Most security programs measure effort — not outcomes. Organizations patch thousands of vulnerabilities, deploy dozens of tools, and run annual tabletop exercises… but when an attacker shows up, none of that matters.

What matters is whether they can prove their defenses actually work.

In this talk, Joshua Knox, Principal Cybersecurity Strategist of Horizon3.ai, shares how leading organizations are using autonomous pentesting to see their environment through the attacker’s eyes — continuously, safely, and at scale. By shifting from assumptions to proof, they’ve learned to:

• Prioritize what’s exploitable. Focus limited resources on the weaknesses that truly put the business at risk that are known to be abused by threat actors.
• Quickly fix what matters. Close the loop from find → fix → verify and reduce your exploitable attack surface.
• Reduce attacker dwell time. Use pentest results to precisely deploy honeyTokens to detect compromise early, and to continuously prove your EDR and SIEM are tuned and working as intended.

Cyber resilience isn’t about being perfect — it’s about getting better over time. And the only perspective that truly matters is the attacker’s.

Critical incidents rarely unfold with the predictability of a tabletop exercise. When a compromise is live, decisions are made under extreme pressure, visibility is clouded, and the cost of every misstep scales instantly.

In this session, Jonathan Chan shares hard-earned lessons from the front lines of incident handling. He will break down what organizations can realistically prevent, which defenses must be assumed to eventually fail, and how to move decisively once an intrusion is underway.

The discussion will dive into the psychological and operational workflows that prove most resilient during a crisis and why a battle-tested response plan is the single most important factor in organizational survival. Attendees will walk away with a practical framework to harden their defenses, sharpen their response, and minimize the long-term impact of inevitable cyber events.

Discover how Fastly’s programmable edge cloud platform is redefining online performance at the edge. This spotlight will  showcase how Fastly unifies edge compute, delivery, security, and observability to power fast, secure, and engaging digital experiences. You'll learn how leading organizations are leveraging the edge to build better, safer, and more reliable experiences for users everywhere.

AI has fundamentally changed what regulators, customers, and boards expect organizations to know — and prove — about the software they ship. In 2026, transparency is no longer a differentiator; it’s the baseline. From the EU Cyber Resilience Act to evolving U.S. guidance, organizations are under growing pressure to demonstrate how AI-enabled software is built, governed, and secured across the supply chain.  This session takes a candid look at the emerging reality of AI governance and software trust. Drawing on patterns Sonatype observes across thousands of development teams, we’ll explore how organizations are responding to new compliance expectations, where governance efforts break down, and what “good” looks like in practice. We’ll examine how transparency artifacts (including SBOMs) fit into broader governance programs — and why many fail to translate into real risk reduction or audit readiness.  

Attendees will learn:

- How AI governance and software transparency expectations are evolving in 2026

- What regulators and customers increasingly expect organizations to prove

- Common gaps that undermine AI and software trust initiatives

- Practical approaches to operationalizing transparency for compliance, risk reduction, and long-term trust

Abstract
AI and new digital technologies will continue to shift the cybersecurity landscape in 2026. This session explores how modern tools can enhance detection, response, and decision making while introducing new risks tied to generative systems, data integrity, and fast moving threat innovation. Leaders will gain a clear view of how to adopt emerging technology in a responsible and strategic way that supports resilience and aligns with enterprise risk goals.

Key Takeaways
• How AI and emerging tech are reshaping core security functions
• The new risks created by generative models and evolving attack techniques
• Practical governance steps that support responsible AI use
• Examples of organizations pairing innovation with disciplined risk management

KISS" (Keep It Simple, Stupid) is a luxury rarely afforded to modern security teams dealing with legacy tool sprawl. While executives push for consolidation to reduce budget and risk, the transition from disjointed "best-of-breed" tools to a unified ecosystem is fraught with friction. Too often, security tools serve SecOps well but remain invisible obstacles to the DevOps pipeline.

This session guides security leaders through the difficult journey of dismantling complexity to build a team-neutral "Golden Path", as coined by Spotify back in 2020.  

We will move beyond emotional attachments to specific tools and focus on defining objective business and regulatory requirements. Learn how to transform your security program from a bottleneck into a streamlined pipeline that delivers safer software, faster.  

• Unify Tooling: Integrate disparate tools into a simplified process that reduces paths to production.  
• Define Metrics: Develop KPIs that demonstrate success to Developers, Audit, and the C-Suite.  
• Drive Culture Change: Educate and encourage stakeholders to adopt the path of least resistance.  
• Prevent Drift: Implement detection mechanisms to ensure the pipeline remains streamlined.

Security leaders are being pushed to “use AI” in the SOC, but the real question is where autonomy belongs, and what you must control so it doesn’t create new risk while trying to reduce old risk. This session breaks down a pragmatic path from traditional SOAR automation to AI agents that can summarize incidents, enrich alerts, recommend actions, and execute response steps under policy-driven constraints. We’ll cover what agentic looks like in real operations (vs. demo magic), where humans stay in the loop, and how to keep decision-making explainable and auditable.

Malcolm Harkins shares his journey and learnings from more than three decades of managing high-performing people, leading successful teams, and finding fulfillment in an ideal state. Malcolm will explore his 'I Believe, I Belong, I Matter℠' framework, which is based on his own life lessons, and he'll share how to inspire a sense of purpose, passion, and persistence to avoid burnout. In this talk he will share how channeling personal and team emotions you can  make more empathetic and intelligent decisions. He will share  strategies for effectively managing conflict and resolving challenges with determination and resilience. You will learn techniques to enhance individual and team performance.

Recovery plans are no longer optional—they’re inevitable. In today’s evolving threat landscape, every business will be tested. Whether it is traditional disasters driven by nature or human error, or modern-day crises fueled by cyberattacks and ransomware, the stakes are higher than ever. How do you ensure your organization is prepared not just to survive, but to recover with confidence?

In this session, we’ll cover:

• The key stages of a cyberattack and what they mean for your business

• Best practices to reduce your exposure and minimize impact

• Essential tools and strategies to recover quickly if compromised

• What a real-world recovery looks like—and how to be ready for it

Fully autonomous pentesting promises speed but often sacrifices safety, credibility, and signal quality. This talk explains why autonomy without human control creates real risk, and outlines a better model: agentic execution with expert oversight that scales offensive security without breaking trust.

CIOs and CISOs are increasingly accountable for execution, risk reduction, and budget justification — yet most are operating with limited visibility into how their cyber and IT workforce actually functions. Org charts, job titles, and headcount reports fail to show how work is really performed across FTEs, contractors, consultants, and MSPs, creating blind spots that lead to burnout, stalled strategy, and unquantified risk.

In this session, Deidre Diamond, Founder & CEO of CyberSN, introduces Workforce Intelligence as a new operational lens for cyber and IT leadership. Drawing on real-world engagements with enterprise security and IT teams, this talk explores how leaders can gain clear and ongoing visibility into workforce utilization, capability gaps, and execution risk — without adding operational burden to already stretched teams.

Attendees will learn how workforce blind spots directly impact retention, strategy execution, and budget outcomes, why workforce risk is now a board-level concern, and how leading CIOs and CISOs are using workforce intelligence to move from reactive firefighting to intentional workforce design.

This session is designed for leaders who want to align people, skills, and spend to strategy — and confidently explain workforce risk and investment decisions to executives and boards.

Abstract:
Cybersecurity challenges are complex, and solving them requires teams with diverse perspectives, skills, and experiences. This panel explores how diversity drives better problem-solving, innovation, and threat detection in security organizations.

Panelists will share strategies for attracting and retaining talent from varied backgrounds, leveraging unique thinking styles, and applying different experiences to uncover blind spots in risk management. Attendees will gain actionable insights for building teams that are not only technically skilled but more adaptive, creative, and resilient in the face of evolving cyber threats.

Key Takeaways:

• Understand how diversity strengthens problem-solving, innovation, and threat response.
• Learn approaches to recruit and retain talent from non-traditional backgrounds.
• Explore how different perspectives and thinking styles reveal hidden risks.
• Gain strategies to create teams that are adaptable, collaborative, and resilient.
• Walk away with practical ideas for integrating diversity into cybersecurity team design and strategy.

By 2026, synthetic reality, autonomous AI agents, and machine‑speed cyber operations have collapsed the boundaries between truth and deception. In this keynote, Jennifer Raiford — CEO of GLOBE‑SEC, Chief Digital Trust & Risk Officer, and widely known as the Olivia Pope of Cyber and AI — unveils the emerging doctrine of digital deterrence. She explores how nations, enterprises, and critical infrastructure must adapt to adversaries that don’t sleep, don’t negotiate, and don’t need human operators. Drawing on national‑level advisory work, the GLOBE‑SEC Methodology, and cryptographic trust architectures like Enigma.io ($ENX), she outlines a new operating system for sovereignty, resilience, and verifiable truth. This session reframes cybersecurity as a strategic instrument of power — and digital trust as the defining currency of the next decade.

Attackers are no longer triggering alerts; they’re hiding in plain sight. This session shows how deception technology transforms attacker behavior into high-confidence detection signals. Learn how integrating deception into an Open Active XDR platform improves visibility, reduces noise, and enables faster, smarter response to real threats across modern enterprise environments

Modern PAM has evolved into broader identity security to address today’s cloud, non‑human, and AI‑driven threats. Organizations must now secure not only traditional privileged accounts but also identities with pathways to privilege. Fragmented security tools leave gaps across endpoints, cloud, SaaS, third‑party access, and emerging NHI/AI identities. Identity Security strengthens defense‑in‑depth by combining visibility, least privilege, and Zero Trust to prioritize and mitigate critical risks while improving compliance, meeting cyber insurance needs, and enhancing overall security posture.