Speakers
-
Emir Arslanagić
CISA, CISSP, Technical Account Manager US Federal @ Qualys Inc. -
Nikola Miljanić
CISA -
Dušan Žikić
CISA, CRISC, CGEIT, CISM, CISSP, CFE -
Deniz Simseker
Chief Audit Executive (CAE) VP Internal Audit, STADA AG -
Andrea Polereczki
vCISO @ Maternity; Founder and board member @ Women4Cyber Hungary, Ivited lecturer @ Corvinus University of Budapest -
Asaf Weisberg
CSX-P, CISM, CRISC, CISA, CGEIT, CDPSE -
Dean Habuš
Co-Founder & CPO, Kolibri Labs -
Dr. Georgia Papaioannou
Specialist Security Compliance Identity, SC100, CC, IPMA, PROSCI, in preparation for CISM; Microsoft -
Rolf von Roessing
Hon. Prof., CISA, CISM, CGEIT, CISSP, CDPSE, FBCI, CABCF
Emir Arslanagić
Title of Presentation:
Breaking Lemonade: Understanding Value at RiskSynopsis
In today’s complex cybersecurity landscape, organizations face myriad threats that can disrupt operations and compromise financial stability. This session delves into the concept of Value at Risk (VaR), a pivotal metric that enables organizations to measure and manage their exposure to potential losses. Using an engaging and relatable narrative, the presentation illustrates how even small-scale operations, like a lemonade stand, can highlight core principles of risk quantification, mitigation, and resilience.Attendees will learn how to identify the most significant threats to their organization, quantify plausible losses, and align cybersecurity strategies with business objectives. The session emphasizes moving beyond generic risk prevention to focus on actionable insights that balance resources effectively and safeguard critical assets. By mastering the foundational elements of Value at Risk, participants will gain practical tools to navigate risk management challenges with clarity and confidence.
SHORT BIO
Emir Arslanagic, currently a Technical Account Manager US Federal at Qualys Inc., brings over 25 years of professional experience in the network security industry. At Qualys, Mr. Arslanagic advises Security Engineers and SOC/CERT teams of large enterprises and public entities on staying ahead in IT security domains such as Vulnerability Management, Policy Compliance (CSA, NIST, CIS, PCI DSS, etc.), Web Application Security (WAS/WAF using OWASP Top 20, TLS inspection, and URL filtering), and Endpoint Detection and Response. He also supports the integration of Qualys solutions with SIEM and data lake environments and helps define Security Architectures across Web, Mobile, Cloud, and other platforms.Throughout his career, Mr. Arslanagic has been involved in the full life cycle of security engineering, from documenting requirements, prototyping, and designing, through testing, deployment, acceptance testing, and ongoing support. His roles have spanned from engineer and team leader to business owner.
Mr. Arslanagic has designed systems that include DDoS protection, firewalls, intrusion prevention systems (IPS), vulnerability and compliance management, authentication and authorization, and non-repudiation/security log management. He has also developed a deep technical understanding of TCP/IP networks, including L2/L3 segmentation using Peering Protocols (BGP), switching, routing, load balancing, and VLANs.
As a result of his work, Mr. Arslanagic’s technical solutions have been successfully implemented across public internet networks, private data centers, and public cloud environments such as AWS, Azure, GCP, OCI, and more.
Nikola Miljanić
Title of Presentation:
ISACA membership, credentials and certification programs
Synopsis
This conference session will provide a comprehensive overview of ISACA’s membership advantages and its diverse certification programs. Attendees will gain insights into the numerous benefits of joining ISACA, such as access to a global professional network, exclusive resources, and discounts on training and certification exams.
The session will also delve into ISACA’s esteemed certifications, including:
- Certified Information Systems Auditor (CISA): Recognizes expertise in IS audit, control, and assurance.
- Certified Information Security Manager (CISM): Focuses on information security management and governance.
- Certified in Risk and Information Systems Control (CRISC): Pertains to risk management and control.
- Certified Data Privacy Solutions Engineer (CDPSE): Addresses data privacy solutions engineering.
- Certified in the Governance of Enterprise IT (CGEIT): Centers on enterprise IT governance.
- Certified Cybersecurity Operations Analyst (CCOA): Relates to cybersecurity operations analysis.
- Certified in Emerging Technology (CET): Covers emerging technology domains.
- Information Technology Certified Associate (ITCA): Provides foundational IT knowledge.
- Etc.
Each certification’s scope, target audience, and career benefits will be presented as well as guidelines, exam requirements, and maintenance of certification status. This session is designed for professionals aiming to enhance their credentials and advance in the fields of cyber security, IT audit, ICT risk management and IT Governance.
SHORT BIO
Nikola Miljanić, CISA, is a certified IT auditor with extensive experience in information security and IT auditing. He has been a long-standing member of the Board of Directors of the ISACA Belgrade Chapter. Nikola spent part of his early life in Beijing, where he attended high school, and later graduated from the Megatrend Faculty of Business Studies. After graduation, he gained five years of experience in financial and IT auditing at renowned firms, including PwC, KPMG, and PKF.
Following this, Nikola transitioned to freelance IT auditing and consulting for CaswWare applications before moving into the information security sector. Over the course of his career, he has held key roles such as:
- Security Officer at MTS Bank
- Information Security Analyst and Architect at eFront/BlackRock and Stada Group
- Currently, Information Security Specialist at HTEC Group.
In 2013, Nikola earned his CISA certification, establishing his expertise in IT auditing and security. His responsibilities have included developing and implementing business continuity plans, managing certification processes for ISO 27001, SOC 2 Type 2, and PCI-DSS, and securing cloud environments like Azure and AWS. He has also worked extensively on deploying security tools, establishing baseline security standards, and providing recommendations for IT system configurations.
With his deep knowledge and hands-on experience, Nikola has played a crucial role in enhancing the security posture and IT infrastructure of numerous organizations.
Dušan Žikić
Title of Presentation:
ISACA membership, credentials and certification programs
Synopsis
This conference session will provide a comprehensive overview of ISACA’s membership advantages and its diverse certification programs. Attendees will gain insights into the numerous benefits of joining ISACA, such as access to a global professional network, exclusive resources, and discounts on training and certification exams.
The session will also delve into ISACA’s esteemed certifications, including:
- Certified Information Systems Auditor (CISA): Recognizes expertise in IS audit, control, and assurance.
- Certified Information Security Manager (CISM): Focuses on information security management and governance.
- Certified in Risk and Information Systems Control (CRISC): Pertains to risk management and control.
- Certified Data Privacy Solutions Engineer (CDPSE): Addresses data privacy solutions engineering.
- Certified in the Governance of Enterprise IT (CGEIT): Centers on enterprise IT governance.
- Certified Cybersecurity Operations Analyst (CCOA): Relates to cybersecurity operations analysis.
- Certified in Emerging Technology (CET): Covers emerging technology domains.
- Information Technology Certified Associate (ITCA): Provides foundational IT knowledge.
- Etc.
Each certification’s scope, target audience, and career benefits will be presented as well as guidelines, exam requirements, and maintenance of certification status. This session is designed for professionals aiming to enhance their credentials and advance in the fields of cyber security, IT audit, ICT risk management and IT Governance.
SHORT BIO
Dušan Žikić, CISA, CRISC, CGEIT, CISM, CISSP, CFE, is an accredited trainer by ISACA/APMG for ISACA certification programs. Dušan has extensive experience and expertise in IT audit, IT governance, IT risk management, and information security.
Throughout his career, he has earned a wide range of professional certifications, including CISA, CRISC, CGEIT, CISM, CISSP, and CFE, showcasing his deep expertise and commitment to continuous professional development.
Dušan actively contributes to the development of ISACA’s professional practice frameworks, positioning him as a valuable member of the global professional community. He is an accredited trainer for ISACA programs in cybersecurity and IT audit, as well as for certification tracks such as Certified in Emerging Technology (CET) and Information Technology Certified Associate (ITCA).
He served as a member of the Program Committee of the ISACA Belgrade Chapter and has also volunteered for ISACA Global initiatives, where his work significantly contributed to the development and promotion of professional standards in IT audit and information technology.
Deniz Simseker
Title of Presentation:
Stay Ahead of Business: Internal Audit as a Business-Centric Function
Synopsis
This presentation explores the evolving role of Internal Audit in driving business value beyond traditional assurance. Deniz Simseker will share insights on how Internal Audit can position itself as a strategic partner within organizations, contributing to sustainable growth and process optimization. By using innovative tools like process mining and fostering a culture of performance excellence, this session highlights practical strategies for aligning audit practices with business goals and delivering tangible outcomes.
SHORT BIO
Deniz Simseker is Vice President of Global Internal Audit at STADA Group, overseeing internal audit and process mining. Pored toga, vodio je implementaciju izveštavanja o održivosti u skladu sa standardima CSRD. Kao član STADA Globalnog liderskog tima i STADA Globalnog tima za finansije, Deniz usklađuje funkcije revizije sa strateškim poslovnim ciljevima.
Sa više od 20 godina iskustva u finansijama i poslovnim ulogama u kompanijama kao što su Clariant, Merz Pharma, Boehringer Ingelheim i Sanofi, on je specijalizovan za finansijsko planiranje, izvrsnost procesa, interne kontrole, korporativno upravljanje i inovativne revizorske prakse, kombinovane sa sa velikim iskustvom u FMCG menadžmentu.
Diplomirao na Univerzitetu Johanes Gutenberg, Deniz je strastven u korišćenju tehnologija, kao što je process mining, to enhance audit efficiency and business value. He is a recognized thought leader and advocate for aligning audit with sustainable organizational growth.
Andrea Polereczki
Title of Presentation:
Use Case Brainstorming (No Magic, Just Tech) - "Dream big - with AI!"
Synopsis
Imagine if AI could solve all our problems. It's a good dream. But first, we should focus on things that can and should be solved. The possibilities of AI are limitless, but it's essential to focus on real-world use cases. Although not every problem can be solved by a single algorithm, we can dream BIG. In this presentation, we will find the magic to get in the mood of creativity, dive into tech details smartly, and make the collective effort to create value from our new smart pet without wasting time and losing hope in the middle.
SHORT BIO
Andrea is a highly qualified Information Security Officer (CISO) with exceptional leadership skills. She has always had a strategic vision for emerging technologies and has in-depth knowledge of them. Her expertise has always fostered innovation, and her projects have always achieved the desired impact and created value for business stakeholders. Andrea's problem-solving skills have also facilitated fitting robust solutions that have often exceeded prior expectations. She easily communicates complex IT architecture or technology between parties, facilitates collaboration, stays up-to-date with industry trends, and prepares informed decisions that drive organizational strategy and business goals. Her reliability and leadership qualities have earned her the respect and trust of his peers, making her a recognized leader in IT security.
Asaf Weisberg
Title of Presentation:
From Isaac Asimov to ChatGPT: How AI is Changing the World
Synopsis
This presentation explores the projected impact of AI on society, highlighting key opportunities, risks, and ethical considerations. We’ll delve into the timeless question first posed by Isaac Asimov: will robots rule the world? This thought-provoking session offers insights into one of today’s most significant technological advancements.
SHORT BIO
Mr. Asaf Weisberg, CSX-P, CISM, CRISC, CISA, CGEIT, CDPSE, is a Director on ISACA's Board, with prior roles as chair of the Risk and Technology and Innovation and Technology board committees, and a decade of service on ISACA's Israel chapter board, including two terms as chapter president.
As the founder and CEO of introSight, he leads risk management methodologies and directs risk assessment and management projects. With extensive experience in cybersecurity and IT, Mr. Weisberg advises boards and executives on cybersecurity risk. His background includes roles as MIS Manager and IT Infrastructure Director for multinational corporations, where he developed deep expertise in both leadership and technical domains.
Dean Habuš
Title of Presentation:
Understanding LLMs: A Practical Guide to Implementing AI Safely in Business.
Synopsis
AI presents significant opportunities for businesses to enhance their processes, but the pressing question is how and where to begin implementation effectively. In this lecture, we will delve into the workings of Large Language Models (LLMs), explaining how they are trained, how they manage data, and how they facilitate user interactions. Understanding LLMs is essential for evaluating the security, data privacy, and compliance implications of adopting AI in a business context. Through clear explanations and practical case studies, we will showcase which business processes are ideal for initiating safe and valuable AI integration. This approach ensures participants can seamlessly connect theory to practical applications in their professional roles.
SHORT BIO
Dean is the Co-founder and Chief Product Officer of Kolibri Labs, a company specializing in artificial intelligence consulting and software development. As a serial entrepreneur, he has consistently demonstrated his ability to develop innovative software that addresses complex enterprise challenges.
He has co-founded three tech startups, each known for their innovative approach to solving business problems. His first venture was acquired by a company that later became part of Heineken's portfolio. In his second startup, he secured both a strategic partnership and investment from the insurance giant Generali Holding. Most recently, his third venture gained global recognition and earned approval from one of the world’s leading furniture retailers, with whom it has maintained a successful collaboration for several years.
This impressive track record showcases Dean's expertise in identifying market opportunities, building scalable solutions, and creating substantial value for stakeholders across diverse industries. His ventures reflect a consistent pattern of transforming innovative concepts into successful business outcomes through strategic partnerships with global industry leaders.
Dr. Georgia Papaioannou
Title of Presentation:
The evolution of Cyber Threat Landscape in the new AI era
SHORT BIO
Georgia has extensive international experience in tackling complex challenges in Electrical Engineering and Information Technology, with additional expertise in Project Portfolio Management and Change Management.
In her current role as Solution Specialist Security Compliance Identity at Microsoft, she leads international cross-functional teams of security experts, focusing on identifying solutions to enhance enterprises‘ security posture and ensure that compliance standards are met. She is passionate about learning and holds certifications in CC, SC100, SC200, PROSCI, IREB, and IPMA. Her commitment to creating a better world for her and all young professionals drives her involvement in various programs. She is focused on reducing the gender gap in the Cybersecurity Workforce as well as raising awareness regarding the importance of diverse teams. Her volunteering activities include active engagement as a Mentor at "Women4Cyber", Cybermentor”, "Clicked" and “ReDi School of Digital Integration”. She also holds an Ambassador Role at “PANDA | The Women Leadership Network,” and last but not least, is Member of the (ISC)², ISACA and in the Leadership team of she@ISACA Initiative (German Chapter).
Rolf von Roessing
SHORT BIO
Past Global Vice Chair, Past International Vice President, ISACA Board of Directors, Past Chairman of the Audit Committee, The Business Continuity Institute.
Rolf von Roessing is a partner and CEO at FORFA Consulting AG, an international consultancy firm specialising in GRC, security and related disciplines. He brings 30 years of experience in governance, risk management and compliance; security and business continuity; and crisis management in a range of sectors, including banking and finance, insurance, wholesale and retail, automotive, and healthcare.
He has also been teaching as a senior lecturer in M. Sc. courses at Donau-Universität Krems since 2005 and is a member of the Academic Council for M. Sc. Management and IT, M. Sc. Information Security Management, and M. Sc. Cybersecurity.
He is a former International Vice President and Global Vice Chairman of ISACA (2009-2011; 2019-2021) Since 2021, Rolf has been lead developer within the core team developing the ISACA Digital Trust Ecosystem and Framework (DTEF), and a principal reviewer of the related AI white paper by ISACA.
From 2001 to 2008, Rolf was a member of the BCI Board of Directors, and Chairman of the Audit Committee from 2003 to 2008.
Rolf has published extensively on BCM, resilience and cyber topics since 2001. A list of works is available on scholar.google.com and academia.edu. He frequently provides contributions to leading journals and magazines such as Computer Weekly. In 2023, he was nominated as one of three worldwide ISACA Global Evangelists.
Moderator
-
Miloš Maksimović
Founder: OneMan Show, Golden Voice, Pričaj Mi app -
Sanja Kekić
CRISC CDPSE, CEDARS International, Assistant Director
Miloš Maksimović
Kratka biografija
Miloš Maksimović is a professional radio and TV host, narrator, car journalist and multimedia personality. As a multi-tasked freelancer for the past 5 years, he is a recognizable face of the YouTube channel "Polovni Automobili" and the podcast "Autopriče", as well as a presenter on Shoppster TV.
Previous professional media engagements include the roles of news presenter, the show "State of the Nation" and the morning radio program "Dizanje" on the former B92 TV; presenter of the news, "Noćni Žurnal" and the quiz "Prva te zove" on TV Prva.
He is the founder of the Pričaj Mi application intended for children and young people.
Miloš is the parent of two adults, aged 26 and 23.
Sanja Kekić
SHORT BIO
Sanja Kekić, SheLeadsTech Liaison, is the ISACA Belgrade Chapter co-founded. She was the chapter's President from 2016 to 2021. In addition, Sanja has been a member of the ISACA SheLeadsTech Chapters Engagement Working Group for Europe and has contributed to developing the ISACA Digital Trust Ecosystem and Framework (DTEF). Her leadership was recognized with the ISACA Outstanding Leaders Award in the Small Chapter Category in 2018, and she has received the ISACA Chair's Fellowship Award for the 2024-2025 term on the Board of Directors.
As the Assistant Director of Client Delivery at CEDARS International, she focuses on enhancing cyber protection and addressing cyber-attacks targeting critical infrastructure. Sanja has also participated in a project aimed at boosting cybersecurity capacity and workforce development in Eastern Europe, particularly emphasizing the importance of increasing women's representation in the cybersecurity field.
Furthermore, as the founder and President of the Women4Cyber Serbia Chapter, she is committed to increasing and promoting women in cybersecurity and fostering the creation of a better cybersecurity environment for women.
She was recognized as one of the most influential women in cybersecurity in Europe (2019) by SC UK Media and was featured in the book "Hacking Gender Barriers—Europe's Top Women."