The AI security landscape: Stavanger edition
Join us for a lunch and learn at Sola Strand Hotel
We’re excited to invite you back to another mnemonic lunch seminar at Sola Strand Hotel!
Join us as we turn our focus to Artificial Intelligence (AI) and its growing impact on cybersecurity. Together, we’ll explore developments in the AI landscape, evolving threats, and what organisations need to consider from a governance perspective.
We look forward to seeing you again over lunch, to connect with new and familiar faces in the security community, and discuss where the world of cybersecurity is headed.
| 09:00 - 09:15 | Registration and coffee |
| 09:15 - 09:25 |
Welcome and introduction |
| 09:25 - 09:50 |
Just one phone call away: how we accidentally built a nation-scale tracking system What if tracking someone’s real-time location didn’t require malware, exploits, or privileged access, but just a phone call? In 2026, a security researcher at mnemonic uncovered a critical misconfiguration in a European telco network that allowed anyone to determine a person’s location, without them answering the call, and without leaving any trace beyond a missed call. The issue affected a large portion of a national subscriber base, including politicians, journalists, and security-cleared personnel. This talk tells the story behind that discovery: how a system designed for reliability and scale quietly became a surveillance primitive, how such weaknesses can persist unnoticed for years, and why they are nearly impossible to detect once exploited. We will explore the technical root cause in telco core infrastructure (IMS/VoLTE signaling), and show how seemingly benign protocol behavior can leak highly sensitive metadata. But beyond the technical details, this case highlights a more unsettling shift: what once required deep, specialised telco expertise and significant resources can now be achieved by a single engineer within one week, accelerated by AI-assisted analysis, coding and research. This is not just a telco story. It is a story about systemic risk: legacy complexity, implicit trust between systems, and an industry-wide blind spot that extends far beyond a single operator. As the barrier to discovery and exploitation drops, the window for defenders to react is shrinking. The session closes with a forward-looking perspective: how defenders, researchers, and operators can rethink visibility, responsibility, and collaboration in a world where powerful capabilities are becoming radically more accessible. Technical level: 2/5 |
| 09:50 - 10:00 |
Break |
| 10:00 - 10:30 |
Navigating the AI landscape The AI landscape is evolving rapidly, with continuous developments across vendors and technologies. In this session, we will provide an overview of key trends in the AI landscape, including recent changes in vendor portfolios and what organisations should be aware of when adopting AI solutions. Technical level: 2/5 |
| 10:30 - 11:00 |
Securing AI: A governance and regulatory perspective As AI becomes part of core business processes, organisations must address new governance and regulatory challenges. This session will explore key developments in the regulatory landscape, the role of leadership and boards, and how organisations can approach AI adoption more systematically. Technical level: 2/5 |
| 11:00 - 12:00 | Closing remarks, followed by lunch |
Questions?
