From due diligence to resilience: how to secure your most critical suppliers
In the session, NCSC and DTC will provide practical guidance on the important components of supplier risk management. Both organizations have published multiple publications and webpages on supply chain risk management the past year. Some questions that will be addressed are: What are the best practices of supplier risk management? How mature organizations can help […]
Vulnerability Disclosure in the Energy Sector
The European electricity network has become a ‘smart grid.’ This offers many opportunities for sustainability but also makes our energy system more vulnerable to digital attacks. In a time of increasing threat of hybrid warfare, the government and the energy sector realize that we as a society must prepare for possible disruption of the energy […]
You’re not secure by design, if you’re not memory safe!
What if 70% of all vulnerabilities in the critical infrastructure of tomorrow could be prevented with one simple decision? Memory safety is not just an implementation detail that only engineers should talk about; it is a crucial requirement for building software that is safer and more secure by design. In this talk, we’ll explore what […]
Bucket Leaks: From Exposure to Cloud Takeover
With the growing reliance on cloud services for storage and deployment, securing cloud environments has become critically important. Cloud storage solutions like AWS S3, Google Cloud Storage, and Azure Blob Storage are widely used to store vast amounts of data, including sensitive configuration files used in software development. These files often contain secrets such as […]
Researchers vs. Threat Actors in Cloud Attacks
Security researchers push the boundaries of what’s possible. (Nation-state) threat actors push the boundaries of what’s exploitable. In this talk, a cloud security researcher and a threat intelligence analyst team up to explore how cutting-edge cloud attack research is rapidly weaponized by espionage threat groups. We’ll walk through real-world examples where newly published techniques – […]
SBOM: beyond simply listing CVEs
Organizations need to manage cybersecurity risks in increasingly complex IT and OT infrastructures that are comprised of heterogeneous systems and services, both on-premise and in the cloud. Many of these components are produced or provided by third parties, exposing organizations to various risks that need to be carefully managed and mitigated (a.o. to prepare for […]
From Assessment to Action: Coordinated Risk Strategy
In an era where supply chains are as interconnected as the technologies that power them, cybersecurity risks no longer respect sectoral or national boundaries. This panel explores the urgent need for an EU-wide, coordinated approach to supply chain security—one that bridges public and private sectors, aligns risk assessment methodologies, and drives the development of a […]
Hyperconnected Supply Chains: Attacking Cyber Resilience
Cyber resilience is under attack. As global supply chains become increasingly hyperconnected, the convergence of Operational Technology (OT), IT, AI, and Industrial IoT (IIoT) is exposing new vulnerabilities. The Netherlands, a key hub for maritime logistics, energy, and critical infrastructure, is at the centre of these risks, facing a growing wave of cyber threats—from state-sponsored […]
Cyber Security Assessment Netherlands 2025
The Cyber Security Assessment Netherlands (CSAN) provides insight into threats, interests and resilience in relation to cyber security and the effect these factors have on national security. The CSAN is published annually by the National Coordinator for Counterterrorism and Security and is written in cooperation with public and private partners. The CSAN2025 will be published […]
Cybersecurity Techniques to Solve Fraud Problems
For the last decade, tier 1 financial institutions have been using cybersecurity teams, data, and technology to address the growing challenge of digitally-enabled fraud and abuse. This session introduces some of these approaches, including how to use data, machine learning / AI, and modified cybersecurity techniques to address fraud earlier and more effectively. Specific real-world […]
