In an era defined by accelerated disruption — from AI and automation to evolving cyber threats and regulatory demands — CIOs and CISOs are no longer supporting roles; they are co-strategists shaping the enterprise of tomorrow. This panel convenes senior technology and security leaders to explore how organisations can architect secure, adaptive digital ecosystems that drive resilience, innovation, and long-term growth across industries. 

• How CIOs and CISOs are enabling new business models and operational agility through secure, scalable platforms 

• Elevating the CIO–CISO partnership to board-level strategy — ensuring that innovation and protection go hand-in-hand 

• Embedding cybersecurity, data integrity, and privacy as pillars of digital trust and competitive differentiation 

• Managing risk and governance across rapidly evolving technology landscapes and extended value chains 

• Building adaptable digital foundations that can respond to uncertainty — geopolitical, environmental, regulatory, and technological 
  

Bernd Wenninger, Chief Information Officer, A3M Global Monitoring 

Titus Hientzsch, Group Chief Technology Officer, World Freight Company International 

Riccardo Riccobene, Senior Information Security Officer, State Street Bank International 

Moderated by: 

Robert Hellwig, Chief Information Security Officer, University of Siegen 

Spotlight #1 – Rethinking Ethical Hacking with the Cyber Resilience Platform by Marco Bertozzi, Cyber Risk Consultant, Bug Bounty Switzerland

Spotlight #2 –  With Great Power Cloud Comes Great Responsibility – A Live Hacking Experience with the Shared Responsibilities Model in Action by Moritz Gruber, Team Lead and Product Owner of Cloud Pentesting , ATOS International

The race to deploy generative AI is creating a critical security gap. While leaders recognize the risk, our research shows a staggering 32% of findings in LLM pentests are serious or critical, yet only 21% are ever fixed. This roundtable will address why traditional security practices are insufficient for AI’s unique attack surface. We will focus on pragmatic strategies to close the dangerous remediation gap between the rapid pace of innovation and the reality of your security posture. 

• The True AI Attack Surface: Discover why traditional vulnerabilities like injections remain the top threat and how they are exploited in new ways that automated scanners miss 

• Why Human-Led Testing is Crucial: Understand how creative, human-led pentesting uncovers the business logic flaws in AI systems that automated tools are blind to 

• Closing the Remediation Gap: Learn actionable strategies to overcome the “people, process, and technology” challenges that lead to a low fix rate for critical AI vulnerabilities 

• Building a Defensible AI Security Program: Move beyond checklists to integrate specialized offensive security into your AI lifecycle, ensuring you can manage risk effectively 

Christopher Elisan, Head of Offensive Security Research and Community, Cobalt 

The cybersecurity landscape has fundamentally shifted from a prevention-focused mindset to one of cyber resilience and breach containment.  

• How accepting breach inevitability changes your security architecture 

• Building containment strategies that limit lateral movement from day one 

• Managing executive expectations during Zero Trust transformation 

• Quantifying the business impact of breach containment 

• How AI is becoming central to Zero Trust architectures, enabling more nuanced risk assessments and dynamic policy enforcement 

Alex Goller, Principal Sales Engineer, Illumio 

Join HackerOne for an exclusive roundtable session exploring how today’s leading security teams are evolving their Defence in Depth strategies to meet tomorrow’s threats. We’ll break down what modern, multi-layered security really looks like — from vulnerability disclosure to continuous pentesting — and dive into one of the most urgent challenges facing security leaders today: securing AI systems.

In the second half of the session, we’ll explore how AI red teaming is reshaping how organisations identify and mitigate risks in AI models, aligning with responsible innovation and regulatory expectations.
This interactive session is designed for security leaders, and innovators looking to stay ahead of attackers, secure emerging technologies, and build resilient, trustworthy systems. 

Uwe Schäfer, Senior Manager, HackerOne 

Raffaele Clementelli – Senior Account Executive, HackerOne 

• Building a unified vendor risk framework spanning procurement, legal, product, and security 

• Tiering suppliers by business criticality and setting control baselines for each tier 

• Requiring and verifying SBOMs, coordinated vulnerability disclosure, and secure update practices 

• Enabling continuous monitoring for third-party exposure and compromise indicators 

• Contracting for incident notification SLAs, right to audit, and data residency commitments 

• Designing contingency playbooks for vendor outages, takedowns, and extortion scenarios 

• Reporting board-level metrics on third-party risk reduction and supply chain resilience 

Nauman Saleem, Senior Security Engineer, Hyundai AutoEver Europe 

Facing one million daily web requests hitting our WAF—not all benign—our AI-powered regex suite separates friend from foe, ensuring only legitimate traffic reaches our 150+ live web applications. We’ve processed over 300 million requests and counting, blocking over 2 million attack payloads without disrupting business. Using ChatGPT, Grok, Gemini, and Claude, we crafted regex patterns that exposed 20 lethal web attack vectors tied to malware, coin miners, and trojans. Ongoing tuning slashed false positives from 0.9% to 0.1%, with further gains ahead. Reporting 2,000 malware-serving IPs to URLHaus triggered over 550+ takedowns. This talk shares our dynamic methodology, statistics, and insights, empowering attendees to strengthen defenses affordably. Join us to discover how AI is revolutionizing web security today—and setting the foundation for even stronger protection tomorrow.  

Ashar Javed, Chief Information Security Officer, Hyundai AutoEver Europe GmbH 

With technology being the no.1 value creator of our times and unprecedented capabilities of AI available it’s up to CIOs to prepare their organizations best for the productivity wave 

Dr Florian Leser, Head of Data Analytics & AI, KKH