Ethical AI and Responsible Innovation in Cyber Defence

1. Ethical AI in Threat Intelligence & Security Operations
   • AI should enhance, not replace, human decision-making.
   • Avoid automation without oversight—responsible use is key.
   • Focus on AI-driven efficiency without ethical compromises.
2. Transparency, Traceability & Accountability
   • No black-box AI—models must be explainable.
   • Ensure AI actions are auditable and justifiable.
   • Security teams remain accountable for AI decisions.
3. Privacy-Conscious AI in Cyber Defense
   • Balance security with privacy—avoid overreach.
   • Use privacy-preserving techniques (e.g., federated learning).
   • Align with global regulations while maintaining defense.

Jaya Baloo has been working in the field of information security with a focus on secure network architecture for over 20 years. She is the former CISO at Avast, and prior to that was CISO at KPN, the largest telecommunications carrier in the Netherlands. Jaya serves on boards of the NL’s National Cyber Security Centre, TIIN Capital, NOS, and the EU Quantum Flagship. Jaya is recognized as a top 100 global CISO and ranks among the top 100 security influencers worldwide. In 2019, she was selected as one of the 50 most inspiring women in the Netherlands by Inspiring Fifty. In 2022 she received an honorary doctorate from the University of Twente for her contributions to the field of Cybersecurity.

Hacker’s Perspective on New Risks: Revising the Cybersecurity Priorities for 2025

• The transformation is gaining momentum! Over the last tumultuous years, investments in digital transformation have been growing, with companies worldwide exploring its potential by introducing new technologies, approaches and social changes. As more data than ever is put online, cybersecurity is now a major concern for everyone – large corporations, governments, and companies of all sizes. The transformation, however, also has its dark side. Thanks to it, the hackers are able to exploit vulnerabilities in the infrastructure with even greater precision than before. As the financial, operational, legal, and reputational implications of neglecting cybersecurity risks could be considerable, well-known analysis & protection methods should be developed and complemented.
• During this presentation, the most serious risks of 2025 will be explored and explained. Paula Januszkiewicz will demonstrate how hackers and cybercriminals identify and exploit threats using the most up-to-date techniques, so that you are able to observe them on your monitoring system and prevent them in the future. You will also become familiar with the most advanced phishing attacks, credential theft techniques, ransomware distribution methods, and ways of gaining access to vendor-controlled systems.
• Join Paula to understand what actually is possible in the year of 2025. As the cyber transformation leads to better effectiveness of hackers’ activities, there is no time to lose!

Paula Januszkiewicz is the Founder and CEO of CQURE and CQURE Academy, companies she established back in 2008. She is also an Enterprise Security MVP, honorable Microsoft Regional Director, and a world-class cybersecurity expert, consulting Customers worldwide. In 2017, Paula graduated from Harvard Business School. She delivers keynotes and sessions at the biggest world conferences such as RSA, Black Hat, Microsoft Ignite, SecTor Canada, Australian Cyber Conference, GISEC, GITEX, LEAP, and many others. She is often a top-rated speaker, including being chosen as the No. 1 Speaker at Microsoft Ignite (among 1,100 speakers at a conference with 26,000 attendees) and at Black Hat Asia 2019. At the RSA Conference, two of her sessions were among the top 5 best rated. Paula is known for her unique stage presence that is always well-received among diverse audiences, often gathering thousands of people!

Paula has over 20 years of experience in the cybersecurity field, performing penetration tests, architecture consulting, trainings, and seminars. Every year, she takes over 200 flights to provide cybersecurity services for CQURE’s Customers. Paula and her Team also design security awareness programs for various organizations, including awareness sessions for top management. Together, they create various security tools (CQTools) supporting penetration tests, incident response, and forensics, which are shared with the community. Paula is a member of the Technical Advisory Board at the Royal Bank of Scotland/Natwest. And to top it all off, she has access to the source code of Windows!

Ransomware Reality Check: Are You Ready to Face Organised Cybercrime?

Raj Samani is a computer security expert working as the SVP, Chief Scientist, for cybersecurity firm Rapid7. Raj has assisted multiple law enforcement agencies in cybercrime cases, and is special advisor to the European Cybercrime Centre (EC3) in The Hague.
Raj has been recognized for his contribution to the computer security industry through numerous awards, including the Infosecurity Europe hall of Fame, Peter Szor award, Intel Achievement Award, among others. Raj is also the co-author of the book ‘Applied Cyber Security and the Smart Grid’, CSA Guide to Cloud computing, as well as technical editor for numerous other publications.
He can be found on twitter @Raj_Samani

AI Governance: Estonia’s Experience So Far and the Road Ahead

• Do budget cuts accelerate or slow down AI adoption?
• What are the current and future security challenges?
• Can security be delegated to AI agents?
• How does AI impact workflows from a security perspective?

Dr. Ott Velsberg is a renowned Estonian IT specialist and government official, known for his expertise in data governance and artificial intelligence. As the current Chief Data Officer (CDO) of Estonia, he is responsible for driving the country’s data and AI policy and its implementation. Velsberg has a wealth of experience in coordinating data governance and data science, with a focus on domains such as artificial intelligence, open data, citizen-centric data governance, data management, and digital transformation. Under his leadership, Estonia has become a global leader in data governance, open data, and artificial intelligence. With his passion for technology and data, he is making significant contributions to Estonia’s digital transformation and shaping the country’s future in data governance and artificial intelligence.

Podcast
Human: The First and Last Line of Defense in Cybersecurity

Andero Teras is a psychologist and expert in team and leadership training with a master’s degree in psychology from the University of Tartu. He enhances his expertise through doctoral research and teaches “”Practical Positive Psychology”” at Tartu University’s Pärnu College. He has also expanded his knowledge at universities in Finland and the United States. His international experience includes training leaders and teams across Europe, the U.S., Asia, and Latin America. He is also a highly regarded public speaker at major conferences in Estonia.

Platform-Powered IT: A Connectivity Cloud that Shapes the Next Era of Enterprise Tech

• In today’s cloud and AI-driven world, businesses face complex IT challenges, including security vulnerabilities, scalability demands, and fragmented point solutions. This session explores how platformization, through Cloudflare’s Connectivity Cloud, revolutionizes enterprise IT with a unified approach to security, performance, and resiliency. Join us to understand why a platform-powered strategy is essential for next-generation enterprise technology and how Cloudflare’s Connectivity Cloud leads the way in shaping IT’s future.

Sheril Nagoor is a Principal Solutions Architect at Cloudflare, based in London, and an influential SASE evangelist. With extensive expertise in cybersecurity, Sheril has significantly contributed to enhancing organizational security postures through cutting-edge technologies. As a prolific speaker and patent holder, he brings deep industry knowledge and innovative perspectives, making him a thought leader in the cybersecurity community. Sheril’s dedication to advancing security solutions and his ability to translate complex concepts into actionable strategies have made him a trusted advisor and a prominent voice in the field.

AI vs. AI: The Future of Automated and Autonomous Cybersecurity

• Artificial Intelligence has emerged as both the sharpest weapon and the most effective shield in modern cybersecurity. While defenders deploy cutting-edge AI systems to detect threats and automate responses in real-time, cybercriminals are increasingly using AI to create stealthier malware, craft highly targeted phishing campaigns, and even develop autonomous attack tools.
  This session explores the evolving AI vs. AI landscape—a high-speed battle where algorithms combat algorithms, and the lines between attacker and defender blur. We’ll examine how cybercriminals are turning to adversarial machine learning and generative AI to stay ahead, but also how automation is beginning to replace low-level cybercrime roles, leading to unexpected job losses in the underground criminal economies. Through real-world examples and the latest research, we’ll unpack:
  • How generative adversarial networks (GANs) and LLMs are used to evade detection
  • What happens when autonomous AI agents operate without human oversight
  • The double disruption: AI is not only displacing human defenders—but also human hackers
  • The next phase of AI-powered cybersecurity tools and how defenders can stay ahead.

  Join us for a deep dive into the future of cybersecurity—where automation fights automation, and success means staying one algorithm ahead.

Joseph is an award-winning cybersecurity professional with over 30 years of experience in enterprise security. As the Chief Security Evangelist and Advisory CISO at Segura, he focuses on identity security and building resilient cybersecurity strategies.
Joseph holds CISSP and OSCP certifications, advises governments and critical infrastructure sectors, and speaks globally on cybersecurity topics. He is the author of Cybersecurity for Dummies, read by more than 50,000 professionals worldwide, and regularly contributes to leading publications such as The Wall Street Journal and Dark Reading. Joseph regularly shares his knowledge and experience giving workshops on vulnerability assessments, patch management best practices, the evolving cybersecurity perimeter, and the EU General Data Protection Regulation.

Podcast
The Three Defence Lines

Verner is a compliance and data protection expert currently working in the insurance industry. Verner holds an undergraduate law degree from the University of Tartu and a master’s degree in law from Tilburg University. He brings extensive experience from the banking and fintech sectors, where he has helped organizations navigate complex regulatory environments and uphold high ethical standards. His previous roles have included leading GDPR implementation and developing internal compliance frameworks from the ground up within international companies. Committed to raising awareness around compliance and data protection, he has trained hundreds of colleagues across three languages.

Cybersecurity Without Shortcuts

Paul is currently the Head of IT, Digitalisation and Security at Sunly, overseeing key domains like cybersecurity, digitalisation, business intelligence and data, AI, microservices, software development, support services etc in Estonia, Latvia, Lithuania, and Poland. Previously, he served as Division Lead at ADM Interactive, merging and restructuring software development teams, fostering client partnerships in the Baltics, UK, and Germany. He is a strategic forward-thinking leader with the ability to implement changes to foster innovation.

Cybersecurity Without Shortcuts

Priit Lepasepp is the Co-Founder and CEO of Sunly, a renewable energy company advancing the transition to sustainable power in the Baltics and Poland. With a background in law and extensive experience in energy markets and project development, Priit combines strategic vision with a commitment to innovation. Under his leadership, Sunly has become a key player in wind, solar, and energy storage, contributing not only to the green transition but also to the region’s energy security and resilience.

How Estonian Cyber Command is Training Estonia’s Cyber Warriors

Mihkel Tikk is the Deputy Commander of Cyber Command in Estonian Defence Forces. His main areas of responsibility are Cyber and ICT operations and capability development. Previously Mr Tikk was Director of Cyber Policy and Information Technology Department at the Estonian Ministry of Defence. In addition to the development and implementation of cyber security and defence related policies, he also coordinated information security management throughout the MoD’s area of administration, including the Estonian Defence Forces. He was the representative of Estonia in various NATO and EU committees and at the NATO Cooperative Cyber Defence Centre of Excellence.Before joining the Ministry, Mr Tikk designed business processes and e-services for the Estonian government. At the Estonian Information Systems Authority he was responsible for the development of Estonia’s State Portal, which has been acknowledged by the European Commission as the best State Portal in Europe. Mr Tikk is also co-founder of Estonian cyber reserves unit Cyber Defence League.

Intelligent Architecture: Tech Choices in the Smart Manufacturing Era

By education, a theoretical physicist and computer scientist specializing in numerical simulations of quantum mechanical spin systems with the application to quantum computing and nuclear magnetic resonance. Worked in the field of computer simulations, complex mathematical optimization, software development and advanced system architecture for more than 20 years. A co-founder in a couple of organizations and startups that have successfully scaled out. Currently a Lead I4.0 and smart manufacturing systems architect in Ericsson, leading the Ericsson global smart manufacturing from a holistic perspective and focusing on topics like advanced AI, production optimization, next-generation communication technologies (5G-Advanced, 6G).

AI Agents – opportunities, risks and mitigation

Andreas Horn leads IBM’s AIOps service portfolio for EMEA, driving AI-powered transformation across enterprises. He specializes in strategic AI deployment for IT Operations, ensuring businesses leverage AI to enhance resilience, efficiency and innovation in this new era of AI. Beyond IBM, Andreas is a university lecturer, educating the next generation on practical AI applications that boost productivity and streamline workflows. His mission: turn AI from hype into real-world impact.

Louis grew up in a small coastal town in Australia and attended the University of Newcastle, gaining a first class Honors Degree in Computer Science and worked in the industry as a Consultant and Trainer for 10 years, specializing in enterprise integration services. Having left the world of IT consultancy behind, Louis now uses his public speaking and communication skills to lead tech focused conferences, combining both his broad technical and entertainment skills to provide a larger than life presence on stage when he hosts.

Podcast
Getting Thought Leadership Right – Lessons from Vendor Research

Henry Rõigas is the CEO and Founder of evisec.xyz, a cybersecurity research and consulting firm delivering evidence-based analysis for security leaders. He is also the lead author of evisec’s Cybersecurity Research Digest, a regular data-led cybersecurity trends overview. Alongside his work at evisec, Henry is a Non-Resident Fellow at ICDS, providing analysis on international security and digital threats. Henry has held various roles in the information security industry, including as a Researcher at NATO CCDCOE, Principal Threat Analyst at Nortal, Head of R&D Collaboration at Guardtime, and Chief Strategy Officer at Sentinel.ai/NFTPort.

Jürgen is an Information Security Specialist with a mission to help businesses and individuals protect themselves from cyber threats. Leveraging his 14+ years of experience in the IT industry, where he has held various managerial and technical roles in security operations, incident response, digital forensics, vulnerability management, security assessments, threat hunting, and more. Jürgen strongly believes that expensive security solutions are ineffective without trained people and refined processes, and that fighting cybercrime ultimately comes down to building stronger communities.

Arthur Bataille is the CEO of NEVERHACK, based in Boulogne-Billancourt, France. An engineer by training and a passionate technology enthusiast, he is deeply committed to advancing the cybersecurity ecosystem in France and internationally.
Arthur brings extensive experience from previous leadership and technical roles at PR0PH3CY, Seela.io, and SILICOM SAS. Throughout his career, he has had the privilege of working alongside exceptional individuals, continuously learning from them and shaping a company focused on defining the future of cybersecurity.

As Chief of International Affairs at Neverhack Group, the world’s leading cybersecurity firm, I lead global partnerships with governments, international organizations, and policymakers to strengthen our global presence.
With over seven years in cyber defense, digital transformation, and public-private collaboration, I’ve worked at the intersection of policy and tech in Estonia’s public sector. My past roles include Head of Government Relations at Accelerate Estonia and Cyber Defence Policy Adviser at Estonia’s Ministry of Defence, focusing on NATO and EU cyber policy.
I’ve also advised governments on digital transformation at the e-Estonia Briefing Centre and founded a consultancy supporting cyber education and digital strategy.

Crisis Communication Simulation

• Duration: 90 minutes | Format: Interactive tabletop exercise
• According to PwC, 96% of organizations faced disruptions in 2023 – and 76% reported a medium or high level of impact. This highlights a critical gap: while crises are nearly inevitable, effective preparedness remains rare. In this interactive simulation, each team steps into the shoes of a company facing a fast-developing communication crisis.  Through realistic prompts, media interactions, and time-pressured decisions, you’ll experience the dynamics of crisis communication from the inside out – discovering why preparedness, internal clarity, and message discipline make or break a crisis response.

Rainer has 15 years of experience in public relations, including over 10 years in public sector communications – half of that as a press officer at the Ministry of Finance, and the other half as Head of Communications at the Estonian Tax and Customs Board. During this time, he has been involved in a wide range of high-impact public projects, many of which required strategic crisis communication. For the past five years, Rainer has been working at Estonia’s leading communications agency, Meta Advisory, where he advises both local and international companies operating in Estonia. He has led crisis communication initiatives and helped prepare crisis teams through training and simulations.
In the workshop, Rainer’s role is to provide participants with a strategic perspective on crisis communication: how to assess a situation, make swift decisions, coordinate messaging, and ensure team cohesion under pressure. His hands-on experience helps bridge the exercises with real-life logic, highlighting how crisis communication functions at the organisational level.

Crisis Communication Simulation

• Duration: 90 minutes | Format: Interactive tabletop exercise
• According to PwC, 96% of organizations faced disruptions in 2023 – and 76% reported a medium or high level of impact. This highlights a critical gap: while crises are nearly inevitable, effective preparedness remains rare. In this interactive simulation, each team steps into the shoes of a company facing a fast-developing communication crisis.  Through realistic prompts, media interactions, and time-pressured decisions, you’ll experience the dynamics of crisis communication from the inside out – discovering why preparedness, internal clarity, and message discipline make or break a crisis response.

Urmas has 30 years of experience in journalism and communications across various formats – radio, print media (both newspapers and magazines), online media, and television. His professional background includes conducting thousands of interviews, both short and long, and writing hundreds of articles. He has also delivered public speaking and media training sessions for nearly 100 organisations across both the private and public sectors. As a presentation and messaging coach, he has worked with more than 50 senior and top-level leaders in Estonia.
In the workshop, Urmas’ focus is on enhancing the clarity of messaging and helping participants grasp the broader context of unfolding events. He emphasises how participants can maintain confidence, assert themselves credibly and empathetically as strategic leaders – especially under intense pressure. Under his guidance, participants gain practical insights that empower teams to act in a unified and persuasive manner, even at the peak of a crisis.

SOC 3.0: Human-AI Synergy for Continuous Threat Exposure Management

• Traditional SOCs face overwhelming challenges, leading to high costs and frequent breaches, which necessitates a paradigm shift to SOC 3.0 for a proactive and intelligent security model.
• This evolution is grounded in Continuous Threat Exposure Management (CTEM), a Gartner-defined iterative program that continuously identifies, assesses, and reduces cyber risk by aligning technical findings with business goals.
• Powering this transformation, Open XDR platforms leverage AI to unify security operations, correlate disparate alerts into actionable incidents, and profoundly augment human analysts, leading to dramatically improved detection and response times.

Aleksei is a passionate cybersecurity professional with more than 15 years of experience in the IT security field. He is leading a team of experts to provide a variety of cybersecurity services covering both defensive and offensive tactics. Aleksei’s main passion is “intelligence driven unified defence ecosystem” which is destined to help organizations to adapt to ever changing threat landscape. If you wish to discuss cyber risk mitigation techniques or need help with defence strategy – Aleksei is the person to talk with.

SOC 3.0: Human-AI Synergy for Continuous Threat Exposure Management

• Traditional SOCs face overwhelming challenges, leading to high costs and frequent breaches, which necessitates a paradigm shift to SOC 3.0 for a proactive and intelligent security model.
• This evolution is grounded in Continuous Threat Exposure Management (CTEM), a Gartner-defined iterative program that continuously identifies, assesses, and reduces cyber risk by aligning technical findings with business goals.
• Powering this transformation, Open XDR platforms leverage AI to unify security operations, correlate disparate alerts into actionable incidents, and profoundly augment human analysts, leading to dramatically improved detection and response times.

Pavel Laptev is the Global SOC Transformation & Strategy Lead at NEVERHACK Estonia, with a strong background in cybersecurity. Pavel has extensive experience in security operations, incident response, and forensics, including roles in Security Operations Center (SOC) management and as a Chief Information Security Officer (CISO). Previously, Pavel held positions such as Head of Security Operations Center at NEVERHACK Estonia, Senior Forensic Analyst/Incident Response Analyst at Kyndryl, and Head of Digital Forensics Department at the Estonian Forensic Science Institute. Pavel has also been an external lecturer at the University of Tartu School of Law and TalTech – Tallinn University of Technology, where he taught digital forensics.

Ronnie Jaanhold has been around in cyber security for over 20 years with experience spanning technical, operational and business domains. As Business Developer at NEVERHACK Estonia he plays a role in shaping partnerships and helping customers navigate the complex intersection of technology, risk, and real-world business outcomes. Ronnie is being recognized for bridging the gap between the boardroom and the technical wizz-wazz. He is not afraid of asking hard questions or explore uncomfortable truths that is often buried beneath dashboards and buzzwords.

Beyond daily role, Ronnie is the host of CYBERCAST podcast show that is offering grounded view of what’s going on in cyber – from frontline realities to higher viewpoints and also proudly part of Nordic Baltic Security Summit conference content planning.

Don’t be afraid to step up and approach when you see me somewhere. He is much nicer than he looks.

Giorgi is a Senior Penetration Tester at NEVERHACK Estonia specializing in web and mobile application security. He is experienced in uncovering complex vulnerabilities through manual testing and advanced logic flaw exploitation. Giorgi conducts ethical social engineering engagements to identify and improve human-related security weaknesses. He also brings a practical, business-aware approach to offensive security, helping teams turn findings into real improvements. On top of everything he is a creator of Security Summit CTF Challenge.

Podcast
Autonomous Negotiators – New Attack Surface? 

• Every large organization has procurement spend that is under managed. In today’s volatile market environment, procurement teams face mounting challenges in managing thousands of stock keeping units (SKUs), responding to unpredictable supply chain dynamics, and constrained resources, allowing price increases to go unnoticed. This under managed spend significantly impacts profit margins and adds complexity to supply chain operations.Pactum empowers Chief Procurement Officers to add AI agents working alongside humans. Agents work around the clock with autonomy and authority to find negotiation opportunities and close supplier deals at scale. Pactum agents are trusted by over 50 of the world’s largest enterprises, delivering measurable value and enabling agility for procurement operations.

  On this podcast session we explore the cyber challenges Pactum faces and how NEVERHACK helps them.

Margus is the Head of Security and Compliance at Pactum AI, where he leads initiatives to uphold cybersecurity governance and compliance and foster a strong cybersecurity culture. With over a decade of experience in startups, he has held diverse technical and leadership roles spanning technical support, Site Reliability Engineering, and Security Engineering.

When 1 + 1 = 11: The Hidden Math of Application Vulnerabilities

• Manual penetration tests don’t always reveal critical vulnerabilities — but even minor issues, when linked together, can result in significant risks. In this session, Axinom and Neverhack share highlights from a recent engagement that brought such vulnerability chains to light. You’ll also discover how a single pentest can deliver value across multiple areas within a company, turning one investment into value several times over.

Velmar Piibeleht is a seasoned professional with about 15 years of experience in the realm of cybersecurity, spanning across both private and public sectors. Now with more than 5 years of experience as a Penetration Tester and Red Teamer, he has successfully earned CISSP, OSCP, GWAPT, GMOB and GCFA certifications. Leveraging his expertise, Velmar is dedicated to assisting companies by conducting offensive security operations that uncover potential vulnerabilities and weaknesses.

When 1 + 1 = 11: The Hidden Math of Application Vulnerabilities

• Manual penetration tests don’t always reveal critical vulnerabilities — but even minor issues, when linked together, can result in significant risks. In this session, Axinom and Neverhack share highlights from a recent engagement that brought such vulnerability chains to light. You’ll also discover how a single pentest can deliver value across multiple areas within a company, turning one investment into value several times over.

With 15 years of experience at Axinom, Rostyslav Shumeiko serves as a Senior Security Consultant. His work includes guiding the company through standards such as ISO 27001 and bridging the gap between security and development teams by making complex security concepts understandable and implementable for everyone.
Rostyslav leads crucial security initiatives, including certifications, compliance, security, pen testing, and also delivers impactful Security Awareness and Secure Development training. His work helps integrate security into Axinom’s core operations, promoting both compliance and operational resilience.

Security: The Default Setting

• In the wake of an aggressive nation-state attack, Microsoft launched the Secure Future Initiative.
  This keynote from Sarah Armstrong-Smith unpacks the story of the largest cybersecurity engineering programme in history – a multi-year commitment to embed security into every layer of our technology stack and culture.
  Join us to hear what we’re building, what we’ve learned, and how we’re partnering with our customers and partners to make security not just a feature—but the foundation of everything.

Operating at the forefront of the cybersecurity industry, Sarah Armstrong-Smith is the Chief Security Advisor at Microsoft. She has led a long and impactful career, helping businesses evolve their security strategy and capabilities to support digital transformation and cloud adoption. Working with Microsoft’s largest enterprise customers and partners across Europe, Sarah offers valuable advice on the complex and dynamic world of cybersecurity to protect people and data, ensuring stronger defences against attackers, to deliver effective resilience.

Sarah is a Fellow of the British Computer Society and has been recognised as one of the most influential and inspiring people in UK Tech, regularly contributing to thought leadership and industry publications. In 2022, Sarah published her first book ‘Effective Crisis Management’ which explores the traits and leadership skills required to succeed in the face of adversity and uncertainty. Her second book, is Amazon best seller ‘Understand the Cyber Attacker Mindset’, which explores the psychology of cyber warfare and how organizations can defend themselves against attacks.