Stay ahead of evolving compliance requirements with this in-depth workshop on PCI DSS v4.0.1. Tailored for IT professionals, compliance teams, security leaders, and CISOs, this session offers practical guidance on meeting new standards and preparing for successful audits.

In this session you will:

• Break down key updates and new requirements in PCI DSS v4.0.1
• Learn strategies for navigating transition timelines and aligning security practices
• Understand auditor expectations, evidence collection, and common compliance pitfalls to avoid

As organizations accelerate digital transformation with artificial intelligence (AI), threat actors are deploying increasingly advanced AI-powered cyberattacks—ranging from deepfakes and malware to phishing and credential theft. These evolving threats challenge traditional security models by exploiting weaknesses in identity and network defenses. This session explores how adopting a Zero Trust Network (ZTN) approach can proactively counter AI-driven threats across every stage of the Cyber Attack Lifecycle.

In this session you will:

• Understand the intersection of AI-powered threats and Zero Trust security strategies
• Explore how Zero Trust disrupts cyberattacks from reconnaissance through exfiltration
• Learn actionable strategies for implementing identity-first security, segmentation, and AI-driven threat detection

This session is exclusive for World Pass Holders.

Cyber insurance often carries misconceptions—especially among technical teams and security leaders—but its core purpose is straightforward: to help businesses recover by covering claims. This session sets the record straight, offering a candid look at how cyber insurance works, what it covers, and how it complements your cybersecurity roadmap. You'll walk away with a clear understanding of emerging trends, coverage options, and how to make cyber insurance a strategic part of your resilience plan.

In this session you will:

• Understand the types of cyber insurance coverage available—from data breaches and fraud to system failures and privacy violations
• Learn how cyber insurance responds to claims and supports recovery after high-cost incidents
• Explore future trends in the cyber insurance market and how to align your coverage with your security strategy

As AI technologies become increasingly powerful and embedded in society, regulators at the state, federal, and international levels are acting swiftly to address emerging risks. Organizations that fail to align with these evolving requirements face steep consequences—including financial penalties, reputational harm, and mandated dismantling of noncompliant AI systems. This session offers a comprehensive overview of the current legal and regulatory environment impacting AI developers and deployers, and explores technical and policy strategies for maintaining compliance.

In this session you will:

• Examine key state, federal, and international AI regulations, including the Colorado AI Act, Utah AI Policy Act, and EU AI Act
• Gain insights from a panel of experts representing regulatory, legal, and advisory perspectives
• Learn practical approaches to mitigating regulatory risk through trust frameworks, user experience design, and policy implementation

Traditional third-party risk management (TPRM) relies heavily on lengthy security questionnaires—but are they truly improving security, or simply generating administrative burden for both vendors and security teams? As vendor ecosystems scale into the thousands, the conventional model of static assessments is proving outdated and ineffective. In this session, Chuck Kesler, CISO at Pendo, draws on his unique experience as both customer and vendor to share how his approach to TPRM has evolved—especially with the adoption of AI-driven tools that streamline processes and improve outcomes.

In this session you will:

• Discover how to assess and monitor vendors more effectively using risk-tiering, AI tools, and embedded contract requirements
• Learn how vendors can proactively reduce assessment fatigue, demonstrate security maturity, and build trust through transparency
• Explore forward-looking ideas like automated vendor monitoring, GRC integrations, and improving the value of third-party security "credit scores"

In today’s evolving threat landscape, effective incident response requires more than just reacting—it demands strategic foresight and proactive design. This session explores the foundational elements of a modern incident response strategy, including the integration of Zero Trust principles, AI-driven automation, and Security by Default architecture. Through real-world examples and practical models, attendees will learn how to strengthen their cyber defense posture with agility and resilience.

In this session you will:

• Develop and refine incident response plans that prioritize preparedness and strategic execution
• Understand how Zero Trust, AI, and automation enhance detection, containment, and remediation
• Learn how to implement Security by Default principles to build inherently resilient systems

In today’s dynamic cybersecurity landscape, technical skills alone aren’t enough. Emotional intelligence (EQ)—including self-awareness, adaptability, stress management, and sound decision-making—is essential for leading effectively through uncertainty and building resilient teams. This session, presented in partnership with the Executive Women’s Forum (EWF), explores how EQ can enhance leadership, improve communication, and support risk management at every level of an organization.

In this session you will:

• Discover how emotional intelligence competencies strengthen personal performance and team dynamics in high-stress environments
• Learn strategies from EWF’s Leadership Academy to improve communication, reduce burnout, and lead with confidence
• Gain practical tools to build a culture of adaptability and resilience in the face of constant change