Europe is at a strategic inflection point. According to IDC’s latest research, security spending in Europe is forecast to reach nearly $60 billion by 2028, growing at a compound annual growth rate of around 9.4% from 2025 to 2029. Organizations are responding to intensifying cyber threats, expanding regulatory frameworks such as the EU AI Act, NIS2, GDPR, and DORA, and a surge in stakeholder demand for digital trust and sovereignty. IDC also reports that software and cloud-native security solutions are expected to account for a majority of global security spend by 2028, as enterprises accelerate their adoption of integrated, analytics-driven protection.

At the same time, AI is reshaping the security landscape in Europe. IDC research shows that 38% of European organizations are already investing in AI or Agentic AI, and 43% are actively testing or running proofs of concept, while nearly 70% expect AI-driven disruption within the next 18 months. For European security leaders, this represents both a strategic opportunity and a growing area of risk. AI is enhancing threat detection, automation, and decision-making, yet it is also being exploited by adversaries to scale attacks and manipulate data. As a result, European organizations are prioritizing investments in AI-powered security analytics, identity and access management (IAM), and managed detection and response (MDR) to stay ahead of threats while maintaining transparency, compliance, and ethical governance.

As AI agents, deepfakes, and automated attacks outpace traditional IAM, organisations face a widening identity trust gap. Drawing on Ping Identity’s State of Trust research, this session examines how to move from static authentication to continuous, verified trust – helping security leaders assess their current posture and apply practical, risk-adaptive IAM patterns over the next 12–24 months.

Security is no longer just a technical concern, it’s a strategic business issue. CISOs must translate complex cyber risks into the language of boards and executives, demonstrating how security investments protect value, enable growth, and support enterprise objectives. IDC says that leadership and collaboration are now critical as the CISO will not always have the ability to mandate security measures but will need to work through others.

This panel brings together CISOs to explore how to effectively communicate risk, align security strategy with business priorities, and demonstrate the ROI of cybersecurity initiatives. CISOs will share practical approaches for bridging the gap between technical expertise and boardroom decision-making, building trust with executive leadership, and ensuring security is recognised as a driver of business resilience and competitive advantage.

As enterprises increasingly rely on digital identities, CISOs face the dual challenge of enabling secure access while managing risk across every user, device, and system. Identity breaches are no longer theoretical — they can expose sensitive data, disrupt operations, and erode customer trust.

This presentation will explore how to build and maintain trust in digital identities, implement zero-trust frameworks, enforce identity governance, and balance security with usability. This session will enable you to gain practical insights into protecting their organisation while enabling secure, seamless digital interactions in an increasingly interconnected world.

Trust is at the heart of effective cybersecurity…….but it’s not just about technology. Human behavior drives decisions, influences risk, and shapes security culture across the enterprise. CISOs must understand the psychology behind how employees, executives, and partners perceive and act on security guidance.

This panel brings together CISOs to explore how insights into human behavior can inform security strategy, improve compliance, and reduce risk. During this panel we will discuss practical approaches to building a culture of trust, how to design policies that people actually follow all the while balancing technical controls with human-centric security practices to protect the organisation in an increasingly complex threat landscape.