The presentation gives a clear summary of the 2025 cyber risk landscape, focusing on the expansion of cybercrime, the worldwide adoption of cybersecurity practices, and the increased instability caused by geopolitical events and new technologies. Notable trends include the emergence of generative AI, the essential role of identity and access management (IAM), and the growing significance of continuous threat monitoring and organizational resilience. It also addresses evolving regulations such as the European Union’s Digital Operational Resilience Act (DORA) and the Network and Information Security Directive (NIS2), which aim to reinforce cybersecurity standards for a range of sectors. Achieving cyber resilience requires strong governance, accountability at the senior management level, and strategies to reduce recovery times for essential business functions. Ultimately, this provides practical guidance to help organizations improve their security and resilience.

The EU AI Act is here — compliance isn’t optional, but the path forward doesn’t have to be overwhelming. This session cuts through the legal noise to deliver a practical, risk-based roadmap for putting the Act into action. Instead of reinventing the wheel, we show how your existing Privacy and Security programs can become the launchpad for AI governance. You’ll learn how to mobilize cross-functional teams, align with suppliers and data owners, and scale without chaos. We also tackle the gaps: what the AI Act misses — and how forward-thinking organizations can get ahead of what’s coming next.

Security leaders share experiences of dealing with major ransomware incidents

• How AI is making ransomware faster, stealthier, and harder to stop
• How organizations responded and recovered
• Lessons for businesses of all sizes

Insider threats are no longer just internal or external. Attackers now impersonate staff using AI, deepfakes, and stolen credentials. This session explores how organizations can address this evolving risk through behavior analytics, regulatory alignment (NIS2, DORA, GDPR), and a security-first culture. Learn why the board must lead and how every employee plays a critical role in defending the organization from within.

In this session, Punit Bhatia will explore the rapidly evolving privacy landscape in the context of two transformative technological forces: Artificial Intelligence (AI) and quantum computing. As organizations and regulators worldwide grapple with the unprecedented capabilities and risks introduced by these technologies, the session will provide a forward-looking view on the challenges, regulatory responses, and ideas shaping the future of privacy.

9 months on from the implementation of DORA, CISOs and security leaders share real-life insights. What teething problems and implementation issues still remain to be tackled? What are some of the best practices they would recommend?

• Experts discuss the limits of pentesting & alternative security approaches
• GenAI Pen testing

• Understanding third-party risks
• How to build a resilient supply chain security strategy

• The benefits and risks of AI in cybersecurity
• Ethical challenges: AI bias, false positives, and adversarial AI
• Case study: When AI failed and how security teams adapted

• Common cloud vulnerabilities
• Shared responsibility model in cloud security