Conference 2025 - Speakers

Bruno Soares

Bruno Horta Soares, CISA®, CGEIT®, CRISC™, PMP®, LEGO® Serious Play®

Executive Advisor, University Professor, ISACA Lisbon Chapter President

Bruno Horta Soares has over 20 years' experience in Digital Transformation, Governance and Cybersecurity. With a degree in Computer Science and Business Management and several professional certifications, he is a recognized Executive Advisor and University Professor. He is also ISACA Lisbon Chapter President, an award-winning speaker and someone committed to creating a positive impact and leaving an indelible mark on the world.

Ulrika Dellrud

Chief Privacy & Data Ethics Officer, Certification Director at ISACA Belgium Chapter

A globally recognized expert in privacy, data, AI, digital ethics, and ESG, with 25 years of operational and strategic experience. Ulrika has served as EMEA and global chief privacy officer for major multinational companies and currently holds the position of Chief Privacy & Data Ethics Officer at Smarter Contracts. She also serves as a Non-Executive Director, advising startups on data strategies.

Actively engaged with global regulators, she is a European Data Protection Board advisor and a long-time advisory board member of the IAPP, where she also serves on the AI governance board. A Swedish and US-qualified attorney and New York Bar member, she has been recognized for her exceptional contributions to privacy, receiving the inaugural IAPP Hughes Leaders Award in 2022.

Luca Lumini

Chief Security Officer at AXA Group Operations

Luca is CISO and is leading the Strategy and AI Innovation team for the International Markets. Luca is accountable for protecting AXA customers and employees from security threats and drives holistically the converged security strategy over several countries, spanning from LATAM to Africa and Asia.

With more than 20 years of assurance and consulting experience focusing on technology audit and security risk advisory, he is committed to assisting AXA entities in implementing effective key security initiatives to respond to cyber risks and security threats and to adhere to corporate standards.

He brings a broad and different perspective that combines his views across Internal Auditing, Cyber Security governance, and Operational Risk & Compliance management. He holds credentials from several professional associations, such as CISA, CRISC, CDPSA, CIA, CRMA, CISSP, Lead Auditor ISO27001, and DRII ABCP.

Markus Brinkmann

Partner, Head of Global Forensic, Risk and Compliance, BDO Germany

Markus Brinkmann is BDO Germany´s Head of Forensic, Risk & Compliance and BDO´s Deputy Global Head of Forensic Services. Furthermore, he is a member of the BDO Global Forensic Leadership Team as well as the BDO Risk Advisory Steering Committee.

He has more than 25 years of experience working as an acknowledged expert in all kinds of white-collar crime investigations and compliance management projects globally. As a Forensic Accountant Markus has also supported various clients in arbitration and litigation matters. In his Risk Advisory role Markus has overseen various internal audits. His clients are public listed corporates, family businesses, regulators, law firms and European institutions.

Nataša Klenovšek Arh

Ministry of Defence

She has over 20 years of experience in various fields of computer science and informatics, and for the last 10+ years she has been focusing primarily on cybersecurity. She worked for several years at SI-CERT, and for the last five years at the Cyber Center of the Ministry of Defence. She is a certified ethical hacker with experience in the fields of security audits, penetration testing, malicious code analysis, and various areas of digital forensics.

Greg Evseev

AI Governance Specialist | ISO 42001 Lead Auditor (in training) | Former Aviation Investigator

Greg Evseev is an AI governance expert with 10+ years in technical implementation and compliance, specializing in ISO 42001. His background includes aviation investigation, providing a unique perspective on AI system integrity and governance. Greg helps organizations in Slovenia and internationally implement AI frameworks, conduct risk assessments, and prepare for ISO 42001 certification. He focuses on practical governance for innovation and regulatory compliance, including the EU AI Act.

Mustafa Aykut KILIÇ, CISA, CISM, CRISC, CDPSE, CISSP, TOGAF

IS Audit Manager of Kuveyt Türk Participation Bank

Mustafa Aykut KILIÇ graduated from Mathematics and Computer Science and advanced to MBA. After working in different roles including software development, database management, devops, project management and information security; he changed his expertise to audit and is currently working as IS Audit Manager of Kuveyt Türk Participation Bank. As a proficient information systems veteran he is trying to create value for the group companies and subsidiaries through detailed audit engagements and advisory roles in different committees. He is also a board member of ISACA-Istanbul Chapter and an accredited trainer of many ISACA certifications.

Edward Starkie

Director, GRC | Cyber Risk, Full Member of the Chartered Institute for Information Security (CIISec), LLM International Law, LLB Law, CISM, ISO 27001:2013 Lead Implementer

Edward is a Director within Thomas Murray’s cyber security practice, bringing extensive experience working with diverse organizations across the spectrum of cyber security services and data protection.

Before joining Thomas Murray, Edward held roles at Royal Mail and DS Smith Plc., followed by a significant period at PwC. During his time at PwC, he advised a wide array of clients, from major oil and gas companies and multinational corporations to technology start-ups, with a strong focus on Private Equity engagements. Subsequently, Edward served as the Global Cyber M&A lead at Kroll, where he delivered numerous engagements, including tabletop exercises, framework reviews, and providing incident response support in complex situations, such as during deal negotiations. At Thomas Murray, he continues to focus on a threat-led approach to optimise defense and response capabilities, considering the impact of the threat landscape on individual organisations as well as interconnected business communities. He is a regular contributor to conferences and is a recognised cyber security expert speaker at the International School of Financial Services Jersey.

Tonći Kaleb

Information Security and Privacy Expert

Tonći is a Governance, Risk and Compliance (GRC) practitioner with extensive experience in both financial institutions and corporate environments. He is also highly passionate about new and emerging technologies, including IoT, Blockchain, and Artificial Intelligence.

With over 20 years of experience in the IT and security sectors, he has held various roles, including software developer, columnist for online ICT portals, quality assurance specialist, business continuity manager, data protection officer, information security manager, global security analyst, and IT auditor.

During his career, he has worked with several companies, including Ericsson, Transcom, SCST, Tools&Solutions and banks within the Société Générale, Intesa Sanpaolo and OTP Groups. Now, he shares his extensive knowledge, skills and experience working as a consultant and trainer.

Zoran Korenjak

Project Director at Triglav Group

Zoran Korenjak is an experienced project manager, lecturer, and coach with over fifteen years of experience. He is a Project Director at Triglav Group, leading strategic and complex projects. He holds certifications such as PMP, CCMP, CSPO, NLP Master Practitioner, and BHS Practitioner. His work focuses on digital transformation and business process improvement, bringing significant organizational change.

Aleš Avbreht

Attorney, managing partner and the founding shareholder at AZ Attorneys Ltd. (AZ ODVETNIKI o.p., d.o.o.)

He is experienced in many areas of commercial and corporate law, legal representation, and client advocacy in litigation and negotiation.

He is also a lecturer at specialized legal seminars and author of various books and articles from his legal expertise. Since 2014 he has been a licensed member of supervisory boards of commercial companies and a member of Slovenian Directors’ Association (SDA).

Lilijana Vasojević-Radovanović, CISA, CRISC, Swift CSP Certified Assessor

IT Audit & Advisory Manager, EURIDICA d.o.o.

Ljiljana Vasojević-Radovanović is an experienced IT auditor with a strong background in IT management and governance. With over two decades of experience in IT arena she has led and contributed to numerous audits, risk assessments, and IT strategy initiatives across the financial and public sectors. At Euridica, she leads assessments and policy development for secure IT environments. Her expertise spans IT compliance, cybersecurity, risk management and regulatory frameworks such as DORA and SWIFT CSP. She holds multiple certifications including CISA and CRISC and is a Swift CSP Certified Assessor. Her dual perspective—combining audit rigor with practical IT management insight—brings a balanced and pragmatic approach to technology risk and control discussions.

Njeboša Bulatović, CISA, CISM, CGEIT, Swift CSP Certified Assessor

General Manager, EURIDICA d.o.o., Principal consultant, Cyber Security and GRC services PKF Croatia

Nebojša Bulatović is a seasoned IT auditor and GRC consultant with over 26 years of experience, including 18 years in international cybersecurity, compliance, and IT risk management. He has led numerous SOC2, ISO, and SWIFT CSP engagements across banking, fintech, and high-tech sectors. Nebojša holds multiple certifications, including CISA, CISM, CGEIT, CDPSE, CSX, and is a SWIFT CSP Certified Assessor. His work spans IT governance, penetration testing, secure software design, and implementation of frameworks such as COBIT, NIST, and ISO standards. As Principal Consultant at Euridica, he provides strategic cybersecurity, audit, and compliance services across Southeast Europe, supporting organizations in achieving operational resilience and regulatory alignment.