Cyber Defense3 (CD3) provides customized cybersecurity solutions that center on three pillars: (1) governance, (2) risk management, and (3) compliance. CD3 works with clients in multiple industries, including the intelligence community, finance sector, infrastructure, health and human services, defense, and more.

Craft is the intelligent supply chain resilience platform that enables organizations to make smarter supplier decisions, protect against disruptions; and optimize supply chain strategies. We empower businesses to strengthen their supplier networks and supply chains with the industry's most trusted and comprehensive data fabric and advanced risk mitigation engine. Our easy-to-use platform provides 360-degree visibility to quickly explore and evaluate supplier networks, AI-driven insights to detect and mitigate disruptions, and collaborative tools to optimize supply chain strategies. With Craft, procurement and supply chain professionals can confidently navigate regulatory environments, uphold ethics, and drive business continuity. At Craft, we take hiring seriously. With the rise of fake job postings and fraudulent recruiters, we want to ensure candidates know what to expect from our recruiting process. Craft recruiters will only contact candidates through official Craft email addresses or LinkedIn, never through personal accounts or messaging apps. We also never ask for sensitive personal information upfront. If you’re interested in joining our team, please apply directly through our website to ensure a secure and transparent experience.

SECTARA (Security Threat And Risk Assessor) was created for security consultants and corporate security managers frustrated with the lack of advanced security risk assessment (specific) software and tools. Performing risk assessments using MS Office products, in particular, can be a tedious process, plagued by styling / formatting problems, layout selection and the routine need for reverse engineering to assure logic throughout. Such methods are not particularly collaborative, present data security concerns and often drift beyond the bounds of recommended security standards and their assessment methodologies (because we are all human). Moreover, enterprise risk systems are necessarily generic and security risk consultant’s needs are very specific. It’s also difficult to get IT and expenditure approval for internally hosted systems, especially ones that are not part of ‘core’ business. SECTARA was developed in response to those problems, providing a security risk assessment and security management environment in which best practices for the security industry are within easy reach and available at an affordable cost. Importantly, risk assessment methodologies detailed within leading global security standards have been accounted for within the system, in a way that addresses the needs of the most advanced security practitioners, but also keeps it simple for those new to the industry. In doing so we designed SECTARA to be the natural companion to the Security Risk Management Body of Knowledge (SRMBoK) and the more recently released Security Risk Management Aide Memoire (SRM-AM); having the author of both texts as co-founder and part of the team made this task very easy.

Siemens AG (Berlin and Munich) is a leading technology company focused on industry, infrastructure, mobility, and healthcare. The company’s purpose is to create technology to transform the everyday, for everyone. By combining the real and the digital worlds, Siemens empowers customers to accelerate their digital and sustainability transformations, making factories more efficient, cities more livable, and transportation more sustainable. Siemens also owns a majority stake in the publicly listed company Siemens Healthineers, a leading global medical technology provider pioneering breakthroughs in healthcare. For everyone. Everywhere. Sustainably. In fiscal 2024, which ended on September 30, 2024, the Siemens Group generated revenue of €75.9 billion and net income of €9.0 billion. As of September 30, 2024, the company employed around 312,000 people worldwide on the basis of continuing operations.

ThreatLight provides proactive Cybersecurity solutions to protect organizations from advanced threats. Utilizing AI-driven technology and deep real-world expertise, we offer comprehensive services, through preemptive defenses through to rapid Incident Response and post breach recovery. Our mission is to enhance resilience and secure business operations globally. Our AI and ML-powered Targeted Detection and Response platform safeguards business continuity and critical assets. Our global team ensures swift, efficient responses to minimize disruptions. Committed to effective cybersecurity, we focus on delivering measurable benefits that strengthen your business and annually reduce the attack surface. For more information visit ThreatLight.com

CYBR International is a global cybersecurity solutions provider to commercial and government organizations. CYBR International recognizes the cybersecurity landscape is constantly evolving. Enterprise networks and organizational missions require a holistic cybersecurity plan which includes People, Policy, Procedures and Processes (Four P’s) that incorporates pro‐active, active and reactive Methodologies, Mechanisms and Metrics (Three M’s). Utilizing the “Four P’s/Three M’s” concept, CYBR International is able to incorporate people, policy, procedures and processes that are proven and repeatable (Methodologies); integrate devices and infrastructure after performing a thorough analysis and engineering review (Mechanisms) and compile measurements into a detailed deployment, status and performance review to ensure requirement and solution success (Metrics).

A new way to face the challenges of cyber threats. The DYNAMO project has received funding from the European Union’s Horizon Europe research and innovation programme under grant agreement No. 101069601

We build your Azure Adaptive Cloud a secure, scalable hybrid foundation that brings cloud consistency to IT/OT environments, wherever workloads run. Spirhed helps organisations modernise and operate their hybrid datacenters with Azure Local, Azure Arc, cloud governance, and integrated security (Defender XDR & Sentinel). We design, build and operate platforms that stay resilient, compliant and in control, even as technology and business needs evolve. Hybrid infrastructure is now the backbone of business continuity. Our mission is simple: build platforms that stay secure, compliant, in control. And agile enough to evolve with every demand you face. Powered by a highly skilled team, combining deep architecture expertise, Microsoft MVP leadership and strong technology partnerships, Spirhed delivers Azure Adaptive Cloud solutions engineered for stability, clarity and security by default. We help organisations modernise and unify their hybrid operations with confidence.

System 1, Inc. is a cybersecurity and critical infrastructure security consulting firm which advises business leaders in the federal & state government and critical infrastructure (utilities, oil & gas, and supporting firms) sectors. We provide strategic advice, assistance, and solutions to our public and private sector clients. System 1 aids client senior leadership in focusing on and understanding cyber risk strategy within their larger business risk structure, guide clients in institutionalizing cybersecurity governance and programs, and lead in the development of innovative approaches to address clients’ cybersecurity & assurance risk needs. With deep industry and functional experience System 1’s world-class team provides timely, high-impact results through an innovative portfolio of services. We help clients approach the complex and shifting forces that shape the cyber and broader security and assurance environment, assisting them in identifying critical leverage points and developing results-oriented strategies for reduced risk, smarter compliance, better performance, and optimized investments. System 1 personnel are management and technical experts who focus on advancement and change through the prism of people, processes, and technology; providing an integrated solution tailored to each client’s unique business risk tolerance, existing organizational risk management processes, and the evolving cybersecurity risk environment.

Xpertex has been at the cutting edge of cyber security development since 2006. Drawing on hands-on experience executing the most complex projects across the military, defence, and intelligence sectors. We work closely with our customers and colleagues from across the Exponential-e group to design and deliver solutions that help organisations effectively navigate the evolving complexities of the cyber threat landscape – all while retaining full cost control, visibility, and operational efficiency. We deliver cyber-secure solutions, cyber and security advisory and managed services for our customers of all sizes. Our Consultants have typically held roles in in the private and intelligence sector so we understand your challenges and the difficult juggling act that you face on a daily basis. We have selected best of breed technology partners that have been chosen for their specific or unique cyber-secure features and functions. This approach also allows us to become proficient in each technology and gain subject matter expertise to provide the best advice to our customers.

Orpheus is a leading cybersecurity company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. We offer subscriptions that provide tailored intelligence for your organisation, based on factors such as your industry, activities, and technology. With all-source intelligence collection, sophisticated technology, and expert analysis, our subscriptions are curated by highly qualified analysts who work closely with you to ensure you receive the intelligence you need. We are proud to be one of only 7 companies accredited by the UK’s Financial Conduct Authority (‘FCA’) to its Skilled Person Panel of experts able to provide cyber threat intelligence at the highest level to FCA-regulated companies. Furthermore, we are one of only a handful of companies accredited by the Bank of England for intelligence-led critical national infrastructure testing frameworks such as ‘CBEST’ for the UK financial sector and ‘TBEST’ for the UK Telecoms sector. Additionally, Orpheus is accredited by the international standards and accreditation body CREST as a specialist cyber threat intelligence company. Let us show you a demo of our ground-breaking portal.

Global Supply Chains are a way of life for modern business, becoming more complex and integrated. The organizations that operate within the Supply Chains have become smarter and are not only heavily dependent on Information and Communication Technologies but are also interconnected for exchanging and sharing large amounts of data. Moreover, there is still no easy, structured, standardized and trusted way to forecast, prevent and manage interrelated and propagated cybersecurity vulnerabilities and threats, in a way that takes into account the heterogeneity and complexity of today’s Supply Chains. Therefore, there is a pressing need for devising methodologies, techniques and tools for the efficient evaluation and handling of security threats and vulnerabilities supporting all involved infrastructures for the provision of critical Supply Chain services. CYRENE comes to fill this gap for devising such methodologies, techniques and tools.

Verint® helps the world’s most iconic brands build enduring customer relationships by connecting work, data, and experiences across the enterprise. With this approach, brands can navigate and thrive as they adapt to the future of work, eliminate the inefficiencies created by organizational and data silos, and consistently deliver differentiated experiences at scale across every interaction. Our solutions help brands close the gap created when they lack the resources required to deliver experiences that fulfill customer expectations. Closing this Engagement Capacity Gap™ helps them build lasting relationships with customers and drive real business results. The Verint Customer Engagement Platform draws on the latest advancements in artificial intelligence and analytics, open integration, and the science of customer engagement to meet ever-increasing, ever-shifting consumer interactions and demands. We help our customers to drive even greater value from their technology investments by working closely with a broad ecosystem of solutions and partners. With Verint, brands can finally unlock the potential of customer engagement across every area of the business to deliver consistently differentiated experiences to their customers and employees, and do so at scale to realize tangible business results. Global Presence • Headquartered in Melville, N.Y., with 40+ offices worldwide • Powered by 4,500 dedicated professionals and a global partner network Closing the Engagement Capacity Gap Brands today are challenged to deliver quality customer experiences across dozens of engagement channels, hundreds of customer journeys, and millions of interactions – all with the same team and resources. This results in an Engagement Capacity Gap. Verint solutions are uniquely geared toward closing this gap. More than 10,000 organizations in over 175 countries—including more than 85 percent of the Fortune 100 — rely on Verint. To learn more, visit: www.verint.com

Zero-One is a Personalized Consumer Relationship Platform which builds direct personalized relationships between businesses and consumers that significantly enhances emotional connection and consumers’ loyalty to brands, and helps companies grow revenue and reduce marketing and operational costs in the simplest possible way. Zero-One provides users with the simplest possible way to share open or anonymous opinions and experiences on all aspects of provided goods and services as they happen and be financially rewarded for that, while it enables businesses to get the most detailed and comprehensive information, instantly response to customers - individually or in-groups, and get a direct access to the entire Zero-One community. Key differentiators from conventional C2B2C communication solutions: - Extreme easiness for consumers - tap “0” or “1” button in the app for rating and sharing opinions (voice-to-text notes and/or pictures). - Consumers are financially rewarded for shared quantifiable opinions and experiences. - Data collection and analysis from all businesses in the marketplace regardless of their participation (e.g. market segmentation analysis of all QSRs in the region). - Direct and personalized communication to each and every Zero-One user in order to entice and attract new customers. - AI and Machine Learning to build personalized consumer behavioral patterns and predict consumers’ future needs and meet them in advance.

"Innovate Fearlessly, Protect Relentlessly." St. Fox is a leading consultancy helping enterprises secure their Cloud, Data, endpoints, and applications. We relentlessly analyze and protect our clients' businesses, so they can innovate and scale fearlessly. We also provide services in the cloud and Gen AI. Our team of experts has a deep understanding of the latest security threats and trends, and we are constantly developing new solutions to help our clients stay ahead of the curve. We offer a wide range of services, including: Cloud security assessments and architecture reviews Data security consulting and implementation Endpoint security consulting and implementation Application security testing and vulnerability management Security incident response and remediation Cloud migration and transformation services Gen AI consulting and implementation Our Mission To help enterprises secure their Cloud, Data, endpoints, and applications, so that they can innovate and scale fearlessly. Our Values Customer Obsession: We put our clients first and are always looking for ways to exceed their expectations. Innovation: We are constantly innovating and developing new solutions to help our clients stay ahead of the security curve. Integrity: We are honest and transparent in all of our dealings with our clients and partners. Excellence: We strive to provide the best possible security solutions and services to our clients. Teamwork: We believe that teamwork is essential to success, and we are committed to working together to achieve our common goals. We are passionate about helping our clients succeed, and we are committed to providing them with the best possible security solutions. We believe that security is essential for innovation and growth, and we are here to help our clients achieve their goals securely.

𝗡𝗶𝘀𝗸𝗮𝗮 𝗚𝗥𝗖 𝗔𝘂𝗱𝗶𝘁 𝗦𝗼𝗳𝘁𝘄𝗮𝗿𝗲: 𝗔𝘂𝘁𝗼𝗺𝗮𝘁𝗲 𝗥𝗶𝘀𝗸 & 𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 𝗔𝘂𝗱𝗶𝘁𝘀 𝗔𝗰𝗿𝗼𝘀𝘀 𝗘𝘂𝗿𝗼𝗽𝗲 The Niskaa GRC Audit Software is an advanced, AI powered European Governance, Risk and Compliance (GRC) platform designed to automate and streamline risk assessments, compliance audits, and regulatory reporting for organisations across Europe. Built to align with GDPR, NIS2, DORA, EU AI Act, and ISO standards (ISO/IEC 27001, ISO/IEC 42001, ISO/IEC 31000, etc.), the tool helps businesses maintain up-to-date compliance and prepare for internal and external audits with confidence. The Niskaa GRC Audit Tool can be used by 𝗶𝗻𝘁𝗲𝗿𝗻𝗮𝗹 𝗰𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 𝘁𝗲𝗮𝗺𝘀, 𝗰𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝘁𝗲𝗮𝗺𝘀, 𝗲𝘅𝘁𝗲𝗿𝗻𝗮𝗹 𝗮𝘂𝗱𝗶𝘁𝗼𝗿𝘀, and 𝗚𝗥𝗖 𝗰𝗼𝗻𝘀𝘂𝗹𝘁𝗮𝗻𝘁𝘀. It supports both in-house deployment (including in the client’s own cloud environment) and use through Niskaa’s own secure cloud (Quantiti ∞), providing maximum flexibility for different compliance models and organisational needs. Organisations use the tool to assess cybersecurity risks, manage compliance across multiple regulations, and generate clear audit-ready reports. It enables both individual audits (ISO certification preparation, GDPR compliance checks, AI management system reviews) and integrated enterprise-wide GRC programmes. The platform provides pre-built frameworks for key European and international standards, with configurable options for industry-specific needs (financial services, healthcare, critical infrastructure, AI/tech, SaaS, public sector). Automated workflows reduce manual effort, ensure consistency, and enable continuous monitoring of compliance posture. With the Niskaa GRC Audit Software, European businesses and audit professionals can reduce compliance risk, automate reporting, and strengthen governance, while keeping pace with evolving regulatory requirements.

Blue Coral is a highly specialized security services provider and risk mitigation consultancy offering unparalleled service and experience to a small number of select clients. • Cybersecurity services •Emerging technology solutions. Blue Coral was founded on the belief that the collective lessons learned by elite military veterans and proven law enforcement professionals, screened by their peers and tested throughout their careers, are of extreme value to global business and international competition. Blue Coral employs Advisors with operational and managerial experience from around the world in a broad variety of threat environments to include direct combat, peace-time training, and politically sensitive settings. We demand discipline and drive innovation. With Blue Coral on your side, you gain access to a worldwide network of vetted professionals significantly increasing your/our probability of success. We minimize your risk and facilitate your success. The Blue Coral Advisory Group is a consulting firm that stands out from the rest and transforms seemingly insurmountable challenges into realized opportunities. Contact us to discuss how we can assist. +1.305.432.6822 BlueCoralAG.com Blue Coral. Easy Day.

Kaisura offers expertise in the fields of Cybersecurity, Privacy and Artificial Intelligence Security. We have cross industry experience and are pioneers in AI security in healthcare. For Cybersecurity, Kaisura offers assistance with setting up a more secure stance in general, whether through policy development, or resiliency plans such as Business Continuity and Disaster Recovery Plans, for a business to operate more smoothly in regard to cybersecurity. We also offer Application Security services such as Threat Modeling and promoting secure SDLC practices. Risk assessments are another service offered in this space, and the Kaisura team collectively possesses decades of conducting cybersecurity risk assessments. In regard to privacy related services, we maintain an up-to-date awareness of regulations in this space (e.g., HIPAA) and offer assistance to achieve optimal compliance. Gap Assessments are utilized to determine the level of compliance with a given regulation, and we provide measures to apply for closing any identified gaps. Additionally, we provide services for enhancing privacy management, including conducting assessments, such as Privacy Impact Assessment or Transfer Impact Assessment, or review of Technical and Operational Measures (TOMs), as these elements are required under certain regulations. In the area of securing AI, we offer risk assessments of AI applications in order to determine level of risk, and to assess the design as it pertains to recognized best practices. We also recommend mitigation measures to apply for closing identified gaps. Furthermore, we offer AI related policy development, risk management, and AI security awareness training. Lastly, Kaisura maintains an awareness of current and approaching laws and regulations surrounding the use of AI, and we offer insight into applicable regulations to a given business, as well as conduct gap assessments and suggest applicable mitigation measures to apply in order to achieve compliance.

CCI is a non-profit international association, originating in Spain, of professionals and entities - private and public - concerned about the growing risk in automation and industrial digitization. It works to advance and improve the level of cybersecurity in the industry by facilitating relationships, knowledge and experiences of the sectors involved in this area, mainly in Europe and Latin America. Thanks to a multidisciplinary team of coordinators and experts, we develop research activities, training, events, generation of publications and tools for an ecosystem of more than 3,000 members from 45 countries.

Global organizations rely on Everstream Analytics for actionable risk intelligence, from planning and procurement through logistics. With unique data, unrivalled expertise, and predictive analytics embedded into client workflows, we enable clients to anticipate risks, respond faster, and save millions.

202 Group is a provider of data-driven supply chain risk management solutions to the U.S. federal government.

Versed AI helps companies monitor, manage, and mitigate supply chain risks with AI-powered supply chain visibility and transparency. We do this by using cutting edge natural language processing (NLP) techniques to extract buyer-supplier relationships from text documents. We can then aggregate this into a large supply chain map. Use cases include: - Meeting regulatory requirements, such as the UK Modern Slavery Act. - Pinpointing possible points of failure in the supply chain, such as common sub-tier suppliers. - Identifying geographical concentrations of risk

SCAIR® the Award-Winning Biopharmaceutical Supply Chain Risk Management Software for Operational Resilience. SCAIR® maps and models your business’ global supply chain relationships, so you can build resilience into your supply networks, monitor compliance, and protect your organisation’s profits. This award-winning tool has been designed specifically for the unique characteristics of the pharmaceutical industry: batch manufacture, multinational supply chains and strict medical regulation. SCAIR® is the go-to product for pharmaceutical organisations – and other highly regulated industries like Insurance – that have a relentless desire to ensure business continuity and success. Launched in 2006, SCAIR® was the first biopharmaceutical supply chain risk management software to go to market in the UK. Our team has worked with dozens of life sciences clients and highly regulated industries, including FTSE 100-listed businesses and global names in Insurance and Reinsurance. Our software and consultancy reflect this specialist insight. Protect your business by pinpointing weak links in your supply chain – strengthening that supply chain and helping you turn bigger profits.

Inventry can unleash the power of machine learning and artificial intelligence onto your supply chain without having to change your existing IT ecosystem.

interos.ai is the Supply Chain Risk Intelligence company — building the most trusted and transparent supply chains in the world. Our pioneering discovery and monitoring technology spans the lifecycle of supply chain risk, bringing speed and clarity to enterprise response. As the world's first, and only, automated supplier threat mitigation platform, we continuously map and monitor extended supply chains in real-time to protect organizations from regulatory fines, unethical labor, cyber-attacks, and other systemic vulnerabilities. Interos serves a variety of commercial, government, and public sector customers around the world including a host of Global Fortune 500 companies and from within the members of the Five Eyes nations. Named by Inc. Magazine as one of America's fastest-growing private companies, interos.ai is led by CEO Ted Krantz and supported by premiere investors NightDragon, Venrock and Kleiner Perkins. For more information, visit www.interos.ai.