The 6th ISACA Risk Event Wednesday, November 12, 2025 Spant!, Bussum
Join us for a new edition of the Risk Event, where cutting-edge insights meet practical expertise in the world of risk, governance, and cybersecurity.
Organized in collaboration with IIA, NOREA, and PvIB.
Risk Event 2025
Securing the Digital Frontier
Track 1: Resilience Through Cooperation
Resilience is not a solo act, it’s a team sport. In today’s hyperconnected world, no organization can face digital threats alone. This track explores how trust, knowledge sharing, and collaboration, internally and across entire ecosystems are the cornerstones of resilience.
Learn how leading organizations are building collective defenses, aligning teams before crisis strikes, and strengthening resilience across supply chains. Hear first-hand lessons from leaders at Microsoft, Port of Rotterdam, Schiphol, and ING.
Track 2: Innovation & Opportunities
A dedicated track focused on Innovation and Opportunities in today’s dynamic and interconnected world. From shifting geopolitical landscapes to the rise of digital transformation, this track explores how organizations can identify and navigate emerging risks, not by avoiding change, but by understanding the risks it brings and turning them into strategic opportunities.
Track 3: Going Concern vs. Disruption
Some risks never disappear, but disruption keeps reshaping them. This track examines the balancing act organizations must perform: safeguarding enduring concerns while adapting to disruptive forces like AI, quantum threats, and geopolitical competition. Explore the future of cloud security, AI-driven manipulation, and post-quantum cryptography, and rethink human awareness in an era of hyper-realistic deception. This track is about where the familiar meets the future, and how to navigate both.
Track 4: Geopolitical Risks & Digital Sovereignty
From crisis to control: leaders today must navigate the intersection of geopolitics and digital risk. This track examines how global tensions, sanctions, compliance requirements, and supply chain dependencies impact cybersecurity and IT risk management. Discover how digital sovereignty, AI-driven threats, and governance frameworks are shaping the security strategies of tomorrow. From cloud infrastructure to crisis response, and from sanctions to security strategy, the challenges are real. But so are the solutions.
Workshop
Secure your ticket now. Early bird tickets available until October 12, 2025!
Aftermovie
Programme Risk Event 2025
Resilience Through Cooperation
Innovation & Opportunities
Going Concern vs. Disruption
Geopolitical Risks & Digital Sovereignty
Workshop
Professor of Information Management & Digital Transformations at Alliance Manchester Business School, UK. He previously served as Full Professor at Tilburg University and Academic Director of the Executive MSc in Information Management & Digital Transformations at TIAS School for Business and Society, Netherlands (tenure ended November 2024).
Erik continues his advisory roles as an independent member of the Data Committee at Royal FloraHolland and as an external advisor to Bain & Company. He chaired XBRL the Netherlands from January 2020 to June 2022 and contributed as a board member of Sourcing Nederland between 2017 and 2021—an association dedicated to advancing best practices in partnering and outsourcing.
With 25 years of global industry and consulting experience, Erik has held leadership roles at Atos, Accenture, KPMG, Boston Consulting Group, and Alvarez & Marsal, guiding outsourcing strategies, digital transformation efforts, and benchmarking initiatives across Europe, Asia, Latin America, and North America.
Werner Zuurbier began his journey in public administration studies during the dawn of the internet—and from that moment, digital transformation has woven through both his personal and professional life. He is passionate about strategic challenges and guiding complex change processes, often navigating the dynamic intersection of business and technology.
As of July 1, 2025, Werner took on the role of Director‑Board Member at GERRIT, following his tenure as CIO and Manager of Information & Care Technology at Spaarne Gasthuis
Over the years, he has served as an (interim) C‑level executive, director, and senior manager across healthcare, insurance, and consultancy—and continues to contribute as a non‑executive board member in the healthcare, education, and insurance sectors, and formerly in government cenvio.com.
Werner is also a published author. His most recent work, Leadership in the AI Era – Four Qualities of a Transformational Leader, released in March 2025, explores vision, risk, moral, and cultural leadership in the context of the AI-driven digital revolution. He previously authored Cyber in the Board – Supervising Digital Transformation in 2022, offering practical guidance to board members and supervisors navigating digital change
Marijn van Schoote has a diverse work experience in the fields of IT operations, service management, cyber security, and risk management. They have held various roles at different companies, including Port of Rotterdam, Deloitte Enterprise Risk Services, and Océ Technologies. At Port of Rotterdam, Marijn has been the Head of IT Operations & Service Management and CISO, responsible for ensuring reliable and secure IT services for the company. They have also served as a Cyber security officer at FERM-Rotterdam, focusing on digital resilience. Prior to their role at Port of Rotterdam, Marijn worked as a Manager/IT Auditor at Deloitte and in research at Océ Technologies.
Marijn van Schoote completed a Post Master Degree in Postdoc IT auditing from Erasmus University Rotterdam from 2006 to 2008. Prior to that, from 2003 to 2005, Marijn earned an MSc in Business Information Technology from the University of Twente. Before that, Marijn attended Saxion University of Applied Sciences from 1999 to 2003 and received an Ing, BSc degree in Computer Science. There is no information available about Marijn’s education before attending Saxion University of Applied Sciences.
the lead for cryptography at the SECO-Institute. He has authored and teaches several highly rated courses on cryptography, digital certificates, and the migration to quantum-safe cryptography. Luuk is a trainer, speaker, and advisor, and the founder of Cryptography in Context. He helps organizations and professionals make informed decisions and take appropriate steps to apply cryptography effectively. Combining a strong focus on people and processes with his technical and mathematical expertise, Luuk ensures that cryptography works in real-world settings. For over 15 years, he has contributed to high-impact projects in both the public and private sectors.
Chief Security Advisor at Microsoft Netherlands. Esther has a track record of delivering impactful solutions, research, tools and services for a diverse range of clients and stakeholders having been the Principal for Europe at the Information Security Forum, CISO of Deloitte Netherlands, Dutch Caribbean and Deloitte Belgium and a consultant in Cyber Strategy & Transformation with Deloitte previously. She holds an MSc in both International Management and Cybersecurity, and brings a unique combination of IT, cybersecurity, risk, organizational transformation, DEI and ESG knowledge to the table. Esther is also an advocate for women’s right and opportunities, and seeks to enhance the number of women in IT and cybersecurity.
Sandeep is Trust Officer at Schuberg Philis. Chair of the NOREA DevOps working group. Chair of the NOREA DORA Taskforce.
Author of DevOps in Control NOREA report. Co-author of Ransomware in Control NOREA report. Guest lecturer on DevOps & Ransomware at several universities.
Chris is passionate about increasing the resilience of organisations, especially the human, behavioural side. Chris has extensive work experience, most recently as Team Lead Global Security Behaviour, Awareness & Learning at Rabobank and Global Lead Security Awareness & Training at Viterra.
He is founder of the Security Awareness NL foundation. Since he handed over the chair role in late 2022, he has joined the Advisory Board.
Chris received the Security Culture Person of the year 2017 Award and the SANS Security Awareness Leader 2017 Medal.
passionate senior manager with 20 years of experience in the public and private sectors. He has held IT responsibilities, gained consulting experience, and led digital and agile transformations. He holds a Master’s degree in IT Strategy & Management and IT Auditing. As a line and IT program manager, he led various programs to optimize, innovate, and standardize IT services and security across the organization. Chris is a member of the Advisory Committee for the post-HBO Information Security Management Expert program.
PhD candidate in the Department of Engineering Systems and Services at the Faculty of Technology, Policy and Management of Delft University of Technology. She holds a master’s degree in Environment and Society at Radboud University and an undergraduate degree with honours in Political Science and Sociology from University of Toronto. Her research interests include digital security in critical infrastructures, transition governance and quantum-safe transition.
Anna is an experienced cybersecurity leader with over 12 years of success aligning technical security expertise with governance, risk, and compliance strategies to protect sensitive data, AI systems, and critical business processes. she designs and implements comprehensive security frameworks that blend deep technical knowledge with organizational dynamics and regulatory requirements — building resilient, adaptive “immune systems” for organizations.
Dimitri is the Cybersecurity Director and CISO of Dutch Railways (Nederlandse Spoorwegen). He is Co-Chair to the Dutch and European Rail ISACS and European Railway CISO Forum and chair of the board of the Dutch CISO Foundation.
He’s also Non-Executive Director of NGRT, advisory board member of Cybersec Netherlands, supervisory board member of the Dutch Anti Online Child Abuse foundation OFFLimits, GISEC Cyberstars Jury member and a regular cyber-columnist/author/speaker/lecturer.
Dimitri holds an international master’s degree and cyber certificates such as CISSP, CRISC, CISA, CISM, CDPSE, CIPP/E, CIPM, FIP, ISO27001 and ISO42001
Professor Peter Roelofsma is a distinguished expert in the fields of risk management and cyber security. In August 2023, he joined the Risk Management & Cyber Security research group at The Hague University of Applied Sciences (THUAS). Prior to this, he was part of the Safety and Security Science section at Delft University of Technology, where he worked at the Center for Safety in Healthcare. His extensive experience spans various domains, including healthcare, smart cities, military command and control, aeronautical control, intertemporal choice and risk management in traffic tunnels. He has also worked in the departments of computer science, artificial intelligence, and economics.
Professor Roelofsma completed his studies in Psychology with Cum Laude honors. For his PhD, he received the prestigious ‘de Finetti’ award from the European Association for Decision Making and Subjective Utility, Probability, and Decision Making (EADM/SPUDM), recognizing his outstanding contributions to the field. He worked also at the departments of Psychology, Computer Science/AI, Communication Science and Sociology.
His recent work addresses critical issues such as organizational learning, shared mental models, safe and secure by design principles, and the use of AI-coaching and sensors for enhancing safety and security. His interdisciplinary approach and focus on practical applications make his contributions highly impactful in both academic and real-world contexts.
A year ago, there was no research group in the THUAS lectorate. Under Professor Roelofsma’s leadership, the group has grown to include about 10 members. In the first year, he successfully acquired initial funding for the cybersecurity living lab, which has recently started. This innovative lab aims to advance cyber security practices through innovative research and practical applications.
One of Professor Roelofsma’s notable achievements with his research group is the application of network-oriented modeling as a cyber risk analysis method. This innovative approach has proven successful and has been a cornerstone of his research group’s efforts. Together with students from the Safety and Security Management Studies program at THUAS, his group has produced a variety of impactful papers, contributing significantly to the field of cyber security.
Professor Roelofsma’s work continues to shape the future of risk management and cyber security, providing valuable insights and solutions to complex challenges in cyber security and risk management. His leadership and innovative ideas ensure that his research group remains at the forefront of advancements in these critical areas.
Debbie Janeczek is the Chief Information Security Officer at ING. Prior to joining ING, Debbie led the Swift Global Security Organization. The Society for Worldwide Interbank Financial Telecommunications is a global messaging system that is used to facilitate transactions between banks across national borders.
Prior to Swift, Debbie was a Technology Executive at Wells Fargo leading the Cyber Threat Management Function, driving proactive resiliency against cyber-attacks through monitoring, analysis and continuous assessment of the threat landscape, driving tangible risk mitigation across the enterprise.
Before joining Wells Fargo, Debbie was the Director of Information Security at Twilio, where she led Cloud Security, Enterprise Security, Product Security, and Vulnerabilities Management. Debbie was also the Director of Cyber Threat Intelligence at American Express and served on the Executive Committee for the Financial Services-Information Sharing and Analysis Center (FS-ISAC). She held other key security roles during her career, including Adjunct Instructor at the University of Maryland-Baltimore County, Team lead for Cyber Planning at the National Security Agency (NSA), and Deputy Branch Chief at USCYBERCOM, and carried out key assignments with the National Geospatial Intelligence Agency and Defense Intelligence Agency.
Debbie served as an active-duty Intelligence Officer in the United States Navy serving in both Operation Enduring Freedom in Afghanistan and Operation Iraqi Freedom.
Huib Modderkolk is an investigative journalist at de Volkskrant. He writes about intelligence agencies, privacy violations, and the dark side of modern technology. He has won the De Tegel and De Loep journalism awards (twice) and received the 2022 Prize for Free Speech. The jury called him an “important voice in the debate about shrinking privacy and the advancing digital world.”
His books “It’s War, But No One Sees It” (2019) and “You Really Don’t Want to Know This” (2024) were bestsellers and translated into several languages. In 2024, he appeared in the BNNVARA documentary series ” No One Sees It.”
My name is Dwayne Valkenburg, I work as an IT Auditor and IT Risk & Compliance Manager. Since 2006, I have been active in the Managed IT Services & IT Outsourcing sector as an IT Engineer, switching to the IT Auditing profession at a BIG4 firm in 2013 and as of 2017, I founded Cyberus, an IT Assurance, Advisory & Consultancy firm.
I am also active on a voluntary basis since November 2014 with the professional associations the NOREA, ISACA and the IIA as, Chairman and Vice-Chairman of the Young Profs committees. In recent years, I have been responsible within the ISACA Board, with all events, webinars and conferences of ISACA Netherlands, as well as the Privacy and Young Profs working groups.
As of June 2022, I could call myself chairman of ISACA Netherlands and together with an enthusiastic and, above all, fun group of fellow volunteers, we may together offer a platform where we jointly take the profession of IT Auditing, IT Governance, IT Compliance, IT Security & IT Risk Management to a higher level.
If you have any questions, or are interested in working together, please feel free to contact me.
<h1 class='my-heading'>Just some HTML</h1><?php echo 'The year is ' . date('Y'); ?>document.addEventListener("DOMContentLoaded", function () {
const container = document.querySelector(".risk-loop-container");
if (!container) return;
const kaarten = Array.from(container.querySelectorAll(".risk-card"));
const rijen = {};
// Sorteer alle kaarten eerst op starttijd
kaarten.sort((a, b) => {
const tijdA = a.getAttribute("risk-starttijd") || "";
const tijdB = b.getAttribute("risk-starttijd") || "";
return tijdA.localeCompare(tijdB);
});
// Verdeel kaarten per tijdslot
kaarten.forEach((kaart) => {
const tijd = (kaart.getAttribute("risk-starttijd") || "").trim();
if (!rijen[tijd]) {
const rij = document.createElement("div");
rij.classList.add("risk-row");
rij.setAttribute("data-starttijd", tijd);
container.appendChild(rij);
rijen[tijd] = rij;
}
rijen[tijd].appendChild(kaart);
});
// Sorteer binnen elke rij op data-podium
Object.values(rijen).forEach((rij) => {
const cards = Array.from(rij.querySelectorAll(".risk-card"));
cards.sort((a, b) => {
const pA = parseInt(a.getAttribute("data-podium")) || 999;
const pB = parseInt(b.getAttribute("data-podium")) || 999;
return pA - pB;
});
cards.forEach((kaart) => rij.appendChild(kaart));
});
});function sorteerEnGroepeerKaarten() {
const container = document.querySelector(".risk-loop-container");
if (!container) return;
// Verwijder oude rijen (voor het opnieuw opbouwen)
container.querySelectorAll(".risk-row").forEach((el) => el.remove());
// Zoek alle kaarten
const kaarten = Array.from(container.querySelectorAll(".risk-card"));
const rijen = {};
// Sorteer kaarten op starttijd
kaarten.sort((a, b) => {
const tijdA = a.getAttribute("risk-starttijd") || "";
const tijdB = b.getAttribute("risk-starttijd") || "";
return tijdA.localeCompare(tijdB);
});
// Groepeer kaarten per tijdslot
kaarten.forEach((kaart) => {
const tijd = (kaart.getAttribute("risk-starttijd") || "").trim();
if (!rijen[tijd]) {
const rij = document.createElement("div");
rij.classList.add("risk-row");
rij.setAttribute("data-starttijd", tijd);
// 🔧 Dit is waar de grid toegepast moet worden:
rij.style.display = "grid";
rij.style.gridTemplateColumns = "repeat(auto-fit, minmax(220px, 1fr))";
rij.style.gap = "1rem";
container.appendChild(rij);
rijen[tijd] = rij;
}
rijen[tijd].appendChild(kaart);
});
// Sorteer binnen elke rij op podium-nummer
Object.values(rijen).forEach((rij) => {
const cards = Array.from(rij.querySelectorAll(".risk-card"));
cards.sort((a, b) => {
const pA = parseInt(a.getAttribute("data-podium")) || 999;
const pB = parseInt(b.getAttribute("data-podium")) || 999;
return pA - pB;
});
cards.forEach((kaart) => rij.appendChild(kaart));
});
}
// Initieel en bij AJAX reload
document.addEventListener("DOMContentLoaded", sorteerEnGroepeerKaarten);
document.addEventListener("bricks/ajax/nodes_added", sorteerEnGroepeerKaarten);
function sorteerEnGroepeerKaarten() {
const container = document.querySelector(".risk-loop-container");
if (!container) return;
// Verwijder oude gegroepeerde rijen
container.querySelectorAll(".risk-row").forEach((el) => el.remove());
// Verzamel en sorteer alle kaarten op starttijd
const kaarten = Array.from(container.querySelectorAll(".risk-card"));
const rijen = {};
kaarten.sort((a, b) => {
const tijdA = a.getAttribute("risk-starttijd") || "";
const tijdB = b.getAttribute("risk-starttijd") || "";
return tijdA.localeCompare(tijdB);
});
// Groepeer kaarten per tijdslot
kaarten.forEach((kaart) => {
const tijd = (kaart.getAttribute("risk-starttijd") || "").trim();
if (!rijen[tijd]) {
const rij = document.createElement("div");
rij.classList.add("risk-row");
rij.setAttribute("data-starttijd", tijd);
rij.style.display = "grid";
rij.style.gridTemplateColumns = "repeat(auto-fit, minmax(220px, 1fr))";
rij.style.gap = "1rem";
container.appendChild(rij);
rijen[tijd] = rij;
}
rijen[tijd].appendChild(kaart);
});
// Sorteer binnen elk tijdslot op podium
Object.values(rijen).forEach((rij) => {
const cards = Array.from(rij.querySelectorAll(".risk-card"));
cards.sort((a, b) => {
const pA = parseInt(a.getAttribute("data-podium")) || 999;
const pB = parseInt(b.getAttribute("data-podium")) || 999;
return pA - pB;
});
cards.forEach((kaart) => rij.appendChild(kaart));
});
}
function initKaarten() {
sorteerEnGroepeerKaarten();
const container = document.querySelector(".risk-loop-container");
// Herinitialiseer Bricks Extras Lightbox
if (typeof doExtrasLightbox === "function" && container) {
doExtrasLightbox(container, true);
console.info("✅ Bricks Extras Lightbox opnieuw geïnitialiseerd");
} else {
console.warn("⚠️ Bricks Extras Lightbox functie niet beschikbaar of container niet gevonden");
}
}
// Init bij paginalaad
document.addEventListener("DOMContentLoaded", initKaarten);
// Init na AJAX/facet filtering
document.addEventListener("bricks/ajax/nodes_added", initKaarten);
Location
This year’s Risk Event took place at Spant!, a modern and inspiring venue in the heart of the Netherlands. Located in Bussum, just 25 minutes from Amsterdam and easily accessible by car and public transport.
Spant!
Dr. A. Kuyperlaan 3
1402 SB, Bussum
Gallery
Take a look back at Risk Event 2024. A day full of inspiring talks, lively discussions, and meaningful connections.
Scroll through the highlights and relive the atmosphere, the energy, and the people who made it unforgettable.
