<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=6226337&amp;fmt=gif">
Join Us
    • Overview
    • Program
    • Sponsors
    • Keynotes

    Safeguarding Trust

    Overview 

    Join fellow FS-ISAC members from across Europe, the Middle East, and Africa for two full days of learning, collaboration, and networking. 

    Summits are our largest events of the year, packed with insightful presentations, workshops, and panels on topics relevant to the security of the global financial services industry. 

    Highlights 

    Relevance 

    The synthesis of cybersecurity and the financial sector distinguishes FS-ISAC Summits from other large industry events. The EMEA Summit is specifically designed for cybersecurity professionals in financial institutions. 

    Content 

    Sessions are divided into three tracks – Intelligence, Security, and Resilience – so that you can focus on the most pressing issues in your organization today. 

    Connection 

    Collaborating with cybersecurity experts from across EMEA advances your skills and the sector’s security. And by learning from others, you can develop invaluable connections that outlast the Summit. 

    Exercise

    Participating in exercises increases resilience. Take part in our in-person tabletop exercise, "SAAS Third Party Outage", on 22 May. This exercise is hosted in conjunction with the 2025 EMEA Summit, but registration is separate. Find out more about the exercise here.

    Event Sponsorship

    Interested in sponsoring this event?

    View Sponsorship Opportunities

     

    Marietje Schaake

    Author, The Tech Coup: How to Save Democracy from Silicon Valley

    International Policy Director, Stanford’s Cyber Policy Center

    Named Politico’s “Most Wired Politician” in Europe

    Marietje SchaakeMarietje Schaake is a leading authority on technology policy, democracy, and governance, renowned for her decade-long tenure as a Member of the European Parliament (2009–2019). As International Policy Director at Stanford University’s Cyber Policy Center, she spearheads initiatives that address the complex interplay between technological innovation and public policy. Her 2024 book, The Tech Coup: How to Save Democracy from Silicon Valley, offers a compelling analysis of the challenges posed by unregulated technology to democratic institutions.

    In recognition of her expertise, Marietje has been invited to speak at prestigious events, including the Oxford Literary Festival in April 2025, where she will discuss the themes of her latest publication.

    Her insights are regularly featured in leading publications, and she contributes a monthly column to the Financial Times, focusing on technology and governance.

    Marietje’s forward-thinking approach and commitment to ethical technology governance make her a sought-after speaker for audiences seeking to understand and navigate the rapidly evolving digital landscape. Her ability to demystify complex technological issues and articulate their implications for democracy and society ensures that her presentations are both enlightening and impactful.

     
    1. May 19 Monday

    2. 3:00 - 6:00 PM

      Early Registration

    3. 3:30 - 5:00 PM

      Women's Reception

    4. 5:00 - 6:00 PM

      Welcome Reception

    5. May 20 Tuesday

    6. 8:00 - 6:15 PM

      Registration

    7. 8:00 - 8:45 AM

      Breakfast

    8. 8:45 - 9:15 AM

      Opening Remarks

    9. 9:15 - 10:00 AM

      Keynote

    10. 10:00 - 10:30 AM

      Proactive Cybersecurity: How KBC Strengthens Resilience
      Filip De Cock, KBC Groep; Martin Solang, Censys Platinum

      Event Toggle Arrow
      Managing an organization's attack surface (ASM) is vital for protecting assets, reputation, and stakeholders. KBC Group prioritizes ASM, using continuous monitoring and mitigation. This presentation offers insights and strategies to enhance cybersecurity resilience and reduce risk exposure.

    11. 10:30 - 11:00 AM

      Morning Networking Break & Snacks

    12. 11:00 - 11:45 AM

      A Decade of Ethical Hacking: Was It Worth It?
      Simon De Schoenmaeker, KBC Groep Security - People/Org

      Event Toggle Arrow
      We review a decade of red teaming in our organization. Why it was introduced, how it evolved, and what impact more than 100 exercises had on our cyber defense. We cover supervisor initiatives, the importance of stakeholder engagement and finally our expectations for in ethical hacking in the future.

    13. 11:00 - 11:45 AM

      Disinformation: The Strategic Threat to the Financial Sector
      Edmund Gould, Lloyds Banking Group Intel - Attacks

      Event Toggle Arrow
      Disinformation is booming, fuelled by an accelerating AI landscape, geopolitical tensions and the ubiquity of social media. In that environment, how might disinformation pose a strategic threat to banks and the financial sector? What scenarios should we prepare for and just how worried should we be?

    14. 11:00 - 11:45 AM

      Third Party Risk Management
      Lorenzo D'Ambrosi, Rothschild & Co Resilience - GRC

      Event Toggle Arrow
      It could be a roundtable or a panel where regulatory requirements related to third-party management (DORA, NIST) and their impacts in terms of cyber risk are explored, with a cloud focus. This is an example of a presentation.

    15. 12:00 - 12:45 PM

      Quantifying Cyber Risk in the Financial Sector
      Benjamin Edwards, Bitsight Technologies Resilience - GRC

      Event Toggle Arrow
      Quantifying cyber risk is a data-driven process. I will use multiple data sources to illuminate cyber risk, and highlight unique aspects of the financial sector. I will explore vulnerability management, threat intel, and supply chains, finding insights that can improve your security posture.

    16. 12:00 - 12:45 PM

      Intel can drive DORA-TLPT, TIBER and Purple Teams Programs
      Stephen Burke, Security Risk Advisors; Sajid Nawaz Khan, HSBC Global Services Security - People/Org

      Event Toggle Arrow
      HSBC and Security Risk Advisors will show how intel teams can document threat actor TTPs in reusable, shareable and scoreable test plans in the free VECTR.io platform, and show the shared 2025 Threat Index intel-driven test plan. These intel-based plans can serve as the basis for TIBER-EU, DORA-TLPT and Purple Team programs. They will also show how to use quarterly published benchmark data to communicate programme success and needs with stakeholders.

    17. 12:00 - 12:45 PM

      Proactive Threat Detection Through Geopolitical Intelligence
      Martin Mullins, TD Bank Intel - Attacks

      Event Toggle Arrow
      This presentation aims to provide an in-depth examination of best use-case application of geopolitical analysis and intelligence to drive threat detection and mitigation of cyber-nexus threats; Using real world examples of geopolitical indicators shaping holistic intelligence processes.

    18. 12:45 - 1:45 PM

      Lunch

    19. 1:45 - 2:30 PM

      Indicators and Warnings of a Cyber Attack
      Gemma Stride, Santander; Alex Jarvis-Blanks, Santander Intel - Attacks

      Event Toggle Arrow
      Taking the Indicators & Warning technique used for geopolitical analysis and how this could be used to predict cyberattacks. What does the preparation phase of a cyberattack look like in terms of building infrastructure and how can we track this to predict incoming attacks.

    20. 1:45 - 2:30 PM

      Evolving Security Leadership Panel Discussion
      Jacob Norwood, Booz Allen Security - People/Org

      Event Toggle Arrow
      Booz Allen will present a panel of industry executives to discuss the evolution of security leadership and the growing role, influence and responsibility of a modern CISO/CSO. This panel will consider the rapidly increasing range of demands placed on security leadership to protect an organization.

    21. 1:45 - 2:30 PM

      The Third-Party Risk and Regulation Battle
      David Aubrey-Jones, FS-ISAC Resilience - GRC

      Event Toggle Arrow
      The number and impact of Third-Party incidents continues to rise with critical impacts and concentration risks. Regulators are fighting back with new requirements. - Learnings from Third-Party incidents - Findings from the FS-ISAC Concentration Risk project - Regulators` response

    22. 2:30 - 3:00 PM

      Afternoon Networking Break & Snacks

    23. 3:00 - 3:45 PM

      Building Resilience Before Attacks or Operational Disruption
      Richard Cassidy, Rubrik Resilience - GRC

      Event Toggle Arrow
      We shed light on the critical need for a paradigm shift in resilience strategies where the focus lies on bridging the gap between data protection and business continuity. We delve into strategies to mitigate risks, enhance recovery speed, and safeguard sensitive data.

    24. 3:00 - 3:45 PM

      Shielding the Vault: Cloud Resilience for Financial Firms
      Etienne De Burgh, Google Intel - Attacks

      Event Toggle Arrow
      The Resilience of IT Systems that support critical activities of Financial Institutions is the focus of Regulators globally. Ensuring financial stability and preventing customer detriment are key outcomes in a context of an increasingly hostile geo-political environment. The recent President�s Counc

    25. 3:00 - 3:45 PM

      Blue Hat vs Red Hat Perspectives
      Daria Catalui, Allianz; Carsten Scholz, Allianz Security - People/Org

      Event Toggle Arrow
      In an era where digital landscapes are constantly evolving, the need to safeguard trust has never been more critical. Join us for an enlightening keynote session, "Safeguarding Trust: Blue Hat vs Red Hat Perspectives," where we delve into the dynamic world of cybersecurity through the lenses of two

    26. 4:00 - 5:00 PM

      From Chaos to Control
      Wilfred Linde, Cribl Silver Solutions Showcase

      Event Toggle Arrow
      IT & security data volumes are growing at 28% CAGR. How can your teams & tools keep up with the extra demand? Join this session to learn how to build a modernised security data strategy. Discover how to improve threat detection, break vendor lock-in, optimize budget and gain control of your data.

    27. 4:00 - 5:00 PM

      Post-DORA Resilience: Financial Supply Chain Strategies
      Justin Kuruvilla, Risk Ledger Silver Solutions Showcase

      Event Toggle Arrow
      This session explores strategies for financial entities post-DORA compliance. Focus includes mapping supply chains, mitigating systemic risks, and fostering collaboration. Gain insights into resilience beyond regulation and practical steps for continuous risk monitoring.

    28. 4:00 - 5:00 PM

      DDoS SLAs Mean Costly Downtime
      Matthew Andriani, MazeBolt Silver Solutions Showcase

      Event Toggle Arrow
      Even the best DDoS protections have significant misconfigurations that make them highly vulnerable. The only reason DDoS attacks succeed is due to vulnerabilities in the DDoS protections relied on. This presentation explains how continuous DDoS vulnerability management validates DDoS protections.

    29. 4:00 - 5:00 PM

      From Compliance to Confidence: See How Major European Finance Silver Solutions Showcase

      Event Toggle Arrow
      FSIs process thousands of files daily, creating security challenges. OPSWAT offers solutions like multi-scanning, CDR, and sandboxing to protect data and ensure compliance. This demo shows how banks use AVaaS to secure apps, detect threats, sanitise files, and integrate MetaDefender Core seamlessly.

    30. 5:00 - 6:15 PM

      Booth Crawl Reception

    31. 7:00 - 10:00 PM

      Signature Dinner Event

    32. May 21 Wednesday

    33. 8:00 - 4:30 PM

      Registration

    34. 8:00 - 8:45 AM

      Breakfast

    35. 8:45 - 9:10 AM

      Opening Remarks

    36. 9:10 - 9:55 AM

      How CISOs are Managing AI Risk
      Rebecca Gibergues, FS-ISAC; Lindsey Bateman, M&G Corporate Services; Sandip Wadje, BNP Paribas General Session

      Event Toggle Arrow
      Hear from leading CISOs on how they are responding to the growth of artificial intelligence within the sector. On this panel, we will explore how they are shaping their strategy and risk management approach, while maintaining a balance between innovation and security

    37. 9:55 - 10:25 AM

      Guardians of Trust
      Fabio Colombo, Accenture Platinum

      Event Toggle Arrow
      Accenture unveils global research on customer perceptions of top financial institutions' ability to protect their data. The focus: why trust drives business value, how leaders foster trust to fuel growth, and how security teams can position institutions as Guardians of Trust.

    38. 10:25 - 10:45 AM

      Critical Provider Panel

    39. 10:45 - 11:15 AM

      Morning Networking Break & Snacks

    40. 11:15 - 12:00 PM

      A Service Architecture for Intelligence-Led Cyber Defense
      Pasquale Digregorio, Banca d'Italia Intel – CTI/Fraud

      Event Toggle Arrow
      This presentation describes a vendor-agnostic service architecture, that integrates specific taxonomy and processes to develop an enhanced CTI capability for intelligence-led cyber defence. Two synthetic indicators usable to effectively transforming cyber threat information into adaptive defensive actions will be presented: the Cyber Threat Level, and the Cyber DEFense Readiness CONdition

    41. 11:15 - 12:00 PM

      Deepfakes: Deep Issue or Fake Threat
      Jared Skivington, Deepfake Subgroup Lead of FS-ISAC AI Risk WG Resilience - Identity

      Event Toggle Arrow
      This session will delve into the current technical capabilities of deepfake technology, how deepfakes have been adopted by threat actors, what threats they pose and what controls can prevent these threats. This session will be built upon the Deepfake Taxonomy published by the FS-ISAC AI Risk WG.

    42. 11:15 - 12:00 PM

      The Art & Science of Using AI to Make Data Security Easy
      Ash Hunt, Cyera Security – Data

      Event Toggle Arrow
      Data security is historically the least mature domain for organizations. In this session, learn how forward-thinking CISOs are leveraging AI to transform their data security strategy so that it evolves into the most mature security program and the driving force for innovation and business growth.

    43. 12:15 - 1:00 PM

      How Hackers Use A.I. to Attack Financial Services
      Shira Sagiv, Radware Ltd. Intel – CTI/Fraud

      Event Toggle Arrow
      This session provides an overview of disruptive AI-driven threats targeting financial services. It showcases how attackers leverage AI to automate attacks, shorten time-to-exploit, and adapt to targets. Gain insights into new hacker tools, attack case studies, and best practices for protection.

    44. 12:15 - 1:00 PM

      The Power of Collaboration, Analytics, and Data Sharing
      Eduardo Bárbaro, ING Bank; Fabio Fonseca, ING Bank; Svetlana Pekarskikh, ING Bank Security – Data

      Event Toggle Arrow
      This presentation outlines how financial corporations can build and deploy continual learning systems, emphasising reproducibility and automation. We highlight how a unified data architecture can create a single source of truth, solving significant challenges for any corporation.

    45. 12:15 - 1:00 PM

      Voice Security: Tackling Fraud & Authentication in an AI Era
      Vijay Balasubramaniyan, Pindrop Resilience - Identity

      Event Toggle Arrow
      AI-powered voice fraud is a major cybersecurity threat. Vijay Balasubramaniyan, CEO of Pindrop, will show how criminals use synthetic voices to bypass authentication, demonstrate real attacks, and present solutions to detect and combat this threat. It's time to rethink voice security in the AI era.

    46. 1:00 - 2:00 PM

      Lunch

    47. 2:00 - 3:00 PM

      Zero Trust and Cyber Resilience in the Era of AI
      Raghu Nandakumara, Illumio Silver Solutions Showcase

      Event Toggle Arrow
      Transforming business models delivering more agile services can increase the threat of ransomware & may disrupt services causing an impact on society. In this session, you will hear how to: identify & define risk, reduce the attack surface, contain a ransomware attack, respond & restore services.

    48. 2:00 - 3:00 PM

      CMT's Cyber Resilience Architecture using Microsegmentation
      Emanuele Bianchi, Zero Networks; Tyrone Van Staden, Capital Markets Trading UK LLP Silver Solutions Showcase

      Event Toggle Arrow
      Automated microsegmentation provides true zero trust architecture, enhancing resilience and ensuring operational continuity while side-stepping the challenges of legacy solutions. Join the Zero team as we walk through real-world scenarios with our customer, Capital Markets Trading.

    49. 2:00 - 3:00 PM

      Back to the Future: Rewriting the Past, Defending the Future
      Erno Doorenspleet, Cyberbit; Richard Quignon, Cyberbit Silver Solutions Showcase

      Event Toggle Arrow
      Join us for a "back to the future" journey showcasing how to drive resilience with an innovative, outcome-based exercise approach. From live-fire simulations and compelling videos to mastering the left and right of boom experience, discover how creativity and problem-solving skills build resilience.

    50. 2:00 - 3:00 PM

      Mobile Application Protection Made Easy
      Yang-Giun Ro, Zimperium Silver Solutions Showcase

      Event Toggle Arrow
      Mobile Application Protection Suite; Frictionless Security Made Easy Showcase of the Mobile Application Protection Suite: - Why care about Mobile App Security? - Where do application risks arise? - How do we solve the problem? Actual Demo will include visualisation of the security capabilities

    51. 3:15 - 4:00 PM

      Cooperation Against Fraud
      Mario Trinchera, ABI Lab; Yann Werfeli, BNP Paribas Intel – CTI/Fraud

      Event Toggle Arrow
      1. brief introduction of CERTFin (governance, members, activities) 2. monitoring and inforsharing activities 3. national fraud report 4. protocol for interbank cooperation on fraud

    52. 3:15 - 4:00 PM

      Easy Targets: How Misconfigurations Leave SaaS Exposed
      Aaron Costello, AppOmni Security – Data

      Event Toggle Arrow
      Misconfigurations in SaaS apps leave sensitive data — like client information, transaction records, and employee details — exposed and easy for attackers to access. Join us to explore how these risks arise, how attackers exploit them, and how you can secure your SaaS environment.

    53. 3:15 - 4:00 PM

      The Evolution of Identity Theft: Threats in 2025 & Beyond
      Anton Ushakov, Group-IB Resilience - Identity

      Event Toggle Arrow
      This topic examines the evolution of identity theft, highlighting the shift from basic data-focused attacks to sophisticated methods targeting biometrics and device fingerprints. It explores current and emerging threats, exploitability of identity-based security, and strategies to adopt.

    54. 4:00 - 4:30 PM

      Afternoon Networking Break & Snacks

    55. 4:30 - 5:15 PM

      Battling Scams: FS-ISAC and Meta Collaboration
      Teresa Walsh, FS-ISAC; Rima Amin, Meta Financial Technologies Intel – CTI/Fraud

      Event Toggle Arrow
      Teresa and Rima will hold a fireside chat to review the Meta FIRE ThreatExchange, FS-ISAC role in it, the significance of social media scams for fraud teams, and how Meta approaches the fraud fight.

    56. 4:30 - 5:15 PM

      A Shift in Approach for Privileged Access Management (PAM)
      Bjorn Forss, Deutsche Bank Resilience - Identity

      Event Toggle Arrow
      This member presentation will cover the following: Historic Setup of Privileged Access (PAM) PAM Challenges (Large degree of users; Large degree of sessions) The Modern PAM Approach

    57. 4:30 - 5:15 PM

      From the Frontlines - IR in Hybrid Environments
      David Christian Holin, CrowdStrike; Jack Humphries, CrowdStrike Security – Data

      Event Toggle Arrow
      Following the adoption of Cloud as an integral part of IT environments, Threat Actors incorporate Cloud based attack vectors into their TTPs. This Talk will give an inside into how Threat Actors pivot between the on-premise and the Cloud environment during a ransomware attack.

    58. 5:15 - 6:15 PM

      Closing Reception

    59. May 22 Thursday

    60. 8:00 - 12:00 PM

      Registration

    61. 8:00 - 8:45 AM

      Breakfast

    62. 8:45 - 11:45 AM

      Exercise: SaaS Third Party Outage (Separate Registration Required) Exercise

      Event Toggle Arrow
      Join colleagues from across the EMEA region on 22 May for a half-day, in-person tabletop exercise. This exercise is hosted in conjunction with the 2025 EMEA Summit, but registration is separate. Register to attend the exercise: https://www.fsisac.com/events/tabletop-exercise-thirdparty-may2025

    63. 8:45 - 9:30 AM

      Cyber Fraud Fusion - Shifting Left to Disrupt Cybercrime Member Only

      Event Toggle Arrow
      Santander UK has recently gone through a transformation to disrupt and mitigate Fraud losses by fusing cyber fraud and investigation functions. A year into our journey, this presentation will outline our approach framework and methodology. Three notable case studies will be discussed in this talk.

    64. 8:45 - 9:30 AM

      TBD Member Only – Technology

    65. 9:45 - 10:30 AM

      Adventures with DORA
      David Aubrey-Jones, FS-ISAC Member Only

      Event Toggle Arrow
      DORA is having a massive impact on Financial Services in the EU and wider. The deadline has passed but many are still working on weaknesses. The panel will discuss: - Key learnings from implementing DORA - How to overcome the major challenges - Findings from surveys - What is next for DORA?

    66. 9:45 - 10:30 AM

      Perspectives on the transition to PQC in finance
      Jaime Gomez Garcia, Santander Member Only – Technology

      Event Toggle Arrow
      Status of the transition to PQC in the financial sector, including relevant regulations such as DORA, PCI-DSS, CNSA2, and NIST IR 8547, ongoing collaboration initiatives, and an update on the Santander Quantum Threat Program.

    67. 10:30 - 11:00 AM

      Morning Networking Break & Snacks

    68. 11:00 - 11:45 AM

      From Firefighters to Business Enablers
      Fadi Daood, Swift; Ajin Man Tuladhar, Swift Member Only – Technology

      Event Toggle Arrow
      This talk dives into why we need a fresh approach – Zero Trust. It's a way to move from just reacting to problems (like firefighters) to actually helping businesses grow. Zero Trust means not blindly trusting anyone or any device and constantly checking to make sure they're safe. It's a game-changer f

    69. 11:00 - 11:45 AM

      ETIC Panel: How We Come Up with the CTL? Member Only

      Event Toggle Arrow
      Twice a month, the ETIC decides on the EMEA CTL. In this panel, ETIC members will outline their considerations for the CTL, how the EMEA differs compared to APAC and AMER, why EMEA adds geographical caveats, how the CTL evolved over time, and what is in the pipeline for future changes for the CTL.

    70. 12:00 - 12:45 PM

      Security of Third Party Relationships - Our Journey Member Only

      Event Toggle Arrow
      Taking Out the Weakest Link – 5 years of lessons learned by a Third-Party Security and Resilience Team. In today's interconnected financial ecosystem, the security of third-party relationships is paramount.

    71. 12:00 - 12:45 PM

      How to Safely Analyse Reverse Engineering Malware Member Only – Technology

      Event Toggle Arrow
      This session will explore types of malware and the techniques used by security professionals to detect and analyse them. It will dive into both static and dynamic analysis techniques on malicious samples to uncover indicators of compromise and develop effective static and behavioural detections.
    fs-isac-greyscale

    © Copyright 1999 - FS-ISAC, Inc. All Rights Reserved.

    Terms and Policies