The 9th Philadelphia Official Cybersecurity Summit is the must-attend event for CISOs and senior leaders looking to strengthen resilience, reduce risk, and align security with business goals. Join top executives, innovators, and experts for a full day of actionable insights, cutting-edge solutions, and high-impact networking. Experience interactive panels, exclusive solution showcases, and strategic discussions that go beyond theory to deliver real-world results, all complemented by a catered breakfast, networking lunch, and closing cocktail reception.

Featured Speakers

Jeffrey Hunter
Jeffrey Hunter
Supervisory Special Agent
FBI Philadelphia
Mandi Cohen
Mandi Cohen
Managing Director
Deloitte
Stephen Craig
Stephen Craig
Senior Technical Architect Information Security Department
New York-Presbyterian Hospital
Jonathan Braley
Jonathan Braley
Executive Director
IT-ISAC

Key Issues Covered at The Official Cybersecurity Summit

AI, Automation, and Emerging-Tech Risk (and Opportunity)

As artificial intelligence, automation, and new digital technologies accelerate across every industry, cybersecurity leaders face both unprecedented risk and powerful opportunity. The summit will explore how Cybersecurity leaders and their teams can harness emerging technologies to strengthen resilience, streamline operations, and stay ahead of adversaries who are equally quick to innovate. Attendees will gain insight into real-world applications of AI for threat detection, incident response, and decision intelligence, while learning how to identify and mitigate the new classes of vulnerabilities these tools introduce.

From generative AI and large language models to autonomous security systems and deepfake detection, these discussions will separate hype from reality. Experts will share practical frameworks for governing AI responsibly, managing data integrity, and aligning innovation with enterprise risk management. The conversations will help cybersecurity executives navigate the complex balance between embracing emerging technology for competitive advantage and ensuring it doesn’t become their next threat vector.

Key Takeaways:
• Learn how AI and automation are transforming threat detection, incident response, and security operations in measurable ways.
• Practical strategies for managing and mitigating new risks created by emerging technologies like generative AI and autonomous systems.
• Frameworks for responsible AI governance, including data integrity, transparency, and regulatory alignment.
• Real-world examples of organizations balancing innovation with security and risk management priorities.
• Actionable insights cybersecurity leaders can take back to their teams to prepare for the next wave of AI-driven threats and opportunities.

Supply Chain, Third-Party Ecosystem, and Identity Attack Surface

As organizations expand their digital ecosystems, the lines between internal and external risk are rapidly disappearing. Today’s threat actors know that the fastest way into a network isn’t always through the front door. From compromised vendors and cloud integrations to weak identity controls, attackers are exploiting every link in the chain. The summit brings cybersecurity leaders together to unpack how supply chain vulnerabilities, third-party dependencies, and identity-based risks are converging to create a complex and often underestimated attack surface.

Cybersecurity executives will explore real-world examples of cascading breaches, lessons learned from managing large vendor ecosystems, and emerging frameworks for continuous third-party risk monitoring. The discussions highlight strategies for mapping hidden connections, enforcing stronger identity governance, and building resilience through transparency and collaboration. Attendees will walk away with practical insights for reducing exposure and strengthening trust across every part of their digital supply chain.

Key Takeaways:
• Understand how interconnected supply chains and third-party vendors expand your organization’s attack surface.
• Learn proven methods to assess, monitor, and mitigate risks across your extended digital ecosystem.
• Explore best practices for managing identity as the new security perimeter, including zero trust and access governance strategies.
• Gain insights from real-world breach scenarios that reveal common breakdowns in vendor and identity controls.
• Leave with an actionable framework to improve third-party risk visibility, strengthen resilience, and build more secure partnerships.

Resilience, Risk, and Results: Aligning Security with Business Outcomes

In today’s threat landscape, resilience is more than just recovery - it’s readiness, adaptability, and alignment with the business mission. The summit explores how forward-thinking cybersecurity executives are quantifying cyber risk to drive smarter investments and communicate value in business terms. By translating technical controls into measurable business impact, cybersecurity leaders are helping their organizations make data-driven decisions that balance protection with performance.

Join top executives and thought leaders for in-depth discussions on the frameworks, metrics, and real-world practices shaping the next generation of cyber resilience. From risk quantification models to boardroom-ready reporting, this conversation will reveal how leading security teams are reframing cybersecurity as a strategic business enabler - bridging the gap between risk reduction and results.

Key Takeaways:
• Learn how to translate cybersecurity metrics into meaningful business outcomes that resonate with executive leadership and the board.
• Explore practical approaches to cyber risk quantification that help prioritize investments and justify budget decisions.
• Understand how resilience strategies can align with overall business continuity and growth objectives.
• Gain insights from leading CISOs on how they communicate security value across the organization to drive engagement and accountability.
• Discover frameworks and tools that connect operational security performance with measurable business impact.

Top 6 Reasons to Attend the Cybersecurity Summit

1
Learn

Learn from renowned experts from around the globe on how to protect & defend your business from cyber attacks during interactive panels & fast track discussions.

2
Evaluate Demonstrations

Evaluate and see demonstrations from dozens of cutting-edge cybersecurity solution providers that can best protect your enterprise from the latest threats.

3
Time, Travel & Money

Our mission is to bring the cyber summit to the decisionmakers in the nation’s top cities. Our events are limited to one day only and are produced within first-class hotels, not convention centers.

4
Engage, Network, Socialize & Share

Engage, network, socialize and share with hundreds of fellow business leaders, cybersecurity experts, C-Suite executives, and entrepreneurs. All attendees are pre-screened and approved in advance. On-site attendance is limited in order to maintain an intimate environment conducive to peer-to-peer interaction and learning.

5
CEUs / CPE Credits

By attending a full day at the Cybersecurity Summit, you will receive a certificate granting you Continuing Education Units (CEU) or Continuing Professional Education (CPE) credits. To earn these credits you must participate for the entire summit and confirm your attendance at the end of the day.

6
A Worthwhile Investment

By investing one day at the summit you may save your company millions of dollars, avoid stock devaluation, and potential litigation.

Questions

For any questions, please contact our
Registration Team.

Sponsor

To sponsor at an upcoming summit, please fill out the
Sponsor Form.

Admission to the Cybersecurity Summit is reserved exclusively for active cybersecurity, IT, Information security practitioners tasked with safeguarding their enterprises against cyber threats and managing cybersecurity solutions. All registrations are subject to review.
 
Students, interns, educators, individuals not currently employed in IT, and those in sales or marketing roles are not eligible to attend.
 
Additionally, if we are unable to verify your identity with the information you provided during registration, your attendance may be cancelled.
 
Please note these qualifications pertain to all attendees, including members of our partner organizations.

Agenda

The Official Cybersecurity Summit delivers high-impact sessions designed to help leaders strengthen resilience, protect critical infrastructure, and align security with business goals.

Attendees will gain actionable insights from expert panels, explore cutting-edge solutions, and connect directly with top industry innovators - making this a can’t-miss agenda for CISOs and security executives.

8:00-9:00
Networking Breakfast
9:00-9:05
Welcome
9:05-9:10
Welcoming Remarks
10:10-10:20
Innovation Spotlight - Huntress Labs: Defending the Rest of Us Resilience for Organizations of All Sizes

News headlines show you the breaches at massive corporations, but it’s everyday organizations that face the most threats. Adversaries prey on the human psyche and use AI to advance their tactics and target the companies that keep our communities running.  For these companies, a ransomware or BEC attack isn’t just a stressful event—it’s the reason they can’t make payroll. This session explores how hackers plan to win, and why you don’t need a massive budget to fight back.  We’ll get into how Huntress brings cyber resilience through a powerful combo of purpose-built technology and human SOC expertise to stop threats before they cause damage—because organizations of ALL sizes deserve a fighting chance against attackers.

Rachel Silver
Rachel Silver
Sales Engineer
Huntress
10:20-10:40
Beyond Trust Presentation: Modern Approach to Identity Security

As threats have evolved so too has the approach to Modern Identity Security. A Privilege-Centric approach must be adopted and considered with this evolution. Identity and user management for all accounts within an organization must mature to meet the demands of the cloud, nonhuman identities, Agentic AI and modern attack vectors. Your PAM strategy must now manage and mitigate not only traditional privileged access (root and admin) but also attacks against identities with a path to privileged access. These paths to privilege still remain one of the most valuable targets for cybercriminals because many organizations are defending their environments with fragmented or siloed security strategies and solutions. Security gaps and risks lie in endpoints, cloud environments, Saas Applications, third-party access and now Agentic AI and NHI which make the battleground even harder to defend. Identity Security builds on the foundation of defense-in-depth, coupling visibility with least privilege and Zero Trust while addressing critical risks with priority and exposing less-than critical risks for awareness. Leverage a strategy that works, improves compliance, helps meet cyber insurance mandates, enhances security posture, while giving you the visibility needed to protect your environment.

Christopher Hills
Christopher Hills
Chief Security Strategist
BeyondTrust
10:40-11:00
Rubrik Presentation: When Prevention Fails: Orchestrating Identity Recovery and Cloud Resilience

Identity-based attacks are a CISO's nightmare, with 90% of cyber intrusions leveraging phished or leaked credentials and privilege escalation. Once compromised, attackers can move anywhere across the data estate and are frequently infiltrating your cloud environments. In this session, we'll dive into the unified approach of Rubrik Identity and Cloud Resilience, demonstrating how it goes beyond traditional data protection to secure your entire hybrid identity, including Active Directory and Entra ID, as well as safeguarding your ability to recover data after an incident. We'll explore how to proactively manage identity and data risk, continuously monitor for changes, and—when prevention fails—orchestrate a fast, clean recovery of all of your data across your identity and cloud platforms. You will learn how your organization can maintain business continuity, even in the face of a catastrophic event.

Matt Castriotta
Matt Castriotta
Field CTO, Cloud
Rubrik
11:00-11:30
Networking Break
11:30-12:00
Panel 1: AI and Emerging Tech at the 2026 Security Frontline

Abstract
AI and new digital technologies will continue to shift the cybersecurity landscape in 2026. This session explores how modern tools can enhance detection, response, and decision making while introducing new risks tied to generative systems, data integrity, and fast moving threat innovation. Leaders will gain a clear view of how to adopt emerging technology in a responsible and strategic way that supports resilience and aligns with enterprise risk goals.

Key Takeaways
• How AI and emerging tech are reshaping core security functions
• The new risks created by generative models and evolving attack techniques
• Practical governance steps that support responsible AI use
• Examples of organizations pairing innovation with disciplined risk management

12:00-12:20
Presentation with Mandi Cohen, Managing Director, Deloitte: Cybersecurity in Large Scale Sporting Events

Large-scale sporting events present a uniquely complex cybersecurity environment, where millions of fans, global media coverage, interconnected venues, and critical infrastructure create an expanded and highly visible attack surface. As events grow in scale and digital dependence, protecting them requires more than the efforts of a single organization; it demands a coordinated community approach. This presentation explores how collaboration among event organizers, government agencies, technology providers, venue operators, and local partners strengthens cybersecurity resilience before, during, and after major sporting events. Drawing on lessons learned from recent global competitions, it highlights the importance of shared intelligence, integrated planning, joint incident response, and public-private partnerships. By viewing cybersecurity as a collective responsibility across the entire event ecosystem, communities can better anticipate threats, protect critical systems, and ensure that athletes and fans experience safe, seamless, and secure events.

Mandi Cohen
Mandi Cohen
Managing Director
Deloitte
12:20-12:40
Netskope Presentation: Scaling AI Securely: Strategies for High-Velocity Enterprise Deployment

AI is reshaping enterprise security, demanding a new balance between speed and oversight. Security teams are now tasked with supporting rapid AI integration without becoming a bottleneck. This session breaks down the mechanics of securing AI usage at scale, offering a clear roadmap for maintaining data integrity and operational consistency in an AI-first landscape.

Jim Menkevich
Jim Menkevich
Senior Solutions Engineer
Netskope
12:40-1:00
Specops Software Presentation: How I Met Your... Access Breach: The Unexpected Story of Zero Trust, Identity & Device Security

Workforce access has never been more dynamic or more unpredictable. Users connect from anywhere, on devices that shift daily between personal, managed, trusted, and unknown, and security teams are expected to make the right call every time. Identity tells you who is connecting, but today’s environments make it equally critical to understand what they’re connecting with.  

Because if you don’t trust the device, you can’t trust the access. This session explores how identity and device trust come together to meet the real access challenges organizations face and why this perspective is essential for secure, resilient workforce access. Curious how this story shapes the future of secure access in 2026? Join us to find out.

Darren Siegel
Darren Siegel
Head of Sales Engineering
Specops Software
1:00-2:00
Lunch
2:00-2:30
Panel 2: Securing the Extended Ecosystem: Supply Chains, Vendors, and Identities

Abstract:
As organizations expand their digital ecosystems, risks extend far beyond internal networks. Threat actors are increasingly exploiting supply chains, third-party vendors, and identity gaps to gain access. This session brings together cybersecurity leaders and solution providers to explore how these interwoven risks create a complex attack surface -and how technology can help mitigate them.

Panelists will share real-world examples, lessons from managing large vendor networks, and innovative tools and frameworks for continuous risk assessment. Discussions will highlight strategies for mapping hidden dependencies, enforcing strong identity governance, and strengthening resilience through automation, collaboration, and transparency. Attendees will gain actionable insights on reducing exposure, improving third-party risk visibility, and leveraging technology to secure their extended digital ecosystem.

Key Takeaways:
• Understand how supply chains, vendors, and identities amplify organizational risk.
• Explore practical methods and tools for assessing, monitoring, and mitigating third-party and ecosystem vulnerabilities.
• Learn how to treat identity as a security perimeter using zero trust, access governance, and automated solutions.
• Gain insights from real-world breaches that reveal common gaps in vendor and identity controls.
• Walk away with a technology-informed framework to enhance resilience, secure partnerships, and reduce exposure across your digital ecosystem.

Stephen Craig
Stephen Craig
Senior Technical Architect Information Security Department
New York-Presbyterian Hospital
Jonathan Braley
Jonathan Braley
Executive Director
IT-ISAC
2:30-2:40
Innovation Spotlight - Sublime Security: Machine vs Machine: Winning the new security arms race

We stand at the dawn of a new security paradigm where autonomous systems on both sides of the battlefield are changing the dynamics of attack and defense. Drawing on recent Google Threat Intelligence findings, this session reveals how nation-state actors and cybercriminals are already weaponizing AI while showcasing how defensive AI agents can create self-improving security systems. Learn how the constraints of cost, latency, and efficacy are shaping this machine-vs-machine future, and discover how autonomous agents and domain-specific languages enable a continuous feedback loop to rapidly strengthen defenses.

Joe Rosko
Joe Rosko
Account Executive
Sublime
2:40-2:50
Innovation Spotlight - Expel: Battle burnout: unplug from the SOC, supercharge performance

Discover how Expel helps free security leaders and operators from SOC monotony, leading to better performance and happier analysts.

Michael Ibarra
Michael Ibarra
Principal Solutions Architect
Expel
2:50-3:10
Presentation with Stephen Craig, Senior Technical Architect, New York Presbyterian Hospital: Legacy Systems in an Age of Evolution

Healthcare organizations-and many enterprises like them-are built on decades of mission-critical systems that were never designed for today’s threat landscape, regulatory scrutiny, or cloud-centric operating models. These legacy platforms often remain indispensable, yet increasingly indefensible.    

This presentation examines the real risks posed by aging systems in modern hybrid environments, particularly when budgets, clinical dependencies, and regulatory constraints limit replacement options. Drawing on lessons learned from large healthcare environments, we will explore pragmatic, cost-conscious strategies to reduce exposure without disrupting patient care or business operations.    

Attendees will gain a clear understanding of why legacy systems remain one of the highest risk areas in the enterprise, how attackers exploit them, and what leadership can do today to contain that risk. The session concludes with concrete executive-level actions to initiate risk reduction, align stakeholders, and begin a realistic modernization roadmap that balances security, compliance, and operational reality.

Stephen Craig
Stephen Craig
Senior Technical Architect Information Security Department
New York-Presbyterian Hospital
3:10-3:40
Networking Break
3:40-4:00
Presentation with Jonathan Braley, Executive Director, IT-ISAC: Inside the IT Sector Cyber Threat Landscape: Key Findings from 2025 and Beyond

The cyber threat landscape continues to evolve rapidly, with the IT sector regularly targeted as a gateway to impact broader supply chains. Drawing on insights from the Information Technology - Information Sharing and Analysis Center (IT-ISAC) updated annual cyber threat report, this session will provide a concise overview of the sector’s top threats of 2025. Highlights include an overview of the actors most aggressively targeting IT companies and a rundown of the tactics, techniques, and procedures most commonly used by these adversaries, as well as a more specific look at ransomware groups and their impact on the sector.

The presentation will also explore what lies ahead in 2026 as advances in technology, especially artificial intelligence, enable faster, more scalable cyberattacks. Attendees will leave with a clear understanding of the evolving IT threat landscape, and actionable insights to help their teams strengthen resilience and reduce risk across their own organizations and associated supply chains.

Jonathan Braley
Jonathan Braley
Executive Director
IT-ISAC
4:00-4:10
Innovation Spotlight - Fidelis Security: Turning Attackers into Signals: How Deception Changes Modern Threat Detection

Attackers are no longer triggering alerts; they’re hiding in plain sight. This session shows how deception technology transforms attacker behavior into high-confidence detection signals. Learn how integrating deception into an Open Active XDR platform improves visibility, reduces noise, and enables faster, smarter response to real threats across modern enterprise environments

Jim Skelly
Jim Skelly
Engineer
Fidelis Security
4:10-4:20
Innovation Spotlight - Specter Opps: The Legitimate Intruder

In most cases, identity-based breaches are not caused by "hacking" in the Hollywood sense, but rather by "logging in." In a standard Active Directory environment, human identities are often the weakest link in security due to risks from social engineering, credential reuse, and over-privilege.

Bobby Mazzotti
Bobby Mazzotti
Sales Engineering Manager
SpecterOps
4:20-4:50
Closing Security Briefing with Jeff Hunter, Supervisory Special Agent, FBI Philadelphia
Jeffrey Hunter
Jeffrey Hunter
Supervisory Special Agent
FBI Philadelphia
4:50-5:50
Networking Reception

Speakers

Our speakers bring unmatched expertise and real-world experience in cybersecurity, risk management, and business strategy. Through engaging keynotes, panels, and discussions, they deliver actionable insights and practical solutions that help CISOs and security leaders stay ahead of evolving threats.

Jonathan Braley
Jonathan Braley
Executive Director
IT-ISAC
Matt Castriotta
Matt Castriotta
Field CTO, Cloud
Rubrik
Mandi Cohen
Mandi Cohen
Managing Director
Deloitte
Stephen Craig
Stephen Craig
Senior Technical Architect Information Security Department
New York-Presbyterian Hospital
Christopher Hills
Christopher Hills
Chief Security Strategist
BeyondTrust
Jeffrey Hunter
Jeffrey Hunter
Supervisory Special Agent
FBI Philadelphia
Michael Ibarra
Michael Ibarra
Principal Solutions Architect
Expel
Bobby Mazzotti
Bobby Mazzotti
Sales Engineering Manager
SpecterOps
Jim Menkevich
Jim Menkevich
Senior Solutions Engineer
Netskope
Joe Rosko
Joe Rosko
Account Executive
Sublime
Darren Siegel
Darren Siegel
Head of Sales Engineering
Specops Software
Rachel Silver
Rachel Silver
Sales Engineer
Huntress
Jim Skelly
Jim Skelly
Engineer
Fidelis Security
To speak at an upcoming summit, please fill out the Speaker Request form. »

Sponsors

The Official Cybersecurity Summit connects innovative solution providers with the cybersecurity leaders who evaluate and influence purchasing decisions. With a dynamic exhibition hall and a packed agenda of interactive panels and engaging sessions, this event offers unmatched opportunities to showcase solutions and build meaningful connections.

To sponsor at an upcoming summit, please fill out the Sponsor form. »

Partners

The Cybersecurity Summit is proud to partner with some of the industry’s most respected organizations in technology, information security, and business leadership.

If your organization is interested in partnering with The Cybersecurity Summit, please fill out the Partnership Form »

Admission to the Cybersecurity Summit is reserved exclusively for active cybersecurity, IT, Information security practitioners tasked with safeguarding their enterprises against cyber threats and managing cybersecurity solutions. All registrations are subject to review.

Students, interns, educators, individuals not currently employed in IT, and those in sales or marketing roles are not eligible to attend.

Additionally, if we are unable to verify your identity with the information you provided during registration, your attendance may be cancelled.

Please note these qualifications pertain to all attendees, including members of our partner organizations.