-
Welcome & Lunch
Sep. 03
-
[Keynote] Operating at the Edge of Chaos: The CISO Lessons the War Forced Upon Us
Olivier BusoliniSep. 03
-
Talk Slot 1 1 (Request for Proposal)Sep. 03
-
[Panel Discussion] The Era of "Agentic" AI
Anna MempelSep. 03
-
Coffee Break
Sep. 03
-
Talk Slot 1 3 (Request for Proposal)Sep. 03
-
Coffee Break
Sep. 03
-
[Masterclass] 100 Days to Credibility: How New CISOs Build Trust, Culture, and Strategic Impact
Olivier BusoliniSep. 03
-
[Masterclass] Plug, Play, Exploit: Mastering Modern Hardware Attacks
Tobias ScheibleSep. 03
-
Apéro
Sep. 03
Compliance on Autopilot: From Policies to Auditable AI Controls – A Practical Approach Using AI Agents & SSDLC
Thomas Punz is a cybersecurity and governance expert with a strong focus on operationalizing compliance and making regulatory requirements practically actionable. As CEO of SECURNITE, he works closely with organizations across regulated industries to translate frameworks such as NIS2, DORA, and ISO 27001 into sustainable, auditable, and scalable solutions.
With a background in Physics, IT and Governance, Risk, and Compliance (GRC), Thomas specializes in bridging the gap between strategic requirements and technical implementation. His work focuses on building resilient control systems, integrating security into software development lifecycles, and leveraging modern technologies such as AI to increase efficiency and auditability.
He is particularly known for his pragmatic approach: reducing complexity, enabling automation in compliance processes, and designing governance models that work in real organizational environments, not just on paper.
This session demonstrates how regulatory requirements and internal policies (e.g., NIS2, DORA, ISO 27001) can be systematically translated into measurable and auditable controls, bridging the gap from policy definition to evidence generation.
Using an audited Secure Software Development Lifecycle (SSDLC) and generative AI, we illustrate how organizations can operationalize compliance in a scalable and repeatable way.
The result: significantly reduced manual effort in audit preparation, consistent and reproducible audit trails, and reliable KPIs for both auditors and executive management.
Participants will understand a proven blueprint for AI-supported control testing and evidence generation and learn how to effectively integrate AI into compliance and control workflows. In the end, everyone will take away governance artifacts and structures that meet auditor expectations.
