Conference Agenda 2024

09:10 Industry Keynote (P10b) Wolfgang Steinbauer, Senior VP, Head of Crypto and Security, Austria

09:40 An Update on ENISA Certification Activities (P10c) Philippe Blot, Head of Sector Certification, European Union Agency for Cybersecurity (ENISA), Greece

Ballroom A

10:50 Panel Discussion: EU Cloud Service Certification (C11a) Leader: William Ochs, CSO / CCO & Global ISSM – Cisco SD-WAN / Cisco EMEA Cloud Certification Lead, Cisco, United States; Anders Jonson, Member ENISA AHWG EUCS, Founder & Senior Advisor, SecureAppbox, Sweden; Volkmar Lotz, Senior Manager and Chief Research Strategist, SAP, Germany [60MIN]

11:50 Certification of Cloud Services or IT Products: Results of Two Pilot Certification in EUCS Scheme and EUCC Scheme (C11c) Theresa Krüger, Certifier, Deutsche Telekom Security GmbH, Germany

Ballroom B

10:50 The Regionalization of Cybersecurity Policies: The End to International Cybersecurity Standards? (B11a) Eloïse Ryon, Senior Manager, Europe Digital Policy, Schneider Electric, Belgium

11:20 The Intersection of US and EU Cybersecurity Requirements (B11b) Eric Crusius, Partner, Holland & Knight, United States

11:50 NIAP Addresses U.S. Executive Orders, Memorandums, and Policies: SBOM, Cloud, and Zero Trust (B11c) Jade Stewart, Portfolio Manager, NIAP, United States

Ballroom A

13:20 Common Criteria in the Cloud – Certification for IT Products No Longer in Your Server Room (C12a) Tyrone Stodart, Senior Principal Security Analyst, Oracle Corporation UK Ltd, United Kingdom

13:50 Improving Software Transparency on the Path to Supply Chain Risk Management (C12b) Jeff Schutt, Principal Security Engineer, Cisco, United States

14:20 TBA

Ballroom B

13:20 Implementation of the EUCC Scheme in Germany: First Observations and the Way Forward (S12a) Klementina Geyer, Common Criteria Certification Expert, Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany; Fritz Bollmann, Head of Software Certification, Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany

13:50 TBA

14:20 Insights from Automated Large-Scale Analysis of Common Criteria Certificates (S12c) Adam Janovský, PhD Candidate, Masaryk University, Czechia

Ballroom A

15:20 Delivering Trust at the Edge of the Edge (I13a) Stephane Di Vito, Senior Director and Lead Security Architect for Trusted Edge Solutions, Analog Devices, France; Debra Delise, VP of Security Business Unit, Analog Devices, United States

15:50 Scaling Security Testing for IoT Firmware (I13b) Hugues Thiebeauld, CEO, eShard, France

16:20 Charting the Course: Navigating Maritime Cybersecurity (I13c) Anna Prudnikova, Team Manager—Products Certifications, Secura, Netherlands

16:50 The Big Picture – Matching Regulations and Compliance Using Composition (I13d) Georg Stuetz, Head of IoT & Automotive Certification, NXP Semiconductors, Austria

Ballroom B

15:20 Panel Discussion: EU Cybersecurity Certification (EUCC) (S13a) Leader: Petra Manche, Common Criteria Manager, Cisco, United Kingdom [60MIN]

16:20 Panel Discussion: CSA Speed and Consistency (S13c) Leader: Gabor Hornyak, Head of Site & Process Certification, NXP Semiconductors, Hungary [60MIN]

Ballroom A

09:00 Cyber Security as an Opportunity for SMEs: How We Met the IEC 62443-4-1 Standard (I20a) Siegfried Müller, VP Advanced Technologies, Red Lion Europe GmbH (former MB connect line GmbH), Germany

09:30 Impact of the CRA on the SME Equipment Manufacturers in Europe: Experience and Lessons Learned (I20b) Salvador Trujillo, CEO, ORBIK Cybersecurity, Spain

10:00 EU Cyberresilience Act – A Boon in Die Tide (I20c) Meghana Pote, Senior Expert IEC 62443 Auditor & Trainer, Tüv Süd as Certification Body in Germany, Germany

Ballroom B

09:00 RED Cybersecurity Requirements and Regulatory Landscape (S20a) Angelo D Amato, Lead Principal, UL Solutions, Netherlands

09:30 Panel Discussion on CRA & RED: Allies or Antagonists? (S20b) Leader: Tony Boswell, Senior Principal Consultant, CyTAL, United Kingdom [60MIN]

Ballroom A

11:00 Creating New Requirements for Security Certification (I21a) Dan O’Loughlin, VP Engineering, Qualcomm, Germany

11:30 IoT Security – How SESIP Is Supporting Industries to Prepare for Incoming EU Legislation (I21b) Olivier Van Nieuwenhuyze, Vice Chair of the Board and Chair of the Security Task Force, GlobalPlatform, Belgium

12:00 Transforming Into a Secure-by-Design Company—Roadmap for Achieving CRA Compliance (I21c) Antti Tolvanen, Sales Director, Etteplan, Finland

Ballroom B

11:00 The EU Assurance Paradigm: CRA Conformity Assessment Procedures and Presumption of Conformity with CSA (B21a) Jose Emilio Rico MartÍnez, Business Development and Strategy, DEKRA Testing and Certification S.A.U., Spain

11:30 Panel Discussion: EU Cyber Resilience Act (B21b) Leader: Alban Feraud, Board Member, Eurosmart, and Regulatory Affairs, Market & Business Development, IDEMIA, France; Roberto Cascella, Head Of Sector – Technology, Supply Chain & Strategic Autonomy, European Cyber Security Organisation (ECSO), Belgium [60MIN]

Ballroom A

13:30 Fuzzing for Assurance and Certification – Lessons from Smart Meters (B22a) Tony Boswell, Senior Principal Consultant, CyTAL UK Ltd, United Kingdom

14:00 Separation of Duties: Evaluation vs Consulting (B22b) Marc Le Guin, Head of Evaluation Body IT Security, TÜV Informationstechnik GmbH, Germany

14:30 The Paradigm Shift in Patching Regulation – Upcoming EU Rules for Cybersecurity Patching (B22c) Lisa Rooij, PhD Researcher Regulation and Governance of Patching Security in Organizations , Tilburg University (TILT), Netherlands

15:00 European Cross-Border Cybersecurity Operations Collaboration through the Lens of the CACAO Standard (B22d) Vasileios Mavroeidis, Professor for Cybersecurity, University of Oslo, Norway; Bret Jordan, Chief Security Strategist, Afero, United States

Ballroom B

13:30 The Interplay Between EU Regulations and Cybersecurity Certification (S22a) Leader: Renate Verheijen, Legal Adviser on Cybersecurity, European Union Agency for Cybersecurity (ENISA), Greece [60MIN]

14:30 When Product Cybersecurity Becomes Law: Implementing the CRA at a Global Cross-Domain Product Manufacturer (S22c) Marko Wolf, Chief Expert Product Cybersecurity Governance, Robert Bosch GmbH, Germany

15:00 Can the Cyber Resilience Act Function as CE Legislation? Insights from the Home Appliance Perspective. (S22d) Alexander Eisenberg, Head of Office EU Technical Market Access, BSH Home Appliances S.A., Belgium