If you are interested in having me talk at your conference or company event, I’d be happy to hear from you. See a list of previous events with some video recordings below.

My message is simple: Security must align with people.

Having facilitated with more than 100 interactive preparedness exercises with audiences of all sizes, across borders, this has become a speciality of mine. Learn more about this in the video-recorded talk about 5000 exercise participants!

I offer talks and interactive experiences for all kinds of audiences, taking perspectives from:

• How people experience security in their daily lives and at work.
• How technology can support people to do the right things.
• How companies must be empathic about people and IT to be secure.
• How people can save the day when technology fails.

I can also do workshops and courses for groups on request, including exercise facilitation.

Selected events:

• 24 June 2025:
  FIRST Conference 2025, Copenhagen (DK)
  “Incident Preparedness Takeaways from 5000 Exercise Participants” [Video]
• 10 June 2025:
  Pointsharp Experttalks, webinar
  “From Cyber Resilience to Societal Resilience” [Video]
• 6 March 2025:
  mnemonic Experience Sharing Forum, Utrecht (NL)
  Incident response exercise: Operational Technology
• 10 December 2024:
  European DIGITAL SME Summit, Brussels (BE)
  “Fostering Digital Resilience in the Era of Economic Security”
• 8 October 2024:
  Hele Danmark øver kick-off, Copenhagen (DK)
  “Denmark’s future in cybersecurity” (panel moderator)
• 24 June 2024:
  IEEE Requirements Engineering, Reykjavik (IS)
  “Security Requirement Engineering for Socio-Technical Systems”
• 13 May 2024:
  mnemonic C2Summit, Oslo (NO)
  Incident response exercise: Advanced Persistent Threat (with Mona Østvang)
• 6 May 2024:
  Innovasjonstalen, Oslo (NO)
  “We need to talk about Europe” [Video]
• 29 February 2024:
  Computerworld CIO Forum, Oslo (NO)
  Incident response exercise: Privacy breach
• 22 February 2024:
  EU Cybersecurity Competence Center (ECCC) Info Day, Bucharest (RO)
  “From relevance to impact with SP4EU in DIGITAL Europe” [Slides]
• 2 February 2024:
  UTmessan, Reykjavik (IS)
  “How do we prepare for the unexpected?” [Video]
• 7 December 2022:
  IAPP (International Association of Privacy Professionals), webinar
  “Artificial intelligence: How to play in the sandbox” [Video]
• 17 November 2022:
  DeepSec 2022, Vienna (AT)
  “The need for a human touch in cyber security” [Video]
• 15 September 2022:
  44CON, London (UK)
  “The need for a human touch in cyber security” [Video]
• 16 August 2022:
  The 9th International Workshop on Evolving Security & Privacy Requirements Engineering
  “The need for a human touch in security and privacy engineering” (KEYNOTE)
• 23 May 2022:
  CPDP 2022, Brussels (BE)
  “A Sand Storm or Just a Breeze? What’s the Fuss About Sandboxes?” (panel)
• 24 November 2020:
  PasswordsCon (online)
  “Feeling the Difference Between Human Failure and Secure Behavior” [Video]
• 23 May 2019:
  BSides, Oslo (NO)
  “Appsec Requirements With OWASP ASVS” [Video]
• 21 May 2019:
  PreParanoia
  “Experiences With Simulated Phishing” [Video]
• 3 September 2019:
  mnemonic Security Breakfast
  “The Missing Link In Email Security” [Video]

Other events:

• 16 November 2023:
  DeepSec 2023, Vienna (AT)
  “Let’s Prepare for the Unexpected!”
• 9 October 2023:
  Microsoft Security User Group, Oslo (NO)
  “The Human Element in the Cyber Security Equation”
• 28 August 2023:
  Sikkerhetsfestivalen 2023 (with Liv Dingsør / Digital Norway)
  “Hele Norge øver!”
• 23 June 2023:
  ISACA Norway Chapter, Oslo (NO)
  “Let’s prepare for the unexpected”
• 18 January 2023:
  NeXTdigital
  “Sikkerhet og folk: Fra “zero” til “hero” (fra null til gull)”
• 29 November 2022:
  IKT Agder
  Corporate event (internal), Oslo
• 26 October 2022:
  NoA Ignite
  Corporate event (internal), Oslo
• 20 October 2022:
  Statistisk Sentralbyrå
  Corporate event (internal), Oslo
• 3 September 2019:
  IAPP Virtual Panel
  “Artificial Intelligence: How to play in the sandbox” [Video]
• 31 August 2022:
  Sikkerhetsfestivalen 2022 (with Mari Bjerck / NTNU)
  “Personas for sikkerhetsbudskap som treffer”
• 30 August 2022:
  Sikkerhetsfestivalen 2022 (with Eirik Gulbrandsen / Datatilsynet)
  “(Got a) license to profile: Sikkerhetstiltak og berettiget interesse på arbeidsplassen”
• 15 June 2022:
  KS Sikker kommune 2.0
  “Lille speil på veggen der – hvem har sikkerhetsansvar her?”
• 3 May 2022:
  Stolt IT
  Corporate event (internal), Oslo
• 30 March 2022:
  Abakus linjeforening, NTNU
  “Hacking man kan leve av – på godt og ondt”
• 23 February 2022:
  Moelven Industrier
  Corporate event (internal), Hamar
• 8 February 2022:
  PwC personvernseminar
  “Erfaringer fra første runde i Datatilsynets sandkasse for ansvarlig AI”
• 18 November 2021:
  PreParanoia 2021
  “AI, privacy and data protection in the workplace”
• 11 November 2021:
  Bane NOR
  Corporate event (internal), Oslo
• 29 October 2021:
  Statkraft
  Corporate event (internal), Oslo
• 21 October 2021:
  KLP
  Corporate event (internal), Oslo
• 29 September 2021:
  Medlemsmøte ISF, DnD, ISACA, CSA Norway
  “Kunstig intelligens og personvern på arbeidsplassen”
• 9 September 2021:
  Trondheim Machine Learning Meetup
  “Machine Learning in Cyber Security”
• 13 January 2020:
  MIDSEC Norway
  “Samfunnssikkerhet og cybersikkerhet”
• 4 December 2019:
  Norsk Informasjonssikkerhetsforum (ISF) julemøte
  “Kan vi digitalisere oss unna menneskelig sårbarhet?”
• 5 November 2019:
  NTNU
  Guest lecture in cybersecurity and teamwork
• 1 October 2019:
  Storebrand
  Corporate event (internal)
• 30 September 2019:
  BaneNOR
  Corporate event (internal)
• 13 September 2019:
  NeXTdigital
  “Kan vi digitalisere oss unna menneskelig sårbarhet?”
• 27 August 2019:
  Sikkerhetsfestivalen
  “Overtalelsens kunst – på godt og ondt”
• 7 May 2019:
  Sikkerhet og sårbarhet
  “Sikkerhetskrav med OWASP ASVS” [Video] (in Norwegian)
• 24 April 2019:
  NTNU
  Guest lecture in digital entrepreneurship
• 19 March:
  Bouvet One
  Corporate event (internal)
• 11 February 2019:
  NTNU
  Guest lectures in ethical hacking and privacy by design
• 5 February 2019:
  NTNU
  Guest lecture in user centered software development
• 28 November 2018:
  Webstep
  Corporate event (internal)
• 5 November and 12 November 2018:
  BI (Norwegian Business School)
  Lectures in cyber security
• 22 October 2018:
  Huawei
  Corporate event (internal)
• 18 October 2018:
  Sikkerhetssymposiet
  “Gamification i sikkerhetsarbeidet” [Video] (in Norwegian)
• 14 October 2018:
  Direktoratet for eHelse
  Corporate event (internal)
• 28 September 2018:
  NTNU
  “Sikkerhet og folk – Fra teori til sikker praksis” [Video]
• 27-29 August 2018:
  ISF Høstkonferansen
  “Hvordan lage et menneskelig sikkerhetsbudsjett” [Video] (in Norwegian)
• 29 May 2018:
  PreParanoia
  “Brukerne er ikke fienden”
• 8-9 May 2018:
  Sikkerhet & sårbarhet
  “Eksempler på innebygd personvern”
• 27 April 2018:
  Prokom
  Corporate event (internal), Oslo
• 18 April 2018:
  NTNU
  Guest lecture in user-centered software development
• 5 April 2018:
  MIDSEC Cluster
  “E-post – kan vi sikre noe som er grunnleggende usikkert?”
• 27 February 2018:
  NTNU
  Guest lectures in ethical hacking and privacy by design
• 30 November – 1 December 2017:
  Normkonferansen
  “Sikkerhet og folk – fra policy til praksis”
• 17 November 2017:
  Datatilsynet
  Corporate event (internal), Oslo
• 8 November 2017:
  ISACA/ISF/DND felles medlemsmøte
  “Sikkerhet og folk – fra policy til praksis”
• 19 October 2017:
  VisBook Workshop 2017
  “10 tips til bedre digital sikkerhet”
• 17 October 2017:
  Difi
  Corporate event (internal), Oslo
• 4 October 2017:
  Storebrand
  Corporate event (internal), Oslo
• 28 September 2017:
  NRSKonf – Den nasjonale risiko og sårbarhetskonferansen
  “Folk gjør feil – men kan også redde dagen”
• 28-30 August 2017:
  ISF Høstkonferansen
  “Folk i frontlinjen”