Arctic Conference - April 27-29, 2022


ISACA Chapters Norway, Sweden and Finland welcome you all to the very first Arctic Conference! Set on the polar island of Svalbard at 78 degrees north. This is to our knowledge the northernmost cybersecurity conference ever - and that to a place where polar bears outnumber the human population. Did anyone say risk assessment?

Attendance includes:
- 2 nights accommodation in top quality 3-4 star hotels (no 5 stars on Svalbard - sorry!)
- 2 breakfasts
- 2 buffet lunches
- 1 four-course gala dinner with exclusive wine pairings
- 11 talks and 1 workshop from top-rated, international speakers!
- Wilderness Evening excursion: 
- Tons of fun and an unforgettable experience from the island of Svalbard.

Participating at the conference earns 15 CPE credits.

Big shoutout to our sponsors for making the Arctic Conference possible at the current price point. You're a key player in making this memorable event happen, and we could not have done it without you. Scroll to the bottom of the website to read more about our Platinum and Gold sponsors!

Platinum Sponsors
Gold Sponsors

Conference Agenda

Wednesday, April 27th



Conference introduction by the arrangement committee.

Living in the Digital Ecosystem - How to Survive and Prosper
Much has been said and written about the global digital transformation. In Europe in particular, some scepticism exists, and there is concern about what the digital ecosystem will bring. This keynote session will highlight new developments and the way forward in the global digital age. It will further outline how professional organizations - like ISACA - can and must move forward to meet the challenges of the new ecosystem.

Rolf von Rössing, Former International Vice President, ISACA Board of Directors
When Russian Trolls and Fake News become Security Threats - How to Counter Them
 Jessikka Aro is a Finnish journalist working for Finland's public service broadcaster Yle. In September 2014, she began to investigate pro-Russian Internet trolls, but became a victim of their activities herself.

This harassment led to three people being convicted in October 2018. In 2019 she was notified that she was to receive an International Women of Courage Award but this was rescinded just before the ceremony.

Jessikka Aro, awarded reporter and public speaker

Break - make sure you change into (warm) and comfortable clothing in preparation for..
Wilderness Evening - the Arctic Experience
Camp Barentz boasts an amazing location right below Mine 7, at the foot of the mountain Breinosa. One of the buildings at the camp, Barentz Hus, is a copy of the cabin that the discoverer of Svalbard, Willem Barentz, overwintered in on Novaya Zemlya in 1596. At Camp Barentz, one often see Svalbard reindeer, and even grouse and foxes if you are lucky, and the hosts are prepared in the unlikely event a polar bear should get close.

As we arrive at the cosy wooden cabins we will be met by the evening’s host. Good drinks and a delicious homemade reindeer stew will be served, together with campfire coffee and dessert. Welcome to a real Svalbard meal!

After a tasty dinner, it is time to learn more about the King of the Arctic. Whilst sitting around the bonfire, the host will share information and photos about our most famous residents. Here you’ll learn lots of new fun facts about polar bears.

We recommend wearing comfortable, warm outdoor clothing and warm shoes, since there can be a cold draught from the floor. Remember that we will spend some time outdoors also. Clothes may smell of smoke after the tour.

Thursday, April 28th
The Art of Cyber War: The SolarWinds hack from a security operational perspective 

Want to learn more about one of the most sophisticated hacks in the history of cyber security? We try to look past the media coverage and focus on the when, how and why of the incident and what questions you should ask internally in your organization in the aftermath of this incident. 

Koen Fosse Matthys, Senior Consultant, Transcendent Group

Audit Committee - How to critically assess your current and future GRC strategic investment.
In the last century most of the boards could rely solely on management to oversee and manage risk, not directly dealing with risks involving social media, cyber security and other technology related matters, or risk management beyond financial risk. The nature of risk enterprises are facing today in everyday business means that boards must factor risk as an integral part of organizational strategy incorporating technology as well as other environmental factors.

In many of my assignments, executives and boards were facing challenges of “doing more with less”. Whilst managing complex business transactions, managers struggle to strike a balance between adding value while managing risks. The most common methodologies they wanted to see in the recommendations relate to productivity improvement, capacity building or employee engagement. However, these methodologies are not always an appropriate response.

If so, how do you critically assess your current and future GRC strategic investment? How can you develop your own insights and create pragmatic guidance for when to stop and when to accelerate in your digitalisation journey?

Today’s businesses operate with business complexities we have never managed before—facing operational risks that hold the potential to destroy them overnight. In this session we will cover one approach to developing the GRC strategy by strategic sorting of priorities.

Lilliana Grbic, VP Cloud Engagement & Communications at SAP


How to break into any company: Tales from a (professional) hacker
Rob Shapland is an ethical hacker with 13 years of experience of planning and executing full-scale criminal attack simulations against all types of companies.

Rob specialises in dressing up as various different characters in order to break into buildings, and in this session will tell stories of how the attacks unfolded and teach valuable lessons on how you can protect your company.

Rob Shapland, Head of Cyber Services at Falanx Cyber 


Cybercrime - a real threat to society
Are we prepared for the escalating cyber threat?

Do we protect ourselves well enough, what are the costs of the cyberattacks for society and companies, what will be the social consequences of this evolution, is it possible to protect ourselves-in such cases how? 

Adressing these issues, there will also be presented some possible solutions.

Jan Olsson, Swedish Police Authority


Quantum Computing: A Re-Evolution
Quantum Computing modifies many of things we take for granted in businesses today. The way we create and keep secret is challenged and quantum technologies disrupt different vertical, many sectors. Built on the theory of quantum physics, if quantum computers would exist they would represent a gigantic leap in computing power and the way we use technology.

But do they exist and what can we do with them? There are massive investments around the world in this discipline and, in the very same way that the space race and the fight for nuclear power have been instrumental in recent decades, we are experiencing now not an era of changes but the change of an era.

By attending this session attendees will understand the actual situation of quantum technologies and what they mean for organizations, the challenges we will encounter and, most importantly, the impact it has on the way we govern the Enterprise IT. Since quantum computing is not an evolution. It’s a Re-Evolution.

Ramsés Gallego, Security, International Chief Technology Officer, CyberRes - a Micro Focus line of business, and Former International Vice President, ISACA Board of Directors

Quantum Safe: Is your crypto prepared for quantum computing?
Large scale quantum computing is seen to pose a great threat to many important cryptographic schemes used today. Protecting against this is seen to require additional, or even replace controls. 

While there has been quite many tech forecasts on when each type of QC technology will be ripe enough to crack something worthwhile (the “quantum event”), the practical information security domain is less studied. The most hyped scenarios for the “quantum event” are not even clear what exactly the event is, and are based on the most pessimistic assumption. 

We will in this talk take a look at the more common use cases for cryptography (such as integrity-related services, like bitcoin; data-at-rest, etc.), and lay out the practical reasons why, when, and what to do when  the quantum threat seems ever more imminent. This is explained with via an example of a quantum-readiness risk management model we developed for IoT protocols. 

Dr. Mikko Kiviharju, Research Manager at Finnish Defence Research Agency

Protecting your enterprise with Human Risk Intelligence
With over 90% of information security incidents caused by human errors or behaviour, the effectiveness of cybersecurity culture program becomes paramount for a successful cybersecurity program. 

Improving cybersecurity culture is always challenging, as it is a long-term project that has to go beyond the classical Security Awareness. This session focuses on importance of using objective data to measure human risk and on how it can be used to unleash the power of your security culture program. It also covers available methods of measuring human security risk and most effective security culture program enablers.

Vadim Gordas, Head of IT & Cyber Risk at Zopa

Operational technology security – What is it and why you should care about it 

Operational technology (OT) is responsible for processes that if breached could impact outages of critical services that result in loss of life. Emergency services, water treatment plants, traffic management, and other critical infrastructure rely on operational technology solutions to operate correctly. Even a successful attack on OT organizations not responsible critical infrastructure can cause dire consequences. Come and listen what OT is and why you should  pay attention to securing it. 

Viivi Tynjälä, Director, Alliances Nordics for Fortinet


H@cking for Everybody
Tobias Schrödel introduces his audience to the world of hackers and gives them a sneak peak into the dirty secrets of IT. In that, he uncovers various security gaps of personal computers and mobile phones that concern all of us – all while being entertaining. Not only are there many “aha“-moments, but at least equally as many “ahahaha“-moments.

Passwords are being cracked within seconds, discrediting information from the "darknet" is made public, information gathering is explained and a smartphone gets hacked aside all that.  All examples shown on stage are real and live, but anonymized. For information on risks and side-effects ask your data security officer - or Tobias Schrödel.

Tobias Schrödel, IT Comedian and professional speaker

Break - have a drink at the bar, and get your groove on in preparation for..
Gala Dinner
A full, four course dinner, carefully paired with wine from the well renowned wine cellars of Svalbard will be served as we go into our last evening of the official program. 

During dinner, we'll be subject to these two interesting performances from the stage:

Robot Drone Hacking 
Old vulnerabilities have new consequences when code and hardware meet the physical world. In this session, Carsten from Transcendent Group, will demonstrate how wireless network vulnerabilities make a robotic drone vulnerable to hijacking while operating in the air. In addition, he will talk about how both toy drones and semi-professional robots can be vulnerable to manipulation and hacking.

Finally, the audience will have the opportunity to hack a robot drone live on stage. If you want to hack, you need a mobile phone with the following app installed (the winner gets the drone!):
Android: (and optionally a mac with macOS or PC with Linux.)

Friday, April 29th

Can’t change the Cyber-security Game? Change Its Structure.

Within companies, cybersecurity has a finite setup; with procedures, protocols, plans and structures all taking up capacity and time. When created, these setups align with available cycles. Today, however, with agile development cycles, we must adjust and align the update cycles with testing cycles. No longer does “one-size-fit-all” work. Recognizing this requirement is the first step - and not being aware is a recipe for disaster.

In this session you will learn:

- How an elite army of global ethical hackers with infinite creativity and tools can help you overcome these challenges.

- How these vetted hackers can support you in your fight against hackers with malicious intentions.

- And how to let them help you win the infinite game you are up against.

Martin Szabo, Sales Director BEN & NOR, Synack

Out of Control – How users are exploited by the online advertising industry

As we move around on the Internet and in the real world, we are continually tracked and profiled for advertising purpose, despite privacy legislation such as the General Data Protection Regulation (GDPR). This is something most of us are dimly aware of, but it is hard to get a grasp of what it means in practice. What kind of information is actually collected and shared? Who is it shared with? How does it impact my daily life? Do mobile devices introduce any additional risks?

In a joint research project with the Norwegian Consumer Council, mnemonic investigated 10 popular Android apps in order to answer these questions. We dove into the dark ecosystem of digital advertising and emerged with staggering results: app developers and third party advertisers are systematically violating GDPR, and sharing personal information with hundreds of shadowy companies about our interests, habits and behaviours. These practices have a direct impact on our daily lives, and is sometimes referred to as “the largest data breach ever recorded”. Targeted advertising is, quite literally, out of control.

Our research has led to GDPR violation complaints filed against six companies, as well as global media coverage from agencies such as the New York Times and BBC. The Norwegian Data Protection Authority imposed a record fine of NOK 65 000 000 against the dating app Grindr in 2021, for lack of compliance with the GDPR rules on user consent. Yet final decisions in these cases are still pending, as they slowly make their way through the legal system.

Andreas and Tor carried out the technical investigations for the #OutOfControl project. They will present highlights from the research, key findings, and subsequent impact and fallout.

Read the report here:


Andreas Claesson, Senior Security Consultant, mnemonic

Tor E. Bjørstad, Principal Security Consultant, mnemonic

Workshop: COBIT - Transition into 2019.

Released way back in 2012, COBIT 5  was finally uptdated again to it latest version - COBIT 2019. The 2018 winner of John Kuyers award for best speaker, Bruno Horta Soares, will through this workshop take us through the major changes coming with this latest version, and how to best adapt the new framework to governance of IT in todays digital businesses.

Bruno Horta Soares, President ISACA Lisbon Chapter


DevSecOps: So what else is new?

This presentation will give an alternative view on how continuous development, operation and security works hand in hand, and show that the DevSecOps we in the IT industry have “invented” actually have been best practice in other industries for ages.

Esten Hoel, SVP Quality & Security, Basefarm

The Importance of standardization in cyber security

Do leaders understand the cyber-consequences of digitalization? And how do you apply cyber security and follow up on your suppliers?

The latest cyber events have shown us the importance to follow up on cyber security, not just for the organization itself but also in regards to the organization’s suppliers and their suppliers again. Using standards is an efficient and proven way of structuring this work. With the new version of the ISO27001 standard on its way, updated to meet current cyber threats, you have a solid foundation on which to build your security organization.

With a better understanding of best practices and available frameworks and standards in cyber security, organizations can reduce their risk posture. To illustrate why planning and preparations is key to cyber security, I will draw parallels between your cyber security work and planning of my scooter trips here at Svalbard earlier this year.

Christopher Kiønig, Senior Security Advisor, Watchcom


Visma Security Program and the power of a strong security culture

Visma is a company that on average acquires one company a week. With this in mind I would like to share with you how we have organised Visma's security efforts. I will also talk about Vismas security culture, which we have built during several years and why this is essential and prioritised at Visma.

Isabel Quiroga Arkvik, Head of Security Awareness & Training, Visma
ISACA Norway Chapter board member

Intelligence-led Read Teaming

Ever-changing threat landscape, geopolitical scenarios, and pandemic has mandated firms to relook at their cyber security strategies. With cyber-attacks occurring more frequently than ever, most organizations are found unprepared and are unable to defend themselves, and their customers. Even with the best solutions and large teams in place, there are often some blind spots left out that could be exploited by the hackers.

In this session, we are going to talk about the most efficient way to ensure that your organization is prepared enough to address these challenges. We are going to talk about how intelligence-led red teaming is being adopted as a practice around the world, and even being mandated by some of the regulators like the European Central Bank (TIBER-EU framework) and Hong Kong Monetary Authority (iCAST framework).

We will also talk about how cyber security service providers like Agrim with their skilled workforce and automated solutions deliver the Intelligence-led Red Teaming services that help clients across the world in identifying their weaknesses before the bad guys do.

Maninder Singh, Partner, Cybersecurity Practise, Agrim

Conference ends.

* program might be subject to change up until the start of the conference, due to unforeseen events.

Koen Matthys
Senior Consultant, Transcendent Group Norge

Koen Matthys has acted as a CISO in both Telecom and Power/Utilities (BKK). As a security consultant, he helps customers conducting risk assessments, building security governance and enabling security capabilities. He has broad experience implementing technology and a passion for processes, a combination that comes in handy to build security maturity.

Ramsés Gallego
International Chief Technology Officer, CyberRes - a Micro Focus line of business, and Former International Vice President, ISACA Board of Directors

With an MBA and Law education, Ramsés is a +20 year security professional with deep expertise in the Risk Management and Governance areas. Ramsés is Strategist & Evangelist at Symantec and holds the following professional accreditations: CISM, CGEIT, CISSP, SCPM, CCSK, ITIL and COBIT Foundations.

An internationally recognized public speaker Ramses has visited numerous countries in his carreer, and has been awarded ‘Best Speaker’ many times. 

He is also a Six Sigma Black Belt professional and former International Vice President for ISACA’s Board of Directors, and President of the Barcelona Chapter.

Rolf von Rössing
Former Vice President, ISACA International Board of Directors 

Rolf von Roessing, CISA, CISM, CGEIT is partner and CEO at Forfa Consulting AG and chairman of Forfa Holding AG. He brings more than 25 years of experience in governance, risk management and compliance; security and business continuity; and crisis management in a range of sectors, including banking and finance, insurance, wholesale and retail, automotive, and healthcare.

He has also been teaching as a senior lecturer in M. Sc. courses at Donau-Universität Krems since 2005 and is a member of the Academic Council for M. Sc. Management and IT, M. Sc. Information Security Management, and M. Sc. Cybersecurity.

In the more than 20 years that von Roessing has been an ISACA member, he has served on a number of ISACA committees. and is currently the International Vice President.

Tobias Schrödel
 IT-Security expert, TV personality and the world’s first Comedyhacker® 

A well-known computer magazine once wrote that Tobias Schrödel is the „first IT-comedian“. And really, he explains technical vulnerabilities and correlations in a way everybody can understand while not letting the fun miss out.

As a qualified IT-specialist, Tobias worked many years as a consultant for one of the biggest world-wide IT- and telecommunications corporations – so he knows what he is talking about.

Since 2011 he has been the face, whenever IT-security and -technology stories are aired in the German TV-show „stern TV“. Schrödel explains various technical topics for everyone to understand.

Rob Shapland, BSc (Hons), OSCP, OSWP
Head of Cyber Services at Falanx Cyber 

Rob Shapland is an ethical hacker, specialising in simulating advanced cyber attacks against companies, combining technical attacks with his other hobby of dressing up and tricking his way into company headquarters using social engineering techniques. 

He is also a regular speaker at events and conferences around Europe, and has appeared on both BBC and ITV as a cyber security adviser.

Jan Olsson
Swedish Police Authority

Jan Olsson is an expert in crimes relating to fraud. At the time working at the Police's National Fraud Center, he has 27 years of experience in police work with 10 years dedicated to Fraud.

Since autumn 2018 Olsson is also connected to the Swedish Cybercrime Center (SC3). He lectures nationally and internationally on everything from the social engineering complexity to monetary threats and societal consequences of the laxity around cybercrime and fraud.

Dr. Mikko Kiviharju
Research Manager at Finnish Defence Research Agency

Dr. Mikko Kiviharju works as a principal scientist and cryptographer in the Finnish Defence Research Agency (FDRA). He has wide background in cyber defence lasting some 15 years now, and ranging from tactical principles in cyber operations to hardware security and theoretical cryptography. He is involved in both national and international governmental cryptographic standardization efforts. Currently, his research interests involve quantum-resistant cryptography, and cryptographic solutions intended for sparsely connected, heterogenous networks in high-risk environments.

Kiviharju holds an MSc in computer science and a PhD in cryptology. His dissertation on cryptology addressed access control models enforced with next-generation public-key cryptography. This line of work can also be used for a concept called data-centric security, which is one proposed solution to tackle IoT security.

Bruno Horta Soares, CISA, CGEIT, CRISC, PMP, COBIT 5/2019
Executive Senior Advisor at GOVaaS

Bruno is the founder and President of ISACA's Lisbon Chapter. He started his career at Deloitte Consulting, worked for Information Risk Management area at KPMG and for Enterprise Risk Services area at Deloitte. In 2012 he founded GOVaaS - Governance Advisors as-a-service, where he is currently Senior Advisor, and since then he actively collaborates with an ecosystem of local and international partners, particularly IDC Portugal where since 2015 he is Leading Executive Senior Advisor for Digital Transformation, Governance, Strategy and Security related areas.

He has a 5 years degree in Management and Computer Science, from ISCTE and an Executive Program in Project Management, from ISLA. He teaches in different Executive Programs in several universities at Portugal and Angola, he’s a LEGO® SERIOUS PLAY® Facilitator, member of several professional associations, and keynote speaker at various local and international conferences and seminars. In 2019 he was selected as the recipient of the ISACA Global Achievment - John Kuyers Award for Best Speaker. 

Vadim Gordas, CISA, CRISC, CISSP, CIPP/E, 27001 LA
Head of IT & Cyber Risk at Zopa

Vadim is an Information Risk Management Specialist with over 15 years’ experience in information security, data protection and compliance frameworks. He is currently Head of IT & Cyber Risk at Zopa, providing oversight of first-line IT, Information security and Data Privacy teams. 

Prior to joining Zopa, Vadim worked in various senior InfoSec management roles. He holds a GCHQ-certified MSc in Information Security from ISG Royal Holloway, University of London and various industry certifications.

Niko Marjomaa
ISACA Finland Chapter

Niko Marjomaa is a security consultant and member of the board of ISACA's Finland chapter. He works with organizations' leadership and executive boards in matters such as security strategy, M&A and transformations.

In addition to consulting, he has worked in the financial services industry developing third line of defense cybersecurity practices. 

Lilliana Grbic, CISA, CRISC
VP Cloud Engagement & Communications at SAP

VP Cloud Engagement & Communications at SAP, global subject matter expert in area of Governance, Risk and Compliance. 35 years of operational managerial and governance specialist experience for a wide range of enterprise: small as well as global, domestic as well as international, public and commercial.

Came to SAP from Corporate Audit at Ericsson and now responsible in Nordics for SAP GRC advisory with focus on operational and organizational business transformation.

Jessikka Aro
Awarded reporter and public speaker

 Jessikka Aro is a Finnish journalist working for Finland's public service broadcaster Yle. In September 2014, she began to investigate pro-Russian Internet trolls, but became a victim of their activities herself.

This harassment led to three people being convicted in October 2018. In 2019 she was notified that she was to receive an International Women of Courage Award but this was rescinded just before the ceremony.

Platinum Sponsors
Built on a foundation of solid values and a strong entrepreneurial drive, unconstrained by formal hierarchy.

At Transcendent Group we are experts in making the complex straightforward. We are specialists in Governance, Risk and Compliance (GRC) and we tailor make solutions to fit our client's situations and circumstances. Our services provide security and enable new opportunities for our clients in the public and private sectors, including government agencies, businesses and other organisations in a variety of industries.

For more information - see our website at: 
or send us an email at: 

Security-Driven Networking for a Hyperconnected World.

Fortinet’s mission is to deliver the most innovative, highest-performing network security fabric to secure and simplify your IT infrastructure. We are a leading global provider of network security appliances for carriers, data centers, enterprises, and distributed offices.

We provide top-rated network and content security, as well as secure access products that share intelligence and work together to form a cooperative fabric. Our unique Security Fabric combines Security Processors, an intuitive operating system, and applied threat intelligence to give you proven security, exceptional performance, and better visibility and control--while providing easier administration.  The Fortinet Security Fabric delivers a unified approach that is broad, integrated, and automated. Reduce and manage the attack surface through integrated broad visibility, stop advanced threats through integrated AI-driven breach prevention, and reduce complexity through automated operations and orchestration.

For more information, visit our website at:

Speaker: Viivi Tynjälä, Director, Alliances Nordics

A seasoned IT and Security Professional with experience since late 90s. Currently leading the Nordic Alliance sales team at Fortinet with focus on Global partners, OT & Cloud Security.

Gold Sponsors
Zero Compromise Crowdsourced Security

Synack, the most trusted crowdsourced security platform, delivers comprehensive and continuous penetration testing with actionable results. The company combines the world's most skilled and trusted ethical hackers with AI-enabled technology to create a scalable, effective security solution.

The Synack platform delivers data-driven insights to help organizations understand their risk from a hacker's perspective and then mitigate that risk with a hacker's help. These insights secure critical infrastructure and leading brands and businesses around the world.

Headquartered in Silicon Valley with regional offices around the world, Synack protects leading global banks, federal agencies, DoD classified assets, and close to $1 trillion in Fortune 500 revenue. Synack was founded in 2013 by former NSA security experts Jay Kaplan, CEO, and Dr. Mark Kuhr, CTO.

For more information, please visit our website at: 

Speaker: Martin Szabo, Sales Director BEN & NOR, Synack

Martin Szabo is Sales Director for Nordics and Benelux at Synack. He has over 25 years experience in the IT industry, the past 15 within cybersecurity.  Martin has worked for companies like Microsoft, Oracle, Quest Software and joined Synack from SailPoint.

Securing your business.

mnemonic helps businesses manage their security risks, protect their data and defend against cyber threats.

Our expert team of security consultants, product specialists, threat researchers, incident responders and ethical hackers, combined with our Argus security platform ensures we stay ahead of advanced cyberattacks and protect our customers from evolving threats.

Acknowledged by Gartner as a notable vendor in delivering Managed Security Services, threat intelligence and advanced targeted attack detection, we are among the largest IT security service providers in Europe, the preferred security partner of the region’s top companies and a trusted source of threat intelligence to Europol and other law enforcement agencies globally.

With intelligence-driven managed security services, 200+ security experts and partnerships with leading security vendors, mnemonic enables businesses to stay secure and compliant while reducing costs.

For more information, see our website at:

Speaker: Andreas Claesson, Senior Security Consultant

Andreas Claesson is a Senior Security Consultant for mnemonic. When he’s not looking at pictures of cats, he spends his days hunting for security vulnerabilities in web applications, mobile apps and cloud environments.

Your partner in Cybersecurity.

Watchcom is a reputable provider of security services, with high expertise in security monitoring, security awareness, security testing and training. Together with our majority owner Combitech, we are the Nordic region's leading cyber security consultancy.

We offer a unique expertise, breadth and capacity within the area. Watchcom complements and extends Combitech's service portfolio in information security, emergency preparedness & crisis management, and risk management.

Watchcom is headquartered in Oslo. Read more on our website, at: 
Speaker: Christopher Kiønig, Senior Security Advisor

Christopher Kiønig has 23 years of experience working in the cyber security field and has gained solid expertise from several points of view.

He has been employed by Watchcom since 2009, where he works with strategic security consulting and development of the company's services.

He is a sought-after speaker, and regularly holds presentations at conferences and organizations about the threat landscape and the need for increased focus on information security in order to meet the constantly evolving threat landscape.

Pålitelig partner for IT-drift, datasentertjenester og digital innovasjon

Basefarm er eksperter på administrasjon av virksomhetskritiske applikasjoner. Vi kjører arbeidsbelastningene som underbygger kundenes virksomhet der kun minutter med nedetid går ut over lønnsomheten, tjenestene eller omdømmet til kundenes merkevarer.  

Enten kundene trenger webtjenester, applikasjoner, databaser, håndtering av IoT-enheter eller tilpassede løsninger, kan vi drifte og overvåke kundenes tjenester slik at de er tilgjengelige døgnet rundt, hele året.

Speaker: Esten Hoel, SVP Quality & Security

Esten Hoel is the SVP of Quality and Security at basefarm, and part of the management team.


Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. For more information, please see our website at:


RiskRecon proactively monitors the cyber environment of your third-party vendors and service providers to identify, prioritise and mitigate cyber risks and vulnerabilities before they can be exploited. By effectively mitigating supply-chain cyber risk, organisations can ensure they do not fall victim to cyber attacks from the risks incurred through their business relationships. For more information, please see our website at: or speak to our representatives Jarle Eek ( or Steve Brown (

Agrim is on a mission to provide transformational solutions and services in the digital security and technology enablement space. We aim to do so on a solid foundation of core values, agility, flexibility, and domain expertise. Our core offerings are in digital security and digital consulting services. In digital security, we offer end to end solutions and services ranging from strategy.

Speaker: Maninder Pal Singh, Partner - Cyber Services

Maninder is a cybersecurity professional with over 18 years of experience in multiple domains across Cyber Security and Information Security Risk Management, including vendor risk and vulnerability management, with proven expertise in safeguarding compliance standards. He currently leads the Digital Security Services Business for Agrimm, a Nordics-based consulting firm.

Maninder has extensively worked in both consulting and internal security roles. He has worked as or in the the capacity of CISO in many organizations and now advises companies on building and managing their Information Security "Protect", "Detect", and "Respond" capabilities.

Before joining Agrim, Maninder worked with GE Capital, Barclays, KPMG & Deloitte and delivered many training pieces for senior management and board members.


KnowBe4 is the world's largest integrated platform for security awareness training combined with simulated phishing attacks. 
The registration deadline has passed or the event is fully booked