Gary Carrera - Governance, Risk and Compliance Leader, Meta

Bio

As a seasoned security and privacy professional with nearly two decades of experience, Gary Carrera has established himself as a trusted leader in the tech industry. With a distinguished career spanning leadership roles at prominent companies like Meta, Apple, and Xerox, he currently serves as a Governance, Risk, and Compliance leader at Meta, overseeing multiple complex data practices programs on a global scale.

Gary's expertise encompasses a wide range of areas, including governance, risk management, compliance strategy, information security across multiple disciplines, privacy and data protection, antitrust and competition, and regulatory engagement. He holds an impressive array of prestigious certifications, including CISM, CISA, CDPSE, CCSP, CCSFP, ISO27001, and ISO9001, demonstrating his deep understanding of these fields.

A passionate advocate for security and data protection excellence, Gary regularly shares his insights through articles and presentations on topics relevant to the tech industry. He is committed to engaging with peers globally, fostering collaboration, and driving innovation in the field.

Session: The role of leadership in driving Digital Transformation

In this session, we will delve into key leadership strategies that ensure successful digital transformation within organisations. Participants will discover how to cultivate a culture that promotes both innovation and security, essential for thriving in today's digital landscape. We will provide actionable insights to help leaders navigate the complexities of digital transformation, drive change and embrace technological advancements effectively.

Tania Postil - Cybersecurity Consultant & Trainer, Make Sense SRL and ISACA Belgium Vice President & Communication Director

Bio

Tania Postil is a seasoned infosecurity consultant and trainer with over 17 years of experience in risk management, governance, information security and no nonsense approach. She leads Make Sense SRL, a Belgium-based firm specializing in practical, business-aligned implementations of standards like ISO 27001, DORA, and NIS2.

Known for her pragmatic and strategic approach, Tania helps organizations bridge the gap between compliance requirements and real-world operational security. Her work spans financial services, public institutions, and logistic sector.

Session: Zero Trust Is Not What You Think: Rethinking Security in a Perimeterless World

Zero Trust is one of the most talked-about strategies in cybersecurity, yet it's also one of the most misunderstood. In this session, Tania Postil will challenge assumptions and expose the hidden risks behind technologies many organizations consider best practices—like SSO, VPNs, and traditional segmentation. This talk will break down the Zero Trust pillars, highlight common pitfalls in hybrid and cloud architectures, and offer a pragmatic roadmap for organizations looking to evolve beyond perimeter-based security.

Olga Troshkova - Group Information Security Manager, Mercell Group

Bio

Olga Troshkova has 17 years of experience in the information- and cybersecurity domain. She has worked in several sectors: maritime, finance, public procurement, and consulting. She has gained experience in various areas, such as incident response, IT auditing, ISMS, including the ISO27001 certification, and defining and implementing security frameworks, processes, and controls.

Olga enjoys working with the entire spectrum of the information security domain: from frameworks, laws, and regulations to the technical solutions, which must follow the standards or guidelines on the one hand and be in accord with the risk picture of a given company on the other. She likes following the common thread from the business goals to security controls and mechanisms. Last but not least, Olga enjoys working with people.

Demostration: Incident Management in a M&A SaaS Organization: our Transformation Journey

This presentation is about sharing our practical case on how we have moved from an inconsistent, "best effort" Incident Management process across the Group to a structured, coherent, and well-communicated approach. I will demonstrate how we established, implemented, and automated the Incident Management process across many SaaS customer-facing platform teams, coming from the acquired companies, and Enterprise IT.

--

Return to Conference Main Page