Complete Agenda | Presentations by Track | Presentations by Topic
Conference Registrants: Presentations have been uploaded. Use login information in your Conference Program page 3 for access to the Conference Audio Archive.
Conference Day 1
Grand Ballroom Foyer
Grand Ballroom
09:00 Welcome and Introduction, Jose Ruiz, Program Director, 2019 International Conference on the EU Cybersecurity Act
09:10 Conference Plenary Keynote Address (P10a) Juhan Lepassaar, Executive Director, European Union Agency for Cybersecurity (ENISA)
09:50 Conference Welcome Presentation: The Cybersecurity Act is Here, But What Does This Mean? (P10b) Sergio Lombán Lage, VP, Digital Trust Services, SGS Group, Spain
Grand Ballroom Foyer
Panel Discussion (Ballroom 1&2) |
Panel Moderator: Jacques Kruse Brandao, Head of Advocacy Digital Trust Services, SGS Group, Germany |
11:20 Panel Discussion: Certification for Critical Infrastructures (P11a) Panelists: John Boggie, Director, Head of Cybersecurity Certification NXP Semiconductors UK; Sudhir Ethiraj, Cyber Security Strategy, TÜV SÜD Sec IT GmbH, Germany; Sergio Lombán Lage, VP, Digital Trust Services, SGS Group, Spain; Julian Meyrick, Managing Partner & Vice President, Security Strategy Risk & Compliance, Security Services, IBM, United Kingdom; Eva Schultz-Kamm, Head of Global Government Affairs, Siemens, Germany [70 Minutes]
Industry Alignment (Ballroom 3) |
Track Moderator: Garibaldi Conte, CEO, atsec information security S.r.l., Italy |
11:20 ETSI Security Evaluation Standardization Initiatives (A11a) Sonia Compans, Technical Officer, ETSI, France
11:55 Lessons Learnt in the Commercial Use of Security Certification—From Setting Standards to an Innovator’s Perspective (A11b) Boris Balacheff, HP Fellow & VP, Chief Technologist for Security Research and Innovation, HP Labs Security Lab, France
Grand Ballroom Foyer
Public Policy (Ballroom 1&2) |
Track Moderator: Jacques Kruse Brandao, Head of Advocacy Digital Trust Services, SGS Group, Germany |
13:50 Update on ENISA Operations and CSA Implementation (B12a) Slawomir Górniak, Security Tools and Architecture Expert, European Union Agency for Cybersecurity, (ENISA), Greece
14:25 European Cybersecurity Certification Framework, State of Play (B12b) Aristotelis Tzafalias, Policy Officer, Cybersecurity and Digital Privacy, European Commission, Belgium
15:00 ECSO’s Outlook on the EU Cybersecurity Act (B12c) Roberto Cascella, Senior Policy Manager, ECSO, Belgium
15:30 Security Needs to be Consistent—The Role of Process in the Cybersecurity Act (B12d) David Martin, Head of International Assurance, NCSC, United Kingdom
Industry Alignment (Ballroom 3) |
Track Moderator: Garibaldi Conte, CEO, atsec information security S.r.l., Italy |
13:50 Vendor Self-Assessment—The Good, The Bad, and the Ugly (A12a) Helmut Kurth, Chief Scientist and Laboratory Director, atsec information security, Germany
14:25 ISCI WG (International Smartcard Initiative) Who Are We? What Do We Do? How Do We Do It? And How Do We Contribute to The EU Cyber Act? (A12b) Rachel Menda-Shabat, Director of Security Solution Certification Division, ISCI WG sub-chair, Winbond, Israel
15:00 Update on The EU Cybersecurity Act: Is The Feared Balkanization of Common Criteria Being Reversed? (A12c) Martin Chapman, Senior Director, Standards Strategy and Policy EMEA, Oracle, Ireland
15:30 The Certification Landscape and What Industry Needs (A12d) John Boggie, Director, Head of Cybersecurity Certification NXP Semiconductors UK
Grand Ballroom Foyer
Standards for Success (Ballroom 1&2) |
Track Moderator: Matthias Intemann, Head of Section, BSI – Federal Office for Information Security, Germany |
16:30 CEN-CENELEC JTC13 WG3 Security Evaluation Standardization Initiatives (S13a) Miguel Bañon, Global Technology Leader for Cybersecurity, Epoche and Espri (a DEKRA company), Spain
17:00 Comparing National Lightweight Methodologies around Europe (S13b) Javier Tallon, CoFounder and COO, jtsec Beyond IT Security SL, Spain
17:30 Implementing and Maintaining a Cybersecurity Program—The Role of Standards (S13c) Raymond Romero, Deputy Director, Board of Governors of the Federal Reserve Systems, United States
Cloud and GDPR Frameworks (Ballroom 3) |
Track Moderator: David Martin, Head of International Assurance, NCSC, United Kingdom |
16:30 Toward the European Cloud Security Certification Scheme: The CSPCERT Final Public-Private Recommendation (C13a) The European Cloud Service Provider Certification Working Group, Saurabh Ghelani, EMEA Strategic Trust Leader, Google Cloud, et al.
17:00 The EU-SEC Framework (C13b) Lefteris Skoutaris, Research Analyst, Cloud Security Alliance, Greece
17:30 Addressing GDPR Requirements Using the ISO/IEC 27701 Standard. Is the CSA Looking At It? (C13c) Willy Fabritius, Global Portfolio Champion for Information Resiliency, BSI Group, United States
18:45 Optional Dine-Around Brussels Event. Join your colleagues for an informal networking dinner at one of Brussels’ finest restaurants (through 21:00). Sponsor:
Conference Day 2
Grand Ballroom Foyer
IoT Challenges (Ballroom 1&2) |
Track Moderator: Martin Schaffer, Global Head of Secure Products & Systems, SGS SA, Switzerland |
9:00 Embedded Systems for IoT Products: What is the Current Certification Offer? (I20a) Dr. Claire Loiseaux, CEO, Internet of Trust, France; Alexander Schasse, IT Security Consultant bei TÜV Informationstechnik GmbH – TÜViT, Germany
09:30 SESIP: A Practical, Operational, Lightweight CC Methodology (I20b) Wouter Slegers, CEO, TrustCB, Netherlands
10:00 EUROSMART IoT Security Certification Scheme (eIoT SCS) (I20c) Roland Atoui, Managing Director, Red Alert Labs/EUROSMART, France; and Ayman Khalil COO & Managing Partner Red Alert Labs
10:30 X-Gateway as a Modular Part of IoT (I20d) Markus Bartsch, Business Development, TUViT, Germany
Industrial Strategies (Ballroom 3) |
Track Moderator: Philippe Magnabosco-Caillat, Chargé de mission, ANSSI, France |
09:00 Foundations and Perspectives of the EU’s 2019 Cybersecurity Act Certification Legislation for the Industrial Automation and Control Systems (T20a) Paul Theron, Advisor & Cyb’Air Research Chair, Thales, France
09:30 Beyond the Theory of the Cybersecurity Act (T20b) Stefano Bracco, Knowledge Manager, European Union Agency for the Cooperation of Energy Regulators, Italy
10:00 IEC 62443: From Industry Recognized Standard to Base for Security Certification (T20c) Razvan Venter, Group Lead Product Certification, Secura BV
10:30 Building Trust and Hope in 5G Instead of Selling Fear (T20d) Mika Lauhde, Global Vice-President, Cybersecurity & Privacy, Global Public Affairs, Huawei, China
Grand Ballroom Foyer
IoT Challenges (Ballroom 1&2) |
Track Moderator: Martin Schaffer, Global Head of Secure Products & Systems, SGS SA, Switzerland |
11:30 Common Criteria as Backbone of IoT Security Certification (I21a) Thomas Billeau, Head of Certification, NXP, Germany
12:00 OWASP IoT Project: A Great Ally for the IoT Candidate Schemes (I21b) Jose Alejandro Rivas Vidal, Security Lab Manager, Applus+ Laboratories, Spain
Panel Discussion (Ballroom 3) |
Panel Moderator: Miguel Banon, Global Technology Leader for Cybersecurity, Dekra, Spain |
11:30 Standardization and the EU CSA (P21a) Discussion on standardization efforts under various national frameworks. Panelists: Sonia Compans, Technical Officer, ETSI, France; Helge Kreutzmann, Standardisation Expert, BSI; Philippe Magnabosco, Standardisation Expert, ANSSI, France; David Martin, Head of International Assurance, NCSC, United Kingdom [60 Minutes]
Grand Ballroom Foyer
Outlook/Opportunities (Ballroom 1&2) |
Track Moderator: Petra Manche, Compliance Engineer, Cisco, United Kingdom |
13:30 SOGIS View on the Cybersecurity Act (L22a) Bernd Kowalski, Chairman, SOG-IS, Germany
14:00 Overview of Current and Future NIAP and US Government Certification Initiatives (L22b) Mary Baish, Director, NIAP, United States
14:30 BSI View on the EU Cybersecurity Act (L22c) Matthias Intemann, Head of Section, BSI – Federal Office for Information Security, Germany
15:00 The ROI of Security Evaluations (L22d) Dirk-Jan Out, CEO, Brightsight
Innovations in Assurance (Ballroom 3) |
Track Moderator: Martin Chapman, Director Standards Strategy and Policy EMEA, Oracle, Ireland |
13:30 Addressing the Continuity of Software Security for Embedded Devices (N22a) Jasmina Omic, Product Manager Services, Riscure, Netherlands
14:00 Updating Certified Products (N22b) Gabor Hornyak, CTO, CCLab, Hungary
14:30 Agile Assurance: Modernizing IT Product Certification (N22c) Lachlan Turner, Director Consulting, Lightship Security, Canada
15:00 Making Evaluation Schemes Scale Up: the Tensegrity of Process and Product (N22d) Tony Boswell, Senior Principal Consultant, DNV GL Technical Assurance Laboratory, United Kingdom
Grand Ballroom Foyer
16:00 Panel Discussion: Looking Ahead to the Next Generation of Industry Assurance (P23a) Moderator: Chris Gow, Director, EU Public Policy, Government Affairs, Cisco, Belgium Panelists: Michael Cooper, Manager, Security Testing, Validation and Measurement Group, National Institute of Standards and Technology (NIST), United States; Slawomir Górniak, Security Tools and Architecture Expert, European Union Agency for Network and Information Security (ENISA), Greece; Jonathan Sage, Government and Regulatory Affairs, IBM, United Kingdom; Aristotelis Tzafalias, Policy Officer, Cybersecurity and Digital Privacy, European Commission, Belgium
[60 Minutes]