Dr. Ron Ross, a living legend in cybersecurity and one of the most influential architects of our nation’s cyber defense frameworks, joins us in-person for an extraordinary keynote conversation not to be missed. With decades of pioneering work at NIST, including authoring landmark initiatives like the Risk Management Framework and the NIST Systems Security Engineering Guidelines, Dr. Ross brings unmatched insight into the future of cybersecurity. This powerful session will explore the most urgent priorities and transformative strategies needed to ignite meaningful change in our cyber posture. Dr. Ross will also share freely available tools and resources designed to empower practitioners across sectors. Don’t miss this rare opportunity to engage with one of cybersecurity’s most visionary leaders.
APIs are now the primary interface for modern digital businesses, concentrating identity, data, and control in a single layer, and making them a prime target for attackers. Across cloud, SaaS, and enterprise environments, adversaries increasingly exploit APIs for initial access, establish persistence using tokens or service identities, and move laterally through internal APIs and trusted service-to-service communication. This session breaks down the modern API-driven attack path using real-world incidents, explaining why API breaches so often escalate, why perimeter-based defenses fail to contain them, and how organizations can shift toward runtime detection and east-west containment. The focus is on resilience: limiting blast radius and keeping API incidents from becoming full-environment compromises.
Abstract
AI and new digital technologies will continue to shift the cybersecurity landscape in 2026. This session explores how modern tools can enhance detection, response, and decision making while introducing new risks tied to generative systems, data integrity, and fast moving threat innovation. Leaders will gain a clear view of how to adopt emerging technology in a responsible and strategic way that supports resilience and aligns with enterprise risk goals.
Key Takeaways
• How AI and emerging tech are reshaping core security functions
• The new risks created by generative models and evolving attack techniques
• Practical governance steps that support responsible AI use
• Examples of organizations pairing innovation with disciplined risk management
Abstract:
As organizations expand their digital ecosystems, risks extend far beyond internal networks. Threat actors are increasingly exploiting supply chains, third-party vendors, and identity gaps to gain access. This session brings together cybersecurity leaders and solution providers to explore how these interwoven risks create a complex attack surface -and how technology can help mitigate them.
Panelists will share real-world examples, lessons from managing large vendor networks, and innovative tools and frameworks for continuous risk assessment. Discussions will highlight strategies for mapping hidden dependencies, enforcing strong identity governance, and strengthening resilience through automation, collaboration, and transparency. Attendees will gain actionable insights on reducing exposure, improving third-party risk visibility, and leveraging technology to secure their extended digital ecosystem.
Key Takeaways:
• Understand how supply chains, vendors, and identities amplify organizational risk.
• Explore practical methods and tools for assessing, monitoring, and mitigating third-party and ecosystem vulnerabilities.
• Learn how to treat identity as a security perimeter using zero trust, access governance, and automated solutions.
• Gain insights from real-world breaches that reveal common gaps in vendor and identity controls.
• Walk away with a technology-informed framework to enhance resilience, secure partnerships, and reduce exposure across your digital ecosystem.
CIOs and CISOs are increasingly accountable for execution, risk reduction, and budget justification — yet most are operating with limited visibility into how their cyber and IT workforce actually functions. Org charts, job titles, and headcount reports fail to show how work is really performed across FTEs, contractors, consultants, and MSPs, creating blind spots that lead to burnout, stalled strategy, and unquantified risk.
In this session, Deidre Diamond, Founder & CEO of CyberSN, introduces Workforce Intelligence as a new operational lens for cyber and IT leadership. Drawing on real-world engagements with enterprise security and IT teams, this talk explores how leaders can gain clear and ongoing visibility into workforce utilization, capability gaps, and execution risk — without adding operational burden to already stretched teams.
Attendees will learn how workforce blind spots directly impact retention, strategy execution, and budget outcomes, why workforce risk is now a board-level concern, and how leading CIOs and CISOs are using workforce intelligence to move from reactive firefighting to intentional workforce design.
This session is designed for leaders who want to align people, skills, and spend to strategy — and confidently explain workforce risk and investment decisions to executives and boards.
Cybersecurity is no longer just a technology challenge — it is a leadership, workforce, and resilience mandate. In this candid and forward-looking discussion, leading women in security will share their perspectives on four defining issues shaping our industry today: the rapid acceleration of AI in both offense and defense; the reality that identity has become the new perimeter; the growing complexity of cloud, SaaS, and third-party ecosystem risk; and the often-overlooked impact of workforce health on operational resilience.
The chronic shortage of effective cybersecurity talent is a critical national security, as well as economic and company competitiveness issue. And unlike in other tech segments, AI advancements are likely to increase the number of cybersecurity openings with AI governance, administration of embedded AI cybersecurity capabilities, and AI-empower hacking creating more jobs than automation will eliminate.
There is a segment of our population - in fact, a majority of our fellow Americans - who have no path to cybersecurity jobs even though they may have the requisite, fundamental aptitude. This session explores an experiment by cybersecurity software/service providers, and "end user companies" with significant cybersecurity operations to determine how they might be able to tap this job-ready talent pool - and the program that is scaling the solution across the country.
Credential Theft remains the #1 way to breach data from the enterprise. The current solution set of SSO, password managers and cyber education have not made a dent in the associated threat vectors. The core of the problem: Unmanaged applications outside the purview of traditional SSO do not have Identity and Access controls governing them. These non-SAML, unmanaged apps (many unknown to security) rely on highly vulnerable passwords for authentication. As a result, end-users continue to fall prey to various credential theft techniques that result in data loss. This session will introduce a revolutionary new approach to discovering, managing and eliminating liabilities in unmanaged apps, halting virtually all associated threats. Utilizing a new algorithm called Key Derived Authentication (KDA), attendees will gain an understanding of how KDA controls identities and access in unmanaged apps, turning them into managed, auditable apps that no longer have passwords. The result: the elimination of all credential and phishing based attacks.
Find out how you can become a sponsor and grow your business by meeting and spending quality time with key decision makers and dramatically shorten your sales cycle. View Prospectus
