Council of the European Union
Speaker — To Be Confirmed
Where Cybersecurity Leaders Connect and Decide What’s Next
This is not a typical conference.
Next IT Security Stockholm brings together a carefully selected group of cybersecurity leaders to share real experiences, challenge ideas and build meaningful connections — without noise, without sales pitches, and without wasted time.
Every conversation is intentional. Every connection is relevant.
This is where cybersecurity leaders meet to exchange insights that actually matter.
Event Location
Event Snapshot
Event Date
March 12, 2026
Duration
One-day executive event
Time
08:00 AM – 18:00 PM
Location
The Grand Hôtel in Stockholm, Sweden
Audience
CISOs, Heads of Security, IT Leaders
Attendance
Limited to 150 delegates
Join 150 Cybersecurity Leaders
Private, invitation-based event for CISOs and senior decision-makers.
- ✔ No vendors. No noise.
- ✔ Real discussions, real insights
- ✔ Closed-door executive environment
March Event Aftermovie
C-LEVEL LEADERS
Featuring Global Security Experts & C-Level Visionaries
Flavio Aggio
CISO | World Health Organization
Brian Abellera
FBI Attaché to Europol | J-CAT
Andrew Byrd
CISO | NATO Communications & Information Agency
Jelena Zelenovic Matone
CISO | European Investment Bank
Chika Amadi
Senior Cyber Security Consultant | Bank of England
Ulf Larsson
CTO | SEB Group Security
Dr. Leila Taghizadeh
Global Head of Cyber Risk | Allianz
Sandip Wadje
MD & Global Head of Emerging Technology Risks | BNP Paribas
AIK Bank
Speaker — To Be Confirmed
Patrick Ghion
Chief Cyber Strategy Officer | Geneva State Police
Jan Olsson
Police Superintendent | Swedish Police Authority
Gustavo Maniá
CISO | Heineken
Thomas B. Zuliani
Global Chief IT Security Services Officer | GEA Group
Helmut Spoecker
VP, Chief Security Officer ECS | SAP
Markus (Macke) Küchler
Head of Global IT Security | Epiroc
Magnus Carling
CISO | Stena AB
Arnaud Wiehe
Managing Director of IT | FedEx
Surinder Lall
Head of Cyber GRC | DMG Media
Ray Stanton
Award-winning CISO / CRO / CSO | WEF / BT / Airbus
- Event Agenda
A Day Designed for
High-Value Interaction
A carefully curated program focused on real-world challenges, strategic discussions and meaningful networking.
Editor’s Note
Welcome to the Next IT Security – Nordic Edition 2026, the region’s most exclusive gathering of cybersecurity leaders, where C-level executives, strategists, and innovators come together to address the rapidly evolving challenges shaping the Nordic digital landscape.
This year, we focus on the collective responsibility required to defend our societies, organizations, and infrastructures. As threats grow more complex and interwoven across borders, sectors, and technologies, our resilience must evolve just as rapidly.
Time for initial networking on the event while we are expecting the Opening Keynote.
Chapter One:
Building a Collective Defense in Nordic:
Shared Responsibility Between Public and Private Sectors
How to build Collective Resilience when Public and Private Sectors are joining forces
Public and Private sectors can and must build stronger resilience by sharing resources in evolving cyber threats environments. Through practical examples of public – private potential we will focus on features that this collaboration can bring to the table and why is that important nowadays.
Attendees will gain actionable insights on how to structure communication channels, align security priorities, and integrate awareness programs that foster collaboration rather than competition. The session provides a realistic roadmap for improving preparedness and accelerating joint response efforts.
Instead of relying on isolated defense mechanisms, fragmented reporting, or reactive postures, you will learn how to leverage cooperation and shared accountability to strengthen resilience, build trust, and reduce the overall risk exposure across your ecosystem.
Tobias Ander
Ordförande kommunfullmäktige
Lekebergs kommun
Road From Information to Intelligence: Building the Next Layer of Trust
Organizations can move beyond simple information exchange toward actionable intelligence that strengthens collective resilience. Through real-world examples from both the public and private sectors, the discussion will highlight the importance of data context, validation, and trust when sharing cyber threat information. The session will also address the cultural and procedural barriers that often prevent effective collaboration. From fear of reputation loss to lack of unified response protocols.
Attendees will gain different perspectives on how to transform fragmented information into intelligence that supports faster, coordinated decisions.The panel will uncover how shared trust frameworks, joint playbooks, and transparent communication can elevate entire ecosystems instead of benefiting only individual entities.
Instead of treating threat information as isolated reports that sit unused in inboxes, this session will show how to turn them into actionable intelligence that drives prevention, early warning, and mutual protection across the IT Security community.
Moderator: Simon Gooch
Field CIO
Saviynt
Bernard Helou
Head of Cybersecurity
Schibsted Media
Magnus Carling
CISO
Stena AB
Markus (Macke) Küchler
Head of Global IT Security
Epiroc · Major (res), Swedish Armed Forces
Make Your Business a Hard Target for Cybercriminals
When it comes to potential targets for cyberattacks, easier to breach means more likely to fall victim. While you might not be able to influence your perceived value, there are changes that can eliminate your organization from being seen as an easy target. We’ll explore practical tactics to reduce your surface area of attack and controls to prevent lateral movement should a breach occur.
Eoin McGrath
Solutions Engineer
ThreatLocker
Let’s discuss what we hear about Public & Private cooperation over a cup of coffee and explore some new opportunities with the partners of the event.
Chapter Two:
One for All!
Strengthening Cyber Resilience Through Regulatory Compliance
How Compliance Shapes Market Behavior and turns into Cyber Resilience
Modern compliance frameworks NIS2, DORA, and the upcoming Cyber Resilience Act (CRA) , standardize expectations across industries, forcing organizations to adopt minimum security baselines, structured risk management, and transparent reporting practices
These unified rules reduce ambiguity in the market, align suppliers and customers around the same obligations, and create predictable security requirements that simplify vendor selection, technology adoption, and internal decision-making.
As organizations mature under these regulations, compliance becomes more than a checklist: it reshapes market behavior, elevates security practices across entire ecosystems, and ultimately transforms baseline regulatory pressure into sustainable, long-term cyber resilience.
Magnus Carling
CISO
Stena AB
Surinder Lall
Head of Cyber Governance, Risk and Compliance
dmg media
Compliance as Guideline: How to deal Security with Efficiency and Effectiveness
Using compliance frameworks as a structured guideline transforms complex security requirements into actionable, prioritized steps and reduces uncertainty in decision-making.
Organizations gain clearer visibility, reduce operational friction, and optimize resources by aligning security controls with existing compliance standards instead of reinventing processes.
This approach accelerates security maturity, increases overall resilience, and enables teams to deliver stronger protection with higher efficiency and measurable effectiveness.
Moderator: Michael Adjei
Director Sales / Systems Engineering
Illumio
Martin Vallée
CSO
Safestate Group AB
Kasun Bandar
CISO
SentryLabs
Johan Åtting
Chief Security Officer
Sectra
Roelof Kroon
Security Operations Principal
Transdev
Why understanding relationships between environments is becoming more and more crucial - and what we can do to keep them
The once-simple separation between Production, Testing, and Development has evolved into a complex web of cloud accounts, Kubernetes clusters, and on-premise systems. This sprawling architecture has created a “chaos of permissions” and indirect connections that are increasingly difficult to manage.
In this session, we explore why understanding these intricate relationships is now a critical security requirement. We will discuss how modern systems, including AI agents, can easily find paths around intended limitations, turning what were once “hard” boundaries into trivial hurdles for an attacker.
Finally, we will cover how to gain visibility into this haystack of connections to identify and solve the key issues hidden within.
Alex Welin
Senior Sales Engineer
XM Cyber
Time to gather after two main focus areas of the event (One For All and Public & Private Collaboration in Nordics) , and gather our thoughts on it over the lovely seated lunch.
Chapter Three:
Security Without Borders:
Overcoming Barriers to Information Sharing
Trusted Networks: Practical Strategies for Cross-Border Information Sharing
Explore proven frameworks, tools, and organizational strategies that enable secure, efficient, and compliant cross-border information sharing between organizations and security teams.
Attendees will learn how to break down silos, build trust, and improve collaboration, ensuring that critical threat intelligence is shared safely and acted upon quickly.
Implementing these best practices strengthens overall cyber resilience, reduces the risk of delayed response to threats, and fosters a culture of proactive, trusted information exchange across borders.
Tobias Wieloch
Head of Dark Web Team
Europol EC3
Cybersecurity Without Borders: Overcoming Barriers to Effective Information Sharing
A panel of experts will explore how cybersecurity teams can effectively share information across organizational and human barriers. Discussions will focus on navigating challenges such as human ego, company policies, and inter-team dynamics, while still respecting regulatory and organizational boundaries.
Attendees will gain actionable insights on fostering trust, collaboration, and communication across teams, emphasizing that cybersecurity is a team sport where success depends on sharing knowledge efficiently and responsibly. Implementing these approaches strengthens threat response, encourages cooperative practices, and promotes a culture of proactive, cross-team cybersecurity.
Smeden Svahn
Information Security Coordinator and Administration Manager
ADDA
Deividas Lis
Cyber Threat Intelligence
European Central Bank (ECB)
Nazlı Şahin
Director Security, Risk and Compliance
Accedo
Alex Tsarapatsanis
CISO
Sitoo
Beyond Awareness: The Deep Framework for the next Evolution of Security & Human Risk Management platform in the current reality
For too long, security has relied on expensive, ineffective annual training that addresses a knowledge problem when it should be focused on a behavioral challenge. This results in the human being the enterprise’s most valuable, yet most frequently targeted, asset. This session pivots the conversation from the static Awareness Plateau to measurable, strategic risk reduction.
We will introduce the next era of organisational defense: Workforce Trust Management (WTM), a framework essential for securing your newly hybrid organization—the diverse combination of humans, bots, and AI agents. Learn how to quantify this hybrid risk, apply behavioral science to build a positive, shame-free security culture, and implement the actionable DEEP Framework (Defend, Educate, Empower, Protect) to move your program from expensive compliance to strategic, business-aligned intelligence.
Javvad Malik
Lead CISO Advisor
KnowBe4
Let’s discuss what we hear about Security Without Borders over a cup of coffee and explore some new opportunities with the partners of the event.
Chapter Four:
The Future of AI and Cloud Security:
From Guidelines to Implementation
The Evolution of Digital Trust
As digital trust becomes the backbone of modern security, organisations must evolve their cryptographic foundations. In this joint session, Lakshmi Hanspal, Chief Trust Officer at DigiCert and Andreas Hedberg, APO of Cryptography and Key Management at Swedbank, explore how PKI modernization enables resilience, agility and readiness for the post-quantum era.
Swedbank share its journey tackling cryptographic lifecycle challenges, from shrinking certificate validity to 47-days to preparing for quantum-safe cryptography. Together, they reveal how modern PKI and DNS automation underpin not only crypto agility, but also the protection of next-generation systems powered by Agentic AI.
Lakshmi Hanspal
Chief Trust Officer
DigiCert
Andreas Hedberg
APO of Cryptography and Key Management
Swedbank
The Future of AI and Cloud Security: From Guidelines to Implementation
With organizations facing a rapidly increasing volume of cyberattacks, human-scale defenses can no longer keep pace with cloud complexity. Discover how the emergence of AI is transforming the security analyst’s day-to-day work, evolving from manual alert fatigue to an AI-driven, human-led approach.
Kjell Arne Yttervik
Nordics and CEE Security Channel
Google
Marija Krivokuca
Cloud Security Engineer
Devoteam
The Future of Agentic AI: Securing AI Across Organizations
Examine the emerging field of Agentic AI, focusing on frameworks, tools, and methodologies for securing AI systems across organizational boundaries.
Attendees will learn how to manage AI risks, enforce governance, and implement security controls, ensuring AI adoption is safe, reliable, and compliant across the enterprise.
Applying these best practices builds trustworthy AI ecosystems, mitigates operational and ethical risks, and positions organizations to leverage AI securely for competitive advantage.
Tim West
Vice President of Services and Field Engineering
Securing Cloud Workloads Across Global Teams
Preparing for Future AI Regulations and Standards (CRA, EU AI Act)
Each topic will be discussed at a dedicated round table for 30 minutes, with round table captains ensuring that everyone has an equal opportunity to participate. The discussions follow a “learning by teaching” approach, meaning that each participant shares their insights while actively listening to the perspectives of seven other guests.
After the first 30 minutes, all participants except the round table captain will change seats, allowing attendees to engage with new peers and gain diverse perspectives, ensuring a high-quality networking and knowledge-sharing experience.
Round Table Captains
Niclas Kjellin
Board Member
CSA Swedish Chapter
Elena Marzi Tornblad
Cybersecurity Strategy & Research Officer
RISE
Daniel Rooth
CISO
Adapteo Group
Martin Karlsson
CISO
AP3
Surinder Lall
Head of Cyber Governance, Risk and Compliance
dmg media
Brett Hardman
CISO
Cabonline
Per Gustavsson
Head of Research and Development Committee
ISACA Sweden Chapter
Bernard Helou
Head of Cybersecurity
Schibsted Media
GenAI as an Enabler
How has GenAI changed the way large institutions can scale and industrialise outside-in intelligence?
GenAI as an Enabler
How has GenAI changed the way large institutions can scale and industrialise outside-in intelligence?
Team Red: Sandip Wadje
Managing Director, Global Head of Emerging Technology Risks
BNP Paribas
Team Blue: Niclas Kjellin
Board Member
CSA Swedish Chapter
Team Purple (Moderator): Per Gustavsson
Head of Research and Development Committee
ISACA Sweden Chapter
From Cloud to Cognition: Securing AI-Driven Infrastructure with Zero Trust and Threat Intelligence
This session dives into the practical application of Zero Trust principles across modern cloud and AI environments, showing how to secure AI models, data pipelines, and interconnected services without slowing down innovation.
Participants will walk away with concrete strategies and real-world examples for implementing Zero Trust, balancing robust security with operational efficiency, and turning complex multi-cloud and AI challenges into manageable, repeatable practices.
By adopting these approaches, organizations can confidently scale AI initiatives, protect critical data, and build resilient cloud environments, ensuring that security becomes a business enabler rather than a bottleneck.
Deividas Lis
Cyber Threat Intelligence
European Central Bank (ECB)
Surinder Lall
Author of
Leading in the Age of AI
- Event Venue
Selected as the official venue for Next IT Security Stockholm, Grand Hôtel offers a setting that supports privacy, discretion and high-level interaction.
The Grand Hôtel in Stockholm has been home to celebrities, high-profile events and everyday bon-vivants since 1874. Situated in the best waterfront location imaginable, the hotel overlooks the Royal Palace and Gamla Stan, Stockholm’s old town.
The Grand is also home to the classic Swedish Veranda restaurant, renowned for its traditional smörgåsbord, Mathias Dahlgren’s awarded restaurants and the spectacular Cadier Bar.
- Partners & Industry Leaders
Trusted by Cybersecurity Leaders
Our partners don’t just attend — they lead the conversation.
Limited partner slots available
Upcoming
Exclusive Cybersecurity Events forC-Level Leaders
Exclusive access to industry leaders, actionable insights, and high-value executive networking.
East Central
- Belgrade, Serbia
- Sava Centar
- September 29-30, 2026
- 08:00 AM – 06:00 PM
Pan-European Cybersecurity Leadership Event
Join us for the most elite pan-European cybersecurity event, bringing together top experts from across the continent. This exclusive experience offers a unique opportunity to engage in real-time decision-making and connect with leading cyber professionals. Our community is our strength. Our C-Suites are our strength.
Limited seats available
Cyber Minds
- Belgrade, Serbia
- TBC
- September 30, 2026
- 09:00 AM – 06:00 PM
Exclusive C-Level Community - The Power Of 50
The Power of 50 Council has cemented itself as the most exclusive event for top C-Level executives within the cyber security community, with an invite list built from companies in the Next Top Ciso Power rankings announced each year.
Limited seats available
Nordics Edition
- Stockholm, Sweden
- Grand Hotel
- October 22, 2026
- 08:00 AM – 06:00 PM
Private Cybersecurity Leadership Gathering
Join us for the exclusive Cybersecurity Event at the Stockholm Congress Center. This exclusive event offers a unique opportunity to network with C-suite Power Players, whilst enjoying fine dining and entertainment in a spectacular setting. Our C-Suites are our strength.
Limited seats available
Benelux Edition
- Amsterdam, Netherlands
- TBC
- November 12, 2026
- 08:00 AM – 06:00 PM
Executive Cybersecurity Networking Experience
Join us for the exclusive Cybersecurity Event at the Koepelkerk Amsterdam. After a scenic cruise, network during a delightful dinner at the stunning LuminAir. Our C-Suites are our strength.
Limited seats available
DACH Edition
- Frankfurt, Germany
- TBC
- November 26, 2026
- 08:00 AM – 06:00 PM
C-Level Cybersecurity Strategy Gathering
Join us at an exclusive cybersecurity event in Frankfurt. After a scenic cruise, network during a delightful dinner. Our C-Suites are our strength.
Limited seats available
