The Security Chapter

By 2026, organisations will be judged not only on how well they prevent attacks, but on how effectively they can withstand and recover from them. With adversaries targeting business continuity and regulators raising expectations, resilience has become a core strategic priority.

This workshop focuses on practical approaches to building resilience across people, processes and technology. You’ll explore real incident scenarios, discuss how peers are stress-testing their environments, and compare methods for improving readiness, response coordination and communication under pressure.

We’ve run more than 200,000 pentests, and the story is consistent: weak and reused credentials, unpatched and misconfigured software, and misplaced security effort create outsized business risk. Attackers chain these failures into full domain compromise—often in minutes, without exploiting a CVE. The result isn’t just a technical issue, it’s operational disruption, regulatory exposure, and reputational damage.

Join Ramzi Harb, Senior Sales Engineer at Horizon3.ai, for a candid session on what this means for executives accountable for risk. You’ll see how an AI hacker like NodeZero exposes the weaknesses that matter most, validates which controls actually work, and reframes vulnerability management through our Risk-Based Vulnerability Management (RBVM) approach—where risk is measured by exploitability and business impact, not by vulnerability counts.

What you will walk away with:

• Why exploitability, not volume of vulnerabilities, defines true risk.
• How our RBVM model helps prioritize investments that reduce breach probability fastest.
• Executive-level metrics—mean time to mitigate, mean time to remediate, and reoccurrence rate—to track and prove resilience.
• How FixOps creates an operating model for resilience, turning proof of exploitability into rapid, measurable fixes.

These focused 1:1 sessions pair you with peers and sponsors based on shared priorities, challenges and areas of expertise. Each meeting is curated using attendee insights, ensuring every conversation is relevant, purposeful and aligned to your interests.

Whether you’re exploring new ideas, pressure-testing a strategy, or discovering emerging capabilities, these sessions are designed to deliver genuine value in a short window of time. It’s a chance to engage in informed, high-quality discussions that move beyond introductions and straight into meaningful exchange.

By 2026, AI isn’t just assisting workflows; it’s executing them. Internal agents, copilots with elevated permissions, automated decision engines and LLM-driven integrations have expanded the attack surface in ways traditional controls were never built to handle.

This workshop examines the next phase of AI security: protecting autonomous systems that read, write, decide and act across the business. Discussions will cover agent permissions, safe action boundaries, continuous monitoring, prompt-injection hardening, model integrity and preventing silent failure modes.

Executives will explore what a secure operational model looks like when AI becomes an actor rather than a tool.

Digital trust assumes that cryptography ages gracefully. Quantum computing breaks that assumption. As public‑key algorithms fail abruptly rather than gradually, the foundations of encryption, digital signatures, and certificate‑based identity must be re‑engineered.

This presentation explores the post‑quantum threat and the case for acting now. We examine how long‑lived trust artifacts and manual lifecycle management amplify quantum risk, and how evolving NIST guidance and related standards are driving stronger requirements for auditability, visibility, and cryptographic inventory across identity and certificate systems. The session concludes with considerations and preparatory steps for PQC migration that will preserve trust long after today’s algorithms become obsolete.

These focused 1:1 sessions pair you with peers and sponsors based on shared priorities, challenges and areas of expertise. Each meeting is curated using attendee insights, ensuring every conversation is relevant, purposeful and aligned to your interests.

Whether you’re exploring new ideas, pressure-testing a strategy, or discovering emerging capabilities, these sessions are designed to deliver genuine value in a short window of time. It’s a chance to engage in informed, high-quality discussions that move beyond introductions and straight into meaningful exchange.

This collaborative session brings executives together to unpack real challenges, share practical experiences and explore new approaches as a group. Rather than traditional presentations, the focus is on open dialogue, identifying what’s working, what isn’t, and how others are navigating similar issues in their own organisations.

Guided by a facilitator, you’ll work through emerging pain points, compare strategies and exchange insight with peers facing the same pressures. It’s an opportunity to gain clarity, discover alternative viewpoints and walk away with ideas you can apply immediately.

Designed to be energetic, conversational and outcome-driven, this is where collective expertise turns into practical solutions.

Security teams are drowning in vulnerabilities, but only a small fraction are truly exploitable — and attackers know exactly which ones to go after. In this technical deep dive, we’ll walk through a live demonstration of NodeZero®, Horizon3.ai’s autonomous pentesting platform, to show how you can continuously identify, validate, and fix the risks that actually matter.

We’ll trace a full attack path from initial access to domain compromise, highlight how NodeZero chains misconfigurations and vulnerabilities into real-world impact, and then pivot into remediation validation — proving that your fixes break the attack, not just clear a scanner finding. Along the way, we’ll cover key use cases like internal and external pentesting, cloud and AD assessments, and compliance-driven testing, and show how teams are operationalizing a “hack, fix, verify, repeat” workflow to stay ahead of attackers.

These focused 1:1 sessions pair you with peers and sponsors based on shared priorities, challenges and areas of expertise. Each meeting is curated using attendee insights, ensuring every conversation is relevant, purposeful and aligned to your interests.

Whether you’re exploring new ideas, pressure-testing a strategy, or discovering emerging capabilities, these sessions are designed to deliver genuine value in a short window of time. It’s a chance to engage in informed, high-quality discussions that move beyond introductions and straight into meaningful exchange.

With the EU AI Act, evolving privacy rules, data localisation requirements and the rise of internal AI systems, 2026 is the year when data governance becomes deeply entangled with security. Sensitive data now moves through vector stores, RAG pipelines, SaaS chains and analytics platforms, often without full visibility.

This workshop examines how executives are navigating the new realities of privacy and digital sovereignty. Expect discussion on governing AI training data, enforcing data residency, managing cross-border risk, embedding privacy by design and aligning security, legal and AI teams around a shared operating model.

These focused 1:1 sessions pair you with peers and sponsors based on shared priorities, challenges and areas of expertise. Each meeting is curated using attendee insights, ensuring every conversation is relevant, purposeful and aligned to your interests.

Whether you’re exploring new ideas, pressure-testing a strategy, or discovering emerging capabilities, these sessions are designed to deliver genuine value in a short window of time. It’s a chance to engage in informed, high-quality discussions that move beyond introductions and straight into meaningful exchange.

This collaborative session brings executives together to unpack real challenges, share practical experiences and explore new approaches as a group. Rather than traditional presentations, the focus is on open dialogue, identifying what’s working, what isn’t, and how others are navigating similar issues in their own organisations.

Guided by a facilitator, you’ll work through emerging pain points, compare strategies and exchange insight with peers facing the same pressures. It’s an opportunity to gain clarity, discover alternative viewpoints and walk away with ideas you can apply immediately.

Designed to be energetic, conversational and outcome-driven, this is where collective expertise turns into practical solutions.

This demo explains how Keyfactor’s AgileSec Analytics provides real-time visibility into an organization’s cryptographic posture across applications, certificates, code, hosts, and other endpoints. The session walks through discovered cryptographic assets, identifies the algorithms in use, flags weak or non-compliant implementations, and maps the cryptographic dependencies that support business-critical workflows.

Key Takeaways:

• Full Cryptographic Discovery: See how AgileSec maps all certificates, keys, algorithms, and encryption patterns across hybrid environments—no agents required.
• Real-Time Posture Assessment: Learn how the platform evaluates algorithm strength, expiration risk, compliance status, and crypto hygiene across all systems.
• PQC Migration Readiness: Understand how AgileSec identifies quantum-vulnerable assets and guides phased migration planning.
• Dependency Intelligence: Explore how AgileSec builds a cryptographic bill of material (CBOM) across applications, services, and certificates to surface hidden upgrade blockers.
• Risk-Based Prioritization: Experience how analytics elevate the most impactful cryptographic risks based on business context, exposure, and operational criticality.
• Remediation-Ready Insights: Learn how AgileSec surfaces detailed cryptographic posture data—including certificate status, algorithm usage, and PQC-vulnerable assets—so it can be consumed by orchestration tools for renewal, upgrade, and migration workflows.

These focused 1:1 sessions pair you with peers and sponsors based on shared priorities, challenges and areas of expertise. Each meeting is curated using attendee insights, ensuring every conversation is relevant, purposeful and aligned to your interests.

Whether you’re exploring new ideas, pressure-testing a strategy, or discovering emerging capabilities, these sessions are designed to deliver genuine value in a short window of time. It’s a chance to engage in informed, high-quality discussions that move beyond introductions and straight into meaningful exchange.

Quantum computing may not be fully realised yet, but the risk landscape is already shifting. “Harvest-now, decrypt-later” attacks, evolving standards and the push towards post-quantum cryptography make preparation a priority for organisations with long-lived or highly sensitive data.

This workshop focuses on what executives should be doing today to build crypto-agility into their environments. You’ll explore where quantum exposure sits, how to identify systems that need priority migration and what a realistic transition plan looks like without disruption to critical services.

Hybrid ecosystems in 2026 are dominated by SaaS chains, API-to-API communication, machine identities, service accounts and ephemeral workloads that appear and disappear within seconds. With attackers exploiting identity systems and API connections at scale, Zero Trust has become less of a framework and more of a live operational discipline.

This workshop dives into how mature organisations are reshaping Zero Trust for a borderless estate, tightening identity governance, securing API interconnectivity, managing fast-proliferating machine identities and enforcing “least privilege” in environments where nothing is static.

These focused 1:1 sessions pair you with peers and sponsors based on shared priorities, challenges and areas of expertise. Each meeting is curated using attendee insights, ensuring every conversation is relevant, purposeful and aligned to your interests.

Whether you’re exploring new ideas, pressure-testing a strategy, or discovering emerging capabilities, these sessions are designed to deliver genuine value in a short window of time. It’s a chance to engage in informed, high-quality discussions that move beyond introductions and straight into meaningful exchange.