OWASP Security and Compliance by design

Welcome to a unique event where Agnes Hammarstrand (Partner and Lawyer at Delphi Law Firm), Rikard Bodforss (CEO of Bodforss Consulting), and Tobias Ahnoff (Head of Cybersecurity at Omegapoint) clarify how new and upcoming regulations such as NIS2, CRA or DORA affect those of us who build, develop, and maintain applications:

• What do these new regulations mean in practical terms for DevOps teams and organizations at large?
• How do we create secure, “compliant by design” applications and systems?
• What changes, risks, and opportunities lie ahead as regulations continue to multiply?

During this session, you will gain insights into how these directives are designed to strengthen security and what concrete measures are required of organizations. We will discuss everything from the distribution of responsibilities and practical implications to how you can prepare to effectively meet today’s and tomorrow’s regulatory demands.
Through presentations and a panel discussion, you will get an:

• Expert analyses of the legal landscape for IT and cybersecurity.
• Hands-on advice on how to design robust processes and technical solutions that meet requirements.
• Tips on how DevOps organizations can integrate compliance into their daily work without compromising on innovation and efficiency.

By understanding the fundamentals of these new regulations and learning from the experts’ experiences, you will gain a better understanding of security and compliance by design. Don’t miss the chance to get your questions answered and network with others in the industry!

Agenda:
17:30 - 18:00: Doors open to Omegapoint, grab a sandwich and beverage

18:00 - 18:30 Agnes Hammarstrand will introduce NIS2 from a legal perspective.

18:30 - 19:00 Tobias Ahnoff will speak about Security and Compliance: How do we create applications that are both secure and compliant by design?

19:00 - 19:10 Short break

19:10 - 19:40 Panel Discussion with Agnes, Tobias and Rikard

19:40 - 22:00 Mingle and snacks

Agnes Hammarstrand is one of Sweden’s leading experts in IT/tech and cyber law. Her specialist expertise includes data protection/GDPR, commercial tech and IT agreement, cloud services, Cyber and information security law. Agnes has extensive experience assisting companies with drafting and negotiating contracts and giving advice within the tech sector. Together with her leading team here in Göteborg, she helps businesses navigate legal matters. Two years in a row Agnes was voted "Lawyer of the Lawyers," meaning the attorney that the most lawyers and associate lawyers in Sweden would choose to hire for a business law matter (in all categories).

Tobias Ahnoff is an experienced developer and architect with focus on application security. He specializes in implementing authentication flows and authorization for web applications and APIs that manage sensitive data in the bank, finance, and health sectors. Tobias performs security reviews and penetration tests as part of Omegapoint Cybersecurity Gothenburg, a group of experts in application security. He is also member of the OWASP ASVS working group and co-author of[ securityblog.omegapoint.se](http://securityblog.omegapoint.se/)

Rikard Bodfoss is a founding partner and CEO of Bodforss Consulting, a company focusing on cyber and information security for national critical infrastructure. He is highly experienced in security governance, with a strong background in technical security and infrastructure. He has led the IT forensic practice within the Volvo Group and has extensive experience in building and managing international teams. Additionally, he has overseen IT and security operations in public critical infrastructure environments and has been the CIO for the city of Gothenburg Sustainable waste and water. He possesses deep expertise in crisis management and security incident response, ranging from cyber intrusions to dawn raid scenarios. Furthermore, he has a strong understanding of international laws related to cyber security, digital forensics, eDiscovery, and data protection.