Resilience, from Madrid to Helsinki - .conf Go 2023 Brings the Future of Security and Observability to Europe

In July, I had the opportunity to attend my first .conf in Las Vegas and experience the unique energy and enthusiasm of our customers for the Splunk platform live. It was a thoroughly impressive experience - which we have now been able to bring to Europe this autumn with .conf Go. In 13 cities across Europe, this .conf Go offered participants practical, actionable advice and insights to overcome some of the toughest digital challenges.

Leading customers share their success stories

It was not necessarily surprising, but I was impressed by the great interest in the content presented - including the topics of resilience, security and observability, as well as a wide range of testimonials from our customers themselves – a commitment that makes us at Splunk particularly proud! 

These included stories from companies such as:

• the financial companies of KfW Bankengruppe and Raiffeisen Bank International,
• the Austrian and Swiss railway companies ÖBB and SBB or
• KPN, the leading telco and IT provider in the Netherlands  
• and many more (see below for a more comprehensive list)

All of these topics ultimately brought together a large group of technology enthusiasts, decision-makers and Splunk partners from across EMEA. People who all have one goal in common: To build more digital resilience in their organisations.

Digital resilience stories from BMW and Raiffeisen Bank International

I was deeply impressed by all of our customers' stories. The way in which they are using the Splunk platform to drive digital resilience and innovation in their companies and the tangible results they are seeing are remarkable. I would like to mention two stories here as examples - BMW and Raiffeisen Bank International.

Real-time data creates digital resilience at BMW

Some may ask themselves "What can happen in 60 seconds?". At least a lot can happen at BMW, for example:

• 8,000 website visits
• 120 Queries for car keys
• >1,500 parts of pressed material produced
• >8,000 supplier call-offs
• > 1 million defences against website attacks

These figures make it clear that without real-time monitoring, it is almost impossible for BMW to guarantee the continuous operation of its highly complex infrastructure. With Splunk, BMW is seeing some valuable benefits, including:

• End-to-end monitoring of its service chains 
• Connecting service trees across logical business process flows – from the collection of vehicle information and test drives through to purchase, delivery and vehicle handover to the customer
• Global scaling of monitoring: to critical processes of the online customer journey, consisting of around 40 applications.

In the future, BMW wants to use machine learning to predict incidents 30 minutes before they occur - so that it can continue to offer premium customer experiences.

At Raiffeisen Bank International’s SOC, manual investigations and SOPs become automated cyber response plans

Raiffeisen Bank International operates in a particularly vulnerable environment: 17.8 million customers and over 44,000 employees in more than 1,500 business outlets are part of the universal bank.

At .conf Go in Vienna, Manuel Traxler, Security Manager at Raiffeisen Bank International, reported on the many time-consuming and labour-intensive steps that the team had to carry out in the course of its manual investigations before Splunk, including: 

• over 750 manual investigation steps
• almost 100 SOPs (Standard Operating Procedures) 

With the help of Splunk SOAR, the team was able to reduce this to 60 automated playbooks, which are now available for automation to each analyst, specified and grouped into six sub-categories depending on the alarm.

But that's not all Raiffeisen Bank International is achieving with Splunk - watch this webinar for a great overview of how the bank is driving its digital resilience through improved security monitoring and optimised response times with Splunk.

Expertise and Experience from a Wide Range of Industries

I would like to thank all participants - customers, sponsors, partners and splunkers - for making the .conf Go events what they are. e. Special thanks of course go to the excellent speakers, including:

• in Frankfurt, Dr. Michael Ebner, CISO at EnBW and Dieter Landgraf, Division Leader at the KFW Banking Group;
• in Helsinki, Markus Gustafsson, Senior Development Lead at Posti Group;
• in London, Graham Dawes, Global Observability Product Owner at Specsavers and David Marshall, Head of Cyber Operations & David Lewis, Head of MBTP Cyber Security at Home Office;
• in Madrid Alberto Campo Alonso, Head of Cyber Detect and Response at ABANCA, Alvaro Fernández Díaz, Expert Information Technology at Banca España; Daniel Reina Country Head of Security and Global SOC Manager & Samuel Nova, Global CSIRT at Cellnex as well as David Gallardo & Miguel Castillo from the Cyber Defense team at Telefónica;
• in Milan Daniele Deligia, CIO at NTV Italia;
• in Munich Stefan Stein, Team Leader at Gematik;
• in Oslo, Jostein Jensen, CISO at Norsk Helsenett;
• in Paris, Eric Nanfac, Infrastructure Project Manager at Engie France Retail and Alain Gachet, CISO at SNF;
• in Stockholm, Niclas Nilsson, Engineering Manager at Ingka (Ikea);
• in Utrecht Alain Delannoy, Senior DevOps Engineer at KPN;
• in Vienna Martin Nader, Digital Transformation Programme Manager at ÖBB (Rail Cargo Austria), Manuel Traxler, Security Manager at Raiffeisen Bank International and Manfred Rührnessel, Head of IT Infrastructure Services at ENGEL Austria GmbH;
• in Zürich Stefan Meier, Head of Cyber Fusion Center at Julius Bär and Jonas Knüsel, System Engineer at SBB

If you couldn't join .conf Go this year but want to learn more, check out the observability wrap-up by Stephane Estevez and the security operations deep dive by Matthias Maier.