First Floor Reception
The EU Cyber Acts Conference Starts with Two Special-Focus Full-Day Events
Presenting Sponsor: GlobalPlatform. Prepare now for the requirements of the EU Cyber Resilience Act (CRA).
Focused on the global development of cybersecurity certification frameworks for AI systems.
Sycamore Ballroom
Sycamore Ballroom
09:00 Introduction and Welcome (P10a) Wouter Slegers, CEO, TrustCB, Netherlands
09:10 Forging a Cyber Resilient Future: The EU’s Lead Role in Standardization and Certification (P10b) Christiane Kirketerp de Viron, Acting Director for Digital Society, Trust and Cybersecurity, DG CONNECT, European Commission, Belgium
09:40 Methods to Achieve Certification Scale as Envisioned by the Original Cybersecurity Regulatory Vision (P10c) Daniel O’Loughlin, Vice President Engineering, Qualcomm, United States
Sycamore Ballroom
EUCC (J11) EUCS & CC |
Moderator: TBA |
10:50 An Update on ENISA Certification Activities (J11a) Philippe Blot, Head of Sector Certification, European Union Agency for Cybersecurity (ENISA), Greece
11:20 From Launch to Lift-Off: EUCC Start-Up Challenges and Scaling Operations for Full Compliance (J11b) Jose Emilio Rico, Cybersecurity Strategy Leader, DEKRA Testing and Certification S.A.U., Spain
11:50 Cloud Common Criteria Certification Considerations (J11c) Jade Stewart, NIAP Portfolio Manager, National Information Assurance Partnership (NIAP), United States; Mike Grimm, Principal Security Program Manager, Microsoft, United States
IoT Cyber Certification (T11) Application of Certification |
Moderator: TBA |
10:50 Certification Strategies for Global Cybersecurity Compliance in IoT (T11a) Antonio David Vizcaino Gomez, Cybersecurity Technical Sales Manager, DEKRA, Spain
11:20 Assessing the Cyber RED-DA: Our Take on the Good, the Bad, and the Impact of EN 18031 (T11b) Nuria Carrio, Certification Technical Director, Applus+ Laboratories, Spain
11:50 The Impact of the Cyber Resilience Act on Different Industry Sectors (T11c) Raluca Viziteu, Security Consultant, Secura, Netherlands
Specific Domains and Workgroups (D11) Experiences |
Moderator: TBA |
10:50 Experience and Lessons Learned: Cybersecurity Compliance of Industrial Control Systems Base on IEC62443-4-2 Testing (D11a) Salvador Trujillo, CEO, ORBIK Cybersecurity, Spain
11:50 Closing the Cyber Risk Protection Gap: A Call for Collective Action (D11b) Andreas Schmitt, Global Cyber Underwriting Manager, Zurich Insurance Company, Switzerland
11:20 A Positive, Comprehensive and Successful (so far) Multi-Referential Compliance (D11c) François Ehly, Senior Manager Compliance, Almond, France; Thierry Notot, IoT Cybersecurity Manager, Socomec Group, France
Sycamore Ballroom
EUCC (J12) EUCC Implementation |
Moderator: Jose Emilio Rico, Cybersecurity Strategy Leader, DEKRA Testing and Certification S.A.U., Spain |
13:20 Breaking New Ground: ITSEF’s Journey Through EUCC Accreditation and Authorization (J12a) Nuria Carrio, Certification Technical Director, Applus+ Laboratories, Spain
13:50 Panel Discussion: EUCC Scheme—First Experience in Setting Up the Necessary Ecosystem (J12b) Leader: Wouter Slegers, EU Cyber Acts Conference chair, and CEO, TrustCB, Netherlands; Johannes Feldmann, Head of Information Technology and Cybersecurity Division, Deutsche Akkreditierungsstelle (DAkkS); Germany [60 MIN]
Standards and Certification (S12) Specific Topics |
Moderator: TBA |
13:20 State of Play of Security Requirements for EUDI Wallet and Interplay With the EU CSA (Regulation 2019/881) and EU CRA (S12a) Alban Feraud, Manager of Standards and Regulatory Affairs, IDEMIA, Belgium
13:50 From Development to Deployment: Ensuring Secure Variable Frequency Drives Against Cyber Attacks (S12b) Manju Venugopal, Product Security Leader, Rockwell Automation, United Kingdom
14:20 Importance and Challenges of Security Evaluations of Hardware-Based Security (S12c) Jorge Carrera, Cybersecurity Technical Sales, DEKRA, Spain
Industry (ITC) Alignment (Y12) Specialised Schemes |
Moderator: TBA |
13:20 One Principle to be Considered Before Developing New Certification Schemes (Y12a) Alireza Rohani, Certifier, TrustCB, Netherlands
13:50 Harmonising IoT Security: Lessons from Singapore’s Cybersecurity Labelling Scheme (Y12b) Clifton Choo, Senior Assistant Director, Cyber Security Agency, Singapore
14:20 Navigating EU Cybersecurity Regulations: Callenges for Smart Lock System Developers (Y12b) Marc Le Guin, Head of Evaluation Body IT Security, TÜV Informationstechnik GmbH, Germany
Sycamore Ballroom
Standards and Certification (S13) Specialised Schemes |
Moderator: TBA |
15:20 New European Standard—Does a Cybersecurity Certification Scheme Fit into the Framework? (S13a) Elzbieta Andrukiewicz, ITSEF Manager, National Institute of Telecommunications, Poland
15:50 The Benefits of the EN 17640 Standard in the Harmonisation of the German and French Fixed-Time Certification Schemes (S13b) Jens Ziegler, Head of Division—BSZ, NESAS Certification, Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany
16:20 Building Trust: Developing a Private Cybersecurity Certification Scheme for Cryptographic Modules under ISO/IEC 19790 (S13c) Jose Emilio Rico, Cybersecurity Strategy Leader, DEKRA Testing and Certification S.A.U., Spain
16:50 Navigating the Future of Security Compliance: An Introduction to OSCAL (S13d) Pirooz Javan, Chief Technology Officer (CTO), Easy Dynamics, United States
Cyber Resilience Act (CRA) (R13) CRA Implementation |
Moderator: TBA |
15:20 Requirements of the Cyber Resilience Act in Practice (R13a) Markus Engqvist, Lab Manager, atsec information security AB, Sweden
15:50 Assessment of Harmonised Standards for the EU Cyber Resilience Act (R13b) Omar Dhaher, Associate Director, Standardisation and Compliance Policy, DIGITALEUROPE, Belgium
16:20 Panel Discussion: Navigating EU Regulations—The Interplay Between RED, CRA, and EU Certification Schemes (EUCC and Beyond) (R13c) Leader: Jose Francisco Ruiz Gualda, Cybersecurity BU Director, Applus+ Laboratories, Spain [60 MIN]
Innovations in Assurance (F13) SBOM |
Moderator: TBA |
15:20 NIAP SBOM Pilot (F13a) Jade Stewart, NIAP Portfolio Manager, National Information Assurance Partnership (NIAP), United States
15:50 Understanding SBOMs in Real-World Systems—A Practical DevOps/SecOps Perspective (F13b) Andrei Costin, Assistant Professor / CEO / Co-Founder, University of Jyvaskyla / Binare.io, Finland
16:20 Panel Discussion: SBOMs and DPP 2826, Navigating Transparency (F13c) Leader: Jeff Schutt, Principal Security Engineer, Cisco Systems, United States [60 MIN]
Open to everyone. Located in the Exhibit Area. Catch up your colleagues for a refreshing beverage at the end of the day’s events.
Enjoy an informal group dinner with your conference colleagues. This is an add-on to the conference registration. For an additional fee you can reserve your seat for a prix-fixe dinner at a group table. Reserve early—seating is limited. On site, you’ll meet your group at 18:20 at the conference registration desk and depart from there.
Sycamore Ballroom
Cyber Resilience Act (CRA) (R20) CRA Application |
Moderator: TBA |
09:00 CRA from BSI Perspective (R20a) Sandro Amendola, Director, Responsible for Standardisation, CRA, CSA, Certification, Telecommunication , Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany
09:30 How Will IoT Applications Be Able to Build Upon a Security Resilient Eco-System? (R20b) Sandrine Pic, Security Programs Manager, Nordic Semiconductor, Norway
10:00 Will CRA Solve the Supply Chain Security or Create a Procurement Maze? An Assessment from an Industry Perspective (R20c) Arnaud Martin, Expert Cybersecurity Regulation and Standardisation, Agoria, Belgium
IoT Cyber Certification (T20) Embedded Application |
Moderator: TBA |
09:00 Strengthening ETSI EN 303 645: Insights from TIC Council’s Cybersecurity Hackathons (T20a) Jorge Wallace, Cybersecurity Technical Leader, DEKRA, Spain
09:30 Threat Model for Embedded Devices—EMB3D™ (T20b) Adam Hahn, Principal OT Security, The MITRE Corporation, United States
10:00 The Dark Side of Solar Energy (T20c) Uri Sadot, Cybersecurity Program Director, SolarEdge Technologies, Israel
Cryptographic Modules (A20) Crypto |
Moderator: TBA |
09:00 ECCG Cryptographic Subgroup Update (A20a) Lucile Gallant Boisard, Cybersecurity Consultant, Internet of Trust, France
09:30 Preparation of Europe Against the Quantum Threat—How to Become Quantum Safe with PQC (A20b) Manfred Rieck, VP Individual Solution Development, Deutsche Bahn, Germany
10:00 On Certifying Post-Quantum Implementations at “High” Assurance Level (A20c) Markku-Juhani Saarinen, Professor of Practice, Tampere University, Finland
Sycamore Ballroom
Cyber Resilience Act (CRA) (R21) CRA Implementation |
Moderator: TBA |
11:00 CRA for Device Makers—How Can EN 17927 Simplify Regulatory Compliance? (R21a) Carlos Serratos, IoT Certification Expert, GlobalPlatform, Netherlands
11:30 Panel Discussion: Implementation of the CRA for Product Development in the EU (R21b) Leader: Olivier Van Nieuwenhuyze, Security Lobbying & Standardization Senior Manager, STMicroelectronics, Belgium [60 MIN]
Standards and Certification (S21) Open Processes |
Moderator: TBA |
11:00 You’re Doing WHAT for Security?: Securing the Digital Enterprise with Open, Consensus-Based Standards (S21a) John Linford, Director, The Open Group, United States
11:30 Panel Discussion: Bringing Cybersecurity into the European Software Market: An Opportunity or a Tough Challenge? (S21b) Leader: Davide Ariu, OWASP Italy Co-Chair, PLURIBUS ONE—OWASP ITALY, Italy [60 MIN]
Public Policy (B21) Link to Finances |
Moderator: TBA |
11:00 Securing the Point of Interaction Terminal Yesterday, Today and Tomorrow (B21a) Jeremy King, Regional VP Europe Middle East Africa, Payment Card Industry Security Standards Council (PCI SSC), United Kingdom
11:30 NIS2 and Cybersecurity—Effective Strategies for Compliance and Risk Management (B21b) Ralf Kutsche, Cybersecurity Expert and Author, bkm consultants, Germany
12:00 Bridging the Cybersecurity Skills Gap: Driving Successful Implementation of EU Regulations with Certified Professionals (B21c) Jon France, Chief Information Security Officer, ISC2, United Kingdom
Sycamore Ballroom
13:30 Securing Railways: The Impact of Cybersecurity Standards and Certifications on Critical Infrastructure (R22a) Eddy Thesee, Vice President Product Cybersecurity, Alstom, France
14:00 Panel Discussion: Securing the Tracks—Navigating the NIS 2 and CRA in the Railway Industry (R22b) Leader: Amelia Alder, GRC Cybersecurity Manager, Knorr-Bremse, Switzerland; Eddy Thesee, Vice President Product Cybersecurity, Alstom, France; Andreas Meyer, Chief Product Security Officer, Knorr-Bremse, Switzerland; David Cuesta, Project Officer, European Railway Agency, Spain; Dominik Weidtmann, Procurement Rolling Stock, Deutsche Bahn, Germany [60 MIN]
13:30 Securing Europe’s Defence: Enhancing Defence Industrial Base Cybersecurity Maturity in the Face of New Defence Industrial Strategies (S22a) Krzysztof Swaczynski, CEO, SEQRED, Poland
14:00 Panel Discussion: What Should Be the Role of Basic Assurance and Self-Assessment in the CSA/CRA World? (S22b) Leader: Tony Boswell, Senior Principal Consultant, CyTAL UK Ltd, United Kingdom [60 MIN]
Innovations in Assurance (F22) Open Source |
Moderator: TBA |
13:30 Security from the Start: The Financial and Operational Gains of Secure Software Development (F22a) Jeffrey Apolis, Principal Cybersecurity R&D Science and Engineering, Sandia National Laboratories, United States
14:00 Panel Discussion: How to Deal with Open-Source Software Used in a Product Under CRA? (F22b) Leader: Arnaud Martin, Expert Digital & ICT Standardisation, Agoria, Belgium [60 MIN]
Sycamore Ballroom. Exhibits close at 16:00.
Sycamore Ballroom
15:30 Closing Presentation (P23a) TBA