Winners of the 2024 Cybersecurity & Privacy Solution of the Year - People's and Jury's Choice Awards; Credit: PwC Luxembourg

As reported by PwC Luxembourg, another successful edition of the PwC Cybersecurity & Privacy Day came to a close on Wednesday 5 June 2024 at the firm's Crystal Park premises.

A total of 200 attendees and speakers took part in a day filled with keynote speeches and workshops, discussing "The AI paradox: a blessing or a curse". Both the Jury's and the People's Choice Awards were presented at the end of the day, with Contrast Security winning the Jury's Choice Award and Data & More taking home the People's Choice Award. During the event, this year's "Out of the shadows: CISOs and DPOs in the spotlight 2024" market survey was also discussed.

Speaker highlights

Throughout the day, this year's theme shone a spotlight on the dual-edged nature of artificial intelligence (AI) in the realm of cybersecurity and privacy. The morning kicked off with welcome words from Koen Maris, Advisory Partner and Cybersecurity & Privacy Leader at PwC Luxembourg and host of the event. "AI is here, and it will never go away. Is it a weapon or a tool? Is it friend or foe?” He was joined in the greeting by Grant Waterfall, Partner and Cyber Security & Privacy Leader at PwC EMEA, who praised the mix of people in the audience, ranging from tech experts to startups, regulators, and cyber and privacy specialists.

Mika Lauhde, Senior Fellow at Maastricht University, gave a talk entitled "AI and sign of the times", in which he discussed the current geopolitical context. As Head of Technology, Delegation for CyberSpace at the International Committee of Red Cross, he leads the R&D unit that develops new digital technologies for global humanitarian use with cybersecurity in mind. He pointed out three reasons why there is currently a need to "double down on security": geopolitical fragmentation, the emergence of AI itself and the new era of cyber transparency, with the pressure from regulators demanding more mandatory reporting. Mika also warned against the monopolisation of technology, with only a few companies dominating everything from mobile technology to the internet.  

Dr Donia Elkateb. Senior IT-Security Engineer at the European Investment Bank (EIB), gave a talk on "Application Security and AI", notably commenting that "the bad guys are also using AI", and punctuating this comment with an example of how hackers are using ChatGPT to create polymorphic malware.

This was followed up by Stan Scharnigg, co-founder of Chunk Works, who told the crowd: "The AI genie is out of the bottle", comparing the current situation with the dawn of nuclear power, with both "great" applications but also the danger of "bad" actors. He made a point about quantum computing and AI and how breakthroughs could come much faster than we ever imagined. He also advised that agility holds the key in dealing with the future - but are we ready for the future?

In his talk "Security in the era of Generative AI", Nico Sienaert, Sr, GTM Lead Security at Microsoft, proposed the following analogy: "If cybercrime, which currently is estimated at around $8 trillion, was a country's economy, it would be the third biggest in the world." Whilst estimates vary on the scale of cybercrime, it gave the audience a vivid image of what the world is up against, noted PwC.

Herwig C. H. Hofmann, Professor of European and Transnational Public Law, Head of the Department of Law at the University of Luxembourg, FEDEF, provided insights in relation to "Information Management in the Regulation of Privacy and AI". He explained that information management is emerging as the central focus of EU regulation in digitalisation package, imposing obligations on individual actors which can be only complied with by means of an increasingly granular collection of information sourcing.

The afternoon was dominated by a series of workshops where attendees could attend up to two on a variety of topics. The late afternoon keynote saw Geoff White, investigative journalist, speaker and author, speak about "Cybercrime's Enablers - Inside the Network of Financial Crooks that Keep Hackers in Business".

Pitching Competition 2024

One of the highlights again this year was the pitching competition. After an international call for submissions, PwC Luxembourg selected five cybersecurity and privacy companies with relevant solutions for the Luxembourgish market. On Wednesday, the Jury's and the People's Choice Awards were presented, with Contrast Security winning the former and Data & More taking home the latter.

Jury member Roman Borisovich, an international financier who has been coming to the event for five years, spoke about the rising quality of the pitches over time and how difficult this year's decision was, saying that it is a testimony to the recognition of this event that rather than just startups, now more established companies are travelling from across the world for a chance to pitch at this event.

The other finalists were, IgniSign and DISS-CO.

Cybersecurity, privacy and regulatory expert insights

The 2024 edition of the "Out of the shadows: CISOs and DPOs in the spotlight" market survey was at the heart of the roundtable discussion, moderated by Maxime Pallez Cybersecurity Director, Cybersecurity Governance, Risk and Compliance Leader, and Antonin Jakubse, Privacy Senior Manager, PwC Luxembourg, with the support of the Club de la Sécurité de l’Information (CLUSIL), the Commission Nationale pour la Protection des Données (CNPD), the Commission de Surveillance du Secteur Financier (CSSF) and the Institut Luxembourgeois de Régulation (ILR). This allowed for insights from both regulatory and cybersecurity professionals.

Highlights / key figures cited by PwC Luxembourg included:

  • survey conducted in Q1 2024 with 97 CISOs and DPOs from various industries;
  • close to 25% of respondents were women, up from 8% in 2022;
  • CISOs and DPOs are optimistic about improvements in cybersecurity and data compliance;
  • both CISOs and DPOs are involved in AI projects, with CISOs slightly more involved from the start;
  • key benefits of generative AI (GenAI) for CISOs include threat detection, data category amplification, continuous monitoring and customised intelligence;
  • DPOs see GenAI as beneficial for data amplification, compliance support and strengthening defences;
  • key threats identified are privacy concerns and ethical considerations;
  • regulations like DORA, NIS2 and the EU's Data Governance Act and Data Act are significant for cybersecurity and data privacy. 

This roundtable was followed by "The latest trends in cyberattacks, technology watch from PwC LU’s Ethical Hackers" with Maxime Clementz, Ethical hacker & Cybersecurity Senior Manager at PwC Luxembourg. 
At the very end of the day, Koen Maris, Advisory Partner and current Cybersecurity & Privacy Leader at PwC Luxembourg, announced that he would be leaving Luxembourg, although he will remain in the PwC network. At the same time, Thierry Kremser, Advisory Partner, Deputy Advisor and Technology Leader at PwC Luxembourg, announced that replacing Koen would be not one but two people: Maxime Pallez, Director at PwC Luxembourg currently leading the Cybersecurity Governance, Risk and Compliance practice, and Simon Petitjean, Cybersecurity Director, Offensive Security & Red Team Leader at PwC Luxembourg.