Conference Plenary Keynote, Juhan Lepassaar, Executive Director, European Union Agency for Cybersecurity (ENISA)
SOG-IS View on the Cybersecurity Act, Bernd Kowalski, Chairman, SOG-IS, Germany
Cloud Candidate Scheme Recommendations by CSP CERT Working Group, The European Cloud Service Provider Certification Working Group
Update on DG Connect Operations, Aristotelis Tzafalias, Policy Officer, Cybersecurity and Digital Privacy, European Commission, Belgium
Security Needs to be Consistent—The Role of Process in the Cybersecurity Act, David Martin, Head of International Assurance, NCSC, United Kingdom
Overview of Current and Future NIAP and US Government Certification Initiatives, Mary Baish, Director, NIAP, United States
Update on ENISA Operations and CSA Implementation, Slawomir Górniak, Security Tools and Architecture Expert, ENISA, Greece
BSI View on the EU Cybersecurity Act, BSI, Germany
ECSO’s Outlook on the EU Cybersecurity Act, Roberto Cascella, Senior Policy Manager, ECSO, Belgium
The EU-SEC Framework, Lefteris Skoutaris, Research Analyst, Cloud Security Alliance, Greece
Join the Global Forum on the Changing Future of Cross-Border Certification
The 2019 International Conference on the EU Cybersecurity Act has been developed to help standards community prepare for the evolution of risk-based frameworks meant to address market fragmentation in the EU. The EU Cybersecurity Act, now in the early stages of development, will eventually create a wide-ranging, independent European body of cybersecurity regulation as part of the “single digital market” goal. This landmark regulatory mandate will have a wide-ranging effect on the international standards community—now is the time to begin planning for and participating in ongoing changes.
A Survey of Current Frameworks and Candidate Schemes
The Cybersecurity Act will establish a European cybersecurity certification framework for ICT products, services and processes. Current schemes may be incorporated into this new framework, or may need to evolve to the fit the regulatory changes. The Conference will cover the potential effect on current schemes and regulatory mandates like Common Criteria, eIDAS, Payment Services Directive 2, GDPR, ISO 27001, and EU standards for cryptographic modules. The conference will also cover the effect on current private schemes like GSMA, GlobalPlatform, EMVCo, PCI PTS, PCI SPoC, Eurosmart, Felica, Mifare, and OWASP and will discuss the new potential candidate schemes for key industry verticals such as IoT, cloud, communications, payments, automotive, and more.
Two Days to Cover a Shifting Regulatory Landscape
The conference will take place in Brussels on November 18-19, starting with a plenary keynote session then breaking into 4 separate tracks covering technology and certification issues, customer requirements, policy, and market issues.
Who Should Attend
Conference topics will be of interest to the entire standards community, including Certification Bodies, Evaluation Laboratories, Researchers, Evaluators, Policy Makers, Product Developers, Sellers and Buyers interested in the specification, development, evaluation, and certification of IT security. The Cybersecurity Act will also affect organizations beyond the EU, including government schemes, testing laboratories, product developers, and technology companies in North America and Asia.
Thanks to all EU CSA 2019 conference participants. Conference presentations have been uploaded. Use login information in your Conference Program page 3 for access.
Conference photos have been posted.
2019 Conference Speakers
Roland Atoui
Managing Director, Red Alert Labs/EUROSMART, FranceMary Baish
Director, NIAP, United StatesBoris Balacheff
HP Fellow & VP, Chief Technologist for Security Research and Innovation, HP Labs, FranceMiguel Bañon
Global Technology Leader for Cybersecurity, Epoche and Espri (a DEKRA company), SpainMarkus Bartsch
Business Development, TUViT, GermanyThomas Billeau
Head of Certification, NXP, GermanyJohn Boggie
Director, Head of Cybersecurity Certification NXP Semiconductors UKTony Boswell
Senior Principal Consultant, DNV GL Technical Assurance Laboratory, United KingdomStefano Bracco
Knowledge Manager, European Union Agency for the Cooperation of Energy Regulators, ItalyRoberto Cascella
Senior Policy Manager, ECSO, BelgiumMartin Chapman
Senior Director, Standards Strategy and Policy EMEA, Oracle, IrelandSonia Compans
Technical Officer, ETSI, FranceMichael Cooper
Manager, Security Testing, Validation and Measurement Group, National Institute of Standards and Technology (NIST), United StatesSudhir Ethiraj
Cyber Security Strategy, TÜV SÜD Sec IT GmbH, GermanyWilly Fabritius
Global Portfolio Champion for Information Resiliency, BSI Group, United StatesSaurabh Ghelani
EMEA Strategic Trust Leader, Google Cloud, SwitzerlandSławomir Górniak
Expert in Security Tools and Architecture, ENISA, PolandChris Gow
Director, EU Public Policy, Government Affairs, Cisco Systems, BelgiumGabor Hornyak
CTO, CCLab, HungaryMatthias Intemann
Head of Section, BSI – Federal Office for Information Security, GermanyAyman Khalil
COO & Managing Partner, Red Alert Labs, FranceBernd Kowalski
Head of Department, Federal Office for Information Security, GermanyHelge Kreutzmann
Standardisation Expert, BSI, GermanyJacques Kruse Brandao
Head of Advocacy Digital Trust Services, SGS Group, GermanyHelmut Kurth
Chief Scientist and Common Criteria Lab Director, atsec information security, GermanyMika Lauhde
Global Vice-President, Cybersecurity & Privacy, Global Public Affairs, Huawei, ChinaJuhan Lepassaar
Executive Director, European Union Agency for Cybersecurity (ENISA), GreeceAurelien Leteinturier
Head of Security Products and Services Approval Unit, ANSSI, FranceDr. Claire Loiseaux
CEO and Founder, Internet of Trust, FranceSergio Lombán Lage
VP, Digital Trust Services, SGS Group, SpainPhilippe Magnabosco
Policy Advisor for External Standards,, ANSSI, FranceDavid Martin
Head of International Assurance, NCSC, United KingdomRachel Menda-Shabat
Director of Security Solution Certification Division, ISCI WG sub-chair, Winbond, IsraelJulian Meyrick
Managing Partner & Vice President, Security Strategy Risk & Compliance, Security Services, IBM, United KingdomThomas Niessen
Managing Director of the Kompetenznetzwerk Trusted Cloud, German Ministry of Economics and Energy, GermanyWilliam Ochs
EMEA Cloud Certification Lead, Cisco, United StatesJasmina Omic
Product Manager Services, Riscure, NetherlandsDirk-Jan Out
CEO, Brightsight, NetherlandsJose Alejandro Rivas Vidal
Security Lab Manager, Applus+ Laboratories, SpainRaymond Romero
Board of Governors of the Federal Reserve Systems, United StatesJosé Ruiz Gualda
Co-founder, jtsec Beyond IT SecurityBill Rutledge
Project Director, EU CyberSecurity Act ConferenceJonathan Sage
Government and Regulatory Affairs, IBM, United KingdomAlexander Schasse
IT Security Consultant, TÜV Informationstechnik GmbHEva Schulz-Kamm
Head of Global Government Affairs, Siemens AG, GermanyLefteris Skoutaris
Research Analyst, Cloud Security Alliance, GreeceWouter Slegers
CEO, TrustCB, NetherlandsJavier Tallón
CoFounder and COO, jtsec Beyond IT Security SL, SpainPaul Theron
Advisor & Cyb’Air Research Chair, Thales, FranceLachlan Turner
Director Consulting, Lightship Security, Canada
Location
In Europe’s Political and Cultural Capital
The conference is conveniently located at Brussels Marriott Hotel Grand Place—perfectly situated in the city center, the stylish Marriott hotel is ideal for both business or leisure travel. Explore everything Brussels has to offer, from historic attractions to international organizations and corporations, all in easy reach.
Conference Tracks
Industry Alignment: Efforts by the international technical community to align frameworks with government standards while responding to the needs of the market.
Industrial Strategies: An analysis of current voluntary certification standards for industrial automation and energy, and potential transitions to mandatory international certification.
IoT Challenges: A survey of the large, fast-growing certification landscape for connected devices and the cost, performance, and power constraints that necessitate security compromises.
Public Policy: Updates from public schemes and associations on the development of standards in response to evolving security risks across multiple sectors.
Cloud and GDPR Frameworks: A look at cloud scheme initiatives and efforts to leverage existing certifications in the transition to frameworks that align with international regulations such as GDPR.
Outlook/Opportunities: Updates on leading government initiatives for global certification and perspectives on the business benefits of security evaluations.
Standards for Success: Review of standardization efforts under various national frameworks (a key factor for CSA success) and the limitations of standards in a real-world environment.
Innovations in Assurance: Best practices for maintaining certification in the face of new cybersecurity regulations, expanding product lines, and frequent product updates.
Twitter Feed
Related Event
The Eighth Annual International Cryptographic Module Conference
25-28 August 2020, Hyatt Regency Bethesda, Maryland, USA, www.icmconference.org
The leading annual event for global expertise in commercial cryptography.
The International Common Criteria Conference
20-22 October 2020, Eurostars Palacio Buenavista, Toledo, Spain
www.iccconference.org
The leading forum for the community of professionals involved in Common Criteria.