After having worked hard over recent weeks to adapt the annual event to the continued uncertainty around physical gatherings due to COVID-19, this year, the PwC Cybersecurity Day, was a 100% digital event spread over four days, from 26 to 29 October 2020, becoming PwC Cybersecurity DayS.

European experts gathered together, albeit this year virtually, to meet their peers, attend workshops and listen to talks on a wide variety of topics. The day falls, as it has since its inception, during Luxembourg’s Cybersecurity Week, and each year the topic grows in importance. The theme this year is focussed on the strategic importance of cybersecurity. More specifically, how boards and executives should consider cybersecurity and even digitalisation as being an integral part of their business  strategy.  Covid definitely accelerated the rise and use of technology but inherently brings additional risks.

Koen Maris, Cybersecurity Leader, PwC Luxembourg, said to the audience after the final presentation, “We wish to thank the audience and all the people who participated. This year was definitely a challenge to achieve, from a logistics point of view but surely on a technical level. It was still a great event, but we missed having people on our premises for a networking lunch and during the break out sessions/workshops. We thank all of the presenters who joined us, and we thank the jury members who all were able to be with us, physically or virtually, Kenneth Pentimonti, Roman Borisovich, Steffen Minkmar, and  Florence Roux-Christmann.”

Cybersecurity Solution of the Year 2020, the winner is…

German Mobile App and Fraud Protection company, Build38 won the Cybersecurity Solution of the Year Award for T.A.K. Client, at the Luxembourg Cybersecurity Week plenary session. The jury, composed of venture capitalists, incubator and security experts, selected the winner. The winning solution showed technical savviness and business acumen with a mature product and established customer base.

Build38, a Munich startup, gave an impressive pitch noting that the mobile industry business by 2023 will represent 156 billion US dollars, which makes it attractive to hackers and good guys alike. If businesses move to mobile-only in the next 10 years, and an estimated 75% of mobile devices fail security tests, it is easy to see the enormity of the vulnerability. Because a  smartphone isn’t controlled like a computer, it’s not trustworthy. The Build38 Trusted application Kit (T.A.K) secures any app on iOS and Android fighting fraud attempts, attacks and data breaches. It contains three dozen security features to protect the app even if you have an untrusted or malware infected device by using the TOFU principle. TOFU, Trust on First Use together with the Shift-Left Security paradigm (doing good software right from the start!) creates a self-defending app and a trusted environment for mobile business and modern lifestyle.

Our solution is attractive for customers. For the app provider it secures communication, IP, provider data and compliance. And for the developer, it saves time on resources. Last but not the least, it also saves the GRC team and CISOs SOC and fraud costs by hardening the app. However, if push comes to shove, the Build38 portal gives them the means to fight back individually and forcefully.

A big thank you goes out to the other four companies, pEp Security SA, TRUSTLESS.AI, DataVaccinator SARL and Wultra who contributed to the exciting pitch competition.

The PwC Cybersecurity DayS offered a unique opportunity to gain insights from the latest international trends in cybersecurity and privacy. For this year’s PwC Luxembourg Cybersecurity DayS, which fell within the Luxembourg Cybersecurity Week, the focus was on IT security to digital trust: how to help CISOs, DPOs and CEOs ensure they keep the organisation secure in a digital society. Amongst the many tailor-made speeches and updates for the virtual attendees were the top-class talks by Ken Ducatel, Niek de Visscher, Marco Preuss and Philippe Zimmermann.

CEO Corner

John Parkhouse spoke at the dedicated CEO Corner on a topic we are all familiar with, saying that, “Tech has been accelerating, but COVID-19 has put tech firmly on the agenda of the boardroom due to its critical importance for business.”

He went on to explain how PwC shifted from physical to digital, locally and globally, over three days, and how this sort of shift places a huge dependency on technological interaction. With this comes the fact that cyber risks are not only continuing during the pandemic, but there has been a huge increase in the number and level of sophistication. As home-based work increasingly becomes the norm, at least for now, companies' vulnerability has grown many fold.

Plenary Session - highlights from the keynotes

While the pitching session was done in-situ, the plenary session keynotes were done via video.

Ken Ducatel , IT Security Director, DG DIGIT, spoke about: “The cyber side of the lockdown”.

Ken told audiences about the COVID-19 response at the European Commission (EC), saying: “The COVID-19 crisis hit the EC really hard, in a way we never thought possible. From a security perspective, the adaption was a challenge, but it was also a big opportunity to embrace digital at its fullest and become digital citizens. It pushed our adaptability and the way we dealt with security to new heights. In a way, COVID-19 forced us to run towards change instead of walking, and we embraced it.”

Niek de Visscher, CEO Digital Innovation Benelux, group CTO Digital Innovation Group, spoke on the topic of: “Systems are smart, people are stupid”. “People aren’t dumb but driven by emotions, not so much by rational thinking. To make them aware of the danger and the risks related to using information systems, it’s crucial to understand how user-psychology works, considering all the layers from psychological needs to self-actualisation.”

Marco Preuss, Director of European Research and Analysis Team at Kaspersky Lab, spoke on the topic of: “ Social scoring and security”. In his presentation, he made reference to Kaspersky's report, “Social credits and security: embracing the world of ratings” and gave some alarming statistics. According to the report, 18% of consumers globally have experienced issues accessing financial services because of an assessment of their social media information by scoring systems, yet there is evidence that a large percentage of people are not aware of them, especially European in comparison to Asia.  So while these social scoring systems have become more widespread and are already implemented in many countries and industry sectors, what they are doing needs to be examined carefully and awareness needs to be raised as they sometimes lead to negative consequences.

Philipp Zimmermann, Distinguished Engineer, AET Europe BV (Creator of

Pretty Good Privacy) spoke on the topic of: “Why we are almost out of time for post-quantum algorithms”. Philippe’s main conclusion was, “When telcos think of acquiring new technology to improve their service capabilities, they should also consider the geopolitical and security implications of their decisions.”

Koen Maris, PwC Cybersecurity Leader, wrapped up the day by summing up with the following:

“Despite the limitations on our event for obvious reasons, such as travel and physical presence, the event was remarkably good with excellent topics raised across the board. We are all affected by the new normal and although it may seem odd to say,  there are positive sides to COVID-19. My key take-away is that this situation really provided the first time a lot of companies started opening the door for people like me who are cybersecurity evangelists. I think the key-takeaway for everyone who attended this event,  is how important people our role will be in the future for CEOs and for their IT strategy for tomorrow, always bearing one unmoveable truth in mind, that once you use technology inherently you have cyber risks. COVID has changed the world and it has heightened the awareness around cybersecurity. What we don’t need anymore is ad-hoc or reactive-based strategy, but rather to embed the culture of change as a strategic component of an organisation.  Important side note, change is good, adoption is better, but willingness to change is best.”

Want to know more? Contact us.

Check out our latest blog post, “A reflection on pandemic mitigation and cybersecurity” at The Blog.

Read the interview with Build38 in Silicon Luxembourg Wins The Pwc Cybersecurity Days Pitching Contest.