RSAC 2026: Essential Agenda Guide for Security Leaders

RSA Conference 2026 (RSAC 2026) takes place March 23–26, 2026, at Moscone Center in San Francisco, bringing together over 45,000 security professionals, 700+ exhibitors, and thought leaders from around the world. For CISOs, security architects, Zero Trust program owners, and OT security leaders focused on protecting critical infrastructure, the sheer volume of sessions can be overwhelming.

That's why we created this RSAC 2026 agenda guide for cybersecurity leaders. Elisity's team analyzed the complete RSA Conference 2026 agenda, scanning over 520 sessions to identify the 35 must-attend sessions that matter most to security leaders focused on Zero Trust implementation, microsegmentation, lateral movement prevention, AI security, agentic defense, and IoT/OT protection. Whether you're defending healthcare networks, manufacturing floors, or enterprise data centers, these RSAC 2026 sessions offer practical insights you can apply immediately.

This guide covers essential themes for RSAC 2026: Zero Trust and microsegmentation, OT/ICS security, IoT security, healthcare cybersecurity, compliance and regulations, ransomware defense, and network security. We've organized the best RSAC 2026 sessions by topic, with each entry including session details, abstracts, speaker information with LinkedIn profiles (where available), and direct links to the RSAC 2026 agenda.

Why We Created This RSAC 2026 Agenda Guide for Security Leaders

At Elisity, we understand the challenges security leaders face when implementing Zero Trust architecture and microsegmentation across complex environments. Our platform delivers identity-based segmentation that protects critical assets without requiring agents, network redesigns, or operational disruption. We created this RSAC 2026 session highlights guide to help CISOs, security architects, and network leaders navigate the conference and focus on sessions that address real-world challenges in Zero Trust implementation, AI-driven threats, OT security, and breach readiness.

Whether you're attending RSAC 2026 in person or following along remotely, this curated agenda will help you maximize your conference experience and bring actionable insights back to your organization.

How to Navigate the RSAC 2026 Agenda as a Security Leader

This RSAC 2026 agenda guide organizes sessions into key themes that align with current cybersecurity priorities:

• Zero Trust and Microsegmentation Sessions – Sessions focused on implementing Zero Trust architecture, continuous validation, and identity-based segmentation across IT and OT environments
• AI Security and Agentic Defense – RSAC 2026 sessions covering AI-driven threats, securing AI systems, and leveraging AI for defense
• OT/ICS and Critical Infrastructure Security – Sessions addressing operational technology security, industrial control systems, and critical infrastructure protection
• Cloud, Identity, and SaaS Security – Sessions on cloud security architecture, identity management, and securing SaaS environments
• Healthcare and Medical Device Security – RSAC 2026 sessions specific to healthcare cybersecurity challenges
• Compliance and Regulatory Sessions – Sessions covering emerging regulations, compliance frameworks, and policy developments

Each session listing includes the timeslot, session type, difficulty level, topics covered, speaker information, and a direct link to the RSAC agenda. Sessions marked with LinkedIn profiles allow you to connect with speakers and continue the conversation beyond the conference floor.

Zero Trust 

CSA Summit: Securing the Future of Trust in AI, Cloud & Zero Trust – [CSA-M01]

Timeslot: Monday, Mar 23 | 8:00 AM - 3:00 PM PDT
Type: Seminar
Session Link: View Session Details →

Abstract: For 17 years, the CSA Summit at RSAC Conference has convened global security leaders to shape what's next. In 2026, disruption accelerates through generative and agentic AI, rising regulation, and cloud-first complexity. This year's focus is the duality of AI—Securing AI and AI for Security—alongside cloud assurance, Zero Trust modernization, and digital sovereignty as foundations of trust.

Beyond Zero Trust: Continuous Validation for Modern Enterprise Security – [NCS-M06]

Timeslot: Monday, Mar 23 | 1:10 PM - 2:00 PM PDT
Type: Track Session | Level: Intermediate—Technical
Topics: Identity, Security Strategy & Architecture, Network & Communications Security
Session Link: View Session Details →

Abstract: This talk will show why static Zero Trust is insufficient and introduce Multidimensional Continuous Validation, where trust is re-evaluated throughout each session. Using open-source technologies, it combines mTLS, SSO, and runtime signals—behavior and geolocation—to enforce adaptive policies. Attendees will gain a blueprint and lessons to strengthen enterprise security without vendor lock-in.

Speakers:

• Sanjay Singh — Staff Software Engineer, LinkedIn
• Mitendra Mahto — Engineering Manager, LinkedIn

Identity Crisis: Real-World IAM Failures and the Path to Zero Trust – [LAB2-M06]

Timeslot: Monday, Mar 23 | 1:10 PM - 3:10 PM PDT
Type: Learning Lab | Level: Intermediate—Technical
Topic: Identity
Session Link: View Session Details →

Abstract: Participants in the Lab will explore real-world IAM failures and how they expose gaps in identity programs. This hands-on Lab will use interactive exercises to map breach root causes to zero trust principles, helping participants build practical roadmaps for improving their IAM strategy.

Speakers:

• Matthew Chiodi — Chief Strategy Officer, Cerby

Illusion of Done: Lessons from Zero Trust Missteps for Secure AI Adoption – [PART3-T02]

Timeslot: Tuesday, Mar 24 | 9:40 AM - 10:30 AM PDT
Type: Track Session | Level: Intermediate
Topics: Security Strategy & Architecture, Intersection of AI & Security, Partner Perspectives
Session Link: View Session Details →

Abstract: Security leaders risk repeating Zero Trust's biggest mistake: declaring victory before behaviors and operations change. This session will show how the "illusion of done" is emerging in AI—both securing models, agents, and data pipelines and adopting AI for detection, triage, and response. Attendees will leave with litmus tests, guardrails, and runbook shifts that matter.

Speakers:

• Matt Berry — Global Director, Evangelism & Technical Marketing, SentinelOne

iboss: Navigating 2026 Cyber Risks: AI Agents, Regulatory Evolution & Zero Trust – [BCN-R2]

Timeslot: Thursday, Mar 26 | 11:10 AM - 11:40 AM PDT
Type: Briefing Center
Session Link: View Session Details →

Abstract: Cybersecurity in 2026 faces agentic AI threats, rising regulations, and cloud complexity. This session covers AI-driven attacks, growing compliance demands, and misconfigurations. Learn proactive defense strategies, ethical AI frameworks, and needed capabilities like AI risk assessment, signatureless CASB, GenAI DLP, and Zero Trust for hybrid environments.

Zerac: The Zero Trust Maturity Myth: Why You're Never Really 'Done' – [ESE-4675]

Timeslot: Thursday, Mar 26 | 12:50 PM - 1:10 PM PDT
Type: Briefing Center
Session Link: View Session Details →

Abstract: What if the way we measure Zero Trust progress is actually holding us back? Join security architect Jennifer (JJ) Minella for a fast-paced briefing that cuts through maturity models, previews where ZT is headed next, and shows how teams can build adaptable ZT without massive cost or complexity. We'll close with a brief look at how Zerac supports starting fast and scaling over time.

OT/ICS Security 

What the Enigma Machine Teaches OT Security Professionals – [MASH-M07]

Timeslot: Monday, Mar 23 | 2:20 PM - 3:10 PM PDT
Type: Track Session | Level: Intermediate—Technical
Topics: Security Strategy & Architecture, Mash-Up
Session Link: View Session Details →

Abstract: History repeats itself unless you learn from it. The story of the Enigma Machine and Ultra offers profound lessons for today's OT security professionals. This session will explore parallels between WWII code-breaking and modern ICS/OT security: compartmentalization, information-sharing, intelligence fusion, and the vulnerability of proprietary protocols.

Speakers:

• Andrew Ginter — VP Industrial Security, Waterfall Security Solutions

Global Reach, Local Threat: China's Deep PLC Infiltration – [MASH-M08]

Timeslot: Monday, Mar 23 | 3:30 PM - 4:20 PM PDT
Type: Track Session | Level: Intermediate
Topics: Critical Infrastructure, Mash-Up
Session Link: View Session Details →

Abstract: China-based actors maintain access to US critical infrastructure through deep implants in industrial control PLCs, as disclosed in Salt Typhoon and Volt Typhoon operations. This session will dissect these operations, reveal the scale of the threat, and provide actionable guidance for defenders, operators, and policymakers in industrial environments.

Speakers:

• Joe Slowik — Threat Intelligence Lead, Huntress
• Dragos Lewis — Staff Threat Intel Engineer, Trellix

Securing Industry 5.0: AI-Powered OT in Healthcare, Energy, and Manufacturing – [CRI-T07]

Timeslot: Tuesday, Mar 24 | 11:50 AM - 12:40 PM PDT
Type: Track Session | Level: Intermediate—Technical
Topics: Intersection of AI & Security, Critical Infrastructure
Session Link: View Session Details →

Abstract: Industry 5.0 is here: AI-driven OT across healthcare, energy, and manufacturing. This session will demonstrate how AI is transforming industrial processes and operations, highlight emerging risks tied to this transformation, and provide practical security strategies adapted to the Industry 5.0 operational reality.

Speakers:

• Irina Tsukerman — President, Scarab Rising

AI in ICS/OT Security: Real Gains or Just Buzzwords? – [CRI-W06]

Timeslot: Wednesday, Mar 25 | 11:50 AM - 12:40 PM PDT
Type: Track Session | Level: General
Topics: Intersection of AI & Security, Critical Infrastructure
Session Link: View Session Details →

Abstract: AI has arrived in OT security. Vendors promise transformative capabilities, but is it real or just hype? This panel will separate signal from noise. Practitioners and researchers will discuss where AI delivers measurable value in ICS/OT security and where it falls short. Attendees will leave knowing what to believe, what to question, and what to implement.

Speakers:

• Reid Wightman — VP of OT & ICS Strategy, Dragos
• Marina Krotofil — ICS Cybersecurity Practice Lead, HIMA Group
• Anastasis Keliris — Senior Security Researcher, Brown University
• Gregory Falco — Assistant Professor, Cornell Tech

Security and SBOMs: How to Get a Handle on Your Third Party OT Risk – [CRI-R03]

Timeslot: Thursday, Mar 26 | 10:50 AM - 11:40 AM PDT
Type: Track Session | Level: Intermediate—Technical
Topics: Critical Infrastructure
Session Link: View Session Details →

Abstract: OT environments are built on third-party components with opaque supply chains. Security and Software Bills of Materials (SBOMs) are promising tools for managing third-party OT risk, but adoption is limited. This session will provide a practical guide to understanding, implementing, and operationalizing SBOMs in OT environments.

Speakers:

• Emily Miller — Director, ICS Engineering, Dragos

IoT Security 

Things of Value: Reducing IoT Risk Exposure with Asset Insights – [STH-M09]

Timeslot: Monday, Mar 23 | 3:30 PM - 4:20 PM PDT
Type: Track Session | Level: General
Topics: Securing All the Things
Session Link: View Session Details →

Abstract: IoT asset risk exposure continues to grow. Attackers don't just target devices—they target the value those devices create or support. This session will show how enriching asset intelligence with contextual business value transforms risk prioritization, enabling defenders to focus resources where they matter most.

Speakers:

• Stephen Hilt — Senior Threat Researcher, Trend Micro

Wired & Vulnerable: Securing IoT and ICS Devices from Chip to Cloud – [STH-R03]

Timeslot: Thursday, Mar 26 | 10:50 AM - 11:40 AM PDT
Type: Track Session | Level: Intermediate—Technical
Topics: Hardware Security, Securing All the Things
Session Link: View Session Details →

Abstract: IoT and ICS devices connect critical infrastructure and industrial operations to the internet, creating unprecedented attack surfaces. Security must be built-in at every layer: silicon, firmware, network, and cloud. This session will explore full-stack security strategies from chip to cloud, addressing vulnerabilities at each layer.

Speakers:

• Cristiano Rodrigues — Technical Director, Synopsys Software Integrity Group
• Chris Clark — VP Software Engineering, Synopsys

Healthcare Security 

Securing Medical Devices in Modern Healthcare: Real-World Insights – [HCS-M07]

Timeslot: Monday, Mar 23 | 2:20 PM - 3:10 PM PDT
Type: Track Session | Level: General
Topics: Healthcare Security
Session Link: View Session Details →

Abstract: Medical device security remains one of healthcare's most complex challenges. This session will share real-world experience from large health systems, examining device vulnerabilities, implementation hurdles, and practical strategies that work. Attendees will leave with actionable tactics for securing medical devices at scale.

Speakers:

• Heath Patterson — CISO, IU Health
• Dave Summitt — Director, Cybersecurity, IU Health

Why Ransomware Still Loves Healthcare – [HCS-W05]

Timeslot: Wednesday, Mar 25 | 11:10 AM - 12:00 PM PDT
Type: Track Session | Level: Intermediate
Topics: Healthcare Security
Session Link: View Session Details →

Abstract: Healthcare remains ransomware's most profitable target. Operational pressure, legacy systems, and life-critical workflows create perfect conditions for extortion. This session will analyze why healthcare remains vulnerable, examine recent high-impact attacks, and provide pragmatic defense strategies for under-resourced healthcare security teams.

Speakers:

• Greg Garcia — Executive Director, Health Sector Coordinating Council Cybersecurity Working Group
• Nitin Natarajan — Deputy Director, CISA

Verifying Medical Device Security Claims: What CISOs Need to Know – [HCS-R03]

Timeslot: Thursday, Mar 26 | 10:50 AM - 11:40 AM PDT
Type: Track Session | Level: General—Technical
Topics: Healthcare Security
Session Link: View Session Details →

Abstract: Medical device vendors make bold security claims, but how do CISOs verify them? This session will provide a practical framework for evaluating medical device security: asking the right questions, interpreting test results, assessing patch capabilities, and making informed procurement decisions under regulatory and operational constraints.

Speakers:

• Mark Carrigan — CISO, Harvard Pilgrim Health

Microsegmentation & Network Security 

Ransomware, AI, and 5G: Engineering Resilient Networks for Modern Threats – [NCS-M09]

Timeslot: Monday, Mar 23 | 3:30 PM - 4:20 PM PDT
Type: Track Session | Level: Intermediate—Technical
Topics: Network & Communications Security
Session Link: View Session Details →

Abstract: Modern networks face converging threats: ransomware, AI-driven attacks, and 5G expansion. Traditional network defenses are insufficient. This session will present an engineering-focused approach to building resilient network architectures that withstand these modern threats through defense-in-depth, microsegmentation, and adaptive security controls.

Speakers:

• Rodney Petersen — CISO & CIO, EDUCAUSE

Ransomware in 2026: Where Are We Now and What's Next? – [HTC-T06]

Timeslot: Tuesday, Mar 24 | 11:50 AM - 12:40 PM PDT
Type: Track Session | Level: General
Topics: Hackers & Threats
Session Link: View Session Details →

Abstract: Ransomware remains one of the most damaging cyberthreats. This session will provide a 2026 state-of-the-art assessment: how ransomware operations have evolved, which tactics are succeeding, what defenses work, and what's coming next. Attendees will leave with an updated threat model and practical defensive strategies.

Speakers:

• Josephine Wolff — Associate Professor of Cybersecurity Policy, Tufts University

Geopolitical Risk in Cybersecurity Strategy: A Practitioner's Framework – [POL-W01]

Timeslot: Wednesday, Mar 25 | 8:00 AM - 8:50 AM PDT
Type: Track Session | Level: Intermediate
Topics: Policy & Government
Session Link: View Session Details →

Abstract: Geopolitical tensions now directly impact cybersecurity operations. Nation-state activity, supply chain restrictions, regulatory fragmentation, and data localization requirements force CISOs to become geopolitical risk managers. This session will provide a framework for integrating geopolitical risk into security strategy.

Speakers:

• Chris Inglis — Former National Cyber Director, United States
• Kiersten Todt — Chief of Staff, Cybersecurity and Infrastructure Security Agency (CISA)

Reducing Breach Impact: Designing for Containment, Not Just Prevention – [HTC-W05]

Timeslot: Wednesday, Mar 25 | 11:10 AM - 12:00 PM PDT
Type: Track Session | Level: Intermediate
Topics: Security Strategy & Architecture, Hackers & Threats
Session Link: View Session Details →

Abstract: Prevention will fail. What matters is containment. Organizations that design security architectures for breach containment suffer less damage, recover faster, and maintain operations during incidents. This session will explore containment-first security design: segmentation, privilege reduction, and recovery engineering.

Speakers:

• Sounil Yu — CISO & Head of Research, JupiterOne

Compliance & Regulations 

SEC Cyber Rule Impact: One Year Later – [POL-M06]

Timeslot: Monday, Mar 23 | 1:10 PM - 2:00 PM PDT
Type: Track Session | Level: General
Topics: Policy & Government
Session Link: View Session Details →

Abstract: One year after the SEC cybersecurity disclosure rule took effect, what have we learned? This session will analyze compliance experiences, disclosure trends, enforcement actions, and practical implications for public companies. Attendees will gain insights into what's working, what's challenging, and what to expect next.

Speakers:

• Megan Brown — Partner, Wiley Rein LLP
• Kathleen Moriarty — CISO, Yale University

NIS2: What Global Organizations Need to Know About EU Compliance – [POL-T03]

Timeslot: Tuesday, Mar 24 | 10:00 AM - 10:50 AM PDT
Type: Track Session | Level: General
Topics: Policy & Government
Session Link: View Session Details →

Abstract: The EU's NIS2 Directive expands cybersecurity requirements across critical sectors and supply chains. Non-compliance risks significant penalties and operational restrictions. This session will explain NIS2's requirements, identify affected organizations, and provide practical compliance strategies for global organizations operating in or with EU entities.

Speakers:

• Steven Chabinsky — Senior Of Counsel, White & Case
• Tatyana Bolton — Partner, White & Case

Cyber Insurance in 2026: Coverage, Claims, and What Actually Gets Paid – [SECB-W04]

Timeslot: Wednesday, Mar 25 | 10:20 AM - 11:10 AM PDT
Type: Track Session | Level: General
Topics: Security Business
Session Link: View Session Details →

Abstract: Cyber insurance has matured from niche product to risk management essential. But coverage exclusions, claims disputes, and underwriting requirements remain complex. This session will demystify cyber insurance: what's actually covered, how claims work, what drives premiums, and how to maximize the value of your policy.

Speakers:

• Michael Lightner — Founder & CEO, Resilience Cyber Insurance Solutions

AI Regulation Around the World: What Security Leaders Must Track – [POL-R02]

Timeslot: Thursday, Mar 26 | 9:40 AM - 10:30 AM PDT
Type: Track Session | Level: General
Topics: Policy & Government, Intersection of AI & Security
Session Link: View Session Details →

Abstract: AI regulation is accelerating globally. The EU AI Act, state-level US laws, and emerging frameworks in Asia create a patchwork of compliance requirements. Security leaders must understand these regulations to manage liability, ensure compliance, and secure AI systems. This session will map the global AI regulatory landscape.

Speakers:

• Omer Tene — Vice President & Chief Knowledge Officer, International Association of Privacy Professionals (IAPP)

Cloud, Identity & SaaS Security 

Practical Cloud Security for the Real World – [CLD-M05]

Timeslot: Monday, Mar 23 | 12:20 PM - 1:10 PM PDT
Type: Track Session | Level: Intermediate—Technical
Topics: Cloud Security
Session Link: View Session Details →

Abstract: Cloud security tools and frameworks promise comprehensive protection but often fail to address real-world constraints: budget limitations, skill shortages, and organizational politics. This session will present practical cloud security strategies that work within these constraints, focusing on high-impact controls, automation, and pragmatic risk reduction.

Speakers:

• Clint Gibler — Head of Security Research, Semgrep

When SaaS Supply Chains Break: Lessons from Recent Incidents – [CLD-T09]

Timeslot: Tuesday, Mar 24 | 1:15 PM - 2:05 PM PDT
Type: Track Session | Level: Intermediate
Topics: Cloud Security
Session Link: View Session Details →

Abstract: SaaS supply chain incidents—like CrowdStrike's July 2024 outage—demonstrate systemic dependency risk. When critical SaaS providers fail, downstream impacts cascade across industries. This session will analyze recent SaaS supply chain failures, examine root causes, and provide strategies for building resilience against SaaS dependency risk.

Speakers:

• Tarah Wheeler — CEO, Red Queen Dynamics

Beyond Passwords: Phishing-Resistant Authentication at Scale – [IDE-R02]

Timeslot: Thursday, Mar 26 | 9:40 AM - 10:30 AM PDT
Type: Track Session | Level: Intermediate—Technical
Topics: Identity
Session Link: View Session Details →

Abstract: Passwords and legacy MFA are no longer sufficient. Phishing attacks bypass traditional authentication. FIDO2, passkeys, and other phishing-resistant methods offer stronger protection, but deployment at scale is challenging. This session will provide a practical roadmap for implementing phishing-resistant authentication across diverse environments.

Speakers:

• Alex Weinert — VP, Identity Security, Microsoft

Leadership & Career Development 

CISO: The Role We Never Planned For – [SECB-M05]

Timeslot: Monday, Mar 23 | 12:20 PM - 1:10 PM PDT
Type: Track Session | Level: General
Topics: Security Business
Session Link: View Session Details →

Abstract: Few security professionals set out to become CISOs, yet many find themselves in the role. The job demands skills far beyond technical expertise: business acumen, political navigation, crisis management, and board communication. This panel will share honest experiences from CISOs about the transition, the challenges, and what they wish they'd known earlier.

Speakers:

• Helen Patton — Cybersecurity Advisor, Cisco
• Sounil Yu — CISO & Head of Research, JupiterOne
• Wolfgang Goerlich — CISO, Oakland County

Building Cyber Teams That Don't Burn Out – [HRD-T05]

Timeslot: Tuesday, Mar 24 | 10:50 AM - 11:40 AM PDT
Type: Track Session | Level: General
Topics: Career & Workforce Development
Session Link: View Session Details →

Abstract: Cybersecurity teams face relentless pressure: constant threats, alert fatigue, understaffing, and high expectations. Burnout is epidemic. This session will explore practical strategies for building sustainable security teams: workload management, psychological safety, career development, and creating cultures that support long-term effectiveness.

Speakers:

• Caroline Wong — Chief Strategy Officer, Cobalt

Founders & Funders: What's Next in Cybersecurity Innovation? – [INE-W03]

Timeslot: Wednesday, Mar 25 | 9:40 AM - 10:30 AM PDT
Type: Track Session | Level: General
Topics: Investors & Entrepreneurs
Session Link: View Session Details →

Abstract: The cybersecurity venture landscape has shifted dramatically. AI, consolidation pressure, and market saturation have changed the rules. This session will bring together founders and investors to discuss what's getting funded, what's working, what's not, and where the next wave of cybersecurity innovation will come from.

Speakers:

• Heather Hinton — VP Investments, SYN Ventures
• Chenxi Wang — Founder & Managing Partner, Rain Capital
• Eric Byres — CTO & Co-Founder, aDolus Technology

The CISO's Guide to Executive Presence and Board Communication – [SECB-R01]

Timeslot: Thursday, Mar 26 | 9:40 AM - 10:30 AM PDT
Type: Track Session | Level: General
Topics: Security Business
Session Link: View Session Details →

Abstract: Technical expertise won't get CISOs the support they need from executives and boards. Effective communication, strategic framing, and executive presence matter as much as security knowledge. This session will teach CISOs how to communicate with business leaders: translating technical risk into business impact, building credibility, and securing resources.

Speakers:

• Rinki Sethi — CISO, Palo Alto Networks

Network Security & Infrastructure 

Inside the Network Live: Winning as an Incumbent in the Age of AI – [INE-T02]

Timeslot: Tuesday, Mar 24 | 9:40 AM - 10:30 AM PDT
Type: Track Session | Level: General
Topics: Intersection of AI & Security, Investors & Entrepreneurs
Session Link: View Session Details →

Abstract: This session will explore how cyber incumbents plan to win in an AI-centric world. The event will cover their strengths and weaknesses, what can help them survive or lead to their demise. Attendees will leave with insight into a key question: can incumbents turn scale into dominance, or will AI open the door to new challengers?

Speakers:

• Sid Trivedi — Partner, Foundation Capital
• Mahendra R — MD, Secure Octane
• Ross Haleliuk — Founder & CEO, Stealth

The Cutting Edge: Contesting APT Abuse of Networking Devices – [NCS-R02]

Timeslot: Thursday, Mar 26 | 9:40 AM - 10:30 AM PDT
Type: Track Session | Level: Advanced
Topics: Policy & Government, Network & Communications Security, Securing All the Things
Session Link: View Session Details →

Abstract: Networking devices at the enterprise edge are central to Advanced Persistent Threat (APT) campaigns to compromise US critical infrastructure at scale. In this session, prominent edge device vendors, CISA, and international government partners will explain the collaborative approach they have devised to promote strategic, threat-informed product security improvements and counter APT abuse.

Speakers:

• Carl Windsor — CISO, Fortinet Inc
• Christopher Ganas — Director, Product Security, Palo Alto Networks

Disrupting Cybercrime Networks, Successfully, Continuously, and at Scale – [FRP-R03]

Timeslot: Thursday, Mar 26 | 10:50 AM - 11:40 AM PDT
Type: Track Session | Level: General
Topics: Hackers & Threats, Fraud Prevention
Session Link: View Session Details →

Abstract: For years, collaborations like the Conficker Working Group, showed the power of joint action against cybercrime, but such efforts were ad hoc and time-bound. The World Economic Forum's Cybercrime Atlas offers an institutional framework for sustained, cross-border disruption. Attendees in this session will learn how to build and leverage this type of community in their region.

Speakers:

• Derek Manky — Chief Security Strategist & VP Global Threat Intelligence, Fortinet
• Sean Doyle — Lead, Cybercrime Atlas, World Economic Forum
• Alexandra Gerst — Senior Corporate Counsel, Digital Crimes Unit, Microsoft
• Neal Jetton — Director, Cybercrime Directorate, International Criminal Police Organization (INTERPOL)
• Jethro Cornelissen — Investigations Lead, Cybercrime Atlas

CyBeer Ops Networking Reception – [CyBeer]

Timeslot: Tuesday, Mar 24 | 4:15 PM - 6:00 PM PDT
Type: Networking
Session Link: View Session Details →

Abstract: Our annual craft beer event opens RSAC™ Early Stage Expo. Step into this exhibit space to discover nearly 80 rising stars in cybersecurity innovation, offering you a unique chance to connect with the future leaders of the industry. Non-alcoholic beverages and tasty bites will also be served.

Connect with Elisity at RSAC 2026

Whether you're attending RSA Conference 2026 in person or following along remotely, we'd love to connect. Elisity's IdentityGraph™ platform delivers agentless microsegmentation that protects your most critical assets from medical devices and manufacturing systems to enterprise workloads without requiring agents, network redesigns, or operational disruption.

Our platform enables organizations to discover and classify every asset on your network automatically, visualize communication flows and identify risky lateral movement paths, implement Zero Trust segmentation using identity-based policies, and protect IoT, OT, and legacy systems that can't run traditional security agents.

If you're attending RSAC 2026, stop by to see a live demo or schedule a meeting with our team. We look forward to discussing how identity-based microsegmentation can strengthen your security posture.

Frequently Asked Questions About RSAC 2026

What are the must-attend RSAC 2026 sessions for CISOs?

For CISOs attending RSA Conference 2026, we recommend focusing on sessions covering Zero Trust implementation, AI-driven security threats, ransomware defense, board communication, and compliance with emerging regulations like NIS2 and the SEC cyber rule. Key sessions include "Beyond Zero Trust: Continuous Validation for Modern Enterprise Security," "Ransomware in 2026: Where Are We Now and What's Next?," "The CISO's Guide to Executive Presence and Board Communication," and "CISO: The Role We Never Planned For."

How should Zero Trust leaders plan their RSAC 2026 agenda?

Zero Trust program leaders should prioritize RSAC 2026 sessions on microsegmentation, identity-based access controls, continuous validation, and containment architecture. Essential sessions include "Beyond Zero Trust: Continuous Validation for Modern Enterprise Security," "Identity Crisis: Real-World IAM Failures and the Path to Zero Trust," "The Zero Trust Maturity Myth: Why You're Never Really 'Done'," and "Reducing Breach Impact: Designing for Containment, Not Just Prevention." These sessions provide practical frameworks for operationalizing Zero Trust architecture.

What RSAC 2026 sessions focus on critical infrastructure and OT security?

Critical infrastructure and OT security leaders should attend sessions addressing industrial control systems security, AI-powered OT environments, and supply chain risk management. Top RSAC 2026 sessions include "Global Reach, Local Threat: China's Deep PLC Infiltration," "AI in ICS/OT Security: Real Gains or Just Buzzwords?," "Security and SBOMs: How to Get a Handle on Your Third Party OT Risk," "What the Enigma Machine Teaches OT Security Professionals," and "Securing Industry 5.0: AI-Powered OT in Healthcare, Energy, and Manufacturing."

Which RSAC 2026 sessions cover AI security and agentic defense?

RSAC 2026 features multiple sessions on securing AI systems and defending against AI-driven threats. Key sessions include "CSA Summit: Securing the Future of Trust in AI, Cloud & Zero Trust," "Illusion of Done: Lessons from Zero Trust Missteps for Secure AI Adoption," "Securing Industry 5.0: AI-Powered OT in Healthcare, Energy, and Manufacturing," "AI in ICS/OT Security: Real Gains or Just Buzzwords?," "AI Regulation Around the World: What Security Leaders Must Track," and "Navigating 2026 Cyber Risks: AI Agents, Regulatory Evolution & Zero Trust." These sessions cover both offensive and defensive aspects of AI in cybersecurity.

What healthcare security sessions are featured at RSAC 2026?

Healthcare security professionals should attend sessions specifically addressing medical device security, ransomware threats targeting healthcare, and IoT security challenges. Featured RSAC 2026 sessions include "Securing Medical Devices in Modern Healthcare: Real-World Insights," "Why Ransomware Still Loves Healthcare," and "Verifying Medical Device Security Claims: What CISOs Need to Know." These sessions provide practical guidance for protecting healthcare environments and patient-critical systems.

Which RSAC 2026 sessions address microsegmentation and network security?

Network security leaders implementing microsegmentation should attend "Ransomware, AI, and 5G: Engineering Resilient Networks for Modern Threats," "Reducing Breach Impact: Designing for Containment, Not Just Prevention," and "The Cutting Edge: Contesting APT Abuse of Networking Devices." These sessions cover defense-in-depth strategies, containment-first security design, and protecting enterprise edge infrastructure from advanced persistent threats.

What compliance and regulatory sessions are offered at RSAC 2026?

Security leaders managing compliance obligations should prioritize sessions covering emerging regulations and their practical implications. Key RSAC 2026 sessions include "SEC Cyber Rule Impact: One Year Later," "NIS2: What Global Organizations Need to Know About EU Compliance," "AI Regulation Around the World: What Security Leaders Must Track," and "Cyber Insurance in 2026: Coverage, Claims, and What Actually Gets Paid."

Are there RSAC 2026 sessions on IoT and edge device security?

Yes, RSAC 2026 features sessions specifically addressing IoT and edge device security challenges. Recommended sessions include "Things of Value: Reducing IoT Risk Exposure with Asset Insights," "Wired & Vulnerable: Securing IoT and ICS Devices from Chip to Cloud," and "The Cutting Edge: Contesting APT Abuse of Networking Devices." These sessions cover risk prioritization, full-stack security strategies, and protecting network infrastructure from nation-state threats.

Connect with Elisity at RSAC 2026

Whether you're attending RSA Conference 2026 in person or following along remotely, Elisity will be there throughout the week. Our team is participating in key sessions, hosting events, blogging, and recording interviews with security leaders to help you navigate the evolving landscape of Zero Trust, microsegmentation, and critical infrastructure protection.

Elisity's IdentityGraph™ platform delivers agentless microsegmentation that protects your most critical assets, from medical devices and manufacturing systems to enterprise workloads, without requiring agents, network redesigns, or operational disruption.

Our platform enables organizations to discover and classify every asset on your network automatically, visualize communication flows and identify risky lateral movement paths, implement Zero Trust segmentation using identity-based policies, and protect IoT, OT, and legacy systems that can't run traditional security agents.

If you're attending RSAC 2026, we'd love to connect. Stop by to see a live demo, join us at one of our sponsored events, or schedule a meeting with our team. We look forward to discussing how identity-based microsegmentation can strengthen your security posture and help you move beyond buzzwords to operational Zero Trust that actually works.

Schedule a Meeting | Request a Demo | Learn More About Elisity