Sunday, May 31, 2026 / 3:00:00 PM - 7:30:00 PM EST
Cherry Blossom Ballroom
Registration and Information hours for the day.
Sunday, May 31, 2026 / 6:00:00 PM - 7:30:00 PM EST
Lower Atrium
CISO Welcome Reception Hosted by Sophos
Monday, June 01, 2026 / 7:30:00 AM - 9:30:00 AM EST
Prince George's Hall E
Join other attendees for breakfast before the day's sessions.
Monday, June 01, 2026 / 7:30:00 AM - 9:00:00 AM EST
RiverView Ballroom
The security landscape is volatile, evolving and complex. To add to the complexity, security threats could come from all areas of what Gartner refers to as Tapestry — technology, politics, economics, social, trust, regulatory and environmental (TPESTRE). This session discusses the seven forces that will threaten your organization's future. Breakfast service will begin at 7:30 am; The speaker will present from 8:00 am - 8:30 am, with an interactive discussion following from 8:30 am - 9:00 am.
Monday, June 01, 2026 / 7:30:00 AM - 9:00:00 AM EST
Woodrow Wilson B
Join us for breakfast to connect with fellow first-time attendees and our Community Champions to find out how to get the most out of your conference experience. This session includes a Conference Orientation, starting at 8:00 am, that you will walk away from with insights into the conference’s key topic and content.
Monday, June 01, 2026 / 7:30:00 AM - 5:45:00 PM EST
Prince George's Hall Foyer
In today’s rapidly evolving security landscape, choosing the right solutions can be challenging. Stay informed and ahead of threats with Gartner Peer Insights, offering access to thousands of verified peer reviews on over 5,400 products and services across 96 security-focused markets. Visit our booth to discover how Peer Insights can empower you to make smarter, more confident security decisions. Plus, share your experience by writing a review and receive a special gift!
Monday, June 01, 2026 / 7:30:00 AM - 5:45:00 PM EST
Ballroom Foyer
Discover cutting-edge tools, diagnostics and actionable resources at the Gartner Showcase. Visit our demo space for a personalized walkthrough of our business and technology insights platform and learn how Gartner's leading tools like AskGartner, Third-Party Cybersecurity Insights Platform, and Cybersecurity Business Value Benchmark can help you make faster, smarter decisions on your mission-critical priorities.
Monday, June 01, 2026 / 7:30:00 AM - 7:00:00 PM EST
Cherry Blossom Ballroom
Registration and Information hours for the day.
Monday, June 01, 2026 / 7:45:00 AM - 8:45:00 AM EST
Prince George's Hall E
Join other attendees from your industry for breakfast before the day's sessions.
Monday, June 01, 2026 / 9:30:00 AM - 10:15:00 AM EST
Live: Potomac Ballroom (Remote Viewing: Maryland A)
It feels like everything is happening, everywhere, all at once. But amidst the chaos, there are opportunities, “moments” that we can seize, to ensure Cybersecurity’s success. What if we could use our organizations’ rush to AI as an opportunity to modernize both human and machine identity? What if we could turn the inevitability of cyber-attacks into a learning cycle that continuously makes us smarter, stronger, faster and more resilient? What if we could monetize our innovation with a cycle of continuous learning to fund even more innovation? Join this keynote and learn how to seize these moments!
Monday, June 01, 2026 / 10:15:00 AM - 11:00:00 AM EST
Exhibit Showcase, Prince George's Hall
Join us for refreshments in a brief break between sessions.
Monday, June 01, 2026 / 10:15:00 AM - 11:00:00 AM EST
National Harbor Foyer
Take a break and make an impact — participate in writing thank you cards to America’s Veterans.
Monday, June 01, 2026 / 10:15:00 AM - 7:00:00 PM EST
Exhibit Showcase, Prince George's Hall
Visit the Exhibit Showcase to evaluate industry offerings that can move your business forward. Engage with your peers, Gartner experts, and exhibitors. Attend a theater session to see technology in action.
Monday, June 01, 2026 / 10:15:00 AM - 5:00:00 PM EST
Prince George's Hall C Foyer
Engagement Zone sponsored by Black Kite
Monday, June 01, 2026 / 10:15:00 AM - 5:00:00 PM EST
Prince George's Hall Foyer
Stop by the Airia Engagement Zone to see how that partnership plays out in practice — including how the Atlassian Williams F1 Racing Team is building AI governance frameworks that enterprises like yours can adopt today. Chat with the Airia team, get hands-on with the platform, and enter for a chance to win exclusive signed Atlassian Williams merchandise. Victory margins in F1 are measured in thousandths of a second, and the difference between the podium and the pit lane comes down to who processes information faster. Sound familiar? It should — because that's exactly the challenge enterprises face every day.
Monday, June 01, 2026 / 10:15:00 AM - 5:00:00 PM EST
Maryland C Foyer
A working merch bar, not a giveaway table. Select an item to be laser engraved with your name, initials, or a mark of your choice, or pick a shirt and design to be pressed on demand. Every piece is made for the person taking it home.
Monday, June 01, 2026 / 10:15:00 AM - 5:00:00 PM EST
Potomac A Foyer
AI vendors are now critical third parties, but most TPRM programs still treat them like traditional SaaS. Stop by SAFE’s engagement zone for a 5-minute live demo of AI Vendor Risk Management. See how SAFE helps teams govern AI vendors across contracts, questionnaires, outside-in exposure, configuration, and live activity, and answer the question every CISO is asking: what is our risk from ChatGPT, Claude, Copilot, and other AI vendors?
Monday, June 01, 2026 / 10:15:00 AM - 5:00:00 PM EST
Potomac C Foyer
Engagement Zone sponsored by Vectra AI
Monday, June 01, 2026 / 10:15:00 AM - 5:00:00 PM EST
Maryland A Foyer
Stop by our interactive merch station to grab some exclusive swag from Silverfort, the leader in identity and access management.
Monday, June 01, 2026 / 10:15:00 AM - 7:00:00 PM EST
Engagement Zone, Exhibit Showcase
AI is reshaping work faster than policies, controls, and oversight can keep up. As highlighted in Lenovo’s Work Reborn research, organizations are now navigating a two‑tier workforce where sanctioned AI use and shadow AI coexist, creating new trust and risk dynamics. Recorded live at Gartner Security & Risk, Work Reborn features candid, peer‑driven conversations with security and IT leaders exploring how they are responding to this shift. Join Lenovo in the Engagement Zone for an interactive podcast focused on securing users, devices, and data while enabling innovation, productivity, and resilience in an AI‑driven workplace. Space is limited. Step up, take the mic, and help shape what secure work becomes next.
Monday, June 01, 2026 / 11:00:00 AM - 11:30:00 AM EST
Potomac A
Cybersecurity leaders are key enablers of digital business and are accountable for helping the enterprise balance associated risks and benefits. This “Leadership Vision for 2026” helps SRM leaders plan for 2026 and develop presentations for leadership, peers and teams.
Monday, June 01, 2026 / 11:00:00 AM - 11:30:00 AM EST
Annapolis
In a volatile, uncertain, complex and ambiguous (VUCA) world, preparing a cybersecurity budget requires shifting from a static, reactive approach to a flexible, risk-based strategy. The goal is to build resilience against unpredictable threats by aligning security investments with dynamic business priorities.
Monday, June 01, 2026 / 11:00:00 AM - 11:30:00 AM EST
Potomac C
The move to postquantum cryptography will be a companywide effort that will affect every part of data security, cloud management, I&O, IAM and most other systems. But, with a problem so large, where should you begin? In this session, we will go over the three initial steps that will form a solid foundation for ongoing efforts in the transition, promoting a smooth and scalable process over the next two years.
Monday, June 01, 2026 / 11:00:00 AM - 11:30:00 AM EST
Potomac D
This session examines the evolving cyber risk landscape and key strategies for effective mitigation. As cyberattacks and new regulatory mandates increase, cybersecurity leaders must adopt a proactive and quantifiable risk management approach. Learn how to align cyber risk investments with business objectives to ensure robust protection and strategic coherence.
Monday, June 01, 2026 / 11:00:00 AM - 11:30:00 AM EST
Potomac B
As AI rapidly advances, it is transforming the ransomware landscape, empowering both attackers and defenders. This session explores how threat actors use AI to accelerate the success of their cyberattacks, while security leaders turn to AI tools for faster detection and response. This session offers a look at the evolving AI-powered threat environment and provides actionable insights on adapting defenses, updating playbooks and preparing for the next generation of intelligent cyber extortion.
Monday, June 01, 2026 / 11:00:00 AM - 11:30:00 AM EST
Maryland C
Many organizations find it challenging to move beyond reactive data security measures despite increasing threats and regulatory pressures. This session outlines a strategic approach to maturing toward a posture of resilience through data-centric security, leveraging AI-driven adaptive controls and strengthening incident response and business continuity.
Monday, June 01, 2026 / 11:00:00 AM - 11:30:00 AM EST
Maryland B
This is the yearly update on the M365 Tops security and identity features session. Come learn what you need to do to secure your M365 tenant. This session will offer an ordered list of all the features of Microsoft or third-party alternatives that you need to enable now!
Monday, June 01, 2026 / 11:00:00 AM - 11:30:00 AM EST
Maryland D
Many cybersecurity buying decisions are based on technical capabilities and price (and not necessarily in that order). As platforms become the norm and more and more functionalities depend on less vendors, it is equally as important to have an index of vendor trust that can inform your buying decisions, especially in more commoditized markets. This session will introduce the Vendor Trust Index, explain its use, and show how to effectively develop one that is tailored to your organizational objectives.
Monday, June 01, 2026 / 11:00:00 AM - 11:30:00 AM EST
National Harbor 11
The cybersecurity threat landscape is a moving target. Organizations cannot address all threats due to resource limitations and need proven ways to prioritize their investments. Gartner's updated ThreatScape for 2026-2027 enables organizations to optimize their prediction and prevention, enhance detections, and prepare for new and emerging threats.
Monday, June 01, 2026 / 11:00:00 AM - 11:30:00 AM EST
Maryland A
Public sector AI investments often fail to deliver ROI due to a narrow focus on buying tools and ill-defined goals, exposing them to backlash from political leaders. Technology leaders must shift to an ecosystem-focused AI strategy — that advances D&A and aligns contracts, talent and governance — to drive real mission impact.
Monday, June 01, 2026 / 11:00:00 AM - 12:00:00 PM EST
RiverView Ballroom
Board reporting on cybersecurity must be clear, concise and consistent. Using a framework derived from financial reporting standards will help CISOs and CIOs achieve this goal.
Monday, June 01, 2026 / 11:00:00 AM - 11:20:00 AM EST
Theater 4, Prince George's Hall
The SIEM market is evolving at an unprecedented rate. This presentation discusses the latest SIEM Magic Quadrant, and what forces and trends are disruptive to the SIEM market. This presentation is for cybersecurity leaders looking to reevaluate their SIEM strategy and understand what key capabilities are required from modern SIEM.
Monday, June 01, 2026 / 11:45:00 AM - 12:45:00 PM EST
National Harbor 5
Build new relationships and learn in a fun, fast-paced networking session made up of six 8-minute meetings. Connect peer-to-peer in focused conversations sharing your professional journeys, current goals, or challenges. Please make every effort to arrive on time as other attendees will be looking forward to meeting with you.
Monday, June 01, 2026 / 12:00:00 PM - 12:45:00 PM EST
Chesapeake A
As AI becomes embedded across devices, platforms, and workflows, traditional approaches to enterprise security are being tested. We will explore how security strategies must evolve to protect users, data, and business outcomes in an increasingly distributed and intelligent workplace. The goal is not consensus, but perspective. What actually needs to change as the workplace becomes AI‑powered?
Monday, June 01, 2026 / 12:00:00 PM - 12:45:00 PM EST
Chesapeake B
If targeted today, would your organization withstand the attack? Security programs measure effort, not outcomes. Boards are done accepting “we think we’re protected.” Explore how to move away from endless checklists to AI-driven, attacker-centric validation to prove resilience, quantify exposure, and track progress. Compare how to communicate risk and progress to boards and practical steps to enhance CTEM, RBVM, and broader cyber programs.
Monday, June 01, 2026 / 12:00:00 PM - 12:45:00 PM EST
Chesapeake F
AI is already making decisions in your business and chances are, no one truly owns the risk. When it goes wrong, who takes the hit? This CISO discussion goes straight at the uncomfortable reality: hidden AI exposure, unclear accountability, and what it actually takes to regain control before it becomes a breach.
Monday, June 01, 2026 / 12:00:00 PM - 12:45:00 PM EST
Chesapeake 1
AI coding agents are reshaping how software gets built, and how it gets attacked. 87% of AI-generated code contains vulnerabilities, and attackers are exploiting this. Malware attacks surged 90% in 2025 as developers became primary targets. Join this peer discussion on how senior leaders navigate both sides: governance models; what controls work; and how to ship fast without systemic risk. Leave with perspectives on the choices enterprises face.
Monday, June 01, 2026 / 12:00:00 PM - 12:45:00 PM EST
Chesapeake 2
Shadow AI isn't coming. It's already here. Employees across every function are reaching for whatever tools are available, often well outside any policy that exists. Secure AI adoption isn't a technology problem; it's a behavior problem. The real question is whether your organization is shaping that behavior proactively, or discovering the exposure after the fact. Join peers wrestling with it right now. Attendees will leave with peer-tested strategies for tackling shadow AI, policy adoption, and secure AI enablement.
Monday, June 01, 2026 / 12:00:00 PM - 12:45:00 PM EST
Chesapeake 3
This session examines what agentic architecture actually looks like in production, where the security gaps are, and how three enterprises are governing it today. Hear Multiple CISOs share how they moved from shadow AI discovery to runtime governance of coding agents, MCP tool chains, and multi agent workflows while accelerating AI adoption rather than restricting it. Practical frameworks for identity, data, and action governance included.
Monday, June 01, 2026 / 12:00:00 PM - 12:45:00 PM EST
Chesapeake 5
Cryptography is everywhere and it protects our sensitive information across data at rest, in transit, and long-lived assets. But new advancements in Quantum Computing could create risks of decryption. This discussion will focus on how IBM recommends you to start performing cryptography inventory, define realistic governance policies, and make risk-based decisions to modernize. Share your thoughts and challenges on building a roadmap for long term cryptography remediation.
Monday, June 01, 2026 / 12:00:00 PM - 12:30:00 PM EST
Potomac A
Powerful, computer-use agents like Claude Code, OpenAI Codex, and OpenClaw have transformed the endpoint into a critical control plane for AI security. These agents can inherit full permissions of their users, autonomously act, and take high risk actions that never cross network boundaries, like running terminal commands and modifying local files. Attend this talk to learn how to assess and defend the agentic blast radius on the endpoint.
Monday, June 01, 2026 / 12:00:00 PM - 12:30:00 PM EST
Annapolis
As AI agents move to production, securing them is critical. This session provides a technical blueprint for securing AI agent deployments at scale. Learn how to establish an identity control plane, implement dynamic authorization, maintain a "kill switch" for rogue agents, and use Cross App Access (XAA) for secure agent-to-app connections. Build your AI transformation on a foundation of digital trust with identity as the central control point.
Monday, June 01, 2026 / 12:00:00 PM - 12:30:00 PM EST
National Harbor 11
Learn how a global manufacturer transformed its third-party risk program from reactive to predictive. In this session, we’ll explore how they leveraged AI and real-time threat intelligence to cut oversight time, detect risks early, and modernize TPRM operations. Discover practical steps to build a continuous, 360° view of vendor risk—before breaches happen.
Monday, June 01, 2026 / 12:00:00 PM - 12:30:00 PM EST
National Harbor 2
AI adoption is accelerating, but so are risks such as prompt injection, data leakage, insecure retrieval, and untrusted agents. This session shares a practical, data-centric framework for securing GenAI, RAG, and Agentic AI using proven controls for data discovery, access governance, encryption, monitoring, and compliance. Attendees will learn how to reduce exposure, protect sensitive data, and deploy AI with greater trust.
Monday, June 01, 2026 / 12:00:00 PM - 12:30:00 PM EST
Potomac B
AI-driven vulnerabilities are creating remediation backlogs that human-led teams can’t manage alone. Agentic defense offers protection at machine speed using applied threat intelligence. But can these agents truly deliver? This session explores how autonomous AI transforms the SOC—driving continuous detection, hunting, and investigation. Learn how to shift your team from reactive firefighting to proactive, automated prevention
Monday, June 01, 2026 / 12:00:00 PM - 12:30:00 PM EST
Potomac C
AI is accelerating both sides of the threat equation. Enterprises adopting AI copilots, models, and agents face a new security imperative: ensuring a compromised or over-privileged agent can’t become a high-speed path to sensitive data. Zscaler CEO Jay Chaudhry will discuss how Zero Trust Everywhere extends to AI, delivering visibility, control, and measurable risk reduction.
Monday, June 01, 2026 / 12:00:00 PM - 12:30:00 PM EST
Potomac D
Artificial intelligence is reshaping how organizations compete—accelerating productivity, sharpening decisions, and enabling new business models. That momentum introduces regulatory and operational risks most GRC approaches aren't equipped for. In this session, we'll discuss a practical framework for governing AI risk, see how leading organizations adopt AI responsibly, and learn how to integrate AI controls into existing GRC processes.
Monday, June 01, 2026 / 12:00:00 PM - 12:30:00 PM EST
Maryland A
Atlassian Williams F1 Racing Team trusted their people to use the right AI tools for the job, but that approach evolved into something far more deliberate. As AI matured from general chat tools to agents acting on some of the most sensitive data in professional sport, the Atlassian Williams F1 Racing Team built a governance program that most enterprises are still trying to figure out. The challenge will sound familiar: a sophisticated AI ecosystem where every tool serves a distinct purpose, contractual obligations shape what can be used where, and sensitive data demands a clear framework for every decision. In this session, Richard Brearton, Atlassian Williams F1 Racing Team's Lead AI Engineer joins Airia CEO Kevin Kiley to share how they built an AI security and governance framework that matches every AI use case to the level of controls, and what every enterprise can take from that approach before it becomes a crisis.
Monday, June 01, 2026 / 12:00:00 PM - 12:30:00 PM EST
Maryland B
When internal AI agents proliferate with unrestricted access to sensitive systems and external adversaries unleash autonomous attacks, security must adapt. Bringing together Cisco's vision for the Agentic Workforce and the Agentic SOC, this session lays the new operating model for security teams in the AI era. Learn to govern agentic identity, access, and actions, while stopping threats at machine speed.
Monday, June 01, 2026 / 12:00:00 PM - 12:30:00 PM EST
Maryland C
AI is moving fast. Your security needs to keep pace. CISOs are drowning in fragmented tools, inconsistent policy enforcement across models, and vendor promises without clear evidence. In this session, learn how F5 cuts through the noise with a three-step approach to securing AI: deploy foundational guardrails, tailor them to your use case, and use continuous adversarial testing to stay ahead. No hand-waving, just scalable protection and policies.
Monday, June 01, 2026 / 12:00:00 PM - 12:30:00 PM EST
National Harbor 12
AI-powered adversaries explore, adapt, and chain vulnerabilities in seconds. Your defenses? Largely unproven. Security teams deploy controls and assume they hold, until an incident proves otherwise. Discover how Autonomous Security Validation emulates real attacks, surfaces what is exploitable, prioritizes and remediates exposures and re-tests every fix with configurable agentic workflows. Walk away ready to operationalize security validation.
Monday, June 01, 2026 / 12:00:00 PM - 12:30:00 PM EST
Maryland D
CISOs are under pressure to operationalize generative AI without compromising governance, visibility, or compliance. As browser-based AI tools proliferate, risk shifts from adoption to control. Employees are embedding AI into workflows—often through unmanaged apps—creating data leakage and regulatory exposure. Explore Shadow AI risks, data exfiltration paths, and practical controls to enforce policy while enabling secure AI-driven productivity.
Monday, June 01, 2026 / 12:00:00 PM - 12:30:00 PM EST
Woodrow Wilson B
Agentic AI is reshaping how we approach security. Explore why legacy security models fail and the mindset shift leaders must embrace to thrive. From the explosion of agentic AI and shadow tools to the convergence of data and access into a single “security brain,” learn how to gain visibility, orchestrate across ecosystems and build a foundation that secures trust at scale. See vision, live examples, and a clear path toward defining the AI future.
Monday, June 01, 2026 / 12:30:00 PM - 2:30:00 PM EST
Prince George's Hall E
Join other attendees for lunch and take advantage of the opportunity to network and catch up on the day's activities so far.
Monday, June 01, 2026 / 12:30:00 PM - 2:30:00 PM EST
National Harbor Foyer
Take a break and make an impact — participate in writing thank you cards to America’s Veterans.
Monday, June 01, 2026 / 12:30:00 PM - 2:30:00 PM EST
Exhibit Showcase, Prince George's Hall
Join us for a dessert reception on the Exhibit Showcase where you can engage with peers, Gartner experts, and exhibitors while enjoying delicious treats. Evaluate industry offerings that can move your business forward. Attend a theater session to see technology in action.
Monday, June 01, 2026 / 12:45:00 PM - 1:15:00 PM EST
Annapolis
Discover how CISOs and CIOs can build strong, collaborative partnerships — even when their priorities differ. Drawing on Gartner’s latest benchmarking insights, this session offers practical strategies to strengthen or reset the CISO-CIO relationship. Learn best practices for defining cybersecurity responsibilities, managing conflict throughout a CISO’s tenure and navigating reporting structures.
Monday, June 01, 2026 / 12:45:00 PM - 1:15:00 PM EST
Maryland A
Using AI for the sake of using AI is ill advised, we know this now. However, after a decade of privacy and data protection laws, the coming decade will see similar AI law requirements. Although there are many details necessary to observe, taking a step back and approaching every intended AI usage consistently the same, will not only prevent guaranteed failure but also set you up for potential success. Attendees will walk away with five universal requirements, before diving into details.
Monday, June 01, 2026 / 12:45:00 PM - 1:15:00 PM EST
National Harbor 11
CISOs are increasingly responsible for negotiating security services and subscriptions for their function or are called on by procurement and business leaders to opine over security specific clauses in business-critical agreements. This session will outline Gartner's position on the top risk and security clauses that must be addressed to ensure business resiliency and regulatory compliance for your organization and some negotiation tactics to improve the likelihood of success.
Monday, June 01, 2026 / 12:45:00 PM - 1:15:00 PM EST
Maryland C
Has your CIO or CISO tasked you with securing all AI agents your business units are buying or building? Indirect prompt injection has emerged as a leading risk in the agentic AI landscape. Join this session to learn about the top security risks associated with LLM-based AI agents, strategies for managing rogue agent threats, and best practices for securing MCP implementations.
Monday, June 01, 2026 / 1:00:00 PM - 2:30:00 PM EST
RiverView Ballroom
We increasingly find ourselves in a world without truth. Based on the recently published Gartner book, “World Without Truth,” this session will discuss the CISO’s role in addressing the disinformation security threats that a world without truth represents. Lunch service will begin at 1:00 pm; The speaker will present from 1:30 pm - 2:00 pm, with an interactive discussion following from 2:00 pm - 2:30 pm
Monday, June 01, 2026 / 1:15:00 PM - 1:35:00 PM EST
Theater 1, Prince George's Hall
Endpoint growth is outpacing traditional security. As critical work shifts to endpoints, unpatched vulnerabilities can cause serious business impact in hours—not days. Learn how teams have modernized security and improved resilience with automated patching, reduced exposure windows, and stronger SecOps-ITOps alignment.
Monday, June 01, 2026 / 1:15:00 PM - 1:35:00 PM EST
Theater 2, Prince George's Hall
As organizations expand into AI-driven workflows, SaaS, and hybrid environments, sensitive data becomes harder to track and control as it moves among users, applications, and systems. This session explores a unified, data-centric approach focused on understanding content to improve visibility and control. Attendees will see a live demonstration of how data is discovered, classified, and protected in real time across environments.
Monday, June 01, 2026 / 1:15:00 PM - 1:35:00 PM EST
Theater 3, Prince George's Hall
Innovation & risk go hand in hand, but the State of Software Security report reveals that with AI, critical code flaw creation is outpacing the capacity to fix them. With 82% of organizations burdened by security debt & a surge in high-risk vulnerabilities, the stakes are intensifying. Learn how other CISOs are handling the double-edged impact of AI, the on-going challenges of third-party code, & what to do with the surge in remediation struggles
Monday, June 01, 2026 / 1:15:00 PM - 1:35:00 PM EST
Theater 4, Prince George's Hall
Security is constrained by a model that wasn't designed for modern environments. With vulns exploited within hours of disclosure, defenders remain bound to workflows that can’t keep up with threats or adapt to organizations’ unique operations. Outpacing attackers requires a fundamental redesign. This talk explores why the control plane is moving from UIs to agents, and why practitioners are shifting from operators to governors of risk and intent.
Monday, June 01, 2026 / 1:30:00 PM - 2:00:00 PM EST
Maryland B
AI and cybersecurity leaders must act now to discover and manage all manifestations of AI including embedded AI, shadow AI and AI browsing. The rapid integration of AI into browsers and web agents is introducing new risks, requiring a fundamental shift in enterprise AI risk management and governance. Join this session to know more.
Monday, June 01, 2026 / 1:30:00 PM - 2:00:00 PM EST
Potomac C
SaaS dominates the cloud landscape. It demands a shared-responsibility, data-centric security mindset that prioritizes identity control, continuous monitoring and vendor risk management over traditional perimeter defenses. CISOs must harness SaaS APIs to gain visibility, enforce policy, and improve threat response.
Monday, June 01, 2026 / 1:30:00 PM - 2:00:00 PM EST
Maryland D
As security gets more complex and budgets get tighter, more CISOs are considering security vendor consolidation projects as a way to improve security outcomes and budget bottom lines. This session will explore top practices for achieving a successful security vendor consolidation project. We will also discuss the future of the security solutions market, with an emphasis on how to evaluate emerging security platforms.
Monday, June 01, 2026 / 1:30:00 PM - 2:00:00 PM EST
Potomac D
Optimizing cybersecurity technology and architecture effectiveness is an imperative, but there are now multiple, intersecting architecture trends to choose from. This session will help you to identify and navigate these trends as AI emerges as the underlying architecture.
Monday, June 01, 2026 / 1:30:00 PM - 2:00:00 PM EST
Maryland A
Today, CISOs are increasingly challenged by the growing complexity and volume of cyber regulations, which can overwhelm resources and hinder strategic progress. This presentation will examine the regulatory landscape, highlight common pain points and provide practical approaches for managing compliance without sacrificing security objectives. Learn how to prioritize regulatory requirements, streamline compliance efforts and develop strategies to remain agile and effective in a highly regulated environment.
Monday, June 01, 2026 / 1:40:00 PM - 2:00:00 PM EST
Theater 1, Prince George's Hall
The MDR market hits $9.6B in 2025, yet 69% of SOCs still run manual processes, and 61% admit to ignoring alerts that later caused breaches. Something is broken. Aqsa Taylor shares unfiltered signals from CISO conversations and a study of real implementations on where AI SOC is actually delivering, where it isn't, and why the real debate is about who owns the failure when it's wrong. Spoiler: your current MDR contract doesn't answer that.
Monday, June 01, 2026 / 1:40:00 PM - 2:00:00 PM EST
Theater 2, Prince George's Hall
AI is evolving from generating responses to taking action. As enterprises deploy agents connected to MCP servers, APIs, and third-party tools, a largely invisible attack surface emerges. Security teams focus on prompts and models, but risk lives in the action layer—where agents execute real operations. This session explores that gap and how to secure the API-driven infrastructure behind agentic systems.
Monday, June 01, 2026 / 1:40:00 PM - 2:00:00 PM EST
Theater 3, Prince George's Hall
Organizations must modernize identity while maintaining continuity across cloud, on-prem, hybrid, and edge environments. As AI agents and automation access systems and initiate actions, identity becomes the enterprise control plane. Join Ping Identity and Foard Consulting to learn how an identity-first strategy enables Zero Trust, governs AI agents, and secures access across humans, machines, and autonomous workflows.
Monday, June 01, 2026 / 1:40:00 PM - 2:00:00 PM EST
Theater 4, Prince George's Hall
You approved the automation. You enabled agentic AI, but not what came next. AI agents operate inside SaaS platforms with real authority, inheriting over-broad permissions and creating ungoverned data flows that CASB, IAM, and DLP were never built to detect. This session cuts through the hype to examine how agentic AI expands blast radius and data exposure, and gives security teams a practical framework to identify, protect, detect, and respond.
Monday, June 01, 2026 / 2:05:00 PM - 2:25:00 PM EST
Theater 2, Prince George's Hall
Power grids, pipelines, manufacturing, & data centers have more technologies than ever involved in their control loop. Cloud infrastructure, IoT, AI-driven automation, & robotics shape how critical operations function and adversaries exploit them. With threats to industrial operations intensifying globally, Dragos CEO Robert M. Lee examines what securing the full xOT environment requires and the community's shared responsibility to get it right.
Monday, June 01, 2026 / 2:05:00 PM - 2:25:00 PM EST
Theater 3, Prince George's Hall
AI is accelerating attacks and expanding the blast radius across identity and data systems. At the same time, fragmented security tools slow response and make trusted recovery difficult. This session explores how organizations can unify identity resilience, data security, and AI-driven operations into a single control plane that reduces risk, contains attacks, and restores trust across hybrid environments.
Monday, June 01, 2026 / 2:05:00 PM - 2:25:00 PM EST
Theater 4, Prince George's Hall
AI-driven attacks are redefining how organizations must operate. We’ve entered a new reality where AI can plan and execute across the full intrusion lifecycle. Exposure now expands and shifts across attack surface, depth, and sophistication of attack paths, all operating at machine speed and much faster than it can be tested. This session outlines the implications and how to adapt your security model to keep pace with real-world risk.
Monday, June 01, 2026 / 2:05:00 PM - 2:25:00 PM EST
Theater 1, Prince George's Hall
Anthropic's Project Glasswing — announced just weeks ago — used their Claude Mythos model to autonomously discover thousands of zero-day vulnerabilities across every major operating system and browser, with fewer than 1% patched. This talk uses that moment as a forcing function to make the case that prevention-focused security is no longer a sufficient strategy: when AI can find exploitable flaws at machine speed, realistic defense architectures must be as capable at detecting and disrupting attackers after they're in as they are at attempting to prevent breaches. This session walks through how flow-based metadata architectures and real-time behavioral detection can address threats across encrypted, hybrid, and multi-cloud environments — detecting lateral movement and attacker behavior regardless of the initial exploit. Attendees will see examples of how modern behavioral detection strategies can reduce attacker dwell time, improve post-compromise visibility, and help security teams disrupt attackers when it matters most.
Monday, June 01, 2026 / 2:30:00 PM - 3:00:00 PM EST
Potomac A
AI agents are emerging as organizations invest in homegrown generative AI applications for enterprise automation. Cybersecurity leaders should adapt secure development and runtime security practices to address new attack surfaces and risks from enterprise AI agents.
Monday, June 01, 2026 / 2:30:00 PM - 3:00:00 PM EST
Maryland C
The IT Score for Cybersecurity and Risk is a strategic planning tool designed for CISOs and their teams, measuring performance across seven objectives and 30 key management activities. Learn how IT score and Gartner’s global benchmarking of over 3000 international clients can help you assess program maturity, pinpoint critical gaps and drive data-informed improvements.
Monday, June 01, 2026 / 2:30:00 PM - 3:00:00 PM EST
Annapolis
While the principles protecting individual privacy remain steadfast, organizations operating in multiple regions are confronted with divergent regulatory approaches, ranging from emergence and enforcements to evolution. Join this session to learn of the latest trends, (regulatory) developments, and actions for succeeding in such a diverse environment.
Monday, June 01, 2026 / 2:30:00 PM - 3:00:00 PM EST
Potomac D
Application security maturity remains low despite its critical role in data breaches. As organization race to harness AI in development and applications, they face a rapidly evolving risk landscape, while trying to mature their application security programs. This session provides an overview of the most important elements of an application security strategy.
Monday, June 01, 2026 / 2:30:00 PM - 3:00:00 PM EST
Maryland A
Collaborative cyber risk management demands strong alignment across IT, cybersecurity, and risk functions. This session will explore common pitfalls Gartner has identified from client experiences and offer strategies to overcome them, helping organizations successfully implement collaborative models and realize their benefits.
Monday, June 01, 2026 / 2:30:00 PM - 3:00:00 PM EST
Maryland B
Human and nonhuman secure access is now a must-have with the exponential growth in the use of AI applications, GenAI and agentic AI. This is disrupting the SASE and SSE markets. Existing platforms have to adapt to accommodate the new reality of human and nonhuman collaboration in accessing workloads securely.
Monday, June 01, 2026 / 2:30:00 PM - 3:00:00 PM EST
Potomac B
Cybersecurity is a business-critical element in all operations, consistently featured in Gartner’s annual top strategic technology trends. In this session, we’ll review these trends across several years to determine where we should be currently and where we’re headed. Cybersecurity leaders can use these insights to strategically align with C-suite goals and maximize the effectiveness of their cybersecurity programs.
Monday, June 01, 2026 / 2:30:00 PM - 3:00:00 PM EST
Maryland D
This session will explore the impact of the adoption of Agentic AI technologies on SOC staffing levels, skillsets and guide participants into areas they will need to make human capital investments in to maintain the relevance of the SOC into 2030.
Monday, June 01, 2026 / 2:30:00 PM - 3:00:00 PM EST
National Harbor 11
AI is everywhere and in seemingly in everything. What impact is it having in application security? Can I finally forget about AppSec and just let AI do all the work? Short answer: No, but there are a number of ways Agentic AI is showing up in AppSec that you can leverage today. In this session we'll go over some of the current uses of AI in AppSec, what is on the horizon, and how IT leaders can evaluate and leverage this today.
Monday, June 01, 2026 / 2:30:00 PM - 3:00:00 PM EST
Potomac C
This session explores how University of Illinois Chicago built an Identity and Access Management (IAM) roadmap that is tightly aligned with business practices, risk priorities, and regulatory expectations. Attendees will learn how we have translated business objectives into actionable IAM capabilities, prioritized initiatives, and defined a practical path from current state to target maturity. The session emphasizes collaboration, measurable outcomes, and positioning IAM as a strategic business enabler rather than a standalone security function.
Monday, June 01, 2026 / 2:30:00 PM - 2:50:00 PM EST
Theater 1, Prince George's Hall
Hybrid cloud fundamentally evolved the network perimeter. Organizations now need to modernize their architectures to enable seamless movement of data and applications across public clouds, private clouds, and on-premises environments. As hybrid mesh firewalls expand in functionality, organizations increasingly implement technologies like SASE and SSE, which offer similar security capabilities. In this session we will discuss the market evolution of Hybrid Mesh Firewall and the latest Magic Quadrant.
Monday, June 01, 2026 / 3:15:00 PM - 4:00:00 PM EST
Chesapeake F
In 2025 alone, there were $3.04B in losses due to BEC, and today's attacks are getting harder to spot. As threats evolve to mirror real conversations and blend into normal behavior patterns, traditional "known-bad" detection leaves organizations dangerously exposed. In this session, we'll explore why signature-based tools fail, and how shifting to "known-normal" can transform your security posture.
Monday, June 01, 2026 / 3:15:00 PM - 4:00:00 PM EST
Chesapeake 1
Your tools can detect. Can they act - and can you trust the action? This roundtable brings together security leaders to examine what it actually takes to move from alert to automated response. We'll discuss how to securely manage assets you can't see, identities you can't track, and AI agents nobody approved. Then the harder question: which decisions still need humans - and which ones shouldn't?
Monday, June 01, 2026 / 3:15:00 PM - 4:00:00 PM EST
Chesapeake A
Organizations are investing heavily in AI, yet many security teams struggle to move beyond pilots and into real operational impact. What separates those who scale from those who stall? In this executive technology strategy session, we will have a discussion on AI adoption strategies, common pitfalls to avoid, and how to make AI a force multiplier within your automation strategy.
Monday, June 01, 2026 / 3:15:00 PM - 4:00:00 PM EST
Chesapeake B
Downtime is now one of the most material risks facing the enterprise. Join this interactive roundtable with fellow CIOs and CISOs to explore how leading organizations are shifting from prevention to resilience. Share strategies to maintain operations, recover faster, mitigate shadow AI and reduce the business impact of cyber disruption.
Monday, June 01, 2026 / 3:15:00 PM - 3:45:00 PM EST
Potomac A
Agentic AI systems are proliferating across organizations. Their placement as a new middleware layer introduces risks as they integrate resources, identities, and privileges for automation and workflows. Secure design, recognition of new attack vectors, and modern authentication methods are essential to avoid cybersecurity incidents. This presentation focuses on the non-human aspects of agentic AI and best practices to mitigate risk.
Monday, June 01, 2026 / 3:15:00 PM - 3:45:00 PM EST
Potomac B
The cryptography protecting today’s data faces a historic shift. With NIST driving post-quantum standards and preparing to deprecate RSA beginning in 2030, enterprises must prepare now. Learn about a practical framework around strategy, discovery, risk assessment, remediation, and continuous governance. This framework allows you to move along your path to scalable crypto-agility and post-quantum cryptography readiness.
Monday, June 01, 2026 / 3:15:00 PM - 3:45:00 PM EST
Potomac C
Executive enthusiasm for rapid deployment often leads to overlooked security risks in Agentic AI adoption. When "just deploy it" overrides governance, Agentic AI becomes a persistent, autonomous exposure that security teams didn't approve and can't fully see. Join us to learn to identify and mitigate risks across three pillars of Agentic AI risk—Prompt Injection (OWASP #1), Data Leakage, and System Vulnerabilities—reinforced by Tenable AI Research showing how plain-English prompts hijacked a Copilot Studio agent to leak sensitive data. No-Code with No-Governance equals No-Security.
Monday, June 01, 2026 / 3:15:00 PM - 3:45:00 PM EST
Potomac D
AI adoption is outpacing traditional data protection controls, creating new data loss risks across generative AI, copilots, and shadow AI. This session presents a framework to identify where data is exposed, when risk occurs, and how to implement scalable, enforceable controls. Learn how to define AI risk appetite, align governance with business priorities, and operationalize AI-aware DLP to reduce exposure while enabling responsible AI adoption.
Monday, June 01, 2026 / 3:15:00 PM - 3:45:00 PM EST
Maryland A
In this session, Cloudflare provides a battle-tested roadmap for security leaders, drawn from years of experience managing one of the world's largest PQC deployments. We share the specific technical wins, operational challenges, and the strategic milestones necessary to meet a 2029 readiness goal. Attendees will leave with a framework for their own journey's towards crypto agility and post-quantum readiness.
Monday, June 01, 2026 / 3:15:00 PM - 3:45:00 PM EST
Maryland B
Many organizations know they need to prepare for post-quantum cryptography (PQC), but unclear where to begin. In this fireside chat, DigiCert CISO Jeremy Rowley joins CMO Atri Chatterjee to discuss how DigiCert became its own “Customer Zero” for cryptographic agility and quantum readiness. Managing thousands of certificates, DigiCert automated certificate management, improved cryptographic visibility, and prepared critical systems for PQC-ready cryptography. Attendees will leave with practical lessons and clear next steps for building their own roadmap to quantum readiness.
Monday, June 01, 2026 / 3:15:00 PM - 3:45:00 PM EST
Maryland C
AI was supposed to transform security operations. For most teams, it hasn't—yet. Not because AI isn't capable, but because most orgs are deploying it wrong. This session introduces operational defense-in-depth: a framework proven across hundreds of environments that layers AI, automation, and human judgment across the full detection and response pipeline to drive faster detection and better decisions in your SOC.
Monday, June 01, 2026 / 3:15:00 PM - 3:45:00 PM EST
Maryland D
AI has lowered the barrier for attackers to continuously probe your environment. This session shows how defenders can use the same AI advantages to uncover real attack paths, validate controls pre-incident, and safely test in production. You’ll learn how AI‑based, attacker-centric testing fits in your stack today, and how to operationalize testing within CTEM and RBVM, and use trend data to prove risk reduction, not just report it.
Monday, June 01, 2026 / 3:15:00 PM - 3:45:00 PM EST
Woodrow Wilson B
Organizations face pressure to reduce risk and increase AI adoption, yet most are constrained by manual processes, fragmented tools, and stale data. Learn how Autonomous IT, driven by AI and real‑time intelligence, can help organizations move beyond tool centric approaches to ecosystem centric architectures to streamline operations, improve visibility, and strengthen threat correlation -- providing a blueprint for the next era of digital defense.
Monday, June 01, 2026 / 3:15:00 PM - 3:45:00 PM EST
Annapolis
Compliant AI starts with governing how regulated data is accessed, used, and moved. AI agents autonomously push regulated data across compliance boundaries, creating risks traditional security wasn't designed to address. This session shows how to close this gap by governing data in motion with attribute-based access control, real-time policy enforcement, comprehensive AI audit trails, and granular controls over how agents interact with sensitive data.
Monday, June 01, 2026 / 3:15:00 PM - 3:45:00 PM EST
National Harbor 11
With 300+ IR experts responding to 1000s of engagements every year, LevelBlue sees how modern attackers really operate. Devon Ackerman, Global Services Leader of DFIR and former FBI Supervisory Special Agent, shares three frontline stories: Microsoft Graph API abuse for stealth data exfiltration, SEO poisoning that creates accidental insider threats, and help desk social engineering tied to MFA resets. Real cases, real lessons.
Monday, June 01, 2026 / 3:15:00 PM - 3:45:00 PM EST
National Harbor 2
AI is now both the ultimate weapon and the essential defense. As adversaries weaponize AI for reconnaissance and exploitation, legacy SOC models fail to keep pace. Join this session to explore autonomous security operations for machine-speed detection, investigation, and response. We’ll examine the evolution of AI-driven threats, lessons from past paradigms, and how autonomous, agentic SecOps empowers defenders to reclaim the advantage.
Monday, June 01, 2026 / 3:45:00 PM - 4:15:00 PM EST
Exhibit Showcase, Prince George's Hall
Join us for refreshments in a brief break between sessions.
Monday, June 01, 2026 / 3:45:00 PM - 4:15:00 PM EST
National Harbor Foyer
Take a break and make an impact — participate in writing thank you cards to America’s Veterans.
Monday, June 01, 2026 / 3:50:00 PM - 4:10:00 PM EST
Theater 1, Prince George's Hall
Organizations are securing AI workloads, often treating them as a separate attack surface. However, legacy servers, misconfigured AD, and cached credentials can all exploit sensitive AI agents or MCP servers. This session will share real-life examples of how old and new attack surfaces converge and how to infuse exposure intelligence—from discovery to prioritization and mobilization—across teams to preempt attackers.
Monday, June 01, 2026 / 3:50:00 PM - 4:10:00 PM EST
Theater 2, Prince George's Hall
89% of organizations in the AI Security Gap reported an AI-related attack or vulnerability in the past year, highlighting an urgent need for effective security strategies. This session will provide actionable strategies and real-world examples to help security leaders improve visibility, expand coverage across the AI lifecycle, and prioritize exploitable risks.
Monday, June 01, 2026 / 3:50:00 PM - 4:10:00 PM EST
Theater 3, Prince George's Hall
Unsanctioned AI tools and swarms of AI agents are creating a new "shadow AI" problem. This session provides a path forward. We will demonstrate how to gain visibility and control over the agentic workforce, from AI agents to service accounts. Learn how to apply governance to this new frontier, mitigate novel risks, and securely enable innovation.
Monday, June 01, 2026 / 3:50:00 PM - 4:10:00 PM EST
Theater 4, Prince George's Hall
AI agents are already in your environment — and most were deployed without security review. The result is sprawl: agents with excess access, hidden capabilities, and no runtime guardrails. This session delivers a concrete playbook built on three disciplines — discovery, governance, and runtime enforcement — plus a maturity model, SOC-ready policies, and a phased deployment approach. The goal isn't to slow AI. It's to scale it safely.
Monday, June 01, 2026 / 4:15:00 PM - 4:45:00 PM EST
Potomac A
Cybersecurity leaders face unprecedented external forces — from geopolitical tensions to rapid AI growth — testing the limits of existing programs. This session details Gartner’s top eight trends for 2026, providing the strategic pivot needed to manage risk and build resilience across three core themes: transforming governance, securing new frontiers and empowering AI adoption.
Monday, June 01, 2026 / 4:15:00 PM - 4:45:00 PM EST
National Harbor 11
The 2026 NDAA codified a number of key provisions modernizing federal operations and accelerating acquisition approaches for new and emerging technologies. This session will cover how cybersecurity leaders can leverage the new acquisition provisions and technical directives to build a constant flow of innovation and emerging technology into their operations.
Monday, June 01, 2026 / 4:15:00 PM - 4:45:00 PM EST
Potomac C
As frequency and impact of disruption caused by third-party cyber incidents grow, regulators, Boards and other enterprise stakeholders require cybersecurity to step in and manage these risks. This session will discuss the evolution of the practice from due-diligent focus to on-going monitoring, implications on resilience and AI risks as well as how its helping drive efficiency.
Monday, June 01, 2026 / 4:15:00 PM - 4:45:00 PM EST
Potomac D
Identity has become the de-facto organization perimeter and the primary control plane for cybersecurity amid the shift to cloud and the rapid adoption of AI technologies. Modern IAM strategies enhance cybersecurity and reduce the business friction associated with legacy cybersecurity controls. Cybersecurity leaders must transform IAM from a tactical or checkbox exercise into a key pillar of cybersecurity strategy.
Monday, June 01, 2026 / 4:15:00 PM - 4:45:00 PM EST
Annapolis
Defining reference architectures for security capabilities helps accelerate and deploy often complex layered defenses repeatedly as needed. This session presents a case study using a capability model which helps define requirements fulfilled by security capabilities in Gartner’s reference architecture briefs and resource center. These resources present leading approaches to security which help clients to identify, innovate and modernize their organization’s future-state security approach.
Monday, June 01, 2026 / 4:15:00 PM - 4:45:00 PM EST
Maryland B
Zero trust isn’t just a technology decision — it’s a strategic journey. In this breakout session, we’ll reveal eight essential milestones that lay the foundation for a successful zero-trust initiative. These actionable steps help organizations reduce risk, align stakeholders, and accelerate adoption. Whether you’re just starting or refining your approach, this session will equip you with a roadmap to drive meaningful outcomes and avoid common pitfalls.
Monday, June 01, 2026 / 4:15:00 PM - 4:45:00 PM EST
Maryland C
Email security vendors and attackers are in an arms race to gain the upper hand with AI in email. Find out how both sides are evolving, which features provide real business value, and what questions you need to ask to develop a more effective email security program.
Monday, June 01, 2026 / 4:15:00 PM - 4:45:00 PM EST
Maryland A
Learn how AI and automation enable real-time data loss prevention across SaaS, endpoints and AI workflows. Discover practical architectures that use machine learning and behavioral analytics to reduce false positives, adapt policies, and close data exfiltration gaps, without impacting productivity.
Monday, June 01, 2026 / 4:15:00 PM - 4:45:00 PM EST
Potomac B
Is your company rolling out Microsoft 365 Copilot, but you don't know what are the top security risks? Heard about overpermission or oversharing being the biggest security risk and not sure how to deal with it? Do you know RCE is being redefined as remote Copilot execution? Join this session to hear about the top five security risks of Microsoft 365 Copilot and how to mitigate them.
Monday, June 01, 2026 / 4:15:00 PM - 4:45:00 PM EST
Maryland D
Stepping into a new CISO role can feel like a game of Tetris— the pieces keep coming and every decision shapes the bigger picture. Success in the first year depends on fitting new strategies into existing structures while figuring out what to shift or remove. Join Kevin McCarty, 1 year into the job as CISO at Gartner, to learn about: • Having a no-limits mindset with a clear and adaptable vision from day one • Communicating clear, quantified risk to secure investment • Developing trust and partnership across the business to create influence and speed execution Kevin McCarty, Chief Information Security Officer, Gartner
Monday, June 01, 2026 / 4:15:00 PM - 4:35:00 PM EST
Theater 4, Prince George's Hall
Security operations technology and services defend IT/operational technology systems, cloud workloads, applications, and other digital assets from attack by identifying threats and exposures. This Hype Cycle helps cybersecurity and risk management leaders strategize and implement SecOps capabilities and functions.
Monday, June 01, 2026 / 5:00:00 PM - 5:30:00 PM EST
Potomac A
Cybersecurity governance has atrophied and needs a reset. Big ideas like a standard of due care, stakeholder defensibility, a threat readiness index, protection-level agreements and outcome-based governance offer to shake it up. We need new ways to engage executives, determine what good looks like and drive priorities and investments. Join this session to know more.
Monday, June 01, 2026 / 5:00:00 PM - 5:30:00 PM EST
Annapolis
Disinformation attacks are growing to a global crisis level and CISOs need to quickly adapt technology stacks in order to effectively defend their organizations. Join this session to gain essential insight for investing confidently in rapidly evolving disinformation security technology capabilities.
Monday, June 01, 2026 / 5:00:00 PM - 5:30:00 PM EST
Potomac C
Understanding the attack surface is key to defending your organization. Today’s threats don’t respect boundaries — your attack surface is everywhere. Are you defending what matters or guessing in the dark? Seeing through the eyes of an attacker is the key to building true resilience.
Monday, June 01, 2026 / 5:00:00 PM - 5:30:00 PM EST
Potomac D
Cyber regret looms on the horizon. CISOs face an unprecedented period of cybersecurity investment and innovation - but years of budget growth lead to cyber regret on the horizon. CISOs must act now to reduce cyber regret, and pivot cybersecurity toward more agile ways of working.
Monday, June 01, 2026 / 5:00:00 PM - 5:30:00 PM EST
Maryland D
Every organization, regardless of size, could use additional cybersecurity talent and skills. Unfortunately, the demand for cybersecurity talent is currently outpacing the supply. Attendees of this session will receive recommendations they can apply tomorrow to broaden their potential talent pool.
Monday, June 01, 2026 / 5:00:00 PM - 5:30:00 PM EST
Potomac B
Cybersecurity program effectiveness is constantly challenged due to complex and ever-changing operating environments. Cybersecurity leaders need to ensure security program outcomes are optimized, and they can do this by ensuring their function's operating model is fit for purpose. Join this session to learn about the Gartner Cybersecurity Operating Model and how to leverage it to ensure your security capabilities are optimized for the current landscape.
Monday, June 01, 2026 / 5:00:00 PM - 5:30:00 PM EST
Maryland C
Metrics for detection and response services rarely ensure good service quality. Generic and rigid time-based SLAs can be costly if they are not aligned with internal processes. Unclear metrics may lead to unmet service expectations. This session will explore how to best design cybersecurity metrics to measure the effectiveness of managed services and improve your security operations team’s efficiency.
Monday, June 01, 2026 / 5:00:00 PM - 5:30:00 PM EST
Maryland A
Traditional DevSecOps practices enable better secure software outcomes. But when the software starts thinking, learning or generating on its own, new risks appear. AI systems can be tricked, biased or leak information in ways normal code cannot. To protect them, software engineering teams must extend DevSecOps practices with AI security practices.
Monday, June 01, 2026 / 5:00:00 PM - 5:30:00 PM EST
National Harbor 11
With three rapid-fire sessions back-to-back, these “edge positions” tackle three major concerns for CISOs: 1. Should You Cap Prevent-Side Cybersecurity Investment? Discover how to define a “good-enough” level of prevention performance and shift mind/wallet share to resilience. 2. Evolving Bring Your Own Device to Bring Your Own Enhancements: Explore how to evolve BYOD policies with BYOE to address augmented humans in the workforce. 3. What if Cyber Risk had an S&P500 Index? Learn how the cyber defense index can show whether protection levels are rising or falling.
Monday, June 01, 2026 / 5:00:00 PM - 5:30:00 PM EST
Maryland B
One of the most dangerous risks in security operations is often overlooked: human exhaustion. Burnout directly affects decision quality, retention, and operational resilience. In this session, we will examine how burnout appears inside security organizations and will share how we have used leadership interventions, psychological safety, and simple reset techniques to strengthen resilience without lowering performance expectations. Based on our experiences, we’ll leave you with actionable strategies to protect your teams and mission.
Monday, June 01, 2026 / 5:30:00 PM - 7:00:00 PM EST
Exhibit Showcase, Prince George's Hall
Join us for a networking reception on the Exhibit Showcase where you can engage with peers, Gartner experts, and exhibitors while enjoying food and beverages. This evening's reception stations will feature dim sum and a noodle bar, along with beer, wine and soft drinks. Evaluate industry offerings that can move your business forward. Attend a theater session to see technology in action.
Monday, June 01, 2026 / 5:40:00 PM - 6:00:00 PM EST
Theater 1, Prince George's Hall
During a cyber-attack, recovery becomes the bellwether of cyber resilience. Organizations need operational capabilities and process know-how to respond, recover data and applications, and avoid reinfection. This session covers three essential concepts every organization must master, including digital jump bags, cyber vaulting, and digital forensics that help organizations survive tomorrow’s cyber attack.
Monday, June 01, 2026 / 5:40:00 PM - 6:00:00 PM EST
Theater 2, Prince George's Hall
Your threat detection is automated. Your vulnerability scanning is automated. Your compliance program still runs on spreadsheets. This is where risk lives. This session makes the case for compliance-as-code as the enabler tying your automated investments together. Learn how AI accelerates the shift, why budget pressure makes now the time, and how one org moved hundreds of systems to continuous validation, cutting authorization times dramatically.
Monday, June 01, 2026 / 5:40:00 PM - 6:00:00 PM EST
Theater 3, Prince George's Hall
The personal digital lives of executives are now the main pathway into the enterprise, and threat actors are turning digital reconnaissance into physical vulnerability. For CISOs and CSOs, this convergence represents a major gap in corporate security. This session will provide actionable strategies for implementing a full-category Digital Executive Protection program that bridges this gap without burdening internal resources.
Monday, June 01, 2026 / 5:40:00 PM - 6:00:00 PM EST
Theater 4, Prince George's Hall
AI agents are operating inside organizations, often without approval. Unlike traditional software, agents make non-deterministic decisions and access resources without explicit human direction. This session introduces an open standard for applying least privilege principles to agentic workflows: just-in-time access, end-to-end encryption, and human-in-the-loop approvals so agents access only what they need, when they need it.
Monday, June 01, 2026 / 6:05:00 PM - 6:25:00 PM EST
Theater 1, Prince George's Hall
Cyber incidents may start in the server room, but they end in the boardroom when systems go down. In this session, learn practical ways to contain threats by design, limit lateral movement and shrink blast radius before disruption spreads. See how segmentation and resilience-focused security can preserve critical services, speed recovery and keep the business running--even on a bad day.
Monday, June 01, 2026 / 6:05:00 PM - 6:25:00 PM EST
Theater 2, Prince George's Hall
Organizations invest heavily in identity, endpoint, network, and cloud controls, yet attackers still find gaps. The issue isn’t more tools—it’s lack of alignment and validation. This session explores where Zero Trust breaks down, how attackers exploit control gaps, and why continuous validation is critical to ensure controls actually work and reduce risk.
Monday, June 01, 2026 / 6:05:00 PM - 6:25:00 PM EST
Theater 3, Prince George's Hall
Agentic AI is reshaping how software is built and attacked. With exploit timelines compressed to just 1.6 days (and shrinking), security must move at machine speed. This session shows how Agentic AppSec AI finds, fixes, and validates risks in real time, embedding protection into the development lifecycle so AI becomes both builder and defender.
Monday, June 01, 2026 / 6:05:00 PM - 6:25:00 PM EST
Theater 4, Prince George's Hall
Every major technology shift requires a new security paradigm. Just as the Cloud gave birth to SASE/SSE, AI is giving birth to AUC. Network controls miss critical visibility into AI prompts, struggle with encrypted and on-device AI usage, and disrupt the user experience. This session will explain why effective AI Usage Control must focus on the interaction, not the pipe, and how that shift improves security, adoption, and operational simplicity.
Monday, June 01, 2026 / 6:30:00 PM - 6:50:00 PM EST
Theater 1, Prince George's Hall
For enterprise security leaders, one key challenge has gone unsolved for decades: Persistent data rights management for sensitive information shared outside the enterprise. Hear how public-sector and commercial organizations are using the Virtru Data Security Platform to extend the value of DSPM/DLP for full-lifecycle data protection, finally realizing the benefits of the Universal RMS Microsoft failed to build in 2003.
Monday, June 01, 2026 / 6:30:00 PM - 6:50:00 PM EST
Theater 2, Prince George's Hall
This session reframes social engineering as a coordinated, AI‑driven attack chain that spans email, chat, SMS, voice, and video. Attendees will learn how attackers design cross‑channel campaigns, what Human Risk Management looks like in practice, and how to build a unified, human‑centric defense model that aligns security controls, processes, and business stakeholders.
Monday, June 01, 2026 / 6:30:00 PM - 6:50:00 PM EST
Theater 3, Prince George's Hall
Cryptography secures every identity, transaction, and connection — yet most organizations can’t see all the keys, certificates, and algorithms they rely on. This hidden gap is a growing target for threat actors, especially with AI-driven attacks and post-quantum disruption on the horizon. Learn how to discover and prioritize vulnerabilities, automate cryptographic inventory, and make cryptographic risk a measurable part of your security strategy.
Monday, June 01, 2026 / 6:30:00 PM - 6:50:00 PM EST
Theater 4, Prince George's Hall
Exposure management is broken and more data isn’t fixing it. CISOs struggle to answer where risk truly lies. Fragmented tools and poor data create noise, not clarity. This session shares a practical 5-step playbook to drive real risk reduction, with insights from global enterprises achieving 80% faster remediation and improved accountability through context-driven, AI-enabled exposure management.
Monday, June 01, 2026 / 7:00:00 PM - 9:00:00 PM EST
Atrium Town Park
Join Synack for the 5th annual Whiskey Tasting Experience on Monday, June 1, from 7:00 to 9:00 PM. This rustic themed reception will be held at the Gaylord National Harbor Atrium. Sip premium spirits and tap your toes to high-energy bluegrass and string-band music. Whether you are a connoisseur or a novice, visit with the Whiskey Educator who will stir you in the right direction. Cocktails, wine, beer, and appetizers will also be served.
Monday, June 01, 2026 / 7:00:00 PM - 9:00:00 PM EST
Lookout 18 Lounge
Networking Reception Hosted by Sailpoint
Tuesday, June 02, 2026 / 7:00:00 AM - 9:00:00 AM EST
Prince George's Hall E
Join other attendees for breakfast before the day's sessions.
Tuesday, June 02, 2026 / 7:00:00 AM - 5:45:00 PM EST
Prince George's Hall Foyer
In today’s rapidly evolving security landscape, choosing the right solutions can be challenging. Stay informed and ahead of threats with Gartner Peer Insights, offering access to thousands of verified peer reviews on over 5,400 products and services across 96 security-focused markets. Visit our booth to discover how Peer Insights can empower you to make smarter, more confident security decisions. Plus, share your experience by writing a review and receive a special gift!
Tuesday, June 02, 2026 / 7:00:00 AM - 5:45:00 PM EST
Ballroom Foyer
Discover cutting-edge tools, diagnostics and actionable resources at the Gartner Showcase. Visit our demo space for a personalized walkthrough of our business and technology insights platform and learn how Gartner's leading tools like AskGartner, Third-Party Cybersecurity Insights Platform, and Cybersecurity Business Value Benchmark can help you make faster, smarter decisions on your mission-critical priorities.
Tuesday, June 02, 2026 / 7:00:00 AM - 7:00:00 PM EST
Cherry Blossom Ballroom
Registration and Information hours for the day.
Tuesday, June 02, 2026 / 7:15:00 AM - 8:45:00 AM EST
RiverView Ballroom
This session delves into key AI predictions and current challenges, providing CISOs with actionable insights to build effective and resilient three-year roadmaps. Learn how to optimize AI initiatives for cybersecurity and adapt security programs to align with future business uses. Breakfast service will begin at 7:15 am; The speaker will present from 7:45 am - 8:15 am, with an interactive discussion following from 8:15 am – 8:45 am
Tuesday, June 02, 2026 / 7:15:00 AM - 8:15:00 AM EST
Prince George's Hall E
Join other attendees from your industry for breakfast before the day's sessions.
Tuesday, June 02, 2026 / 9:00:00 AM - 9:45:00 AM EST
Live: Potomac Ballroom (Remote Viewing: Maryland A)
In this conversation, renowned chef, political activist and Harvard professor, José Andrés takes you behind the scenes from bustling restaurant kitchens to active conflict zones, sharing the art of adapting when everything goes wrong. Drawing from his crisis response experiences, he reveals how innovation and creativity are forged in moments of uncertainty and challenge. Through edge-of-your-seat anecdotes, Andrés proves that cultivating a culture of adaptability not only leads to personal and organizational success but also drives positive change for a better tomorrow.
Tuesday, June 02, 2026 / 9:45:00 AM - 10:30:00 AM EST
Exhibit Showcase, Prince George's Hall
Join us for refreshments in a brief break between sessions.
Tuesday, June 02, 2026 / 9:45:00 AM - 10:30:00 AM EST
National Harbor Foyer
Take a break and make an impact — participate in writing thank you cards to America’s Veterans.
Tuesday, June 02, 2026 / 9:45:00 AM - 7:00:00 PM EST
Exhibit Showcase, Prince George's Hall
Visit the Exhibit Showcase to evaluate industry offerings that can move your business forward. Engage with your peers, Gartner experts, and exhibitors. Attend a theater session to see technology in action.
Tuesday, June 02, 2026 / 9:45:00 AM - 4:45:00 PM EST
Prince George's Hall C Foyer
Engagement Zone sponsored by Black Kite
Tuesday, June 02, 2026 / 9:45:00 AM - 4:45:00 PM EST
Prince George's Hall Foyer
Stop by the Airia Engagement Zone to see how that partnership plays out in practice — including how the Atlassian Williams F1 Racing Team is building AI governance frameworks that enterprises like yours can adopt today. Chat with the Airia team, get hands-on with the platform, and enter for a chance to win exclusive signed Atlassian Williams merchandise. Victory margins in F1 are measured in thousandths of a second, and the difference between the podium and the pit lane comes down to who processes information faster. Sound familiar? It should — because that's exactly the challenge enterprises face every day.
Tuesday, June 02, 2026 / 9:45:00 AM - 4:45:00 PM EST
Maryland C Foyer
A working merch bar, not a giveaway table. Select an item to be laser engraved with your name, initials, or a mark of your choice, or pick a shirt and design to be pressed on demand. Every piece is made for the person taking it home.
Tuesday, June 02, 2026 / 9:45:00 AM - 4:45:00 PM EST
Potomac A Foyer
AI vendors are now critical third parties, but most TPRM programs still treat them like traditional SaaS. Stop by SAFE’s engagement zone for a 5-minute live demo of AI Vendor Risk Management. See how SAFE helps teams govern AI vendors across contracts, questionnaires, outside-in exposure, configuration, and live activity, and answer the question every CISO is asking: what is our risk from ChatGPT, Claude, Copilot, and other AI vendors?
Tuesday, June 02, 2026 / 9:45:00 AM - 4:45:00 PM EST
Potomac C Foyer
Engagement Zone sponsored by Vectra AI
Tuesday, June 02, 2026 / 9:45:00 AM - 4:45:00 PM EST
Maryland A Foyer
Stop by our interactive merch station to grab some exclusive swag from Silverfort, the leader in identity and access management.
Tuesday, June 02, 2026 / 9:45:00 AM - 7:00:00 PM EST
Engagement Zone, Exhibit Showcase
AI is reshaping work faster than policies, controls, and oversight can keep up. As highlighted in Lenovo’s Work Reborn research, organizations are now navigating a two‑tier workforce where sanctioned AI use and shadow AI coexist, creating new trust and risk dynamics. Recorded live at Gartner Security & Risk, Work Reborn features candid, peer‑driven conversations with security and IT leaders exploring how they are responding to this shift. Join Lenovo in the Engagement Zone for an interactive podcast focused on securing users, devices, and data while enabling innovation, productivity, and resilience in an AI‑driven workplace. Space is limited. Step up, take the mic, and help shape what secure work becomes next.
Tuesday, June 02, 2026 / 10:00:00 AM - 10:20:00 AM EST
Theater 1, Prince George's Hall
The SOC pyramid is collapsing. AI dropped the cost of custom malware by 80%–90%. A new vulnerability surfaces every 17 minutes. Playbooks can't keep pace. Elastic Security GM Mike Nichols shows how an agentic SOC compresses response from hours to under 4 minutes, with human judgment in the loop. The adversary is already all-in on AI. Are you?
Tuesday, June 02, 2026 / 10:00:00 AM - 10:20:00 AM EST
Theater 2, Prince George's Hall
IAM compliance is still driven by manual checks and audit sprints, leaving organizations exposed to duplicated controls, stale evidence, and people‑dependent readiness. This session focuses on reducing compliance risk by shifting IAM to continuous, automated controls and evidence pipelines. Learn how to reuse controls across frameworks and report an always‑on, defensible IAM risk and compliance posture without increasing operational overhead.
Tuesday, June 02, 2026 / 10:00:00 AM - 10:20:00 AM EST
Theater 3, Prince George's Hall
Join this session hosted by Joe Scalone, Sr. Technical Solutions Leader (Yubico) and featured speaker Kishore Kandalai, (IBM Consulting) to discover how to build trusted identity, achieve cyber resilience, and ensure business continuity with an efficient, secure passwordless strategy in the modern cyber age of AI-powered threats.
Tuesday, June 02, 2026 / 10:00:00 AM - 10:20:00 AM EST
Theater 4, Prince George's Hall
AI-led attackers reduce breakout times to under 30 minutes, autonomously exploiting zero-day vulnerabilities. Most organizations test only 32% of their attack surface, leaving 68% exposed. This session defines the "Three Engines of AI" and the shift toward Agentic AI. Discover how a human-led, agent-driven model delivers the scale and continuous coverage needed to close that visibility gap and keep pace with machine-speed adversaries.
Tuesday, June 02, 2026 / 10:15:00 AM - 11:15:00 AM EST
RiverView Ballroom
The move to postquantum cryptography will be a companywide effort that will affect every part of data security, cloud management, I&O, IAM and most other systems. But, with a problem so large, where should you begin? In this session, we will go over the three initial steps that will form a solid foundation for ongoing efforts in the transition, promoting a scalable, smooth process over the next two years.
Tuesday, June 02, 2026 / 10:30:00 AM - 11:00:00 AM EST
Potomac A
Progressive CISOs and cybersecurity leaders benchmark their programs, controls and resources to ensure optimal prioritization in their strategy. In this breakout, learn how these inputs can help you assess your current state and build a roadmap to prioritize your strategic investments going forward by leveraging tools such as IT Score, CCA, IT Key Metrics and ODMs.
Tuesday, June 02, 2026 / 10:30:00 AM - 11:00:00 AM EST
Potomac B
AI's promises shaped high expectations in the past. Moreover, every step forward in AI, such as LLMs, created a new wave of "AI washing" and new hopes for concrete improvements. This session puts recent and upcoming changes in perspective and guides CISOs on integrating AI into their cybersecurity roadmap.
Tuesday, June 02, 2026 / 10:30:00 AM - 11:00:00 AM EST
Maryland D
In today’s digitally connected world the reality that many businesses face is the constant potential for a cyber attack leading to catastrophic business impacts . As cyber threats evolve with fresh sophistication, the question is not if your organization will be targeted, but when. Join this session to explore the main considerations and challenges for cyber resilience in the future, and discover what strategies you will need to put in place to ensure your cyber resilience strategy is fit for the threats ahead.
Tuesday, June 02, 2026 / 10:30:00 AM - 11:00:00 AM EST
Potomac D
As GenAI becomes increasingly widespread, data classification remains a critical process to secure data that powers models. However, its success if often hindered by perceptions that classifying all organizational data is impractical, and that data owners are either unable or unwilling take on the task. Come to this session to learn how CISOs can address these perceived barriers and accelerate their classification initiatives by leveraging user education, automation and risk-based approaches?
Tuesday, June 02, 2026 / 10:30:00 AM - 11:00:00 AM EST
Maryland A
Global conflict, AI-based disruption and political upheaval continue to impact the risk landscape for organizations. In this environment, cybersecurity programs become paramount. This session will provide insights into the current global cybersecurity landscape.
Tuesday, June 02, 2026 / 10:30:00 AM - 11:00:00 AM EST
National Harbor 11
Your first year as a CISO determine your success in creating a security-conscious organization. This session provides guidance and support to new cybersecurity leaders to help maximize their success during this pivotal transition phase.
Tuesday, June 02, 2026 / 10:30:00 AM - 11:00:00 AM EST
Potomac C
AI applications add new attack surfaces and steps in the application development life cycle, requiring dedicated and new security practices. This session will cover Gartner's recommendation to secure AI and generative AI applications. Gartner's AI TRiSM includes required measures to prevent AI failures.
Tuesday, June 02, 2026 / 10:30:00 AM - 11:00:00 AM EST
Maryland C
Attackers are increasingly using deepfakes to try and defeat automated voice biometrics and identity verification processes. Additionally, IAM and security leaders are dealing with deepfake-augmented social engineering, such as attackers impersonating company executives to request money transfers from employees. Join this session to learn about the current state of the art in deepfake detection and approaches to mitigation.
Tuesday, June 02, 2026 / 10:30:00 AM - 11:00:00 AM EST
Maryland B
The majority of Gartner clients see cloud as business critical for their organization. This means that effective and appropriate cloud security — be it for IaaS, PaaS or SaaS — is a key element of a successful security program. This session will provide a lightning tour over the key elements of a successful approach, where they should be applied and help decode the complex range of acronyms, approaches and associated tools that are required for this success.
Tuesday, June 02, 2026 / 10:30:00 AM - 11:00:00 AM EST
Annapolis
This session explores S&P’s ongoing journey to Continuous Threat Exposure Management (CTEM). Starting from a disruptive tooling incident, the team redesigned how they prioritize, act on, and report vulnerabilities across a large enterprise. Learn how they brought business stakeholders to the table, re set expectations with executive leadership, and architected a CTEM approach that balances automation, “human in the loop” decision making, and safe remediation at scale.
Tuesday, June 02, 2026 / 10:30:00 AM - 11:00:00 AM EST
Woodrow Wilson B
OpenAI’s Daybreak recent announcement represents an early but notable shift in how AI may be applied to cybersecurity defense. By combining frontier AI models with AI coding assistants, Daybreak is positioned to help organizations find, validate, and remediate vulnerabilities faster and at greater scale. This session will give you Gartner’s take on Daybreak — focusing on what’s known today, what’s still unclear and what matters most for you right now.
Tuesday, June 02, 2026 / 10:30:00 AM - 10:50:00 AM EST
Theater 4, Prince George's Hall
Generative AI is reshaping software development, accelerating the introduction of insecure code and creating new classes of risk. How are application security testing (AST) market offerings evolving to help organizations meet these challenges? Join us for a market overview and learn how AST providers were evaluated for Gartner's 2025 Magic Quadrant for Application Security Testing.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:15:00 PM EST
Chesapeake A
Cyber leaders are accelerating AI adoption—but many lack clear checkpoints to prove value or control risk. This moderated discussion explores an APEX style cyber-AI journey with defined adoption gates, from early automation to agentic operations. Learn how peers are setting success metrics, validating ROI at each stage, and making fund or fix decisions that align security outcomes, risk tolerance, and operating models.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:15:00 PM EST
Chesapeake B
Every enterprise security control comes with a tax in the form of staff hours; meanwhile, speed and complexity of attacks are growing exponentially. Enterprises will need to choose which applications warrant investment in fully automated, machine-speed defense. In this session, Mimic Chief Product Officer Bob Blakley will lead a discussion on how known-good security controls can protect systems even against machine-speed, AI-powered attacks, and how to build security budgets focused on defending critical applications.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:15:00 PM EST
Chesapeake F
AI agents already operate inside enterprises, reasoning and acting through APIs and MCP servers connected to sensitive systems. Yet most security frameworks, built for a pre-agentic world, secure only the model and miss the action layer. In this session, Michael Callahan introduces the Agentic Security Graph, mapping risks, exposing blind spots, and outlining a full-stack approach to securing the agentic era.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:15:00 PM EST
Chesapeake 1
The great DLP reset is here after decades of ineffective policies and unacceptable false positive rates. Legacy controls can't keep up as your data flows through the endpoint, cloud and now AI environments. Join this interactive discussion to see how leading data security teams are moving from simple data loss observation, to powerful data loss prevention. We'll discuss how DSPM supports (but doesn’t solve) the problem and explore what CISOs can do to secure data in motion, everywhere.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:15:00 PM EST
Chesapeake 2
Today's SOCs are overwhelmed. How can leaders shift from reactive fire-fighting to proactive risk management? This discussion will focus on the strategic imperative of integrating identity context into security operations. We’ll explore how this approach reduces alert fatigue, accelerates response, and provides the visibility needed to anticipate threats.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:15:00 PM EST
Chesapeake 3
Most AI and automation initiatives in security follow the same arc: a promising POC, a cautious move to production, and a pipeline of planned use cases that quietly stalls. Meanwhile the pitch is agentic everything - autonomous triage, self-healing workflows, AI that thinks like your team. This session examines what's working, what should exist before automation compounds, and what happens to teams in that journey. Come ready to engage honestly.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:15:00 PM EST
Chesapeake 5
Post-Quantum Cryptography is more than just deploying tools or building a cryptographic bill of materials. It is about transforming the enterprise with modern encryption and having the ability to adjust with new standards and regulations. Two common challenges that leaders face include “what’s my risk profile” and “where do I start the migration.” Join this discussion to compare how enterprises are creating plans, aligning stakeholders, and tackling PQC discovery and remediation.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:30:00 PM EST
National Harbor 5
Build new relationships and learn in a fun, fast-paced networking session made up of six 8-minute meetings. Connect peer-to-peer in focused conversations sharing your professional journeys, current goals, or challenges. Please make every effort to arrive on time as other attendees will be looking forward to meeting with you.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:00:00 PM EST
Potomac A
Agentic AI is reshaping work through autonomous agents that plan, decide, and act across enterprise systems. While accelerating innovation, this introduces new security and governance gaps. This talk will examine risks like agent sprawl, permission misuse, and unintended actions, and shares practical principles to establish trust, governance, and control so organizations can adopt agents with confidence.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:00:00 PM EST
Potomac B
AI is here today and quantum is coming quickly. They will force your password, truly random or not, to be 25+ char long. Learn how AI and quantum attack passwords differently, but why they both end up at the same place. Learn the following: ·Types of password attacks ·Describe how AI and quantum improve password attacks ·Describe why passwords need to be 25-characters or longer ·List multiple AI-enabled password cracking tool
Tuesday, June 02, 2026 / 11:30:00 AM - 12:00:00 PM EST
Potomac C
AI won't fix a security program built on untrusted asset data. This session makes the case for getting back to the basics - how asset intelligence addresses common security and exposure management operations related to cutting through alert noise, managing exposures, and making defensible decisions to prioritize the 5-10% of exposures that drive real risk. Get the fundamentals right, and everything else - including AI - becomes easy to adopt with confidence.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:00:00 PM EST
Potomac D
While AI grants attackers speed, defenders possess a unique "context advantage" across code, data, and infrastructure. This session explores AI risk across four layers: models, agents, data pipelines, and cloud access. We’ll address how high-velocity AI agents outpace human security and provide a four-pillar framework to close visibility gaps—like prompt injection and overprivilege—using your environment's deep context to stay ahead.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:00:00 PM EST
Maryland A
As organizations embrace AI tools, chatbots, and agents, sensitive information is increasingly exposed through excessive access and poor data security. Using Blink-182's anthems, this session breaks down real-world AI security risks and lessons learned from early adoption. Attendees will learn how paying attention to "All the Small Things" can help them secure AI and the data that powers it to reduce risk throughout the entire AI lifecycle.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:00:00 PM EST
Maryland B
Global enterprises are entering a defining moment where incremental change is no longer enough. Speed, network effects, and security now determine advantage. Superintelligence and agentic code studios enable self-evolving systems that move beyond human-limited execution. The result is the 10x Enterprise: a new operating model for speed, scale, and continuous adaptation.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:00:00 PM EST
Maryland C
Complexity has quietly become the adversary. Most cybersecurity programs now manage more tools than they have analysts to run them, more dashboards than anyone checks, and more vendors than the team can keep honest. This session makes the case for subtraction as a strategy, looks at what the best teams cut first, and offers the vocabulary for arguing that less stack is more security.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:00:00 PM EST
Maryland D
AI is reshaping the enterprise — accelerating productivity while redefining cyber risk. As organizations deploy AI‑driven workflows, agents, and infrastructure, they face autonomous attackers, machine‑speed threats, and blurred boundaries between people, AI, and core systems. This session examines why securing the AI era demands a new cybersecurity model—one built on continuous behavioral understanding, cross‑domain visibility, and Self‑Learning AI to detect novel threats, respond autonomously, and deliver true cyber resilience.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:00:00 PM EST
Woodrow Wilson B
As AI rapidly transforms enterprise operations,CISOs are under pressure to balance cyber resilience, compliance & business growth.The evolving threat landscape & operational complexity require organizations to rethink traditional security strategies and prioritize unified visibility & intelligent automation.Hear from CXOs of two leading U.S. enterprises on how we helped strengthen security, streamline IT operations & boost operational efficiency.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:00:00 PM EST
Annapolis
AI tools have the power to transform organizational productivity while exponentially increasing risk. Join this session to uncover how workplace AI tools can expose sensitive data, bypass controls, and introduce new attack surfaces. We’ll also explore what you can do to mitigate these risks effectively without impeding innovation.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:00:00 PM EST
National Harbor 11
Every vendor is racing to put AI agents in the SOC. Few are asking who is accountable when those agents act. As breakout times drop to minutes and autonomous systems make containment decisions, the real challenge is not speed. It is trust. This session presents a decision framework for human-AI accountability in security operations, drawing on real-world MDR data to show where AI excels, where it fails, and where humans remain essential.
Tuesday, June 02, 2026 / 11:30:00 AM - 12:00:00 PM EST
National Harbor 2
Most security tools detect & alert. What they don't do is act-because acting requires context most tools don't have. Every asset matters. Every identity needs to be secured. Every AI agent needs to be governed from the moment it appears. We'll explore what changes when real-time asset discovery, identity permissions, & enterprise workflow data connect in one place: the full picture that creates confidence to automate remediation-not just flag it.
Tuesday, June 02, 2026 / 12:00:00 PM - 2:00:00 PM EST
Prince George's Hall E
Join other attendees for lunch and take advantage of the opportunity to network and catch up on the day's activities so far.
Tuesday, June 02, 2026 / 12:00:00 PM - 2:00:00 PM EST
National Harbor Foyer
Take a break and make an impact — participate in writing thank you cards to America’s Veterans.
Tuesday, June 02, 2026 / 12:00:00 PM - 2:00:00 PM EST
Exhibit Showcase, Prince George's Hall
Join us for a dessert reception on the Exhibit Showcase where you can engage with peers, Gartner experts, and exhibitors while enjoying delicious treats. Evaluate industry offerings that can move your business forward. Attend a theater session to see technology in action.
Tuesday, June 02, 2026 / 12:15:00 PM - 12:45:00 PM EST
Maryland D
Learn how to design a cybersecurity strategy that flexes with changing technologies, regulations and business needs. Gain practical templates and tools to future-proof your organization against tomorrow's unknowns.
Tuesday, June 02, 2026 / 12:15:00 PM - 12:45:00 PM EST
Maryland B
Few cybersecurity teams consider themselves sufficiently prepared to meet the demands of enterprise AI adoption. CISOs must establish AI proficiency across the cybersecurity team to boost competence in managing AI cybersecurity risk.
Tuesday, June 02, 2026 / 12:15:00 PM - 12:45:00 PM EST
National Harbor 11
Threat exposure management requires visibility into modern attack surfaces and the security team’s coordination and cooperation with other business functions, such as networking, cloud, identity and app teams. This session will provide insights into what is on the horizon for 2026 with regards to threat exposure management, its evolution, including the impact of new business practices and threats on your security exposure.
Tuesday, June 02, 2026 / 12:15:00 PM - 12:45:00 PM EST
Maryland A
The accelerating integration of AI into business processes creates complex and evolving cyber risks that demand strategic, forward-thinking leadership. Embracing AI Cyber Stewardship principles equips organizations to not only safeguard critical assets and maintain stakeholder confidence, but also to enable secure innovation and adaptability as AI becomes a foundational element of enterprise success.
Tuesday, June 02, 2026 / 12:15:00 PM - 12:45:00 PM EST
Annapolis
This session describes Gartner’s Magic Quadrant and Critical Capabilities for Single-Vendor SASE. Take a look at Gartner’s Magic Quadrant covering SASE platforms. SASE platforms deliver converged network and security capabilities to connect and secure distributed users, devices, and locations to resources in the cloud, edge, and on-premises.
Tuesday, June 02, 2026 / 12:15:00 PM - 1:45:00 PM EST
RiverView Ballroom
Change isn’t always chosen— but how you show up in the face of it defines everything. With a story that redefines resilience, Kath brings a fresh perspective on navigating uncertainty, leading with empathy, and turning challenges into catalysts for growth. Change is about stepping up, staying grounded, and helping your team do the same when everything’s shifting around them. This keynote offers practical strategies to embrace uncertainty, reframe obstacles, and build a mindset that sees change not as a threat, but as an opportunity for reinvention and growth.
Tuesday, June 02, 2026 / 12:15:00 PM - 12:35:00 PM EST
Theater 3, Prince George's Hall
This session will present the Magic Quadrant and Critical Capabilities for the access management market.
Tuesday, June 02, 2026 / 12:45:00 PM - 1:05:00 PM EST
Theater 1, Prince George's Hall
St. Luke's University Health Network once called its security team "the Army of No." Today, they safely enable robotic surgery, onboard acquired hospitals faster, and have lowered the ransomware blast radius across 15 hospitals and 85,000 devices. Hear how SLUHN rolled out identity-based microsegmentation in weeks, with no rip-and-replace, and learn how to scale policy, accelerate acquisitions, and enable safer clinical innovation.
Tuesday, June 02, 2026 / 12:45:00 PM - 1:05:00 PM EST
Theater 2, Prince George's Hall
As AI agents and autonomous workloads reshape network traffic patterns, traditional security architectures no longer suffice. Theron Lessey, Cybersecurity Architect at Revalize, shares how he's tackling these challenges across a global software business serving manufacturers in 100+ countries. Attendees will learn practical ways to reduce tool and data overload, extending protections to AI workloads, and managing cybersecurity risk at every edge.
Tuesday, June 02, 2026 / 12:45:00 PM - 1:05:00 PM EST
Theater 3, Prince George's Hall
In 1991, a major insider breach occurred when John Walker, a US Navy officer, spent 17 years selling crypto keys to the KGB, betraying the Navy’s cryptographic backbone. Based on direct experience with the systems Walker compromised and the controls designed in response, this session connects Cold War COMSEC to today’s NHI and agentic AI governance crisis—and makes clear that existing frameworks only work when enforced before damage occurs.
Tuesday, June 02, 2026 / 12:45:00 PM - 1:05:00 PM EST
Theater 4, Prince George's Hall
In today’s agentic AI landscape, autonomous systems powered by LLMs and open-source components expand the attack surface, enabling new supply chain threats. Join us to learn how you can build your defense against these risks. Learn runtime trust enforcement, AI-driven scanning, and DevGovOps practices, mapped to EU AI Act, GDPR, and DORA—plus a proven “Trusted Agentic Supply Chain” blueprint.
Tuesday, June 02, 2026 / 1:00:00 PM - 1:30:00 PM EST
Maryland C
Cybersecurity leaders will lead our defense against apocalyptic AI outcomes like rogue AI and harmful AI tools, by ensuring proper security and anticipating worst-case scenarios. The AI hype trends currently focus on the benefits of AI with limited attention on the potential harms and apocalyptic outcomes forecast in pop culture and science fiction. It is crucial to examine the potential risks of AI advancements and provide guidance on their prevention.
Tuesday, June 02, 2026 / 1:00:00 PM - 1:30:00 PM EST
Annapolis
Conventional IAM and security preventive controls are insufficient to protect identity systems from attack. To enhance cyberattack preparedness, security and risk management leaders face challenges in visualizing and prioritizing IAM hygiene, leaving their organizations vulnerable to credential compromise and breaches. This session focuses on the prevention lane of ITDR and provides guidelines around risk accountability, as well as how to best prioritize remediation tasks.
Tuesday, June 02, 2026 / 1:00:00 PM - 1:30:00 PM EST
Maryland D
In a world full of hype and distractions, organizations need to focus on fundamentals and foundational security techniques before moving on to the latest and greatest hype. In this session, attendees will learn the five key things that every organization should be doing to secure their endpoints and reduce the attack surface.
Tuesday, June 02, 2026 / 1:00:00 PM - 1:30:00 PM EST
National Harbor 11
AI Usage Control is a rapidly evolving space that includes AI-specific discovery and guardrails often lacking from traditional controls. In this session, we cover what AI UC is and how they can be used to improve discovery and place AI-specific guardrails around usage for the organization.
Tuesday, June 02, 2026 / 1:10:00 PM - 1:30:00 PM EST
Theater 1, Prince George's Hall
AI-driven attacks are accelerating how quickly exposures are weaponized. Effective defense requires full visibility, yet most programs lack a complete, current asset view, leading to missed risks. DNS holds a continuously updated map of an external footprint but is often underused. This session shows how DNS enables asset discovery, validates risks, and supports real-time protection.
Tuesday, June 02, 2026 / 1:10:00 PM - 1:30:00 PM EST
Theater 2, Prince George's Hall
Traditional data security approaches have too many gaps. Addressing them means reimagining security from the ground up. Gartner's 2026 Security and Risk Management Summit identified three priorities for security leaders: - Transform governance - Secure new frontiers - Normalize AI adoption The path forward starts with a data-centric mindset — backed by technology that works compliantly, efficiently, and at scale.
Tuesday, June 02, 2026 / 1:10:00 PM - 1:30:00 PM EST
Theater 3, Prince George's Hall
Gen AI has turned identity security into a battle with curious, genius, sociopathic 5-year-old agents tearing through your hybrid identity stack. In this session, Alex shows how to regain control, shutting down unused permissions and abandoned apps before malicious AI can exploit them and put your business-critical identity system at risk.
Tuesday, June 02, 2026 / 1:10:00 PM - 1:30:00 PM EST
Theater 4, Prince George's Hall
AI agents are no longer assistants; they're delegated actors with access, memory, and can execute at scale. Tools like Claude and OpenClaw accelerate productivity but bring a new insider risk layer. DTEX i³ sees the AI agent Lethal Trifecta in real environments and shows how guardian agents spot risk early, disrupt unsafe agent workflows, limit delegated authority without blocking adoption, and govern AI agents as accountable insider identities.
Tuesday, June 02, 2026 / 1:35:00 PM - 1:55:00 PM EST
Theater 1, Prince George's Hall
AI isn’t changing the game; it’s speeding it up. AI-enhanced phishing and vulnerability exploitation enable initial access, while automated malware operates at machine speed. Meanwhile, enterprise AI adoption expands the attack surface via agents, non-human identities, and hidden trust. Join this session to learn how defenders can shift focus to the identity layer as detection-first approaches fall behind.
Tuesday, June 02, 2026 / 1:35:00 PM - 1:55:00 PM EST
Theater 2, Prince George's Hall
Your email security platform is probably working exactly as designed. That's the problem. GenAI made targeted attacks cheap and scalable. Centralized detection must generalize across customers, but attackers don't. A precision layer of organization-specific email security can stop more attacks and adapt to what gets through — hear how organizations like Snowflake and Elastic use this approach.
Tuesday, June 02, 2026 / 1:35:00 PM - 1:55:00 PM EST
Theater 3, Prince George's Hall
Most organizations have built identity programs that answer one question: who is allowed to act? Fewer have built programs that answer the harder questions: is this execution appropriate in context, and can we prove it? In this session, we’ll introduce a new framework of Identity, Governance, Assurance, and make the case for why your enterprise security requires all three, unified, in real time.
Tuesday, June 02, 2026 / 1:35:00 PM - 1:55:00 PM EST
Theater 4, Prince George's Hall
Traditional, human-centric traditional security models can no longer keep pace with today’s evolving threats. Exposures outpace response efforts, leading to significant delays in validation and remediation. To say ahead, organizations must adopt continuous agentic cyber defense. In this session, we explore how AI driven systems continuously simulate, validate and remediate exposures at machine speed. This reduces breach likelihood and impact, accelerates responses and aligns security more closely with business risk.
Tuesday, June 02, 2026 / 2:00:00 PM - 2:30:00 PM EST
Maryland D
We increasingly find ourselves in a world without truth. Based on the recently published Gartner book, “World Without Truth,” this session will discuss the CISO’s role in addressing the disinformation security threats that a world without truth represents.
Tuesday, June 02, 2026 / 2:00:00 PM - 2:30:00 PM EST
Potomac B
This session helps cybersecurity leaders make smarter technology investments by looking at peer adoption of 40 cybersecurity technologies across cyber GRC, IAM, data security, application security, security operations, and infrastructure security. Discover Gartner’s top recommendations based on an analysis of the demonstrated benefits and obstacles to successful deployment of each technology.
Tuesday, June 02, 2026 / 2:00:00 PM - 2:30:00 PM EST
Potomac C
The cyber insurance market is tightening due to frequent and severe cyberthreats — bringing higher premiums, stricter underwriting and narrower coverage. This session offers CISOs and security leaders insights on how threats like ransomware are changing insurer expectations and policy terms. Learn what underwriters seek, how to prepare for renewals and avoid red flags that lead to denied claims or reduced payouts. We offer practical guidance on aligning security controls with insurance requirements and making cyber insurance a strategic asset.
Tuesday, June 02, 2026 / 2:00:00 PM - 2:30:00 PM EST
Potomac D
Third-party cybersecurity risk management is the weakest link in your cybersecurity program. No amount of due diligence can confidently protect your organization from a breach. Join this session to learn how to turn messy webs of digital interconnections into an opportunity to strengthen your cyber resilience posture through targeted compensating controls, direct monitoring and contingency planning.
Tuesday, June 02, 2026 / 2:00:00 PM - 2:30:00 PM EST
Maryland A
Managing a modern incident requires coordinated effort across internal and external teams to prevent losses. Coordinating, collaborating, communicating and making the right moves at the right time to be effective just isn't predictable using a variety nonconnected tools to run your program. This session discusses the practice uses of CIRM platforms and the role they can play in improving your IR practice.
Tuesday, June 02, 2026 / 2:00:00 PM - 2:30:00 PM EST
Potomac A
Everyone knows what the future holds for AI and Cybersecurity, except it changes every week. Planning for long term success seem impossible yet cybersecurity teams must do it. This session delves into key AI predictions and current challenges, providing CISOs with actionable insights to build effective and resilient three-year roadmaps. Learn how to optimize AI initiatives for cybersecurity and adapt security programs to align with future business uses.
Tuesday, June 02, 2026 / 2:00:00 PM - 2:30:00 PM EST
Maryland B
Cybersecurity leaders must deliver identity-first security even when IAM reports outside of security. Prioritize what impacts IAM's ability to achieve business and security goals in partnership with your IAM leader. This session will highlight effective practices for CISOs to connect and supercharge their relationship with IAM.
Tuesday, June 02, 2026 / 2:00:00 PM - 2:30:00 PM EST
National Harbor 11
Cyber-physical systems have become ubiquitous in today’s society. More and more "smart" assets are deployed to connect the digital to the physical world. This session will provide security leaders with insights on topics such as the security implications of this trend, the role of regulators and whether any best practices are emerging.
Tuesday, June 02, 2026 / 2:00:00 PM - 2:30:00 PM EST
Maryland C
The clock is ticking on our current cryptographic infrastructure. With the advent of large-scale, fault-tolerant quantum computers looming, the algorithms we rely on today will be rendered obsolete, leaving our digital communications vulnerable. This session will discuss the three areas of cryptography - signatures, key exchange and certificates - you will need to upgrade before Q-day hits.
Tuesday, June 02, 2026 / 2:00:00 PM - 2:30:00 PM EST
Annapolis
In 2025, a mid-size U.S. bank faced a familiar CISO challenge: a fragmented security stack, rising operational costs, and increasing board pressure for clearer cyber risk insight. This session presents a real-world practitioner case study of how security optimization, approached as an operating model transformation rather than a tooling exercise, changed both operational outcomes and executive confidence. Attendees will hear what worked, what didn’t, and how disciplined focus on outcomes led to measurable cost reduction, improved accountability, and stronger board trust in the organization’s cybersecurity program.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:30:00 PM EST
Chesapeake A
AI-powered attackers chain vulnerabilities in seconds. Are your defenses keeping up? Join Chris Thomas, Cyber Security Architect at Equifax, and Mohammed Khalid, BISO at Vistra Corp, as they share how their teams are adapting: attack simulation that tests and improves controls, exposure prioritization based on confirmed exploitability, and AI workflows that close the gap between finding and fixing. Honest lessons on what worked and what broke.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:30:00 PM EST
Chesapeake B
Most organizations suffer false security. While 85% of CISOs lack quantum readiness and 50% don't know their certificates, adversaries harvest digital signatures and encrypted data today. Three converging forces—quantum computing, regulatory mandates (DORA, NSA CNSA 2.0), and Trust Now/Forge Later attacks—create urgency. Crypto agility is an operating capability requiring automated discovery, risk quantification, and continuous remediation.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:30:00 PM EST
Chesapeake F
In early 2026, 60+ Iranian-aligned threat groups launched coordinated cyber operations across OT, IT, and financial infrastructure. Most CISOs received this intelligence in fragments. This session delivers a comprehensive threat briefing, then convenes security leaders from industry to discuss what continuous security visibility, supply chain risk, and geopolitical threat response look like inside high-reliability organizations.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:30:00 PM EST
Chesapeake 1
Every security leader faces rising risks, costs, and talent challenges. Boards see AI as the answer, but recent data shows it creates an illusion of high performance while shifting more decisions back to people. How are you winning the security investment conversation? In this roundtable, peers share the data points, frameworks, and arguments that are moving the needle with their boards. Come ready to share what is working and what is not.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:30:00 PM EST
Chesapeake 2
In just 2 years, the number of AI identities is expected to reach 1.3 billion — about 1/7th of the world's population. Yet the majority of organizations today don't govern AI identities in a way that keeps them secure, giving access far beyond what's required and following processes both ancient and slow. What organizations are left with are massive gaps in agent access visibility, ownership & governance, and policies that always enforce the right principles. Join this discussion to share practical strategies with your peers in a down-to-earth discussion about the challenges of — and solutions for — identity security for AI.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:30:00 PM EST
Chesapeake 3
Not all LLMs produce equally secure code — some output twice the vulnerabilities of others. Join Matias Madou, CTO & Co-Founder of Secure Code Warrior, to unpack proprietary LLM benchmarks, explore an AI adoption maturity model, and walk away with practical frameworks for governing AI-generated code. Hear how peer CISOs are securely adopting AI — and leave with benchmarks and tools you can act on.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:45:00 PM EST
National Harbor 5
Build new relationships and learn in a fun, fast-paced networking session made up of six 8-minute meetings. Connect peer-to-peer in focused conversations sharing your professional journeys, current goals, or challenges. Please make every effort to arrive on time as other attendees will be looking forward to meeting with you.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:15:00 PM EST
Potomac A
AI vendors like ChatGPT, Claude, Copilot, etc., now have unprecedented access to enterprise data, workflows, and operations—creating a new category of cyber risk. Yet most organizations still rely on static questionnaires and annual reviews. This session explores why legacy TPRM is failing and how enterprises can gain continuous, real-time visibility into AI exposure, vendor risk, and business impact.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:15:00 PM EST
Potomac B
AI has expanded the enterprise attack surface faster than any technology in a generation, and most security programs are still chasing it one risk at a time. Shadow AI. Embedded copilots. MCP servers. Autonomous agents. The human behind every AI system is the context that changes everything, and the existing security stack wasn't built for any of it. This session gives CISOs a unified framework for AI risk and a model for where to start.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:15:00 PM EST
Potomac C
The CISO’s role has evolved from incident response to driving enterprise-wide change and culture. In this session, experts explore how modern leaders navigate complexity and build partnerships across IT and engineering—often without direct authority. Moving beyond tools, this session offers leadership insights on aligning security with business priorities and embedding it into the corporate fabric for lasting, impactful transformation.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:15:00 PM EST
Potomac D
Security leaders carry a mandate to simultaneously secure AI systems, defend against AI-enabled attacks, and use AI to do both - faster than the threat actor across the table. This pressure is even more urgent in application security, where AI is reshaping how code is written, vulnerabilities are discovered, and attacks are executed. GitLab shares one customer’s vision and playbook for application security programs navigating these challenges.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:15:00 PM EST
Maryland A
Ready or not, the agentic enterprise is already inside your business. AI is industrializing human risk as agents continuously access, generate, and move sensitive data at machine speed. Intent drives every human and agent action, and agent integrity is now critical. Learn how to take back control: govern human and AI data access, secure data across workflows, and stop agent manipulation before exposure scales.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:15:00 PM EST
Maryland B
Phishing accounts for 77% of advanced email threats, and even the best-in-class security stacks aren't immune. In this session, you’ll hear first-hand stories of payroll fraud, sextortion, and vendor email compromise that show how attackers exploit trust, urgency, and curiosity. Gain a forward-looking view of the threat landscape and clear steps to reduce human-layer risk before AI-driven attacks get there first.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:15:00 PM EST
Maryland C
Most organizations use AI. Few can tell you who is using it or what AI is truly doing. Agentic tools like Claude Code and Claude for Work read files, execute commands, invoke external services, and use credentials autonomously, introducing risks that chatbot-era governance wasn't built to detect. This session covers five steps to AI visibility that reveal what your AI is doing, and whether it's delivering the value your business needs.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:15:00 PM EST
Maryland D
AI is accelerating security operations, but many architectures trade control for speed—an unacceptable risk in high‑stakes environments. This session shows how defense, critical infrastructure, and regulated orgs are redesigning for sovereignty-first security, keeping data, workflows, and decision authority under their control across cloud, hybrid, and air‑gapped environments.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:15:00 PM EST
Woodrow Wilson B
Frontier LLMs are accelerating the scale and sophistication of zero-day and supply-chain attacks, putting even more pressure on already stretched security teams. Brendan Putek of Relay Network and Anthony Larkin of Snyk will unpack the four pillars security leaders need to shift from reactive firefighting to proactive, scalable programs: developer-first prevention, shared security ownership, governed prioritization, and human-led response.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:15:00 PM EST
Annapolis
AI resilience starts with the data itself. Learn how data discovery and classification, format-preserving encryption, and behavioral analytics work together to deceive and thwart attackers while exposing sensitive data breaches quickly. Learn how correlating insights into sensitive data with identity and threat telemetry creates a unified defense that stops damage before it occurs.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:15:00 PM EST
National Harbor 11
Cyber risk evolves by the hour, yet most controls programs still rely on point-in-time checks and manual review. Join DataBee executives for a candid discussion on how AI and trusted, continuously governed data are reshaping cyber risk management—closing control gaps, accelerating detection, and enabling smarter, faster decisions. Walk away with a practical blueprint for always-on assurance at enterprise scale.
Tuesday, June 02, 2026 / 2:45:00 PM - 3:15:00 PM EST
National Harbor 2
The workforce is no longer uniform. Differences in role, access, digital maturity, and AI adoption are creating distinct workforce tiers, each with its own risk profile. This session examines why this fragmentation is now a top challenge for CISOs and how an AI-led, end-to-end security services model delivers faster insight sharing, stronger coordination, and improved cyber resilience across the entire workforce.
Tuesday, June 02, 2026 / 3:30:00 PM - 4:00:00 PM EST
Maryland A
Cybersecurity leaders face unprecedented external forces — from geopolitical tensions to rapid AI growth — testing the limits of existing programs. This session details Gartner’s top eight trends for 2026, providing the strategic pivot needed to manage risk and build resilience across three core themes: transforming governance, securing new frontiers and empowering AI adoption.
Tuesday, June 02, 2026 / 3:30:00 PM - 4:00:00 PM EST
Potomac D
Security and risk SaaS costs are escalating rapidly, putting pressure on IT and security budgets. Price increases are driven by higher list prices, repackaging of solutions and changes to pricing models. In this session, learn how to negotiation leverage to control costs and minimize uplifts. Gain practical strategies and insights to evaluate, select and negotiate with security and risk SaaS providers, ensuring your organization gets the best value while managing risk in a complex and evolving market.
Tuesday, June 02, 2026 / 3:30:00 PM - 4:00:00 PM EST
Potomac C
The infrastructure security landscape is undergoing unprecedented threats, necessitating innovative solutions and a proactive approach. Discover insights into how infrastructure security integrates workspace security, network security and cloud security to combine innovation and action in addressing the ever-changing threats to infrastructure.
Tuesday, June 02, 2026 / 3:30:00 PM - 4:00:00 PM EST
Potomac B
Most cybersecurity programs still optimize for compliance and control presence, not whether defenses actually hold under attack. This session shows how to use cyber threat intelligence to reduce uncertainty, test what really matters, and turn evidence into risk decisions that demonstrably improve cyber resilience.
Tuesday, June 02, 2026 / 3:30:00 PM - 4:00:00 PM EST
Potomac A
AI is redefining how cyber GRC functions deliver value. Learn how cybersecurity teams can evolve capabilities, frameworks and roles — moving from manual, reactive practices to building continuous compliance, intelligence-driven governance and precise risk management that accelerate decisions and strengthen business trust.
Tuesday, June 02, 2026 / 3:30:00 PM - 4:00:00 PM EST
Annapolis
The modern threat landscape is highly dynamic, with attack surfaces constantly growing and evolving — often leaving organizations struggling to keep pace with automation and patching efforts. Cybersecurity leaders can harness exposure assessment platforms (EAPs) to maintain an up-to-date inventory of their attack surfaces, prioritize risks more effectively, and centralize operational workflows through integrated risk scoring and visual dashboards that drive greater efficiency.
Tuesday, June 02, 2026 / 3:30:00 PM - 4:00:00 PM EST
Maryland B
Patch management is a topic of interest to Gartner clients. However, approaches for prioritizing remediation have been lagging for some time. This session offers insights and approaches that assist in updating and adapting vulnerability prioritization, and in building support and collaboration from information security partners.
Tuesday, June 02, 2026 / 3:30:00 PM - 4:00:00 PM EST
Maryland D
Software supply chain compromises can bypass traditional defenses and directly impact your enterprise. This session equips CISOs with cybersecurity strategies to hunt for hidden cybersecurity risks, block malicious actors and lockdown vendor ecosystems using zero trust, threat intelligence and governance best practices.
Tuesday, June 02, 2026 / 3:30:00 PM - 4:00:00 PM EST
National Harbor 11
With three rapid-fire sessions back-to-back, these entertaining “edge positions” tackle key issues for technical professionals: How autonomous AI agents will disrupt existing cybersecurity platforms; How Biotechnology and Bring Your Own Enhancement (BYOE) upends cybersecurity programs; Why you should be cautious when evaluating pre-paid security tool licensing
Tuesday, June 02, 2026 / 3:30:00 PM - 4:00:00 PM EST
Maryland C
Midsize organizations are challenged with structuring a fit-for-purpose cybersecurity function given how lean their teams are. By properly identifying the needs of the organization, CISOs can structure their cybersecurity functions to either respond, engage or drive the delivery of cybersecurity.
Tuesday, June 02, 2026 / 3:30:00 PM - 3:50:00 PM EST
Theater 1, Prince George's Hall
Join this session to see how the email security vendor space has evolved over the past year. We discuss vendor position movements, feature evolution and key points for vendor selection.
Tuesday, June 02, 2026 / 4:00:00 PM - 4:45:00 PM EST
Exhibit Showcase, Prince George's Hall
Join us for refreshments in a brief break between sessions.
Tuesday, June 02, 2026 / 4:00:00 PM - 4:45:00 PM EST
National Harbor Foyer
Take a break and make an impact — participate in writing thank you cards to America’s Veterans.
Tuesday, June 02, 2026 / 4:15:00 PM - 4:35:00 PM EST
Theater 1, Prince George's Hall
As AI adoption accelerates across government, it introduces new operational and security challenges. Join Illumio Public Sector CTO Gary Barlet to explore how Zero Trust can help organizations identify risks, limit lateral movement, and improve overall security posture.
Tuesday, June 02, 2026 / 4:15:00 PM - 4:35:00 PM EST
Theater 2, Prince George's Hall
Shadow AI is accelerating as employees adopt unsanctioned tools to move faster than approved solutions allow. This is not just a governance or technology problem, but a security culture issue. When secure paths create friction, people route around them. This session explores what drives that behavior, when risk is hidden vs surfaced, and how leaders can make secure AI use the easiest path, with practical strategies to shift behavior at scale.
Tuesday, June 02, 2026 / 4:15:00 PM - 4:35:00 PM EST
Theater 3, Prince George's Hall
As organizations move from AI experimentation to production, security and governance are often seen as bottlenecks—but leading enterprises use them as a competitive edge. This session shares real examples of aligning AI security with business goals, quantifying ROI, streamlining oversight, and turning security into a driver of scalable innovation.
Tuesday, June 02, 2026 / 4:15:00 PM - 4:35:00 PM EST
Theater 4, Prince George's Hall
Most AppSec findings never get fixed. Analysis of 127M SAST and SCA findings shows the median org fixes roughly 1 in 5 code vulnerabilities per year. Top performers (p85+) fix at much higher rates across every severity and OWASP category. Scale and tooling don't explain the gap. The difference is operational: blocking rules, reachability, cross-file analysis, and developer context. Includes benchmarks and actions to apply this quarter.
Tuesday, June 02, 2026 / 4:45:00 PM - 5:30:00 PM EST
Live: Potomac Ballroom (Remote Viewing: Maryland C)
In just three years the impact of AI on Cybersecurity has been immense. Join this keynote as we explore the future of cybersecurity skills, technology and the next set of impacts that AI will thrust upon our industry. Learn what is likely to transpire and what the impacts on our teams, our budgets and our overall cybersecurity program will be by 2030.
Tuesday, June 02, 2026 / 5:30:00 PM - 7:00:00 PM EST
Exhibit Showcase, Prince George's Hall
Join us for a networking reception on the Exhibit Showcase where you can engage with peers, Gartner experts, and exhibitors while enjoying food and beverages. This evening's reception stations will feature dim sum and a noodle bar, along with beer, wine and soft drinks. Evaluate industry offerings that can move your business forward. Attend a theater session to see technology in action.
Tuesday, June 02, 2026 / 5:40:00 PM - 6:00:00 PM EST
Theater 1, Prince George's Hall
AI and agents are increasingly embedded across the enterprise, often before security teams have full visibility or control. As CISOs work to accelerate innovation, regulatory scrutiny, data sprawl, and cyber threats intensify, causing risk to compound faster than control. In this session, AvePoint CISO Dana Simberkoff reframes modern data protection as a unified strategy across governance, security, and resilience. Drawing on real‑world experience, she shares practical approaches to improving data classification, governing autonomous agents, and preparing for minimum viable company recovery so organizations can survive inevitable AI incidents with a defensible approach aligned to growth.
Tuesday, June 02, 2026 / 5:40:00 PM - 6:00:00 PM EST
Theater 2, Prince George's Hall
Regulation is outpacing manual efforts, while AI expands risks and reshapes response. Sarah Dalton argues GRC must evolve into AI-native systems of record—the trusted data layer for agents, operators, and compliance apps. Learn how this shift strengthens AI governance and enables defensible, traceable risk intelligence, with a framework to assess your program today.
Tuesday, June 02, 2026 / 5:40:00 PM - 6:00:00 PM EST
Theater 3, Prince George's Hall
Enterprises face rising risk from two shifts: SSL/TLS certificate lifespans dropping to 47 days by 2029 and the move to quantum‑resistant cryptography by 2030. Both demand full certificate visibility and automation to avoid outages, compliance gaps, and crypto failures. This session presents new global research and practical steps to reduce operational risk across both mandates.
Tuesday, June 02, 2026 / 5:40:00 PM - 6:00:00 PM EST
Theater 4, Prince George's Hall
Every CISO has invested in data security—discovery, classification, dashboards. You can see where sensitive data lives, but not what it's doing, who's accessing it, or whether access chains signal a breach in motion. That gap isn't a configuration issue—it's a category problem. In this session, see a live demo of compound risk assessment, audit your stack with a practical framework, and move from posture management to active data defense.
Tuesday, June 02, 2026 / 6:05:00 PM - 6:25:00 PM EST
Theater 1, Prince George's Hall
AI agents are being deployed with insider-level access to enterprise systems and data. Without effective controls, they can execute unauthorized actions at machine speed, introducing a new class of insider risk. This session outlines how to govern agent behavior using execution control, least privilege, and policy enforcement—treating agents as constrained entities rather than trusted users.
Tuesday, June 02, 2026 / 6:05:00 PM - 6:25:00 PM EST
Theater 2, Prince George's Hall
This session covers how organizations can validate AI infrastructure as workloads shift from training to large-scale inferencing. Inferencing environments are more distributed, latency-sensitive, and unpredictable, introducing performance, operational, and security risks that traditional validation approaches often miss.
Tuesday, June 02, 2026 / 6:05:00 PM - 6:25:00 PM EST
Theater 3, Prince George's Hall
Fake candidates. Fake callers. Both get in the same way -- by exploiting the gap between authentication and the real person behind it. Allison Miller, former CISO of UnitedHealth, joins imper.ai co-founder Noam Awadish to examine why help desk recovery and remote hiring have become the most exploited entry points in healthcare and financial services, and what it takes to close that gap. Includes firsthand threat research: imper.ai's detection of DPRK IT workers inside a live hiring pipeline in Q1 2026.
Tuesday, June 02, 2026 / 6:05:00 PM - 6:25:00 PM EST
Theater 4, Prince George's Hall
The cost of launching sophisticated cyber campaigns has plummeted. Meanwhile, security leaders are rushing to reduce headcount in favor of AI tooling. Cutting headcount makes your organization more vulnerable. This session will give you a board-ready framework to grow your security team and improve your security posture with AI.
Tuesday, June 02, 2026 / 6:30:00 PM - 6:50:00 PM EST
Theater 1, Prince George's Hall
All MDR vendors claim to leverage AI. The Motley Fool decided to find out if any of it was true. In this session, Daylight walks through a real customer journey: from broken coverage by a traditional MDR, through an extensive AI SOC evaluation, to an AI MDR that transformed how their security team operates. Zero backlog, full investigation on every alert, no additional headcount. Honest look at what AI-powered MDR transforms, and what it doesn't.
Tuesday, June 02, 2026 / 6:30:00 PM - 6:50:00 PM EST
Theater 2, Prince George's Hall
AI agents are being deployed faster than security teams can track them. Most organizations are asking the wrong questions before agents go live, or no questions at all. In this session, you'll leave with five diagnostic questions every security leader should apply before authorizing an AI agent, covering identity, access scope, data exposure, runtime behavior, and accountability when something goes wrong.
Tuesday, June 02, 2026 / 6:30:00 PM - 6:50:00 PM EST
Theater 3, Prince George's Hall
Attackers increasingly exploit internal processes organizations assume are trusted, including hiring pipelines and employee help desks. This session examines how layered identity verification strengthens security across the workforce identity lifecycle. Learn where to deploy identity assurance, how to prevent social engineering targeting candidates and employees, and how to establish an ongoing identity record from recruiting through employment.
Tuesday, June 02, 2026 / 7:00:00 PM - 9:00:00 PM EST
Lookout 18 Lounge
The sessions are over and the fun is just beginning. Join us at Lookout 18 for Cybersecurity Rooftop Afterglow -- glowing signature cocktails, passed hors d'oeuvres, great conversations, live music, and of course, the Potomac at golden hour. Come unwind, connect, and end the evening on the highest note possible. Brought to you by imper.ai, Vega.io, Act Security and Daylight. Space is limited!
Wednesday, June 03, 2026 / 7:00:00 AM - 9:00:00 AM EST
Prince George's Hall E
Join other attendees for breakfast before the day's sessions.
Wednesday, June 03, 2026 / 7:00:00 AM - 4:00:00 PM EST
Prince George's Hall Foyer
In today’s rapidly evolving security landscape, choosing the right solutions can be challenging. Stay informed and ahead of threats with Gartner Peer Insights, offering access to thousands of verified peer reviews on over 5,400 products and services across 96 security-focused markets. Visit our booth to discover how Peer Insights can empower you to make smarter, more confident security decisions. Plus, share your experience by writing a review and receive a special gift!
Wednesday, June 03, 2026 / 7:00:00 AM - 4:00:00 PM EST
Ballroom Foyer
Discover cutting-edge tools, diagnostics and actionable resources at the Gartner Showcase. Visit our demo space for a personalized walkthrough of our business and technology insights platform and learn how Gartner's leading tools like AskGartner, Third-Party Cybersecurity Insights Platform, and Cybersecurity Business Value Benchmark can help you make faster, smarter decisions on your mission-critical priorities.
Wednesday, June 03, 2026 / 7:00:00 AM - 4:00:00 PM EST
Cherry Blossom Ballroom
Registration and Information hours for the day.
Wednesday, June 03, 2026 / 7:15:00 AM - 8:45:00 AM EST
RiverView Ballroom
CISOs are now prominent executive leaders in the rapidly expanding field of cybersecurity. However, as cyber incidents become the norm, what role do the CISOs play when leadership no longer views these incidents with the same level of concern or urgency? Join this session to find out! Breakfast service will begin at 7:15 am; The speaker will present from 7:45 am - 8:15 am, with an interactive discussion following from 8:15 am – 8:45 am
Wednesday, June 03, 2026 / 7:15:00 AM - 8:15:00 AM EST
Prince George's Hall E
Join other attendees from your industry for breakfast before the day's sessions.
Wednesday, June 03, 2026 / 9:00:00 AM - 9:45:00 AM EST
Live: Potomac Ballroom (Remote Viewing: Maryland C)
In today’s fast-changing world, the most agile leaders are those who can think on their feet, lead with authenticity, and use humor as a competitive advantage—seriously. In this provocative and entertaining keynote, Stanford lecturer and bestselling author Naomi Bagdonas explores the behavioral science of humor and the principles of improvisation to reveal a powerful, often-overlooked leadership edge. Humor isn’t the opposite of seriousness; it’s a fast track to trust, an antidote to fear, and a spark for creativity when the stakes are high. Drawing from professional comedians and cutting-edge research, Naomi offers practical tools leaders can use to cultivate more agile teams, more joyful cultures, and more human organizations.
Wednesday, June 03, 2026 / 9:45:00 AM - 10:30:00 AM EST
Exhibit Showcase, Prince George's Hall
Join us for refreshments in a brief break between sessions.
Wednesday, June 03, 2026 / 9:45:00 AM - 2:00:00 PM EST
Exhibit Showcase, Prince George's Hall
Visit the Exhibit Showcase to evaluate industry offerings that can move your business forward. Engage with your peers, Gartner experts, and exhibitors. Attend a theater session to see technology in action.
Wednesday, June 03, 2026 / 9:45:00 AM - 3:30:00 PM EST
Prince George's Hall C Foyer
Engagement Zone sponsored by Black Kite
Wednesday, June 03, 2026 / 9:45:00 AM - 3:30:00 PM EST
Prince George's Hall Foyer
Stop by the Airia Engagement Zone to see how that partnership plays out in practice — including how the Atlassian Williams F1 Racing Team is building AI governance frameworks that enterprises like yours can adopt today. Chat with the Airia team, get hands-on with the platform, and enter for a chance to win exclusive signed Atlassian Williams merchandise. Victory margins in F1 are measured in thousandths of a second, and the difference between the podium and the pit lane comes down to who processes information faster. Sound familiar? It should — because that's exactly the challenge enterprises face every day.
Wednesday, June 03, 2026 / 9:45:00 AM - 3:30:00 PM EST
Maryland C Foyer
A working merch bar, not a giveaway table. Select an item to be laser engraved with your name, initials, or a mark of your choice, or pick a shirt and design to be pressed on demand. Every piece is made for the person taking it home.
Wednesday, June 03, 2026 / 9:45:00 AM - 3:30:00 PM EST
Potomac A Foyer
AI vendors are now critical third parties, but most TPRM programs still treat them like traditional SaaS. Stop by SAFE’s engagement zone for a 5-minute live demo of AI Vendor Risk Management. See how SAFE helps teams govern AI vendors across contracts, questionnaires, outside-in exposure, configuration, and live activity, and answer the question every CISO is asking: what is our risk from ChatGPT, Claude, Copilot, and other AI vendors?
Wednesday, June 03, 2026 / 9:45:00 AM - 3:30:00 PM EST
Potomac C Foyer
Engagement Zone sponsored by Vectra AI
Wednesday, June 03, 2026 / 9:45:00 AM - 3:30:00 PM EST
Maryland A Foyer
Stop by our interactive merch station to grab some exclusive swag from Silverfort, the leader in identity and access management.
Wednesday, June 03, 2026 / 9:45:00 AM - 2:00:00 PM EST
Engagement Zone, Exhibit Showcase
AI is reshaping work faster than policies, controls, and oversight can keep up. As highlighted in Lenovo’s Work Reborn research, organizations are now navigating a two‑tier workforce where sanctioned AI use and shadow AI coexist, creating new trust and risk dynamics. Recorded live at Gartner Security & Risk, Work Reborn features candid, peer‑driven conversations with security and IT leaders exploring how they are responding to this shift. Join Lenovo in the Engagement Zone for an interactive podcast focused on securing users, devices, and data while enabling innovation, productivity, and resilience in an AI‑driven workplace. Space is limited. Step up, take the mic, and help shape what secure work becomes next.
Wednesday, June 03, 2026 / 10:00:00 AM - 10:20:00 AM EST
Theater 1, Prince George's Hall
As SOC teams face mounting pressure to reduce detection times amidst evolving threats, the post-SIEM era demands more than tool replacement, it requires a fundamental rethink of the SOC. We'll unpack how federated analytics eliminates re-ingestion by analyzing data where it lives, and how continuous AI detection loops auto-generate detections, turning weeks of manual tuning into real-time, adaptive coverage.
Wednesday, June 03, 2026 / 10:00:00 AM - 10:20:00 AM EST
Theater 2, Prince George's Hall
As copilots, assistants, and public AI tools become integrated into daily work, sensitive data is flowing into systems that most teams can’t fully see, understand, or control. Many organizations were already struggling to operationalize data security before AI accelerated the challenge. The good news? AI isn’t just creating the problem — it’s also enabling a smarter, more effective way to solve it.
Wednesday, June 03, 2026 / 10:00:00 AM - 10:20:00 AM EST
Theater 3, Prince George's Hall
AI dominated 2025, but for risk and compliance professionals the real challenge is implementing it responsibly, defensibly, and in line with regulations. While many organizations have adopted AI, few have embedded it across vendor, supplier, and third-party risk management workflows to strengthen oversight and reduce risk. Learn how to move from experimentation to controlled, compliant transformation in 2026.
Wednesday, June 03, 2026 / 10:00:00 AM - 10:20:00 AM EST
Theater 4, Prince George's Hall
Adversaries are weaponizing AI faster than defenders can hire. Patrick Duffy, Director of Product at Dropzone AI, maps the path to the Agentic SOC, where specialized AI agents work alongside human analysts. He will introduce three production-ready agents: the AI SOC Analyst, AI Threat Hunter, and AI Threat Intel Analyst. Attendees will leave with a practical roadmap for operationalizing AI in their SOC and reclaiming team capacity.
Wednesday, June 03, 2026 / 10:15:00 AM - 11:15:00 AM EST
RiverView Ballroom
How can one adapt in politics without being seen as inconsistent? How can one's approach to conflict be agile and attentive to circumstances, without bending where one shouldn't? In the second part of our series on organizational politics and conflict, taught through the writings of sword master Miyamoto Musashi, we address the "Water" book and explore styles of conflict management that require subtlety and flexibility while maintaining integrity.
Wednesday, June 03, 2026 / 10:30:00 AM - 11:00:00 AM EST
Annapolis
AI amplifies both the good and the bad. A lack of control over data will lead to more AI incidents. Best practices for data controls, learnt from the privacy discipline now established for years, are a great accelerator to successful AI implementations. Attendees visiting this session will walk away with a consistent attack plan for data, so that the much-desired adoption of AI can truly be successful and reliable for long-term usage, in practice.
Wednesday, June 03, 2026 / 10:30:00 AM - 11:00:00 AM EST
Maryland A
The security landscape is ever changing, evolving and complex. To add to the complexity, security threats could come from all areas of what Gartner refers to as Tapestry — technology, politics, economics, social, trust, regulatory and environmental (TPESTRE). This session discusses the seven forces that will threaten your organization's future.
Wednesday, June 03, 2026 / 10:30:00 AM - 11:00:00 AM EST
Potomac C
The human element represents the single greatest unexplored opportunity for optimizing your organization’s cybersecurity risk exposure in an increasingly complex and conflicted operating environment. Sure, the tech helps, but without the human element, those capabilities can’t deliver full value. This session explores three focus areas for tapping into the human element to optimize the outcomes of your cybersecurity program.
Wednesday, June 03, 2026 / 10:30:00 AM - 11:00:00 AM EST
Maryland D
The era of the siloed SOC is over. To handle modern threats, security leaders must integrate Incident Response, Threat Hunting, and Exposure Management into a single, synchronized ecosystem. This session will outline the strategic roadmap to the "Ultimate Cybersecurity Remix," where diverse security areas work together to extract maximum value from existing investments.
Wednesday, June 03, 2026 / 10:30:00 AM - 11:00:00 AM EST
Potomac B
AI security platforms are emerging technologies to safeguard your 3rd party AI usage and custom-built AI applications. Join this session to discover how AISPs address critical AI security risks—including data leakage, topic abuse, prompt injection, jailbreaks, and system prompt leakage. We will also examine how startups and established vendors are building, partnering, or acquiring capabilities to compete in the AI security landscape.
Wednesday, June 03, 2026 / 10:30:00 AM - 11:00:00 AM EST
Maryland B
Why don't executives fund cybersecurity according to their risk appetite? They have no idea how to do so. PLAs are concrete assertions of risk appetite. Negotiating PLAs determines your executives’ desired level of protection within their willingness to pay for it. They sharply guide investment, create stakeholder defensibility and are hard to ignore.
Wednesday, June 03, 2026 / 10:30:00 AM - 11:00:00 AM EST
Maryland C
AI-augmented ZTNA offers public-sector organizations a proactive, data-driven approach to cybersecurity. By dynamically validating every access request and automating threat remediation, agencies can safeguard sensitive citizen information, ensure regulatory compliance and stay ahead of evolving adversaries. Successful adoption hinges on robust data governance, phased deployment and ongoing skills development.
Wednesday, June 03, 2026 / 10:30:00 AM - 11:00:00 AM EST
Potomac D
The rise of AI has revealed data security debt concerns that require attention. This session helps cybersecurity leaders to prioritize key areas of data security debt to address to secure AI.
Wednesday, June 03, 2026 / 10:30:00 AM - 11:00:00 AM EST
National Harbor 11
using AI to perform some duties in your security operations center is a reality now, but raises new challenges for security operations leaders. This sessions discusses the practical uses and jobs AI SOC agents can do for you, and what you need to know as a hiring manager how to evaluate new AI technologies for the job, and manage their performance to do what is expected for the role.
Wednesday, June 03, 2026 / 10:30:00 AM - 11:00:00 AM EST
Potomac A
As AI integrates into critical applications, CISOs must strategically differentiate net-new AI security risks (like model poisoning or prompt injection) from those merely magnified by AI. This session outlines three critical updates to incident response plans, detailing the necessary roles, processes, and tools required to manage AI-specific threats, ensuring CISOs shift their approach from reactive defense to proactive, AI-ready resilience.
Wednesday, June 03, 2026 / 11:15:00 AM - 12:00:00 PM EST
Chesapeake B
Microsoft 365 security is often framed around tools, alerts and best practices, yet many organizations still face hidden gaps in resilience, backup coverage and admin control. This roundtable explores those less-visible risks - from backup limitations and overexposed access to the need for stronger segmentation - and what secure M365 operations should look like as AI-driven automation adds new complexity.
Wednesday, June 03, 2026 / 11:15:00 AM - 12:00:00 PM EST
Chesapeake F
Every CISO in this room has a data security program. None of them were built for what's happening right now. AI has become the enterprise's fastest-growing and least governed data channel — and agents are making it exponentially worse. This session establishes that the security controls you've spent years building are functionally blind to AI. You'll leave with a clear-eyed understanding of what that gap costs, and what closing it really requires
Wednesday, June 03, 2026 / 11:15:00 AM - 12:15:00 PM EST
National Harbor 5
Build new relationships and learn in a fun, fast-paced networking session made up of six 8-minute meetings. Connect peer-to-peer in focused conversations sharing your professional journeys, current goals, or challenges. Please make every effort to arrive on time as other attendees will be looking forward to meeting with you.
Wednesday, June 03, 2026 / 11:15:00 AM - 11:45:00 AM EST
Potomac B
Most enterprises assume their AI is secure, but guardrails were built for chat—not autonomous agents. Today’s AI reads documents, calls APIs, and executes workflows, expanding risk beyond static controls. Attackers exploit this gap through prompt injection and instruction hijacking. Drawing on real enterprise deployments, this session equips CISOs with a modern security framework and the questions needed to validate AI risk and vendor claims.
Wednesday, June 03, 2026 / 11:15:00 AM - 11:45:00 AM EST
Potomac C
AI is expanding faster than security can keep up. From GenAI usage to custom-built applications, risk spans users, agents, data, and models. Learn how to secure the full AI lifecycle by governing access, protecting sensitive data, and controlling model interactions, without slowing innovation. See how a unified approach delivers visibility, real-time control, and consistent policy across the AI ecosystem.
Wednesday, June 03, 2026 / 11:15:00 AM - 11:45:00 AM EST
Potomac D
AI is flooding offensive security testing with promises and hype but relying solely on probabilistic models introduces instability and unintended risk. This session cuts through the hype and shows why AI alone cannot validate security safely at Enterprise-scale. Learn how a hybrid approach, combining deterministic algorithms with probabilistic AI- delivers safe, consistent, and automated exposure validation to identify what is truly exploitable.
Wednesday, June 03, 2026 / 11:15:00 AM - 11:45:00 AM EST
Maryland A
Human talent is too valuable for manual workarounds. The Agentic GRC Engineer is here, where AI isn't a chatbot replacement, but a force multiplier for human judgment. This session explores the shift to Agentic GRC, where intelligent systems proactively orchestrate risk workflows and eliminate process drag. Learn how to harness AI that empowers leaders to focus on high-stakes strategy while technology handles the execution.
Wednesday, June 03, 2026 / 11:15:00 AM - 11:45:00 AM EST
Maryland B
Legacy identity management can’t keep pace with the speed of AI-driven business. Join us to learn how enterprise organizations are redefining identity as a foundational control plane. We’ll examine how they secure every identity—from human users to automated workflows—with unified privilege controls and intelligent guardrails.
Wednesday, June 03, 2026 / 11:15:00 AM - 11:45:00 AM EST
Maryland C
Hear from the Lyft CISO and Expedia on how they tackled the AI data readiness challenge in 100+ petabyte environments - classifying, governing, and securing the data sprawl already in the path of their AI initiatives. As AI proliferates across the enterprise, the data underneath it becomes the greatest unmanaged risk. In this session, experts share the decisions, tradeoffs, and tools that built their foundation - and what it made possible at scale. Walk away knowing the data readiness essentials so your AI initiative succeeds.
Wednesday, June 03, 2026 / 11:15:00 AM - 11:45:00 AM EST
Maryland D
AI is increasing data risk faster than most security programs can adapt. For CISOs, resilience needs more than detection and response, it requires visibility into critical data, stronger governance, and a clear path to trusted, clean recovery. We’ll share a practical playbook for operational resilience that gives guidance to help reduce data risk, improve decision making, and strengthen recovery confidence across security, data, & recovery teams.
Wednesday, June 03, 2026 / 11:15:00 AM - 11:45:00 AM EST
Woodrow Wilson B
Data theft has overtaken encryption as ransomware’s top tactic—faster, quieter, and easier to scale. Now, attackers are using AI-generated fake data leaks to amplify pressure. Security and risk teams must adapt quickly to detect, validate, and respond to these evolving threats at scale. Attendees will gain insights into why data governance is now a critical security function and how it enables teams to quickly validate AI-generated leak claims.
Wednesday, June 03, 2026 / 11:15:00 AM - 11:45:00 AM EST
Annapolis
AI agent security has converged on a familiar set of battles — model hardening, AI gateways, identity governance, red-team evaluations, shadow AI. But most of them miss where the real risk now lives: in runtime legitimate use, sanctioned permissions, and machine-speed actions no current control was designed to see. A candid look at what the industry is getting wrong about agent risk and what an honest agenda for the next few years should include.
Wednesday, June 03, 2026 / 11:15:00 AM - 11:45:00 AM EST
National Harbor 11
CPS security programs prioritize building a cyber asset inventory, but how do you know it’s complete, accurate, and fit for purpose? In this session, Grant Geyer presents a metrics-driven framework to assess CPS visibility. He’ll compare passive and active discovery methods and their impact on coverage and risk. Attendees will gain clear criteria to evaluate visibility and align it to outcomes like risk reduction, compliance, and resilience.
Wednesday, June 03, 2026 / 11:15:00 AM - 11:45:00 AM EST
National Harbor 2
Agentic AI introduces a new class of security challenge: autonomous systems operating with broad privileges, limited visibility, and unpredictable behavior. This session presents a framework for reducing AI data risk by enforcing authorization policies at the source, constraining privileged actions, and assessing posture across the database estate. Attendees will learn how to modernize data protection for AI-assisted attacks and AI-powered apps.
Wednesday, June 03, 2026 / 11:15:00 AM - 11:45:00 AM EST
National Harbor 11
In 2026, every CISO is weighing the same question: is agentic security real, or just the next wave of hype? Mike Baker, Global CISO at DXC Technology, made that call in mid-2025. Just eight weeks after making the call, his team was running the world's largest AI SOC deployment across 70 countries and 115,000 users. He joins 7AI CEO Lior Div to share the data, the decision, and what he'd tell every security leader still on the fence.
Wednesday, June 03, 2026 / 12:00:00 PM - 12:30:00 PM EST
National Harbor 11
As security threats evolve and the market shifts away from traditional stand-alone SOAR tools, organizations must rethink their approach to SecOps automation. This technical session provides practical guidance for security architects and leaders on blending centralized and decentralized automation strategies to augment SecOps workflows. Attendees will learn how to leverage AI-driven solutions, apply use-case-based frameworks, and effectively measure workflow success. The presentation will empower attendees to adapt their security operations to changing technologies and threats, ensuring operational efficiency and maximum value in a consolidating market.
Wednesday, June 03, 2026 / 12:00:00 PM - 12:30:00 PM EST
Potomac B
Change is the only constant in cybersecurity. This session examines the future of cybersecurity, identifying and explaining Gartner's top cybersecurity predictions for the coming year.
Wednesday, June 03, 2026 / 12:00:00 PM - 12:30:00 PM EST
Annapolis
Step into the glowing watchtower of innovation, where Guardian Agents stand sentinel at the frontier of technology. In this session, we’ll unravel tales of digital defenders, exploring the wisdom, courage, and ingenuity that shape their vigilant presence. Join us as we chart the constellations of guardian agent success—where every story is a beacon guiding us toward a safer tomorrow. We will walk through what guardian agents are, how they can best be leveraged, and separate hype from reality as we navigate the potential benefits and pitfalls of using guardian agents.
Wednesday, June 03, 2026 / 12:00:00 PM - 12:30:00 PM EST
Potomac D
Expanding security stacks, overlapping capabilities and increasing pressure from vendors to adopt broad portfolios of security products have intensified the need for ongoing infrastructure security optimization. This session will present three strategies CISOs can use to simplify complex decisions, avoid wasted spending on ill-suited investments and enhance overall security.
Wednesday, June 03, 2026 / 12:00:00 PM - 12:30:00 PM EST
Maryland A
CISOs should implement or improve upon these top eight security projects in 2026. The selected projects leverage current technologies, address the changing needs of cybersecurity and prepare organizations for the continued adoption of AI technologies. Join this session to learn more.
Wednesday, June 03, 2026 / 12:00:00 PM - 12:30:00 PM EST
Maryland C
While AI holds promise for automation and efficiency, not all IAM use cases are equally suited for AI enablement. This session will walk through Gartner research related to AI for IAM use cases, including agentic AI, and help Cybersecurity leaders focus their AI adoption plans for IAM on the most beneficial use cases.
Wednesday, June 03, 2026 / 12:00:00 PM - 12:30:00 PM EST
Maryland B
Many organizations lack a clear view of their AI cyber risk posture as AI adoption continues to accelerate. This session highlights ways that cybersecurity leaders can leverage major frameworks, such as the NIST AI RMF and ISO 42001, to identify governance and control gaps that lead to actionable remediation. The presentation will also discover Gartner tools to help organizations with self-assessments.
Wednesday, June 03, 2026 / 12:00:00 PM - 12:30:00 PM EST
Maryland D
If your AppSec dashboard looks good, but your security posture isn't improving — you're not alone. Too many programs confuse activity for progress. In this session, we'll dismantle vanity metrics, expose their blind spots and introduce a framework for measuring what matters.
Wednesday, June 03, 2026 / 12:00:00 PM - 12:30:00 PM EST
Potomac C
Join us for this session as we discuss how you can use AI in the way APTs are using it, for shortening the times for living-off-the-land hacking from weeks and months to hours and days. We will provide the full stratagem for this, as well as several others, including ways to wire cyber business intelligence into your SOC using AI.
Wednesday, June 03, 2026 / 12:00:00 PM - 2:00:00 PM EST
Prince George's Hall E
Join other attendees for lunch and take advantage of the opportunity to network and catch up on the day's activities so far.
Wednesday, June 03, 2026 / 12:00:00 PM - 2:00:00 PM EST
Exhibit Showcase, Prince George's Hall
Join us for a dessert reception on the Exhibit Showcase where you can engage with peers, Gartner experts, and exhibitors while enjoying delicious treats. Evaluate industry offerings that can move your business forward. Attend a theater session to see technology in action.
Wednesday, June 03, 2026 / 12:00:00 PM - 12:20:00 PM EST
Theater 4, Prince George's Hall
Security and risk management leaders with the desire to build security operations are considering MDR services. This session highlights Gartner’s observations on the future of the market and the impact of technology developments on services.
Wednesday, June 03, 2026 / 12:15:00 PM - 1:45:00 PM EST
RiverView Ballroom
CISOs excel at aligning security initiatives with organizational goals but often overlook communicating their successes, which can impact personal brand, team morale, and executive perception. This session encourages CISOs to champion their achievements, both internally and externally, to strengthen influence, elevate teams, and enhance cybersecurity’s value. Self-advocacy is a leadership imperative that benefits the CISO, the team, and the organization. Lunch service will begin at 12:15 pm; The speaker will present from 12:45 pm – 1:15 pm, with an interactive discussion following from 1:15 pm – 1:45 pm
Wednesday, June 03, 2026 / 12:45:00 PM - 1:15:00 PM EST
Maryland A
AI adoption isn’t the issue. Data trust is. While 90% of enterprises run AI, 65% of CISOs lack confidence in their controls and only 20% of initiatives meet KPIs. This session explores the widening gap between AI speed and security enforcement, why legacy DLP fails and how data trust enables AI success. Learn how a unified, autonomous approach to data trust confidently enables innovation while protecting sensitive data at rest and in motion.
Wednesday, June 03, 2026 / 12:45:00 PM - 1:15:00 PM EST
Maryland B
With many cyber incidents originating in the supply chain, "check the box" compliance is no longer enough. Join us to learn how Capital One integrates technology with business processes to secure its third and fourth-party ecosystems, helping to ensure partners meet our same high standards. Central to this effort is our use of tokenization, which has secured 29 data types across over 900 applications to date to drive measurable risk reduction.
Wednesday, June 03, 2026 / 12:45:00 PM - 1:15:00 PM EST
Maryland C
Build or buy? You’re underestimating the question. In large organizations, the challenge isn’t just technical, it’s operational. Messy data, entrenched processes, and the need for deterministic, auditable systems completely reframe the problem. This talk explores why almost everyone starts by building, and ends up buying.
Wednesday, June 03, 2026 / 12:45:00 PM - 1:15:00 PM EST
Maryland D
AI-generated code is flooding production while attackers weaponize the same technology. Security teams are buried under alerts from tools designed for a slower era. In this moderated panel, Wells Fargo's CIO and Western Union's CISO share what breaks first in detection, prioritization, and remediation, and what they have changed in their programs to keep up. Walk away with a framework to evaluate whether your program is Mythos ready.
Wednesday, June 03, 2026 / 12:45:00 PM - 1:05:00 PM EST
Theater 1, Prince George's Hall
Risk without context is not risk management — it is guesswork. Cloud security evaluated in isolation leaves teams unable to act with speed or confidence. This session shows how correlating security signals across cloud environments with business context enables accurate risk prioritization. Learn how to focus on what matters, reduce noise, and make faster, defensible security decisions that protect both posture and operating margins.
Wednesday, June 03, 2026 / 12:45:00 PM - 1:05:00 PM EST
Theater 2, Prince George's Hall
AI adoption is outpacing traditional TPRM. Unvetted tools, data exposure, and limited oversight create real risk that a checkbox annual review can never catch. In this session, learn how innovative teams are adapting with continuous, scalable approaches to TPRM. We’ll walk through the playbook teams like Samsara use to cut vendor review time by 50% and assess vendors at business speed—strengthening trust without slowing progress.
Wednesday, June 03, 2026 / 12:45:00 PM - 1:05:00 PM EST
Theater 3, Prince George's Hall
AI in security operations is promising, but most teams are still figuring out where it fits. Justin Lachesky, Director of Cyber Resilience at Redis, shares how his team evaluated, onboarded, and operationalized an AI SOC platform. He covers the criteria that drove their selection, the phased approach that built analyst trust, and how the right approach can reduce burnout, increase productivity, and bring joy back to the SOC.
Wednesday, June 03, 2026 / 12:45:00 PM - 1:05:00 PM EST
Theater 4, Prince George's Hall
Most AI tools promise productivity, but productivity alone does not reduce risk. Real ROI comes from measurable security outcomes. This session gives leaders a practical framework for assessing AI SOC tools by trust, accuracy, and forensic depth. Learn how to evaluate whether AI can investigate every alert, escalate only evidence-backed incidents, and move SecOps from operational activity to outcome-driven performance.
Wednesday, June 03, 2026 / 1:10:00 PM - 1:30:00 PM EST
Theater 1, Prince George's Hall
Your board is focused on AI. Your CEO is thinking about quantum. Meanwhile, ransomware, identity compromise, and unmanaged endpoints still cause costly, measurable damage. This session helps security leaders cut through hype using data—like incident frequency, dwell time, and breach impact—to translate risk into business terms and justify investments like 24/7 monitoring that reduce incidents, improve detection speed, and limit financial loss.
Wednesday, June 03, 2026 / 1:10:00 PM - 1:30:00 PM EST
Theater 3, Prince George's Hall
Organizations are heavily prioritizing AI adoption, yet many struggle to move these capabilities from experimental pilots into production. To realize the true value of AI investments, teams must move beyond standalone tools and integrate them into the fabric of their daily operations. This session explores how Intelligent Workflows serve as the essential connective tissue, allowing organizations to securely scale AI without increasing complexity.
Wednesday, June 03, 2026 / 1:10:00 PM - 1:30:00 PM EST
Theater 4, Prince George's Hall
SRA (the authors of VECTR) will present data-driven trends in intel-driven threat simulations from a year of testing with the shared Threat Index test plan. We will discuss the top ten failed critical TTPs, root cause, and what organizations can do to flip the burden of perfection on to the adversary.
Wednesday, June 03, 2026 / 1:35:00 PM - 1:55:00 PM EST
Theater 1, Prince George's Hall
Enterprise cloud was built under delivery pressure, leading to massive, unmanageable access sprawl. Security tools exposed it but left teams buried in findings, while AI now lets attackers systematically enumerate it, turning years of permissions into an immediate attack surface. This session introduces a new approach: shifting to a structured hardening program that eliminates attack paths by defining and enforcing the access that should exist.
Wednesday, June 03, 2026 / 1:35:00 PM - 1:55:00 PM EST
Theater 2, Prince George's Hall
Many organizations have embraced the strategic CTEM framework, but execution often lags. In this session, learn how to operationalize CTEM with a continuous, data-driven approach to exposure validation. You'll hear how teams are using SafeBreach Helm—the AI CTEM Agent—to identify and validate exposures, understand control effectiveness, and prioritize remediation efforts in one unified platform, building scalable, results-focused CTEM programs.
Wednesday, June 03, 2026 / 2:00:00 PM - 2:30:00 PM EST
Potomac A
As AI shifts from predictable tools to autonomous agents, identity security becomes your last line of defence. This session explores the evolving threat landscape with real-world examples and shows how AI-powered identity security mitigates risk through comprehensive discovery, continuous analysis, and real- time agent monitoring. We’ll close with zero-trust best practices anchored in agent discovery to help you gain control of AI agents.
Wednesday, June 03, 2026 / 2:00:00 PM - 2:30:00 PM EST
Potomac B
Modern enterprises face an explosion of identities users, services, APIs, and AI across hybrid and multi-cloud environments. Machine identities now outnumber humans, increasing risks like credential compromise and account takeover. This session explores identity fabric strategies to unify access, manage identities, and secure AI apps using IBM Verify.
Wednesday, June 03, 2026 / 2:00:00 PM - 2:30:00 PM EST
Potomac C
AI risk does not start at the prompt. It starts across the supply chain: models, data, plugins, agents, APIs, and connected tools. This session breaks down where technical teams are exposed and how to reduce risk with visibility, policy enforcement, segmentation, and runtime controls across the AI stack.
Wednesday, June 03, 2026 / 2:00:00 PM - 2:30:00 PM EST
Potomac D
Microsoft Copilot can amplify existing data exposure when sensitive data is overexposed, unlabeled or accessible through risky identities and permissions. In this session, Farrah Gamboa shares five practical ways to reduce risk before rollout, including discovering and classifying sensitive data, tightening access, monitoring Copilot activity and strengthening compliance. Learn how to harden your environment and accelerate Copilot adoption safely
Wednesday, June 03, 2026 / 2:00:00 PM - 2:30:00 PM EST
Maryland A
Supply chain incidents are increasingly becoming first-party problems, forcing security teams to respond to risks they don’t directly control. This session explores how organizations are integrating third-party intelligence into SIEM and SOAR workflows to detect, prioritize, and respond to supply chain risk in real time.
Wednesday, June 03, 2026 / 2:00:00 PM - 2:30:00 PM EST
Maryland D
AI is reshaping software creation, but its rapid adoption breaks traditional security assumptions and blurs ownership. While teams are increasingly using AI to triage and fix issues, this opportunistic approach lacks the governance required for modern delivery. This session explores moving from fragmented, manual workflows to a continuous, AI-enabled control model that aligns with the speed of today's software world.
Wednesday, June 03, 2026 / 2:00:00 PM - 2:30:00 PM EST
Annapolis
Artificial intelligence is accelerating the threat in volume, velocity, and sophistication of attacks. Malware mutates fast. Attack campaigns launch in the blink of AI. The asymmetry is no longer about resources – it’s about speed. This talk explores how agentic AI is changing the equation by codifying frontline offensive expertise, adversary mindset, techniques and procedures, and attack tradecraft into defensive operations at scale and speed.
Wednesday, June 03, 2026 / 2:45:00 PM - 3:15:00 PM EST
Maryland B
CISOs are now prominent executive leaders in the rapidly expanding field of cybersecurity. However, as cyber incidents become the norm, what role do the CISOs play when leadership no longer views these incidents with the same level of concern or urgency? Join this session to find out!
Wednesday, June 03, 2026 / 2:45:00 PM - 3:15:00 PM EST
Annapolis
Join this session to understand how the endpoint security vendor space has evolved over the past year, covering vendor position movements, feature evolution and key points for vendor selection.
Wednesday, June 03, 2026 / 2:45:00 PM - 3:15:00 PM EST
National Harbor 11
This session gives an overview of current trends, technologies, and approaches to AppSec testing, including new AI-augmented tools like application code security assistants, AI false positive suppression, and vibe coding.
Wednesday, June 03, 2026 / 2:45:00 PM - 3:15:00 PM EST
Potomac C
Are soaring SIEM costs forcing you to choose between visibility, retention and budget? With exploding log volumes and ingestion-based pricing, SOCs face tough trade-offs. This session covers four practical strategies — selective use case design, detection at the edge, advanced ETL pipelines and affordable storage — to help you optimize SIEM spend.
Wednesday, June 03, 2026 / 2:45:00 PM - 3:15:00 PM EST
Maryland D
How do you take your CSMA strategy and turn it into reality? This session will discuss the latest innovations in CSMA from architecture to vendor solutions.
Wednesday, June 03, 2026 / 2:45:00 PM - 3:15:00 PM EST
Maryland A
AI governance and privacy are driven by law and regulations, but common principles help savvy cybersecurity leaders apply effective data controls at the data layer. While this does not guarantee compliance, the controls create efficiencies to rightsize the investments for compliance. This session highlights the controls organizations must implement to gain and demonstrate control over their data processing activities — a key step to meeting customer and regulatory demands.
Wednesday, June 03, 2026 / 2:45:00 PM - 3:15:00 PM EST
Maryland C
Midsize enterprises face unique challenges — limited budgets, growing attack surfaces and evolving compliance requirements. This session explores a curated set of security tools designed to deliver maximum protection without unnecessary complexity. Attendees will learn how to prioritize investments, integrate solutions effectively and build a security stack that scales with business growth.
Wednesday, June 03, 2026 / 2:45:00 PM - 3:45:00 PM EST
Woodrow Wilson B
Cybersecurity effectiveness requires a mature IAM program, but in modern decentralized organizations, some key IAM decisions are made outside the IAM team. Cybersecurity leaders should use a checklist to ensure they champion IAM goals and sponsor IAM initiatives across all relevant functions.
Wednesday, June 03, 2026 / 3:30:00 PM - 4:00:00 PM EST
National Harbor 11
Cybersecurity leaders seek vendor consoldiation to simplify and lower total cost of ownership placing strategic bets on large portoflio security vendors. In this session, we will walk through a new framework for cross-market evaluation of large security vendors using four critical criteria: Vendor Trust, Market Coverage, Market Depth, and Continuous Value Assessments.
Wednesday, June 03, 2026 / 3:30:00 PM - 4:00:00 PM EST
Potomac C
Assess cybersecurity risks of Model Context Protocol adoption — expanded attack surfaces, inconsistent implementations, and evolving standards. Use this guidance to harden, monitor, and govern MCP deployments in AI-integrated environments.
Wednesday, June 03, 2026 / 3:30:00 PM - 4:00:00 PM EST
Maryland B
Threat context and detection alerts are abundant in SOCs as XDR, SIEMs, and custom tools detect threats in our environments. However, this information alone is often not enough to act. Additional context is needed to validate and prioritize alerts. Exposure Management helps by adding relevant context to better evaluate exposures. This session explores Exposure Management and how to incorporate it into Threat Detection, Investigation, and Response (TDIR) functions.
Wednesday, June 03, 2026 / 3:30:00 PM - 4:00:00 PM EST
Annapolis
To successfully navigate this landscape as a "human CISO," leaders must shift from securing static digital workflows to proactively protecting context-aware physical environments. Crucially, as systems become increasingly automated and intelligent, security leaders must actively champion preserving critical thinking against the complacency of AI autopilot. Join this session to learn more.
Wednesday, June 03, 2026 / 3:30:00 PM - 4:00:00 PM EST
Maryland A
The concept of “AI red teaming 101” is a myth. The industry’s focus on technology generating adversarial prompts is misleading due to the low maturity of these offensive AI security testing tools, the absence of benchmarks, and the need for AI red teaming programs to align with an organization’s maturity journey. This session outlines four essential focus areas CISOs must address to build a strong AI red teaming roadmap, supporting a “test and prevent” approach for agentic AI applications.
Wednesday, June 03, 2026 / 3:30:00 PM - 4:00:00 PM EST
Maryland D
Discover how to turn DSPM insights into real risk reduction by correlating data assets with business processes, assigning accountability, and automating context-aware controls. Learn practical integration strategies with IRM, SIEM, SOAR, IAM/PAM, and DLP, and gain metrics to quantify and communicate data security improvements.
Wednesday, June 03, 2026 / 3:30:00 PM - 4:00:00 PM EST
Maryland C
As more overlapping capabilities are introduced into platforms like WAAP, SSE, CNAPP, and AST, tool sprawl, increased costs, and operational inefficiencies arise. This session demystifies the overlaps, offering actionable guidance to streamline security investments and build an effective defense strategy.