As AI becomes more deeply embedded in enterprise workflows, the security of training and operational data is paramount. In this session, explore practical strategies for ensuring that data used in AI systems is protected from ingestion through to deployment—without stalling innovation.

• Embedding data protection and classification early in the AI development lifecycle
• Securing data pipelines and access controls for sensitive training datasets
• Preventing data leakage, prompt injection, and model inversion attacks
• Building internal standards for responsible AI data handling and governance

As artificial intelligence transforms industries, organizations increasingly view it as a catalyst for operational efficiency and innovation. Yet with its promise comes a new wave of regulatory, ethical, and governance challenges that leaders must proactively address.

In this session, Michael Siegrist will outline a strategic framework for identifying, managing, and governing AI-related risks across the enterprise. Attendees will gain practical guidance on:

• How AI technologies and evolving regulatory landscapes are redefining enterprise risk and compliance strategies
• Proven practices for creating a unified, enterprise-wide approach to risk management in the age of intelligent systems

As global data transfer rules tighten, businesses must navigate complex regulations to ensure secure and compliant data flows. In this session, we’ll dive into the challenges surrounding cross-border data transfers and the evolving US privacy regulations, such as the CCPA, CPRA, and the proposed ADPPA.

• Addressing the complexities of cross-border data transfers under the EU-US Data Privacy Framework and other international regulations
• Managing data privacy compliance within the US, including the CCPA, CPRA, and emerging regulations
• Implementing strategies to meet global compliance while maintaining operational flexibility
• Leveraging technology, including AI, to stay ahead of evolving cross-border data laws

‍

An interactive session where attendees collaborate to handle a simulated data breach, focusing on immediate response, communication, and mitigation strategies.

In an era where digital transformation, global data regulations, and emerging AI-driven risks are constantly reshaping the landscape, the collaboration between Privacy and Security leadership has never been more critical. In this fireside chat, the Chief Information Security Officer and Chief Privacy Officer from Booking Holdings share how they stay ahead of change, align strategy across complex organizations, and build a culture of trust and accountability.

Together, they’ll explore:

• How privacy and security teams can align to protect customer and employee data across diverse markets
• Balancing innovation with compliance — enabling global operations without slowing the business
• Lessons learned from navigating conflicting and fast-evolving regulatory requirements
• How evolving threats and AI-driven risks are reshaping collaboration between privacy and security

AI runs on data- sensitive, regulated, and often exposed. As organizations adopt AI, the challenge isn’t just building models, it’s protecting the data that fuels them, the IP they create, and the compliance obligations that follow. This session unpacks how to secure AI at the data layer: discovering and classifying what feeds your models, controlling who can access it, and ensuring compliance without slowing innovation.

Explore a pragmatic approach to AI governance - how to harness executive momentum, align innovation with accountability, and lead digital transformation without compromise.

This panel explores how to build trust while delivering new digital experiences, navigate evolving regulatory environments, and turn data protection into a business enabler.

• How can teams protect personal data without slowing down digital delivery?
• What does effective “privacy by design” look like in real-world innovation?
• How can privacy and security be positioned as value drivers, not just compliance tasks?
• What strategies help maintain customer trust as data usage becomes more complex?

Delegates will chose from a list of pertinent peer-to-peer discussion topics focussing on evolving and emerging trends, techniques and technologies

Test your knowledge against your peers for a prize with 10 quick-fire questions!

This interview explores what really happens in the critical moments of a data breach and the long months of investigation that follow. Patrick Burke shares insights from leading cyber exams at the New York State Department of Financial Services and managing live breach response inside corporate SOCs.

• What unfolds in the first 60 minutes after a breach is discovered
• How to manage months of forensic discovery, evidence review, and notification obligations
• How to communicate with regulators and stakeholders during an active investigation
• What the regulator sees that companies often miss, and how both sides can learn from each other

In this session, we’ll take a live pulse of the room on six big-picture questions. The results will drive a candid, expert-led discussion on what they reveal about where we are — and where we’re heading.

• In today’s environment, what should be the primary purpose of the security function?
• What’s the most effective way to influence company-wide behaviour change around data protection?
• Is AI the silver bullet for protecting our data moving forward?
• What's the biggest driver behind current data protection investments?
• Where should security leaders should spend more time and money?

‍