Agenda 2 October 2025 - 14:00 - 17:00
13.00 - 14.00 - Registration
Presentations are in English - Q&A in German or English both possible.
14.00 - 14.10 - Welcome address
Part 1 - What Emerging Risk do we see?
14.10 - 14.40
Practical Cloud Risk Governance, Risk Management and Assessment Solutions; Rolf A Becker, Co-Chair Cloud Security Alliance CH Chapter. Co-Founder EuUG
Details:
Risk governance and management in the cloud can be complex but are critical for ensuring compliance and operational integrity. Effective cloud risk governance requires the establishment of an integrated and robust governance framework that aligns with regulatory and legislative demands. Organizations must implement a comprehensive control framework to systematically assess and audit processes, identify compliance gaps, and enforce remediation. It is also essential to develop a contractual framework that supports these efforts. Furthermore, the integration and management of Artificial Intelligence within these frameworks raise important considerations about whether AI can enhance these processes and what new certifications might streamline compliance efforts. Dynamic monitoring strategies are vital for real-time risk assessment and management, while establishing a strong, operationally effective risk culture across the entire supply chain is fundamental to securing cloud environments. The presentation will also explore how hackers exploit vulnerabilities to ransom data and discuss preventive strategies, potentially illustrated through a case study from the SCCS in Dubai, which has garnered significant positive feedback and was also featured in recent corporate training.
BIO:
Rolf is true cloud risk expert previously leading UBS cloud governance, cloud risk assessment, TPRM, working directly for global CISO. He current supports organisations in designing, implementing, executing and performing Cloud Risk Governance. His experience span across the spectrum covering the definition of a risk control governance, management framework for adoption of cloud and the delivery of a comprehensive supply chain cloud control assessment, remediation and control framework.
14:40 - 15:10
Navigating Supply Chain Cyber Risks: The Impact of Regulations and Geopolitical Tensions in leveraging emerging and advanced technologies; Chuks Ojeme, Group chief information security officer, Brenntag Group
Details:
With advanced technologies, supply chains are becoming increasingly complex and interconnected, making them susceptible to cyber risks that can significantly impact trade. This presentation will delve into the key drivers of globalization and technological advancements that influence supply chain dynamics. It will explore the cyber risks inherent in today's supply chains and the potential trade impacts of these vulnerabilities. The discussion will also touch on geopolitical flashpoints and how they can exacerbate supply chain risks. The presentation will examine the nation-states model of tech regulations and its implications for global supply chains. Finally, it will propose a proactive approach to supply chain risk management, emphasizing the need for robust strategies to navigate the cyber threats and regulatory challenges in today's global marketplace.
BIO:
Chuks Ojeme is a best-selling co-author and group chief information security officer of the Brenntag Group, a global wholesale chemical production and distribution company. Mr Ojeme has more than 20 years of experience in balancing agility with governance while building innovation, people, processes, and a technology-focused digital security ecosystem. He provides transformative, strategic, and high-impact leadership in supply chain optimisation, business processes re-engineering and enterprise risk management. Mr Ojeme is a multi-discipline keynote speaker, venture capital adviser, visiting lecturer and strategic leadership consultant.
15:10 - 15:30 - Coffee Break
Part 2 - How do we Manage and Control?
15:30 - 16:00
AI usage in enhancing Risk Assurance; Claudia Lacobucci and Adam Dudzik, ABB
Details:
Application of AI technology in enhancing Management Testing Assurance, optimizing Risk Assessment, and streamlining Controls Re-design processes. Leveraging AI to improve accuracy, efficiency, and decision-making in the identification and management of risks, and adjustment of control frameworks.
BIOS:
Claudia: Head of Assurance, Risks, and Internal Controls at ABB, with over 20 years of experience in developing and strengthening SOX compliance and internal control frameworks across pharmaceutical and engineering sectors. Specializes in integrating emerging technologies and new trends into risk and control environments to drive operational excellence.
Adam: IC Architecture Lead with over 10 years of experience in transforming and optimizing risk and control frameworks, supporting companies in their journey of implementing new applications and solutions, including CFIN, CCM, and data mining. Expertise also includes operational activities such as process walkthroughs and management testing.
16:00 - 16:30
Agents of Resilience: Rethinking Cyber Third Party Risk Management in the Age of Autonomous AI; Monika Atanasova, Head of Cyber TPRM at Raiffeisen, Board Member ISACA and CSA Swiss Chapters
Details:
From abstract ambition to operational imperative: Agentic AI defines the trajectory of future intelligence. A predictive approach to fortifying and scaling supply chain resilience. Navigating the Future of Agentic AI: Trends and Action Plans.
BIO:
Experienced security strategist in highly regulated sectors, adept at designing and implementing robust security measures while ensuring compliance with applicable regulations. A cyber third-party risk management specialist with expertise in conducting risk assessments and developing vendor risk management programs.
16:30 - 17.00
Auditing AI Agents; Robert-Stephan Zergenyi, Zurich Insurance Group
Details:
The presentation on “Auditing AI Agents” covers various aspects of auditing AI agents. It highlights the key trends in AI agents, such as proactive and autonomous capabilities, hyper-personalization, multimodal systems, and agent-as-a-service models. The presentation also covers the interaction within multi-agent systems and the importance of risk assessment and audit planning for AI agents. The presentation emphasizes the need for sound enterprise architecture, agile auditing approaches, and the importance of auditing low-code and no-code platforms, cloud computing, and APIs. The presentation addresses the importance of ethics, explainability, accuracy, reliability, and interpretability in AI systems, and the need for internal auditors to understand the AI development cycle.
BIO:
Experienced audit and risk leader with a strong track record in governance, risk, and compliance across multiple industries. Recognized for thought leadership in the intersection of internal audit and emerging technologies, particularly artificial intelligence (AI). Co-authored several landmark paper, p. e. on auditing AI in collaboration with the European Confederation of Institutes of Internal Auditing (ECIIA).
17.00 - 17.10 - Closing remarks
17.10 - 19.00 - Networking and Apéro riche
At the end of the event, we cordially invite you to network with us over an aperitif.