By 2026, most enterprise privileges will belong not to humans but to non-human identities, OAuth apps, service accounts, AI agents, automation, and integrations. These identities often operate invisibly, persist indefinitely, and bypass traditional controls. This session exposes how non-human identities are becoming the dominant breach vector across cloud and SaaS environments. Attendees will learn how attackers exploit them, why existing IAM models fail, and how to redesign identity governance for machines at scale.

Post-quantum risk is no longer theoretical. By 2026, organizations must prepare for cryptographic failure driven by harvest-now-decrypt-later threats, SaaS dependencies, and long-lived data exposure. This session provides a practical, enterprise-tested approach to crypto agility, focusing on discovery, prioritization, hybrid migration strategies, and third-party realities. Attendees will learn how to operationalize post-quantum readiness without disrupting identity, cloud, application, or critical infrastructure environments.

Many organizations believe they are protecting their data, but in reality, they are continuously leaking it through logs, integrations, SaaS tools, misconfigurations, AI usage, and internal workflows. This session challenges the traditional breach-focused view of data security and explores why modern enterprises are in a state of constant, often invisible data exposure. 

Cybersecurity threats are growing exponentially.  Better cybersecurity approaches are needed to defend critical infrastructures. There is also a need to better understand the cyber threats and develop effective mitigation solutions holistically. This drives the need for AI-based vulnerability assessment and predictive analytical capabilities.  Lockheed Martin (LM) is now applying its technical know-hows to cyber artificial intelligence (AI); Aalto University has developed cyber-attack graph capabilities. The LM and Aalto teams performed a joint research to explore different what-if attack scenarios.