Innovations, trends and challenges in cyber security – that was the 13th InfoGuard Innovation Day

InfoGuard experts and 14 leading security and network manufacturers presented the future of cyber security and cyber defence in 23 sessions and at virtual exhibition stands. The keynote speeches by Dr Hannes P. Lubich, Member of the Board of InfoGuard, and Thorsten Kleinsteuber, Head of IT Infrastructure at the KOLB Group, set the highlights. Lubich gave practical recommendations on how to manage the balancing act between security and compliance in the regulatory jungle. Kleinsteuber reported on the convincing arguments in favour of the “24/7 Managed SOC” solution from Swiss cybersecurity provider InfoGuard and debunked the cliché of a “high-price island”.

Successfully mastering the balancing act between security and compliance – Keynote on cybersecurity in the regulatory jungle

Dr Hannes P. Lubich opened the event with his keynote speech on the increasing complexity in the area of conflict between governance, compliance and cyber security. In doing so, he emphasised and clearly explained the fundamental difference between governance as forward-looking “doing the right thing right” and compliance as retrospective “proving that the right thing has been done”.

While governance represents the non-delegable management task and defines clear structures for decision-making processes, compliance focuses on legally compliant documentation for the fulfilment of prescribed verification obligations. According to Lubich, this duality has been further intensified as a result of the increasing density of regulation, particularly in the EU. The challenge for companies lies in the balancing act between legal requirements such as data protection, liability and due diligence on the one hand and specific regulations such as ISO27001, BSI standards or EU regulations on the other.

Lubich presented his pragmatic approach to successfully mastering this wave of regulation and compliance: The initial assessment is followed by a risk-oriented prioritisation of measures, which are systematically implemented and continuously reassessed. External expertise and automation can provide targeted support for internal resources.

Compliance waves can be mastered pragmatically by prioritising measures in a risk-oriented manner, implementing them systematically and relieving internal resources with external support.

Breach Talk: 24/7 Managed SOC from Switzerland – a field report from the KOLB Group

Thorsten Kleinsteuber has been responsible for the IT infrastructure of the KOLB Group, a family business founded in 1933, for eleven years. The German manufacturer of sustainable packaging stands for a closed recycling loop and has various certifications in the area of sustainable production – which the KOLB Group ensures at six locations and two central data centres with around 1,200 employees.

A 24/7 managed SOC from InfoGuard has been successfully protecting the company against cyber attacks for around two years. In his keynote speech, Kleinsteuber explained the reasons why the Swiss cyber security provider’s cyber defence solution was so convincing compared to its European competitors.

In his progress report, Kleinsteuber took a step-by-step approach to show how the original security infrastructure – which had been built up over the years – was replaced by today’s much stronger solution. The team was able to implement three of the most important quick wins of the “24/7 Managed SOC” solution immediately: Securing administrative connections with 2FA, introduction of a PAM system and XDR software. Kleinsteuber was particularly enthusiastic about the support provided by the InfoGuard security experts in the form of specific instructions, training courses and workshops. Finally, he gave a brief outlook on upcoming projects that will further strengthen the KOLB Group’s cyber security.

In a total of seven sessions, the InfoGuard experts presented a wide range of highly topical cyber security issues, findings, trends and challenges that are currently affecting the digital world and will continue to do so in the future.

The main topics at a glance:

• Ransomware Negotiations: Mathias Fuchs, Head of Investigations & Intelligence, provided unique insights into the negotiation tactics of ransomware groups and shared valuable insider knowledge from the attackers’ mindset with the audience. As part of the incident response solution, the Cyber Intervention Response Team (CSIRT) takes over the emotionally difficult negotiations with cyber criminals – thereby supporting compromised companies in a tense crisis situation.
• Security Operations Centre (SOC): In a captivating presentation, Ernesto Hartmann, Chief Cyber Defence Officer, showed how attackers can be effectively neutralised by integrated intervention capabilities in a modern Security Operations Centre (SOC). 
  Besides human expertise and proven processes, state-of-the-art technologies are one of the three cornerstones of a modern, successful SOC. For many companies, setting up their own SOC is a feat of strength. But that doesn’t have to be the case, emphasised Hartmann. This is because the three components can be referred to as a co-managed SOC at the top level.
• Penetration Tests and Red Teaming: Manuel Feifel, Tech Lead Security Research, provided practical approaches to modern “red teaming” tactics in highly secure environments and emphasised the usefulness of red teaming for companies that have established incident response in their enterprises.
• Chief Information Security Officers as a Service: Martin Hüsser, Principal Cyber Security Consultant, shed light on the forward-looking concept of strategic “CISO-as-a-service” approaches for successful attack defence. By using a CISO service, you fill the gaps exactly where the specialist is missing.
• Risk Based Vulnerability Management: The presentation by Ricardo Balseiro, Chief Technology Officer, and Michael Güttinger, Principal Cyber Security Consultant, on the topic of Risk Based Vulnerability Management. The event participants learnt from them how companies can target limited resources at key threats.
• Zero Trust: In his presentation, Michael Jeitziner, Cyber Security Consultant, impressively explained how companies are taking the next evolutionary step in the field of cyber security with Zero Trust. Implementation is demanding and requires a holistic approach, but pays off with maximum security.
  

15 leading security and network partners presented innovative solutions

The event was enriched by presentations from 14 well-known security partners, in keeping with the tradition of InfoGuard Innovation Day. Visitors to the event had the opportunity to discover the latest technologies and solutions from InfoGuard partners first-hand.

Extreme Networks demonstrated how scripting and automation workflows can be used to optimise the integration of Fabric Connect with various firewall solutions. Participants learnt how On-Premises MFA and service account protection effectively prevent the lateral spread of ransomware in the presentation by Silverfort.

KnowBe4 explained that generative AI poses specific challenges for security awareness.  Microsoft provided insights into the latest Digital Defence Report, while Palo Alto Networks presented its vision of an autonomous SOC with AI-supported automation.

In its presentation, Zurich Insurance highlighted how the partnership between Zurich Insurance and InfoGuard protects companies based on a combination of technical expertise and high-quality insurance solutions – while strengthening them in the event of an incident. Fortinet presented its Zero Trust approach for OT systems, while Vulcan Cyber explained its innovative Exposure Risk Management.

AI-powered network solutions for intelligent enterprise connectivity were presented to the audience by Juniper Networks and Nozomi Networks explained the benefits of their joint journey with Guardian Air in the field of wireless IoT security. Crowdstrike presented practical examples of how to deal with complex threats efficiently.

Tanium explained its autonomous endpoint management platform, while Akamai demonstrated why an implemented micro-segmentation is beneficial for companies. This already impressive list of exciting presentations was rounded off by the Vectra AI with its demonstration of advanced recognition methods for Microsoft environments.

InfoGuard Innovation Day 2025 – focus on exciting innovations

The 13th InfoGuard Innovation Day came to an end far too quickly! The numerous positive responses from participants are clear evidence: The event was a complete success! Compared to the previous year, this year’s event once again saw a notable increase in participants from Germany and Austria.

In 2024, the topic of cyber hygiene (best practices to ensure basic resilience) became more of aThe next InfoGuard Innovation Day 2026 will be held on Wednesday, 21 January 2026. Something to look forward to! The fourteenth edition of the Innovation Day will once again feature a number of innovations. It’s best to book the date today – so you can be there (again) next year. Register now – we look forward to seeing you!

Ready for even more first-hand cybersecurity insights?

Then the anniversary edition of our major hybrid event – the 15th InfoGuard Security Lounge – is just the right source of knowledge for you. This is earmarked for Wednesday afternoon, 25 June 2025.

Register now and secure your place early! We look forward to seeing you.

Caption: own picture archive