25-27 March | Doubletree by Hilton Brussels City

Conference Agenda 2025

Tuesday 25 March

Day 1

08:00-09:00 Registration

First Floor Reception

09:00-17:00 Special Focus Day

The EU Cyber Acts Conference Starts with Two Special-Focus Full-Day Events

Presenting Sponsor: GlobalPlatform. Prepare now for the requirements of the EU Cyber Resilience Act (CRA).

Complete Agenda

Focused on the global development of cybersecurity certification frameworks for AI systems.

Complete Agenda

Wednesday 26 March

Day 2

08:00-09:00 Registration

Sycamore Ballroom

09:00-10:10 Plenary Keynote Session (P10)

Sycamore Ballroom

09:00 Introduction and Welcome (P10a) Wouter Slegers, CEO, TrustCB, Netherlands

09:10 Forging a Cyber Resilient Future: The EU’s Lead Role in Standardization and Certification (P10b) Christiane Kirketerp de Viron, Acting Director for Digital Society, Trust and Cybersecurity, DG CONNECT, European Commission, Belgium

10:10-10:50 Networking Break in Exhibits

Sycamore Ballroom

10:50-12:20 Track Sessions

Sycamore Ballroom
EUCC (J11)
EUCS & CC
Moderator: TBA

10:50 An Update on ENISA Certification Activities (J11a) Philippe Blot, Head of Sector Certification, European Union Agency for Cybersecurity (ENISA), Greece


11:20 From Launch to Lift-Off: EUCC Start-Up Challenges and Scaling Operations for Full Compliance (J11b) Jose Emilio Rico, Cybersecurity Strategy Leader, DEKRA Testing and Certification S.A.U., Spain


11:50 Cloud Common Criteria Certification Considerations (J11c) Jade Stewart, NIAP Portfolio Manager, National Information Assurance Partnership (NIAP), United States; Mike Grimm, Principal Security Program Manager, Microsoft, United States

Buckeye (First Floor)
IoT Cyber Certification (T11)
Application of Certification
Moderator: TBA

10:50 Certification Strategies for Global Cybersecurity Compliance in IoT (T11a) Antonio David Vizcaino Gomez, Cybersecurity Technical Sales Manager, DEKRA, Spain


11:20 Assessing the Cyber RED-DA: Our Take on the Good, the Bad, and the Impact of EN 18031 (T11b) Nuria Carrio, Certification Technical Director, Applus+ Laboratories, Spain


11:50 The Impact of the Cyber Resilience Act on Different Industry Sectors (T11c) Raluca Viziteu, Security Consultant, Secura, Netherlands

Chestnut (First Floor)
Specific Domains and Workgroups (D11)
Experiences
Moderator: TBA

10:50 Experience and Lessons Learned: Cybersecurity Compliance of Industrial Control Systems Base on IEC62443-4-2 Testing (D11a) Salvador Trujillo, CEO, ORBIK Cybersecurity, Spain


11:50 Closing the Cyber Risk Protection Gap: A Call for Collective Action (D11b) Andreas Schmitt, Global Cyber Underwriting Manager, Zurich Insurance Company, Switzerland


11:20 A Positive, Comprehensive and Successful (so far) Multi-Referential Compliance (D11c) François Ehly, Senior Manager Compliance, Almond, France; Thierry Notot, IoT Cybersecurity Manager, Socomec Group, France

12:20-13:20 Lunch in Exhibits

Sycamore Ballroom

13:20-14:50 Track Sessions

Sycamore Ballroom
EUCC (J12)
EUCC Implementation
Moderator: Jose Emilio Rico, Cybersecurity Strategy Leader, DEKRA Testing and Certification S.A.U., Spain
Track Sponsor

 

 


13:20 Breaking New Ground: ITSEF’s Journey Through EUCC Accreditation and Authorization (J12a) Nuria Carrio, Certification Technical Director, Applus+ Laboratories, Spain


13:50 Panel Discussion: EUCC Scheme—First Experience in Setting Up the Necessary Ecosystem (J12b) Leader: Wouter Slegers, EU Cyber Acts Conference chair, and CEO, TrustCB, Netherlands; Johannes Feldmann, Head of Information Technology and Cybersecurity Division, Deutsche Akkreditierungsstelle (DAkkS); Germany [60 MIN]

Buckeye (First Floor)
Standards and Certification (S12)
Specific Topics
Moderator: TBA
Chestnut (First Floor)
Industry (ITC) Alignment (Y12)
Specialised Schemes
Moderator: TBA

13:20 One Principle to be Considered Before Developing New Certification Schemes (Y12a) Alireza Rohani, Certifier, TrustCB, Netherlands


13:50 Harmonising IoT Security: Lessons from Singapore’s Cybersecurity Labelling Scheme (Y12b) Clifton Choo, Senior Assistant Director, Cyber Security Agency, Singapore


14:20 Navigating EU Cybersecurity Regulations: Callenges for Smart Lock System Developers (Y12b) Marc Le Guin, Head of Evaluation Body IT Security, TÜV Informationstechnik GmbH, Germany

14:50-15:20 Networking Break in Exhibits

Sycamore Ballroom

15:20-17:20 Track Sessions

Sycamore Ballroom
Standards and Certification (S13)
Specialised Schemes
Moderator: TBA

15:20 New European Standard—Does a Cybersecurity Certification Scheme Fit into the Framework? (S13a) Elzbieta Andrukiewicz, ITSEF Manager, National Institute of Telecommunications, Poland


15:50 The Benefits of the EN 17640 Standard in the Harmonisation of the German and French Fixed-Time Certification Schemes (S13b) Jens Ziegler, Head of Division—BSZ, NESAS Certification, Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany


16:20 Building Trust: Developing a Private Cybersecurity Certification Scheme for Cryptographic Modules under ISO/IEC 19790 (S13c) Jose Emilio Rico, Cybersecurity Strategy Leader, DEKRA Testing and Certification S.A.U., Spain


16:50 Navigating the Future of Security Compliance: An Introduction to OSCAL (S13d) Pirooz Javan, Chief Technology Officer (CTO), Easy Dynamics, United States

Buckeye (First Floor)
Cyber Resilience Act (CRA) (R13)
CRA Implementation
Moderator: TBA

15:20 Requirements of the Cyber Resilience Act in Practice (R13a) Markus Engqvist, Lab Manager, atsec information security AB, Sweden


15:50 Assessment of Harmonised Standards for the EU Cyber Resilience Act (R13b) Omar Dhaher, Associate Director, Standardisation and Compliance Policy, DIGITALEUROPE, Belgium


16:20 Panel Discussion: Navigating EU Regulations—The Interplay Between RED, CRA, and EU Certification Schemes (EUCC and Beyond) (R13c) Leader: Jose Francisco Ruiz Gualda, Cybersecurity BU Director, Applus+ Laboratories, Spain [60 MIN]

Chestnut (First Floor)
Innovations in Assurance (F13)
SBOM
Moderator: TBA

15:20 NIAP SBOM Pilot (F13a) Jade Stewart, NIAP Portfolio Manager, National Information Assurance Partnership (NIAP), United States


15:50 Understanding SBOMs in Real-World Systems—A Practical DevOps/SecOps Perspective (F13b) Andrei Costin, Assistant Professor / CEO / Co-Founder, University of Jyvaskyla / Binare.io, Finland


16:20 Panel Discussion: SBOMs and DPP 2826, Navigating Transparency (F13c) Leader: Jeff Schutt, Principal Security Engineer, Cisco Systems, United States [60 MIN]

17:20 Evening Reception

Open to everyone. Located in the Exhibit Area. Catch up your colleagues for a refreshing beverage at the end of the day’s events.

18:20 Dine Out Brussels

Enjoy an informal group dinner with your conference colleagues. This is an add-on to the conference registration. For an additional fee you can reserve your seat for a prix-fixe dinner at a group table. Reserve early—seating is limited. On site, you’ll meet your group at 18:20 at the conference registration desk and depart from there.

Thursday 27 March

Day 3

08:00-09:00 Coffee

Sycamore Ballroom

09:00-10:30 TRACK SESSIONS

Sycamore Ballroom
Cyber Resilience Act (CRA) (R20)
CRA Application
Moderator: TBA

09:00 CRA from BSI Perspective (R20a) Sandro Amendola, Director, Responsible for Standardisation, CRA, CSA, Certification, Telecommunication , Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany


09:30 How Will IoT Applications Be Able to Build Upon a Security Resilient Eco-System? (R20b) Sandrine Pic, Security Programs Manager, Nordic Semiconductor, Norway


10:00 Will CRA Solve the Supply Chain Security or Create a Procurement Maze? An Assessment from an Industry Perspective (R20c) Arnaud Martin, Expert Cybersecurity Regulation and Standardisation, Agoria, Belgium

Buckeye (First Floor)
IoT Cyber Certification (T20)
Embedded Application
Moderator: TBA

09:00 Strengthening ETSI EN 303 645: Insights from TIC Council’s Cybersecurity Hackathons (T20a) Jorge Wallace, Cybersecurity Technical Leader, DEKRA, Spain


09:30 Threat Model for Embedded Devices—EMB3D™ (T20b) Adam Hahn, Principal OT Security, The MITRE Corporation, United States


10:00 The Dark Side of Solar Energy (T20c) Uri Sadot, Cybersecurity Program Director, SolarEdge Technologies, Israel

Chestnut (First Floor)
Cryptographic Modules (A20)
Crypto
Moderator: TBA

09:00 ECCG Cryptographic Subgroup Update (A20a) Lucile Gallant Boisard, Cybersecurity Consultant, Internet of Trust, France


09:30 Preparation of Europe Against the Quantum Threat—How to Become Quantum Safe with PQC (A20b) Manfred Rieck, VP Individual Solution Development, Deutsche Bahn, Germany


10:00 On Certifying Post-Quantum Implementations at “High” Assurance Level (A20c) Markku-Juhani Saarinen, Professor of Practice, Tampere University, Finland

10:30-11:00 NETWORKING BREAK IN EXHIBITS

Sycamore Ballroom

11:00-12:30 Track Sessions

Sycamore Ballroom
Cyber Resilience Act (CRA) (R21)
CRA Implementation
Moderator: TBA

11:00 CRA for Device Makers—How Can EN 17927 Simplify Regulatory Compliance? (R21a) Carlos Serratos, IoT Certification Expert, GlobalPlatform, Netherlands


11:30 Panel Discussion: Implementation of the CRA for Product Development in the EU (R21b) Leader: Olivier Van Nieuwenhuyze, Security Lobbying & Standardization Senior Manager, STMicroelectronics, Belgium [60 MIN]

Buckeye (First Floor)
Standards and Certification (S21)
Open Processes
Moderator: TBA
Chestnut (First Floor)
Public Policy (B21)
Link to Finances
Moderator: TBA

11:00 Securing the Point of Interaction Terminal Yesterday, Today and Tomorrow (B21a) Jeremy King, Regional VP Europe Middle East Africa, Payment Card Industry Security Standards Council (PCI SSC), United Kingdom


11:30 NIS2 and Cybersecurity—Effective Strategies for Compliance and Risk Management (B21b) Ralf Kutsche, Cybersecurity Expert and Author, bkm consultants, Germany


12:00 Bridging the Cybersecurity Skills Gap: Driving Successful Implementation of EU Regulations with Certified Professionals (B21c) Jon France, Chief Information Security Officer, ISC2, United Kingdom

12:30-13:30 Lunch in Exhibits

Sycamore Ballroom

13:30-15:00 Track Sessions

Sycamore Ballroom
Cyber Resilience Act (CRA) (R22)
Rail
Moderator: TBA

13:30 Securing Railways: The Impact of Cybersecurity Standards and Certifications on Critical Infrastructure (R22a) Eddy Thesee, Vice President Product Cybersecurity, Alstom, France


14:00 Panel Discussion: Securing the Tracks—Navigating the NIS 2 and CRA in the Railway Industry (R22b) Leader: Amelia Alder, GRC Cybersecurity Manager, Knorr-Bremse, Switzerland; Eddy Thesee, Vice President Product Cybersecurity, Alstom, France; Andreas Meyer, Chief Product Security Officer, Knorr-Bremse, Switzerland; David Cuesta, Project Officer, European Railway Agency, Spain; Dominik Weidtmann, Procurement Rolling Stock, Deutsche Bahn, Germany [60 MIN]

Buckeye (First Floor)
Standards and Certification (S22)
Application
Moderator: 

Chestnut (First Floor)
Innovations in Assurance (F22)
Open Source
Moderator: TBA

13:30 Security from the Start: The Financial and Operational Gains of Secure Software Development (F22a) Jeffrey Apolis, Principal Cybersecurity R&D Science and Engineering, Sandia National Laboratories, United States


14:00 Panel Discussion: How to Deal with Open-Source Software Used in a Product Under CRA? (F22b) Leader: Arnaud Martin, Expert Digital & ICT Standardisation, Agoria, Belgium [60 MIN]

15:30-16:00 Networking Break

Sycamore Ballroom. Exhibits close at 16:00.

15:30-16:30 Closing Presentation

Sycamore Ballroom

15:30 Closing Presentation (P23a) TBA

16:30 Adjourn