|
8:30
|
Check-in & Networking
|
|
9:05
|
Welcome IDC Security 2025
|
|
9:10
|
IDC Presentation: Cybersecurity and Beyond: Risk, Resilience, and Compliance
|
|
The need for greater cyber resilience underpins much of the cybersecurity legislation that the EU has passed in recent years. It is also recognised by most organizations as business-critical in the digital era. Yet it remains a hard bar to clear: Secure the perimeter and then cloud comes along; Get on top of shadow IT only to be faced by shadow AI; Optimise data security controls only to be undone by compromised credentials.
Building cyber resilience for the long-term requires a detailed assessment of current and emerging risks. Organizations need to stay abreast of the geopolitical situation, the threat landscape, and developing and expanding regulatory requirements. Security strategies need to be future-ready to enable the organizations to capitalize on innovation and AI without exposing themselves to greater risk.
Mark Child
Associate Research Director, European Security, IDC
|
|
9:30
|
Netskope Presentation: Security 5.0: The New Frontier!
|
|
Paulo Vieira
Country Manager – Portugal, Netskope
|
|
9:50
|
HPE Aruba: Zero Trust - A Modern Security Strategy for a Changing World
|
|
In today’s rapidly evolving cybersecurity landscape, traditional perimeter-based security is no longer sufficient. This session explores Zero Trust, a modern security framework based on the principle that no entity. inside or outside the network should be inherently trusted.
Join Jaye Tillson as he examines the evolution of Zero Trust, why it’s more critical than ever, and how organizations can successfully implement it using HPE Aruba Networking’s cutting-edge solutions. Learn how advanced networking and security technologies can reinforce Zero Trust principles, enhance visibility, and mitigate risk.
With increasing regulatory requirements such as NIS2 mandating stronger cybersecurity measures, adopting a Zero Trust approach is no longer optional; it's essential.
Whether you're just beginning your Zero Trust journey or looking to refine your existing strategy, this session will provide valuable insights, key regulatory considerations, and actionable steps to strengthen your security posture.
Jaye Tillson
Field CTO, HPE
|
|
10:05
|
Pentera Presentation: How IP Telecom Reduces Business Risk with Continuous Security Validation
|
|
In this session, Jose Carlos Goncalves, CISO at IP Telecom, will share his firsthand experience with Automated Security Validation. Discover the challenges he faced in reducing exposure, the strategies that proved effective, and the positive outcomes for his organization’s security posture.
José Carlos Gonçalves
CISO at IP Telecom
|
|
10:17
|
DXC Technology Presentation: Cybersecurity 2048: Days of Future Past
|
|
If there is something constant in the universe, that’s speed of light. And change. Change is a constant in today’s world. We are living through times where the present is leaving us... every single second. These are times where present is already past and the need to adapt and adopt new and emerging technologies has become instrumental for success. The Auditing function is no stranger to all this and organizations are being pressed with time-to-market issues while, in reality, they should a have time-to-value perspective. In an epoch where technology is pervasive and you can hardly find businesses that do not depend on technology, Auditing has to face change as one critical variable in the planning of enterprise strategy. Because we have something crystal clear: that the future...is going to change. We have to capture the present realizing that it has already become past and that the next business iteration has already happened, whether we like it or not.
By attending this session, the attendee will enhance her/his perception on the importance of time when designing, planning and executing a business strategy. The difference between strategy and tactics will be mentioned as well as the need of adapting to change in a world with no secrets, no barriers, no frontiers. The attendee will gain a deeper understanding on the issues of adaptability, trustability and reliability and, more importantly, will discover that we are living in the future. Welcome to Cybersecurity 2048: Days of Future Past.
Ramsés Gallego
Chief Technologist Cybersecurity, DXC
|
|
10:29
|
Digital Leader Panel: Integrating ZTNA and Micro-segmentation Strategies in the Age of AI | Powered by Akamai
|
|
As business infrastructures evolve towards decentralized models, the need for segmentation and strict access policies becomes critical. Modern threats are no longer limited to preventing initial intrusion but focus on an attacker's ability to move laterally within the network after gaining access. Implementing strategies such as Zero Trust Network Access (ZTNA) and micro-segmentation enables a more precise and adaptable approach to protecting critical data and applications, regardless of their location (whether on-premises, in the cloud, or hybrid environments).
In this panel, industry leaders and an Akamai expert will share challenges, best practices and concrete cases demonstrating how combining detailed visibility into network flows, segmentation based on dynamic attributes, and agile threat response transforms security management. The session aims to provide valuable insights on implementing these approaches effectively, ensuring regulatory compliance, protecting against ransomware, and aligning cybersecurity strategies with the demands of the AI era.
Bruno Horta Soares
Executive Senior Advisor, IDC
Francisco Zarallo
Enterprise Cybersecurity Specialist, Akamai Technologies
Pedro Rodrigues
CISO at Banco de Portugal
Daniel Caçador
Data Protection Officer, Banco Montepio
|
|
11:10
|
Networking Break and Meetings
|
|
11:40
13:10
|
Track Sessions (Parallel Sessions)
|
|
Emerging Threats and Trends
11:45 - 12:00
IDC Presentation: The Resilient Enterprise: Securing Cloud, Data and AI
As organizations expand their use of cloud, data, and AI, securing these assets is critical to maintaining resilience. With rising attack sophistication and regulatory demands this explores emerging security technologies, and proactive measures to ensure the confidentiality, integrity, and availability of critical assets across these interconnected environments.
Ralf Helkenberg
Senior Research Manager, Research Manager - Privacy & Data Security, IDC UK
12:00 - 12:15
Fortinet Presentation: Consolidate to Respond & Detect Faster
David Antunes
Solutions Account Manager, Fortinet
12:15 - 12:30
Security ScoreCard Presentation: The Rising Threat of Supply Chain Cyber Attacks: How to Evolve, Adapt, and Strengthen Vendor Collaboration
Victor Neves
Diretor Regional para a Península Ibérica, SecurityScorecard
12:30 - 13:10
Digital Leader Panel: Strengthening Security Posture: Managed Strategies for the Digital Era | Powered by Crayon
In today's digital landscape, organizations face increasingly sophisticated cyber threats, making a robust security posture essential. This panel brings together representatives from leading Portuguese organizations and Crayon expert to discuss the challenges and best practices in managing security posture. Proactive strategies will be addressed that include identifying and mitigating vulnerabilities before they become incidents, continuously monitoring threats and responding effectively to potential attacks. In addition, the importance of a security framework that ensures regulatory compliance and the protection of sensitive data will be emphasized. Participants will share experiences on the implementation of recognized frameworks and the adoption of security practices that promote collaboration between security and operations teams. This panel offers a unique opportunity to understand how organizations can improve their security posture, adopting integrated approaches and facing the challenges posed by the digital age.
Alexander Värä
Global Security Technical Services Sales Director, Crayon
Bruno Horta Soares
Executive Senior Advisor, IDC
Ivo Rosa
Head of Security Operations Center, EDP
Flavio Carvalho
CISO Iberia, Group Crédit Agricole
AI and Automation in Cybersecurity
11:45 - 12:00
IDC Presentation: Moving Agentic Workflows into Cybersecurity
Esta apresentação explora o potencial dos agentic workflows para transformar as operações de cibersegurança, automatizando tarefas de conhecimento e processos de tomada de decisão. Estas soluções de IA permitem às organizações aumentar a produtividade e fomentar a inovação em diversas áreas. No entanto, uma implementação bem-sucedida requer a identificação criteriosa de casos de uso de elevado valor, evitando melhorias marginais em áreas de menor impacto. Para tirar o máximo partido destes fluxos de trabalho, os CIOs devem definir estratégias abrangentes de IA, estabelecer estruturas de governação robustas e capacitar as equipas para desenvolverem soluções de IA. Ao focarem-se em tarefas criativas e orientadas a projetos, as organizações podem potenciar os agentic workflows e, simultaneamente, enfrentar desafios de segurança, coordenação e envolvimento dos colaboradores.
Bruno Horta Soares
Executive Senior Advisor, IDC
12:00 - 12:15
Orbcom Presentation: Securing An AI-First Future
Pedro Francisco
Regional Sales Manager Cortex Cloud, Palo Alto Networks
12:15 - 12:30
NOS Presentation: AI-Driven MDR: Faster Threats Require Smarter Defenses
Cyber threats are evolving faster than ever, causing material impact in mere hours. In this shifting threat landscape, organizations must rethink how they monitor, detect, and respond to incidents. Explore the most effective approaches to MDR, where AI and automation play a critical role in accelerating cyber defense.
Rui Custódio
Head of B2B Services Business Unit, NOS
12:30 - 13:10
Digital Leader Panel: Navigating the Threat Landscape: Insights from Industry Leaders
Num cenário digital cada vez mais complexo, os líderes enfrentam desafios constantes na proteção das suas organizações contra ameaças emergentes. Este painel reúne executivos de topo para discutir estratégias eficazes de cibersegurança, partilhar insights sobre as ameaças mais recentes e explorar abordagens inovadoras para garantir a resiliência empresarial.
Rui Ribeiro
Coordenador Executivo da Lusófona Executive School
Pedro Ponte
Head of Information Technology, Alves Ribeiro
Mark Child
Associate Research Director, European Security, IDC
|
|
13:10
|
Executive Lunch IDC & Crayon| Rethinking Risk: Proactive Strategies for Strengthening Security Posture
|
|
Agenda:
13h15: Check-in
13h20: Mensagem de boas-vindas
13h25: Building Successful Conversations About Cybersecurity Posture, Bruno Horta Soares, Executive Senior Advisor, IDC
Overview:
This presentation will explore how security leaders can structure effective conversations, ensuring that key stakeholders understand the organization's true risk posture and its alignment with the organization's risk appetite. Strategies will be discussed to translate technical metrics into actionable insights, providing decision-makers with a clear view of the cybersecurity program's performance and the evolution of its security posture.
13h40: Beyond Traditional SOC: A Proactive Approach to Security with Crayon Managed Security Posture, Alexander Värä, Global Security Technical Services Sales Director, Crayon
Overview:
This session will explore the need for a new cybersecurity paradigm, where security posture shifts from being purely defensive to becoming a continuous process of improvement and proactive risk mitigation. We will present how a structured approach based on security hardening, continuous configuration monitoring, and incident response preparedness can significantly reduce exposure to threats. Crayon will demonstrate how a Security Posture Management model enables organizations to avoid operational overload, reduce false positives, and maximize security investments, ensuring that available tools are fully utilized and properly configured. With a strong focus on prevention and continuous optimization, this approach ensures not only compliance and protection against ransomware but also true cybersecurity resilience aligned with business needs.
13h55: Almoço e debate
14h30: Encerramento
Alexander Värä
Global Security Technical Services Sales Director, Crayon
Bruno Horta Soares
Executive Senior Advisor, IDC
|
|
13:10
|
Lunch & Networking Lunch
|
|
14:30
15:50
|
Track Sessions (Parallel Sessions)
|
|
Zero Trust and Advanced Network Security
14:35 - 14:50
IDC Presentation: Zero Trust and Data Protection Walk into a Bar
Nesta sessão, será abordada a aplicação prática dos princípios de zero trust em ambientes de cópia de segurança de dados. As backups são, muitas vezes, alvos apetecíveis para cibercriminosos que tentam eliminar ou extrair estes dados para exigir resgates, ameaçando a exposição pública ou na dark web. A filosofia de zero trust, originalmente concebida para proteger redes corporativas, deve estender-se também às cópias de segurança, garantindo a protecção dos dados críticos e a capacidade de recuperação em caso de ataque. Serão apresentadas orientações concretas para implementar este modelo, reforçando a resiliência e a segurança das organizações num cenário de ameaças em constante evolução.
Bruno Horta Soares
Executive Senior Advisor, IDC
14:50 - 15:05
DigitalSkills Presentation: One step ahead of the attacker: insights from 100.000 pentests
DigitalSkills is pleased to bring to the IDC Security Summit 2025 stage, our exclusive international partner Horizon3ai, for an insightful presentation on the most exciting findings from 100,000 pentests and how your company can benefit from them”. Dennis Weyel, International Technical Director at Horizon3.ai, will present the latest findings from NodeZero's extensive penetration tests.
Join us to learn about:
1. Why CVEs are no longer your biggest problem
2. What an attack looks like in reality
3. How you can recognize if you are really safe
Dennis Weyel
International Technical Director, Horizon3ai
15:05 - 15:20
Manage Engine Presentation: Simplifying the adoption of a cybersecurity strategy based on Zero Trust
With the rise of mobility, cloud adoption, remote work, bring-your-own-device (BYOD) policies, and more sophisticated cyberattacks, the traditional security model is no longer sufficient to protect the organization from potential fraud or information theft. That is why it is necessary to include new technologies such as Thread Intelligence and the use of AI and ML to reinforce the business cybersecurity strategy and confront cyber threats.
Andrés Mendoza
Technical Manager, Manage Engine
Resilience and Incident Response
14:35 - 14:50
IDC Presentation: Cyber Resilience: Sifting From Reactive To Ready
Effective incident management is crucial in today’s evolving threat landscape. This explores key aspects for rapid response and recovery, highlighting the role of AI, automation and threat intelligence. With rising attack sophistication and regulatory demands, a strong incident response framework is essential for minimizing impact and ensuring resilience.
Ralf Helkenberg
Senior Research Manager, Research Manager - Privacy & Data Security, IDC UK
14:50 - 15:05
CyberS3c Presentation: CiberResiliência e Resposta a Incidentes: Preparação, Reação e Recuperação
Num cenário digital cada vez mais dinâmico e ameaçador, a resiliência na cibersegurança deixou de ser apenas uma questão de prevenção para se tornar uma necessidade estratégica, garantindo a capacidade de antecipar, resistir e recuperar rapidamente de ciberataques. A continuidade operacional e a minimização do impacto dos incidentes dependem de uma abordagem integrada, combinando inteligência de ameaças em tempo real, correlação automatizada de incidentes e processos de resposta eficazes. Nesta apresentação, exploraremos como fortalecer a resiliência das organizações através da visibilidade total das superfícies de ataque internas e externas, da automação na deteção e mitigação de ameaças e da adoção de frameworks de conformidade, como a NIS2, para reforçar a governação e a gestão do risco. Para além da mitigação e resposta, a notificação atempada dos incidentes às autoridades competentes é um elemento essencial para garantir a conformidade regulatória, permitir a coordenação com entidades responsáveis pela cibersegurança e reduzir o impacto de potenciais ameaças sistémicas. A resiliência eficaz exige preparação, capacidade de resposta e uma adaptação contínua a um panorama de ciberameaças em constante evolução.
David Russo
CTO and Co-Founder, CyberS3c
15:05 - 15:20
Balwurk Presentation: Business Continuity Management: Uma Resposta Adequada aos Requisitos Normativos
“Na sequência do tema, Estratégia e Resiliência, a Continuidade do Negócio (CN) é um conceito fundamental que visa garantir a operação ininterrupta de uma organização, mesmo diante de crises ou eventos adversos. Este tema é crucial, especialmente num ambiente de negócios cada vez mais volátil e incerto. A apresentação irá abordar as razões pelas quais a CN é indispensável e as estratégias para implementá-la eficazmente. A apresentação demonstrará que a CN não é apenas uma medida reativa, mas uma estratégia proativa que, quando bem implementada, fortalece a resiliência da empresa e contribui para o seu sucesso a longo prazo.”
Ricardo Rodrigues
CEO, Balwurk
|
|
15:20
|
Networking Break & Meetings
|
|
15:40
|
Welcome & Giveaway
|
|
15:45
|
Aryaka Presentation: The Secure Networking Journey
|
|
Elad Tzur
Network Security Channel Sales Director, Aryaka
|
|
16:00
|
Cisco Presentation: Securing Tomorrow: Cisco’s AI-Powered Innovation in a Connected World
|
|
Cisco Security delivers cutting-edge solutions to safeguard the AI-driven future. With a focus on innovation, Cisco empowers organizations to protect workloads, embrace zero-trust architectures, secure AI development, and build digital resilience—all while seamlessly integrating security and observability for a smarter, safer tomorrow.
Ricardo Silva
CTO & Leader, System Engineering, Cisco
|
|
16:15
|
Closing Remark by Netskope
|
|
Paulo Vieira
Country Manager – Portugal, Netskope
|
|
16:20
|
Keynote Presentation: From e-Estonia with LOVE!
|
|
As a former government CIO, Taavi Kotka will humorously provide a rapid overview of the latest successes and failures of Estonia in cybersecurity, AI, startups, and the defense industry. We will also discuss a confidential topic that Estonia hopes will become the next big international sensation. Can a government official become a millionaire in a democratic country without corruption?
Taavi Kotka
IT visionary and former CIO of the Estonian Government, known for leading e-residency program.
|
|
16:45
|
Encerramento
|
