Welcome ro ROCon 2026!

Federal and defense organizations face persistent nation-state threats, expanding attack surfaces, and increasingly AI-enabled adversaries. While compliance remains necessary, it was never designed to reflect real-time operational risk. Agencies are now at an inflection point where cybersecurity must move beyond periodic compliance and reactive incident response toward a continuous, mission-aligned risk model that prioritizes prevention and security by design. This keynote will outline the next evolution of federal cyber operations through the Federal Risk Operations Center (ROC) and a shift from SOC-centric response to unified risk operations. The session will explore how agencies can integrate visibility, telemetry, threat intelligence, and compliance data into a continuous decision-making model that enables proactive prevention, measurable security outcomes, and reduced mission risk, and will introduce the Federal ROC White Paper and practical steps to begin this transition.

As attack surfaces continue to expand and resources remain constrained, many agencies are rethinking the role of traditional security operations centers. This session will explore how federal and defense organizations are shifting toward Risk Operations Centers that emphasize mission impact over alert volume. Leaders will share how they are managing risk across legacy systems, cloud environments, and OT or IoT systems, and how improved visibility, prioritization, and operational context are reshaping cyber defense in day-to-day operations.

Many agencies have taken the first steps on their Zero Trust journeys, but moving from initial adoption to sustained operational maturity introduces a new set of challenges. This session will explore how federal organizations are advancing Zero Trust across complex enterprise environments, including cloud and hybrid systems. Leaders will share how real-time defense, governance, and attack surface management are evolving, along with emerging considerations such as cryptographic agility and post-quantum readiness as agencies work to secure the future enterprise.

Federal agencies are navigating a growing web of cybersecurity mandates and frameworks while still being expected to deliver mission outcomes at speed. In this session, leaders will discuss how they are turning initiatives such as SWFT, CSRMC, CDM 2.0, FISMA M-24-04, and Continuous Authority to Operate (cATO) models into practical, operational programs. The conversation will highlight lessons learned from bridging policy and execution, automating compliance where possible, and aligning governance requirements with the realities of managing risk in live environments.

Ransomware and disruptive cyber incidents continue to test how quickly and effectively federal organizations can respond under pressure. This session will examine how agencies are improving response velocity under Emergency Cyber Directives, strengthening coordination across organizations, and adapting incident response models for high-stakes operational environments. Leaders will share lessons learned from recent incidents and discuss how preparedness and resilience are evolving across critical sectors.

Securing the Defense Industrial Base is fundamental to national security and mission readiness. This closing session will explore how federal and defense leaders are strengthening DIB cybersecurity through CMMC 2.0, SBOM adoption, and scalable approaches to third-party risk management. The discussion will focus on balancing accountability with feasibility across both large primes and small contractors, and how unified cyber risk management is shaping the future of defense acquisition and resilience.

Thank you for joining us!