GovSec Summit USA
by GovInfoSecurity
June 11, 2026 | virtual
On Demand Through June 19, 2026
Event Overview
The 2026 GovSec Summit USA by GovInfoSecurity, brings together 200+ federal and public-sector CISOs and senior cyber leaders to discuss how cyber leadership is changing as disruption becomes routine. Agencies are no longer responding to isolated incidents, but managing ongoing cyber risk amid policy shifts, persistent threats, and operational strain.
The summit focuses on how leaders are adapting governance, operating models, and decision-making to work effectively in this environment. Sessions emphasize practical approaches to balancing compliance, mission needs, speed, and accountability across complex organizations.
Rather than focusing on tools, the event treats cybersecurity as an enterprise risk and governance issue tied to mission delivery, budgets, coordination, and public trust. Attendees will engage with peers and senior leaders who are shaping modern cyber leadership.
Dr. Meghan Hollis-Peel
Greg Tatum
Jessica Bolton
Danielle Jablanski
Shuchi Agrawal
Todd Pauley
Bryce Carter
Everett Bates
Zechariah Akinpelu
Ravikumar Mukkamala
David Ginn
Joseph Berglund
2025 Speakers
Thought Leaders Leading Deep-Dive Discussions on Stage
ISMG Summits bring the foremost thought leaders and educators in the security space to the stage at interactive workshops and networking events. Learn from the who’s who in the cybersecurity industry, passionate about the latest tools and technology to defend against threats.
Steering Committee
Guiding Our Summit With Industry Expertise
Our Summit Advisory Committee comprises industry visionaries whose guidance ensures the conference programs remain relevant, cutting-edge, and aligned with the most pressing cybersecurity challenges and opportunities – enabling attendees to apply the insights and learnings to their daily work.
Chris Riotta
Rex Booth
Anthony Labbate
Bill Streilein
Densmore Bartly
Justin Ubert
Venue
Conrad New York Downtown
102 N End Avenue, New York, NY 10282
NOTE: All requests to attend will be reviewed by event staff and approved based on professional qualifications and event capacity.
Topic Highlights
2026 Theme: Cyber Defense at Scale: Aligning National Security Urgency with Fiscal Reality
- Governance, Fragmentation, and the Reality of Regulatory Sprawl
- Maintaining Operational Agility in a Strict Regulatory Environment
- People, Budgets, and the Future of Public-Sector Cyber Defense
- From Response to Resilience: Making Post-Incident Reviews Operational
- Modernization Under Constraint: Securing Legacy and Hybrid Environments
What Attendees Will Gain
- Insight into how agencies are operationalizing cyber governance under constant disruption
- Real-world approaches to balancing compliance, mission risk, and speed of execution
- Lessons learned on adapting cybersecurity strategies to achieve long-term resilience
- A peer-driven forum focused on decision-making, accountability, and leadership, not just technology
This summit is designed for CISOs who are not just managing cyber programs, but governing risk as a core function of modern government.
Agenda
Given the ever-evolving nature of cybersecurity, the agenda will be continually updated to feature the most timely and relevant sessions.
10:00 AM - 10:05 AM ET
Chair’s Opening Address
10:05 AM - 10:45 AM ET
Panel Discussion: Navigating Regulatory Fragmentation and Compliance Burdens in Government Cybersecurity
Federal agencies are currently navigating a "two-front war": one against high-velocity, state-sponsored adversaries and another against a regulatory sprawl that threatens to paralyze the defensive mission. This panel examines the urgent move toward "cyber-harmonization" - slashing the bureaucratic "compliance tax" to restore the operational speed and agility required for national resilience. We will explore the frameworks, trilateral coordination strategies, and hard-earned lessons for ensuring that regulatory adherence supports, rather than stifles, the national defense.
- How can agencies leverage cross-agency reciprocity and automated governance to consolidate fragmented regulatory requirements, ensuring that compliance burdens do not impede the rapid defensive response required in an era of conflict?
- What strategies are moving compliance from static “paperwork drills” to real-time mission resilience?
- How can leadership maintain a resilient defensive posture, while using tools such as agentic AI to scale limited teams and navigate a fragmented regulatory landscape that creates administrative friction in a theater of active conflict?
Densmore Bartly,
CISO, U.S House of Representatives
10:45 AM - 11:15 AM ET
Mitigating Data Breaches: Detection, Response, and Containment in Practice
With adversaries moving faster and operating across cloud, on-prem, and legacy systems, early detection and effective containment are critical to limiting impact.
In this session, we examine real-world breach scenarios, explore what works in practice, and discuss how agencies can strengthen their detection, response, and containment capabilities to reduce risk and protect sensitive data.
- Tackle common failure points and improve visibility to prevent breaches from going undetected or escalating
- Strengthen detection, incident response, and containment across hybrid, multi-cloud, and legacy environments
- Prepare government teams to manage complex breaches involving multiple agencies, contractors, and shared services while preserving mission continuity
Vlad Brodsky,
Chief Information Officer & Chief Information Security Officer, OTC Markets Group Inc.
Steve Lenderman,
Head of Fraud Prevention, iSolved, CyberEdBoard Member
Josh Cigna,
Solutions Architect, Yubico
11:15 AM - 11:30 AM ET
Networking Break
11:30 AM - 12:00 PM ET
Essential Collaboration Through Public-Private Partnership
As cyber threats grow more complex, interconnected, and systemic, no single organization—public or private—can defend alone. Effective cybersecurity now depends on trusted collaboration between government agencies and the private sector, combining intelligence sharing, joint response, and aligned incentives. In this fireside chat, senior leaders explore how public-private partnerships can move beyond ad hoc cooperation to become durable, operational alliances that strengthen national resilience and protect critical infrastructure.
- How can government and industry build trust-based partnerships that enable timely, actionable information sharing without increasing risk or burden?
- What models of public-private collaboration have proven most effective during major cyber incidents, and where do gaps still exist?
- How can CISOs align policy, legal frameworks, and operational realities to enable faster, more coordinated response across sectors?
Vincent Stoffer,
Field CTO, Corelight, Inc
12:00 PM - 12:30 PM ET
Applying Advanced Detection and Identity & Access Management in Government
As government agencies face increasingly sophisticated threats, advanced detection and IAM are essential to protecting users, systems, and data across complex environments.
This session draws on practical insights to highlight how agencies can operationalize these capabilities to strengthen defenses, reduce attacker dwell time, and support mission continuity.
- Defend government environments by deploying advanced detection to identify and disrupt threats earlier
- Strengthen identity security by applying modern IAM controls across users, devices, and privileged access
- Integrate detection and IAM to contain incidents faster and limit attacker movement
Chris Wysopal,
Chief Security Evangelist, Veracode
12:30 PM - 1:30 PM ET
Lunch
1:30 PM - 2:00 PM ET
Beyond Response: Addressing the Aftermath of Ransomware Incident
Ransomware incidents do not end when systems are restored or attackers are removed. For government agencies, the true impact — and opportunity — emerges in the days and months that follow.
As attacks grow more targeted and disruptive, agencies must evolve beyond one-time response efforts and adapt their people, processes, and governance in real time and after recovery. This session explores how agencies translate live ransomware incidents into lasting operational improvements, refine decision-making under pressure, and strengthen resilience across technical, legal, communications, and leadership functions, during recovery and well beyond the initial response.
- Examine how agencies should adapt operational priorities, risk tolerance, and mission delivery after a ransomware incident
- Understand how to refine response playbooks post-incident to improve coordination across IT, security, legal, public affairs, and executive leadership
- Identify how agencies can institutionalize lessons learned through after-action reviews, training, exercises, and strengthened external partnerships
Chris Young,
Cybersecurity Enterprise Account Executive, OpenText
2:00 PM - 2:30 PM ET
Hardening the Federal Backbone: Modernizing Critical Infrastructure at the Speed of Mission
Federal agencies are trapped by "legacy debt": essential systems too critical to take offline. Since full replacement is a luxury time won't allow under the present threat landscape, leaders must pivot to "tactical modernization." This fireside chat explores balancing mission stability with urgent AI and zero-trust upgrades. Join us to discuss how to harden the Federal toolkit and ensure operations remain uninterrupted, even while modernizing under fire in a high-intensity threat environment.
- Where do legacy systems present the most critical “single points of failure” for national security missions and how are today’s leadership decisions evolving to mitigate the risk of state-sponsored exploitation?
- In an era of fiscal constraint and active conflict, how can agencies prioritize the modernization of “at-risk” infrastructure without creating gaps in operational continuity?
- How are agencies deploying agentic AI, automated shielding, and sovereign cloud architectures to “wrap” and protect legacy systems, and what leadership mindsets are required to drive this rapid-response modernization?
Kristopher Schroeder,
Founder & CEO, Replica Cyber
2:30 PM - 3:00 PM ET
Defending AI Systems Against Emerging Cyber Attacks
As artificial intelligence becomes embedded in government operations, AI systems are increasingly mission-critical and high-value targets. Emerging cyber threats against AI require strategies that go beyond traditional controls, addressing data integrity, model risk, supply chain exposure, and adversarial manipulation.
This session explores how government leaders can protect AI systems throughout their lifecycle while enabling responsible innovation and mission impact.
- Identify where AI systems pose the greatest risk to government missions and public trust
- Assess and classify AI systems as mission-critical assets to prioritize protection
- Mitigate AI-specific threats including data poisoning, model theft, and adversarial attacks
Tim Hill
VP, Software Engineering, Rocket Software
3:00 PM - 3:15 PM ET
Networking Break
3:15 PM - 3:45 PM ET
Securing the Human Layer: Burnout Prevention as a Cyber Risk Strategy
Cybersecurity leaders currently face a perfect storm of staffing shortages, mounting threat complexity, and systemic burnout. Rather than treating exhaustion as a wellness issue, this session examines burnout as a material risk factor that compromises decision quality, operational continuity, and institutional knowledge.
We move beyond theory to provide a practical, executive-led case study on managing the human layer of security. Participants will explore how burnout was identified as a business risk and implemented targeted interventions, such as embedding psychological safety and tactical reset techniques into high-pressure workflows, without sacrificing performance. By examining leadership interventions and scalable frameworks for team cohesion, attendees will leave with actionable strategies to reduce preventable stress and stabilize retention.
Sandeep Bhide
VP Product Management, ProcessUnity
3:45 PM - 4:15 PM ET
Zero Trust After the Hype: What Actually Works in Government
Zero Trust has become a foundational principle in government cybersecurity strategies, yet many agencies continue to struggle with translating the concept into measurable security outcomes. Beyond frameworks and mandates, leaders must determine what Zero Trust looks like in practice across complex, hybrid, and legacy environments.
In this session, we cut through the hype to share real-world lessons learned, highlight what has proven effective, and discuss how agencies can mature Zero Trust implementations to better reduce risk and support mission objectives.
- How to prioritize Zero Trust capabilities that deliver immediate security value in government environments
- How to apply Zero Trust principles realistically across legacy systems, mission-critical applications, and modern infrastructure
- How to balance investments and measure Zero Trust effectiveness using outcomes beyond compliance
Scott Tenenbaum
Head of Claims, North America, Resilience
David Anderson
CIPP/US, Vice President, Cyber, Woodruff Sawyer - A Gallagher Company
Kimberly Pack
Counsel, Thompson Hine LLP
4:15 pm - 4:55 pm Et
Securing U.S. Government Networks Amid Budget Constraints and the Skills Gap
In an environment of active geopolitical escalation and state-sponsored retaliatory threats, safeguarding critical infrastructure has become an absolute requirement for national stability. This is a mission that must be executed under the dual pressure of flatlined budgets and a widening cybersecurity talent gap that leaves many roles unfilled. This panel examines how leaders can prioritize high-impact defense and maintain operational continuity when both funding and personnel are stretched to their limits.
- How can agencies prioritize cybersecurity investments, including workforce development, when budgets and resources are constrained?
- What cost-effective strategies, technologies, and operating models help mitigate cyber risk while addressing the cybersecurity skills gap?
- How can leaders optimize people, tools, and processes to maintain resilience and mission continuity in a resource-limited environment?
Justin Ubert,
CISO, U.S. Department of Transportation
Imran Khan
VP Cyber Security Transformation Lead, BNP Paribas
4:55 PM - 5:00 PM ET
Chair’s Closing Address
Register
CPE Credits
Our Summits offer Continuing Education Credits. Learn informative and engaging content created specifically for security professionals.