Agenda

Date and Time	Title
Apr 29, 2026 11:00am - 11:46am (Eastern)	[Opening Keynote] The Agentic Frontier: Defending the Future The financial sector is entering a transformative Agentic Era, where AI moves beyond simple assistants to take autonomous actions. This shift coincides with the rise of AI-driven impersonation techniques that may elude traditional detective controls employed by cybersecurity teams. In this keynote, Marina Kaganovich and Aaron Sutton from Google’s Office of the CISO outline a roadmap for securing this new frontier. They will explore the role of AI governance, how to modernize the SOC using AI-first defense capabilities, and empower human analysts to focus on what really matters. The session delves into the critical concept of Machine Identity—treating AI agents as distinct digital actors with dedicated permissions and audit trails. Attendees will gain a strategic framework for building a resilient, autonomous enterprise prepared for the next generation of digital threats.
Apr 29, 2026 12:00pm - 12:26pm (Eastern)	From Compliance to Confidence: Turning Cyber Risk into ROI Most organizations treat cyber risk as a compliance checkbox—but real business resilience requires measurable action. In this session, Dr. Fredrick Dande, PhD, will show IT and business leaders how to transform cyber and IT risk into quantifiable business value. Attendees will leave with a clear, actionable framework to turn cyber and IT risk into measurable business value and confident decision-making.
Apr 29, 2026 12:00pm - 12:35pm (Eastern)	Strengthening Cyber Resilience in Financial Services with Deep Observability Financial institutions are under pressure to defend against sophisticated cyber threats, satisfy expanding regulatory mandates, and keep digital banking, payments, and trading platforms always on. Yet the greatest blind spots often sit in encrypted, lateral (East-West), and hybrid cloud traffic—exactly where attackers hide and where traditional security tools lack network visibility. Join this session to learn how banks, insurers, and fintechs strengthen security, improve compliance and audit readiness, and increase operational efficiency without ripping and replacing existing tools. We’ll explore real-world use case that shows how to expose hidden threats in encrypted traffic, validate PCI DSS 4.0 and DORA controls, and reduce MTTR across hybrid environments so you can protect sensitive financial data and keep critical services performing at scale.
Apr 29, 2026 12:00pm - 12:56pm (Eastern)	The Pocket-Sized Threat: Orchestrating Adversarial AI Workflows on a Local Laptop The barrier to entry for high-level cyber operations has shifted. No longer requiring massive server farms, sophisticated “agentic” threats can now be orchestrated entirely from a single consumer-grade laptop. This session, delivered by a US Secret Service Network Intrusion Forensics Analyst, moves beyond the theory of “AI threats” and into the practical mechanics of how adversaries are using open-source tools to automate the kill chain. This is a lab-heavy session designed to show you exactly how an adversary builds a local, autonomous hacking station. We will walk through the deployment of an Open Source Large Language Model (LLM) and demonstrate the power of the Model Context Protocol (MCP)—a protocol that serves as the “USB port” for AI, allowing models to interact seamlessly with local files, secure APIs, and system tools. Attendees will participate in a live walkthrough of: Local LLM Deployment: How to run state-of-the-art models (like Llama 3 or Mistral) locally to avoid detection and maintain data privacy. The Power of MCP: Using the Model Context Protocol to grant an LLM “hands” (the ability to read logs, query databases, and execute scripts). Agentic Workflows: Moving from a simple chatbot to an “Agent” that can reason, plan multi-step attacks, and pivot autonomously based on forensic output. Defensive Implications: How to detect and defend against locally hosted, agentic adversarial activity that leaves a minimal network footprint. This session is designed for security professionals who want to understand the “adversarial edge” of AI.
Apr 29, 2026 1:00pm - 1:47pm (Eastern)	[Fireside Chat] 7 Questions, No Safety Net: Navigating AI Law with Jordan Fischer Seven questions. Zero fluff. Unlimited insight. We’ve invited renowned privacy powerhouse Jordan Fischer to sit in the hot seat and answer the toughest questions regarding AI laws and governance in 2026. Jordan brings her unique perspective as a legal architect who understands both the code and the courtroom. This isn’t just a discussion on compliance; it’s a strategic roadmap for FinServ leaders. Watch as we deconstruct the EU AI Act, data lineage, and the legal tightrope of algorithmic bias in a session designed to trigger the questions you didn’t know you needed to ask.
Apr 29, 2026 1:00pm - 1:36pm (Eastern)	Top 10 Most-Needed AI Skills in Cybersecurity – "Draft Day" to Accelerate Your Career The cybersecurity talent market is officially on the clock. As AI-driven threats—from agentic malware to deepfake identity deception—move from theory to the frontline, the demand for AI-fluent defenders has reached a fever pitch. But which skills carry a first-round pedigree, and which are just pre-season hype? In this high-energy session, join “Commissioner” Charles Hartley for the ultimate AI Cybersecurity Career Draft. Based on extensive research from TIAA’s Cybersecurity Awareness Team, we rank the Top 10 “franchise-player” skills—including Adversarial ML, Agentic Governance, and LLM Auditing—that are redefining the SOC. Whether you’re a veteran or a rookie, you’ll leave with a professional scouting report on the most in-demand competencies and a winning playbook to secure your spot on the industry’s elite roster. With the next pick in the AI career draft… will you be the one to change the game?
Apr 29, 2026 1:00pm - 1:49pm (Eastern)	The Data War for FinServ Has Begun The Financial Services sector is living through the greatest digital convergence in history—where AI, cloud computing, and cybersecurity are no longer separate disciplines, but interdependent forces shaping how wealth is managed, transactions are executed, and capital is protected. In this new era, your most valuable asset—customer trust and financial data—is under constant threat, not just from cybercriminals targeting your vaults, but from the rapid digitization of your own banking infrastructure. In this high-impact session, Dr. Eric Cole, former CIA hacker and trusted advisor to Fortune 100 CEOs, exposes the critical blind spots financial institutions face as they race to adopt Fintech innovations and migrate legacy systems to the cloud—often without a coherent data protection strategy. You’ll discover how attackers are exploiting this convergence to bypass traditional fraud controls, how AI is both a weapon for sophisticated financial crimes and a shield for defense, and why the cloud isn’t inherently secure for sensitive financial records—unless you make it so. Whether you’re a CEO, CISO, or banking leader, this session will empower you with actionable frameworks to: Understand how AI and cloud reshape the cyber threat landscape for banks, insurers, and investment firms. Identify financial data exposure risks that live outside your control—and how to maintain sovereignty over critical assets. Shift from a legacy perimeter model to identity- and data-centric security to protect the modern financial ecosystem. Build an AI-aware security posture that accelerates—not blocks—Fintech innovation and algorithmic advantage. Win the new war for data ownership, visibility, and control in a highly regulated global market. The convergence is already here. The question is, are you investing in resilience, or banking on luck?
Apr 29, 2026 1:00pm - 1:29pm (Eastern)	Hunting at Internet Scale: Exposing Multi‑Vector Financial Threat Campaigns via DNS Threat Hunting Modern threat actors targeting financial services no longer rely on a single delivery method. Instead, they orchestrate sophisticated, multi‑channel campaigns that blend AI‑driven phishing, search abuse, push notifications, and trusted infrastructure to exploit customer trust, financial brands, and exposed enterprise systems at scale. In this deep‑dive session, we examine what global DNS query data reveals about today’s financial threat ecosystem. Using real‑world examples observed at Internet scale, we explore how AI has reshaped phishing against banks and insurers, why abandoned and parked domains continue to fuel fraud and credential theft, how search poisoning and brand abuse undermine digital trust, and where misconfigurations like dangling CNAMEs expose financial environments to risk. Attendees will gain practical insight into how these techniques surface in DNS data and how DNS‑based visibility can uncover attacker behavior earlier in the kill chain.
Apr 29, 2026 2:00pm - 2:45pm (Eastern)	Speaking the Language of Risk: Bridging the CISO-CFO Divide For years, the relationship between security leadership and finance has been defined by a fundamental “language barrier.” While the CISO talks in vulnerabilities and threat vectors, the CFO thinks in terms of ROI, capital allocation, and fiscal resilience. This session moves beyond the myth that “security is too expensive” to address the real issue: a lack of shared vocabulary. Join a veteran vCISO and a seasoned CFO for a candid conversation on how to align technical requirements with business objectives. Attendees will learn how to transform security metrics into financial risk data that commands boardroom respect and secures long-term investment. The problem isn’t the budget; it’s the dictionary.
Apr 29, 2026 2:00pm - 2:52pm (Eastern)	[Panel] Trust in the Crosshairs: Defeating Social Engineering and Strengthening Your Posture The financial sector remains the premier target for social engineering, but the tactics are shifting from simple phishing to AI-driven deception. As deepfakes and sophisticated business email compromise (BEC) evolve, traditional awareness training is no longer enough to protect the perimeter. Join experts from Google Cloud Mandiant, Doppel Security, Sublime Security and Tanium for a tactical breakdown of the social engineering landscape. We’ll examine the trajectory of modern threats—from the “long-con” classics that still work to the high-tech exploits of tomorrow. Key discussion points: The AI Evolution: How attackers leverage voice cloning and synthetic identities to bypass MFA FinServ Under Fire: Why financial institutions are the primary laboratory for new social engineering techniques Modern Defense: Shifting from reactive training to proactive detection and behavioral signals Resilient Culture: Building a security posture where every employee acts as a sophisticated sensor against fraud Equip your organization to intercept the next generation of attacks before the first click occurs.
Apr 29, 2026 2:00pm - 2:42pm (Eastern)	Cyber Intel Briefing: FinServ Financial Services is no longer just a facilitator of global trade; it is the primary battlefield of modern conflict. This session connects the dots between global geopolitical volatility and the immediate risks to market liquidity, institutional integrity, and consumer trust. We will examine how shifting alliances and conflicts involving major powers like Russia, China, and the EU are reshaping the cyber threat landscape—specifically targeting cross-border payment systems, central bank digital currencies (CBDCs), and the global fintech supply chain. The discussion will pivot to the “internal” evolution of the sector, analyzing the rapid integration of Generative AI in algorithmic trading and automated underwriting, and the resulting regulatory and privacy minefield. From state-aligned actors seeking to destabilize national economies to sophisticated ransomware syndicates targeting the high-frequency trading floor, we will profile the adversaries threatening the global fiscal order. Join us for a 2026 outlook that moves beyond mere regulatory compliance, offering a battle-tested framework for maintaining operational resilience and capital stability in the face of unprecedented global instability.
Apr 29, 2026 3:00pm - 3:38pm (Eastern)	Your Internal AI: Empowering Innovation While Reducing Inadvertent Insider Threats The explosive adoption of generative AI and large language models (LLMs) has transformed how organizations work, enabling employees at all levels to accelerate tasks, generate insights, and drive innovation. Yet this democratization of AI potentially introduces a significant and often overlooked risk: inadvertent insider threats. This presentation examines how the convenience of “unsubscribed” mainstream AI tools has dramatically increased the attack surface for data exfiltration through non-malicious insider actions. We will explore real-world consequences, regulatory implications, and the growing awareness gap that leaves even sophisticated organizations vulnerable. The core message is one of empowerment rather than restriction: organizations can and should provide their teams with the full power of state-of-the-art LLMs without compromising security. “Your Internal AI” introduces a secure, enterprise-ready alternative that enables seamless use of mainstream models while automatically safeguarding sensitive information. Through intelligent pre-processing, redaction, anonymization, and policy enforcement, sensitive data is protected before it ever leaves the organization’s control, ensuring compliance and preserving privacy. Attendees will see this solution in action through a live demonstration, illustrating how users can interact naturally with powerful LLMs in everyday business related activities, while the system transparently secures confidential content in real-time. By the end of the session, participants will understand not only the risks posed by unchecked AI usage but also how to deploy “Your Internal AI” as a strategic enabler: delivering the productivity gains of cutting-edge AI to every employee, securely and responsibly.
Apr 29, 2026 3:00pm - 4:13pm (Eastern)	The Digital Path to Physical Harm: Profiling 'Cyber Violence' in the Modern Age The line between a digital threat and a physical attack has officially vanished. From the targeted murder of executives to “Violence-as-a-Service,” the digital footprint is no longer just a trail of data—it is a measurable pathway toward intended harm. In this session, former FBI Profiler Cameron Malin introduces the concept of Cyber Violence, exploring how physical atrocities are now enabled, rehearsed, and amplified through digital systems. Attendees will get an inside look at Digital Behavioral Criminalistics (DBC), a revolutionary forensic discipline that merges behavioral science with digital forensics. Learn how to reconstruct user thought processes and identify the “pre-attack” indicators hidden within digital media before the threat transitions from the screen to the street.
Apr 29, 2026 3:00pm - 3:41pm (Eastern)	[Panel] Calculated Risk: The FinServ 'Would You Rather' Face-Off In the hyper-connected, regulation-heavy world of financial services, a single second of latency costs millions, and a single breach costs trust. There are no “safe bets”—only calculated risks. Join us for an unscripted, high-energy session where top Financial Sector CISOs face off on the industry’s most brutal hypothetical scenarios. Moderated in a rapid-fire game show format, our panelists will be presented with unforgiving “Would You Rather” choices ranging from catastrophic wire fraud and third-party failures to SEC disclosure dilemmas and crippling legacy mainframe vulnerabilities. They won’t just pick a side; they have to defend it against the clock—and each other. Attendees will gain a unique window into the minds of security leaders, understanding how they balance friction-free customer experience against fraud controls, and rapid fintech innovation against strict regulatory compliance. Come ready to vote on who makes the best investment in a bad situation.
Apr 29, 2026 3:00pm - 3:47pm (Eastern)	Always Listening, Always Connected: Why Smart Home AI Ecosystems Pose Enterprise and National Security Risks AI-powered smart home devices continuously collect, analyze, and transmit voice, behavioral, and environmental data to deliver seamless personalization. However, as the boundaries between home and office dissolve in a remote and hybrid workforce, these consumer AI ecosystems have quietly expanded the modern enterprise attack surface. This session examines how AI-driven household systems process sensitive data from always-on microphones and biometric inference to multi-device sensor fusion and cloud analytics and identifies systemic failure points across the data lifecycle, including retention, aggregation, and third-party sharing. We explore the “Household Pivot Risk”: how persistent connectivity and opaque AI data flows can enable adversaries to traverse from consumer environments into corporate networks, regulated industries, and, at scale, broader national security contexts, particularly across critical infrastructure sectors. Attendees will gain a practitioner’s perspective on the cascading risks of behavioral inference, shadow data perimeters, and AI supply-chain opacity. The session will provide actionable strategies for applying privacy-by-design and engineering-first controls to mitigate cross-domain data leakage and strengthen enterprise resilience in an increasingly AI-enabled society.
Apr 29, 2026 4:00pm - 4:30pm (Eastern)	[Closing Keynote] Graph vs. Noise: Defending Against Modern Social Engineering Attacks AI-powered attackers now operate across social platforms, domains, messaging apps, and ads simultaneously, creating complex deception campaigns that overwhelm traditional security tools with alerts but little actionable insight. In this keynote, Dylan DeAnda (Field CTO, Doppel) explores how graph-driven intelligence connects signals across infrastructure, identities, and platforms to expose entire attacker ecosystems rather than isolated threats. Through real-world examples—including fraud campaigns, cloned login infrastructure, and executive impersonation—the session shows how organizations can move from reactive alerts to coordinated disruption, reducing response times from days to hours and turning intelligence into measurable risk reduction.