Baltimore Cybersecurity Conference

Attackers aren’t breaking in anymore — they’re logging in. Join Varonis security experts as they break down the 2026 Attacker’s Playbook and reveal how modern adversaries use AI, trusted tools, and misconfigurations to move through your environment undetected. In this fast‑paced session, you’ll walk away with clear insights into how attackers actually operate today — the tools they abuse, the trust relationships they exploit, and the misconfigurations that quietly open the door for them. You’ll leave with practical guidance you can bring back to your team to strengthen defenses and stay ahead of the 2026 threat landscape.

Cloud identity platforms make authentication and access seamless, but recovery is far more complex than most organizations realize. This session explores why AD, Entra ID, and cloud IDPs cannot fully restore identity state, relationships, and cloud-native objects after incidents. Attendees will learn what actually breaks—and what must be rebuilt—across tenants, SaaS integrations, and MFA during identity recovery.

The End of Legacy Network Security, by Todd Ellison, argues for replacing layered, box‑centric designs with outcome‑driven networks where security is native. It champions “security built‑in, not bolted on” via native Zero Trust at the access layer, per‑device isolation to stop lateral movement, and an integrated, cloud‑driven architecture that operates at “cloud speed,” replacing brittle VLAN/ACL/NAC stacks with an identity‑aware fabric that’s continuously current, observable, and assured.

This presentation dives into how AI’s transforming security operations today and shaping cybersecurity’s future. We’ll explore real-world roles like threat detection, automated responses, and predictive analytics, plus insights on booming AI stocks driving these innovations—like key players in the sector and their impact on the market.

In 2026, the gap between technical security metrics and executive business value is wider than ever. Security leaders must move beyond the fatigue of “threat-based” reporting toward a strategy of Proactive Value. This session introduces a Business Value Assessment (BVA) framework that quantifies the financial impact of solving security issues, reduces organizational liability, and amplifies the performance of infrastructure teams without increasing technical debt. Learn how to translate complex AI-driven threat data into a narrative of operational excellence and Board-ready ROI.

Generative and agentic AI are reshaping how data is created, accessed, and distributed across modern environments. As autonomous agents interact with systems and collaborate with users, they introduce new pathways for sensitive-data exposure, privilege expansion, and uncontrolled data propagation.

In this session, we’ll cover:

• How these AI capabilities alter data-risk models and challenge existing governance frameworks
• Key security considerations, including prompt-based data leakage, agent autonomy, monitoring AI-driven workflows, and protecting data used as model inputs
• Practical guidance to support the secure, responsible adoption of generative and agentic AI

We often talk about threats in terms of dollars lost, data stolen, or headlines made. But the real threat lives deeper—in the structure, the strategy, and the growing ambition of the actors behind the screen. Today’s cybercriminals don’t just encrypt files; they build economies, launder, influence, and forge alliances that stretch across borders and industries. In this talk, we’ll peel back the layers of modern cybercrime and explore how loosely affiliated hackers have evolved into organized syndicates. These groups operate more like multinational corporations than rogue disruptors—complete with HR departments, recruitment pipelines, insider relationships, and state protections.