EVENT AGENDA Registration
09:00 – 09:30
Future of cyber security 09:30 – 10:30
Dorothee Belz, Vice-President Legal and Corporate Affairs Europe, Microsoft
Scott Charney, Vice-President Trustworthy Computing, Microsoft
Ivailo Kalfin, Member of the European Parliament Maciej Popowski, Deputy Secretary General, European External Action Service
10:30 – 11:00
11:00 – 12:30
Threat landscape and the paradigm
Transparency through certification:
shift in becoming resilient
Data, Cloud & NIS standards
sessions (13:00) Flash Session: “Developing a National 12:30 – 13:30
Strategy for Cybersecurity: Foundations for
Security, Growth, and Innovation” Security frameworks for critical infrastructure Gintaras Čiurlionis, Director of the ITC Department, MoI, Lithuania 13:30 – 15:00
Mark Clancy, Managing Director and Corporate Information Security Officer, DTCC
Tom Robertson, Vice-President and Deputy General Counsel, LCA, Microsoft
Matthew Scholl, Deputy Chief of the NIST Cybersecurity Division, US Giles Smith, Deputy Director Cyber & Information Economy BIS, UK Paul Timmers, Director Sustainable & Secure Society, DG CONNECT, European Commission Moderator: Ambassador Jean de Ruyt, Senior Public Policy Advisor, Covington
15:00 – 15:30 15:30 – 17:00
Information sharing: how to build a
OECD: Cybersecurity for Economic and
Conclusion & Reception
EVENT SESSIONS OVERVIEW 09:30 – 10:30
Keynote session: Future of cyber security Welcome: Dorothee Belz, Microsoft. Keynoters: Maciej Popowski, European External Action Service; Ivailo Kalfin, European Parliament; Scott Charney, Microsoft.
11:00 – 12:30
Break out session 1: Threat landscape and the paradigm shift in becoming resilient Microsoft experts will give insight into new threats on the horizon and discuss findings from Microsoft’s Security Intelligence Report. This session will dive into the paradigm shift from protection to resilience and the necessary organizational changes. Priorities of threats as well as the top-level strategic objective of risk management towards the concept of “Prevent, Detect, Respond and Recover” will be discussed. Defined as the ability of a system to withstand and recover from adversity, the concept seems particularly useful for informing current policymaking. Participants: Karel Dekyvere, Microsoft; Reto Haeni, Microsoft; Paul Nicholas, Microsoft.
11:00 – 12:30
Breakout session 2: Transparency through certification: Data, Cloud & NIS standards Visibility into a cloud provider’s security controls remains a major priority for organizations looking to move applications and services to the public cloud model. There is no standard way for companies to evaluate a cloud provider’s security or for providers to document their controls, but there are efforts underway to create transparency and data security through standards outlined in the draft privacy regulation, the European Cloud Strategy and the draft Network and Information Security Directive. This session will recapitulate the current state of play and discuss the implementation of controls by business. Participants: Lionel Dupré, Enisa; Tjabbe Bos, European Commission; Christoph Rechsteiner, SAP; Mark Estberg, Microsoft; Daniele Catteddu, Cloud Security Alliance; Andreas Fuchsberger, Microsoft.
13:30 – 15:00
High level panel: Security frameworks for critical infrastructure In many geographies, new security frameworks are under discussion. The panelists will share their experience and exchange views on existing and evolving security frameworks that offer a regulatory basis for the critical ICT infrastructure. The focus is set on the trust and confidence in cyberspace that requires strict protection of critical information by means of standardization, secure access, and transmission. Panelists: Matthew Scholl, NIST; Paul Timmers, European Commission; Mark Clancy, DTCC; Giles Smith, BIS, UK; Gintaras Čiurlionis, MoI, Lithuania; Tom Robertson, Microsoft.
15:30 – 17:00
Breakout session 3: Information sharing: How to build a trustworthy system? This session will present emerging initiatives of information sharing schemes from different countries and explore the challenges of sharing very sensitive and current information on actual attacks on specific networks. What is the right approach to span these key sectors,
from Retail and Finance to Transport and Defence, as well as cross-border? Participants:
Reto Hani, Microsoft; Jakub Boratynski, European Commission; Steve Purser,
Enisa; Gary Payne, Cabinet Office, UK; Paul Nicholas, Microsoft. 15:30 â€“ 17:00
Breakout session 4: OECD: Cybersecurity for Economic and Social Prosperity The OECD is currently reviewing its 2002 Security Guidelines which provide a set of high-level policy principles for the management of security risk in the Internet economy. In this context, this session will discuss best practices from government and business for ensuring cybersecurity that serves economic and social prosperity, consistent with the OECD mandate. Participants: Laurent Bernat, OECD; Stefanie Frey, MELANI, Switzerland, Giles Smith, BIS, UK; Aku Hilve, Ministry of Finance, Finland.