siberXcon 2026

Enjoy a seamless check-in and get everything you need to start your day with ease.

Join us as we begin with our land acknowledgements and opening comments from dignitaries and special guests.

Cyber policy now shapes global security and digital governance. Women leaders are translating policy into actionable security frameworks that influence international cyber defense and regulatory standards.

Nation-state cyber threats are escalating worldwide. This session examines how governments, enterprises, and cybersecurity leaders can strengthen resilience and defend against sophisticated geopolitical cyber operations.

Take a moment to step away, recharge, and get ready for what’s ahead.

AI is opening up amazing new possibilities, and staying secure at every step is crucial. Join us to explore how the Wiz AI Security Platform provides complete protection for your AI applications, from code all the way to runtime. We’ll show you how to gain full-stack AI visibility, proactively manage risks with our graph-based context, and detect threats across your AI pipelines. Empower your teams to adopt and expand into AI workloads confidently with comprehensive AI Security Posture Management, Runtime Protection, and Code Scanning.

Security investigations may feel objective, but they’re shaped by human bias. This session explores how cognitive shortcuts like confirmation bias, anchoring, and automation bias impact decision-making under pressure - and how AI tools can amplify these patterns rather than fix them. Through real-world examples and practical techniques, you'll walk away with a clearer picture of how your brain works against you during investigations, and what you can do about it.

This roundtable explores the evolving intersection of Indigenous data sovereignty and sovereign cloud infrastructure. The discussion will examine whether meaningful Indigenous sovereignty can be achieved within modern cloud ecosystems built on globally connected, multi-tenant infrastructure. It will also consider whether governance, jurisdiction, privacy, and true control over Indigenous data can be fully realized in today’s digital landscape.

This presentation explores the evolving cyber threat landscape, emphasizing major national security risks posed by AI and emerging technologies. It examines the intersection of traditional threats, such as ransomware and phishing, and emerging challenges like deepfakes and phishing schemes particularly in the context of AI advancements.

Examines the often unseen contributions within Security Operations Centers, where decision-making and incident response rely on a diverse range of roles that are not always equally recognized. Participants will explore how gaps in visibility, recognition, and inclusion can impact team dynamics, performance, and retention. The discussion will focus on practical strategies to ensure equitable acknowledgment of contributions and to strengthen DEI considerations in SOC structures and workflows.

Stretch your legs and take a deep breath!

Join us for an interactive, open discussion with CSIS on the current threat landscape and the most pressing threats from hostile states facing the Canadian cybersecurity community and how government agencies can work collaboratively to better address and reduce these threats

In today’s threat landscape, identity has become the primary attack surface, and the weakest link. As organizations adopt cloud, hybrid environments, and AI-driven systems, traditional notions of access and trust are rapidly breaking down.

We will explore the evolving role of identity in cybersecurity and examine how attackers exploit identity gaps and why many current approaches are no longer sufficient.

This conversation will unpack what it truly means to “know your user” in a modern environment, and what organizations must do now to secure identity before it becomes their greatest risk.

Women face cyber threats that are often more targeted, persistent, and personal—yet many security strategies overlook these realities. This session explores how risks like harassment, identity attacks, and digital surveillance uniquely impact women, and where traditional controls fall short. Attendees will gain insight into these patterns and learn how to build more inclusive, gender-conscious cybersecurity approaches that better protect people and organizations.

This round table explores how trust can be intentionally designed into secure systems by accounting for the diverse realities of end users. Participants will discuss how factors such as role, accessibility needs, cultural context, and technical fluency shape interactions with security controls. The conversation will focus on practical approaches to embedding inclusivity, usability, and transparency into system design to strengthen both security outcomes and user trust.

This topic explores how cybersecurity practices can be effectively incorporated into Agile methodologies. It highlights strategies such as embedding security in sprint planning, defining “security-ready” criteria, and managing vulnerabilities within iterative cycles. The presentation emphasizes maintaining development velocity while ensuring robust security controls.

Diversity in threat intelligence is often discussed as a value, but its practical impact is less clearly defined. This session examines what diversity actually translates into for practitioners and executives, from improving analytic rigor and reducing bias in threat assessments to expanding visibility across regions, sectors, and adversary behaviors. It will explore how varied perspectives—across disciplines, backgrounds, and lived experiences—can directly strengthen detection, response, and strategic decision-making. Attendees will leave with a clearer understanding of how to operationalize diversity within threat intelligence functions in a way that drives measurable security outcomes.

Stretch your legs and take a deep breath!

Artificial intelligence is exploding across every imaginable vertical, use case, and attack vector. Meanwhile, the 60-year-old technology that powers our grids, treats our water, and runs our sewage plants is being yanked online — often by manufacturers who now require an internet connection to function at all. So, what do we do? Run in terror? Pray for the best? Hope Terminator wasn't a leaked draft of the future? This session looks at how AI is reshaping operational technology — for defenders, for adversaries, and for the engineers caught in the middle. We'll talk through marketing theater, examine where AI belongs (and absolutely doesn't) in safety-critical environments, and leave you with a practical lens for governing AI in OT without slowing the mission. Spoiler: the answer isn't terror, prayer, or Skynet. It's planning and creativity.

Dynamic and evolving cybersecurity risks cannot be governed by static policy. As exposure shifts across the employee lifecycle spanning roles, pressures and everyday decisions, culture becomes an organization's primary control surface. What is rewarded, tolerated, and reinforced by management practices will define real-world security outcomes, with successful

AI promises faster answers, smarter workflows, and meaningful productivity gains, but without proper guardrails, it can also expose sensitive data and introduce new compliance risks. AI doesn’t understand what should be accessed, only what can be accessed. As a result, over-permissioned users, misclassified data, and legacy access issues can quickly lead to unintended data exposure. Join Winslow Technology Group and Netwrix virtually on February 24th to learn how to prepare your environment for safe AI adoption by strengthening data and identity security, reducing risk, and enabling AI with confidence. In this webinar, you’ll learn how to: - Identify the data and identity risks AI can unintentionally amplify - Understand how over-permissioned access and misclassified data lead to exposure - Build the right guardrails to support secure, compliant AI adoption

Generative AI has introduced powerful new social engineering techniques. Organizations must develop strategies to detect prompt manipulation, synthetic media, and AI-enabled deception.

Agentic AI systems are increasingly relying on LLMs as routing and decision layers, but those decisions are not purely technical. This session introduces “Consensus Contagion,” a deterministic exploit showing how injected high-status personas can override engineering logic due to RLHF-driven bias. It highlights a critical new attack surface in AI pipelines and offers a path toward more secure, purpose-built architectures.

This session breaks down quantum computing in practical terms—what it is, where it stands today, and what’s coming next. From Q-Day and its impact on modern cryptography to emerging threats like “harvest now, decrypt later,” it connects the dots between theory and real-world risk. Attendees will also gain insight into NIST PQC standards, Canada’s position on quantum security, and how to begin building a post-quantum migration strategy.

Security awareness doesn’t start at completion—it starts at engagement. This session reframes how we measure training success by focusing on the full employee journey, from initial awareness to participation and completion. Learn how to identify drop-off points, apply stage-based metrics, and design campaigns that drive genuine, voluntary engagement—not just check-the-box results.

Take a break on your own schedule, recharge, and continue the conversation with peers across the cybersecurity community.

Cybersecurity has become increasingly sophisticated, yet trust in systems, teams, and leadership continues to erode. This session explores why the human layer remains one of the most critical and neglected components of security, and why it cannot be “patched” like a technical vulnerability. From breakdowns in communication and overreliance on tools to burnout and misaligned incentives, we examine how organizations are losing trust internally and externally. Designed for both practitioners and executives, this talk offers a candid look at the consequences of sidelining human factors and outlines practical approaches to rebuilding trust as a core element of resilient security programs.

Security strategies are often well-designed at the top but fail where they matter most: at the point of execution. This session explores the “last mile problem” in cybersecurity, where policies, controls, and frameworks break down as they move from strategy into day-to-day operations. From gaps in communication and ownership to tool overload and competing priorities, we examine why execution consistently falls short despite strong intent. Designed for both practitioners and executives, this talk provides a clear view of where breakdowns occur and offers practical approaches to closing the gap between security design and real-world implementation.

Take a moment to step away, recharge, and get ready for what’s ahead.

In cybersecurity, we understand the risk of monocultures - systemic fragility, shared blind spots, and failures that cascade at scale.  The GenAI revolution has brought a new facet to the monoculture risk: systems that at a behavioural level reward standardization, convergence, and sameness. Centralized models, shared datasets, and optimization pressures often treat difference as noise to smooth away, even in the name of safety or neutrality. The result is homogenization in both technology and thought, reinforced by economic, cultural, and technical forces alike. This talk explores how to recognize these problems in engineering and in decision-making and offers practical strategies for using commercial AI systems safely, without flattening perspectives.

Every governance framework we rely on assumes a human is in the loop. Someone collects the data, someone makes the decision, someone is accountable. But in modern supply chains, AI systems are already transacting with other AI systems thousands of times per hour, making consequential decisions across organizational boundaries at speeds sometimes no human can review. The machine-to-machine economy is here, and the regulations being drafted to govern it are already obsolete. This session will examine what governance must become when the action lives between organizations rather than within them, and why it will be practitioners, not regulators, who build it first.

An exclusive screening of The WOMEN IN SECURITY Documentary; a powerful film spotlighting the women shaping the future of cybersecurity, intelligence, and protective services. Through candid stories, real-world experiences, and powerful conversations, the documentary explores leadership, resilience, and the impact women continue to have across the security industry. Join us for an inspiring screening followed by a discussion with members of the community.

Cyber risk is now a board-level concern, yet the gap between technical detail and executive decision-making remains a persistent challenge. This session explores how to translate complex security risks into clear, actionable insights that resonate with boards and senior leadership. Designed for both practitioners and executives, it will cover how to frame risk in business terms, align security priorities with organizational objectives, and communicate trade-offs in a way that informs governance and investment decisions. Attendees will gain practical approaches to elevating security conversations from technical reporting to strategic influence.

As organizations rely more on contractors, identity assurance is becoming a critical security control—not just an HR step. This session explores how AI-driven identity spoofing and social engineering are creating new insider-risk pathways, even in mature environments. Attendees will gain a practical roadmap to strengthen contractor onboarding, enforce least privilege, and move from vendor trust to organization-validated, auditable controls.

Today’s rapidly evolving digital landscape demands that agentic AI systems be evaluated not just for capability, but for measurable risk. This workshop equips CISOs and technology leaders to make smarter AI investments by systematically quantifying the risks of deploying autonomous AI agents.
We will explore how to leverage indicators such as agent behavior profiles, decision autonomy levels, and system architecture maturity to calculate a comprehensive Agentic AI Risk Index. Special emphasis will be placed on how organizational agility impacts the safe adoption of AI agents that can plan, act, and interact with enterprise systems.
The session will examine emerging transformation trends, including:
Rapid adoption of agentic AI and its expanded attack surface,
New risk vectors such as prompt injection, tool misuse, and autonomous decision errors.

As organizations layer on controls to manage risk, they often overlook the unintended consequence of security fatigue—where users become overwhelmed, disengaged, or prone to workarounds. This session explores how over-controlled environments can disproportionately impact different user groups, particularly those with varying roles, access needs, or levels of technical familiarity. Designed for both practitioners and executives, it examines the intersection of usability, equity, and security, highlighting how poorly designed controls can introduce new risks rather than reduce them. Attendees will gain practical insight into balancing strong security with inclusive, user-centered design that supports both compliance and real-world effectiveness.

Stretch your legs and take a deep breath!

This moderated panel, led by an industry veteran, brings together accomplished female cybersecurity leaders to share unfiltered lessons from the field. Moving beyond theory, the discussion explores what senior management actually looks for when identifying and promoting leadership potential—credibility under pressure, business alignment, and the ability to influence at the executive level. Panelists will reflect on pivotal career moments, missteps, and the realities of navigating leadership paths in cybersecurity. Designed to motivate and equip, this session offers

Most organizations have the full Defence-in-Depth stack in place—yet breaches continue, driven not by missing controls, but by how they’re used. This session introduces the Extended DiD (E-DiD) Framework, adding four critical layers—governance, culture, AI-driven intelligence, and continuous assurance—to close the real gaps. Walk away with a clear view of where programs fail and a practical 90-day plan to strengthen them.

An exclusive screening of The WOMEN IN SECURITY Documentary; a powerful film spotlighting the women shaping the future of cybersecurity, intelligence, and protective services. Through candid stories, real-world experiences, and powerful conversations, the documentary explores leadership, resilience, and the impact women continue to have across the security industry. Join us for an inspiring screening followed by a discussion with members of the community.

Rigid security models often fail to account for how people actually work, unintentionally excluding users with different needs, roles, or constraints. This session explores how these gaps give rise to shadow workflows—informal, unsanctioned processes that introduce new and often invisible risks. Designed for practitioners and executives, it offers practical approaches to designing more inclusive, adaptable security models that reduce workarounds while strengthening overall resilience.

This session offers a practical starting point for anyone looking to break into cybersecurity. Drawing from personal experience, it introduces a clear Do’s and Don’ts framework to help newcomers build foundational knowledge, gain hands-on experience, and navigate the industry with confidence. Attendees will walk away with actionable guidance, common pitfalls to avoid, and a clearer path into the field.

As Canadian organizations push deeper into data-driven personalization, the boundary between value and intrusion is increasingly blurred. This interactive breakout session invites participants to examine real-world scenarios where privacy expectations—shaped by regulation, culture, and trust—are tested or exceeded. Through guided discussion, attendees will explore practical ways to balance personalization with ethical responsibility, transparency, and user trust in a Canadian context.

An evening of networking and celebration bringing together cybersecurity professionals, leaders, and changemakers from across the industry.

Opening remarks to welcome attendees to an evening celebrating opportunity, innovation, leadership, and the future of cybersecurity, while recognizing the individuals whose long-term contributions have helped shape and strengthen the industry. This session sets the tone for a night focused on connection, impact, and recognition across the cybersecurity community.

A recognition segment celebrating emerging leaders and the mentors whose guidance, leadership, and long-term contributions continue to shape the cybersecurity industry. The Emerging Leader Award recognizes rising talent making an impact early in their careers, while the Mentor Award honours individuals dedicated to guiding, supporting, and empowering the next generation of cybersecurity professionals.

Explores the responsibility that comes with success in cybersecurity and leadership. This fireside chat examines how creating opportunities for yourself eventually becomes a responsibility to create opportunities for others through mentorship, advocacy, leadership, and community-building. Speakers will reflect on the people who helped shape their journeys and discuss how the next generation of talent can be supported, elevated, and empowered across the industry.

A recognition segment honouring leaders who have made a lasting impact through advocacy, leadership, and action within the cybersecurity community. The Woman in Leadership Award celebrates individuals driving meaningful change and innovation across the industry, while the Ally in Action Award recognizes those actively creating more inclusive, supportive, and accessible pathways for others to succeed.

A conversation centered around the responsibility that comes with leadership, influence, and long-term impact in cybersecurity. This fireside chat examines how creating pathways for yourself eventually becomes a responsibility to create pathways for others through mentorship, advocacy, leadership, and community-building.

A special recognition honouring an individual whose long-term contributions, leadership, and dedication have left a lasting impact on the cybersecurity industry. This moment celebrates a legacy of innovation, mentorship, and influence that continues to shape the future of the community and inspire the next generation of leaders.

Reflecting on the long-term impact of leadership, mentorship, and service within the cybersecurity industry. This conversation explores how lasting influence is built over time through resilience, advocacy, innovation, and investing in others. Speakers will share lessons from their journeys, the challenges that shaped them, and the legacy they hope to leave for future generations of cybersecurity leaders.

This session concludes the gala with final reflections on the conversations, connections, and achievements recognized throughout the night.

Establish stakes: AI system embedded in operations (VANTAGE-7)

Maintain momentum

You have 30 minutes

Transition from simulation → real-world application. Use this to wrap up the discussion and use key takeaways for training half.

Facilitated discussion reconnecting to ODTN. Focus on: what happened, where control was lost, what was not understood. Ends with bridge into technical lab.

Set expectations: not technical training, but risk understanding. Reduce intimidation and align executive mindset.

SMEs translate to exec level, challenge assumptions.

SMEs translate to exec level, challenge assumptions.

SMEs translate to exec level, challenge assumptions.

SMEs translate to exec level, challenge assumptions.

SMEs translate to exec level, challenge assumptions.

Tables reflect. SMEs circulate to challenge and deepen thinking.

Guided discussion on Utilize AI: Under Pressure. Executives define actions and ownership.

SME + Instructor answer final questions. Each participant defines one action they will take post-session.