RSAC 2026 Conference

Monday, March 23

The Shared Perimeter: Turning Threat Intelligence into Sector-Wide Security

Monday, Mar 23 | 9:40 AM – 10:30 AM 
This session, The Shared Perimeter: Turning Threat Intelligence into Sector-Wide Security, will explore how sharing intelligence via a sector’s ISAC transforms reactive security into proactive defense. Discover why collaboration with peers is no longer optional, but rather a strategic imperative for resilience, mitigating systemic risk, and safeguarding critical operations.
Featuring Pam Lindemoen, RH-ISAC Chief Security Officer and VP of Strategy, and Luke Vander Linden, RH-ISAC VP of Membership and Marketing

From Silence to Signal: Breaking Info Sharing Barriers in the Age of AI

Monday, Mar 23 | 2:20 PM – 3:10 PM 
In this session, From Silence to Signal: Breaking Info Sharing Barriers in the Age of AI, leaders from critical infrastructure ISACs (Retail, Health, Finance, Automotive) will discuss cross-sector collaboration, AI used in sophisticated attacks and how ISACs leverage AI for better threat intelligence. Attendees will gain actionable insights on tackling AI-enhanced threats and how to start an information sharing program.
Featuring Pam Lindemoen, RH-ISAC Chief Security Officer and VP of Strategy 

Wednesday, March 25

Analyst Alliance: Let’s Talk Cyber Threat Intelligence

Wednesday, March 25 | 9:40 AM – 10:30 AM 
In this interactive discussion, Analyst Alliance: Let’s Talk Cyber Threat Intelligence, participants will both explore challenges and propose solutions to cyber threat intelligence sharing. Facilitators will guide table talks that dive into the benefits and obstacles of CTI and highlight work being done by the different Information Sharing and Analysis Centers.
Featuring Pam Lindemoen, RH-ISAC Chief Security Officer and VP of Strategy and Jackie Deloplaine, RH-ISAC Director of Strategic Partnerships and Engagement

Monday, March 23

From Alerts to Action: Operationalize Threat Intel for Enterprise Incidents

Monday, March 23 | 8:30 AM – 9:20 AM 
Protecting the Bullseye requires more than strong defenses—it takes seamless collaboration between cyber intelligence and enterprise incident response. Leaders from Target’s CTI and Enterprise Incident Management (EIM) teams will share how a two-way intelligence exchange turns static reports into living, actionable insight, strengthening defenses and building resilience.
Featuring Ryan Miller, Sr. Dir., Technology, Target and Terry Woodman, Dir, Cyber Defense, Enterprise Incident Management, Target

Beyond Resilience: Building Anti-Fragile Cyber Systems

Monday, March 23 | 10:50 AM – 11:40 AM 
Learn how security can grow stronger under stress. This session will explain anti-fragility through Zero Trust, while also showing how segmentation and dependency mapping expose risks and speed troubleshooting. Attendees will gain metrics and steps to move beyond traditional resilience.
Featuring Anthony Rodriguez, AVP, Application Security Engineering & Threat Management, CVS Health

Tuesday, March 24

Building an Agentic SOC: Practical Ways Defenders Win with AI

Tuesday, March 24 | 9:40 AM – 10:30 AM 
This session will share real SOC lessons from a leading SecOps provider. Learn what works now: when to trust automation, when to keep humans involved, and how to redesign workflows for effective defense. Attendees will gain practical strategies for an Agentic SOC—prioritizing use cases, measuring impact, and scaling AI-driven defenses safely.
Featuring Ashwin Rajendra, Manager, Detection & Automation Engineering, Kimberly Clark

How Do You Find Value in Cyber Deception?

Tuesday, March 24 | 1:15 PM – 2:05 PM
As cyber deception strategists discover more companies integrating cyber deception technologies or deception functions into their information security enterprise, the singular challenge for most leaders is how cyber deception is measured and valued in their organizations. Attendees in this session will discuss development and sustainability of most cyber deception programs.
Featuring Tim Pappa, Cyber Deception Strategy, IR, Walmart Global Tech

Foes, Felons, and Friends: Advocating for a Dangerously Talented Community

Tuesday, March 24 | 2:25 PM – 3:15 PM 
A former FBI cyber behavioral profiler will share his research findings and the policy and personal challenges he has faced in the past year, advocating for foreign cybercriminal felons trying to rebuild their lives in the United States.
Featuring Tim Pappa, Cyber Deception Strategy, IR, Walmart Global Tech

Wednesday, March 25

Tracking Spoofed Domains Driving Crypto and Remote Job Scams – Invite Only

Wednesday, March 25 | 9:40 AM – 10:30 AM 
Over the past year, Target’s Cyber Threat Intelligence team tracked a sophisticated scam by a threat actor dubbed “Monti,” who registered over 164 domains impersonating Target to execute crypto-based remote job scams. This talk will walk attendees through Monti’s full kill chain, from domain registration patterns to Bitcoin wallet attribution. We’ll share detection tips and lessons learned.
Featuring Christopher De La Rosa, Lead Threat Intelligence Analyst, Target and Ryan Miller, Senior Director, Technology, Target Corporation

From Boardroom to Breakthrough: How CISOs Can Help Shape the Next Big Thing

Wednesday, March 25 | 9:40 AM – 10:30 AM 
CISOs are no longer just customers, they’re catalysts shaping the future of cybersecurity. This session will bring together security leaders turned advisors and investors to explore how CISOs influence startup roadmaps, guide founders, and help innovation align with enterprise needs. Attendees will learn how operational insight drives market-ready solutions.
Featuring Marnie Wilking, CSO, Booking.com

No Bucks? No Problem! How to Thrive in the World of Flat Budget – Invite Only

Wednesday, March 25 | 1:15 PM – 2:05 PM
Flat budgets may be the new reality, but they don’t have to stall your cybersecurity strategy and continuous posture improvement efforts. Learn how to manage spend with precision, leverage vendor relationships, and negotiate smarter contracts to eke more out of your cyber budget. This session offers a practical framework to maximize impact, build influence, and thrive—even when dollars are scarce.
Featuring Paul Suarez, VP & CISO, Casey’s General Stores

Sustainable AI in AppSec: Building Programs That Last

Wednesday, March 25 | 2:25 PM – 3:15 PM 
AI is entering AppSec fast—scanning code, triaging alerts, even writing policies—but quick fixes without strategy fail. This session will share a framework for sustainable AI-powered AppSec, balancing efficiency, trust, and ethics. Learn where AI adds value, where humans stay critical, and leave with a blueprint that can be applied immediately.
Featuring David Kosorok, Director, Information Security Programs, Toast, Inc.

Thursday, March 26

AppSec Leadership: From Chaos to Clarity in a Rapidly Changing Landscape

Thursday, March 26 | 10:50 AM – 11:40 AM
Security leaders navigate change while building programs that last. Attendees will talk with peers and share how they’ve moved from reactive chaos to sustainable clarity, establishing focus, metrics, and trust with engineering. Explore what works in Security Champions programs, where AI genuinely helps versus introduces risk, and how leaders maintain team morale and purpose amid transformation.
Featuring David Kosorok, Director, Information Security Programs, Toast, Inc.

Managing the Moment: Stakeholder Communication in Cyber Incidents

Thursday, March 26 | 10:50 AM – 11:40 AM
Cyber incidents test more than technology—they test leadership and communication skills. This panel explores how CISOs should prepare for crisis communications, define triggers and escalation paths, manage stakeholders during an incident, and continuously evolve training based on real-world lessons. Learn what works (and what to avoid) when pressure is highest and trust is on the line.
Featuring Michael Simmons, CISO, Ulta Beauty

AI on Trial: How CISOs Navigate Hype, Risk, and Accountability

Thursday, March 26 | 1:30 PM – 2:20 PM 
Boards expect growth. Executives expect speed. Shareholders expect confidence. Regulators expect control. In the middle sits the CISO, expected to be both accelerator and brake, innovator and risk governor. In this session, CISOs will discuss the reality behind enterprise AI adoption when ambition is outpacing governance, accountability is fragmented, and the consequences of failure are very real.
Featuring Marnie Wilking, CSO, Booking.com

Wednesday, March 25

Model Context Protocol in the Real World: Securing Agentic AI at the Tool and Data Boundary

Wednesday, March 25 | 7:30 AM – 9:00 AM
Join IANS for a discussion about how Model Context Protocol (MCP) is rapidly becoming the standard interface for how agentic AI systems access tools, data, and enterprise capabilities. MCP defines connectivity, not control. In this breakfast session, he’ll walk through what MCP looks like in real deployments, where security breaks down at the prompt and tool boundaries, and how teams are pairing MCP with runtime guardrails and data-aware controls to safely operate agentic AI at scale. Location: Clancy Hotel- Room Lotline B
Featuring IANS Faculty George Gerchow

Securing the Agentic Enterprise: A CSO’s Roadmap for the AI Era

Wednesday, March 25 | 8:30 AM – 9:30 AM
Explore strategies for securing AI’s evolution from productivity tool to autonomous agent ecosystems. Learn to defend the AI continuum — conditional, agentic, and autonomous — against weaponized threats across infrastructure, applications, and networks. Attendees will gain practical strategies to secure the organization’s AI journey.
Featuring Boaz Gelbord, Chief Security Officer, Akamai

Tuesday, March 24

Breakfast Book Signing

Tuesday, March 24 | 7:30 AM – 9:00 AM
Drop in for breakfast and meet IANS Faculty Sounil Yu and Jason Garbis for an exclusive book‑signing session. Enjoy a relaxed start to your day, connect with peers, and take home signed copies of their books .
Location: Clancy Hotel, Room-Lotline B
REGISTER

Tasting Tuesday Happy Hour

Tuesday, March 24 | 5:00 PM – 7:00 PM
Google Cloud Security and its partners will host a happy hour for all cybersecurity professionals on Tuesday, March 24, 2026. Join us at the San Francisco Marriott Marquis for a chance to connect with friends old and new.
Location: San Francisco Marriott Marquis, Lower Level B2
REGISTER 

Akamai Oasis Party

Tuesday, March 24 | 5:30 PM – 8:30 PM
Unwind, connect with security leaders, and recharge away from the chaos. Join us for bites, beverages & beats at the Akamai Oasis Party
Location: Hotel Zetta
REGISTER 

Wednesday, March 25

CxO Casino Night

Wednesday, March 25 | 7:00 PM – 10:00 PM
 By night three of RSAC, you’ve earned a night of unwinding. Cloudflare’s invite-only CxO Casino Night is where unscripted networking meets high-stakes entertainment—all for a greater cause! Register today before space is gone!
Location: SPIN San Francisco
REGISTER

March 23 – 25

Palo Alto Networks

Join us in San Francisco for a week of unparalleled experiences as Palo Alto Networks takes over the city. From exclusive C-suite gatherings and thought-leadership sessions to the latest product showcases, we are bringing the future of cybersecurity to you across three dynamic event pillars. Prepare for a week of high-impact networking, deep dives into innovation, and elevated experiences designed to drive your success.

We’re transforming the Canopy by Hilton from March 23-26 into the ultimate Palo Alto Networks destination, a continuous hub for learning, connection, and exclusive engagement. Located near the Moscone Center, this is your home base for strategic conversations.
Location: Canopy by Hilton 

Informal RH-ISAC Member Meet Up

Sunday, March 22  |  Tuesday, March  24   |  Wednesday, March 25
4:00 – 6:00 PM

Join RH-ISAC staffers at Marriott Union Square for some beverages and networking. No formal agenda or menu – just swing by to informally meet fellow RH-ISAC members who in town for the show! The RH-ISAC staff will be there from 4:00 p.m. – 6:00 p.m. on Sunday, Tuesday, and Wednesday.

Marriott Union Square
480 Sutter Street
San Francisco, CA 94108
Bin480 Bar (lobby level)