Day 1
Foyer
The EU Cyber Acts Conference Starts with Two Special-Focus Full-Day Events
Produced with the support of ISO/IEC JTC 1/SC 27/WG 3, focused on future cryptographic compliance requirements. Complete Agenda
New for 2024. Focused on the global development of cybersecurity certification frameworks for AI systems. Complete Agenda
Day 2
Foyer
Ballroom AB
09:00 Introduction and Welcome (P10a) Wouter Slegers, CEO, TrustCB, Netherlands
09:10 How Does Regulation Fit in a Secure Connected World? (P10b) Wolfgang Steinbauer, NXP Semiconductors, Senior VP, Head of Crypto and Security, Austria
09:40 An Update on ENISA Certification Activities (P10c) Philippe Blot, Head of Sector Certification, European Union Agency for Cybersecurity (ENISA), Greece
Foyer
Ballroom A
Cloud Frameworks & CC (C11) EUCS & CC |
Moderator: Dr. Igor Furgel, Head of Certification Body Deutsche Telekom Security GmbH, Germany |
10:50 Panel Discussion: EU Cloud Service Certification (C11a) Leader: William Ochs, Head of Cloud Compliance, Cisco Europe, United States; Anders Jonson, Member ENISA AHWG EUCS, Founder & Senior Advisor, SecureAppbox, Sweden; Volkmar Lotz, Senior Manager and Chief Research Strategist, SAP, Germany [60MIN]
11:50 Common Criteria Certification of AI Systems(C11c) Arnold Abromeit, Senior Security Consultant/Evaluator, TÜViT, Germany
Ballroom B
Public Policy (B11) (Inter)national Policies |
Moderator: Miguel Bañon, Independent Consultant, Convenor ISO/IEC JTC 1/SC 27/WG 3, Spain |
10:50 The Regionalization of Cybersecurity Policies: The End to International Cybersecurity Standards? (B11a) Eloïse Ryon, Senior Manager, Europe Digital Policy, Schneider Electric, Belgium
11:20 The Intersection of US and EU Cybersecurity Requirements (B11b) Eric Crusius, Partner, Holland & Knight, United States
11:50 NIAP Addresses U.S. Executive Orders, Memorandums, and Policies: SBOM, Cloud, and Zero Trust (B11c) Jade Stewart, Portfolio Manager, NIAP, United States
Foyer
Ballroom A
Cloud Frameworks (C12) Cloud and Software |
Moderator: Dr. Igor Furgel, Head of Certification Body Deutsche Telekom Security GmbH, Germany |
13:30 Common Criteria in the Cloud – Certification for IT Products No Longer in Your Server Room (C12a) Tyrone Stodart, Senior Principal Security Analyst, Oracle Corporation UK Ltd, United Kingdom
14:00 Improving Software Transparency on the Path to Supply Chain Risk Management (C12b) Jeff Schutt, Principal Security Engineer, Cisco, United States
14:30 Cybersecurity Assessments – Evaluations & Certifications – State of Play 2018-2022 (C12c) José Ruiz Gualda, Cybersecurity Business Unit Director, Applus+ Laboratories, Spain; Chloe Blondeau, Seconded National Expert, European Union Agency for Cybersecurity (ENISA), Greece
Ballroom B
Standards and Certification (S12) EUCC and CRA |
Moderator: Petra Manche, Common Criteria Manager, Cisco, United Kingdom |
13:30 Implementation of the EUCC Scheme in Germany: First Observations and the Way Forward (S12a) Fritz Bollmann, Head of Software Certification, Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany; Klementina Geyer, Common Criteria Certification Expert, Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany
14:00 EN 17927: What if CRA Was Using Composition? (S12b) Carlos Serratos, IoT Certification Expert, NXP Semiconductors, Netherlands
14:30 Insights from Automated Large-Scale Analysis of Common Criteria Certificates (S12c) Adam Janovský, PhD Candidate, Masaryk University, Czechia
Foyer
Ballroom A
IoT Challenges (I13) IoT Tested in Practice |
Moderator: Bret Jordan, Chief Security Strategist, Afero, United States |
15:30 Delivering Trust at the Edge of the Edge (I13a) Stephane Di Vito, Senior Director and Lead Security Architect for Trusted Edge Solutions, Analog Devices, France; Debra Delise, VP of Security Business Unit, Analog Devices, United States
16:00 Scaling Security Testing for IoT Firmware (I13b) Hugues Thiebeauld, CEO, eShard, France
16:30 Charting the Course: Navigating Maritime Cybersecurity (I13c) Anna Prudnikova, Team Manager—Products Certifications, Secura, Netherlands
17:00 The Big Picture – Matching Regulations and Compliance Using Composition (I13d) Carlos Serratos, IoT Certification Expert, NXP Semiconductors, Netherlands
Ballroom B
Standards and Certification (S13) EUCC and CSA Discussions |
Moderator: Wouter Slegers, Program Director, EU Cyber Act Conference and CEO, TrustCB, Netherlands |
15:30 Panel Discussion: EU Common Criteria (EUCC) (S13a) Leader: Petra Manche, Common Criteria Manager, Cisco, United Kingdom; Dr. Dennis Kügler, Head of Standardization, Certification Policy, Supervision, Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany; Maika Föhrenbach, Team leader for certification, CNECT.H.2 – Cybersecurity and Digital Privacy Policy, European Commission; Belgium; Tyrone Stodart, Senior Principal Security Analyst, Oracle Corporation UK Ltd, United Kingdom; Antonio Vizcaino, Cybersecurity Technical Sales, DEKRA, Spain [60MIN]
16:30 Panel Discussion: CSA Speed and Consistency (S13c) Leader: Gabor Hornyak, Head of Site & Process Certification, NXP Semiconductors, Hungary; Jan Eichholz, Director, Head of Security, Giesecke+Devrient Mobile Security, Germany; Matthias Intemann, Head of Certification, Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany; Trevor Rudolph, Vice President, Global Digital Policy & Regulation, Schneider Electric, Belgium; Eric Vetillard, Lead Certification Expert, European Union Agency for Cybersecurity (ENISA), Greece [60MIN]
Open to everyone. Located in the Exhibit Area. Catch up your colleagues for a refreshing beverage at the end of the day’s events. Thanks to the generous support of Reception Sponsor Dekra.
Enjoy an informal group dinner at Aux Armes de Bruxelles, one of the city’s top restaurants, with your conference colleagues on Tuesday, 12 March. This is an add-on to the conference registration. For an additional fee you can reserve your seat for a prix-fixe dinner at a group table. Reserve early—seating is limited. On site, you’ll meet your group at 18:30 at the conference registration desk and depart from there. Click here for more information.
Day 3
Foyer
Ballroom A
IoT Challenges (I20) Industrial IoT |
Moderator: Bret Jordan, Chief Security Strategist, Afero, United States |
09:00 Cyber Security as an Opportunity for SMEs: How We Met the IEC 62443-4-1 Standard (I20a) Siegfried Müller, VP Advanced Technologies, Red Lion Europe GmbH (former MB connect line GmbH), Germany
09:30 Impact of the CRA on the SME Equipment Manufacturers in Europe: Experience and Lessons Learned (I20b) Salvador Trujillo, CEO, ORBIK Cybersecurity, Spain
10:00 Intrusion Detection System (IDS) in an Industrial IoT Context (I20c) Ritu Ranjan Shrivastwa, Certification and Standardization Program Manager, Secure-IC, France; Anass Sbai, R&D Engineer – Certification, Secure-IC, France
Ballroom B
Standards and Certification (S20) RED |
Moderator: Miguel Bañon, Independent Consultant, Convenor ISO/IEC JTC 1/SC 27/WG 3, Spain |
09:00 RED Cybersecurity Requirements and Regulatory Landscape (S20a) Angelo D Amato, Lead Principal, UL Solutions, Netherlands
09:30 Panel Discussion on CRA & RED: Allies or Antagonists? (S20b) Leader: Tony Boswell, Senior Principal Consultant, CyTAL UK Ltd., United Kingdom; Rob Coombs, Director, ATG, Arm, United Kingdom; Omar Dhaher, Associate Technical Director, DIGITALEUROPE, Belgium; Ben Kokx, Director Standardization Product Security, Philips, Netherlands; Bruno Mussard, Wireless MCU Security Manager, STMicroelectronics, France; [60MIN]
Foyer
Ballroom A
IoT Challenges (I21) Industrial IoT |
Moderator: Angela Soum, National Information Assurance Partnership (NIAP), United States |
11:00 Creating New Requirements for Security Certification (I21a) Dan O’Loughlin, VP Engineering, Qualcomm, Germany
11:30 IoT Security – How SESIP Is Supporting Industries to Prepare for Incoming EU Legislation (I21b) Olivier Van Nieuwenhuyze, Vice Chair of the Board and Chair of the Security Task Force, GlobalPlatform, Belgium
12:00 Transforming Into a Secure-by-Design Company—Roadmap for Achieving CRA Compliance (I21c) Antti Tolvanen, Sales Director, Etteplan, Finland
Ballroom B
Public Policy (B21) CRA Policy |
Moderator: Arnaud Martin, Expert Digital & ICT Standardisation, Agoria, Belgium |
11:00 The EU Assurance Paradigm: CRA Conformity Assessment Procedures and Presumption of Conformity with CSA (B21a) Jose Emilio Rico MartÍnez, Business Development and Strategy, DEKRA Testing and Certification S.A.U., Spain
11:30 Panel Discussion: EU Cyber Resilience Act (B21b) Leader: Alban Feraud, Regulatory Affairs, Market & Business Development, IDEMIA, France; Monique Bakker, Senior Security Expert, Rijksinspectie Digitale Infrastructuur, Netherlands; Walter Fumy, Chairman Emeritus, ISO/IEC JTC 1/SC 27 IT Security Techniques, Germany; Matteo Mole, Manager for Technologies, Innovation and Trusted Supply Chains, European Cyber Security Organisation (ECSO), Belgium; Florian Pennings, Director Government Affairs, Microsoft, Belgium [60MIN]
Foyer
Ballroom A
Public Policy (B22) Policy Implications |
Moderator: Matthias Intemann, Head of Certification, Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany |
13:30 Fuzzing for Assurance and Certification – Lessons from Smart Meters (B22a) Tony Boswell, Senior Principal Consultant, CyTAL UK Ltd, United Kingdom
14:00 Separation of Duties: Evaluation vs Consulting (B22b) Marc Le Guin, Head of Evaluation Body IT Security, TÜV Informationstechnik GmbH, Germany
14:30 The Paradigm Shift in Patching Regulation – Upcoming EU Rules for Cybersecurity Patching (B22c) Lisa Rooij, PhD Researcher Regulation and Governance of Patching Security in Organizations , Tilburg University (TILT), Netherlands
15:00 European Cross-Border Cybersecurity Operations Collaboration through the Lens of the CACAO Standard (B22d) Vasileios Mavroeidis, Professor for Cybersecurity, University of Oslo, Norway; Bret Jordan, Chief Security Strategist, Afero, United States
Ballroom B
Standards and Certification (S22) CRA Legal Aspects |
Moderator: Arnaud Martin, Expert Digital & ICT Standardisation, Agoria, Belgium |
13:30 The Interplay Between EU Regulations and Cybersecurity Certification (S22a) Leader: Renate Verheijen, Legal Adviser on Cybersecurity, European Union Agency for Cybersecurity (ENISA), Greece [60MIN]
14:30 When Product Cybersecurity Becomes Law: Implementing the CRA at a Global Cross-Domain Product Manufacturer (S22c) Marko Wolf, Chief Expert Product Cybersecurity Governance, Robert Bosch GmbH, Germany
15:00 Can the Cyber Resilience Act Function as CE Legislation? Insights from the Home Appliance Perspective. (S22d) Alexander Eisenberg, Head of Office EU Technical Market Access, BSH Home Appliances S.A., Belgium
Foyer. Exhibits close at 16:00.
Ballroom
16:00 Panel Discussion: European Cybersecurity Legislation—Industry View—How Can We Make Laws Work Together? (P23a) Leader: John Boggie, President, Eurosmart, United Kingdom; Andreas Mitrakas, Head of Unit—Market Certification and Standardisation, European Union Agency for Cybersecurity (ENISA), Greece; Filipe Jones Mourão, Policy Officer, European Commission, Portugal; Pierre-Jean Verrando, Director General, Eurosmart, Belgium; Brian Wood, Program Manager, Google, United States [60MIN]