03. Aug 2023

What know-how we can look forward to at the CIS Compliance Summit 2023

It won't be long before this year's CIS Compliance Summit takes place in Vienna featuring the topic of "New Work - Potential or Provocation for Security & Privacy". To get a foretaste of the event on September 19th, 2023, we have summarized the presentations in a few key points!

Sign up now! View Program!

Security in the Era of Artificial Intelligence: A Look at ChatGPT

DI Marlies Temper, Head of Data Intelligence & Data Science and Business Analytics, University of Applied Sciences St. Pölten

The talk covers the aspect of security in the era of artificial intelligence, focussing on Large Language Models like ChatGPT. The functionality and possible misuse scenarios will be discussed, as well as challenges that will be associated with artificial intelligence in the future.

How Zero Trust enables the everywhere office

Jose Torre, ISM und Marco Kolbas, Senior System Administrator, fiskaly GmbH

The concept around "Zero Trust" has emerged in response to the new security requirements that have arisen as a result of remote work, new work, and the increased use of cloud-based tools, among other things. However, Zero Trust is a broad framework, not a rigidly prescribed recipe. Therefore, implementation is different for every organization, as are the results and lessons that can be learned.

In this presentation, you can expect concentrated know-how on how processes, systems and services can be secured better and how an "everywhere office" can be enabled at the same time. In addition, the methodology, implementation and lessons learned will be presented using the example of the company fiskaly.

IT Security in workplace service delivery

Bernhard Bachofner, MBA, CTO, Fiegl & Spielberger GmbH

Particularly in areas such as "Workplace Service Delivery (Corporate Hoteling)" or "Work from home", the changes and new dynamics in everyday office life are giving rise to exciting questions on topics such as data protection, information and physical security. These topics will be discussed based on two field reports - on the one hand, using the example of the integration of data flows and organizational structures in the university sector, and on the other hand, using the example of the provision of corporate equipment in the private environment of employees.

Preparing for the European Cyber Resilience Act – Get your House in order before the new legislation hits!

Michael Brunner, Head of Security Engineering, Certainity GmbH
Ass.-Prof. Clemens Sauerwein, PhD, Assistant Professor for Security Engineering, Universität Innsbruck

The final version of the proposal for the European Cyber Resilience Act (CRA-E) has been publicly available since September 2022, as have the results of the EU impact assessment regarding the planned regulation. The general need for these measures is out of question - as is the fact that the CRA-E will have a major impact on all companies that develop and sell digital products in Europe.

However, many organizations have not taken sufficient preparatory measures yet- this presentation therefore provides an overview of the essential security requirements of the CRA-E and shows how these can be addressed with common standards and current best practices for the secure development of software-intensive systems.

Practical information security in the VUCA age

Gerlinde Macho, IT-Unternehmerin und Michael Bendl, COO, MP2 IT-Solutions

VUCA is a way of thinking and approaching the dynamic world. Volatility (V), Uncertainty (U), Complexity (C) and Ambiguity (A) are factors that describe this world. In this context, the security aspect of (flexible as well as hybrid) working is one of the central aspects. With the countless hardware & software providers as well as platforms for IT security, it is important to maintain an overview - especially in the SME environment. Which applications are suitable for the respective organization? Especially regarding redundancy as well as the prevailing shortage of skilled workers, it is crucial to create a practical tool set. The practical lecture will report on requirements, possible applications and challenges for secure work in operational practice in and by companies.

Security governance integration in fast-growing environments

Nikola Dinic, CISO, Convotis Group

ISO 27001 is the globally recognized benchmark for information security - companies that are certified according to THE standard are safe, act future-oriented and arm themselves early or proactively against possible risks such as data protection breaches, cyber attacks or, in the worst case, a business shutdown.

The core topic of this compact practical presentation will be discussing how the integration of an information security management system (ISMS) in accordance with ISO 27001 can succeed in fast-moving, multinational companies, which in turn consist of operations with different levels of security maturity and risk potential.

IT Security & Data Security in Practice

Stefan Hofbauer, Information Security Manager, Volksbank Wien AG

The value proposition of IT security is more important than ever. IT-Security supports and advises in the areas of information security, physical security, IT risk management, business continuity management and outsourcing governance. The aim is to reduce the risk (concerning confidentiality, integrity, availability) and the potential damage to the company and its customers. The ongoing shortage of skilled workers also contributes to the fact that it is becoming more and more difficult for companies to deal with the multitude of issues and cyber attacks. In this presentation, cases of damage and crisis  will be presented and recommendations for action in the form of security measures will be given in order to successfully counter the increasing number of threats.

Information Security - Important Updates & Innovations

Robert Jamnik, Head of Audit Services, CIS

Which issues and opportunities will companies face in terms of information security, cyber security and data protection? To what extent does ISO 27002:2022 affect current courses of action? What changes await us regarding the planned NIS 2 directive and how can we prepare ourselves now? In this practical lecture, you will learn about the essential changes and innovations and receive answers to the above-mentioned and many other questions!

Were we able to arouse your interest? If so, we are looking forward to welcoming you on September 19th at the Austria Trend Hotel Savoyen in Vienna! In addition to the speakers presented in this article, you can also expect plenty of time for networking, exchange with like-minded people and a colorful product portfolio of the exhibiting companies.

More information!

News & Events

The basis for long-term success!

12. Nov 2024

CIS awards first ISO 42001 certificate to Austrian company

26. Sep 2024

World Quantum Readiness Day

The first world day of this kind

Learn more
19. Aug 2024

Global Threat Report 2024: Current situation

Newest trends in cybercrime

Learn more
06. Aug 2024

Lateral entry as an IT security auditor – a field report

06. Aug 2024

TISAX®: Information security in the automotive industry

06. Aug 2024

TISAX® deep dive: the three assessment levels

06. Aug 2024

TISAX® deep dive: the 12 test objectives (labels)

10. Oct 2024

Event:CIS Compliance Summit 2024

Austrian platform for experts, professionals and desicion makers in the security industry. Be part of it - save the date: October 10th, 2024

Learn more
11. Jun 2024

Aspects of climate change included in the standards for management systems

New features and what happens next

Learn more
17. Apr 2024

CIS joins the Austrian Data Centre Association (ADCA)

New cooperation

Learn more
17. Apr 2024

Smart compliance for data centres

NISG and EN 50600

Learn more
28. Mar 2024

ISO 42001 – the new standard for artificial intelligence

World's first standard for AI

Learn more
+43 1 532 98 90