Date & Time:
Tuesday, March 10, 2026
08:30 - 17:00

Venue:
Gilley’s Dallas
1135 Botham Jean Blvd.
Dallas, TX 75215

A Different Kind of Security Event

The Infosec Anti-Summit challenges the status quo by creating a space for CISOs and security leaders to engage, collaborate, and share real-world experience.

Through a series of hands-on workshops, tabletop exercises, mock scenarios, and peer-led discussions, the Anti-Summit encourages maximum exchange of ideas in a setting built for trust, candor, and community.

This is not about watching from the sidelines, it is about being part of the conversation. It's not about people on stage talking at the audience, it's about getting people around the table talking with each other.

Identify the challenges. Understand how others are solving them. Develop a strategy to safeguard.

Welcome to the Anti-Summit.

What to Expect at the
Anti-Summit

CISO-Led Agenda

Step into the action with a collaborative TTX simulation designed to test response, resilience, and teamwork. Continue your day with hands-on sessions built around real-world challenges, led by peers who’ve been in the hot seat.

The Cyber Arcade

A live, interactive space where emerging founders, security innovators, and practitioners collide. Test-drive new ideas, swap feedback, and see what’s next without the sales pitch.

Connection Over Convention

Honest, peer-drive discussions about what’s working and what’s not in today’s security landscape. From hallway chats to post-session conversations, it’s all about the people at the InfoSec Anti-Summit.

Agenda

Registration & Breakfast

08:30 - 09:30

Opening Remarks

09:30 - 09:40

Tabletop Exercise

09:40 - 10:40

Omni-Channel Threat Response: A Tabletop Exercise for Business Resilience
Organizations are global engines with many disparate systems and critical moving parts. The threat landscape is vast and the attack surface is growing in complexity. Your customers look to you, to lead in times of disruption and crisis. This exercise will challenge traditional thinking and disrupt the approach to incident and crisis management.

Workshops (Choose Your Adventure)

10:50 - 11:20

Workshop #1: Cloud Security That Keeps Up With the Workloads
Kubernetes, containers, and microservices have outpaced the tools built to secure them. This session dives into runtime cloud security, and the point where threats, misconfigurations, and behavior actually show up.
We’ll break down how runtime detection works, why context matters more than raw CVE counts, and where security teams are drawing the line between signal and noise.
If you’ve been wondering whether runtime insights actually cut through the alert fatigue, this is the place to get honest answers.

Workshop #2: The Real Work of Securing Data Everywhere It Lives
Cloud, SaaS, devices, distributed teams - the attack surface for sensitive data has fully fractured. Meanwhile, compliance pressure is up, keys are sprawled across clouds, and access decisions move faster than security teams can keep up with.
This workshop gets into the weeds of what it takes to control data in motion and at rest across the modern enterprise. We’ll break down identity-first access, encryption that will scale for you, key management that doesn’t collapse under multi-cloud, and what strong tokenization looks like outside of a slide deck.
If you’re responsible for reducing data exposure while keeping the business moving, this one’s for you.

Anti-Roundtable

11:35 - 12:20

Endpoint-Native Security: Cutting Out the Middle Hops
Most SWGs and cloud proxies weren’t built for how people work today. Backhaul, outages, slowdowns - CISOs are tired of fighting the same problems every quarter.
This session explores an alternative: running inspection and policy enforcement directly on the endpoint. We’ll dig into what this approach actually changes - performance, privacy, DLP accuracy, and day-to-day reliability - and where it has limitations.
Come ready to challenge the model, stress-test the assumptions, and see if this holds up under real scrutiny.

CISO-Led Workshops (Choose Your Adventure)

12:30 - 13:00

Workshop #1: Next-Gen Talent and the Human Risk Shift
A lot of people are told to “step up” in security, but no one shows them how. This session is built for the folks who didn’t grow up in big enterprises, don’t sit in boardrooms, and want to learn directly from CISOs who have the scars to prove what works.

We’ll talk about influencing senior leadership when you’re early in your career, finding talent in unconventional places, and building relationships with local schools to grow a wider, more diverse pipeline. We’ll also dig into the shift away from old-school security awareness toward human risk management, and what that means for teams of every size. If you’re looking for real examples instead of theory, this is your room.

Workshop #2: The People Are Still The Point. Talent, Trust, and Leadership in An AI-Driven World
Tech gets most of the attention, but people are doing the real work. As AI changes the shape of entry-level roles and automates the tasks many teams used to rely on for training, security leaders are asking a new set of questions: How do we grow talent now? What should the first years of a security career look like? And how do we build programs that rely more on partnership with the business than deep technical specialization?
This session digs into the leadership challenges ahead, including how to develop employees when early tasks are automated, how to find talent in unconventional places, how to shape a security program around human strengths such as creativity and empathy, and how to guide responsible AI use without slowing the business down. If you prioritize the “people side” of cyber, this is your room.

Lunch

13:00 - 14:00

Anti-Roundtable

14:05 - 14:50

Workshops (Choose Your Adventure)

15:00 - 15:30

Workshop #1: Rethinking GRC with Actionable Data
GRC programs are often weighed down by disjointed tools and outdated workflows. Static reports and manual processes make it difficult to keep pace with today’s dynamic risk environment.

This session explores how a modern Compliance OS can bring structure and clarity to your GRC strategy. Learn how continuous monitoring, integrated applications, and real-time data can streamline audits, improve decision-making, and unlock greater value from your compliance investments.

Walk away with a clearer path to building a GRC program that works with your tech stack, not against it.

Workshop #2: Security That Thinks Like an Attacker, but at Machine Speed
Attackers don’t wait for your quarterly review of exposures, and they don’t follow your workflow. In this session, you’ll experiment with something different: autonomous security that maps attack paths, simulates attacker logic, and tells you what really needs fixing before someone malicious finds it.
We’ll explore how AI-Driven offensive discovery works, what it gets right, where it struggles, and how security teams can actually use it without drowning in noise. We’ll look at intelligent prioritization, continuous testing, and the shift from reactive patching to proactive risk elimination. Then we’ll pressure test the whole model together and see if autonomous defense actually moves the needle, or is it another promise in a crowded category?

CISO-Led Workshops (Choose Your Adventure)

15:45 - 16:15

Workshop #1: Building Governance and Controls for AI After It’s Already Running
Many organizations didn’t plan for generative AI. But GenAI applications are being approved nonetheless. This session begins after LLMs are already being used. Development teams are prompt engineering, pulling internal data, and generating outputs, while security is left to define governance, oversight, and guardrails retroactively. Through a real-world scenario, we will examine the questions that surface only after AI is live: What oversight is actually required? Which controls matter? How do you evaluate vastly different approaches to AI governance, DLP, identity, and “shadow AI” when none cleanly fit your environment? And what are regulators likely to care about next?
This session is a facilitated peer discussion grounded in real decisions rather than theory, creating space to compare approaches, share lessons learned, and understand how others are governing AI once innovation is already in motion.

Workshop #2: The Empathetic Hacker: Cracking the Human Layer of Cyber Leadership
Led by: Joshua Copeland - CISO, Professor, & Best-Selling Author
Cybersecurity doesn’t fail because of technology…it fails because of people.
This workshop, drawn from Joshua Copeland’s The Empathic Hacker, shows how emotional intelligence (EQ) is one of the most overlooked controls in modern security leadership. Using real incidents, neuroscience, and practical frameworks, we connect emotional failures to the technical failures they create.

Participants will learn to spot hidden human vulnerabilities, map their Emotional Kill Chain, run a Personal IR Audit to catch burnout and ego early, apply Cognitive Load Balancing under pressure, and use Empathic Threat Intelligence to read human signals as early-warning telemetry.

We will introduce Governance, Risk and Feelings (GRF), a model for building emotionally safe and high-performance cultures where trust and communication function as governance controls.

Attendees walk away with:
• A practical EQ playbook for SOCs and CISOs
• Tools to monitor emotional drift the same way you monitor system logs
• Techniques to reduce the blast radius of stress
• A blueprint for emotionally resilient teams where people drive outcomes

If you can understand packet flows, you can understand people. This workshop shows you how.