Morning Speaker highlights 

The exceptional capabilities of Artificial Intelligence (AI) have the potential to revolutionise cybersecurity. However, it is crucial to safeguard AI systems themselves from attacks to prevent harm to individuals, processes, and technology. Throughout the day, this year's theme - "The AI Paradox: A Blessing or a Curse," - shone a spotlight on the dual-edged nature of AI in the realm of cybersecurity and privacy. 

The morning kicked off with welcome words from Koen Maris,?Advisory Partner, Cybersecurity & Privacy Leader at PwC Luxembourg and host of the event. “AI is here, and it will never go away.  Is it a weapon or a tool? Is it friend or foe?” He was joined in the greeting by Grant Waterfall, Partner, Cyber Security & Privacy Leader, PwC EMEA who praised the mix of people in the audience, ranging from tech experts to start-ups, regulators, and cyber and privacy specialists, as being part of the true value of the day. 

Mika Lauhde, Senior Fellow at Maastricht University, gave an impressive talk entitled, “AI and sign of the times”, in which he discussed the geopolitical context of our times. As Head of Technology, Delegation for CyberSpace, International Committee of Red Cross, he leads the R&D unit that develops new digital technologies for global humanitarian use with cybersecurity in mind. He pointed out three reasons why there is currently a need to “double down on security”: Geopolitical fragmentation (which increases the risk of espionage, sabotage and cyberattacks), the emergence of AI itself (which poses new challenges and opportunities) and the new era of cyber transparency, with the pressure from regulators (DORA, CS (Cyber Security) Act) demanding more mandatory reporting. Mika also warned against the monopolisation of technology, with only a few companies dominating everything from mobile technology to the internet.  

Dr. Donia Elkateb. Senior IT-Security Engineer, European Investment Bank (EIB), gave a talk on “Application Security and AI,” saying notably that “The bad guys are also using AI,” and punctuating this comment with an example of how hackers are using ChatGPT to create polymorphic malware.  

This was followed up by Stan Scharnigg, Co-founder, Chunk Works, who told the crowd, “The AI genie is out of the bottle,” comparing our current situation with the dawn of nuclear power, with both great applications but also the danger of bad actors. He made a fascinating point about Quantum Computing and AI and how breakthroughs could come much faster than we ever imagined. He advised that agility holds the key in dealing with the future, but are we ready for the future?  

In his talk “Security in the era of Generative AI”, Nico Sienaert, Sr. GTM Lead Security at Microsoft proposed a startling analogy. “If cybercrime, which currently is estimated at around US 8 trillion, was a country’s economy, it would be the third biggest in the world.” In fact, estimates vary on the scale of cybercrime, but it gave the audience a vivid image of what the world is up against.  

Herwig C. H. Hofmann, Professor of European and Transnational Public Law, Head of the Department of Law University of Luxembourg, FEDEF provided key insights in relation to “Information Management in the Regulation of Privacy and AI”. He explained that information management is emerging as the central focus of EU regulation in digitalisation package, imposing obligations on individual actors which can be only complied with by means of an increasingly granular collection of information sourcing.  

The afternoon was dominated by a series of workshops where attendees could attend up to two on a variety of topics. The late afternoon keynote was a real treat with Geoff White, Investigative Journalist, Speaker and Author who spoke about, “Cybercrime’s Enablers- Inside the Network of Financial Crooks that Keep Hackers in Business. With his new book “Rinsed” hot off the presses, Geoff, an incredible public speaker, wowed audience with his stories of how technology can greatly enable financial crime using real life examples, including the dark web. Illuminating, scary and entertaining all at the same time.  

The Pitching Competition 2024  

As every year, one of the most exciting aspects of the conference was the pitching competition. After an international call for submissions, PwC Luxembourg selected five cybersecurity and privacy companies with relevant solutions for the Luxembourgish market. On 5 June, the Jury’s and the People’s Choice Awards were presented at the end of the day, with Data & More winning the People’s Choice Award and Contrast Security taking home the Jury’s Award. 

Jury member, Roman Borisovich, International Financier, who has been coming to the event for five years, spoke publicly about the rising quality of the pitches over time and how difficult this year’s decision was, saying that it is a testimony to the recognition of this event that rather than just start-ups, but is now more established companies that are travelling from across the world for a chance to pitch at this event.  

PwC Luxembourg thanks the other finalists: 

• Aumint.io 
• IgniSign  
• DISS-CO 

Cybersecurity, Privacy and Regulatory expert insights 

The 2024 edition of the Out of the shadows: CISOs and DPOs in the spotlight! Market survey was at the heart of the roundtable discussion, moderated by Maxime Pallez Cybersecurity Director, Cybersecurity Governance, Risk and Compliance Leader and Antonin Jakubse; Privacy Senior Manager, PwC Luxembourg with the support of the Club de la Sécurité de l’Information (CLUSIL), the Commission Nationale pour la Protection des Données (CNPD), the Commission de Surveillance du Secteur Financier (CSSF), and the Institut Luxembourgeois de Régulation (ILR). This allowed for some valuable insight both regulatory and from cybersecurity professionals. 

Here are some highlights:  

• Survey conducted in Q1 2024 with 97 CISOs and DPOs from various industries 
• Close to 25% of respondents were women, up from 8% in 2022 
• CISOs and DPOs are optimistic about improvements in cybersecurity and data compliance 
• Both CISOs and DPOs are involved in AI projects, with CISOs slightly more involved from the start 
• Key benefits of Generative AI (GenAI) for CISOs include threat detection, data category amplification, continuous monitoring, and customised intelligence 
• DPOs see GenAI as beneficial for data amplification, compliance support, and strengthening defences 
• Key threats identified are privacy concerns and ethical considerations  
• Regulations like DORA, NIS2, and the EU's Data Governance Act and Data Act are significant for cybersecurity and data privacy 

For more information about the survey, visit the link: Out of the shadows: CISOs and DPOs in the spotlight! 

This roundtable was followed by, “The latest trends in cyberattacks, technology watch from PwC LU’s Ethical Hackers” with Maxime Clementz, Ethical hacker & Cybersecurity Senior Manager, PwC Luxembourg. 

Finally, at the very end of the day, Koen Maris,?Advisory Partner, and current Cybersecurity & Privacy Leader at PwC Luxembourg, announced that he would be leaving Luxembourg, although he will remain in the PwC network. At the same time, Thierry Kremser, Advisory Partner, Deputy Advisor and Technology Leader, PwC Luxembourg, announced that replacing Koen would be not one but two people, Maxime Pallez, Director at PwC Luxembourg currently leading the Cybersecurity Governance, Risk and Compliance practice and Simon Petitjean , Cybersecurity Director, Offensive Security & Red Team Leader, PwC Luxembourg.  

The PwC Cybersecurity & Privacy Day is PwC's annual flagship event, the mission of which is to help CISOs, DPOs and CEOs ensure they keep their organisation secure in a digital society. The organisers extend a warm thank you to all the participants and speakers for another successful get together.