TLC Connect - Benelux CISO Series
10th & 11th March 2026
Anantara Grand Hotel Krasnapolsky Amsterdam
Amsterdam
10th & 11th March 2026
Benelux CISO Summit
The TLC Connect Benelux CISO Summit brings together senior security leaders from across the region to confront the realities of an increasingly volatile cyber landscape. Over two days, CISOs, security heads and resilience leaders will explore practical strategies for strengthening organisational preparedness, navigating geopolitical uncertainty and enabling secure business growth. The programme combines real-world case studies, peer-led roundtables and executive discussions designed to deliver clarity, perspective and actionable outcomes.
Key Themes for 2026
Resilient by Design: Embedding Security into Every Layer of the Enterprise
Cyber Resilience & Operational Continuity
Preparing for disruption with adaptive security models and enterprise-wide resilience planning
Threat Intelligence, Detection & Response
Enhancing visibility, anticipating attacker behaviour, and accelerating response across hybrid environments.
Identity, Access & Zero Trust Execution
Embedding identity-first security, continuous verification, and least-privilege controls across the organisation.
AI, Automation & Secure
Innovation
Implementing AI safely, reducing cyber workload with automation, and enabling secure digital transformation.
Our Speakers
Ben Hanson
Field Engineering Director & Field CTO
Zenity
Matt Logan
Field CTO
Securiti AI
Lance Moraitis-Jones
Senior Sales Engineer
Recorded Future
Alex Hitchen
Sales Engineer
Huntress
Pavel Shepetina
Head of Integration Architecture & Technical Communications
Group IB
Maurice Godschalk
Regional Director Benelux & Nordics
OPENVAS B.V.
Peter Dorrington
Founder
XMplify Consulting
Trish McGill
Executive Subject Matter Expert – Cyber Security IT/OT
De Heus Voeders
Siegfried Moyo
Director IT Security – Corporate
AMC
Wouter Moors
Information Security Officer
Ministry of Justice
Daniela de Almeida
Global Information Security Officer
Hunkemöller
Koen Hendrix
Director, Product Security
Zendesk
Michael Payne
Director of Information Security
Landal
Jason Weissbein
General Counsel & Former CISO
Confidential
Trevor Rudolph
VP Global Digital Policy and Regulation
Schneider Electric
Alan Lucas
Chief Information Security Officer
Worldstream
Pascal van Verseveld
Chief Information Security Officer
PAY
Adrian Geismaier
ITS Information Security Director
Galapagos
Vas Nevjadomskis
Regional CISO
Kraft Heinz
Prat Sinha
Senior Director, Responsible AI
Decathlon
Pritti Rana
Speaker
National Cybersecurity Center Netherlands
Nick Prescot
CISO
Norgine
Elevate Your Security Dialogue
Summit Agenda Overview
Welcome to the TLC Connect Benelux CISO Summit 2026. Join senior cybersecurity and technology leaders as we unpack the forces reshaping the European threat landscape. Across two focused days, the Benelux CISO Summit examines regulatory change, AI-enabled threats, identity security, Zero Trust evolution, and the next generation of resilient security architectures.
This agenda is built to deliver clarity, accelerate decision-making, and equip CISOs with practical steps to strengthen enterprise-wide resilience.
12.00 - Registration
Arrival, registration and networking lunch
13:00 - Chair's Welcome
Welcome and Agenda Overview
Peter Dorrington – Founder – XMplify Consulting Ltd
13:05 - Fireside Chat - Strategic Resilience: Leading Cybersecurity Through Global Uncertainty
Global instability is reshaping the cybersecurity landscape. According to IDC, worldwide security spending is projected to grow by 12.2% in 2025, reaching $377 billion by 2028, as organisations grapple with increasingly complex and politically charged threat environments. Gartner highlights that non-executive directors now view cyber risk as a direct threat to shareholder value, yet many security functions still fail to adapt their strategies when business objectives shift.
Gartner’s 2025 cybersecurity trends also emphasise that resilience — embedding continuity and adaptability into security programmes — is now a top priority for CISOs. The message is clear: cybersecurity is no longer just about defence, it is about strategic resilience in the face of global uncertainty.
This panel will explore how cybersecurity leaders can:
• Anticipate and adapt to geopolitical disruptions, from sanctions to supply chain instability.
• Balance compliance and agility amid diverging regulatory regimes.
• Translate geopolitical risk into board-level strategy, ensuring cyber resilience is seen as a business enabler, not a cost centre.
Sr. SME Cyber Security
Royal De Heus
Chief Information Security Officer
PAY
Chief Information Security Officer
Worldstream
ITS Information Security Director
Galapagos
Regional CISO
Kraft Heinz
13:55 - Customer Case Study - Securing AI Agent Rollout at a Major Financial Institution
This session will review a case study of a major US bank facing security challenges that blocked its planned deployment of enterprise AI agents across more than 100 petabytes of structured and unstructured data.
The organisation struggled with a lack of trusted data for AI consumption, the massive scale of metadata management, and complex regulatory compliance requirements. Learn how the bank transformed its data security and compliance strategy to enable safe AI agents by automating risk detection and enabling data access at business speed.
We will explore the journey to establish strong AI governance, enabling the safe and accelerated adoption of enterprise knowledge agents, and the key finding that data must be classified and labelled before it can be safely used by any AI system.
Field CTO
Securiti AI
14:20 - Customer Case Study Workshops - Threat-informed Defence
In a world of fast-evolving threats fuelled by AI, security teams remain trapped in reactive cycles — manually hunting threats, correlating disparate feeds and struggling to operationalise intelligence. Analysts spend too much time on alert triage, threat data sits in silos requiring manual correlation, and teams often lack clear ways to measure the ROI of threat intelligence.
This session explores how intelligence-led organisations are shifting from reactive defence to predictive and even autonomous security operations. Learn how leading teams are using intelligence to anticipate threats, streamline cyber operations and enable continuous, proactive defence in an increasingly AI-driven threat landscape.
Key takeaways include how organisations are using intelligence to:
• Transform cyber operations into a competitive advantage
• Reduce operational bottlenecks and enable continuous cyber defence
• Achieve autonomous operational intelligence
Senior Sales Engineer
Recorded Future
14:40 - Networking Break & Vendor Exploration
15:00 - Safe AI, Strong Business: Building Trustworthy AI-Driven Enterprises (3 x 15 minutes case studies followed by panel Q&A)
As artificial intelligence rapidly reshapes the enterprise landscape, CISOs are under mounting pressure to balance innovation with responsibility. PwC’s 2025 Global Digital Trust Insights Survey highlights that AI has emerged as the top cybersecurity investment priority, yet only 6% of organisations consider themselves “very capable” of withstanding cyberattacks across all vulnerabilities.
This stark gap highlights the urgency for enterprises to adopt proven, real-world safeguards as AI adoption accelerates across the business. Without clear governance, trusted data foundations and security controls, organisations risk introducing new vulnerabilities faster than they can manage them.
This session will feature three 15-minute real-world case studies followed by a dynamic panel Q&A where speakers will debate lessons learned, share practical safeguards, and explore what “AI-safe” truly means in the context of enterprise resilience.
Director Cyber | IT | AI Security
Americold Logistics
Senior Director, Responsible AI
Decathlon
Chief Information Security Officer
Norgine
16:05 - Customer Case Study Workshops - Customer Case Study Workshops - Operationalizing Threat Intelligence in the AI Era
Align leadership on how threat intelligence changes in the AI era — driving faster decisions, stronger controls, and measurable reductions in exposure. As AI accelerates the scale and speed of attacks, organisations must rethink how intelligence feeds into operational security and executive decision-making.
This interactive workshop explores how security leaders can move from passive intelligence consumption to operational threat intelligence that directly informs risk management, security controls, and business priorities.
In this workshop we will cover:
• What has materially changed in the AI era: faster, scaled campaigns and a surge in fraud and impersonation risk alongside traditional cyber threats
• The operating model for “operational TI”: building a closed-loop lifecycle from requirements to intelligence feedback
• How to make intelligence actionable while maintaining safe and responsible usage
• Optional exercise: executive selection of three Priority Intelligence Requirements (PIRs) that will drive real decisions this quarter and next
Head of Integration Architecture & Technical Communications
Group IB
16:30 - Roundtable Discussions
Roundtable Discussion 1: Third Party Risk in the Age of AI Vendors
AI vendors are rapidly entering supply chains, often with opaque models and unclear data practices. Traditional third party risk approaches struggle to assess and manage this new class of supplier.
Moderation Questions:
- What’s different about assessing AI vendors compared to traditional suppliers?
- How do you verify claims about data handling and model security?
- Should regulators mandate AI vendor transparency, or can industry self-regulate?
- What’s one control you would never compromise on with an AI supplier?
Roundtable Discussion 2: Insider Threats in Hybrid Workforces
Remote and hybrid work has blurred the boundaries of insider risk. Employees, contractors and partners can access critical systems from almost anywhere, while expectations of trust and privacy remain high.
Moderation Questions:
- What’s the most effective insider threat control you’ve implemented?
- How do you balance employee trust with monitoring and surveillance?
- Should insider threat programmes sit with HR, IT or Security?
Roundtable Discussion 3: Cybersecurity Benchmarking
Benchmarking maturity is essential, but many metrics are vanity figures that don’t drive better decisions. This discussion looks at how to measure what actually matters.
Moderation Questions:
- What’s the most meaningful benchmark you use internally?
- How do you compare maturity across different industries and geographies?
- Should benchmarking be standardised or remain sector-specific?
16:50 - Chair's closing remarks
17:00 - Networking Drinks
18:30 - Dinner
08:00 - Registration
08:50 - Chair's Opening and Day 1 Recap
09:00 - Panel Discussion - Navigating the Stringent Regulatory Landscape: Governance, Risk Management and Compliance - Cyber Resilience Under Regulation (NIS2, DORA, national rules)On
European cybersecurity regulations are evolving rapidly and frameworks such as NIS2, the Digital Operational Resilience Act (DORA), and the Cyber Resilience Act are reshaping roles and responsibilities for organisations across Europe.
This session will explore robust governance frameworks, risk management strategies, and compliance best practices essential to safeguarding organisational assets and reputations in an era defined by constant change and heightened accountability.
Our panellists will discuss:
• Effective models for cybersecurity governance that help organisations embed security at the strategic level.
• Best practices in risk management focused on early threat detection, continuous monitoring, and agile response.
• Building a future-proof compliance strategy that can adapt as regulations continue to evolve.
Information Security Officer
Ministry of Justice
Former CISO & General Counsel
Confidential
VP Global Digital Policy and Regulation
Schneider Electric
Regional Director Benelux & Nordics
OPENVAS B.V.
09:45 - Platinum Keynote - The Control Layer Manifesto: A Unified Approach to Scaling AI Agents
Scaling AI agents beyond simple pilots requires more than just high-performing models; it requires an independent control layer. This session introduces AI Commander as a complete solution framework, focusing on how a unified platform can detect hidden risks, enforce consistent policies, and provide AI resilience through precision rollbacks.
Attendees will learn how organisations can transition from siloed, ad-hoc security practices to a proactive “inside-out” architecture built on deep contextual data insights, enabling AI adoption at enterprise scale while maintaining governance, compliance, and operational control.
Field CTO
Securiti AI
10:20 - Customer Case Study Workshops - Ransomware in 2026: Defence Against the Dark Arts
Ransomware doesn’t start with a ransom note — it starts with a single silent breach. In this session, Huntress will walk through a real-world deployment where a mid-sized organisation used Huntress SIEM, EDR, ITDR and SAT to detect a VPN compromise, contain lateral movement, and prevent a ransomware event before lockout.
The session will focus on the practical steps taken, how the SOC operated in the middle of an active intrusion, and the measurable impact on response time and overall resilience. Delegates will leave with concrete lessons they can apply to strengthen their own environments and break the ransomware kill chain earlier.
Sales Engineer
Huntress
10:45 - Customer Case Study - Helping one of the largest technology companies in the world secure their own internal use of AI agents
With AI services proliferating, the internal security team recognised that only vendor-neutral controls and clear policy could scale protection efficiently. By enforcing build-time standards, monitoring runtime drift, and scaling to more than 2.2 million daily interactions across five key risk scenarios, Zenity empowered the Securing AI Programme to achieve its 2025 objective of enterprise-wide AI service deployment.
Environment overview:
• 90,000 agents
• 55,000 developers
• 2.2 million interactions per day
Field Engineering Director & Field CTO
Zenity
11:10 - Networking Break & Vendor Exploration
11:30 - Keynote - The Impact of Regulation on Multinational Companies
Keynote presentation from Trevor Rudolph, VP Global Digital Policy and Regulation at Schneider Electric. Trevor brings extensive experience at the intersection of cybersecurity, public policy and digital transformation, advising governments, regulators and global enterprises on the future of digital resilience.
Further session details will be announced shortly.
VP Global Digital Policy and Regulation
Schneider Electric
12:00 - Executive Peer Exchange (Open Discussion) & Partner Exploration
12:20 - Networking Lunch & Partner Exploration
13:20 - Panel Discussion - From Blind Spots to Blueprints: Building Resilient Supply Chain Security
Supply chain ecosystems have become one of the most exploited entry points for cyber adversaries. According to Gartner, 44% of organisations plan to substantially increase year-over-year spend on supply chain cybersecurity as digitalisation expands and risks multiply. Yet despite this investment, the complexity of multi-tier supplier networks continues to create significant blind spots.
Meanwhile, Forrester and IDC highlight that third- and fourth-party risks are now among the top three concerns for CISOs worldwide. IDC projects that by 2026, 45% of organisations will mandate evidence-based cyber resilience reporting from their suppliers as supply chain assurance becomes a board-level priority.
This session will unpack these often “invisible” risks and explore:
• Practical frameworks for vendor risk management, Zero Trust adoption, and continuous monitoring.
• Collaborative defence models that shift supply chain security from a siloed effort to an ecosystem-wide imperative.
• Real-life learnings and actionable insights from complex supplier environments.
Global CISO
Hunkemöller
Director of Product Security
Zendesk
Director Information Security
Landal
ITS Information Security Director
Galapagos
14:05 - Keynote - Upskilling Cybersecurity Team for the Future
14:30 - Roundtable Discussions : Talent, Wellbeing, and Building Resilient Security Teams
Roundtable Discussion 1: From Burnout to Balance – Safeguarding the Mental Health of Security Teams
Cybersecurity professionals often operate under relentless pressure — long hours, high stakes, and constant threat monitoring. Participants will discuss how leaders can proactively address burnout, foster psychological safety, and embed wellbeing into the culture of security teams.
Moderation Questions:
- What early warning signs of burnout should leaders look for in their teams?
- How can cybersecurity leaders balance 24/7 operational demands with sustainable workloads?
- Which wellbeing initiatives have proven effective in high-stress security environments?
- How do you measure the ROI of wellbeing programmes in terms of resilience and retention?
Roundtable Discussion 2: Resilience Through Diversity – Building Teams That Think Differently
Diversity of thought, background, and experience strengthens problem-solving and resilience. Participants will explore how to embed diversity, equity, and inclusion (DEI) into security hiring and leadership pipelines.
Moderation Questions:
- How does diversity directly impact the resilience of a security team?
- What barriers still exist to building diverse security teams, and how can they be dismantled?
- How can cybersecurity leaders ensure DEI initiatives are authentic rather than performative?
- What metrics or benchmarks can track progress in building diverse teams?
Roundtable Discussion 3: Upskilling for the Future – Preparing Teams for AI, Cloud & Emerging Threats
As technology evolves, so must the skills of security professionals. This roundtable focuses on continuous learning, reskilling, and preparing teams for the next wave of threats, from AI-driven attacks to quantum risks.
Moderation Questions:
- Which emerging skills are most critical for security teams over the next 3–5 years?
- How can cybersecurity leaders create a culture of continuous learning without overwhelming staff?
- What role should certifications, labs, and simulations play in upskilling?
- How do you balance investment in training with immediate operational needs?
15:15 - Chair's Closing Remarks & Key Takeaways
15:30 - Programme end
Sponsors
Who Should Attend?
Designed for Security & Risk Leaders Strengthening Enterprise Resilience