Preliminary Agenda
as of May 2026
DAY 1 | Tuesday, September 8, 2026
| SESSION TITLE | SESSION DESCRIPTION |
|---|---|
| Exhibitor Load in and Set up | |
| Registration + Info Desk Opens | |
| Day 1 Introduction, National Anthem and Welcome Remarks | |
| Fireside | |
| General Session: Understanding the Modern Nation-State Threat Landscape | This session brings together top intelligence and industry analysts to unpack evolving state-sponsored cyber operations. The panel explores adversary motivations, strategic trends, supply-chain compromise strategies, and multi-year espionage campaigns targeting critical infrastructure and defense industries. Participants will break down attribution challenges, hybrid warfare escalation risks, and what the private sector must do to keep pace with increasingly stealthy campaigns. |
| General Session: Balancing Innovation and Risk: How AI is Shifting the Cybersecurity Landscape | AI is rewriting the rules for both cyber offense and defense. This panel dissects the emerging policy questions around automated vulnerability discovery, synthetic malware, scalable deception, and AI-powered SOC augmentation. Experts will debate regulatory guardrails, ethical limits, and pathways to innovation that don’t compromise safety. |
| Transition to A Breakouts | |
| Breakout A1: Weaponization of AI by Cyber Adversaries | AI is enabling automated reconnaissance, exploit generation, and phishing at scale. This panel explores AI risks, ethics, and how defenders must respond. |
| Breakout A2: Building Best of Class Cloud-Native Security | Cloud-native architectures demand a shift in defensive strategy—embracing serverless models, containers, ephemeral resources, and immutable infrastructure. This panel examines best practices along with emerging trends shaping this space. |
| Breakout A3: Burnout & Resilience in Cyber Operations | Cyber teams face constant pressure. This discussion covers burnout prevention, mental health programs, shift design, rest cycles, and leadership approaches. |
| Breakout A4: Predicting the Next Cyber “Black Swan” | Experts examine systemic risks—AI collapse scenarios, catastrophic supply-chain compromise, cloud provider outage, widespread identity infrastructure failure—and how organizations can prepare. |
| Breakout A5: Advanced Detection Engineering: Building High-Fidelity Detections That Actually Work | Detection engineers from cloud providers and large SOCs break down how they build robust detections for identity misuse, suspicious PowerShell activity, cloud abuse, and persistence techniques—complete with example rule frameworks. |
| Breakout A6: Supply Chain Security: A SBOM/HBOM Reality Check | SBOM mandates are rising, but adoption is inconsistent. This discussion covers real-world supply chain attacks, third-party risk scoring, SBOM tooling, and how regulators and vendors can meet in the middle. |
| Transition to B Breakouts | |
| Breakout B1: Deepfakes and Digital Deception: Protecting Federal Agencies in the Age of Synthetic Media | As generative AI accelerates the production of hyper-realistic synthetic media, federal agencies face an escalating challenge: deepfakes capable of impersonation, disinformation, social engineering, and operational disruption. This panel brings together experts from government, intelligence, and cybersecurity to examine the tactics adversaries are using, the vulnerabilities unique to federal missions, and the emerging tools for detection, authentication, and attribution. Panelists will explore policy gaps, workforce awareness needs, and practical steps agencies can take today to defend against AI-enabled deception campaigns targeting both individuals and institutions. |
| Breakout B2: Building Resilience for the Quantum-Enabled Era | Quantum computing threatens current cryptography. This panel explains the timeline, PQC migrations, NIST standards, crypto-agility, and what enterprises should do now to prepare. |
| Breakout B3: Beyond the Network Perimeter: Securing Systems Against Close-In Multi-Frequency Adversarial Tactics | Cyber threats are no longer confined to the digital domain: advanced actors now combine electromagnetic emissions, multifrequency interference, side-channel exploitation, and close-proximity access to compromise critical systems. This panel examines the intersection of RF-enabled attacks, hardware vulnerabilities, and cyber operations, focusing on how multifrequency probes, emanation analysis, and power-modulation techniques are reshaping the modern threat landscape. Panelists will discuss detection and shielding strategies, architectural hardening, and the operational challenges of defending air-gapped, high-assurance, and mission-critical environments. Participants will come away with a deeper understanding of how multifrequency and close-in vectors both complement and circumvent traditional cybersecurity defenses. |
| Breakout B4: Detecting and Countering Living-Off-the-Land (LOTL) Campaigns | LOTL attacks bypass traditional detections by using native OS tools and cloud services. This advanced technical panel explores behavioral analytics, telemetry fusion, identity-centric detection, and MITRE ATT&CK-informed hunt strategies. Experts walk through recent LOTL case studies and defense-in-depth approaches that work in modern hybrid environments. |
| Breakout B5: Governance of Large-Scale Data Practices | Both private and public sector entities generate and collect unprecedented volumes of data. This panel discusses ethical design, algorithmic transparency, consumer trust, and governance frameworks that can build trust in effective stewardship. |
| Breakout B6: The Gray Space: Navigating Third-Party Service, Cloud, and MSP Risks | Organizations now depend on managed service providers, SaaS platforms, and cloud operators for critical functions. These third-party services expand capability but also inherit risk—often becoming the attacker's easiest entry point. This panel focuses on evaluating and securing service providers, enforcing contractual safeguards, implementing shared responsibility frameworks, and monitoring for compromise in outsourced environments. Speakers will highlight lessons from major breaches involving MSPs and cloud supply chain exploitation. |
| Lunch + Exhibit Hall Opens | |
| Leadership Luncheon (Invitation-only) | Leadership is an essential ingredient to ensure that cybersecurity programs get to success as well as continue to build upon these successes to keep up with the cyber threat. This luncheon will feature several prominent leaders in the cyber field who will talk about their journeys to their current positions, highlight skill sets to focus on when considering future cyber leadership roles, and provide case studies to showcase the kinds of questions that leaders face daily to effectively do their job. |
| Fireside | |
| General Session: Harmonizing Cyber Regulations Across Sectors | Compliance complexity is rapidly increasing as overlapping cyber requirements emerge from the Cybersecurity and Infrastructure Security Agency (CISA), Environmental Protection Agency (EPA), Securities and Exchange Commission (SEC), Federal Trade Commission (FTC), and different state-level legislation. This panel explores how organizations can navigate these intersecting mandates, while regulators weigh whether harmonization is achievable—and what it would take to ease the burden on operators while strengthening national security. |
| General Session: Building Resilient Zero Trust Architectures in the Federal Space | Zero Trust is the new normal—but implementation is challenging. This panel discusses identity-first security, segmentation, continuous verification, and lessons learned in federal and enterprise deployments. |
| Exhibit Hall Break | |
| General Session: Cybersecurity in Healthcare & Medical Devices | Hospitals are high-value targets with life-or-death consequences. This panel explores ransomware prevention, medical device patching challenges, FDA requirements, and strengthening clinical cyber resilience. |
| Fireside | |
| Closing Remarks | |
| All-Attendee Reception | |
| VIP Reception in Partnership with the Embassy of Australia (Invitation-only) |
DAY 2 | Wednesday, September 9, 2026
| SESSION TITLE | SESSION DESCRIPTION |
|---|---|
| Registration + Info Desk Opens | |
| State and Local Leadership Council Breakfast Dialogue (Invitation-only) | |
| Main Session Doors Open | |
| Registration & Coffee | |
| Day 2 Welcome Remarks | |
| Fireside | |
| General Session: The Next Three Years of Public-Private Cyber Collaboration | A forward-looking conversation on shared defense, transparency, data sharing, integrated response, and the increasing private sector role in securing the U.S. from foreign cyberattack. |
| Fireside | |
| Exhibit Hall Break + Transition to C Breakouts | |
| Breakout C1: Securing Machine Learning Against Adversarial Threats | Attackers are now targeting ML models directly. This session covers adversarial examples, model inversion, poisoning, evasion, and supply chain risks in AI pipelines. The panel also addresses defensive ML architecture patterns. |
| Breakout C2: Hardening Identity: Real-World Techniques to Stop Token Theft, MFA Fatigue & Privilege Escalation | This panel will examine the practical identity-security failures threat actors exploit most frequently and the controls that demonstrably reduce risk. Panelists will outline field-tested approaches for strengthening authentication, constraining privilege, and disrupting attacker movement across complex enterprise environments. |
| Breakout C3: The Modern Purple Team: How to Turn Red Team Findings Into Real Defensive Improvements | This panel will explore how entities can operationalize adversarial testing results to measurably strengthen defensive architectures. Panelists will detail techniques for translating red-team insights into executable blue-team actions, continuous validation programs, and sustainable enterprise risk reduction. |
| Breakout C4: Building a Modern Malware Analysis Workflow: Tools, Automation & Rapid Triage | This panel will examine how security teams can modernize their analytical pipelines to rapidly dissect, classify, and respond to evolving malicious code. Panelists will discuss best-in-class tools, automated triage techniques, and workflow designs that enable analysts to move from initial detection to actionable intelligence with greater speed and precision. |
| Breakout C5: Building a Neurodiverse Cyber Workforce | Diverse teams outperform homogeneous ones. This panel identifies successful strategies for recruiting and supporting diverse and neurodiverse cyber talent. |
| Breakout C6: The Hidden Layer: Understanding Systemic Risk in Digital Supply Ecosystems | Modern systems rely on vast, interconnected webs of vendors, integrators, cloud providers, and service platforms—creating systemic risks that cannot be addressed by traditional compliance tools. This session looks at supply chain interdependencies, concentration risk, and the ways in which a single upstream failure can cascade across sectors. Panelists will discuss real-world incidents, strategies for measuring systemic exposure, and approaches to building resilient architectures capable of withstanding widespread supply chain disruption. |
| Transition to D Breakouts | |
| Breakout D1: Practical Automation for the SOC: Playbooks, Scripts & AI-Assisted Response | This panel will explore how security operations teams can streamline detection, triage, and remediation by integrating automation into daily workflows. Panelists will highlight proven approaches to orchestrating playbooks, leveraging scripting frameworks, and applying AI to reduce analyst burden and accelerate incident response. |
| Breakout D2: Cloud Forensics Deep Dive: How to Investigate Incidents in Cloud and Multi-Cloud Configurations | This panel will examine the investigative methodologies, tooling, and data-access strategies required to conduct effective forensics across diverse cloud environments. Panelists will walk through real-world challenges in evidence preservation, log acquisition, cross-cloud correlation, and applying forensic rigor at cloud scale. |
| Breakout D3: Securing Autonomous Vehicles and Smart Transportation | As transportation becomes increasingly autonomous and connected, new attack vectors arise: vehicle firmware, telematics, V2X communications, and fleet operations. Panelists will discuss standards, regulation, and coordinated testing. |
| Breakout D4: Hunting for Living-Off-the-Land Attacks: Practical Queries, Logs & Techniques | This panel will examine how adversaries leverage native tools, legitimate credentials, and built-in system functions to evade detection and persist inside enterprise environments. Panelists will discuss high-value log sources, proven detection queries, and field-tested analytic techniques that enable defenders to uncover subtle attacker activity at scale. |
| Breakout D5: The Future of Cyber Range Training | A look at the next generation of cyber training environments: immersive ranges, digital twins, joint government-industry exercises, and scalable simulation platforms. |
| Breakout D6: Trust but Verify: Assuring Integrity Across Foreign and High-Risk Vendors | Nation-state actors increasingly exploit supply chain access through compromised vendors, foreign manufacturing, and manipulated firmware or service providers. This panel explores how federal agencies and critical infrastructure operators can conduct enhanced due diligence, evaluate vendor provenance, and detect tampering or malicious insertion at points where visibility is traditionally limited. Attendees will learn practical steps for reducing reliance on high-risk suppliers and strengthening vendor assurance programs without slowing mission delivery. |
| Lunch Break | |
| Fireside | |
| General Session: AI-Augmented Cyber Defense: Hype vs Reality | AI promises transformative defensive capabilities, but comes with caveats. This panel evaluates real-world efficiency gains in SOCs, automated detection, dynamic response, and false positive reduction. Experts will outline what AI can and cannot do today. |
| PM Break | |
| General Session: How Effective Data Sharing Wins the Cybersecurity War | Maintaining the edge in national security is not just secrecy alone, it also entails the secure and agile distribution of information to mission partners, allies, and other agencies that have a need to know. This panel will discuss how we properly safeguard data and still enable mission partners to access information efficiently and at the speed of war or business. |
| General Session: Driving the Cyber Direction for U.S. DoW’s WarFighters | This panel brings together senior cyber advisors from the Army, Navy, and Air Force to discuss how each service is shaping its cyber strategy to support mission success in an increasingly contested digital battlespace. Panelists will explore the balance between offensive and defensive cyber operations, the role of innovation in accelerating capability delivery, and the importance of partnerships across joint forces, industry, and allied nations. |
| Closing Remarks | |
| All-Attendee Reception | |
| VIP Reception in Partnership with the Embassy of Canada (Invitation-only) |
DAY 3 | Thursday, September 10, 2026
| SESSION TITLE | SESSION DESCRIPTION |
|---|---|
| Registration + Info Desk Open | |
| Main Session Doors Open | |
| Day 3 Welcome Remarks | |
| Fireside | |
| General Session: Balancing the Cyber Budget: Offense, Defense, and the Path Forward | This lively debate pits offensive and defensive experts against each other to answer: “Should we spend more on preventing breaches or disrupting adversaries?” Participants explore economics, effectiveness, and strategy. |
| Exhibit Hall Break | |
| General Session: The Security of Space | Space-based infrastructure is now a prime target for espionage and disruption. This panel covers satellite command-link security, commercial launch systems, interference, and spoofing. |
| General Session: The Evolving Role of Government in Private-Sector Defense | Government agencies increasingly coordinate with private-sector defenders, raising questions about visibility, liability protections, and emergency authorities. This session examines optimal boundaries between government assistance and corporate autonomy, voluntary vs. required information sharing, and how to responsibly operationalize public-private cyber coordination. |
| General Session: Closing the Cyber Talent Gap | Cyber roles remain hard to fill. Experts explore apprentice programs, AI-assisted training, nontraditional career pathways, and workforce diversity. |
| Lunch Break | |
| Fireside | |
| General Session: The Future of Cyber Warfare | As federal agencies and infrastructure operators confront rising cyber risks across their supply chains, CMMC offers a valuable case study in setting up enforceable cybersecurity baselines for diverse contractors and vendors. This panel examines how CMMC’s assessment methodologies, compliance mechanisms, and maturity tiers could inform broader critical infrastructure protection efforts. Speakers from DoW, DHS, industry primes, and regulated sectors will discuss lessons learned from early CMMC adoption, the challenges of scaling certification frameworks, and the realities of extending assurance requirements into complex, multi-tiered supply environments. Attendees will gain insight into whether—and how—CMMC concepts might be adapted to improve cyber readiness across the nation’s most essential sectors. |
| General Session: What Are We Collectively Learning From Major Cyber Breaches | Using recent large-scale incidents (SolarWinds, Colonial Pipeline, MOVEit), this panel examines the strengths and weaknesses of joint public-private incident response. Topics include coordination models, sharing sensitive telemetry, crisis communications, and how to manage simultaneous technical and geopolitical consequences. Attendees gain a clear perspective on how IR partnerships must evolve. |
| PM Break | |
| General Session: Exploring National Programs to Make Critical Infrastructure More Resilient | Cyber operations increasingly affect geopolitics, requiring nations to establish shared norms and red lines. This panel explores ways the global allied community is looking to make their critical infrastructures more resilient in the face of potential large scale cyberattacks. |
| Fireside | |
| Closing Remarks | |
| VIP Reception in Partnership with the British Embassy Washington (Invitation-only) |