April 8, 2026
8 AM - 5 PM
Monona Terrace | 1 John Nolen Dr, Madison, WI 53703
We invite security professionals, leaders, and practitioners to take a purposeful step back and reassess the foundations of cybersecurity in an increasingly complex threat landscape. Over the past decade, cyber threats, technologies, and defenses have evolved rapidly—but many of the most impactful breaches still trace back to familiar root causes. This year's Deep608 will reflect on the last ten years of cybersecurity, examining what has truly changed, what has remained surprisingly consistent, and how lessons from the past can better inform today’s security strategies.
Through expert-led discussions and practical insights, the symposium will emphasize the importance of revisiting core cybersecurity principles and hygiene. Topics will include fundamentals such as asset visibility, patching, identity management, and user awareness—areas that are often overlooked as organizations chase the latest tools and trends. By returning “back to back to basics,” attendees will gain a clearer understanding of how strengthening foundational practices can significantly improve resilience, reduce risk, and prepare organizations for the threats ahead.
Josh Yost | Vice President - Technical Product Engineering, Palo Alto Networks
Standard automation has hit a plateau. While traditional SOAR reduced some manual toil, it often traded one type of "busy work" for another: playbook maintenance. To get back to the basics of effective defense, we need automation that understands intent, not just instructions. This presentation dives into the architecture of Agentic Automation within the Cortex ecosystem. We’ll demonstrate how Agentix functions as a digital force multiplier, handling the investigative heavy lifting so analysts can focus on high-context decision-making. Learn how to simplify your operations by automating the sophisticated, not just the mundane.
Nick Krueger | Security Solutions Architect, AE Business Solutions
After 15 years on the customer side of security, I’ve learned that effectiveness often looks very different in practice than it does on paper. This talk focuses on the fundamental practices that consistently work in real environments, and why returning to basics still matters.
Kevin Jacque | Strategic Channel Solution Engineer, CyberArk
The shift to 47 day TLS certificate validity is redefining operational expectations for every organization, changing certificate management from a nice to have to a must have. This presentation highlights why manual processes can no longer keep pace, how shortened lifecycles increase outage and compliance risks, and what leading teams are doing to prepare. It introduces a practical maturity model and automation playbook designed to restore visibility, accountability, and resilience. Ultimately, the session equips organizations to transition from reactive firefighting to proactive, scalable certificate automation.
Zac Wolter | Senior Solutions Engineer, AE Business Solutions
As automation begins influencing firewall rule cleanup and optimization, many environments remain dependent on undocumented intent and tribal knowledge. This breakout explores how structured policy design and disciplined rule modeling determine whether automation strengthens security — or scales architectural blind spots.
Josh Havlik & Michelle Sprague | Senior Information Security Engineer & Information Security Engineer, CapSpecialty
Too often security gets launched at people like a trebuchet of rules; we chose a different path. Security only works when people feel safe engaging with it. This talk shows how approachability and empathy turn everyday interactions into trust. We will explain how we are using fun, rewards, and a cool head to reduce anxiety and build lasting habits. We will share how these principles became the core of our program and why that shift changed outcomes across the company.
John Urbanek | Senior Director of Solution Architecture & Engineering, AE Business Solutions
A follow up to DEEP608v9 "Not Your Daddy's DNS" highlighting how DNS is being used in new ways. DNS now plays a critical role in TLS 1.3 Encrypted Client Hello (ECH) with Type 64 SVCB and Type 65 HTTPS records. Wait, what is ECH? Let's find out. We'll also revisit DNS over HTTPS (DoH) and a few other topics.
Phil Henrickson | Senior Data Scientist Service Delivery, AE Business Solutions
Session description TBD
Andrew Goodman | Director of Product Marketing, Proofpoint
AI is now executing 80-90% of email threats. These campaigns are no longer “spray-and-pray.” They’re precision operations with automated reconnaissance and tailored narratives delivered faster, cheaper, and at massive scale. This session cuts through the “AI vs. AI” noise to give security buyers a practical roadmap for protecting M365. Attendees will leave with a clear threat model for AI-driven email campaigns targeting M365 and a concise understanding of the must-have defenses needed to stop the next wave of AI-powered email attacks.
Hear directly from security leaders in the field as they share real-world experiences, lessons learned, and what’s actually working in today’s cybersecurity landscape. No vendor pitch, just honest insights from those doing the work every day.
Amy Diestler | Chief Information Security Officer, SMPH
ChaChi Gallo | Vice President Information Technology, Michels
Mike Reineck | Director of IT Security, Baird
Shuchi Wadhwa | Global Cybersecurity Strategy Lead, Schreiber Foods
Enjoy lunch in the main hall while networking with your peers. Be sure to walk through the sponsor exhibits if you have the time. If you are gluten free, please find a Monona Terrace wait staff member to assist you.
Robert Chuvala | Security Solutions Architect, AE Business Solutions
In 2015 we were worried about phishing, ransomware, Active Directory abuse, exposed RDP, and alert fatigue. In 2026… we’re worried about phishing, ransomware, Active Directory abuse, exposed management planes, and alert fatigue.
Jestin Moe | Security Solutions Architect, AE Business Solutions
Over the last decade, we’ve been told that “zero trust” and “segmentation everywhere” will fix all our problem when in reality, many organizations still live on flat networks, half baked segmentation projects, and security policies nobody wants to touch. This session goes back to basics on segmentation where we can clearly define boundaries, reduce blast radius, and keep the design boring in the best way possible. We’ll walk through how to segment your environment with identity at the core, instead of relying on traditional static controls.
Griffin Cass | Information Security Architect, UW Credit Union
Here's an uncomfortable question: if a zero-day dropped right now, could you query your inventory and know every affected asset within the hour? If you hesitated, this talk is for you. We're living in an era of non-human identity sprawl, agentic workflows with broad permissions, and copilots indexing data you haven't classified yet. The tools are moving faster than our foundations, and we can't keep stacking advanced capabilities on top of asset inventories held together by institutional knowledge and a spreadsheet from 2019. This session walks through why the CIS 18 Controls are numbered the way they are (hint: it's a dependency chain, not a buffet), dives into the controls where most orgs are quietly struggling, and lands on the part leadership actually wants to hear: how to measure maturity with simple math, crosswalk one framework to many, and start the whole thing for the low price of zero dollars.
Jonathan Lampe | Group Manager, Milwaukee Tool
Vibe-coding with AI assistants has changed the development landscape. LLMs now propose architectures, generate implementations, and even help debug and extend applications. The result is dramatically increased development velocity — and a fundamentally different security landscape.
This talk walks through real observations from building and securing multiple LLM-generated applications. We’ll examine how traditional risks reappear in new forms: implicit trust boundaries, over-permissive defaults, and deferred security controls hidden behind TODO comments. We’ll then explore risks unique to AI-integrated systems, including prompt injection, plausibility-over-truth behavior, multi-LLM authority confusion, and security assumptions expressed only in natural language.
However, AI-driven development does not simply increase risk — it changes how security must be applied. We’ll demonstrate how traditional controls such as threat modeling, RBAC, SAST, and software composition analysis still matter, but must be paired with new practices: scoped LLM roles, prompt-aware testing, and using the model itself to identify and validate security weaknesses.
Attendees will leave with a practical framework for securing applications where the developer is no longer the sole author — and where the fastest path to secure software may involve collaborating with the same AI that created it.
Rob Rodriguez | Senior Director of Engineering, Firemon
What do radio jamming, signal interception, and direction finding have to do with modern cybersecurity? More than you think. Drawing from a decade in Marine Corps signals intelligence and electronic warfare, Rob connects battlefield concepts like signal dominance and spectrum control to today’s security challenges. The tools have changed. The fundamentals have not.
Patrick Ruffino | Infrastructure Solutions Architect, AE Business Solutions
This session positions data protection for identity platforms as the primary focus of your recovery strategy, not an afterthought. Learn how to build resilient backup and recovery for your identity stores, minimize recovery time during breaches or outages, and integrate automated testing so you can prove — not just hope — that you can bring your identity platform back online under pressure.
Mark Stanford | Sales Engineering Director, Cyera
Ten years ago, most organizations believed they knew where their sensitive data lived. Today, data sprawls across multi-cloud infrastructure, SaaS ecosystems, collaboration platforms, and AI environments, often without clear ownership or visibility.
As data scale and complexity outpaced legacy controls, incremental tools built for static environments and periodic scanning could not keep up. This gap gave rise to a new architectural model: the data security platform. We will explore why traditional classification, DLP, and siloed approaches struggled under modern conditions, and how integrated, continuous, and AI-native strategies are reshaping the industry and redefining how organizations manage data risk.
Alessandro Barbieri | Product Line Director, Arista
Arista Networks™ Macro-Segmentation Service - Firewall (MSS-FW) capability for CloudVision® allows dynamic segmentation to be deployed automatically for specific workloads and workflows across modern overlay network virtualization fabrics. MSS-FW addresses a growing gap in security deployment for hybrid data centers. It extends the concept of fine-grained intra-hypervisor security for virtual machines (VMs) to the rest of the data center by enabling dynamic insertion of services for physical devices and non-virtualized devices.
By integrating with native APIs and Palo Alto Networks Panorama™ network security management, MSS-FW learns the security policies, identifies the workloads the firewall needs to inspect, and takes action. Upon identification, MSS-FW steers relevant traffic to the firewall, dynamically inserting the firewall in the path of workload flows. The automation capabilities of Arista MSS-FW allow it to operate autonomously in real time. No special architecture is required to support MSS - Arista’s standard AVD designs will work. This flexibility ensures the successful deployment of security in an enterprise’s private or hybrid cloud.
Stephen Frethem | Field CTO, Varonis
Stephen Frethem, Varonis’ Field CTO, will discuss the evolving cybersecurity landscape and the growing risks AI poses to data security. This presentation advocates for leveraging AI to protect sensitive data and manage access more effectively, underscoring the urgent need for organizations to adapt as these new threats emerge.
Taming AI Chaos: The Enterprise Browser as Your Essential Building Block
Michael Leland | Field CTO, Island
Asgenerative AI adoption hits unprecedented levels, organizations are frequentlyoverwhelmed by the new chaos of shadow AI, data leakage, and evolvingcompliance risks. This session steps away from the hype to focus on thefundamental building blocks of AI safety, exploring how establishing corevisibility, zero-trust governance, and fundamental data protection at thebrowser level is essential for secure adoption. Attendees will leave with afoundational readiness checklist and practical strategies to confidentlyempower their workforce with AI while protecting their most valuable corporatedata.
