Council of the European Union
Speaker — To Be Confirmed
This is not a typical conference.
Next IT Security Stockholm brings together a carefully selected group of cybersecurity leaders to share real experiences, challenge ideas and build meaningful connections — without noise, without sales pitches, and without wasted time.
Every conversation is intentional. Every connection is relevant.
This is where cybersecurity leaders meet to exchange insights that actually matter.
Event Date
March 12, 2026
Duration
One-day executive event
Time
08:00 AM – 18:00 PM
Location
The Grand Hôtel in Stockholm, Sweden
Audience
CISOs, Heads of Security, IT Leaders
Attendance
Limited to 150 delegates
Private, invitation-based event for CISOs and senior decision-makers.
Featuring Global Security Experts & C-Level Visionaries
Speaker — To Be Confirmed
CISO | World Health Organization
FBI Attaché to Europol | J-CAT
CISO | NATO Communications & Information Agency
CISO | European Investment Bank
Senior Cyber Security Consultant | Bank of England
CTO | SEB Group Security
Global Head of Cyber Risk | Allianz
MD & Global Head of Emerging Technology Risks | BNP Paribas
Speaker — To Be Confirmed
Chief Cyber Strategy Officer | Geneva State Police
Police Superintendent | Swedish Police Authority
CISO | Heineken
Global Chief IT Security Services Officer | GEA Group
VP, Chief Security Officer ECS | SAP
Head of Global IT Security | Epiroc
CISO | Stena AB
Managing Director of IT | FedEx
Head of Cyber GRC | DMG Media
Award-winning CISO / CRO / CSO | WEF / BT / Airbus
A carefully curated program focused on real-world challenges, strategic discussions and meaningful networking.
Time for initial networking on the event while we are expecting the Opening Keynote.
Shared Responsibility Between Public and Private Sectors
Public and Private sectors can and must build stronger resilience by sharing resources in evolving cyber threats environments. Through practical examples of public – private potential we will focus on features that this collaboration can bring to the table and why is that important nowadays.
Attendees will gain actionable insights on how to structure communication channels, align security priorities, and integrate awareness programs that foster collaboration rather than competition. The session provides a realistic roadmap for improving preparedness and accelerating joint response efforts.
Instead of relying on isolated defense mechanisms, fragmented reporting, or reactive postures, you will learn how to leverage cooperation and shared accountability to strengthen resilience, build trust, and reduce the overall risk exposure across your ecosystem.
Organizations can move beyond simple information exchange toward actionable intelligence that strengthens collective resilience. Through real-world examples from both the public and private sectors, the discussion will highlight the importance of data context, validation, and trust when sharing cyber threat information. The session will also address the cultural and procedural barriers that often prevent effective collaboration. From fear of reputation loss to lack of unified response protocols.
Attendees will gain different perspectives on how to transform fragmented information into intelligence that supports faster, coordinated decisions.The panel will uncover how shared trust frameworks, joint playbooks, and transparent communication can elevate entire ecosystems instead of benefiting only individual entities.
Instead of treating threat information as isolated reports that sit unused in inboxes, this session will show how to turn them into actionable intelligence that drives prevention, early warning, and mutual protection across the IT Security community.




When it comes to potential targets for cyberattacks, easier to breach means more likely to fall victim. While you might not be able to influence your perceived value, there are changes that can eliminate your organization from being seen as an easy target. We’ll explore practical tactics to reduce your surface area of attack and controls to prevent lateral movement should a breach occur.

Let’s discuss what we hear about Public & Private cooperation over a cup of coffee and explore some new opportunities with the partners of the event.
Chapter Two:
One for All!
Strengthening Cyber Resilience Through Regulatory Compliance
Modern compliance frameworks NIS2, DORA, and the upcoming Cyber Resilience Act (CRA) , standardize expectations across industries, forcing organizations to adopt minimum security baselines, structured risk management, and transparent reporting practices
These unified rules reduce ambiguity in the market, align suppliers and customers around the same obligations, and create predictable security requirements that simplify vendor selection, technology adoption, and internal decision-making.
As organizations mature under these regulations, compliance becomes more than a checklist: it reshapes market behavior, elevates security practices across entire ecosystems, and ultimately transforms baseline regulatory pressure into sustainable, long-term cyber resilience.


Using compliance frameworks as a structured guideline transforms complex security requirements into actionable, prioritized steps and reduces uncertainty in decision-making.
Organizations gain clearer visibility, reduce operational friction, and optimize resources by aligning security controls with existing compliance standards instead of reinventing processes.
This approach accelerates security maturity, increases overall resilience, and enables teams to deliver stronger protection with higher efficiency and measurable effectiveness.





The once-simple separation between Production, Testing, and Development has evolved into a complex web of cloud accounts, Kubernetes clusters, and on-premise systems. This sprawling architecture has created a “chaos of permissions” and indirect connections that are increasingly difficult to manage.
In this session, we explore why understanding these intricate relationships is now a critical security requirement. We will discuss how modern systems, including AI agents, can easily find paths around intended limitations, turning what were once “hard” boundaries into trivial hurdles for an attacker.
Finally, we will cover how to gain visibility into this haystack of connections to identify and solve the key issues hidden within.

Time to gather after two main focus areas of the event (One For All and Public & Private Collaboration in Nordics) , and gather our thoughts on it over the lovely seated lunch.
Overcoming Barriers to Information Sharing
Explore proven frameworks, tools, and organizational strategies that enable secure, efficient, and compliant cross-border information sharing between organizations and security teams.
Attendees will learn how to break down silos, build trust, and improve collaboration, ensuring that critical threat intelligence is shared safely and acted upon quickly.
Implementing these best practices strengthens overall cyber resilience, reduces the risk of delayed response to threats, and fosters a culture of proactive, trusted information exchange across borders.

A panel of experts will explore how cybersecurity teams can effectively share information across organizational and human barriers. Discussions will focus on navigating challenges such as human ego, company policies, and inter-team dynamics, while still respecting regulatory and organizational boundaries.
Attendees will gain actionable insights on fostering trust, collaboration, and communication across teams, emphasizing that cybersecurity is a team sport where success depends on sharing knowledge efficiently and responsibly. Implementing these approaches strengthens threat response, encourages cooperative practices, and promotes a culture of proactive, cross-team cybersecurity.




For too long, security has relied on expensive, ineffective annual training that addresses a knowledge problem when it should be focused on a behavioral challenge. This results in the human being the enterprise’s most valuable, yet most frequently targeted, asset. This session pivots the conversation from the static Awareness Plateau to measurable, strategic risk reduction.
We will introduce the next era of organisational defense: Workforce Trust Management (WTM), a framework essential for securing your newly hybrid organization—the diverse combination of humans, bots, and AI agents. Learn how to quantify this hybrid risk, apply behavioral science to build a positive, shame-free security culture, and implement the actionable DEEP Framework (Defend, Educate, Empower, Protect) to move your program from expensive compliance to strategic, business-aligned intelligence.

Let’s discuss what we hear about Security Without Borders over a cup of coffee and explore some new opportunities with the partners of the event.
From Guidelines to Implementation
As digital trust becomes the backbone of modern security, organisations must evolve their cryptographic foundations. In this joint session, Lakshmi Hanspal, Chief Trust Officer at DigiCert and Andreas Hedberg, APO of Cryptography and Key Management at Swedbank, explore how PKI modernization enables resilience, agility and readiness for the post-quantum era.
Swedbank share its journey tackling cryptographic lifecycle challenges, from shrinking certificate validity to 47-days to preparing for quantum-safe cryptography. Together, they reveal how modern PKI and DNS automation underpin not only crypto agility, but also the protection of next-generation systems powered by Agentic AI.


With organizations facing a rapidly increasing volume of cyberattacks, human-scale defenses can no longer keep pace with cloud complexity. Discover how the emergence of AI is transforming the security analyst’s day-to-day work, evolving from manual alert fatigue to an AI-driven, human-led approach.


Examine the emerging field of Agentic AI, focusing on frameworks, tools, and methodologies for securing AI systems across organizational boundaries.
Attendees will learn how to manage AI risks, enforce governance, and implement security controls, ensuring AI adoption is safe, reliable, and compliant across the enterprise.
Applying these best practices builds trustworthy AI ecosystems, mitigates operational and ethical risks, and positions organizations to leverage AI securely for competitive advantage.

Each topic will be discussed at a dedicated round table for 30 minutes, with round table captains ensuring that everyone has an equal opportunity to participate. The discussions follow a “learning by teaching” approach, meaning that each participant shares their insights while actively listening to the perspectives of seven other guests.
After the first 30 minutes, all participants except the round table captain will change seats, allowing attendees to engage with new peers and gain diverse perspectives, ensuring a high-quality networking and knowledge-sharing experience.








How has GenAI changed the way large institutions can scale and industrialise outside-in intelligence?
How has GenAI changed the way large institutions can scale and industrialise outside-in intelligence?



This session dives into the practical application of Zero Trust principles across modern cloud and AI environments, showing how to secure AI models, data pipelines, and interconnected services without slowing down innovation.
Participants will walk away with concrete strategies and real-world examples for implementing Zero Trust, balancing robust security with operational efficiency, and turning complex multi-cloud and AI challenges into manageable, repeatable practices.
By adopting these approaches, organizations can confidently scale AI initiatives, protect critical data, and build resilient cloud environments, ensuring that security becomes a business enabler rather than a bottleneck.



Selected as the official venue for Next IT Security Stockholm, Grand Hôtel offers a setting that supports privacy, discretion and high-level interaction.
The Grand Hôtel in Stockholm has been home to celebrities, high-profile events and everyday bon-vivants since 1874. Situated in the best waterfront location imaginable, the hotel overlooks the Royal Palace and Gamla Stan, Stockholm’s old town.
The Grand is also home to the classic Swedish Veranda restaurant, renowned for its traditional smörgåsbord, Mathias Dahlgren’s awarded restaurants and the spectacular Cadier Bar.
Our partners don’t just attend — they lead the conversation.
Exclusive access to industry leaders, actionable insights, and high-value executive networking.
Join us for the most elite pan-European cybersecurity event, bringing together top experts from across the continent. This exclusive experience offers a unique opportunity to engage in real-time decision-making and connect with leading cyber professionals. Our community is our strength. Our C-Suites are our strength.
Limited seats available
The Power of 50 Council has cemented itself as the most exclusive event for top C-Level executives within the cyber security community, with an invite list built from companies in the Next Top Ciso Power rankings announced each year.
Limited seats available
Join us for the exclusive Cybersecurity Event at the Stockholm Congress Center. This exclusive event offers a unique opportunity to network with C-suite Power Players, whilst enjoying fine dining and entertainment in a spectacular setting. Our C-Suites are our strength.
Limited seats available
Limited seats available
Limited seats available