09:30
10:00 – 10:30
Opening
Cybersecurity Summit 2025: The Perimeter Has Shifted – Cyber Resilience in a Borderless World
Ronald Kingma
10:30 – 11:15
Stronger together, building the future of cyber resilience
In today’s hyper-connected world, the battle for cybersecurity resilience is not just a technological challenge but a human one. We live in an era defined by complex and rapidly evolving cyber threats and true resilience requires more than just isolated defenses. This talk explores the power of unifying diverse security tools and data streams to achieve a comprehensive, real-time understanding of the threat landscape. We’ll discuss how integrating advanced AI, machine learning, and automated response can break down data silos, reduce detection times, and improve threat hunting efficiency. By adopting an open and collaborative approach, organisations can create a security ecosystem that is not just reactive but proactively resilient, ready to defend against both known and emerging threats. Together, we can build a smarter, more secure digital future where technology and human expertise work in harmony to protect what matters most.
Gareth Young
11:15 – 12:00
Contextual Mobilization in a Borderless World
Attackers have shifted their tactics and technics to match modern attack surfaces, and accelerated their ability to successfully target them through perfectly crafted prompts. To keep up, defenders have to also shift their strategies to preempt the new paths the attackers will tread. Join Gavin Millard, VP Product from Tenable, where he’ll talk about the need to know all the different attack surfaces being targeted today, and how through effective contextualisation, organisations can stay ahead and shut down the right attack paths before they are leveraged.
Gavin Millard
12:00 – 12:50
Networking / Lunch
12:50 – 13:15
From Control to Continuity: Rethinking Privileged Identity Security for the Hybrid Era
In an digitally advanced yet increasingly regulated environment, IT administrator accounts represent both a critical enabler of innovation and a growing point of risk.
As cyber threats become more sophisticated and regulations like NIS2 and DORA push for demonstrable control, the question is no longer if to secure privileged identities – but how to do it without slowing down the business.
This session will offer a forward-looking perspective on how you can operationalise Identity Security through platform thinking. We’ll explore how IAM and cybersecurity leaders can strike the right balance between control, compliance, and continuity – ensuring privileged users have secure, efficient access while the organisation maintains visibility, accountability, and resilience.
Scott Shield
12:50 – 13:15
Managing Third-Party Risk in the Age of DORA & NIS 2
With the DORA and NIS 2 Directives setting new regulatory benchmarks, the pressure on organisations to strengthen their Third-Party Risk Management (TPRM) has never been higher.
But more than a one-time compliance hurdle, the directives are about ensuring long-term resilience. Cyber threats no longer stop at your perimeter—they infiltrate through your vendors, partners, and suppliers.
In this session, we’ll explore actionable strategies to stay ahead:
- Automate Third-Party Risk Assessments: Streamline the process and free up resources.
- Gain Continuous Monitoring: Stay informed about evolving threats within your supply chain.
- Prioritise Critical Risks: Leverage expert insights and data to focus on the biggest threats.
- Improve Communication & Collaboration: Enhance communication with your vendors for better security
Michael Strobl
12:50 – 13:15
Handling the Modern-Day Attacker with a Defensive Layered Approach (SOC)
Today’s attackers aren’t just breaking down the front door. They’re slipping in quietly, moving laterally, and blending in with legitimate activity.
The modern-day attacker is more sophisticated, more patient, and more persistent than ever before.
In this session, we’ll explore how the Access42 Security Operations Center defends against these evolving threats. Not with a single tool or tactic, but through a layered, integrated approach. We’ll map the attacker’s journey using the cyber kill chain, and see how every layer of defense plays a critical role in detecting, analyzing, and responding to modern attacks.
.
Stefan Lambregts
13:25 – 13:50
Unveiling the Unseen: A Responsible Approach to Web Vulnerability Disclosure
What started as a routine penetration test quickly unraveled into full system compromise, exposing a critical vulnerability hiding in plain sight. In this talk, we walk through the discovery of a Remote Code Execution vulnerability in an exposed printer interface, from the initial findings to the behind-the-scenes technical mechanics that made it possible. You’ll get a glimpse of the full discovery and disclosure timeline, how the vendor responded, and what this means for organizations relying on similar web applications.
Dylan Wesselink
13:25 – 13:50
Unified Human Risk Management: a holistic approach to cyber security focused on identifying, managing, and reducing the human risk that organizations face
In today’s evolving threat landscape, CISOs and security leaders face a dual challenge—external attackers targeting employees as the weakest link and internal risks stemming from human error or malicious intent. This forward-looking session will explore how a unified Human Risk Management (HRM) strategy can bridge the gap between external threats and internal vulnerabilities. Discover actionable insights to strengthen your organisation’s cyber resilience by leveraging cutting-edge AI, automation, and contextual education to reduce risks and streamline security operations
Patrick Goedhart
13:25 – 13:50
Why do the legacy approaches fail to protect your APIs?
Nicolas Jeanselme is API Security expert for Salt Security. With over three hundred API penetration tests under his belt, Nicolas is putting his expertise on the limits of legacy security solutions to good use at Salt Security to help organisations implement the most robust API security strategies.
Nicolas Jeanselme
14:00 – 14:45
Achter de schermen bij Team Digitale Opsporing en het Cybercrimeteam
Barend neemt je mee in de wereld van het Team Digitale Opsporing. Wat gebeurt er achter de schermen? En zijn cybercriminelen echt slimmer dan de politie, zoals vaak wordt gezegd?
Ontdek hoe een team van IT-specialisten zich dagelijks inzet om Nederland (digitaal) veiliger te maken. Barend laat zien aan welke onderzoeken zij werken en hoe cybercrime-teams complexe zaken aanpakken. Welke kennis en expertise komt daarbij kijken? Duik mee in de fascinerende wereld van digitale opsporing en cybercriminaliteit!
Barend Frans
14:45 – 15:15
Coffee / Tea break
15:15 – 15:45
The Overlooked Threat: Why Mobile Devices Are Your Weakest Link
Employees rely on iOS and Android devices for authentication, communication, and productivity—often while working remotely. As cyberattacks on mobile devices become more common, Lookout research reveals the Tactics, Techniques, and Procedures that threat actors use to target both individuals and enterprises in an effort to breach organizational security.
Join Michael Simpson, Senior Solution Engineer at Lookout, for a real-world look at the threats targeting your mobile fleet and what you can do about them in 2025 and beyond:
- A day in the life of your mobile device and where to spot the attacks
- How mobile device activity serves as early warning signs for broader, organisation-wide attacks.
- Where modern mobile ecosystems fall short, and how adversaries are exploiting those vulnerabilities.
- What real-world data reveals about mobile phishing, malware, misconfigurations, and emerging threats.
Walk away with actionable strategies to stay a step ahead and keep your mobile endpoints secure.
Michael Simpson
15:45 – 16:10
1 podium, meerdere security heavyweights. Éen urgente vraag:
Hoe houd je grip op security in een wereld die continu verandert?
Van e-mail tot endpoint, van privilege tot zichtbaarheid — deze experts nemen geen blad voor de mond.
Laat je bijpraten, uitdagen en inspireren.
TBD
16:10 – 17:00
Closing talk – Brenno de Winter – Cybersecurity is ROT
For many CISOs and security experts, information security feels like a relentless uphill battle. There’s always another regulation to navigate, another organizational roadblock to overcome, and another technical vulnerability to fix. It’s a world of constant pressure, and for many, it can feel like their work is simply ROT — Regulation, Organization, and Technology — each a source of frustration rather than a force for security.
But why does it have to be this way? Why do those responsible for safeguarding organizations often end up feeling overwhelmed? In my upcoming talk, I will explore the reasons behind this struggle and, more importantly, how we can change it.
We will take a close look at the three pillars of information security:
Regulation: How endless compliance requirements can create more confusion than clarity.
Organization: Why internal resistance and conflicting priorities often undermine security efforts.
Technology: The constant challenge of managing tools, vulnerabilities, and emerging threats.
But this talk is not just about identifying the problems — it’s about finding solutions. I will share practical strategies to help security leaders reclaim control, build resilience, and turn information security from a burden into a strategic advantage.
Join me for a fresh perspective on information security and learn how we can transform ROT into a foundation for security excellence.
Brenno de Winter
17:00 – 18:00
Networking / Drinks and snacks
Bestel nu je (gratis) ticket en
kom naar de Cybersecurity Summit
op 19 juni 2025!
kom naar de Cybersecurity Summit
op 19 juni 2025!