The 17th Edition of the New York Official Cybersecurity Summit is the must-attend event for CISOs and senior leaders looking to strengthen resilience, reduce risk, and align security with business goals. Join top executives, innovators, and experts for a full day of actionable insights, cutting-edge solutions, and high-impact networking. Experience interactive panels, exclusive solution showcases, and strategic discussions that go beyond theory to deliver real-world results, all complemented by a catered breakfast, networking lunch, and closing cocktail reception.

Featured Speakers

Deidre Diamond
Deidre Diamond
Founder & CEO
CyberSN
Jeff Steadman
Jeff Steadman
Host
The Identity at the Center Podcast
Ron Ross
Ron Ross
Former Fellow
NIST

Key Issues Covered at The Official Cybersecurity Summit

AI, Automation, and Emerging-Tech Risk (and Opportunity)

As artificial intelligence, automation, and new digital technologies accelerate across every industry, cybersecurity leaders face both unprecedented risk and powerful opportunity. The summit will explore how Cybersecurity leaders and their teams can harness emerging technologies to strengthen resilience, streamline operations, and stay ahead of adversaries who are equally quick to innovate. Attendees will gain insight into real-world applications of AI for threat detection, incident response, and decision intelligence, while learning how to identify and mitigate the new classes of vulnerabilities these tools introduce.

From generative AI and large language models to autonomous security systems and deepfake detection, these discussions will separate hype from reality. Experts will share practical frameworks for governing AI responsibly, managing data integrity, and aligning innovation with enterprise risk management. The conversations will help cybersecurity executives navigate the complex balance between embracing emerging technology for competitive advantage and ensuring it doesn’t become their next threat vector.

Key Takeaways:
• Learn how AI and automation are transforming threat detection, incident response, and security operations in measurable ways.
• Practical strategies for managing and mitigating new risks created by emerging technologies like generative AI and autonomous systems.
• Frameworks for responsible AI governance, including data integrity, transparency, and regulatory alignment.
• Real-world examples of organizations balancing innovation with security and risk management priorities.
• Actionable insights cybersecurity leaders can take back to their teams to prepare for the next wave of AI-driven threats and opportunities.

Supply Chain, Third-Party Ecosystem, and Identity Attack Surface

As organizations expand their digital ecosystems, the lines between internal and external risk are rapidly disappearing. Today’s threat actors know that the fastest way into a network isn’t always through the front door. From compromised vendors and cloud integrations to weak identity controls, attackers are exploiting every link in the chain. The summit brings cybersecurity leaders together to unpack how supply chain vulnerabilities, third-party dependencies, and identity-based risks are converging to create a complex and often underestimated attack surface.

Cybersecurity executives will explore real-world examples of cascading breaches, lessons learned from managing large vendor ecosystems, and emerging frameworks for continuous third-party risk monitoring. The discussions highlight strategies for mapping hidden connections, enforcing stronger identity governance, and building resilience through transparency and collaboration. Attendees will walk away with practical insights for reducing exposure and strengthening trust across every part of their digital supply chain.

Key Takeaways:
• Understand how interconnected supply chains and third-party vendors expand your organization’s attack surface.
• Learn proven methods to assess, monitor, and mitigate risks across your extended digital ecosystem.
• Explore best practices for managing identity as the new security perimeter, including zero trust and access governance strategies.
• Gain insights from real-world breach scenarios that reveal common breakdowns in vendor and identity controls.
• Leave with an actionable framework to improve third-party risk visibility, strengthen resilience, and build more secure partnerships.

Resilience, Risk, and Results: Aligning Security with Business Outcomes

In today’s threat landscape, resilience is more than just recovery - it’s readiness, adaptability, and alignment with the business mission. The summit explores how forward-thinking cybersecurity executives are quantifying cyber risk to drive smarter investments and communicate value in business terms. By translating technical controls into measurable business impact, cybersecurity leaders are helping their organizations make data-driven decisions that balance protection with performance.

Join top executives and thought leaders for in-depth discussions on the frameworks, metrics, and real-world practices shaping the next generation of cyber resilience. From risk quantification models to boardroom-ready reporting, this conversation will reveal how leading security teams are reframing cybersecurity as a strategic business enabler - bridging the gap between risk reduction and results.

Key Takeaways:
• Learn how to translate cybersecurity metrics into meaningful business outcomes that resonate with executive leadership and the board.
• Explore practical approaches to cyber risk quantification that help prioritize investments and justify budget decisions.
• Understand how resilience strategies can align with overall business continuity and growth objectives.
• Gain insights from leading CISOs on how they communicate security value across the organization to drive engagement and accountability.
• Discover frameworks and tools that connect operational security performance with measurable business impact.

Top 6 Reasons to Attend the Cybersecurity Summit

1
Learn

Learn from renowned experts from around the globe on how to protect & defend your business from cyber attacks during interactive panels & fast track discussions.

2
Evaluate Demonstrations

Evaluate and see demonstrations from dozens of cutting-edge cybersecurity solution providers that can best protect your enterprise from the latest threats.

3
Time, Travel & Money

Our mission is to bring the cyber summit to the decisionmakers in the nation’s top cities. Our events are limited to one day only and are produced within first-class hotels, not convention centers.

4
Engage, Network, Socialize & Share

Engage, network, socialize and share with hundreds of fellow business leaders, cybersecurity experts, C-Suite executives, and entrepreneurs. All attendees are pre-screened and approved in advance. On-site attendance is limited in order to maintain an intimate environment conducive to peer-to-peer interaction and learning.

5
CEUs / CPE Credits

By attending a full day at the Cybersecurity Summit, you will receive a certificate granting you Continuing Education Units (CEU) or Continuing Professional Education (CPE) credits. To earn these credits you must participate for the entire summit and confirm your attendance at the end of the day.

6
A Worthwhile Investment

By investing one day at the summit you may save your company millions of dollars, avoid stock devaluation, and potential litigation.

Questions

For any questions, please contact our
Registration Team.

Sponsor

To sponsor at an upcoming summit, please fill out the
Sponsor Form.

Admission to the Cybersecurity Summit is reserved exclusively for active cybersecurity, IT, Information security practitioners tasked with safeguarding their enterprises against cyber threats and managing cybersecurity solutions. All registrations are subject to review.
 
Students, interns, educators, individuals not currently employed in IT, and those in sales or marketing roles are not eligible to attend.
 
Additionally, if we are unable to verify your identity with the information you provided during registration, your attendance may be cancelled.
 
Please note these qualifications pertain to all attendees, including members of our partner organizations.

Agenda

The Official Cybersecurity Summit delivers high-impact sessions designed to help leaders strengthen resilience, protect critical infrastructure, and align security with business goals.

Attendees will gain actionable insights from expert panels, explore cutting-edge solutions, and connect directly with top industry innovators - making this a can’t-miss agenda for CISOs and security executives.

View Past Agenda
8:00-9:00
Networking Breakfast
9:00-9:10
Welcoming Remarks
9:10-9:45
Opening Fireside Chat with Dr. Ron Ross, Former NIST Fellow: Igniting Change: A Conversation

Dr. Ron Ross, a living legend in cybersecurity and one of the most influential architects of our nation’s cyber defense frameworks, joins us in-person for an extraordinary keynote conversation not to be missed. With decades of pioneering work at NIST, including authoring landmark initiatives like the Risk Management Framework and the NIST Systems Security Engineering Guidelines, Dr. Ross brings unmatched insight into the future of cybersecurity. This powerful session will explore the most urgent priorities and transformative strategies needed to ignite meaningful change in our cyber posture. Dr. Ross will also share freely available tools and resources designed to empower practitioners across sectors. Don’t miss this rare opportunity to engage with one of cybersecurity’s most visionary leaders.

Ron Ross
Ron Ross
Former Fellow
NIST
9:45-10:20
Keynote Presentation with LevelBlue: Thousands of Incidents Later - Lessons Learned from the Frontlines of Incident Response

In this presentation, cybersecurity consultant Michael Quinn draws from extensive experience investigating thousands of cyber incidents to share practical insights on high-volume incident response. The talk explores key lessons learned from real-world investigations, highlighting common patterns, recurring challenges, and the importance of structured approaches when dealing with frequent security events. Attendees will hear about proven best practices for effective triage, prioritization, and coordination during investigations, as well as strategies for improving overall response maturity — such as refining processes, leveraging available tools and intelligence, and conducting thorough post-incident reviews to strengthen defenses over time. Through anonymized war stories from the field, the session illustrates how seemingly routine matters can escalate, the value of quick but measured decision-making, and the critical role of preparation and teamwork in containing impact and supporting recovery. These relatable accounts underscore broader takeaways applicable to organizations of various sizes and sectors. Ideal for security professionals, incident responders, and leadership looking to build or enhance their investigative and response capabilities in environments where incidents are frequent and demands are high.

Michael Quinn
Michael Quinn
Senior Incident Responder
LevelBlue
10:20-10:30
Innovation Spotlight - Huntress Labs: Defending the Rest of Us Resilience for Organizations of All Sizes

News headlines show you the breaches at massive corporations, but it’s everyday organizations that face the most threats. Adversaries prey on the human psyche and use AI to advance their tactics and target the companies that keep our communities running.  For these companies, a ransomware or BEC attack isn’t just a stressful event—it’s the reason they can’t make payroll. This session explores how hackers plan to win, and why you don’t need a massive budget to fight back.  We’ll get into how Huntress brings cyber resilience through a powerful combo of purpose-built technology and human SOC expertise to stop threats before they cause damage—because organizations of ALL sizes deserve a fighting chance against attackers.

Brian Roberts
Brian Roberts
Sales Manager
Huntress
10:30-10:50
Dataminr Presentation: The Power of Foresight: Why Minutes Matter in 2026

This session outlines the critical challenges and strategic pivots required for 2026, using real-world data to focus on the "humanly impossibility" of solving for challenges like incomplete vendor patches, high-impact threat actor tactics, outdated approaches to alert prioritization. To help deal with the problem of overwhelming alert volume and chronic understaffing, attendees will learn how foresight is now possible and can help them gain precious minutes, hours, or days of lead time ahead of an attack.

Hank Schless
Hank Schless
Director, Product Marketing
Dataminr
10:50-11:10
Akamai Presentation: From API to Everywhere: How Modern Attacks Move Through Your Environment

APIs are now the primary interface for modern digital businesses, concentrating identity, data, and control in a single layer, and making them a prime target for attackers. Across cloud, SaaS, and enterprise environments, adversaries increasingly exploit APIs for initial access, establish persistence using tokens or service identities, and move laterally through internal APIs and trusted service-to-service communication.  

This session breaks down the modern API-driven attack path using real-world incidents, explaining why API breaches so often escalate, why perimeter-based defenses fail to contain them, and how organizations can shift toward runtime detection and east-west containment. The focus is on resilience: limiting blast radius and keeping API incidents from becoming full-environment compromises.

Michael Villar
Michael Villar
Director, Field Security Technology
Akamai
11:10-11:35
Networking Break
11:35-12:20
Panel 1: AI and Emerging Tech at the 2026 Security Frontline

Abstract
AI and new digital technologies will continue to shift the cybersecurity landscape in 2026. This session explores how modern tools can enhance detection, response, and decision making while introducing new risks tied to generative systems, data integrity, and fast moving threat innovation. Leaders will gain a clear view of how to adopt emerging technology in a responsible and strategic way that supports resilience and aligns with enterprise risk goals.

Key Takeaways
• How AI and emerging tech are reshaping core security functions
• The new risks created by generative models and evolving attack techniques
• Practical governance steps that support responsible AI use
• Examples of organizations pairing innovation with disciplined risk management

Igor Lasic
Igor Lasic
SVP Technology
ReversingLabs
Amit Gupta
Amit Gupta
VP, Product
Pindrop
Bernadette Dunn
Bernadette Dunn
Director of FAIR Enablement
FAIR Institute
James Derbyshire
James Derbyshire
Cybersecurity Entrepreneur
Harmonic Security
Philip Swarbrick
Philip Swarbrick
Vice President: Cybersecurity Solution
Unisys
Anna Sarnek
Anna Sarnek
VP Partner & Strategy
Terra Security
12:20-12:40
JFrog Presentation: Beyond Best-of-Breed: Architecting the Golden Path for Secure Delivery

KISS" (Keep It Simple, Stupid) is a luxury rarely afforded to modern security teams dealing with legacy tool sprawl. While executives push for consolidation to reduce budget and risk, the transition from disjointed "best-of-breed" tools to a unified ecosystem is fraught with friction. Too often, security tools serve SecOps well but remain invisible obstacles to the DevOps pipeline. This session guides security leaders through the difficult journey of dismantling complexity to build a team-neutral "Golden Path", as coined by Spotify back in 2020.  We will move beyond emotional attachments to specific tools and focus on defining objective business and regulatory requirements. Learn how to transform your security program from a bottleneck into a streamlined pipeline that delivers safer software, faster.  Unify Tooling: Integrate disparate tools into a simplified process that reduces paths to production.  Define Metrics: Develop KPIs that demonstrate success to Developers, Audit, and the C-Suite.  Drive Culture Change: Educate and encourage stakeholders to adopt the path of least resistance.  Prevent Drift: Implement detection mechanisms to ensure the pipeline remains streamlined.

Paul Davis
Paul Davis
Field CISO
JFrog
12:40-12:50
Innovation Spotlight - Kindo: AI Security That Fights Back

Attackers are using AI to move like coordinated swarms, compressing weeks of work into hours. This talk covers why traditional security stacks can't keep up and what it looks like when defenders start fighting back at machine speed.

Ken Kato
Ken Kato
CSO
Kindo
12:50-1:50
Lunch
1:50-2:10
Druva Presentation: Strengthen cyber resilience for Entra ID and Microsoft 365

AI-driven cyberattacks are growing in sophistication, threatening your business critical Entra ID and Microsoft 365 data. In this session, explore how these threats are evolving, and how to prepare for incident response. Learn why clean recovery, not just data recovery, is essential to strengthening your organization’s cyber resilience.

Vanessa Toves
Vanessa Toves
Microsoft 365 Solutions Architect
Druva
2:10-2:45
Panel 2: Securing the Extended Ecosystem: Supply Chains, Vendors, and Identities

Abstract:
As organizations expand their digital ecosystems, risks extend far beyond internal networks. Threat actors are increasingly exploiting supply chains, third-party vendors, and identity gaps to gain access. This session brings together cybersecurity leaders and solution providers to explore how these interwoven risks create a complex attack surface -and how technology can help mitigate them.

Panelists will share real-world examples, lessons from managing large vendor networks, and innovative tools and frameworks for continuous risk assessment. Discussions will highlight strategies for mapping hidden dependencies, enforcing strong identity governance, and strengthening resilience through automation, collaboration, and transparency. Attendees will gain actionable insights on reducing exposure, improving third-party risk visibility, and leveraging technology to secure their extended digital ecosystem.

Key Takeaways:
• Understand how supply chains, vendors, and identities amplify organizational risk.
• Explore practical methods and tools for assessing, monitoring, and mitigating third-party and ecosystem vulnerabilities.
• Learn how to treat identity as a security perimeter using zero trust, access governance, and automated solutions.
• Gain insights from real-world breaches that reveal common gaps in vendor and identity controls.
• Walk away with a technology-informed framework to enhance resilience, secure partnerships, and reduce exposure across your digital ecosystem.

Jeff Steadman
Jeff Steadman
Host
The Identity at the Center Podcast
Moderator
John Davies
John Davies
Principal Sales Engineer
Arctic Wolf
Kevin Hom
Kevin Hom
Senior Solutions Engineer
Cloudflare
2:45-2:55
Innovation Spotlight - Sophos: When the Firewall Becomes the Target: Inside Project Pacific Rim

Firewalls are built to be the gatekeepers of the network—but what happens when the gatekeeper becomes the target? Over several years, Sophos tracked and disrupted a sophisticated, state-linked campaign targeting edge devices across the industry.

This session unpacks what we learned from Project Pacific Rim: how advanced attackers exploit trust at the perimeter, how real-world response reshaped our product design and monitoring strategy, and why edge security must evolve beyond static defenses. We’ll explore the broader industry implications of compromised firewalls and what vendors and practitioners must do differently to reduce exposure, accelerate response, and build resilience into the very infrastructure designed to protect us.

Anurag Singh
Anurag Singh
Senior Sales Engineer
Sophos
2:55-3:05
Innovation Spotlight - Riot Security: From Culture to Posture: Strengthening Employee Security in the AI Era

Today's threats evolve faster than we can train our teams, and CISOs know that legacy awareness programs are no longer enough to stop sophisticated and adaptive attacks. By empowering users to take ownership of their daily cyber habits and actions, CISOs can limit their exposure to attacks, enable clearer reporting on key metrics, and build a stronger shared security posture across the organisation.

Benjamin NETTER
Benjamin NETTER
Founder & CEO
RIOT
3:05-3:25
Trend AI Presentation: Security Teams That See Around Corners: Mitigating AI Risk in Real Time

From vibe coding and autonomous agents to generative chatbots in everyday workflows, AI adoption is constant and occurring at a pace that most security programs have not been able to realistically govern. Well-intentioned employees, misaligned agents, overly permissive access, and weak data controls are introducing new forms of risk, often without malicious intent. At the same time, adversaries are actively probing these gaps through indirect prompt injection and jailbreaking techniques. But there's good news too. More often than not, failures leave signals long before they become significant incidents. In this session, you’ll learn how an AI security blueprint can help you identify emerging risk, align controls to new AI projects, and ensure adoption and deployment happen securely without impacting speed or access.

Shannon Murphy
Shannon Murphy
Global Security & Risk Strategist
Trend AI
3:25-3:50
Networking Break
3:50-4:35
Panel 3: Woman in Cyber, Knowledge dropping Tik/Tok style

Abstract:
Cybersecurity challenges are complex, and solving them requires teams with diverse perspectives, skills, and experiences. This panel explores how diversity drives better problem-solving, innovation, and threat detection in security organizations.

Panelists will share strategies for attracting and retaining talent from varied backgrounds, leveraging unique thinking styles, and applying different experiences to uncover blind spots in risk management. Attendees will gain actionable insights for building teams that are not only technically skilled but more adaptive, creative, and resilient in the face of evolving cyber threats.

Key Takeaways:

  • Understand how diversity strengthens problem-solving, innovation, and threat response.
  • Learn approaches to recruit and retain talent from non-traditional backgrounds.
  • Explore how different perspectives and thinking styles reveal hidden risks.
  • Gain strategies to create teams that are adaptable, collaborative, and resilient.
  • Walk away with practical ideas for integrating diversity into cybersecurity team design and strategy.
Deidre Diamond
Deidre Diamond
Founder & CEO
CyberSN
Moderator
Dana Brady
Dana Brady
Senior Director of Corporate Partnerships
Executive Women's Forum
Dina Atwell
Dina Atwell
Director of Program Management
Capital One
4:55-5:05
Innovation Spotlight - Unixi: Discover and Eliminate Credential Threats

Credential Theft remains the #1 way to breach data from the enterprise. The current solution set of SSO, password managers and cyber education have not made a dent in the associated threat vectors. The core of the problem: passwords remain the target and users continue to use critically weak, easily guessable and redundant passwords and continue to fall prey to various credential theft techniques. This session will introduce a revolutionary new approach to discovering and remediating credential liabilities and all associated risks by employing Key Derived Authentication (KDA). Attendees will gain an understanding of how KDA turns unmanaged applications into managed apps that no longer have user controlled passwords, resulting in eliminating all threats of credential theft, phishing, and AiTM attacks.

Rich Eisenberg
Rich Eisenberg
VP Client Development
Unixi
5:05-5:25
Presentation with Stephen Craig, Sr. Technical Architect, New York Presbyterian Hospital: Legacy Systems in an Age of Evolution

Healthcare organizations-and many enterprises like them-are built on decades of mission-critical systems that were never designed for today’s threat landscape, regulatory scrutiny, or cloud-centric operating models. These legacy platforms often remain indispensable, yet increasingly indefensible.

This presentation examines the real risks posed by aging systems in modern hybrid environments, particularly when budgets, clinical dependencies, and regulatory constraints limit replacement options. Drawing on lessons learned from large healthcare environments, we will explore pragmatic, cost-conscious strategies to reduce exposure without disrupting patient care or business operations.

Attendees will gain a clear understanding of why legacy systems remain one of the highest risk areas in the enterprise, how attackers exploit them, and what leadership can do today to contain that risk. The session concludes with concrete executive-level actions to initiate risk reduction, align stakeholders, and begin a realistic modernization roadmap that balances security, compliance, and operational reality.

Stephen Craig
Stephen Craig
Senior Technical Architect Information Security Department
New York-Presbyterian Hospital
5:25-6:25
Networking Reception

Speakers

Our speakers bring unmatched expertise and real-world experience in cybersecurity, risk management, and business strategy. Through engaging keynotes, panels, and discussions, they deliver actionable insights and practical solutions that help CISOs and security leaders stay ahead of evolving threats.

Dina Atwell
Dina Atwell
Director of Program Management
Capital One
Dana Brady
Dana Brady
Senior Director of Corporate Partnerships
Executive Women's Forum
Stephen Craig
Stephen Craig
Senior Technical Architect Information Security Department
New York-Presbyterian Hospital
John Davies
John Davies
Principal Sales Engineer
Arctic Wolf
Paul Davis
Paul Davis
Field CISO
JFrog
James Derbyshire
James Derbyshire
Cybersecurity Entrepreneur
Harmonic Security
Deidre Diamond
Deidre Diamond
Founder & CEO
CyberSN
Bernadette Dunn
Bernadette Dunn
Director of FAIR Enablement
FAIR Institute
Rich Eisenberg
Rich Eisenberg
VP Client Development
Unixi
Amit Gupta
Amit Gupta
VP, Product
Pindrop
Kevin Hom
Kevin Hom
Senior Solutions Engineer
Cloudflare
Ken Kato
Ken Kato
CSO
Kindo
Igor Lasic
Igor Lasic
SVP Technology
ReversingLabs
Shannon Murphy
Shannon Murphy
Global Security & Risk Strategist
Trend AI
Benjamin NETTER
Benjamin NETTER
Founder & CEO
RIOT
Michael Quinn
Michael Quinn
Senior Incident Responder
LevelBlue
Brian Roberts
Brian Roberts
Sales Manager
Huntress
Ron Ross
Ron Ross
Former Fellow
NIST
Anna Sarnek
Anna Sarnek
VP Partner & Strategy
Terra Security
Hank Schless
Hank Schless
Director, Product Marketing
Dataminr
Anurag Singh
Anurag Singh
Senior Sales Engineer
Sophos
Jeff Steadman
Jeff Steadman
Host
The Identity at the Center Podcast
Philip Swarbrick
Philip Swarbrick
Vice President: Cybersecurity Solution
Unisys
Vanessa Toves
Vanessa Toves
Microsoft 365 Solutions Architect
Druva
Michael Villar
Michael Villar
Director, Field Security Technology
Akamai
To speak at an upcoming summit, please fill out the Speaker Request form. »

Sponsors

The Official Cybersecurity Summit connects innovative solution providers with the cybersecurity leaders who evaluate and influence purchasing decisions. With a dynamic exhibition hall and a packed agenda of interactive panels and engaging sessions, this event offers unmatched opportunities to showcase solutions and build meaningful connections.

To sponsor at an upcoming summit, please fill out the Sponsor form. »

Partners

The Cybersecurity Summit is proud to partner with some of the industry’s most respected organizations in technology, information security, and business leadership.

If your organization is interested in partnering with The Cybersecurity Summit, please fill out the Partnership Form »

Admission to the Cybersecurity Summit is reserved exclusively for active cybersecurity, IT, Information security practitioners tasked with safeguarding their enterprises against cyber threats and managing cybersecurity solutions. All registrations are subject to review.

Students, interns, educators, individuals not currently employed in IT, and those in sales or marketing roles are not eligible to attend.

Additionally, if we are unable to verify your identity with the information you provided during registration, your attendance may be cancelled.

Please note these qualifications pertain to all attendees, including members of our partner organizations.