Welcome ro ROCon 2026!

Federal and defense organizations face persistent nation-state threats, expanding attack surfaces, and increasingly AI-enabled adversaries. While compliance remains necessary, it was never designed to reflect real-time operational risk. Agencies are now at an inflection point where cybersecurity must move beyond periodic compliance and reactive incident response toward a continuous, mission-aligned risk model that prioritizes prevention and security by design. This keynote will outline the next evolution of federal cyber operations through the Federal Risk Operations Center (ROC) and a shift from SOC-centric response to unified risk operations. The session will explore how agencies can integrate visibility, telemetry, threat intelligence, and compliance data into a continuous decision-making model that enables proactive prevention, measurable security outcomes, and reduced mission risk, and will introduce the Federal ROC White Paper and practical steps to begin this transition.

As adversaries move at machine speed, federal agencies must rethink how cyber risk is managed and reduced, while also addressing various compliance mandates. In this session, Qualys CEO Sumedh Thakar will share a vision for the Risk Operations Center (ROC), a model that unifies asset and exposure data, validates threats, quantifies mission risk, and accelerates remediation to match the speed of detection. Powered with agentic AI to scale teams, the ROC represents a new approach to helping agencies continuously identify, prioritize, and eliminate cyber risk in a fast, accurate, and cost-effective way.

As attack surfaces continue to expand and resources remain constrained, many agencies are rethinking the role of traditional security operations centers. This session will explore how federal and defense organizations are shifting toward Risk Operations Centers that emphasize mission impact over alert volume. Leaders will share how they are managing risk across legacy systems, cloud environments, and OT or IoT systems, and how improved visibility, prioritization, and operational context are reshaping cyber defense in day-to-day operations.

Artificial intelligence is reshaping the cyber landscape, accelerating both offense and defense and raising new questions about autonomy, speed, and control. This session will examine how federal leaders are preparing for AI-enabled adversaries while thoughtfully evaluating the role of agentic AI and autonomous capabilities in cyber defense. The conversation will explore where these technologies create real operational advantage, the governance challenges they introduce, and how agencies are balancing innovation with trust, accountability, and mission assurance.

Many agencies have taken the first steps on their Zero Trust journeys, but moving from initial adoption to sustained operational maturity introduces a new set of challenges. This session will explore how federal organizations are advancing Zero Trust across complex enterprise environments, including cloud and hybrid systems. Leaders will share how real-time defense, governance, and attack surface management are evolving, along with emerging considerations such as cryptographic agility and post-quantum readiness as agencies work to secure the future enterprise.

Federal agencies are navigating a growing web of cybersecurity mandates and frameworks while still being expected to deliver mission outcomes at speed. In this session, leaders will discuss how they are turning initiatives such as SWFT, CSRMC, CDM 2.0, FISMA M-24-04, and Continuous Authority to Operate (cATO) models into practical, operational programs. The conversation will highlight lessons learned from bridging policy and execution, automating compliance where possible, and aligning governance requirements with the realities of managing risk in live environments.

As federal agencies accelerate cloud adoption and modern application development, cyber risk is increasingly embedded inside the software supply chain itself. From open-source dependencies to container images and automated CI/CD pipelines, adversaries are exploiting the earliest stages of development to gain downstream access to federal environments. Securing software can no longer be an afterthought or a final gate. It must be continuous, automated, and integrated across the entire development lifecycle. This session will explore how federal leaders are operationalizing Software Bills of Materials (SBOMs), strengthening pipeline security, and protecting cloud and containerized workloads as part of a modern, end-to-end software security strategy. Panelists will discuss how agencies are embedding security into DevSecOps, gaining visibility into components and dependencies, and reducing supply chain risk without slowing mission delivery.

Ransomware and disruptive cyber incidents continue to test how quickly and effectively federal organizations can respond under pressure. This session will examine how agencies are improving response velocity under Emergency Cyber Directives, strengthening coordination across organizations, and adapting incident response models for high-stakes operational environments. Leaders will share lessons learned from recent incidents and discuss how preparedness and resilience are evolving across critical sectors.

Securing the Defense Industrial Base is fundamental to national security and mission readiness. This closing session will explore how federal and defense leaders are strengthening DIB cybersecurity through CMMC 2.0, SBOM adoption, and scalable approaches to third-party risk management. The discussion will focus on balancing accountability with feasibility across both large primes and small contractors, and how unified cyber risk management is shaping the future of defense acquisition and resilience.

Thank you for joining us!