SIGS Roundtable Afternoon

Artifical Intelligence, Cloud, Data Privacy, Fraud, Security Awareness, Strategic Risk Management, Threat Hunting and more

Save the DateKlick for the .ics file to save the date

Goal Different moderators will introduce a specific topic and share their knowledge in this field. Afterwards active discussions, exchange of own experiences under the participants and share/exchange tips and tricks within a specific field.

After one hour, we will change the tables so there’s the possibility to attend at three different discussions in total.

Rules This platform is held under Chatham House Rules!

Target Audience Information Security Professionals CIO’s, CISO, IT Manager, Security Engineers and all other persons who are responsible and interested in Security

Vendors, Suppliers and Consultants which don’t help to sponsor and therefore support this platform are not authorized to take part

CPE Credits Earn 5 CPE (Continuing Professional Education) for attending this SIGS event. Please request a confirmation during the registration process.
Location Traumgarten
Zürcherstrasse 63
8800 Thalwil

Some impressions you can find here

There are enough parking places for free

Public transport: there’s a bus from the railway station almost directly to the Traumgarten – check here
We also will organize a shuttle bus from the Traumgarten to the railway stations and vice versa.
Date of Event 22nd August 2019
Language English
Schedule see agenda below
Participation Costs Fr. 95.— per participants
Roundtables, Apéro, Dinner and all beverages included



1:00 – 2:00 pm Registration & Coffee
2:00 – 2:15 pm Welcome & Introduction and instructions by SIGS
2:15 – 2:30 pm Move to the roundtable of your choice for the 1st turn
2:30 – 3:30 pm Offered roundtables
Marc Etienne Cortesi, Head Information Security & Compliance at Baloise Group
Marc is the CISO of Baloise Insurance Group. Holding a ETH Master in Computer Science, his way led him from Software Development over Project Management and Auditing to the infinite wides of information security. Beside IT, Marc loves wine and Basketball.

Building a Security Awareness Ambassadoring Program
I would like to initiate a discussion on how to establish a positive security culture within an organisation. One part of our group-wide information security awareness concept is building an ambassadoring program. What are your experiences in setting this up? What were your DO’s and DON’T’s? I am looking forward to an interesting discussion.

Djamel Djedid, Global IT Leader at DHL SUPPLY CHAIN
Djamel Djedid drives some of hottest analytics industry trends: analytics cloud services and company-wide data governance. He’s spent the past 3 years defining, evangelizing and implementing these game changers for modern companies.

An IT and business passionate with deep tech industry knowledge, Djamel has championed specifically master data management in DHL across all functions, globally. He has mastered the technology elements and navigated through the organizational, cultural and legacy challenges – to support DHL digitization strategic agenda.

As a top-performing professional with robust experience of designing, managing and implementing critical IT solutions and transformation programs Djamel combines technical expertise with exceptional people-management skills to reach business objectives and deliver high quality results.

Throughout his 20-year tenure with DHL, Djamel has delivered results on both strategic and tactical levels in areas such as service improvement, technology modernization, analytics, master data and recently data governance.

On prem vs. Cloud infrastructure assessment
Once upon a time, a company was running 3 large global data centers with a full centralization and on-prem server approach. In just 5 years’ time this company has shifted to a “cloud-first” credo – and it is a large company, the world’s largest logistic company. But how and why did this shift to the cloud happened? What are the practical implications and are they already some measurable outcomes? The story still goes on, but there is already a lot to share on the recent dynamics.

Let’s discuss the experience we have made and get some ideas for your own cloud journey.

Dimitri Dorodin, SOC Lead at JTI – Japan Tobacco International, Madrid
Further details please check LinkedIn

Co-moderator: Franck Jaffré, Senior Solution Consultant at ServiceNow
Further details please check LinkedIn

How automation in a SOC can help you to have a better security posture and reduce your cyber-risks. Connect your existing security tools with Security Operations to prioritize and respond to incidents and vulnerabilities according to their potential impact on your business.
Building your cyber response processes on an enterprise platform can help you reduce time and more adequately respond to security incidents with native integration with your asset database, linking your security incidents to their business impact. In responding and remediating faster and better to your vulnerabilities, you will reduce your attack surface and your risks.

At this table we will discuss how to reduce time to respond, remediate and increase the visibility on your security posture and report it via integrated business and technical dashboards and reporting.

Martin Ebner, CISO in an organisation within the Ministry of Defence Austria
HR Ing. Martin Ebner, BSc MSc, AUT is currently CISO and Information Security Expert at Ministry of Defence Austria. He graduated in different academic courses and studies like Mechanical Engineering, Automatization and Robotics, IT Security, Technical Management, Environmental Protection and Process Engineering.

In the past, he worked in different positions in several fields within the military forces – as officer and civilian. Martin specializes in management and information security. He has set up the first information system linked to the internet, cofounded organisations for ITSec in the Ministry, in different organisations and teams.

Co-moderator: Paul Brucciani, Cyber Security and Risk Consultant at Garrison Technology Limited

Security Requires Prevention and not Reaction!
Reaction is a medium of mitigation and not prevention. However, prevention requires tactical, operational and strategic predictions and should be based on analyzes of existing historical data which also can be used to predict probabilities.

The consideration of 12 layers – means OSI model extended to the user, his social environment, political embedding, cultural and religious barriers – has become necessary, to comprehend security holistically (we are far away from understanding).

Data gathering
How can I get all the information I need for a comprehensive analysis?

Data analysis
It’s not easy and no longer manually analyzable. What for information do we need to be able to answer relevant questions?

Tools of visualization, simplification, correlation and last but not least AI are needed. Here I also see one of the important topics for the future: interpretation of the information with AI and the associated (pre-) prediction. The question of whether human prediction and interpretation will still exist in the future may be discussed provocative.

Today, actions and control are already supported by machines and prevention must be done in two important ways: changes in the natural as well in the technical environment.

At this table I’d like to discuss how we can gain the right information to get a useful prediction and therefore a good strategic Risk Management.

Rainer Kessler, Senior Lecturer & Researcher at the University of Applied Sciences of Northwestern Switzerland (FHNW)
Research and teaching for more than two decades at various institutions; college lecturer for the Certificate of Advanced Studies (CAS) in Cybersecurity and Information Risk Management (CSIRM) and for the CAS in Risk Management at FHNW; Partner for Emerging Technology Assurance at a Big4 company; former Group CISO & Global Head of Information Security at UBS; former external CISO a.i. of Defense (VBS, Swiss Ministry of Defense); extensive Military career in intelligence, reconnaissance, and troop command (Major ret.); Master of Laws (LL.M.), Master of Business Administration (M.B.A.), and Swiss Certified Computer Software Engineer (Eidg. Fa. Analytiker-Programmierer), as well as various specialization certificates, e.g., for GDPR (EU-DSGVO); emphasize on risks, security, and compliance of emerging technologies, such as A.I., IoT, drones, blockchain, etc.

Co-moderator: Dominique C. Brack, Principal Information Security Alps Region at T-Systems (Schweiz) AG
Further details please check LinkedIn

Artificial Intelligence and Information Security & Risk Management – and now?
What exists, what is missing, what are the risks, what are opportunities, do we see trends? We read and hear lots of questions and assumptions around AI, not only in Information Security but in almost all IT relevant topics. But what does this really mean for our daily practice? Where are algorithms ending and where does true artificial intelligence starts? And can this all be a game changer in information security & risk management?

Ideally this round table session will create the fundament to support you for the near future and develop a network in Switzerland on this subject.

Todd James, Director, Head of Detection Content Enhancements, Cyber Defense, Chief Information Security Office at UBS AG
For over five years, I have been with UBS Cyber Operations based in Zurich. I am currently the Head of the Detection Content Enhancements Team and a Senior Attack and Threat Analyst.

Our primary focus is the creation of content to detect malicious activity. My daily tasks also include incident response, threat intelligence analysis, post attack triage, and reporting. Other parts of my job include; SOAR workflow, identifying and addressing coverage gaps, as well as motivating and mentoring our junior analysts to see beyond isolated events and view the whole picture.

Previously, I worked as a security analyst at Swisscom Managed Security Services in Zurich protecting large enterprise customers.

Co-moderator: Tomer Ohayon, Senior Cyber Threat Intelligence Analyst at CyberProof
Tomer is responsible for cyber intelligence operations, collection and development of OSINT sources, Cyber-HUMINT, malware analysis, threat hunting and the production of tailored CTI reports. Served as an intelligence specialist for the government, insurance and banking sectors. Prior to joining CyberProof, Tomer worked as a Security analyst at CheckPoint where he actively hunted and analyzed new malwares variants and provides intelligence which were directed to the customers and to the global systems. Tomer has a BA degree in Law with distinction in Privacy Protection over the internet and a Master’s degree in Business Administration.

Threat Hunting – Where do you start?
Everyone wants do to hunting, it’s the cool kid but no one actually know where to start and what they need. Let’s do machine learning and AI to hunt, sure…

If your organization doesn’t have the fundaments, you won’t be hunting, won’t be finding anything, and you surely won’t be doing any advance analytics either.

This roundtable should help to address these issues and realistically set expectations.

Stefan Keller, Senior Expert Security, Compliance and Privacy at a major Pharma company
Stefan Keller works in the Security & Privacy Governance Team of a major Pharma company. Combining technical, security management and privacy backgrounds, he mixes well with IT, procurement and legal colleagues.

Stefan is a EuroPrise Certfied Technical and Legal Expert, and collects privacy/security certs as a hobby (CISSP, CISM, CIPP/E, CFE, ISO 27001 LA). He is also one of the co-chairs of the IAPP KnowledgeNet Chapter Switzerland.

Security is from Mars, Privacy from Venus – Misunderstandings between Privacy and Security People
At this table, we’d like to discuss what can go wrong between privacy and security colleagues, where there is common ground and where people misunderstand each other.

  • How are privacy and security risks different?
  • What is the difference between a Data Protection Impact Assessment and Security Assessment?
  • Which are burning issues for security persons compared to privacy persons?
  • Does ISO 27001 help?
  • What are privacy certifications good for
  • etc.
Bruce Nikkel, Professor at the Bern University of Applied Sciences
Bruce Nikkel is the Head of Cybercrime Intelligence & Forensic investigation at UBS, and Professor of Digital Forensics at Berner Fachhochschule.

The Future of Cyberfraud
This roundtable will discuss trends in cyberfraud and financially motivated cybercrime. We will talk about the direction cyberfraud is evolving and what we can expect to see in 5-10 years.

3:30 – 4:00 pm Coffee break and move to the roundtable for the 2nd turn
4:00 – 5:00 pm 2nd turn Roundtable Discussions
5:00 – 5:15 pm Move to the roundtable of your choice for the 3rd turn
5:15 – 6:15 pm 3rd turn Roundtable Discussions
6:15 – open end Apéro & dinner (buffet with hopefully something for everyone) and extensive networking


The Sponsors of this event are:​








This is a ‘must attend’ event for all security professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success.

Register here!

Cancellation Policy
Cancellations of registration are free of charge until 30 days before the event. Cancellations received beyond this point will incur 100% of the admission fee. You will get an invoice for the respective amount. In any case, however, a delegate may be sent at no additional costs.

Earn CPE Credits for
attending SIGS Events

Registration here!



Participant feedback from the SIGS Roundtable Afternoon 2019

Both the setting (Show-Garden) and the three discussions I could attend were excellent. Congratulations to you and the team for a very successful event.
Bester Event, welchen ich in den letzten 4 Jahren besucht habe. Viele tolle Menschen kennengelernt, Knowledge-Austausch auf hohem Niveau!
Einmal mehr vielen Dank für diesen hervorragenden Networking Event inklusive inhaltlich sehr wertvollen Round Tables!
Thanks to you and the SIGS team for the great organization. I think this format of event is really useful.


  • Location and setting
  • Themes I was very happy with all my round tables. Security Awareness, Threat Hunting, Data Privacy
  • Knowledge of the hosts and other participants
  • Timing ( even though the roundtables could be shorter)
  • Apero and Dinner

Negative ( I am working really hard to find negative points!)

  • The weather


Thank you for a very interesting and enjoyable day and some very good discussions.