EVENT
PwC Cybersecurity & Privacy Day 2022
Discover the highlights including launch of “Out of the shadows: CISOs & DPOs in the spotlight” survey !
October 14, 2022
Luxembourg, 14 October 2022 – It’s a wrap for another year (almost – there is still the Cybersecurity Week Luxembourg gala dinner!). Another successful edition of PwC’s Cybersecurity and Privacy Day ended on Thursday October 13, 2022. PwC Luxembourg, CLUSIL (Club de la Sécurité de l’Information – Luxembourg) as well as the CNPD (Commission Nationale pour la Protection des Données) collaborated to create the first edition of the only survey dedicated to CISOs, ISOs, DPOs and privacy experts in Luxembourg, which was presented at the the annual event. This year was a return-to-form with a live event only, and with over 250 attendees it was brimming with great speakers who shared their expertise on cybersecurity and privacy matters.
This year’s main focus was on Critical Infrastructure Protection which could not be a more timely topic as cyber threats become more sophisticated and increasingly target operators of critical infrastructure, industries and organisations. These must urgently assess and uplift their cyber resilience.
Closing the event, Koen Maris, Advisory Partner and Cybersecurity Leader PwC Luxembourg, thanked all the participants and organisers for “giving him a full day of their time” and emphasised that, “Critical infrastructure suffers the same cyber issues as other organisations, but with one significant difference, if it fails society gets hit.”
Out of the shadows: CISOs and DPOs in the spotlight! 2022 CISO’s and DPO’s role and responsibilities survey
A worthy addition to this year’s agenda was the exclusive presentation to attendees of the first edition of the only survey dedicated to CISOs, ISOs, DPOs and privacy experts in Luxembourg. The session was hosted by Alain Herrmann, Data Protection Commissioner, CNPD (Commission Nationale pour la Protection des Données), Antonin Jakubse, Privacy Senior Manager, PwC Luxembourg, Marc Lemmer, Data Protection Commissioner, CNPD (Commission Nationale pour la Protection des Données), Cédric Mauny, President, CLUSIL and Maxime Pallez, Cybersecurity Senior Manager, PwC Luxembourg.
With the growing importance of the CISO in mind (incl. Information Security Officer/ ISO) and DPO (incl. data privacy professionals), the team collected 90 responses from CISOs (41%) and DPOs (47%) within Luxembourg (the remaining 12% represent respondents with both roles).
Home-based working, companies transitioning to digital workspaces or public cloud, an escalating number of cyberattacks and the growing complexity of information systems, evolving legislation and enforcement, better informed data subjects—these and many other factors have further increased the importance of the roles of Chief Information Security Officers (CISOs) and Data Protection Officers (DPOs) in the last few years.
The conclusion of the survey is eight powerful take-aways which you can discover along with the full report here.
Antonin Jakubse, Privacy Senior Manager, PwC Luxembourg says of the survey, “Privacy without cybersecurity doesn’t work. The collaboration of CISOs and DPOs is paramount in order to protect data and ensure privacy”.
As always, participants heard from internationally renowned speakers, who shed much light on challenges we are facing in today’s sophisticated digital world and with the topic of critical infrastructure in mind.
Speakers highlights included:
- Paul Rhein, from the Governmental Computer Emergency Response Team Luxembourg (GOVCERT.LU), Ministère d’État Luxembourg, which oversees the management of cybersecurity incidents compromising Luxembourg, its citizens or its economy and is responsible for receiving, reviewing and responding to reports of such. He emphasised strongly that there is a need to cooperate and collaborate. “We can’t solve issues as a single organisation, we need to do it together.”
- Eric Kalajzic, Belgian Defence, gave a sobering talk on critical infrastructure in an interconnected world, concluding that infrastructure is a top target for intelligence services, Human beings are the most fragile link (a theme that was repeated over the course of the day), permanent risk assessment and checks are necessary on a regular basis and legal frameworks are key in our democracies.
- Christian D’Cunha, DG CONNECT, European Commission, posed the question, “Can you have privacy without cybersecurity?” and concluded the answer is no. When you are in the cyberworld you are interfering with personal data, hence privacy is affected.
- Dalia Khader , Swiss Life & Donia El Kateb , EIB, gave a fantastic presentation using famous examples of cyberhacks and security breaches, taking the audience on a journey from the past to the present with lessons learned that could be applied to the future. Of their list of key takeaways, they also concluded that what is still missing as we all actively participate in cyberspace is a security culture and awareness, meaning once again, humans are the weakest link.
- Jean de Chillou , CSSF, gave a riveting presentation on how the CSSF and the BCL have adopted the “Threat intelligence-based ethical red teaming” (Tiber) framework last November. This European system makes it possible to launch real-fake cyberattacks against financial or banking institutions, to test their resilience.
The organisers would like to thank all of the speakers for their time and effort. Without them, PwC’s Cybersecurity and Privacy Day would not be such an essential event.
PwC Cybersecurity & Privacy Day 2022 Pitching Competition – People’s Choice Award
After an international call for submissions, PwC Luxembourg selected five cybersecurity companies with relevant solutions for the Luxembourgish market – Exeon Analytics AG (Switzerland), Filancore GmbH (Germany) Fortinium AG (Switzerland), KeyCaliber (USA) and SHAREKEY Swiss AG Switzerland). The organisers would like to thank all of the companies for participating, for presenting their solutions, their fantastic pitches and wish all five the very best.
During the event, the audience could vote for their favourite solution. The Winner of the Pitching Contest’s People’s Choice Award is SHAREKEY Swiss AG. We thank the audience for their active listening and vote.
The second award, the Cybersecurity & Privacy Solution of the Year Award, will be conferred by the Jury to the candidate that demonstrated excellence at all levels, from strategy to execution. The winner will be revealed at the Awards & Gala Night which marks the highlight of the Cybersecurity Week Luxembourg on 20 October 2022. So make sure you stay tuned and watch this space.
A fantastic day of talks, workshops and networking! We hope to see you all at our next PwC Cybersecurity and Privacy Day with other insightful topics and speakers.