Event Details
Date info
Organizer info
Organizer
Erste Group Bank AG
Deadline Info
Locationinfo
Event Details
Erste Security Meetup 2026
This year’s event is our biggest and most ambitious yet, bringing together top level executives, security managers, CISOs, regulators, researchers, security professionals, and leading experts from AWS, Microsoft, OpenAI, Palo Alto Networks, Europol, Zerothird, and more.
You’ll explore how geopolitics, emerging technologies like AI and quantum, evolving governance needs, and operational resilience are shaping today’s cybersecurity landscape. Expect real‑world case studies at stage, insights into most modern technologies, talk to exhibitors at their booths, and learn about proven strategies for improving prevention and response tactics.
We’re welcoming a diverse audience - including security teams, financial/insurance institutions, startups, professors, students, and partners from across the cyber community in our CEE area - creating a unique environment for learning and collaboration.
The registration fee for the Security Meetup is €190.
If you experience any issues with registration, please contact the event team: securitymeetup@erstegroup.com.
Registration
Registration
08:45 - 09:45
EG Atrium
Please ensure you complete your registration upon arrival. A 1-hour registration window will be available before the event begins.
All participants are required to present their QR code at the registration desk. The QR code is included in the PDF ticket sent automatically to your email immediately after completing your online registration. Please check your mailbox and have the PDF ticket ready for a smooth check‑in process.
Note: If you encounter an error during registration or see a message such as “no free space”, please contact us at securitymeetup@erstegroup.com.
Welcome Message by the CSO of Erste Group
Welcome Message by the CSO of Erste Group
09:45 - 10:15
Grand Hall - Eventsaal im EG
Executive Message by the CRO of Erste Bank Polska
Executive Message by the CRO of Erste Bank Polska
10:15 - 10:30
Grand Hall - Eventsaal im EG
Keynote
Keynote
10:30 - 11:15
Grand Hall - Eventsaal im EG
From fear to focus: Reclaiming control with clarity and conviction
In a world defined by cybercrime, geopolitical volatility, and relentless technological acceleration, it’s easy for people to feel overwhelmed. But fear and uncertainty don’t have to paralyse us – they can galvanise us.
In this opening keynote, Sarah Armstrong‑Smith explores how leaders can shine a light through the darkest days by reframing fear into focus, doubt into direction, and disruption into opportunity. Drawing on real‑world crises, human‑centred leadership, and the evolving interplay between digital and physical risk, Sarah reveals why collective resilience is no longer a defensive posture but a strategic advantage.
Attendees will learn:
Why the stories we tell ourselves, influence our ability to respond How to build cultures that stay calm, connected, and creative under pressure Where AI, automation, and human judgement intersect to create new possibilities Why empathy might be one of the most powerful tools in security.
Break
Break
11:15 - 11:45
EG Atrium
EUROPOL
EUROPOL
11:45 - 12:15
Grand Hall - Eventsaal im EG
The destabilising effects of organised crime on European society
Crime is destabilising our society in various ways. Europol’s position as the EU criminal information hub allows for pinpointing five distinct areas where organised crime has negative repercussions. They may be visible or invisible, online or offline, direct or indirect, but they concern all of us – EU citizens, our businesses, and our institutions. Illustrated by recent cases where Europol provided support to reach investigative successes in EU Member States and non-EU countries, this presentation highlights the invasive nature of organised crime, and the need for international and multidisciplinary cooperation to fight it.
Erste Social Banking / Zweite Sparkasse
Erste Social Banking / Zweite Sparkasse
12:15 - 12:30
Grand Hall - Eventsaal im EG
Strategic Depth Begins at Home: Why Civil Society Is a Core Capability of National Security
Security is often defined by borders and technical systems — but real resilience starts within society. In this impulse talk, Carmencita Nader shows why social cohesion, civic capacity, and trusted institutions are core security assets. Drawing on her experience in impact finance, she reframes strategic depth as something we must build — and fund — at home.
Lunch and Networking
Lunch and Networking
12:30 - 13:30
EG Atrium
OpenAI
OpenAI
13:30 - 14:00
Grand Hall - Eventsaal im EG
AI in Security Research
This session examines whether AI in security research is a hero or a villain. It explores why the topic matters now, the balance between opportunity and risk, and the rise of fine-tuned cyber models. It also looks at today’s vulnerability research landscape and the growing need for better context in security decision-making.
Real-world use cases include transforming external research into internal risk insight, improving incident triage and response, contextualising vulnerabilities, and enabling agentic response actions. The session concludes with where AI delivers the greatest value for defenders, practical takeaways, and a final view on whether AI should be seen as a force for good or a source of new risk in security.
ZeroThird
ZeroThird
14:00 - 14:30
Grand Hall - Eventsaal im EG
From Quantum Threat to Quantum-Safe Infrastructure: Entanglement-Based Security in Practice
Quantum computing poses a fundamental threat to today’s cryptographic foundations, as widely used public-key algorithms such as RSA are expected to fail once sufficiently powerful quantum computers become available. At the same time, quantum physics itself is not a dusty theory of the past, but one of the most actively developed and experimentally validated scientific frameworks, now directly shaping modern technology. Quantum Key Distribution (QKD) leverages fundamental quantum effects to provide security guarantees rooted in the laws of physics rather than computational assumptions. The talk introduces entanglement-based QKD as the most robust approach to quantum-safe communication and explains its relevance for financial institutions and critical infrastructure. It will be shown how this technology has evolved from Nobel Prize–winning fundamental research into operational systems, including long-distance quantum-secure backbone networks. Practical security implications, deployment models, and lessons learned from operating quantum-secure infrastructure in production environments are discussed.
Palo Alto Networks
Palo Alto Networks
14:30 - 15:00
Grand Hall - Eventsaal im EG
AI vs AI: Leveraging Autonomous Security to Outpace the Evolving Threat Landscape
The cybersecurity battlefield is undergoing a fundamental shift. Attackers are weaponising AI to compress attacks from weeks to minutes, automating credential abuse, generating polymorphic malware, and exploiting the rapid explosion of machine and AI agent identities across the enterprise. To outpace these evolving threats, defenders must fight AI with AI. In this session, Haider Pasha will explore how organisations can leverage autonomous, AI-driven security to stay ahead of adversaries across the entire attack surface. Drawing on real-world insights and Palo Alto Networks' platformisation approach, the talk will cover how AI is transforming security operations through autonomous SOC capabilities, why securing AI applications, agents, and models has become a critical enterprise priority, how the convergence of identity security, across human, machine, and agentic identities, is reshaping defensive strategy, and why platform consolidation is the key to achieving real-time, AI-powered security outcomes at scale. Designed for CISOs, security leaders, and technical practitioners, this session offers a practical perspective on building resilient, autonomous defences for the AI era.
Break
Break
15:00 - 15:30
EG Atrium
Amazon Web Services
Amazon Web Services
15:30 - 16:00
Grand Hall - Eventsaal im EG
Mission Impossible? A High-Signal Mental Model for Securing Agentic Systems
When AI moves from summarizing text to executing code and calling APIs, the old security playbook fails. We are no longer just securing an interface; we are governing autonomous digital workers. In this session, we distill the complexity of the agentic frontier into a first-principles mental model for securing AI agents.
Accenture
Accenture
16:00 - 16:30
Grand Hall - Eventsaal im EG
The Next Threat Landscape: Agency, Deception and Quantum Disruption
Emerging technologies are reshaping the threat landscape at unprecedented speed. Agentic systems are gaining autonomy in decision‑making, disinformation is eroding trust at scale, and quantum computing threatens to disrupt the very foundations of digital security. This keynote explores how these forces converge, challenging control, accountability, and resilience, and why leaders must rethink governance and risk in a world defined by autonomy, deception, and quantum disruption.
Wrap up and Closing Day 1
Wrap up and Closing Day 1
16:30 - 16:45
Grand Hall - Eventsaal im EG
Expo Area: Communication, Networking & Security Awareness
Expo Area: Communication, Networking & Security Awareness
16:45 - 18:45
EG Atrium
Come and check out how we use serious gaming techniques to make our Security Awareness trainings in Austria more approchable! :)
Dinner
Dinner
18:45 - 22:45
EG Atrium
Opening Remarks Day 2
Opening Remarks Day 2
09:30 - 09:45
Grand Hall - Eventsaal im EG
Executive Message by the CEO of Erste Bank
Executive Message by the CEO of Erste Bank
09:45 - 10:00
Grand Hall - Eventsaal im EG
Former Minister of Defence
Former Minister of Defence
10:00 - 10:30
Grand Hall - Eventsaal im EG
How global developments influence our security in Europe
Global risks ranked by severity
Importance of strategic supply chains and endangered infrastructure
Adverse outcomes of frontier technologies
Influence on our society
Break
Break
10:30 - 11:00
EG Atrium
Microsoft
Microsoft
11:00 - 11:30
Grand Hall - Eventsaal im EG
Agentic AI Under Control: Security, Governance, and Trust in Autonomous Systems
Agentic AI fundamentally changes how decisions are made, shifting authority from humans to non‑deterministic, data‑driven systems that operate at machine speed and scale. This session provides an overview of the emerging risk landscape of agentic AI and explains why traditional security, compliance, and governance models must evolve to address autonomy, data‑centric access, and continuous assurance. Drawing on Microsoft’s practical experience, it outlines a pragmatic framework — rooted in Zero Trust, lifecycle governance, and Responsible AI — to show how organizations can adopt agentic AI safely while accelerating business outcomes.
KPMG
KPMG
11:30 - 12:00
Grand Hall - Eventsaal im EG
Operational Resilience – a global, financial services regulatory priority and how firms have embraced the requirements and embedded into business as usual.
We will provide an overview of the global financial services regulatory agenda for Operational Resilience, what the regulators are seeking to achieve, why it is important and how peer firms have responded to the various policy requirements. We will also provide a summary of how firms have embraced these regulatory requirements and embedded new ways of working into business as usual as they seek to enhance the resilience of their most important business services.
Lunch and Networking
Lunch and Networking
12:00 - 13:00
EG Atrium
Radware
Radware
13:00 - 13:30
Grand Hall - Eventsaal im EG
The Invisible Breach: API Flaws and AI-Driven Attacks
APIs have become the primary gateway for modern applications and increasingly for AI agents and autonomous workflows. Drawing on Radware’s Invisible Breach research and recent AI threat discoveries, this session examines how attackers exploit API authentication flows, abuse business logic, and target legacy and shadow endpoints to bypass traditional defenses, as expanding automation and agentic traffic introduce new, invisible risks.
Kuppingercole
Kuppingercole
13:30 - 14:00
Grand Hall - Eventsaal im EG
Identity Fabric into the Future - An IAM Reference Architecture for Financial Services
Identity Fabric is emerging as the foundation for the next generation of Identity and Access Management in banking and finance. This talk explores why it is more than an architectural model and how it can serve as a strategic response to the industry’s most pressing challenges, from AI driven identity governance and decentralized identity with verifiable credentials to growing regulatory pressure from DORA and NIS2 and the rising importance of Non-Human Identities (NHI). Attendees will see how a modern reference architecture connects these developments and gives financial institutions a clear path forward.
NVISO
NVISO
14:00 - 14:30
Grand Hall - Eventsaal im EG
Analysis of persistent Espionage threats to European Organisations
European organisations are facing quiet, long‑dwell espionage operations that target sensitive data and advantage, often via internet‑facing appliances and cloud‑fronted command‑and‑control that blend into normal traffic. This session summarises two recent case studies by NVISO, involving BRICKSTORM and VShell, and translates them into concrete leadership decisions on risk, investment, and governance.
Wrap up and Closing Day 2
Wrap up and Closing Day 2
14:30 - 15:00
Grand Hall - Eventsaal im EG
Sarah Armstrong-Smith
Secure Horizons
Executive Director Security & Crisis Leader
Sarah Armstrong-Smith is an Executive Director at Secure Horizons and one of the most influential leaders in cybersecurity. With over 30 years of frontline experience, she has held senior roles including Chief Security Advisor at Microsoft and Group Head of Crisis Management at the London Stock Exchange. Sarah is the author of Effective Crisis Management and the Amazon best‑seller Understand the Cyber Attacker Mindset, examining leadership under pressure and the psychology of cyber warfare. A global advocate and keynote speaker, she has appeared at NATO, the World Energy Council, and Sky News, and is trusted by Fortune 500 companies and government agencies worldwide.
Harris Ashley
KPMG UK
Partner, Financial Services, Operational Resilience Lead
Ashley has over 20 years' experience in designing, delivering and implementing large scale regulatory and operational transformation programmes. Ashley is currently KPMG UK's Lead for Operational Resilience and has led multi-year Operational Resilience transformation programmes for both UK and overseas regulated firms. Ashley regularly interacts with global regulatory authorities and advises firms on his cross-sector experience of implementing and enhancing firms' operational resilience. Ashley also engages with a number of KPMG's alliance partners, including ServiceNow and Fusion and has led Operational Resilience tooling implementations for both regulated and non-regulated organisations.
Barbara Celis
Europol
Head of the Strategic Analysis Team
Barbara Celis is Head of the Strategic Analysis Team in Europol’s Operations Directorate. She holds a Master’s degree in Chinese Studies from KU Leuven, complemented by a year of Chinese language studies in Taiwan. After completing a Bachelor’s degree in Criminological Sciences, she began her career in strategic analysis with the Belgian Federal Police. In 2011, she joined Europol’s Strategic Analysis Team, and in 2015 she became a Senior Analyst at the European Union Agency for Asylum (EUAA) in Malta. She returned to Europol in 2020 where she took up the role of team leader. Barbara leads the team responsible for threat assessments on all crime areas under Europol’s mandate. The EU Serious and Organised Crime Threat Assessment (EU-SOCTA) and the report on the EU’s most threatening criminal networks are among their key deliverables. Through their analysis of law enforcement information, the Strategic Analysis team enhances the understanding of the most relevant current and future threats in the organised crime and terrorism landscape, and informs intelligence-led operational and policy approaches.
Artur Głembocki
Erste Bank Polska
Chief Risk Officer (CRO)
Artur Głembocki is an experienced financial executive with a Master’s degree in Management from Wrocław University of Science and Technology and professional training in leadership, risk management, and financial crime prevention. He has spent his entire career since 2008 at Santander Bank Polska (now Erste Bank Polska S.A.), progressing through all seniority levels in Risk Management. He has held roles including Head of Wholesale Risk, Risk Management Director, Deputy Chief Risk Officer, and Management Board Member responsible for Compliance and FCC. In April 2025, he became Chief Risk Officer, recognized for strong leadership, analytical expertise, and execution in regulatory environments.
John Hetherton
OpenAI
Security Specialist, Solutions Engineering Organisation
John Hetherton works in cybersecurity, focused on helping technology companies build secure, practical systems that can scale. He is currently a Security Specialist within the Solutions Engineering organisation at OpenAI, with experience spanning security engineering, compliance, governance, and risk. Previously at Evervault, John worked closely with engineering and product teams on security and compliance in fast-moving environments. He also brings experience across the energy, financial services, and semi-state sectors. John enjoys turning complex security challenges into clear, workable solutions, with a particular interest in using AI and automation to improve security operations and reduce friction for teams.
Gerda Holzinger-Burgstaller
Erste Bank der oesterreichischen Sparkassen AG
Chairwoman (CEO)
Gerda Holzinger-Burgstaller has been with Erste Group since 2006. From 2013 to 2015, she was Head of Group Prudential Affairs and subsequently led the General Secretariat of Erste Holding. Additionally, she has been a board member of Die Zweite Wiener Vereins-Sparcasse AG since 2017. In July 2019, she was appointed Chief Financial and Risk Officer. Her appointment as CEO of Erste Bank Oesterreich took place in October 2020. In July 2024, she also assumed the CFO role in addition to her CEO responsibilities.
Responsible for: Human Resources; Savings Bank Cooperation; IT & Operations; Brand Management, Marketing & Communication; Group Secretariat; Social Banking; Health Center; Internal Audit; Strategy and Investments; Legal; Balance Sheet Management & ALM; Planning; Controlling; Accounting; Information & Data Management; Procurement
Dr. Yuecel Karabulut
Amazon Web Services (AWS)
Security Executive & Board Advisor
Yuecel Karabulut is a Principal Security Leader at Amazon Web Services (AWS) in Switzerland, empowering CISOs and executive teams to transform security from a barrier into a business enabler. He helps organizations bridge the gap between risk management and innovation velocity, enabling confident deployment of AI and cloud solutions that drive market leadership.With over 26 years spanning cybersecurity research, product management, solution architecture, and lecturing, Yuecel brings deep technical expertise to strategic security challenges. His career includes leadership roles at Salesforce, Oracle, VMware, and SAP across Europe and the United States.Yuecel holds a Ph.D. in Computer Science from the Technical University of Dortmund and an MBA from Duke University. He is a recognized thought leader with 32+ peer-reviewed publications, several patents, and frequent speaking engagements at universities and industry conferences worldwide.
Daniel Kroiss
KPMG Austria
Partner, Consulting: Security Strategy & Transformation
Daniel Kroiss is a security professional with ten-plus years’ experience. He has been working with clients in the financial industry, manufacturing as well as the energy sector both as a consultant and on the company side. His specialties lie in the field of security strategy and architecture where he has led multiple projects for large scale European companies. He also has extensive experience as an incident responder which is the most important input for his work in security strategies. He is also a passionate skier to relax from the long consulting days.
Carmencita Nader
Erste Bank der oesterreichischen Sparkassen AG
Social Banking Executive
Carmencita Nader is an impact finance expert and Head of Social Banking at Erste Bank. She serves on the board of Die Zweite Sparkasse (Die Bank der zweiten Chance | Zweite Sparkasse) and contributes as a supervisory and advisory board member across Austria’s cultural and social sectors. Her work focuses on financial inclusion and on the role of civil society in strengthening economic development and societal resilience.
Haider Pasha
Palo Alto Networks
VP & Chief Security Officer, EMEA
Haider Pasha is the VP and Chief Security Officer for EMEA at Palo Alto Networks, leading cybersecurity innovation since 2018. With over 25 years of experience in security and technology, he develops advanced cyber‑resilience strategies for global organizations. Haider advises executives on AI‑enabled SOCs, securing agentic AI, cloud security, and SASE, while guiding compliance with regulations such as the AI Act, GDPR, and NIS2. His career includes senior leadership roles at Symantec and 15 years at Cisco, including CTO for Cisco Africa. Haider is a trusted industry spokesperson and holds an MBA and multiple cybersecurity certifications.
Andre Schmidt
Accenture
Secure Digital Core Lead & Secure AI Lead at Accenture Central and Eastern Europe
André Schmidt is a Senior Manager, thought leader, and practice lead of Data & AI Security at Accenture Central and Eastern Europe, based in Zurich. He works with financial institutions and regulated organizations to navigate the security, trust, and governance challenges emerging at the intersection of AI, autonomy, and disruptive technologies. André is a lecturer at the Berner Fachhochschule and holds a Master Science in Computer Science and Machine Learning from ETH Zurich.
Dan Schnour
Radware
Product Marketing at Radware Cybersecurity
At Radware, Dan leads various product marketing initiatives for cloud application protection services, DDoS protection solutions, and application delivery products. He brings a wealth of experience in product management and marketing from industry leaders such as Meta and Cisco Systems, where he focused on networking and identity security products. With an MBA from Cornell University and a B.Sc. in Electrical Engineering from the Technion, along with his industry experience, Dan is uniquely equipped to translate complex technical concepts into compelling marketing strategies and impactful business plans.
Olivier Schraner
Microsoft
Senior Security & Technology Leader and Chief Security Advisor
Olivier Schraner is a senior security and technology leader and Chief Security Advisor at Microsoft, with a background spanning CISO, CTO, and enterprise architecture roles. Prior to joining Microsoft, he held senior leadership positions at UBS, including serving as a CTO and Global Head of Architecture, where he led large-scale cloud, cybersecurity, and architecture initiatives in highly regulated environments. He is passionate about building resilient, secure, and compliant digital systems and driving impact through collaboration and strategic execution.
Christopher Schütze
KuppingerCole Analysts AG
Chief of Advisory, CISO
Christopher Schütze holds a dual role at KuppingerCole Analysts AG: as Chief of Advisory he leads a specialized team focused on Identity, Governance, and Zero Trust - advising C-level clients on cybersecurity strategy, risk management, and regulatory frameworks including NIS2 and DORA. As CISO, he carries operational responsibility for KuppingerCole's own security posture, having built the company's ISMS from scratch and achieved ISO 27001 and TISAX certification. Both roles inform each other - what he advises clients on, he also implements and owns internally. With over 15 years in IAM and cybersecurity, Christopher speaks and moderates regularly at KuppingerCole events including EIC and Cyberevolution, as well as at external industry conferences. Christopher holds a Master's degree in Computer Science from the Karlsruhe Institute of Technology and the CISSP certification.
Thomas Starlinger
Bundesministerium für europäische und internationale Angelegenheiten (MFA Austria)
Former Minister of Defence / Major General (ret.)
Thomas Starlinger is a retired Major General of the Austrian Armed Forces and interim Minister of Defence in Austria’s so‑called “Expert Government.” Over the course of his career, he spent 15 years abroad in various international headquarters for the EU and NATO, as well as in UN missions in Cyprus, Iran, Kosovo, Syria, and Tajikistan. He has gained extensive expertise in global security developments and advises institutions and companies on the impact of these dynamics on their current and future endeavours.
Roland Supper
Erste Group Bank AG
Group Chief Security Officer (Group CSO)
Roland Supper is Group Chief Security Officer (CSO) at Erste Group Bank AG. In his function he’s directly responsible for the topics of Cyber Information Security, Business Continuity & Crisis Management, (Cyber)Physical Security and Data Protection. Successfully leading the Security agenda in financial services over the past 20+ years, allows Roland a holistic expertise in Security Governance, Management and Operations. He is also accountable for the secure and resilient operation of Erste Bank’s services. Roland actively promote and challenge initiatives focused on novel technologies for mitigating (cyber) risks, advancing the integration of artificial intelligence and future‑proof architectures, such as quantum-safe security.
Patrick Teichmann
KuppingerCole Analysts AG
Lead Advisor
Patrick Teichmann is Lead Advisor at KuppingerCole Analysts and a passionate voice in Identity and Access Management (IAM) and Digital Identity. With nearly a decade of experience in IAM, he supports large organizations in turning identity and access management from a technical necessity into a strategic capability, from strategy development and tool selection to implementation guidance and operating models that make digital identity work across the organization. Having started his career as a developer and solution architect, both in house and as an external consultant, Patrick has gradually expanded his focus toward IAM governance and strategy. This perspective now shapes his work at KuppingerCole Analysts, where he brings together strategy, technology, and organizational design to help clients build effective and sustainable IAM landscapes. He also shares his expertise as a guest lecturer at a university of applied sciences.
Felix Tiefenbacher
Zerothird
CEO and co-Founder
Felix Tiefenbacher is Co-Founder and Co-CEO of zerothird, a European provider of entanglement-based quantum-secure communication infrastructure. He holds a PhD in quantum physics and previously worked as a postdoctoral researcher in the group of Nobel Laureate Anton Zeilinger. Together with his co-founders, he transitioned entanglement-based quantum communication from academic research into commercial, carrier-grade systems. At zerothird, he focuses on the deployment of quantum-secure networks for financial institutions and critical infrastructure operators, including long-distance Quantum Key Distribution backbones operated under a Key-as-a-Service model.
Bart Vanautgaerden
NVISO Security
DFIR Lead
Bart Vanautgaerden is part of NVISO’s CSIRT, leading emergency response, proactive threat hunting, and IR program development for government and international clients. He has presented at the SANS DFIR Summit and Black Hat, led APT working groups at NATO HQ, and held senior security roles at SWIFT, Euroclear, and NATO. Previously a Principal IR Consultant at Mandiant (Google Cloud), Bart has investigated APT groups since 2015, including leading the global IR program in Ukraine from 2022 with OT incidents linked to SANDWORM/APT44.
Hotel Daniel Vienna
Hotel Schani Wien Hauptbahnhof
https://www.schanihotels.com/hotels/hotel-schani-wien-hauptbahnhof