Bastian Schäfer, Head of Group Cyber Defense at Helvetia Insurance Group

From One-Man Band to Conductor of Cyber Resilience: Orchestrating the Future of Security Operations
Evolving the SOC from technical firefighting to strategic and data-driven coordination, governance, control enabling the business to deliver despite cyber threats and attacks.

The Security Operations Center (SOC) is undergoing a seismic shift. Traditional, centralized alert-driven SOCs are being outpaced by technical and organizational complexity and the speed and scale of modern threats.
In response, leading organizations are dismantling the outdated centralized model and are evolving the SOC into something far more strategic: a conductor of orchestration and collaboration across the cyber resilience capabilities directly embedded and federated across the various digital business processes. This next-generation model embraces governance, data-driven decision-making, and service-centric design, transforming the SOC from a central operational function into a central nervous system for an organizations cyber resilience.

A key theme of this transformation is the evolution of SOCs into Cyber Fusion Centers or Cyber Defense Center of Excellence - non-operational, strategic entities that provide oversight, governance, and coordination across distributed security capabilities. These centers don't replace security monitoring or incident response; instead, they decentralize the execution of security tasks, empowering system experts and teams closest to the data to prepare proactively and act quickly to cyber threats. While the adaption and response to cyber threats is distributed, governance, data-driven control, and near real-time oversight are maintained, ensuring strategic alignment and consistency across the various IT services and digital business processes.

Ivan Stevanovic, Head Group IT Risk Management & IT IKS
Fabian Bobst & Florian Matt, Group IT Risk Management & IT IKS at Helvetia Insurance Group

Unlocking Business Value through Risk Quantification – from Cyber to Operational Risk Management
This session shortly introduces participants to the FAIR model (Factor Analysis of Information Risk) as a powerful framework for quantifying risk in financial terms. Unlike traditional qualitative approaches, the FAIR model enables organizations to express risk as loss exposure in amounts of money, making it directly relevant to business decision-making.
 
We will together explore the value proposition of risk quantification through FAIR, emphasizing how it transforms the role of the Risk Management functions. Rather than acting as a compliance enforcer focused on control checklists and regulatory standards, Risk Management becomes a strategic, tactical and operational influencer - one that helps create and safeguard business value by enabling informed, cost-effective decisions regarding risk and controls.
 
The session is designed for risk and security professionals who are interested in aligning risk management with business performance. It is particularly relevant for those seeking to communicate risk in a language that executives understand and appreciate: profit and loss.
 
Participants will get a short introduction on how FAIR provides transparency into loss exposure, helping organizations understand the true meaning of risk. We will then explore how the output of the model also can be used as an input to clarify the value of controls, allowing teams to evaluate investments using financial metrics such as Net Present Value (NPV) and Internal Rate of Return (IRR), and thereby making better business decisions by identifying opportunities to reduce costs and optimize risk mitigation strategies. We will also touch upon the scalability of FAIR beyond cyber risk, showing its potential application in IT and operational risk management systems. To close, we will consider the limitations of the model, including the dependency on data quality and the assumptions required for analysis.

Alexander Bösch, Head Security Partners at SIX Group

Cyber Risk Quantification to Challenge Traditional Voodoo Risk Management
Cyber risk quantification can bring structure to decision-making and challenge traditional voodoo risk management. However, the path from theory to practice is rarely straightforward. In this session, we’ll look at common hurdles such as resistance to change, the continued reliance on risk maps, and the question of how far and how fast to move. Based on experience in a highly regulated environment, we’ll discuss what works, what doesn't, and where the limits of quantification became clear.

René Buff, Head Center of Excellence Cyber at Helvetia

Cyber Risk & Insurance – Closing the Protection Gap
In an era where digital transformation drives innovation, it also opens the door to increasingly sophisticated cyber threats. From ransomware to AI-powered phishing, the risks facing enterprises are growing in both scale and complexity. Yet, many organizations remain underprepared despite growing awareness. Many businesses lack not only robust cybersecurity measures but also the insurance coverage needed to recover from a breach. This underlines a critical protection gap, one that leaves many organizations —especially SMEs— exposed to potentially devastating losses which consequentially is visible in the insurance claims data.

This session explores how insurers can play a transformative role in bridging that gap—moving beyond traditional coverage to become strategic partners in digital resilience. We’ll examine the current threat environment, the types of claims incurred and reported , the role of cyber insurance in mitigating risk, and how insurers, clients, and IT providers can collaborate to close the insurance protection gap.