Program Catalog
Browse sessions and workshops using the filtering options below.
For the first time ever, ISACA is bringing you three days of worldwide IS/IT knowledge in three different regions.
All the world-class audit, governance, privacy, cybersecurity and emerging technology content you have come to expect. The tools to become a digital trust champion. The knowledge to position your organization as a digital trust thought leader. Together in one event.
Europe, Middle East, Africa | Hosted in UTC +1
8:45–9:15 Conference Kickoff (optional)
9:30–10:45 Opening Keynote
11:00–13:15 Concurrent Sessions
13:15–13:45 Lunch
13:45–14:45 Concurrent Sessions
15:00–16:00 Closing General Session Panel
Browse sessions and workshops using the filtering options below.
Join us each morning at 8:45 am (to the specific region) before our Keynote takes the stage for a special Conference Kickoff that will leave you with an understanding of the following:
Access this event from the Main Stage or Networking Lounge and don’t miss out on this opportunity to ask all your questions ahead of time. This session will not offer CPE and is not required.
Governance of Artificial Intelligence:
Artificial Intelligence [AI] promises immense benefits, but it also poses challenges and risks unless it is governed properly. In 2023 AI usage exploded - AI has emerged as a disruptive force, propelling organisations into the future. Its transformative capabilities promise efficiency, accuracy, and scalability, providing a significant competitive edge for today’s organisations. However, alongside the immense potential, AI poses unique risks and challenges. In its 2024 Global Risk Report the WEF cites AI generated misinformation and disinformation as the top risk that is likely to present material on a global level in 2024 - Without proper governance AI has the potential to pose threats such deepfakes, disinformation and hallucination -AI Governance is a necessity to foster ethical and responsible use of AI.
After completing this session, the participant will be able to:
This presentation explores our significant reliance on vendors and the premise that the products we purchase from them provide attack vectors to our systems. It highlights the vendors we purchase security products from to protect our systems from breaches. Should we place our trust in these vendors, or should we put them on our risk registers?
After completing this session, the participant will be able to:
We humans have made a gigantic leap in the use of technology and are living through times where everything is almost possible. We have nurtured technologies that amplify and expand our reach and multiply how we can get to a solution. We have created artificial intelligence virtually indistinguishable from human nature and, whether we like it or not, is more capable of many tasks. One is cybersecurity and discovering patterns ‘hidden’ in a communication. The time has arrived for us to present the moral and ethical questions in using artificial intelligence and machine learning. The moment has come to wonder about the limits—if any—in using these technologies and what the future (of now) will hold for us. At the end of the day, it’s not the machines that are learning…but us. It’s not machine learning but how we, the people, teach machines the right way.
After completing this session, the participant will be able to:
This session presents a primer on privacy for cybersecurity professionals covering key concepts such as data subject rights, data protection principles, DPO responsibilities, data protection impact assessments, the legislative landscape and differing regimes.
After completing this session, the participant will be able to:
In this talk, we delve deep into the intricate layers of a defensive onion: the security controls—technological, procedural, and personnel-based. In today's rapidly evolving digital landscape, a one-size-fits-all approach to security is ill-advised. Organisations, whether they're governments, global corporations, or giants like MAMAA, face distinct threat models, each requiring a tailored defensive strategy. This presentation unveils some typical threat models, highlighting the objectives of different adversaries ranging from nation-states and organized crime groups to insider threats. We'll dissect the essential layers of security controls designed to protect against these threats, demonstrating potential attack vectors and the countermeasures to ensure optimal defence. Drawing from real-world case studies, we'll illuminate how a well-structured security program can empower organisations to prevent, detect, and swiftly respond to potential breaches, pushing them further along the path of cyber maturity.
After completing this session, the participant will be able to:
Join this session to master the "art" of engaging with your Board of Directors on cybersecurity. Focusing on their core concerns—Oversight, Risk, Culture, and Management Interference—the session will share practical tools and strategies to align cybersecurity with these priorities. Learn to communicate effectively in the Board's language, integrating cybersecurity into the broader business strategy. Equip yourself with practical tips for successful board engagement and take your company's security to the next level.
After completing this session, the participant will be able to:
An exploration of effective auditing strategies for identifying and mitigating privacy risks within organizations. The session will explore key challenges, best practices, and practical insights to enhance privacy risk management.
After completing this session, the participant will be able to:
If your company processes data about people—personal data—you need to operationalise the often abstract legal requirements of privacy and data protection laws and regulations. This is normally accomplished by developing and implementing a privacy program. This session outlines what a privacy program is, breaking down and explaining the importance of each element.
After completing this session, the participant will be able to:
Leveraging cloud computing resources is particularly important for a security technology company like Giesecke+Devrient. For this reason, the company is bundling its expertise in a Global Center of Competency Cloud, where experience, project knowledge, solution approaches and innovations are pooled. This presentation illustrates the cloud journey at Giesecke+Devrient and addresses the following points, among others.
After completing this session, the participant will be able to:
Benefits and Risks of AI Panel Discussion - EMEA
What are the benefits and risks of AI? Is it dangerous? Are there biases? Close out each day with an AI panel discussion. The discussions will cover these and other questions regarding this emerging technology. Join us in EMEA on Thursday, 23 Feb from 15:00 - 16:00 (UTC+1).