The AppSec Contractual Sins

In this talk, based on years of practical experience in dealing with supply chain security and IT contracts, I am sharing techniques and methods for ensuring that security requirements are properly incorporated into IT contracts, and that business risks are properly assessed – and addressed. The talk will present a number of real-life examples of […]

Clinical diagnostics and the Digitale Dolle Mina’s

We founded the Digitale Dolle Mina’s because the digital world must not be left out when it comes to women’s rights. But perhaps even more importantly, during the hack of Clinical Diagnostics, sensitive data of nearly a million women was stolen, and the response was underwhelming at best. Our talk will focus on what went […]

The Cyclotron public private collaboration journey

Share incident and threat data in public–private collaboration, do analyses together and create and distribute the findings to all relevant organizations in the Netherlands. In this way, we can make the Netherlands an unattractive target for digital attacks. What have we been doing in our current journey of public-private collaboration? Let’s develop, automate and secure […]

The Attribution Minefield in Ransomware Investigations

Ransomware attacks pose a growing threat to both digital and physical infrastructures. When a ransomware incident occurs, victim organizations often face pressure to restore operations quickly—even if that means paying the ransom. However, payment introduces serious legal and financial risks: if the attacker is a sanctioned entity, making a payment could result in violation of […]

Hack the mind: the power of storytelling in cyber

In cybersecurity, data informs — but stories transform. You can speak in numbers, but no one remembers the spreadsheet. For CISOs and security leaders, turning complex risk into clear, human action is what actually moves the needle. Long reports? Ignored. Controls? Misunderstood. People? Tuned out. This session goes where most don’t: storytelling as a leadership […]

Cyber competence shortages in Europe and solutions

There is more demand than availability of talent for cybersecurity. A recently published analysis of several European countries shows in detail what the current needs are and if we can bridge the gap with available training. Experts were also consulted on the future competence needs, what is for instance the impact of legislation and technological […]

Does your future cyber workforce have what it takes?

Does your future cyber workforce have what it takes? How to attract multidisciplinary cyber talents in a fast changing digital world. In light of the current developments, the demand for cybersecurity talents and profiles is becoming increasingly diverse, which requires a completely different approach in attracting those talents. A recently published report in 2024 commissioned […]

10 Years of Hardware Hacking: Secret Insights & Lessons

This session offers a rare opportunity to gain exclusive insights into hardware hacking, drawn from 10 years of practical experience. Designed for a diverse audience, including non-technical attendees, the presentation combines unconventional techniques, challenges, and lessons learned without disclosing sensitive details. Strict confidentiality applies (TLP: Amber). No recordings allowed.

Bits, Breach & Besluiten: The night of the TU/e Hack

In this joint presentation by Eindhoven University of Technology (TU/e) and Fox-IT, we will provide a detailed account of the cyberattack that impacted TU/e, covering the technical, operational, and organizational dimensions of the incident.