everything should be outsourced to the cloud!"- But is there information that cannot be outsourced? If so, which one?- How can one handle a separation between the two types of information?
  • Our confidence in the cloud suppliers- Can we have confidence in that security requirements are met? How?- What role does the Cloud Act and Patriot Act play for our trust in suppliers affected by these requirements?
  • Conflicts of interest between new business opportunities and regulatory changes- How should legislation or other regulation be modified so that new business opportunities, e.g. based on cloud services or other new technology, can be utilized?- Is it eg appropriate to specify requirements and conditions in law, or should they be given in regulations or other directions from the regulator or supervision authorities?
  • About 95% of personal data incidents reported to the Swedish Data Inspection Board (‘Datainspektionen’) are closed, and as a private individual you can never receive relevant compensation in a possible dispute.- Can we, as individuals or companies, trust GDPR to work?- Or is GDPR and ‘Datainspektionen’ just window dressing?

Cloud requirements and opportunities - how can technology, law and business meet? - Co-Host

Coffee Break & Networking In The Expo Area

“Tax by design – the Swedish model goes tech”

The Swedish tax agency does not think that just smoothing och tuning  it's old processes is enough to maintain trust from it's own customers. If we want people and businesses to keep paying tax voluntarily, we need to step up and offer them the possibility to handle tax in their own preferred environment, integrated in real time transactions. To pull this through, we need completely new technical solutions and business models. This offers many serious challenges, not the least from an it-security perspective.

Key takeaways:

  • Everyone is talking API´s, and so are we. But why has it been so hard for us to walk the talk? 
  • Why is the API strategy so crucial for our transformation? 
  • Securing data and the integrity of the customer in house is hard enough; How will we manage security if we share your data to others? 

    New Technologies and the changing Cyber Security Landscape

    Today's increased cyber attacks and breaches have prompted us to act fast and with precision thanks to the new emerging technologies. With Ai, Machine Learning, Blockchain, Big Data, IoT and Cloud, it's  safe to say we are facing a paradigm shift.

    Key takeaways:

    • What are biggest challenges in terms of the new landscape?
    • Do we have sufficient skilled security workforce to drive current and future projects? Or do we need the same people in the near future as we have now?




      Defense by Offense

      Even when your organization has deployed and configured modern security controls, applied patches and refined policies, can you be assured no attack vectors still exist from mistakes and human error? By the current way you are checking your security, how can you know that you haven’t made your security posture vulnerable? Are you able to prioritize your security projects to remediate issues that could directly impact your most critical digital assets?

      Join Tilman while hes discusses the most advanced attack simulation modeling system available for today’s complex networks and get decisive answers:

      Privilege Access Management Applied to Industrial IT-OT Processes

       A photograph of the current challenges in adapting Cybersecurity policies and discipline across the continuum of IT and OT. Existing risks and vulnerabilities in extending the perimeter of Cybersecurity protection across operating environments in critical infrastructures, factories, and office environments with an explosion of IOT devices and gateways. The cultural challenges of understanding what are the differences between the well standardised world of IT and the heterogenous world of operations and industrial controls. The session presents several use cases and examples from several segments. It highlights the practical challenges from companies in automotive, transport, energy and public sector who are implementing projects at the global level and are faced with significant change management processes

      Ket Takeaways:

      • What IT-OT security approaches have been tried and failed . Which have worked and Why?
      • What are the key principles underlying a positive outcome?
      • What are the overall benefits in mitigating what is in essence the reputation risk of large and complex organisations?
      • What can we expect from future developments?

      Event Chairman's Closing Remarks

      Editorial Director

      Networking Cocktail Reception Starts

      7A Odenplan is an accessible and modern venue occupying a floor plan of 2000 sqm with a large courtyard. It offers flexible rooms, good food and a roof terrace that overlooks Odengatan with a fantastic panoramic view of the city of Stockholm.

      7A Odenplan has a perfect city location with subway, commuter train and most city buses a few steps from the entrance. those who intend to drive a car, there is a parking garage in the house below with direct access up to the meeting room. Warm welcome!

      Address: Norrtullsgatan 6, 113 29 Stockholm Visit venue at:

      By Subway from T- Centralen: • Take the green line with train no.s: 17, 18 & 19 on the subway from Stockholm Central towards any of the following destinations: Odenplan, Alvik, Åkeshov, Råcksta, Vällingby and Hässelby Strand.

      • Get off at Odenplan - approx travel time 4 minutes.

      • From the Subway station it takes 2 minutes to the venue, 7A Odenplan. Use Google Maps and you will be there in no time. There is a subway going every 5 minutes.

      By Train from Central Station • Take the commuter train from Stockholm Central towards any of the following destinations: Märsta, Kungsängen, Uppsala and Arlanda Airport.

      • Get off at Odenplan station - approx travel time 4 minutes

      • From the underground it will take at least 3 minutes’ walk to get out of the station. Then approx. 2 minutes to the venue, 7A Odenplan. Use Google Maps and you will be there in no time.

      • The commuter trains go 4-6 times per hour.

      By car Address: Norrtullsgatan 6, 113 29 Stockholm, Sweden

      By taxi We recommend the following companies: Taxi Stockholm +46 88-15 00 00 Taxi Kurir + 46 88-30 00 00 Taxi 020 + 46 20-20 20 20


      Welcome to the 4th Edition of the IT Security Insights 2020.  It is a great pleasure to have you on this year's edition as it might well be the most important one so far. As we are still in the middle of the COVID-19 Pandemic, many wonder how society and business will look like in a year.  We are all hoping for quick V economic recovery, but also aware that business and society has already changed dramatically. It seems like the pandemic worked as a "black swan" scenario that has pushed us forward 5 years in terms of digitalisation and workplace distribution. That might be great in many instances but not in our area of work. Since March most of their businesses have their employees working from home. This resulted in a rapid increase of cyber attacks targeting private people and organisations. Recent one being the tech giant Twitter. The importance of IT security has never been bigger than today. 

      This edition will provide insights into the biggest challenges faced by leading Nordic and global organisations. The main themes include: Vendor Risk Management, Cyber Security for Critical Infrastructures, The New Swedish Protective Security Act, IoT Security & Device Visibility Control, Penetration Testing, Cloud Security, TIBER EU Framework, Security Compliance, information security training initiatives and latest cybercrimes. 

      With over 22 speakers confirmed to date, 8 round tables sessions, 8 breakout sessions, a panel debate, 19 partners so far in the exhibition area, this year's conference offers a lot of interactions, networking and discussion opportunities provided by both the virtual event and onsite event formats that you cannot afford to miss. 

      After much consideration due the recent COVID-19 pandemic, we have decided that this year’s Edition will be partly online and partly hosted at 7A Odenplan in Stockholm, Sweden where participants can attend the conference in person.


      The online programme is an exact digital version of the physical onsite programme. It will provide you opportunities: to create your own agenda, access to all event sessions and tracks, visit virtual booths, engage with speakers, chat one on one with exhibitors and fellow visitors to mention but a few.LIVE STREAMING:The entire programme will be streamed live powered by Myconnector’s event platform.


      We shall also be hosting conference participants at the designated conference venue. Different from the online participants, you are in a position to attend the full conference programme in person. All visitors are guaranteed to attend all conference sessions and tracks of their own choice, luncheons, connect and network with all partipants onsite, engage in one-to-one meetings and much more.

      Looking forward to seeing you in October.


      Robert Kitunzi