1:30 pm

Registration

2:00 pm

Welcome & short introduction from Maria Zidkova, Board Member at CSA Swiss Chapter and IT Security Officer at City of Zurich

2:00 pm

Presentation from Maxim Deweerdt, Cyber Defense Expert at NVISO Security and Principal Instructor at SANS

Chasing Ghosts: Detecting Token Abuse in the Microsoft Cloud:
Attackers no longer need passwords to break in: tokens are the new prize. This session will expose how refresh tokens, access tokens, and Primary Refresh Tokens (PRTs) are stolen and abused in Microsoft Entra ID. Drawing on real-world cases, will show why detection feels like chasing ghosts and how to fight back.

2:30 pm

Short presentation from Wiz

2:40 pm

Short presentation from Gary Adams, Sales Engineering Leader at Rubrik

Are you ready for Cyber Recovery? Cyber Resilience is Business Resilience!

2:50 pm

Doron Zimmermann, Senior Manager Enterprise Cyber & Information Security at Pragmatica & Michael Rieder, Head Cloud Computing at e3 AG

Third Country Intercept Risk in the Cloud
The CLOUD Act is not your worst challenge – the Foreign Intelligence Surveillance Act and Executive Order 12333 are!

When discussing cloud risk, many organisations focus on the U.S. CLOUD Act. Yet the more far-reaching intelligence authorities are FISA Section 702 and Executive Order 12333, which allow foreign intelligence collection and may require cooperation from communication service providers. For organisations in Switzerland and Europe relying on hyperscale cloud services, this raises important questions about mass surveillance via the cloud vector, jurisdiction, data access and sovereignty.

This keynote outlines the foreign intelligence collection authority and process behind third-country interception risk and places them in the context of current European/Swiss regulatory developments.

Beyond the security risk perspective, the session also touches on how organisations can think about managing this exposure from an information security and architecture standpoint, and why the real challenge is not only compliance but security risk management and how cloud environments are designed.

The key message: a sober understanding third-country interception risk is the first step toward managing it.

3:20 pm

Break

4:00 pm

4 different Breakout Sessions to join - you can choose/attend two of them

Breakout Session 1:
Raul Lapaz, Lead Product SecOps and IR at Roche. Author of Learning Kubernetes Security, Second Edition Book

Attackers Love the Cloud. Do You?
Cloud adoption has accelerated innovation, but it has also expanded the attack surface at an unprecedented pace. From misconfigurations and identity sprawl to supply chain and runtime threats, cloud environments are now prime targets.

This interactive discussion brings together security leaders and practitioners to share real-world lessons, practical strategies, and forward-looking approaches to cloud risk. We will talk about misconfigurations, privilege escalation, least privilege approach, monitoring strategies, ad brainstorm ideas for leveraging AI for cloud security.

Breakout Session 2: Lars Ruddigkeit, CSA Swiss Chapter Co-Lead

The Shadow AI Blind Spot in the Cloud: IP and Compliance in a Policy Vacuum
Shadow AI is the modern manifestation of the "Allow All" failure. Organizations treat cybersecurity like a quick-fix medication. While IT departments debate secure LLM guardrails, employees are already feeding proprietary code and sensitive customer data into public AI models to meet deadlines. This isn’t just a new tool; it is a massive, invisible expansion of the attack surface. By treating generative AI as a shortcut, organizations create a "data leak by design" scenario where Intellectual Property (IP) is absorbed into public training sets, permanently outside the company’s control.

Instead of defining clear data-usage policies, organizations react by layering on more specialized AI-detection software—furthering the Expense in Depth cycle. This creates a dangerous Compliance gap: we buy tools to monitor the breach, yet we lack the policy to prevent the initial data handover.

The fragility of this approach was recently demonstrated in March 2026, when an autonomous AI agent from the startup CodeWall hacked McKinsey’s internal AI platform, "Lilli". In just two hours, the agent exploited a SQL injection flaw in publicly exposed API documentation to gain full read-write access to 46.5 million chat messages and 728,000 files containing confidential client data. Crucially, the attacker could have poisoned the AI’s system prompts to manipulate the advice given to 40,000 consultants.

This incident proves that our systemic fragility isn't caused by a lack of "AI Firewalls," but by a failure to redefine our Protect Surface to include the data flowing through AI interfaces. We are measuring "AI tools deployed" while our core mission—protecting the crown jewels—is being undermined by unmonitored endpoints and a lack of fundamental policy enforcement.

Breakout Session 3: Wiz

Breakout Session 4: Gary Adams, Sales Engineering Leader at Rubrik

Resilience for everything: How to ensure business continuity across Cloud, AI and Identity

5:10 pm

Short break and change the room to the next Breakout Session of your choice

5:20 pm

Start of the second Breakout Session round

6:30 pm

Dinner & Networking till open end

Gary Adams
Sales Engineering Leader at Rubrik