Benelux CISO Summit -

TLC Connect - Benelux CISO Series

10th & 11th March 2026

Amsterdam

10th & 11th March 2026

Benelux CISO Summit

The TLC Connect Benelux CISO Summit brings together senior security leaders from across the region to confront the realities of an increasingly volatile cyber landscape. Over two days, CISOs, security heads and resilience leaders will explore practical strategies for strengthening organisational preparedness, navigating geopolitical uncertainty and enabling secure business growth. The programme combines real-world case studies, peer-led roundtables and executive discussions designed to deliver clarity, perspective and actionable outcomes.

Days

Hours

Minutes

Seconds

Key Themes for 2026

Resilient by Design: Embedding Security into Every Layer of the Enterprise

Cyber Resilience & Operational Continuity

Preparing for disruption with adaptive security models and enterprise-wide resilience planning

Threat Intelligence, Detection & Response

Enhancing visibility, anticipating attacker behaviour, and accelerating response across hybrid environments.

Identity, Access & Zero Trust Execution

Embedding identity-first security, continuous verification, and least-privilege controls across the organisation.

AI, Automation & Secure
Innovation

Implementing AI safely, reducing cyber workload with automation, and enabling secure digital transformation.

Past and Present Speakers

Alan Lucas

CISO

Worldstream

Andreas Galatoulas

CISO

De Heus Voeders B.V.

Wouter Moors

Information Security Officer

Ministry of Justice

Richard de Vries

Team Lead Blue Cyber Shield Team

Dutch Railway

Michael Payne

Director Information Security

Landall

Daniela Lourenco

Global CISO

Hunkemöller

Andre Adelsba

VP, Group Information and Cyber Security

SES Satellites

Peter Dorrington

Founder

XMplify Consulting Ltd

Elevate Your Security Dialogue

Summit Agenda Overview

Welcome to the TLC Connect Benelux CISO Summit 2026. Join senior cybersecurity and technology leaders as we unpack the forces reshaping the European threat landscape. Across two focused days, the Benelux CISO Summit examines regulatory change, AI-enabled threats, identity security, Zero Trust evolution, and the next generation of resilient security architectures.
This agenda is built to deliver clarity, accelerate decision-making, and equip CISOs with practical steps to strengthen enterprise-wide resilience.

11.30 - Registration

Arrival, registration and networking lunch

13:00 - Chair's Welcome

Welcome and Agenda Overview

Peter Dorrington – Founder – XMplify Consulting Ltd

13:05 -Headline Keynote: The Evolving Cyber Threat Landscape: Unpredictability and Preparedness

The cyber threat landscape is shifting faster than most organisations can track. Geopolitical tension, supply chain disruption and increasingly professionalised attackers are creating a level of unpredictability that traditional, static risk models were never designed for.

This headline keynote will explore how CISOs and security leaders can prepare for the unexpected by building situational awareness, testing assumptions and designing security programmes that can flex under pressure rather than break. We’ll look at what “preparedness” really means when the next major incident is unlikely to look like the last.

13:35 - Fireside Chat - Strategic Resilience: Leading Cybersecurity Through Global Uncertainty

Global instability is reshaping the cybersecurity landscape. From sanctions and shifting alliances to disrupted supply chains, CISOs are being pulled into conversations that sit far beyond traditional IT risk – while still being expected to support aggressive digital transformation.

This fireside chat will explore how security leaders can build true strategic resilience into their programmes: anticipating geopolitical shocks, adjusting controls as business priorities move, and translating complex external risk into clear, board-ready decisions. The focus is on making cybersecurity a visible business enabler, not a sunk cost.

14.10 - Customer Case Study Workshops - AI vs. AI: Defending Against Machine-Speed Attacks

Generative AI is now powering both defenders and attackers. While security teams experiment with AI-driven analytics and automation, adversaries are using the same technologies to scale reconnaissance, craft convincing lures and launch machine-speed attacks.

These workshops will explore how leading organisations are defending against AI-enabled threats – from deepfakes and synthetic phishing to automated exploit chains. Attendees will hear practical examples of how to detect, disrupt and contain machine-speed attacks without overwhelming already stretched SOC teams.

Session: Customer Case Study Workshops – AI vs. AI: Defending Against Machine-Speed Attacks

14.55 - Networking Break & Vendor Exploration

14.10 - Customer Case Study Workshops - AI vs. AI: Defending Against Machine-Speed Attacks

15:15 - Safe AI, Strong Business: Building Trustworthy AI-Driven Enterprises (3 x 15 minutes case studies followed by panel Q&A)

As AI rapidly reshapes products, services and internal operations, CISOs are under pressure to enable innovation without opening the door to new, poorly understood risks. “Move fast and break things” is not an option when customer trust and regulatory scrutiny are on the line.

This session brings together three 15-minute real-world case studies followed by a panel Q&A. We’ll examine how organisations are governing AI use, protecting data, managing model risk and embedding security and ethics into the AI lifecycle from day one. The focus is on what “AI-safe” actually looks like in an enterprise setting.

Session: Safe AI, Strong Business: Building Trustworthy AI-Driven Enterprises

16:15 - Roundtable Discussions

Roundtable Discussion 1: Third Party Risk in the Age of AI Vendors

AI vendors are rapidly entering supply chains, often with opaque models and unclear data practices. Traditional third party risk approaches struggle to assess and manage this new class of supplier.

Moderation Questions:

What’s different about assessing AI vendors compared to traditional suppliers?
How do you verify claims about data handling and model security?
Should regulators mandate AI vendor transparency, or can industry self-regulate?
What’s one control you would never compromise on with an AI supplier?

Roundtable Discussion 2: Insider Threats in Hybrid Workforces

Remote and hybrid work has blurred the boundaries of insider risk. Employees, contractors and partners can access critical systems from almost anywhere, while expectations of trust and privacy remain high.

Moderation Questions:

What’s the most effective insider threat control you’ve implemented?
How do you balance employee trust with monitoring and surveillance?
Should insider threat programmes sit with HR, IT or Security?

Roundtable Discussion 3: Cybersecurity Benchmarking

Benchmarking maturity is essential, but many metrics are vanity figures that don’t drive better decisions. This discussion looks at how to measure what actually matters.

Moderation Questions:

What’s the most meaningful benchmark you use internally?
How do you compare maturity across different industries and geographies?
Should benchmarking be standardised or remain sector-specific?

16.45 - Chair's closing remarks

18.30 - Networking Drinks

19.30 - Gala Dinner and Guest Speaker

08.00 - Registration & Networking Breakfast

08.50 - Chair's Opening and Day 1 Recap

09.00 - ENISA Keynote Regulatory Compliance

European cybersecurity regulation is tightening fast. From NIS2 and DORA to national rules and sector-specific guidance, CISOs are expected to navigate an increasingly dense web of obligations while still enabling digital growth.

In this keynote, a representative from ENISA will outline the current and upcoming regulatory landscape, highlight where expectations are rising, and share practical guidance on how security leaders can turn compliance into a catalyst for stronger governance and resilience rather than a box-ticking exercise.

09.20 - Panel Discussion - Navigating the Stringent Regulatory Landscape: Governance, Risk Management and Compliance - Cyber Resilience Under Regulation (NIS2, DORA, national rules)On

As NIS2, DORA and the Cyber Resilience Act come into force, regulatory expectations are no longer something that can be delegated to legal or audit. Cybersecurity has become a board-level accountability issue, with personal liability and reputational risk attached.

This panel will explore how organisations are building robust governance frameworks, strengthening risk management, and embedding continuous compliance into day-to-day operations. Panellists will share lessons on engaging the board, avoiding checkbox mentality, and building a future-proof compliance strategy in an environment defined by constant change.

09.50 - Platinum Keynote - Identity Under Siege: Protecting the New Perimeter

Stolen credentials remain one of the most effective weapons in the attacker playbook. As organisations move to cloud, adopt SaaS at scale and support hybrid work, identity has become the new perimeter – and it is under constant attack.

This keynote will examine how to protect identities in a hyper-connected world: hardening authentication, detecting account takeover, addressing insider risk and defending against AI-powered phishing and social engineering. The focus is on practical controls that reduce real-world breach likelihood, not just theoretical models.

10.20 - Customer Case Study Workshops - Zero Trust at Scale: Lessons from the World’s Largest Cloud Security Deployments

Zero Trust has moved from buzzword to blueprint, but making it work across a complex enterprise is still challenging. Legacy systems, hybrid infrastructure and demanding users can quickly stall progress.

In these workshops, security leaders will share how they are implementing Zero Trust principles in the real world – segmenting critical assets, enforcing least privilege, reducing attack surfaces and measuring progress without compromising user experience or productivity.

10.40 - Case Study - Dutch Railway: The Cyber Weather Forecast

As a critical national infrastructure operator, Dutch Railway must be prepared for high-profile events such as the NATO 2025 summit and elevated geopolitical tension. Waiting for alerts is not enough.

This case study will show how Dutch Railway is building a “cyber weather forecast” capability – using threat intelligence, threat hunting and SOC 4.0 practices to anticipate malicious activity, limit attacker freedom of movement and minimise impact when incidents occur.

11.05 - Networking Break & Vendor Exploration

11.20 - Platinum Keynote - The Ransomware Economy: Disrupting the Business Model of Cybercrime

Ransomware groups now operate like mature enterprises, complete with supply chains, affiliate programmes and customer “support”. Paying or not paying is only one part of a much bigger strategic problem.

This keynote will unpack the modern ransomware economy, explain how attackers choose their targets and monetise access, and outline what effective defence looks like today: from hardening identity and backup strategies to intelligence sharing, rapid containment and executive-level playbooks.

11.50 - Customer Case Study Workshops - The Rise of Machine Identities: Securing the Newest Attack Surface

Cloud workloads, containers, IoT devices and automation pipelines have created an explosion of non-human identities. Each certificate, API key and service account is a potential entry point if not properly managed.

These workshops will explore how organisations are getting control of machine identities – discovering where they exist, enforcing lifecycle management, and preventing attackers from exploiting unmanaged or over-privileged machine credentials.

12.15 - Customer Case Study Workshops - Quantum, Compliance, and the Next Decade of Cyber Risk

12.35 - Networking Lunch & Vendor Exploration

13.35 - Panel Discussion - From Blind Spots to Blueprints: Building Resilient Supply Chain Security

CISOs are expected to provide a clear view of organisational cyber risk, yet visibility gaps, legacy tooling and fragmented ownership often leave blind spots. Without a coherent blueprint, investment decisions become reactive and tactical.

This panel will explore how security leaders are mapping their attack surface, prioritising control gaps and building practical, multi-year roadmaps that align security investment with business priorities. Expect candid discussion on what to stop doing as well as what to start.

14.15 - Roundtable Discussions : Talent, Wellbeing, and Building Resilient Security Teams

Roundtable Discussion 1: From Burnout to Balance

The relentless pace of change and incident pressure is pushing many cyber teams towards burnout. Leaders must find ways to protect capacity without weakening defence.

Moderation Questions:

Where are you seeing the highest burnout risk in your security organisation?
What practical changes have you made to reduce overload without adding headcount?
How do you make a credible case to the board for wellbeing as a risk factor?

Roundtable Discussion 2: Talent, Skills & Succession

Competition for experienced cyber talent remains fierce, while new skills are needed around cloud, AI and regulatory engagement.

Moderation Questions:

Which roles are the hardest for you to hire or retain right now?
How are you developing internal talent rather than relying solely on the market?
What does a realistic succession plan for the CISO role look like?

Roundtable Discussion 3: The Evolving Role of the CISO

The CISO is no longer just a technical leader – the role now spans strategy, communication, regulation and culture.

Moderation Questions:

How has your relationship with the board and executive team changed in the last 3 years?
Where do you spend most of your time today – technology, people, or business strategy?
What needs to change for the CISO role to be sustainable over the long term?

14.55 - Networking Break & Vendor Exploration

15.15 - Case Study - Ransomware Resilience: Prevention, Response, and Recovery

Even with strong controls, ransomware remains a question of “when”, not “if”, for many organisations. The difference between disruption and disaster often comes down to preparation and rehearsal.

This case study will walk through a real-world ransomware scenario, highlighting what worked, what failed, and which investments made the biggest difference to containment and recovery. Attendees will leave with practical ideas to tighten their own resilience plans.

15.40 - Analyst Closing Keynote: Future-proofing cybersecurity: quantum risk, AI assurance, and Zero Trust at scale

The convergence of AI-driven threats, quantum disruption, and hybrid cloud complexity is reshaping the cybersecurity agenda. Accenture’s State of Cybersecurity Resilience 2025 reports that only 36% of technology leaders recognize that AI is outpacing their defences, yet 90% of enterprises lack the maturity to counter AI-enabled threats.

With global cybercrime costs projected to reach $10.5 trillion annually in 2025 (Cybersecurity Ventures), organisations are under pressure to adopt forward-compatible security architectures that can withstand both current and emerging threats.

Quantum computing looms as a systemic risk: RSA and ECC encryption could become obsolete within the decade, exposing sensitive data encrypted today to future compromise. At the same time, Zero Trust adoption is accelerating, with over 60% of large enterprises expected to implement it as a core strategy by 2025 — yet many still battle fragmented identity and access controls.

This closing keynote will map the path from pilot to production across secure AI lifecycle controls, quantum-resistant cryptography readiness, and pragmatic Zero Trust implementation in hybrid estates. Attendees will leave with a phased blueprint that balances innovation with verifiable assurance, grounded in practitioner-grade guidance and benchmarked against global research.

16.05 - Chair's Closing Remarks & Key Takeaways

16.15 - Networking Drinks and Goodbye's

Past & Current Sponsors

Who Should Attend?

Designed for Security & Risk Leaders Strengthening Enterprise Resilience

CISOs & Security Leaders

Chief Information Security Officers, Directors of Security and Heads of Cyber responsible for steering organisational security strategy, reducing risk, strengthening resilience, and ensuring business continuity amid accelerating threats.

Risk, Governance & Compliance Leaders

Leaders overseeing cyber risk, GRC, audit and organisational oversight — focused on aligning security with regulatory expectations, strengthening governance frameworks, and building defensible decision-making structures.

Security Architecture & Engineering Leaders

Professionals designing and operating secure, scalable architectures across hybrid cloud, identity, network, and endpoint environments — tasked with reducing complexity, modernising controls, and enabling transformation at scale.

Threat, SOC & Incident Response Leaders

Heads of Threat Intelligence, SOC, Detection & Response, and Incident Management who are driving capability uplift, preparing for high-impact events, and adopting AI-enabled detection, automation, and proactive defence strategies.

TLC Connect - Benelux CISO Series

10th & 11th March 2026

Benelux CISO Summit

Key Themes for 2026

Resilient by Design: Embedding Security into Every Layer of the Enterprise

Cyber Resilience & Operational Continuity

Threat Intelligence, Detection & Response

Identity, Access & Zero Trust Execution

AI, Automation & Secure Innovation

Past and Present Speakers

Alan Lucas

Andreas Galatoulas

Wouter Moors

Richard de Vries

Michael Payne

Daniela Lourenco

Andre Adelsba

Peter Dorrington

Elevate Your Security Dialogue

Summit Agenda Overview

11.30 - Registration

13:00 - Chair's Welcome

13:05 -Headline Keynote: The Evolving Cyber Threat Landscape: Unpredictability and Preparedness

13:35 - Fireside Chat - Strategic Resilience: Leading Cybersecurity Through Global Uncertainty

14.10 - Customer Case Study Workshops - AI vs. AI: Defending Against Machine-Speed Attacks

14.55 - Networking Break & Vendor Exploration

14.10 - Customer Case Study Workshops - AI vs. AI: Defending Against Machine-Speed Attacks

15:15 - Safe AI, Strong Business: Building Trustworthy AI-Driven Enterprises (3 x 15 minutes case studies followed by panel Q&A)

16:15 - Roundtable Discussions

Roundtable Discussion 1: Third Party Risk in the Age of AI Vendors

Moderation Questions:

Roundtable Discussion 2: Insider Threats in Hybrid Workforces

Moderation Questions:

Roundtable Discussion 3: Cybersecurity Benchmarking

Moderation Questions:

16.45 - Chair's closing remarks

18.30 - Networking Drinks

19.30 - Gala Dinner and Guest Speaker

08.00 - Registration & Networking Breakfast

08.50 - Chair's Opening and Day 1 Recap

09.00 - ENISA Keynote Regulatory Compliance

09.20 - Panel Discussion - Navigating the Stringent Regulatory Landscape: Governance, Risk Management and Compliance - Cyber Resilience Under Regulation (NIS2, DORA, national rules)On

09.50 - Platinum Keynote - Identity Under Siege: Protecting the New Perimeter

10.20 - Customer Case Study Workshops - Zero Trust at Scale: Lessons from the World’s Largest Cloud Security Deployments

10.40 - Case Study - Dutch Railway: The Cyber Weather Forecast

11.05 - Networking Break & Vendor Exploration

11.20 - Platinum Keynote - The Ransomware Economy: Disrupting the Business Model of Cybercrime

11.50 - Customer Case Study Workshops - The Rise of Machine Identities: Securing the Newest Attack Surface

12.15 - Customer Case Study Workshops - Quantum, Compliance, and the Next Decade of Cyber Risk

12.35 - Networking Lunch & Vendor Exploration

13.35 - Panel Discussion - From Blind Spots to Blueprints: Building Resilient Supply Chain Security

14.15 - Roundtable Discussions : Talent, Wellbeing, and Building Resilient Security Teams

Roundtable Discussion 1: From Burnout to Balance

Moderation Questions:

Roundtable Discussion 2: Talent, Skills & Succession

Moderation Questions:

Roundtable Discussion 3: The Evolving Role of the CISO

Moderation Questions:

14.55 - Networking Break & Vendor Exploration

15.15 - Case Study - Ransomware Resilience: Prevention, Response, and Recovery

15.40 - Analyst Closing Keynote: Future-proofing cybersecurity: quantum risk, AI assurance, and Zero Trust at scale

16.05 - Chair's Closing Remarks & Key Takeaways

16.15 - Networking Drinks and Goodbye's

Past & Current Sponsors

Who Should Attend?

Designed for Security & Risk Leaders Strengthening Enterprise Resilience

CISOs & Security Leaders

Risk, Governance & Compliance Leaders

Security Architecture & Engineering Leaders

Threat, SOC & Incident Response Leaders

AI, Automation & Secure
Innovation