9 Sep 2026
Cologne, Germany
IT Security Summit
Securing an AI-powered enterprise
Register now Become a partner
Rethinking trust, compliance and innovation
The IDC IT Security Summit is the premier event for business, security and technology executives to discuss how trust, governance and resilience can be placed at the heart of digital transformation.rnrnu0026nbsp;rnrnWe are entering a critical phase of digital and cybersecurity development. According to the latest study by IDC, IT security spending in Germany is expected to grow at double-digit rates through 2028, driven by increasing cyber threats, the adoption of AI, and cloud modernisation initiatives. The country’s cybersecurity agenda, which is aligned with the EU AI Act, the NIS2 Directive and DORA, underscores the national commitment to resilience, data protection and digital sovereignty. IDC also notes that software, cloud-native security and analytics solutions will be the fastest-growing segments of the German cybersecurity market as enterprises increasingly adopt integrated and intelligent protection models.
Agenda
The IDC IT Security Summit is the ultimate meeting place for business, security and technology leaders who want to put trust, governance and resilience at the heart of their digital transformation strategies. Join IDC analysts and industry experts to learn how to build trusted digital ecosystems that combine innovation with security. Gain insights into Germany’s most dynamic industries – including finance, energy, manufacturing and public services – and take away actionable concepts that will help you turn security into a strategic differentiator rather than just a reactive cost.
2026 Predictions
By 2028, 40% of organisations will use autonomous, agent-based platforms to quantify cyber risks, converting security metrics into financial risks to guide budgets, controls, and Mu0026A risk assessments.
Key Topics
Regulation, resilience and value creation
Compliance is no longer a burden on the back office, but a strategic factor. We will examine how companies can integrate legal requirements (data protection, cybersecurity laws, new AI/technology rules) into their core businesses and transform requirements into levers for resilience, stakeholder trust and business value. Key topics include cyber-by-design, auditability, supplier responsibility and continuity in the face of disruption.
AI, automation and responsible innovation
AI and intelligent agents are changing the way security is ensured, but with great power comes great risk. We will look at the pragmatic use of AI: governance models, safeguards against misuse, prioritising high-impact use cases, and aligning AI systems with trust, transparency and accountability.
Operation, analytics and reliability engineering
Detection, response, and recovery are now continuous cycles rather than discrete events. We will delve into advanced analytics, managed detection and response, orchestration, external threat visibility (supply chain, third parties), and resilience metrics to operationalise security effectiveness.
The human factor: leadership and culture
Technology alone does not guarantee security. Leadership, culture and skills development must be aligned. We will focus on transforming teams, embedding security responsibility across functions, and empowering leaders to speak the language of risk and trust with the board, CEOs and business units.
Incident and restoration of trust
Violations will always occur, but how a company responds to them is crucial. We cover crisis communication, forensic measures, dealing with regulatory authorities, insurance, restoring stakeholder trust and turning adversity into credibility.
Sector and domain security challenges
Different industries and environments have unique security requirements. We focus on securing critical infrastructure (energy, utilities), connected devices and IoT, healthcare, finance, and new environments such as smart cities and industrial systems.
2026 Predictions
By 2028, AI agents will triage 80% of SOC alerts in most SOCs worldwide.
IDC Analysts
Mark Child
Associate Research Director, Security
IDC Europe
Read Bio
Mark Child
Joel Stradling
Research Director, European Security
IDC
Read Bio
Joel Stradling
As research director for IDC’s European Security practice, Joel Stradling leads the content and analyst team for tracking the European security segment. His main focus area is the integration of network plus security and evolution of network architectures towards software-defined secure access.
Stradling has 20 years of experience as an analyst of international managed enterprise network and IT services. He is a regular speaker at major industry conferences talking about emerging technologies in B2B enterprise network and IT and wholesale carrier-to-carrier services. Joel is a well-known and highly regarded expert in the industry, offering insight and advice to C-level executives on technology competitive landscapes and emerging technologies, such as SD-WAN, 5G, SDN/NFV, and cyber-security.
Duncan Brown
Group Vice President, IDC Europe
IDC
Read Bio
Duncan Brown
Duncan Brown is associate vice president, European Security Practice, at IDC EMEA and leads the firm’s security research program in Europe. He specializes in providing strategic advice to his clients, informing and validating their corporate, product, and marketing plans. Brown is an expert in analyzing the security market globally, and his list of security-related clients includes enterprises, central banks, government organizations, and security product suppliers and services providers. Brown’s expertise spans the gamut of security topics including incident response, threat intelligence, and global privacy issues. He established and leads IDC’s coverage of the global impact of the GDPR, the RPEC (ePrivacy Directive update) and NIS Directive on technology companies and their customers. His analysis and opinions are widely sought by industry leaders and investors, while his comments on industry trends and developments frequently appear in the leading business and trade publications.
You can find Duncan on Twitter here.
Knowledge Hub
The NIS 2 Directive – where are we now?
The deadline for implementing the second EU Directive on the security of network and information systems (NIS 2) expired in October 2024, with only a handful of Member States having fulfilled this task.
Impact of NATO's spending target of 5% of GDP on European ICT expenditure
At the NATO summit in The Hague a few weeks ago, member states committed to spending 5% of their annual GDP on core defence requirements and defence and security-related expenditure by 2035.
IAM 2025: The Rise of the Machines
Identity and access management (IAM) and, consequently, identity security is one of the biggest and most consequential challenges facing all European companies today from an operational and risk management perspective.
Venue
Steigenberger Hotel Köln
Steigenberger Hotel Köln
Habsburgerring 9-13, 50674 Cologne, Germany
Terms & Conditions
Please read BEFORE registering:
The IT Security Summit is aimed at IT and specialist staff from IT user companies in Germany. For the purposes of these conditions of participation, IT user companies are defined as all companies that do not themselves provide consulting services and/or develop, manufacture or distribute information and communication technology (ICT) products or services. Employees of outsourced IT companies who work exclusively for the parent company and do not conduct business with third parties are also eligible to participate. Employees of IT service companies generally only have access to our events through sponsorship. IT provider companies within the meaning of these conditions of participation are hardware, software, service and telecommunications companies as well as consulting firms and ICT service providers. IDC expressly reserves the right to reject registrations from persons who do not belong to the above-mentioned target group, even if the invitation was issued by one of our partners, accidentally by IDC itself or through participation in an online survey. After registering via the online registration form and successful verification by IDC, you will receive a binding confirmation of registration by email.
Not the right event for you?
Don't worry! We organise a variety of events designed to inspire original ideas, share the latest industry knowledge and connect professionals like you. Simply sign up for event invitations and we'll notify you when a new event matches your interests.
Sign up