Talks
I am a frequent speaker at industry events, invited talks, and at leading conferences & workshops.
If you’re interested in booking me for speaking engagements, I’d love to connect — feel free to reach out!
I am a frequent speaker at industry events, invited talks, and at leading conferences & workshops.
If you’re interested in booking me for speaking engagements, I’d love to connect — feel free to reach out!
OECD Digital Security | Paris
Swisscard AECS
Wir zeigen wie Angriffe ablaufen und welche Strategien Hacker nutzen – von Phishing-Mails bis hin zu Schwachstellen in euren Endgeräten zuhause. Wir decken Mythen auf, erklären Angriffsphasen und geben wertvolle Tipps mit auf den Weg!
EventBSides Security Conference | Bern
HSG & ETHZ
Overlapping risks like climate change, cyber-attacks and geopolitical instability are reshaping today’s strategic landscape. This executive seminar explores how leaders can navigate uncertainty and build resilience in the face of emerging and interconnected risks.
EventCISO Breakfast Club | isolutions AG
Conventional pentesting doesn’t align well with today’s agile development processes. In this talk, we share how we redesigned our approach to scale and focus on rapid, early-stage insights (shift-left). We’ll walk through our new methodology, the challenges we encountered, and the unexpected lessons we learned along the way.
Event | SlidesCAS Business Intelligence & Analytics | Hochschule Luzern
Lunch & Learn | bmpi AG
CAS Cyber Threats & Developments | ETHZ NADEL
Lunch & Learn | EBP AG
Prism Corporation - Salon Talk
Cybersecurity is often clouded by confusion and hype. This seminar explores key threats and their drivers (historical, economic, social, and technological) to support informed decisions and help ensure the benefits of digitization outweigh the risks.
EventISF Grey Chapter Meeting
Conventional pentesting doesn’t align well with today’s agile development processes. In this talk, we share how we redesigned our approach to scale and focus on rapid, early-stage insights (shift-left). We’ll walk through our new methodology, the challenges we encountered, and the unexpected lessons we learned along the way.
Event | SlidesOECD Digital Security | Paris
An international advisory group of experts from government, business, the technical community, and civil society provided input on key concepts, approaches, and challenges related to the digital security of products, as part of the OECD’s Global Forum on Digital Security for Prosperity (GFDSP).
Event | ReportsCAS Datenschutz & Datensicherheit | HWZ
Cybersecurity is often clouded by confusion and hype. This seminar explores key threats and their drivers (historical, economic, social, and technological) to support informed decisions and help ensure the benefits of digitization outweigh the risks.
EventISSS Berner Tagung
Digitale Produkte gelangen oft ohne ausreichende Sicherheitsprüfung in kritische Infrastrukturen. Dieser Vortrag zeigt zentrale Cyber-Risiken, Angriffsszenarien und notwendige Massnahmen zur Absicherung der digitalen Lieferkette – mit dem Ziel, bekannte Fehler zu vermeiden und die Digitalisierung sicher zu gestalten.
Event | SlidesVBS IOS Academy
Cybersecurity has become a source of confusion and hype, with consumers and businesses struggling to keep up. We explore key cyber threats and their drivers—historical, economic, social, and technological—to help you make informed decisions and ensure the opportunities of digitization outweigh the risks.
EventBasler Investors Club (BIC)
Cybersecurity is often clouded by confusion and hype. This seminar explores key threats and their drivers (historical, economic, social, and technological) to support informed decisions and help ensure the benefits of digitization outweigh the risks.
EventDFS Deutsche Flugsicherung | Frankfurt
Swedish Chamber of Commerce with Danske Bank
Cybersecurity is often clouded by confusion and hype. This seminar explores key threats and their drivers (historical, economic, social, and technological) to support informed decisions and help ensure the benefits of digitization outweigh the risks.
EventRisk Board Meeting | Ricola AG
Cybersecurity has become a source of confusion and hype, with consumers and businesses struggling to keep up. We explore key cyber threats and their drivers—historical, economic, social, and technological—to help you make informed decisions and ensure the opportunities of digitization outweigh the risks.
EventIOT Security Workshop | Mettler Toledo
Unlike physical threats, cyber risks are hard to detect—unsafe systems can appear secure without thorough testing. While industries like automotive and aviation focus on safety, cyber security requires a different approach. We look at the evolving threat landscape, persistent adversaries, and hidden risks in IoT and industrial control systems. It highlights the need for resilience as IT and OT systems converge in an increasingly connected world.
EventKadertagung | Kdo Mech Br 11
Cybersecurity has become a source of confusion and hype, with consumers and businesses struggling to keep up. We explore key cyber threats and their drivers—historical, economic, social, and technological—to help you make informed decisions and ensure the opportunities of digitization outweigh the risks.
EventEidgenössisches Institut für Metrologie METAS
Cybersecurity is often clouded by confusion and hype. This seminar explores key threats and their drivers (historical, economic, social, and technological) to support informed decisions and help ensure the benefits of digitization outweigh the risks.
EventDanish Swiss Chamber of Commerce
Cybersecurity is often clouded by confusion and hype. This seminar explores key threats and their drivers (historical, economic, social, and technological) to support informed decisions and help ensure the benefits of digitization outweigh the risks.
EventParlamentariertreffen 2017 | Offiziersgesellschaft des Kt. St. Gallen
Start Hack | HSG St. Gallen
Unlike physical threats, cyber risks are hard to detect—unsafe systems can appear secure without thorough testing. While industries like automotive and aviation focus on safety, cyber security requires a different approach. We look at the evolving threat landscape, persistent adversaries, and hidden risks in IoT and industrial control systems.
Event8. Verkehrspilotentag der Vereinigung Cockpit | Frankfurt
This talk explores how aviation’s safety and security processes, developed over the past 100 years, are inadequate for addressing current and future cyber threats. It highlights how once-secure aviation systems are now vulnerable and identifies failing security assumptions. We conclude with lessons from other industries and how they can be applied to aviation.
Event | Slides18. FHP-Symposium | Rüdesheim
BSides Security Conference | Hamburg
This talk explores the risk of privately known security vulnerabilities, or "known unknowns," traded by cyber criminals, brokers, and governments. We reveal that, over the past three years, these groups accessed at least 58 vulnerabilities targeting major vendors and discuss the potential of an international bug bounty program to limit their access to new vulnerabilities.
Event | Slides | PaperISSS Security Lunch
This talk explores the risk of privately known security vulnerabilities, or "known unknowns," traded by cyber criminals, brokers, and governments. We reveal that, over the past three years, these groups accessed at least 58 vulnerabilities targeting major vendors and discuss the potential of an international bug bounty program to limit their access to new vulnerabilities.
EventISD Internet Security Days | Köln
This talk explores the risk of privately known security vulnerabilities, or "known unknowns," traded by cyber criminals, brokers, and governments. We reveal that, over the past three years, these groups accessed at least 58 vulnerabilities targeting major vendors and discuss the potential of an international bug bounty program to limit their access to new vulnerabilities.
EventArea 41 Security Conference | Zurich
Cyber security depends largely on reporting vulnerabilities under the practices of coordinated disclosure. Meanwhile, the black market is expanding rapidly and offering large rewards for the same information. We examine the economics of depriving cyber criminals' access to new vulnerabilities.
Event | Slides | PaperIT-Security INSIDE 14 | Avantec AG
In diesem Vortrag erhalten Sie einen Einblick in die innovativen Methoden von Cyber-Kriminellen und erfahren, wie die Wirksamkeit gängiger Abwehrtechnologien (NGFW, IPS) gemessen werden kann. Anhand einer Live-Demo wird gezeigt, wie Malware-Erkennung selbst über mehrere Schutzstufen hinweg umgangen werden kann.
Event | PaperISF World Congress | Paris
We examine the attacker’s kill chain and defense in depth, reviewing four key protection technologies—firewalls, intrusion prevention, endpoint protection, and browser security—based on NSS Labs’ data. Rigorous testing shows that 100% attack prevention is impossible, urging organizations to focus on breach detection alongside prevention.
Event | Papers Cyber Kill ChainISSS Security Conference | Lausanne
We examine the attacker’s kill chain and defense in depth, reviewing four key protection technologies—firewalls, intrusion prevention, endpoint protection, and browser security—based on NSS Labs’ data. Rigorous testing shows that 100% attack prevention is impossible, urging organizations to focus on breach detection alongside prevention.
Event | Papers Cyber Kill ChainBSI Sicherheitskongress | Bonn
We explore how cybercriminals use advanced techniques to evade security measures and assess the effectiveness of defenses like NGFW, IPS, antivirus, and browser protections using real-world test data. A live demo reveals how attacks bypass detection and highlights major gaps across security products. We also show correlations between undetected exploits, crimeware kits, and vulnerable software.
Event | Papers Cyber Kill ChainVendor Briefings | RSA Conference
BlackHat Middle East | Abu Dhabi
We explore how cybercriminals use advanced techniques to evade security measures and assess the effectiveness of defenses like NGFW, IPS, antivirus, and browser protections using real-world test data. A live demo reveals how attacks bypass detection and highlights major gaps across security products. We also show correlations between undetected exploits, crimeware kits, and vulnerable software.
Event | Slides | Papers Cyber Kill ChainISF World Congress | Chicago
We explore how cybercriminals use advanced techniques to evade security measures and assess the effectiveness of defenses like NGFW, IPS, antivirus, and browser protections using real-world test data. A live demo reveals how attacks bypass detection and highlights major gaps across security products. We also show correlations between undetected exploits, crimeware kits, and vulnerable software.
Event | SlidesExperimental Security Panoramas Workshop (ESP)
FIRST Conference | Vienna
3rd Swiss Cyber Storm Conference
e-Crime Security Congress | London
CISO Middle East Summit | Dubai
World Congress | SC Magazine
e-Crime Security Congress | London
Kaderforum des Polizeidepartements der Stadt Zürich
«Sicherheit in der digitalen Welt» | SwissSign
FIRST Conference | Vancouver
BlackHat Europe | Amsterdam