Over the past months, our program team has worked diligently behind the scenes to secure an inspiring and truly international roster. We have reached out across borders, negotiated with world-class experts, and carefully curated voices that will bring both deep knowledge and fresh perspectives to the ISACA community.
The result is a program filled with outstanding names representing cybersecurity, governance, AI ethics, digital trust, and more.
Confirmed speakers & Preliminary topics:
-
David Jacoby (Sweden) – Ethical Hacker, Cybersecurity Expert & Professional Internet Troublemaker. With over 30 years of ethical hacking, David is known for turning complex security into provocative, entertaining talks. Today, he's Chief Strategy Officer at Syndis, where he pushes the boundaries of innovation and cybersecurity.
Session: Hacked by Innovation: How the Digital Revolution Opens Doors for Cyber Threats
A demo-driven journey through the blind spots of digital transformation: how hackers bypass modern defences, the dark web economy, why human behavior remains the weakest link, and what’s next in macOS myths, cloud chaos, and future threats. Expect surprises, practical takeaways, and a new mindset for securing the digital future.
-
Johan Lambert (Belgium) – ISO 42001 & AI Governance Specialist, Auditor, and Trusted Advisor. With a strong background across both public and private sectors, Johan brings a wealth of international experience in auditing, risk management, and governance. A graduate of the Royal Military Academy and ISC Saint-Louis, he holds certifications as a Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), and Lead Auditor for management systems covering quality, the environment, information security, and workplace well-being. He is also a Level 1 Prevention Consultant and an active member of both IIA and ISACA.
Over the course of his career, Johan has performed numerous system certification audits and internal audits, contributed to risk analyses, and driven continuous improvement projects across sectors such as healthcare, public transport, chemical manufacturing, retail, humanitarian operations, HR management, software development, and cybersecurity.
Session: AI: ISO 42001 in EU AI Act Context
Artificial Intelligence governance is no longer optional — it is becoming a regulatory requirement. In this session, Johan will guide participants through the structure and clauses of ISO 42001, explaining how they align with the EU AI Act and other key ISO standards. Attendees will gain a clear understanding of how to interpret, implement, and audit AI management systems in compliance with evolving European legislation, enabling organizations to turn AI governance into a competitive advantage rather than a compliance burden.
-
George Njuguna (Kenya) – Strategic Technology & Governance Leader, AI Ethics Advocate, and Cybersecurity Visionary. Travelling from Nairobi to Stockholm to deliver Digital Trust in Practice, George brings over a decade of leadership across banking, telecom, fintech, and regulatory sectors. His highly interactive session will focus on building, measuring, and sustaining digital trust with practical cases, scenarios, and actionable takeaways on cybersecurity, privacy, and ethical AI.
Session: Redefining Real: Digital Trust in Practice
As 2025 draws to a close, digital trust has become the cornerstone of resilience, innovation, and ethical leadership. In this highly interactive session, George will unpack what it truly takes to build, measure, and sustain digital trust in complex, high-stakes environments. Drawing from real-world programs across 10+ countries, he will share pragmatic approaches to strengthening security posture, embedding trust into business strategy, and navigating AI-driven risks. Expect practical cases, scenarios, and actionable takeaways that bridge cybersecurity, privacy, and ethical AI, equipping leaders to hardwire resilience and lead with confidence into 2026 and beyond.
-
Arnulfo Espinosa Domínguez (Mexico) – travelling from Monterrey, Mexico, is an ISACA Hall of Fame inductee and internationally recognised auditing expert. Arnulfo will share global insights on modern audit practices, risk management, and governance, offering a unique perspective shaped by decades of leadership within the ISACA community.
Session: eXtreme Audit!!! Auditing front and reverse, even the Metaverse
Auditing with the skills of the past is no longer enough. As technologies like AI, blockchain, and the metaverse evolve, auditors must move beyond traditional ITGC practices to assess systems that lack established frameworks or regulatory guidance.
In this forward-looking session, Arnulfo explores how IT auditors can adapt their mindset, expand their technical depth, and develop the tools needed to assure innovation itself. Because to secure tomorrow’s technology, we need more than experience, we need Xtreme Audit Skills!
- Professor Björn Lundell (Sweden) – Professor Lundell’s research contributes to theory and practice in the software systems domain and centres on different aspects of openness (in particular Open Source Software and open standards) related to procurement, development and use of software systems under different terms and forms of IT operation.. His research interests and activities address a few (related) core challenges in the software systems domain, specifically: data sovereignty, lock-in, interoperability, and long life-cycles for software systems & digital assets.
Session: Lock-in effects and SaaS solutions: How to ensure data sovereignty and appropriate data processing of digital assets?
Private and public sector organisations aim to avoid unwanted dependencies and a range of different problematic lock-in effects. Widespread use of globally provided SaaS solutions under inappropriate conditions may cause inappropriate data processing of digital assets that prevent data sovereignty. This presentation addresses how adoption and use of globally provided SaaS solutions may exacerbate and cause different types of problematic lock-in effects, such as format lock-in and vendor lock-in. Finally, we present and discuss recommendations for how an organisation can ensure data sovereignty and avoid lock-in effects through appropriate data processing of digital assets.
Sponsor speakers:
-
Christopher Läns GRC Lead, Stratsys – Christopher is a GRC expert at Stratsys with extensive experience in risk management, information security, and compliance. He has held leadership roles at Advisense and Alektum Group, contributing both deep subject matter expertise and a strong customer perspective.
-
Per Gustavsson CISO, Stratsys – Per is the Chief Information Security Officer at Stratsys, a distinguished speaker, and a researcher at the C4I & Cyber Centre at George Mason University and the University of Skövde. His focus is on maintaining robust information security practices while advising on what is appropriate—and what is not—in today’s complex digital landscape.
Session: CISO 2025 – From One-Man Band to Conductor
In 2025, the CISO is expected to be everything at once: strategist, risk analyst, technician, educator, and lawyer. Regulations such as NIS2 and DORA are setting the bar higher than ever, while the threat landscape continues to grow increasingly complex. To succeed, modern tools are required to simplify, consolidate, and synchronise the work – enabling the CISO to focus on leading rather than playing every instrument alone.
With confirmed speakers from Sweden, Belgium, Mexico and Kenya, ISACA Day 2025 is one of our most international and diverse events yet. The global ISACA theme Advancing Digital Trust in an Evolving Tech Landscape frames the entire program, reminding us that trust is not just a buzzword but the invisible currency of the digital economy.
John Wallhoff will be our moderator, guiding the sessions, introducing the speakers, and keeping the program running smoothly throughout the day.
Full Agenda
08:00–09:00 Registration & Breakfast
09:00–09:10 Welcome – John Wallhoff
09:10–10:05 David Jacoby – Hacked by Innovation
10:05–10:30 Morning Fika & Networking (25min)
10:30–11:00 Sponsor Session – Stratsys: CISO 2025
11:00–11:55 George Njuguna – Digital Trust in Practice
12.00–13:00 Lunch Break
13:00–13:55 Professor Björn Lundell – Software Sustainability & Open Standards
13:55–14:25 ISACA Sweden Chapter Update & Presentation
14:25–14:50 Afternoon Fika & Networking (25min)
14:50–15:45 Johan Lambert – AI and ISO/IEC 42
15:45–16:00 Short Coffee Break / Stretch & Networking (15min)
16:00–16:55 Arnulfo Espinosa Domínguez – Modern Audit & Governance
16:55–17:05 Closing Remarks – John Wallhoff (16.50-17.00)
17:05–18:00 Mingle & Networking Reception (17.00-18)
18:15– Optional Dinner
Practical information
Registration & Pricing
-
Early bird: 1 September – 21 September
-
Regular price: 22 September – 9 November
-
Late fee: from 10 November
Dietary requirements / allergies must be communicated well in advance to program@isaca.se so we can make the necessary arrangements.
Registration officially opened on September 1st at 09:00. We are currently testing a new sign-up flow to enhance the payment and registration flow.
This page will also be continuously updated with new program details and additional speaker announcements, so check back regularly to stay up to date.
Sponsor
A warm welcome to our sponsor Stratsys, thank you for supporting ISACA Dagen 2025.
