CSA & SIGS Special Event

Insights into Zero Trust, Unpacking Trends in AI & Security and Regulatory Compliance Across Industries

Join us on (postponed to early next year) and earn xxx CPEs

(registration will be closed xxx - seats are limited)
Very happy to present a joint event with Cloud Security Alliance, great speakers from around the world and hot topics!

In addition we proudly presents to great workshops:

(date will follow soon):
SASE Workshop with Bob Gilbert, Vice President of Strategy and Chief Evangelist at Netskope USA - according Gartner the leader in SSE

(date will follow soon):
Zero TrustWorkshop with John Kindervag - the creator himself!

Looking forward to see you there,

As always: sales peoples (incl. CEO's and Founders), vendors, consulting companies like the big4 and all peoples who just like to sell their products or services are not allowed to take part at SIGS events. Exeption in this case are Cloud Security Alliance members.

Location Sponsor

UBS Conference Center Grünenhof
Nüschelerstrasse 9, Zurich

Eventually short notice change:
UBS Aula
Max-Höngger-Strasse 80

(to be defined and hopefully coming soon!)

Transfer & Parking
(details will follow)

Participation Fee
USD 85.-- per day
You may register for day 1, day 2 or both days
Schedule Day 1 - Security and Regulatory Compliance Across Regulated Industries & Artificial Intelligence
09:30 Am
Registration & Welcome Coffee
10:00 AM
Welcome Note CSA and start part 1 - Security and Regulatory Compliance Across Regulated Industries by Linda Strick, EMEA Managing Director Cloud Security Alliance
10:10 AM
Fireside Chat Fireside Chat with Paul McEwen, Global Head of Technology Services und Sir Rob Wainwright, Group CISO at UBS AG
Cyber security challenges are constantly and rapidly evolving with technological capabilities. This Fireside Chat will cover how UBS as world leading Financial Institution continually innovates to keep information security at top levels by creating and enforcing controls and standards, and by being at the forefront of leveraging new technologies to detect, mitigate and respond to cyber threats.
11:00 AM
Panel with Rolf A. Becker, Sébastien Contreras, Agata Szmigiel and David Rosenthal
Cloud Security Alliance Leads Enterprise Authority to Operate (EATO) Working Group and Partner at VISCHER Attorneys

Certification as a Service: Trusted Controls Compliance with Reduced Cost
EATO introduces a global, trusted and independent assessment service according to the CSA’s industry leading security control framework, to provide a trusted assurance for Corporate Customers which are heavily regulated. The certification includes a controls compliance audit, resulting in guided remediation of deficiencies to achieve architectures to be compliant with the CSA information security and privacy certification schemes. This is embedded in a legal and information security governance framework for the organization to sustainably execute controls at a high level.
11:50 AM
Digital Operational Resilience Act (DORA): topic tbd
Speaker tbd
(details will follow)
12:30 PM
13:30 PM
Pentesting for DORA tbd
Speaker SCRT tbd

(details will follow)
14:10 PM
Start Part 2 - Artificial Intelligence

Lars Ruddigkeit, Thought Leader in Cloud, Data & Artificial Intelligence at Global AI Hub

Why Model Explainability is essential for Cyber Security?
Cyber security is a critical domain that relies on machine learning to detect and mitigate various threats and attacks. However, many AI/ML models are complex and opaque, making it difficult for human users, designers, and adversaries to understand their logic and reasoning.

This lack of transparency can lead to mistrust, misuse, or manipulation of the models, which can have serious consequences for cyber security. Therefore, there is a growing need for explainable AI (XAI), which aims to provide human-interpretable explanations for the predictions and decisions of AI/ML models.

We will also highlight the ethical and social implications of XAI such as privacy, fairness, accountability, and trust. We hope that this talk will inspire the cyber security community to adopt and leverage XAI techniques to enhance the effectiveness and robustness of the systems they try to protect. Furthermore, we believe Adversarial Machine Learning domain and Cyber Security domain will be converging in the future.
03:00 PM
Yaniv Shechtman, Head of Productmanagement Threat Prevention at Check Point (Israel)

The acceleration of AI and GenAI-based attacks: ways to prevent them
(details will follow)
03:30 PM
Coffee Break
04:00 PM
Martina Arioli, Attorney-at-law at Arioli Law

AI and Legal Implications
Artificial intelligence (AI) is rapidly advancing and is increasingly being integrated into various industries and aspects of our lives. Generative artificial intelligence, including large language models such as ChatGPT, are powerful new tools for individuals and businesses. They raise a number of legal and ethical issues about how data is used in AI models and how the law applies to the output of those models, such as a paragraph of text or a computer-generated image. In this presentation some of the key legal issues related to AI and the implications for businesses and individuals will be explored.
04:30 PM
Presentation 4 - Rubrik
(details will follow - something around how Rubrik see Artificial Intelligence)
05:00 PM
Presentation 6
05:30 PM
Apéro Riche incl. Networking and Know How Sharing
Schedule Day 2 - Zero Trust
09:30 Am
Registration & Welcome Coffee
10:00 AM
Welcome Note CSA by Linda Strick, EMEA Managing Director Cloud Security Alliance and start part 3 - Zero Trust
10:10 AM
John Kindervag, Creator of Zero Trust and Senior Vice President, Cybersecurity Strategy and ON2IT Group Fellow

Win The Cyberwar With Zero Trust
Zero Trust is revolutionizing network security architecture: it is data and device-centric and designed to stop data breaches while protecting critical infrastructure and making cyber attacks unsuccessful. In this session, John will discuss the concept of Zero Trust and explains why Zero Trust is the world's only true cybersecurity strategy. In 2020, President Biden issued an Executive Order mandating that all US Federal Government Agencies move towards adopting Zero Trust.

Zero Trust is both strategically resonant to the highest levels of the business but also practically and tactically implementable using commercial off-the-shelf technologies. Because Zero Trust focuses on providing granular protections around sensitive assets, this architectural model - which designs the network from the inside out - is perfectly positioned to solve the security challenges of modern critical infrastructure and IOT networks. For example, Zero Trust networks protect East-West traffic by default by enforcing micro-perimeters around critical assets or data. Therefore, internal malware propagation is stopped automatically.

Zero Trust innovations also add a layer of agility to modern networks that is impossible to achieve in traditional network designs. This means that your network can respond to the speed of business. These 21st-century networks have been adopted by large enterprises and government entities around the world.

John will explain how a Zero Trust Network Strategy will achieve tactical and operational goals that make security organizations a business enabler, not a business inhibitor.

Key Takeaways
Zero Trust is the world’s only real cybersecurity strategy
- Zero Trust has Business Value and resonates with the highest levels of your business
- Zero Trust is Implementable Using Commercial Off-the-Technology
- Zero Trust is not risky. It augments the existing networks and enables a smooth transition from a legacy network to a Zero Trust network over time
11:10 AM
Coffee Break
11:40 AM
Stefan Kopp, Senior Expert IT Security at Deutsche Telekom Security GmbH

(details will follow)
12:10 PM
Bob Gilbert, VP GTM Strategy and Chief Evangelist at Netskope (USA)

Strengthen Your Security Program By Combining Zero Trust with SASE
The shift to the cloud, the transition to remote work, and digital transformation render legacy, datacenter-centric security architectures ineffective in defending against threats, protecting sensitive data, and ensuring that users have unfettered access to the resources they need to get their work done.

Join this session to learn about a more practical approach to security that combines Secure Access Service Edge (SASE) and zero trust principle alignment to ensure security controls follow the data and app performance follows the user.

Key topics covered:
- Introduction to SASE and Security Service Edge (SSE)
- Business value outcomes derived from SASE
- Importance of context when combining SASE with Zero Trust
- Introduction to high-impact use cases
12:45 PM
01:45 PM
Geriet Wendler, Solution Architect Manager at Infoblox
(details will follow - something around how Infoblox see Zero Trust and their approach to it)
02:15 PM
Christer Swartz, Director Industry Solutions at Illumio (USA)

Zero Trust, Independent of Network Security
Zero Trust requires a security model which is independent of traditional network or cloud security models. Every workload needs to be segmented against every other workload, at any scale, and workload segments cannot rely on network segments. Workloads and networks have different security priorities, and each needs to be addressed independent of the other.

Join this session to learn how to create a Zero Trust security model without re-architecting the network.
02:45 PM
Nikola Novoselec, Enterprise Security Architect / Head of Zero Trust Cybersecurity at Swiss Post

Zero Trust @ Swiss Post

Hands-on with the Swiss Post Zero Trust journey. Mapping the theory to practice, breaking down the complexity, figuring out where to start, how to prioritize and how to create the strategy, roadmap, and technical architecture for implementing Zero Trust.
03:15 PM
Coffee Break
03:45 PM
Klaus Haller, Senior Security Architect at AXA

Protecting User and Technical Accounts in the Public Clouds
As enterprises move more and more workloads to the cloud, authentication mechanisms in cloud ecosystems become crucial cornerstones for every cloud security design - especially when organizations internalize zero-trust principles. So, which cloud-native options exist to protect personal, technical, and high-privileged accounts? What are the differences between IaaS, PaaS, and SaaS – and multi-cloud and hybrid cloud architectures? And finally, what are the implications of the Azure Sinigng Key Loss (Storm-0558) for IT departments? Based on his work experience with Azure and GCP as a security architect for AXA in Switzerland, Klaus gives an overview of authentication challenges and features for the public clouds.
04:15 PM
Presentation 5 - SCRT

(details will follow - something around SCRT's view of Zero Trust and their approach to it)
04:45 PM
Panel Discussion moderated by John Kindervag
05:15 PM
End of the Event
Contributors & Moderators
Below you will find our contributors and speakers to whom we say a big thank you !
Linda Strick
Director CSA EMEA
Further information at Linda Strick | LinkedIn

Special Guest

John Kindervag
Creator of Zero Trust and Senior Vice President Cybersecurity Strategy and ON2IT Group Fellow
Further information at John Kindervag | LinkedIn


Martina Arioli
Attorney-at-law at Arioli Law
Further information at Martina Arioli | LinkedIn
Rolf A. Becker
CSA Enterprise Authority to Operate (EATO) Chair
Bob Gilbert
Vice President, GTM Strategy & Chief Evangelist at Netskope (USA)
Further information at Bob Gilbert | LinkedIn
Klaus Haller
Senior Security Architect at AXA Switzerland
Further information at Klaus Haller | LinkedIn
Stefan Kopp
Senior Expert IT Security at Deutsche Telekom Security
Further information at Stefan Kopp | LinkedIn
Paul McEwen
Global Head of Technology Services at UBS
Nikola Novoselec
Enterprise Security Architect / Head of Zero Trust Cybersecurity at Swiss Post
Further information at Nikola Novoselec | LinkedIn
Lars Ruddigkeit
Thought Leader in Cloud, Data & Artificial Intelligence at Global AI Hub
Further information at Lars Ruddigkeit | LinkedIn
Yaniv Shechtman
Head of Productmanagement Threat Prevention at Check Point (Israel)
Further information at Yaniv Shechtman | LinkedIn
Christer Swartz
Director Industry Solutions at Illumio (USA)
Further information at Christer Swartz | LinkedIn
Sir Rob Wainwright
Group CISO at UBS AG
Geriet Wendler
Solution Architect Manager at Infoblox
Further information at Geriet Wendler | LinkedIn
Contact Us
If you have any questions or you like to get information about further events, please do not hesitate to contact us!
 Join us on (to be defined)
We look forward to hosting you!

Processing Registration...