Application Security

From AI-powered systems to real-time web and complex supply chains, today’s applications introduce entirely new security challenges. This track explores how to defend against emerging threats like prompt injection, supply chain attacks, and hidden CI/CD risks — while leveraging AI to strengthen security workflows.

Expect practical insights, real-world lessons, and modern strategies to help you build and operate secure systems at speed.

Offensive Security

The Offensive Security track dives into real-world attack techniques, vulnerabilities, and adversary thinking. From API and OAuth weaknesses to DNS exploits, cloud abuse, and bypassing modern defenses, you’ll see how attackers operate in today’s environments.

Expect hands-on insights into red teaming, reverse engineering, and exploitation — designed to help you understand, detect, and defend against advanced threats.

Cloud & Security Architecture

The Cloud & Security Architecture track explores how to design and secure modern systems in an increasingly complex landscape. From cloud dependency and exit strategies to Infrastructure as Code, CI/CD risks, and large-scale configuration management, we focus on building resilient, well-governed architectures.

You’ll gain practical insights into security by design, cloud and OT convergence, and how to balance speed, innovation, and control in real-world environments.

Identity

The Identity track starts from a simple premise: Identity and access have always been the foundation of security — but now the rest of the organization is finally starting to realize it.

From shared IAM challenges in the public sector and enterprise passkey migration to AI agents entering the workforce ungoverned, we look at how organizations can regain control, visibility, and traceability.

Sessions cover real-world threats — phishing of national eID, deepfake attacks on identity verification, and cloud identity vulnerabilities in Azure and Entra ID — alongside practical responses like using AI to tackle a decade of identity tech debt and preparing for the EU's new enterprise digital wallet.

Risk & Security Management

Risk & Security Management focuses on turning security into real decision support for the business. Moving beyond frameworks, checklists, and governance theatre, the track explores what it actually takes to operationalize risk-based thinking in practice.

From AI and human factors to large-scale security and modern CISO functions, the sessions highlight how to build effective governance, integrate cyber risk into enterprise risk management, and create scalable, business-aligned security.

Culture & Awareness

The Culture & Awareness track explores the human side of cybersecurity, moving beyond awareness campaigns and compliance to what truly shapes secure behavior.

Through insights from psychology, real-world operations, and empirical research, the sessions highlight how culture, leadership, and organizational dynamics influence security outcomes. Expect practical perspectives on building resilient security cultures, measuring what matters, and designing approaches that actually work in complex, real-life environments.

Legal & Compliance

Legal & Compliance brings clarity to an increasingly complex regulatory landscape shaped by geopolitics, AI, and evolving security requirements.

The track explores how to navigate frameworks like NIS2, GDPR, and emerging AI regulation, with a stronger focus on privacy, data protection, and individual rights in practice. It addresses real-world challenges in supplier management, contracts, and accountability, and shows how to turn legal requirements into effective governance, risk management, and operational security.

Supplier Security

Supplier Security focuses on managing and securing the growing risks in complex, interconnected supply chains.

As dependencies increase across vendors, technologies, and geographies, the track explores how to move from compliance-driven supplier assurance to real risk management, resilience, and shared responsibility.

Sessions cover everything from threat actor tactics and geopolitical dependencies to collaboration, contracts, and third-party risk management, with practical insights on how to build secure and resilient supply chains end to end.

Incident Management

The Incident Management track explores what happens when security work moves from theory to pressure: real incidents, hard trade-offs, cross-team coordination, detection quality, and the growing role of AI in SOC and response workflows.

Across the sessions, attendees will see how organizations detect, investigate, contain, recover, communicate, and learn when systems, people, and business expectations all collide.

Forensics

This track explores how emerging technologies redefine digital evidence. We dive into the complexities of mobile and cloud forensics, the rising importance of Linux environments, and the unique challenges of ransomware investigations. You will discover how Artificial Intelligence acts as a force multiplier - automating evidence processing and uncovering hidden patterns in massive datasets. From chain of custody to AI-driven insights, these sessions provide the essential tools for modern forensic investigation and legal proceedings.

Business Continuity & Resilience

The Business Continuity & Resilience track focuses on keeping organizations operational when things go wrong. From crisis planning and recovery strategies to testing, dependencies, and organizational preparedness, the sessions explore what true resilience looks like in practice — beyond checklists and into the decisions, structures, and capabilities that determine whether an organization can withstand and recover from disruption.

National Security

The National Security track explores the intersection of cybersecurity with issues of national and societal importance: critical infrastructure, essential societal functions, and geopolitical conflict.

From space systems and maritime operations to state-led cyber capabilities, sovereignty, and the realities of operating in crisis, the sessions connect strategy, policy, and hands-on experience.

The track is structured around three thematic arcs: cybersecurity across multiple domains, sovereignty and national control, and lessons from Ukraine. It highlights how cyber power is shaping modern conflict, and what it takes to build resilience at the national level.

Cyber crime

The Cybercrime track follows the thread from how the police prioritise cases, investigate incidents, and build situational awareness in the cyber domain, to how these capabilities are used to hunt and disrupt sophisticated international cybercrime networks.

The track culminates in a new exposé of a criminal network carried out by investigative journalists. The result is a realistic update of the ongoing fight against crime in and through cyberspace, and of how law enforcement and partner organisations work together to make the Internet safer.

Threat Intelligence

The Threat Intelligence track explores how to make intelligence matter. With a focus on strategy over operations, the sessions examine how organisations can understand evolving threats, from AI-driven attacks to supply chain exposure, and translate that insight into decisions, resilience, and measurable impact. It gives practical perspectives on how to build intelligence capabilities that are both relevant for the business and usable in practice.

Cryptography

The Cryptography track brings one of cybersecurity’s most complex fields down to earth. From post-quantum migration and election security to a closer look at new and emerging topics, the sessions focus on real-world challenges, trade-offs, and decisions rather than deep theory.

The track demonstrates why cryptography is fundamental to cybersecurity practice, and not just a narrow specialist topic. It provides a timely update on some of the current security challenges we are facing in this area.

Operational Technology

The Operational Technology track is for anyone who wants to understand risk in complex, connected systems—and how to secure them in the real world. OT powers the physical world—from energy and transport to industry and critical infrastructure. When these systems fail or are attacked, the consequences are immediate and tangible. This track gives you a focused introduction to how modern control systems work—and where their real vulnerabilities lie. Through practical examples, real incidents, and industry experience, you’ll see what works in practice, not just in theory. Key frameworks are covered with a clear view of how they’re actually applied. The interplay between OT and IT—and the challenges it creates—is a central theme.

Physical Security

The Physical security track will challenge your assumptions—and give you a stronger foundation for making better security decisions. Physical security is about far more than locks and access cards—it’s about the bigger picture. In this new track, we explore how technology, people, and organizational structures must work together to create real security. You’ll gain insight into why traditional solutions don’t always deliver as expected—and what actually works in practice. Real-world experiences from environments like hospitals and public buildings bring the challenges to life. We also examine how physical and digital security are increasingly converging. Emerging technologies, IoT, and integrated systems introduce both new opportunities and new risks.

Personnel Security

This is the track for those who want to strengthen security where it truly begins—with people. People are both an organization’s greatest asset—and its greatest risk. This track explores how to work systematically with personnel security in an increasingly complex landscape. You’ll hear real stories of what went wrong—and what worked. Research, experience, and practice are brought together to deepen your understanding of insider risk and the evolving threat landscape. We also explore how technology and AI are reshaping human-related risks. You’ll gain practical methods, perspectives, and tools you can apply in your own organization.