Main Conference Room – Session 4

Session 4

The Compliance Trap

Why Being ‘Secure Enough’ Won’t Cut It in the Era of DORA and NIS2

Time: 14:00 – 15:10

Register Now!

Now In Conjunction With:

Overview:

Many organisations think meeting regulatory compliance standards is enough to keep them secure. It isn’t. If your focus stops at compliance, you’re leaving gaps attackers can exploit. This session explores how to go beyond regulatory requirements and build a security strategy that protects your organisation from real-world threats.

Main Conference Room – Session 4

Facilitator

Paul C Dwyer

President ICTTF International Cyber Threat Task Force / CEO, Cyber Risk International

Paul C Dwyer is recognised as one of the world’s foremost experts on cyber security, risk and privacy. As CEO of Cyber Risk International he specialises in corporate and enterprise security, development of cyber defence programs, and business operations protection for CRI clients. As founder and President of the ICTTF International Cyber Threat Task Force he is an advocate for diversity in the industry and leads a community of over 30,000 with a common goal to defeat cyber evil.

View Presentation Abstract
The Compliance Trap: Why Being ‘Secure Enough’ Won’t Cut It in the Era of DORA and NIS2

Many organisations think meeting regulatory compliance standards is enough to keep them secure. It isn’t. If your focus stops at compliance, you’re leaving gaps attackers can exploit. This session explores how to go beyond regulatory requirements and build a security strategy that protects your organisation from real-world threats.

Panelists

Picture5

Michael Simpson

Senior Sales Engineer, Lookout

With a ten-year military background in highly sensitive IT infrastructure, Michael brings a rare and potent perspective to cybersecurity. His subsequent five years as a covert surveillance technician for a Commercial Spyware Vendor provided him with an insider’s view into the methodologies of sophisticated threat actors. This experience uniquely positions him to demonstrate the absolute necessity of comprehensive security measures against all tiers of adversaries. 

Complacency in mobile security, relying on baseline compliance or a sense of being ‘secure enough,’ is a dangerous fallacy in today’s rapidly evolving threat landscape. A new first wave of attacks is targeting mobile devices as the primary entry point into sensitive data and enterprise networks, rendering traditional security perimeters increasingly irrelevant. In this session we will explore how recommended Mobile Device Management does not detect or defend against the latest threats. 

Presentation on:

The new first wave of attack – Why being ‘secure enough’ or ‘compliant’ is no match for the latest mobile threats

View Presentation Abstract
The new first wave of attack - Why being 'secure enough' or 'compliant' is no match for the latest mobile threats

Complacency in mobile security, relying on baseline compliance or a sense of being 'secure enough,' is a dangerous fallacy in today's rapidly evolving threat landscape. A new first wave of attacks is targeting mobile devices as the primary entry point into sensitive data and enterprise networks, rendering traditional security perimeters increasingly irrelevant. In this session we will explore how recommended Mobile Device Management does not detect or defend against the latest threats. 

Lorna Burman

Distribution & Partnership Manager APAC & EMEA – usecure

Lorna is an experienced IT Manager of a global business, with 20+ years of navigating the channel. She was a former business owner in the tech space. Through strategic partnerships and innovative solutions, I’m committed to helping MSPs navigate the complex landscape of human-centric cybersecurity threats, creating human firewalls globally. 

The truth is, compliance doesn’t always equal security. While frameworks like NIS2, GDPR, and ISO 27001 are essential, organisations that only meet the minimum requirements remain at risk. 

Join usecure to learn why ‘secure enough’ isn’t enough anymore – and how to bridge the gap between compliance and real security resilience. 

Presenting on: 

Compliance vs. Security – Why Meeting the Bare Minimum Won’t Keep You Safe 

View Presentation Abstract
Compliance vs. Security – Why Meeting the Bare Minimum Won’t Keep You Safe

With NIS2 and DORA regulations now in full effect, businesses are scrambling to meet compliance standards. But is checking a compliance box enough to keep organisations truly secure? 

The truth is, compliance doesn’t always equal security. While frameworks like NIS2, GDPR, and ISO 27001 are essential, organisations that only meet the minimum requirements remain at risk. 

Join usecure to learn why ‘secure enough’ isn’t enough anymore - and how to bridge the gap between compliance and real security resilience. 

Brian Lowe

Country Manager, Ireland - Level Blue

Brian Lowe, a graduate of University College Limerick, embarked on his career in software sales in 2016 as a Junior MSSP Account Manager at AlienVault. Over the past nine years, Brian has demonstrated exceptional skill in developing and expanding some of the largest MSSP and Reselling Accounts in the UK and Ireland.

In 2025, Brian assumed the role of Country Manager for Ireland, where he is dedicated to fostering and enhancing partner relationships. His strategic vision and leadership continue to drive growth and innovation within the industry

Presenting on: 

More Regulatory Scrutiny Makes Incident Response Readiness (IRR) Non-negotiable

View Presentation Abstract
More Regulatory Scrutiny Makes Incident Response Readiness (IRR) Non-negotiable

With DORA, NIS2, and SEC rules tightening, incident response readiness (IRR) has become a board-level priority. Regulators now expect faster reporting, clearer governance, and proof of preparedness. This session breaks down the top IRR capabilities for 2025- risk assessments, playbooks, training, and post-incident reviews - explaining why readiness is now essential to compliance. Backed by market data, we’ll show how organisations can shift from reactive defence to proactive resilience in an era where being ‘secure enough’ no longer cuts it.

Josh Bowles

Enterprise Sales Director EMEA & APAC

Josh Bowles leads Theta Lake’s sales effort in EMEA and APAC and has previously held roles at leading software companies, including NICE and 8×8.

Presenting on: 

Managing Compliance and Cybersecurity Risk in Modern Communication Platforms.

View Presentation Abstract
Managing Compliance and Cybersecurity Risk in Modern Communication Platforms.

In today’s rapidly evolving digital landscape, modern communications platforms offer unprecedented connectivity and efficiency—but they also introduce complex compliance and cybersecurity challenges. This presentation explores the critical intersection of regulatory requirements UC solution usage, talks about how an organisation can stay compliant across all of their communications, and how these are closely linked to DORA and NIS2. 

Please can we update?

 

Cyber Conference Agenda

KeyNote:

The Cyber Arms Race: Winning in a World of AI-Powered Threats
The Cyber Arms Race: Winning in a World of AI-Powered Threats

AI is transforming the cybersecurity landscape at an unprecedented rate, creating new opportunities for both attackers and defenders. If your organisation isn’t adapting, it risks falling behind. This keynote will unpack how AI is shaping the future of cyber threats—and what you must do now to stay one step ahead.

  • Main Conference Room

10:00am- 10:30am

Paul C Dwyer, CEO, Cyber Risk International

AI in Cybersecurity: Friend, Foe, or Both?
AI in Cybersecurity: Friend, Foe, or Both?

AI is a game-changer in cybersecurity, but it’s also a double-edged sword. If attackers are using AI to breach defences, how can defenders stay ahead? This session covers real-world examples of AI in cyberattacks and how organisations can leverage AI responsibly to strengthen their security posture.

  • Main Conference Room

10:40am- 11:55am

Stream Lead: Markus Melin, Founder, NROC

The Evolution and Future of MSSPs
The Evolution and Future of MSSPs

Cybersecurity has shifted from a product to a service. This session explores how Managed Security Service Providers (MSSPs) have transformed traditional cybersecurity approaches into scalable, service-driven models. Learn how organisations can take advantage of these services to mitigate risk and manage threats in real-time.

  • Bar (upstairs)

10:45am- 11:45am

Stream Lead: David McCullough- Chief Commercial Officer, Xsell

Ransomware Reloaded: Navigating the Evolution of Cyber Extortion
Ransomware Reloaded: Navigating the Evolution of Cyber Extortion

Ransomware attacks have evolved far beyond simple encryption. Today’s attackers use tactics like double extortion, where they both encrypt data and threaten to leak it. If your organisation doesn’t have a solid ransomware response plan, you’re a target. This session covers how ransomware is changing and how to stay one step ahead.

  • Downstairs Room 3

10:45am- 11:45am

Stream Lead: To Be Announced

Fixing Human Error: The Weakest Link Is Still the Strongest Threat
Fixing Human Error: The Weakest Link Is Still the Strongest Threat

Human error remains one of the biggest causes of cyber breaches. If your staff aren’t following basic cybersecurity practices, your defences are already compromised. This session covers practical, effective ways to improve cyber hygiene across your organisation - without overwhelming your team with technical jargon.

12:15pm -13:15pm

  • Main Conference Room

Stream Lead: To Be Announced

Supply Chain Security: Your Weakest Link is Their Way In
Supply Chain Security: Your Weakest Link is Their Way In

A practical guide to identifying and fixing vulnerabilities across your supply chain before attackers exploit them. If your vendors aren’t secure, you aren’t either. This session covers real-world tactics to shore up your supply chain defences.

  • Bar (upstairs)

12:00pm -13:00pm

Stream Lead: To Be Announced

Building Cyber Resilience: Empowering People and Technology
Building Cyber Resilience: Empowering People and Technology

Cyber resilience isn’t just about having the right tools - it’s about embedding security into the very fabric of your organisation. Attackers exploit both human error and technical weaknesses, so how do you build defences that cover both? This session goes beyond firewalls and frameworks, focusing on how to develop a culture of security strategy where people and technology work together to withstand, adapt to, and recover from cyber threats. We’ll explore how to upskill teams, foster security-first mindsets, and implement adaptive technologies that keep you ahead of evolving risks. Expect practical insights and actionable steps to make resilience a core part of your organisation’s DNA.

  • Downstairs Room 3

12:00pm -13:00pm​

Stream Lead: Paul Hearns, Business Owner at PJH Consulting

The Compliance Trap: Why Being ‘Secure Enough’ Won’t Cut It in the Era of DORA and NIS2
The Compliance Trap: Why Being ‘Secure Enough’ Won’t Cut It in the Era of DORA and NIS2

Many organisations think meeting regulatory compliance standards is enough to keep them secure. It isn’t. If your focus stops at compliance, you’re leaving gaps attackers can exploit. This session explores how to go beyond regulatory requirements and build a security strategy that protects your organisation from real-world threats.

  • Main Conference Room

14:00pm  - 15:10pm

Stream Lead:Paul C Dwyer, CEO, Cyber Risk International

The Future of AV Integration in Ireland
The Future of AV Integration in Ireland

The future of AV integration in Ireland is rapidly evolving, driven by advancements in technology and the increasing demand for seamless, intelligent systems. From smart meeting rooms and immersive education environments to cutting-edge entertainment systems, the potential for AV technologies to transform how we communicate and collaborate is immense. This session will explore the exciting opportunities and challenges in integrating AV solutions with modern IT infrastructures.

  • Bar (upstairs)

14:00pm  - 15:00pm

Stream Lead: To Be Announced

The Next Phase of Cloud Security: Embedding Zero Trust from Edge to Identity
The Next Phase of Cloud Security: Embedding Zero Trust from Edge to Identity

Cloud environments demand more than patchwork defence - they require security by design. As organisations move into the next phase of cloud adoption, Zero Trust must be embedded throughout the architecture, from the network edge to user identity. This session explores how to implement practical, scalable Zero Trust strategies that secure access, protect data, and align with the way modern infrastructure actually works.

  • Downstairs Room 3

2:00pm -3:00pm​

Stream Lead: Paul Edmonson, Commercial Director, InspiritVision and Director and EMEA-Hub

Closing Panel:

Threat Horizon 2030: Preparing for the Next Wave of Cyber Risks
Threat Horizon 2030: Preparing for the Next Wave of Cyber Risks

Cybersecurity threats are evolving at a faster pace than ever before. If you’re only planning for today’s risks, you’re already behind. This panel discussion will feature industry leaders sharing their predictions for the next decade and offering practical advice on how organisations can build resilience for what’s coming next.

  • Main Conference Room

15.30pm - 16:30pm

Charlie Taylor- Technology and Innovation Editor at Business Post

Join Our Cyber Ecosystem

Become a part of our growing Cyber Security Ecosystem. We’re Bringing everyone together!

Vendors
+
VARs & MSPs
+
Cyber Experts
+
Attendees Registered Annually
+

©  2025 Cyber Expo Ireland. Built using WordPress and the Highlight Theme