We invite
you to participate
in the
Security First CEE conference!

Computerworld magazine ISSA Polska, ISACA Warsaw and Katowice Chapters invite you to the online cyber security conference. The idea of the conference is to increase managers' knowledge about IT security, which in the new reality is more challenging for enterprises than ever before.

Information security has become a critical factor for the operation and development of businesses in almost every industry, which is why it is so important to share the experience of those involved. We want our experts and participants to create a platform for the exchange of knowledge, which they can use to develop their business safely.

The conference will be held entirely in a virtual formula with the use of interactive technologies, thanks to which there will be no shortage of LIVE interviews, chats with participants and, above all, a large dose of knowledge about IT security, which will be provided by the best practitioners live on stage.

This year edition is international in scope, covering Central and Eastern Europe, including: Poland, Hungary, Romania, Czech Republic, Slovakia and Bulgaria, but also Lithuania, Latvia and Estonia. The conference will be held in English.

Security First CEE Online is:

Photo Gallery


Conference Programme:


Welcome to participants. Opening of the conference.

Jarosław Kuźniar Jarosław Kuźniar, Journalist, lecturer, CEO, Kuźniar Media

OWASP flagship projects – cure for application vulnerabilities.

Application security vulnerabilities are currently one of the biggest risks for enterprises. OWASP community strives to decrease this problem through the implementation of various projects. During the presentation, the latest changes in the flagship OWASP projects will be discussed. The presentation will be full of practical tips on how OWASP resources can be used in the development of applications, their maintenance or security verification.

Michał Kurek Michał Kurek, Head of Cyber Security in Poland and CEE/Chapter Leader, KPMG/OWASP

Transitioning Information Security from scaring to caring: implementing positive internal culture.

Viktorija Česonytė Viktorija Česonytė, Security Compliance Manager, Vinted

About secure identity management 3.0, i.e. IdM and IBM Cloud Pack for Security.

Identity and access management is a very important element of the landscape of cybersecurity. What are the key challenges and modern trends of identity & access management? A very important element is the proper adaptation of solutions to the specific needs of the organization, its size, and way of working, and the IT solutions it has, on-premises and/or in the cloud. IBM Cloud Pak for Security is a very interesting example of a modern identity & access management tool that improves the security level of the entire organization and provides a high level of reliability. How to properly approach in practice identity & access management and from what angle to evaluate available tools?

Cezary Wieczorek Cezary Wieczorek, Vice President, Cloudware Polska
Wanda Żółcińska Wanda Żółcińska, Chief Editor, Computerworld

Trust – the outsourced insider problem.

The easiest way in – is via your trusted partner. Abusing the relationship of trust is one of the most important weapons in cybercriminals' arsenal. Software supply chain attacks, hijacked MSP tools as well as compromised supporter accounts are getting more common. Especially MSPs have become the focus of cyber-attacks. Despite the common “why would anyone attack me” mentality, they are a perfect target for any cybercriminal. In this session, the main topics of trust will be discussed using real example cases and solution approaches presented. We will highlight where companies put too much trust into the IT infrastructure and where the common blind spots are abused, including ransomware attacks and data exfiltration.

Candid Wüest Candid Wüest, VP of Cyber Protection Research, Acronis

Why is there a lack of cooperation among cybersecurity communities at the EU level?

Adversaries and attack vectors are constantly increasing in numbers making it difficult for organisations to single-handedly protect against threats. Organisations do not have a pool of expertise or tools that could provide adequate coverage. What can be done to improve cyber resilience in a cost-effective way?  Cross-border and cross-sector cooperation with a timely exchange of information between organisations in Europe should be sought. Cooperation already exists on the national and regional level but lags behind at the EU level.  Private sector has threat intelligence and is often on the first line of defense. If public sector established communication channels (e.g. EU CSIRT Network), why companies wouldn’t do the same?  This is even more important when considering that economies and companies in the EU are often interconnected through wide supply chains. Breach in a company in one country often spill-overs to the company in another country. Proactive and timely cooperation can limit the potential of consequences. How to improve the cooperation between cybersecurity stakeholders? What are the current existing regimes, mechanisms and good practices of information sharing? What are the incentives for cooperation and eventual risks in forming partnerships? What is the role of European Cyber Security Organisation in facilitating cooperation at the EU level? Presentation will seek to answer these questions.

Sebastijan Čutura Sebastijan Čutura, CISO Community and Cyber Resilience Manager, European Cybersecurity Organisation (ECSO)

Break to visit the Partner Zones.


Anamorphic Cryptographic Schemes: Opportunities and Threats.

Cryptography is treated as a golden bullet for data protection. We not only trust its formal security proofs but also believe that the products delivered are the products described. Unlike in many other application areas, inspection possibilities might be limited, for example, due to the necessary protection of secret keys. There are a growing number of examples in which a cryptographic device behaves according to specification A, but at the same time implements hidden functionality B, which is undetectable to an observer. This can be used for good but also for malicious purposes. We discuss this issue and try to find where we are today. 

Mirosław Kutyłowski Mirosław Kutyłowski, Professor at Department of Fundamentals of Computer Science (Faculty of Information and Communication Technology), Wrocław University of Science and Technology

How Information System Authority of Estonia leverages Cloudflare to strengthen its cyber security.

The uncertainties and impacts of the war in the region have changed the Estonian state operational landscape and around the globe. Multiple organizations in different regions are facing an unprecedented surge in online traffic and attacks. Relying on their legacy infrastructure is not helping them deliver a fast, secure, and reliable experience. Join this session with Tonu Tammer, Executive Director of CERT Estonia and Anatol Nikiforov, Enterprise Account Executive at Cloudflare will go through how Information System Authority of Estonia leverages Cloudflare to strengthen its security as well as provide best practises for the government sector to make their online applications more resilient, performant, and secure.

Anatol Nikiforov Anatol Nikiforov, Customer Development Manager, Cloudflare
Tonu Tammer Tonu Tammer, Executive Director, CERT-EE

CaaS – Cybersecurity as a Service.

The world of cybercrime currently generates millions of different and ever-changing threats. The post-pandemic reality, the situation related to the war in Ukraine and the growing sense of cyber threat accompany companies at every step. Covering all areas of vulnerability to cyber threats has become extremely difficult and sometimes even unattainable. The reasons are barriers such as the availability of experts and the costs associated with the appropriate diagnosis, acquisition and implementation of the best cybersecurity technologies.

Łukasz Chudyga Łukasz Chudyga, Director of ICT Bureau & Cybersecurity Products, T-Mobile Polska S.A.

Practical Threat Hunting with SIEM.

Our current cyber security paradigm dictates that we must assume the attacker is either already in our network or forcing its doors every chance it has. That makes threat hunting one of the routine periodic (if not continuous) security operations today. The need to monitor the endpoints is ever increasing, however, that does not diminish the value of network wide analytic reviews to identify the potential culprits in our networks. SIEM is still and it will be an essential tool for monitoring our networks, although it is not enough all by itself. The strongest capabilities of a SIEM tool are its analytic aggregation functionalities and stream processing of real life data. With those capabilities we are able to identify some of the real time malicious activities and analyze the past event patterns which are good signs of malicious behavior. Like any tool SIEM is only as effective as it user's skills. In this session we go through various use cases of a SIEM tool to demonstrate how we can identify suspicious activities and their sources. In those cases we will also testify the importance of understanding offensive techniques for an effective blue team.

Fatih Emiral Fatih Emiral, CISA, CISSP, CIA, OSCP, ISO27001 LA, ISACA Istambul Chapter

Break to visit the Partner Zones.


Process automation as a way to ensure constant improvement of defense mechanisms.

Along with the expansion of the IT infrastructure, the number of tools used by administrators increases. In the entire flood of information and events - are we able to find those that have a significant impact on our organization from the point of view of security? What are the advantages of solutions working on the basis of an integrated ecosystem which is to serve not only the exchange of information about threats, but also automatic response in order to enforce an appropriate level of security? Do XDR class solutions allow us to see the full picture or is it better to use the knowledge and experience of third parties and people?

Grzegorz Nocoń Grzegorz Nocoń, System Engineer, Sophos

10 principles of effective pentest.

Piotr Kozowicz Piotr Kozowicz, IT security expert in the CERT Team, ING Bank Śląski

How attackers bypass antivirus, EDR and app whitelisting.

Application whitelisting is core; antivirus is a necessity and EDR is becoming standard. These layers of defense are definitely needed in every organization's environment. But what can an attacker do in the network even if he has to go through these secured systems? And what role does user and administrator behavior play in this? This is the subject of my presentation full of practical examples.

Jan Marek Jan Marek, Co-founder, Red Teamer, DFIR, Cyber Rangers

Closing of the conference.

The organizers will make every effort to ensure that the conference is held in accordance with the presented program, however, the possibility of partial changes is reserved.

Meet speakers of the conference:

Viktorija Česonytė

Security Compliance Manager, Vinted

Łukasz Chudyga

Director of ICT Bureau & Cybersecurity Products, T-Mobile Polska S.A.

Sebastijan Čutura

CISO Community and Cyber Resilience Manager, European Cybersecurity Organisation (ECSO)

Fatih Emiral

CISA, CISSP, CIA, OSCP, ISO27001 LA, ISACA Istambul Chapter

Piotr Kozowicz

IT security expert in the CERT Team, ING Bank Śląski

Michał Kurek

Head of Cyber Security in Poland and CEE/Chapter Leader, KPMG/OWASP

Mirosław Kutyłowski

Professor at Department of Fundamentals of Computer Science (Faculty of Information and Communication Technology), Wrocław University of Science and Technology

Marcin Marciniak

Manager, Implementation Expert, EY Business Consulting, Cyber Security Implementations

Jan Marek

Co-founder, Red Teamer, DFIR, Cyber Rangers

Anatol Nikiforov

Customer Development Manager, Cloudflare

Grzegorz Nocoń

System Engineer, Sophos

Tonu Tammer

Executive Director, CERT-EE

Cezary Wieczorek

Vice President, Cloudware Polska

Candid Wüest

VP of Cyber Protection Research, Acronis

Wanda Zółcińska

Editor-in-Chief, Computerworld


Conference Host:

Our General Partners - invite you to the conference!"

Participation in the Security First CEE guarantees 7 points for the following certificates: CISSP/ CISA/ CISM/ CRISC/ CGEIT

We particularly wish to invite:

  • CSOs and managers responsible for information and communication security
  • Managers who want to understand the latest threats and how to counter them in order to protect the interests of their organisations
  • Persons responsible for the administration of networks and systems
  • Experts responsible for business continuity and crisis management
  • Information security consultants and experts
  • Persons responsible for the purchase of cyber security services and products
  • IT Security providers


Content-related Cooperation

General Partners

Strategic Partners

Content Partners

Media Patrons


Filip Walicki
Tel. 662 287 904
[email protected]

Piotr Fergin
Tel. +48 533 358 952
[email protected]

Włodzimierz Duszyk
Tel. 662 287 870
[email protected]