InfoGuard AG (Headquarter)
Lindenstrasse 10
6340 Baar
Switzerland
InfoGuard AG
Stauffacherstrasse 141
3014 Bern
Switzerland
InfoGuard Deutschland GmbH
Frankfurter Straße 233
63263 Neu-Isenburg
Germany
InfoGuard Deutschland GmbH
Landsberger Straße 302
80687 Munich
Germany
InfoGuard Deutschland GmbH
Am Gierath 20A
40885 Ratingen
Germany
InfoGuard GmbH
Kohlmarkt 8-10
1010 Vienna
Austria
As a gathering place for the cybersecurity community, this hybrid event provided practical guidance on current developments, real-world attack scenarios, and forward-looking strategies for effective cyber defense. Did you miss the InfoGuard Security Lounge? This recap provides an overview of the key insights and recordings.
The two keynote speakers each brought their own unique perspectives to this anniversary edition: Dr. Hannes P. Lubich, a member of InfoGuard’s Board of Directors, with his keynote on insider threats—and Rob Spence, comedian, leadership coach, and Chief Humor Officer, who highlighted humor as an extraordinary resource, even in times of crisis. The expert teams from Cyber Defense, Computer Security Incident Response (CSIRT), and Penetration Testing brought today’s threat landscape to life using concrete cyber incidents—from external attack vectors to MDR to flawed security mechanisms. Technical insights were provided by the presentations from presenting partners Palo Alto Networks, DigiCert, Silverfort, and HPE Networking.
With a touch of playful wit and technical precision, Dr. Hannes P. Lubich opened this year’s series of presentations. He demonstrated that cyber risks are no longer posed exclusively by external attackers. Employees, service providers, or partners with legitimate access rights can—whether intentionally or unintentionally—cause significant damage.
Lubich made it clear: Insider risks must be actively managed. Isolated awareness campaigns or technical safeguards alone are not enough. It is crucial that companies continuously focus on access rights, critical dependencies, and suspicious activity—and view leadership and security culture as integral parts of cyber resilience.
Sandro Bachmann, Principal Threat Intelligence Analyst at InfoGuard, demonstrated just how rapidly the threat landscape is currently changing. Using real-world incidents from his daily work, he illustrated why attackers today no longer need a traditional breach. Instead of “Hollywood-style hacking” with a big bang, they quietly exploit inadequately protected identities, cloud accounts, and external access points that have long been in place.
Bachmann identified many risks outside traditional security perimeters: in SaaS applications, with service providers, in shadow IT, or in inadequately protected administrative access points. He made a particularly strong case to the audience: MFA is far more than just a nice-to-have. MFA is the starting point for any effective cyber defense measure. His conclusion: The greatest cyber risks lurk where visibility, accountability, and control are lacking. External attack surfaces must therefore be consistently identified and actively managed.
A recent example from the Red Team underscored this insight: Lucas Dodgson, a penetration tester at InfoGuard, demonstrated how a widespread misconfiguration in Microsoft Exchange Online can allow attackers to deliver emails undetected despite SPF, DKIM, and DMARC checks. With Ghost-Sender, InfoGuard also introduced a freely available testing solution that enables companies to specifically check their email domains for this configuration vulnerability.
Michael Stampfli, Head of Cyber Defense Services & Operations at InfoGuard, explained why traditional security models are increasingly reaching their limits. While attackers are acting faster and more automatically, defenders face the challenge of deriving reliable decisions from individual warning signs.
Stampfli explained how modern Managed Detection and Response Services reveal connections between identities, endpoints, cloud services, and networks. AI opens up new possibilities in the Security Operations Center (SOC) for detecting, classifying, and prioritizing security incidents more quickly. However, the key guiding principle remains clear: AI accelerates analysis, but responsibility for both business-critical decisions and data sovereignty remains with humans.
Marc Bollhalder, a penetration tester at InfoGuard, also provided practical insights. Using anonymized customer examples, he demonstrated why in-house encryption mechanisms often create more risks than they solve.
The cases presented illustrated that supposedly secure in-house developments often contain fundamental vulnerabilities or disregard proven security principles. For companies, the lesson is clear: what matters is not whether a solution appears secure, but whether it implements security mechanisms correctly and in a verifiable manner. His recommendation: proven standards and established cryptographic methods are superior to in-house solutions in most cases.
Was there a topic you’d like to explore further? Browse through the recordings and watch the full-length presentations of your choice.
Before the break, there was a special moment dedicated to the community that has supported InfoGuard for 25 years: Miriam Rickli and Thomas Meier cut the birthday cake—as a thank-you to the guests for their trust, collaboration, and shared commitment to cybersecurity.
This was followed by the InfoGuard Update with Daniel Heinzig, Managing Director of InfoGuard Deutschland GmbH, and Stefan Thomann, Chief Sales Officer of InfoGuard.
Thomann and Heinzig outlined the cyber defense capabilities of the future. Thomann summed it up: “AI in cyber defense only creates added value if sensitive security data remains under our own control at all times.”
InfoGuard therefore relies on “AI by Design.” This is based on a simple principle: AI should enhance security and efficiency without compromising data sovereignty, data protection, and transparency. That is why InfoGuard operates and processes LLM models on its own infrastructure in both Switzerland and the EU.
The question is no longer simply whether a SOC uses AI. What matters is where the data is processed, how the AI operates under control, and that humans retain control over security-related decisions.
The presenting partners rounded out the afternoon with a look at technologies that make cyber defense faster, more controllable, and more resilient.
Andy Schneider from Palo Alto Networks spoke about the race among algorithms and highlighted how AI massively accelerates attacks. For companies, automation alone is not enough. What matters most is correctly interpreting warning signs under time pressure and making reliable decisions more quickly.
Reto Scagnetti from DigiCert highlighted the central role of cryptography in digital trust models and modern security architectures. After all, where business processes, identities, and systems are digitally interconnected, trust requires a technical foundation.
Michael Lindner of Silverfort explained why privileged accounts today extend far beyond traditional administrators. In addition to human user accounts, service accounts, machine identities, and AI agents must also be effectively protected. He emphasized: Identity is no longer just an access issue, but a central vulnerability in modern cyber defense.
Finally, Beat Sommerhalder and Michael Woduschegg from HPE Networking demonstrated how AI-native network security embeds transparency, automation, and control directly into the infrastructure. The common thread here as well: Anyone who wants to strengthen cyber resilience must consider security wherever data, applications, devices, and people are connected.
Rob Spence provided an inspiring and creative conclusion to the event. With humor, energy, and depth of content, he demonstrated how people can cope with uncertainty, complexity, and pressure.
Spence made it clear that resilience does not arise from technology alone. Humor strengthens relationships, fosters creativity, and supports mental balance—skills that become increasingly important, especially in challenging transformation and security situations. His message, as simple as it is memorable: If you want to lead others seriously, don’t take yourself too seriously.
You can find impressions of Spence’s presentation and other highlights here.
To conclude the anniversary edition, Thomas Meier offered a positive assessment: “For us, the InfoGuard Security Lounge is far more than just a trade event. It is a place for dialogue where knowledge is shared, experiences are exchanged, and new ideas for practical application are generated. The fact that we were able to celebrate this as part of our 25th anniversary together with so many customers, partners, and long-time companions makes this year’s edition a very special one for me.”
At the flying dinner that followed—accompanied by the melodious sounds of the jazz duo Beat Baumli on guitar and Christian Münchinger on saxophone—the anniversary edition of the Security Lounge came to an atmospheric close with stimulating conversations and many personal encounters.
Were you unable to attend but would like to get an overview? Then visit to find the full-length recordings of the keynotes and presentations.
The anticipation for 2027 was already palpable. Accordingly, we’re looking ahead: The 17th InfoGuard Security Lounge will take place on June 23, 2027. Secure your spot today.
Caption: Own image archive