Conference Day 1
09:00 Welcome and Introduction: Wouter Slegers, CEO, TrustCB, and Program Director, EU Cyber Act Conference, Netherlands
09:05 Update on ETSI Mobile Security Standards (P10a) Alex Leadbeater, Head Global Obligations Futures and Standards, BT Group, Cybersecurity Chairman, ETSI, United Kingdom
09:40 Solving the Geo-Compliance Certification Puzzle (P10b) Prasant Vadlamudi, Head of Global Cloud Compliance, Cisco, United States
L11. Outlook and Opportunities |
Moderator: Petra Manche, Global Certifications Team – Manager, Common Criteria, Cisco, United Kingdom |
11:00 System Security and Certification Considerations (L11a) Roberto Cascella, Senior Policy Manager, European Cyber Security Organisation (ECSO), Belgium
11:30 Panel Discussion: Bringing the Cybersecurity Act and Technology Together (L11b) Moderator: Fabien Deboyser, Security Certification Expert, NXP Semiconductors, France; Panelists: Chiara Giovannini, Senior Manager Policy & Innovation, Deputy Secretary General, ANEC, Belgium; Anne-Lise Thieblemont, VP Government Affairs, Qualcomm, United States; Ben Kokx, Director Product Security, Philips, Netherlands, Vasco Gomes, Global CTO – CyberSecurity Products, Atos, United Kingdom; Matthias Intemann, Head of Certification, Federal Office for Information Security – BSI, Germany [60 Min]
C11. Cloud and GDPR Frameworks |
Moderator: Martin Chapman, Director of Technical Policy & Standards, DIGITALEUROPE, United States |
11:00 Proactive Readiness for the EU Digital Market (C11a) William Ochs, Member ENISA Cloud AHWG, Cisco EMEA Cloud Certification Lead, CSO Cisco SDWAN, Cisco / ENISA Cloud AHWG, United States
11:30 Leveraging an ISO/IEC 27001 Management System to Provide the Governance Framework for Certifications According to the EU Cybersecurity Act (C11b) Willy Fabritius, Global Head Strategy & Business Development‚ Information Security Assurance, SGS, United States
12:00 European Standardisation for Cybersecurity and Data Protection – JTC 13 Roadmap and Achievements (C11c) Walter Fumy, Chairperson CEN-CENELEC JTC 13 Cybersecurity and Data Protection, ISO/IEC JTC 1/SC 27 IT Security Techniques, Germany
B12. Public Policy |
Moderator: Matthias Intemann, Head of Branch Certification, Federal Office for Information Security – BSI, Germany |
13:30 Cross Standard and Scheme Composition—A Needed Cornerstone for the European Cybersecurity Certification Framework (B12a) Fabien Deboyser, Security Certification Expert, NXP Semiconductors, France; Jose Ruiz, Co-founder and CTO, jtsec Beyond IT Security, Spain
14:00 ETSI EN 303 645 / TS 103 701: Assessment and Challenges from the TIC Sector Perspective (B12b) Antonio Gonzalez Burgueño, PhD, Cybersecurity Project Manager and Global Technical Leader for Industrial, Medical and Transport systems, DEKRA
14:30 The Cyrene Proposal for a Cybersecurity Scheme for Supply Chain Services (SCS) (B12c) Nineta Polemi, Professor, University of Piraeus, trustilio, Netherlands
I12. IoT Challenges |
Moderator: Martin Chapman, Chairperson, OASIS Open, United States |
13:30 Hacking Smart Building—An Attacker’s Perspective on IoT Attack Surface and Challenges for Cyber Defenders (I12a) Krzysztof Swaczynski, SEQRED, Poland
14:00 Security Levels: Mapping Misalignment with Industry and Understanding the Impact (I12b) Olivier Van Nieuwenhuyze, Chair of the GlobalPlatform Security Task Force, Security Lobbying & Standardization Senior Manager, Principal System Security Architect, STMicroelectronics, Belgium
14:30 IoT Security—Road toward Compliance with Regulations (I12c) Roland Atoui, Managing Director, Red Alert Labs, France; Irfan Hemany, Deputy Director, Department for Digital, Culture, Media and Sport (DCMS), United Kingdom
L13. Outlook and Opportunities |
Moderator: Quang-Huy Nguyen, Common Criteria Expert, France |
15:30 Successful cPP Certifications under the CSA (L13a) Rasma Mozuraite Araby, COO, Lab Director, atsec information security AB, Sweden
16:00 Panel Discussion: Scalability of Schemes and Reusability of Certification Under CSA (L13b) Moderator: Carlos Serratos, Senior Director Strategy, Policy and Advocacy Brightsight, The Netherlands Panelists: Jochen Friedrich, Technical Relations Executive, IBM, Germany; Renate Verheijen, Legal Officer Cybersecurity Certification, European Union Agency for Cybersecurity (ENISA), Greece; Olivier Van Nieuwenhuyze, Chair of the GlobalPlatform Security Task Force, Principal System Security Architect, STMicroelectronics, Belgium; Wouter Slegers, CEO, TrustCB, and Program Director, EU Cyber Act Conference, Netherlands [60 Min]
N13. Innovations in Assurance |
Moderator: David Herrgesell, Security Certification Expert, NXP, Austria |
15:30 Using Fuzzing Metrics in Cybersecurity Conformity Self-Assessment and Certification (N13a) Tony Boswell, Senior Principal Consultant, CyTAL UK Ltd, United Kingdom
16:00 Validation of Cryptographic Protocols with Common Criteria (N13b) Ritu Ranjan Shrivastwa, Certification Program Manager, Secure-IC, France
16:30 Assurance Beyond the Initial Certificate (N13c) Helge Kreutzmann, Senior Expert, Bundesamt für Sicherheit in der Informationstechnik, Germany
Enjoy an informal group dinner at one of Brussel’s top restaurants with your EU Cyber Security Act colleagues on Tuesday, 24 May. This is an add-on to the 2-day conference registration. For an additional fee of 50 Euros you can reserve your seat for a prix-fixe dinner at a group table. Reserve early—seating is limited. On site, you’ll meet your group at 17:30 at the conference registration desk and depart from there.
Conference Day 2
G20. Outlook and Opportunities (EU5G) |
Moderator: Roberto Cascella, Senior Policy Manager, European Cyber Security Organisation (ECSO), Belgium |
09:00 Vendor Experiences from NESAS Security Audit (G20a) Patrik Palm, Director Product Security, Ericsson, Finland
09:30 The Value of Certification Schemes from a MNO Perspective (G20b) Sergio Cozzolino, TIM P.A. International & European Affairs GSMA, GSMA SIM/eSIM Groups Chair, TIM, Italy
10:00 Navigating 5G Cybersecurity Certification (G20c) Dr. Claire Loiseaux, CEO and Founder, Internet of Trust, France; Mohamad Hajj, Senior Cyber Security Consultant, Internet of Trust, France
S20. Standards for Success |
Moderator: Jose Emilio Rico, Cybersecurity Division Director, DEKRA Testing and Certification, S.A.U., Spain |
09:00 ISO/IEC TS 9565 “Towards Creating an Extension for Patch Management for ISO/IEC 15408 and ISO/IEC 18045 (S20a) Sebastian Fritsch, Head of Laboratory, Secuvera, Germany; Javier Tallon, Co-founder and Technical Director, jtsec Beyond IT Security SL, Spain
09:30 Multi-Certified Root-of-Trust: Exploiting Synergies (S20b) Sylvain Guilley, GM & CTO, Secure-IC S.A.S., France
10:00 The Evolution of Open Security—Beyond Open Standards, What is needed to Make Open, Distributed Cybersecurity Systems Architecture a Reality? (S20c) Jason Keirstead, CTO & Distinguished Engineer, IBM Security Threat Management, IBM Security, Canada; Matthias Vallentin, CEO & Co-Founder, Tenzir GmbH, Germany
L21. Outlook and Opportunities (eID) |
Moderator: Wouter Slegers, CEO, TrustCB, and Program Director, EU Cyber Act Conference, Netherlands |
11:00 Eurosmart’s Secure Sub System in SoC PP(PP0117)—The Methodology, the Collaboration, the Synergy (L21a) Rachel Menda-Shabat, Director of Security Solution Certification Division, Winbond, Israel; Jean-Philippe Galvan, Principal Engineer Qualcomm & Co-Chair of Eurosmart ITSC Committee, France
11:30 Panel Discussion: EU Digital Identity Wallets (L21b) Moderator: Alban Feraud, International Organizations & Regulatory Affairs, Strategy & Market Officer, IDEMIA Public Security & Identity, and President, Eurosmart, France Panelists: Giuseppe Damiano, Director of Product Management, Entrust, Italy; Ferenc Molnár, CEO, CCLab, Hungary, Hugo Mania, Digital Identity and Biometrics Project Manager, ANSSI, France, Dr. Detlef Houdeau, Sr Director, Business Development, Infineon Technologies, Germany [60 Min]
T21. Industrial Strategies |
Moderator: David Herrgesell, Security Certification Expert, NXP, Austria |
11:00 Update on IEC 62443-4-2 – Evaluation Methodology for IACS Components (T21a) Sebastian Fritsch, Head of Laboratory, Secuvera, Germany
11:30 Trusted Computing Group’s approach to addressing Industrial Cybersecurity (T21b) Preeti Ohri Khemani, Senior Director Partnership & Ecosystem Management, Infineon Technologies, Austria
12:00 Secure Product Development Lifecycle—Industry’s Approach for Regulatory Compliance and Competitive Advantage (T21c) Antti Tolvanen, Sales Director, Etteplan, Finland
S22. Standards for Success |
Moderator: Petra Manche, Global Certifications Team – Manager, Common Criteria, Cisco, United Kingdom |
13:30 Transition from National to the EUCC Scheme—BSI’s Strategy for Supporting the Product Manufacturers and the ITSEFs during the Transition Phase (S22a) Klementina Geyer, Common Criteria Certification Expert, Federal Office for Information Security, Germany; Fritz Bollman,
Head of Software Certification Section, Federal Office for Information Security, BSI, Germany
14:00 Panel Discussion: Differences Between Lightweight Certification Schemes in Europe. Will FITCEM be the solution? (S22b) Moderator: Jose Ruiz, Co-founder and CTO, jtsec Beyond IT Security, Spain Panelists: Helge Kreutzmann, Senior Expert, Bundesamt für Sicherheit in der Informationstechnik, Germany, Philippe Magnabosco, Policy Advisor for External Standards, ANSSI, France; Maria Christofi, ITSEF COO, Oppida, France; Pablo Franco, Head of Certification Body, CCN, Spain; Petr Kazil, Security Consultant, NLNCSA, Netherlands [60 Min]
B22. Public Policy |
Moderator: Sylvain Guilley, GM & CTO, Secure-IC S.A.S., France |
13:30 Let’s Harmonize Labs Competence: ISO 19896 (B22a) Javier Tallon, Co-founder and Technical Director, jtsec Beyond IT Security SL, Spain
14:00 A Scheme of Schemes—Challenges and Opportunities for CSA Schemes (B22b) Staffan Persson, founder and CEO, atsec information security GmbH, Germany
14:30 European Standardization in Support of Consistent Definition of Cybersecurity Certification Schemes (B22c) Elzbieta Andrukiewicz, National Institute of Telecommunications, Poland
15:30 Panel Discussion: Horizontal Regulation on IoT—CSA Implementation Too Late? (P23a) Moderator: Matthias Intemann, Head of Branch Certification, Federal Office for Information Security – BSI, Germany; Panelists: Tyrone Stodart, Senior Principal Security Analyst, Oracle, United Kingdom; Miguel Bañón, Convenor, CEN/CLC TC13/WG3, Spain; John Guelke, Policy Advisor, Department for Digital, Culture, Media and Sport (DCMS),United Kingdom; Philippe Blot, Lead Certification Expert, European Union Agency for Cybersecurity (ENISA), Greece