From technical guardian to strategic business leader. Unpack the shifting priorities every CISO should focus on today: from aligning with business goals and managing third-party risk, to championing a strong security culture and navigating AI and regulatory change. Lead with influence, resilience, and vision.

APIs have become the backbone of digital finance - enabling innovation, but also introducing new risks. Under the Digital Operational Resilience Act (DORA), resilience is no longer optional, it must be designed into every digital service.This session shows how financial institutions can strengthen trust and continuity by embedding API visibility, governance, and protection into their operations. Participants will learn how aligning API security with DORA’s principles can transform compliance into a strategic advantage: delivering stronger resilience, smoother audits, and better customer confidence.

As global tensions rise, the critical link between geopolitics and cybersecurity is reshaping the threat landscape, fueling sophisticated state-sponsored attacks, supply chain vulnerabilities, and cyber warfare. Organizations must adapt strategies, build resilience, and enhance defenses to counter these globally-driven cyber risks. 

Deploying AI enterprise-wide demands a strategic, meticulous approach. It's about designing robust systems that seamlessly integrate AI applications into existing infrastructure, ensuring data quality and accessibility. Crucially, this includes establishing stringent security measures to protect sensitive information and prevent misuse. The ultimate goal is a secure, scalable framework that drives significant business outcomes, from boosting efficiency to fostering innovation across all departments. 

Compliance, and especially the new NIS2, is a two-pronged effort: it requires organizations to implement practical cybersecurity measures like secure configurations, strong supply chain policies, and robust incident response plans. Simultaneously, it mandates cyber resilience testing to actively evaluate and fortify an organization's ability to withstand and recover from cyberattacks, especially for critical infrastructure. The European Union Agency for Cybersecurity (ENISA) assists with the latter, providing guidance to help organizations fortify their ability to withstand and recover from attacks.

Cybersecurity practitioners know the threat landscape. However, if there's a successful attack on a system, does the insurance policy cover the damage? A panel of insurance and legal experts will break down what to expect in the underwriting process, coverages, claims trends, and regulatory, litigation, and legislative developments during the past year.

In the financial sector, where trust and security are paramount, an effective Identity and Access Management (IAM) strategy is the bedrock of a robust security posture. It's crucial for verifying every individual who accesses, for example bank systems, from employees to third-party partners. By strictly adhering to the principle of least privilege, we have to ensure that each person only has access to the applications and data essential for their role, which drastically reduces the risk of internal fraud and data breaches. Continuous monitoring and auditing of all access to financial systems are also non-negotiable, as this allows you to quickly detect and investigate suspicious activity. Ultimately, a strong IAM program is your first line of defence against cyber threats, helping you maintain regulatory compliance and build unwavering trust with your customers.

The maritime transport sector stands as an indispensable pillar of global supply chains, rendering the industry a prime target for sophisticated cyber threats originating from both criminal enterprises and state-sponsored entities. As modern vessels integrate increasingly advanced Operational Technology (OT) and Information Technology (IT) systems, their heightened interconnectivity significantly amplifies the potential ramifications of a successful cyber incident.