NIS2, DORA, national strategy 2026–2030: regulatory pressure keeps mounting, and penalties are hitting hard. Yet the CISOs who know how to seize this moment are turning compliance into a competitive edge. How do you make compliance a credibility lever in the boardroom? How do you strike the right balance between technological sovereignty and real economic constraints? This track repositions the CISO where they belong: as a strategic architect.

Deepfakes, autonomous phishing, agents capable of orchestrating intrusions without human intervention — attack speed is outpacing teams’ ability to respond. Meanwhile, Shadow AI is quietly creating invisible vulnerabilities from within. How do you deploy defensive AI at scale without opening new attack surfaces? This track confronts CISOs with their real trade-offs, right now.

The centralised CISO model is running out of steam — overexposed, isolated, facing threats that keep accelerating. The most mature organisations are already redesigning their structures: AI-augmented SOCs, separation of strategic and operational oversight, redefined roles all the way up to the executive committee. This track tackles the questions no one wants to answer yet: how do you build an organisation that holds over time, without burning out your teams or losing effectiveness?

A compromised vendor, a poorly governed third-party access, an invisible dependency — and the entire chain goes down. More than one in three major incidents originates from a third party. Yet most organisations still manage this risk through annual questionnaires. This track explores the shift to dynamic, continuous management: mapping critical failure points, applying Zero Trust to supplier ecosystems, and concrete strategies to contain the spread before it’s too late.

You will be attacked. The real question: are you ready to recover, fast, under the board’s scrutiny? Executive leadership no longer wants dashboards. They want to know what holds under degraded conditions, how quickly, and with what evidence. This track covers the essentials: playbooks, crisis simulation, communication under pressure, managing your team through the storm — and the concrete levers to rebuild trust after the incident.

Energy, healthcare, industry, local authorities: here, a cyberattack doesn’t disrupt an IT system — it paralyses vital infrastructure. OT/IoT environments remain under-protected, hybrid architectures multiply blind spots, and attackers know it. This track is for CISOs and CIOs for whom continuity is not a goal but an obligation — and who must build genuine resilience in environments where there is no margin for error.

The NIS 2 transposition deadline passed in October 2024, yet only a few EU member states had completed the process, creating a climate of uncertainty for many European organizations.

At the 2025 NATO Summit in The Hague, held just a few weeks ago, member states committed to allocating 5% of their annual GDP to defense and security spending, including digital and cyber capabilities by 2035.

Identity and Access Management (IAM), and identity security more broadly, has become one of the most critical and cross-functional challenges for European organizations today, impacting both operational efficiency and risk management.