Image: Alla Valente of Forrester speaking at FAIRCON25
The FAIR Institute invites practitioners, innovators, and leaders to submit speaking proposals for FAIRCON26, the premier global conference advancing the science and practice of cyber risk management, taking place October 6–7, 2026.
Following FAIRCON25’s focus on Resetting Cyber Risk in the Age of AI, FAIRCON26 will tackle a more provocative question:
What happens when AI forces a fundamental rethink of how cyber risk is measured, managed, and turned into decisions?
As enterprises rapidly adopt generative AI to unlock the next level of productivity and growth, legacy approaches to cyber risk management are being tested. Models built around manual processes, signals-focused analysis, point-in-time assessments, and siloed workflows are proving inadequate for the speed, scale, and complexity of AI-era risk.
Leading organizations are moving toward something fundamentally different:
- From manual to automated
- From signals-focused to business-impact focused
- From point-in-time to continuous
- From siloed to unified
This is more than modernization. It represents a shift in the operating model of cyber risk itself — and in how decisions will be made.
FAIRCON26 will bring together CISOs, chief risk officers, board directors, regulators, practitioners, and innovators to explore what comes next.
We are seeking practitioner-led, non-vendor presentations that advance this conversation.
FAIRCON25 CISO Panel
Themes of Interest
AI Is Changing the Requirements for Cyber Risk Management
- Why legacy models are breaking in the age of AI
- Moving from manual analysis to automated, adaptive risk management
- Unifying fragmented risk signals into decision-grade intelligence
- Designing continuous cyber risk management for the AI era
From Risk Measurement to Risk Decisions
- Moving beyond risk reporting to decision support
- Using quantified risk to prioritize actions and investments
- Aligning cyber, operational, financial, and strategic decisions through a common risk lens
Resetting Vulnerability Management in the Age of AI
- Moving from CVSS- and severity-driven triage to business-impact driven exposure decisions
- Advancing Continuous Threat Exposure Management (CTEM) through risk-based remediation
- Using AI and automation to improve prioritization, validation, and remediation workflows
- Connecting vulnerability management to enterprise risk decisions and measurable risk reduction
- Rethinking how exposures are quantified, governed, and communicated in an era of AI-accelerated attack dynamics
Continuous and Autonomous Risk Management
- Continuous monitoring, quantification, and decision intelligence
- Agentic AI and automation in cyber risk operations
- Scaling cyber risk management through autonomous workflows
AI Risk, Third-Party Risk, and the Extended Enterprise
- Governing AI vendors and emerging third-party risks
- Integrating configuration, data, and activity awareness into risk assessment
- Managing increasingly interconnected digital ecosystems
Board, Regulatory, and Executive Decision Support
- Equipping boards with decision-grade cyber risk information
- Meeting evolving regulatory expectations through continuous risk intelligence
- Linking cyber investments to measurable risk reduction and business outcomes
FAIR in Practice
- Case studies applying FAIR to improve decisions and outcomes
- Lessons learned building decision-centric cyber risk programs
- Innovations in risk analytics, modeling, and decision support
What We’re Looking For
We especially encourage proposals grounded in:
- Real-world case studies and measurable outcomes
- Practical lessons learned — successes and setbacks alike
- Provocative ideas that challenge legacy approaches
- Cross-functional perspectives spanning cyber, enterprise risk, finance, and governance
- Emerging thinking that helps define the future of cyber risk management
Whether you are modernizing risk management for AI, advancing autonomous TPRM, rethinking vulnerability management, or helping boards make better risk decisions, we want to hear from you.
Key Dates
- Call for Speakers Opens: May 1, 2026
- Proposal Submission Deadline: June 18, 2026
- Selected Speakers Notified: July 16, 2026
- FAIRCON26: October 6–7, 2026
Why Speak at FAIRCON26?
FAIRCON is where the cyber risk management community helps shape the future of the discipline.
As a speaker, you’ll have the opportunity to:
- Contribute to the evolution of modern cyber risk management
- Share your organization’s leadership and innovation
- Engage a uniquely senior audience of decision-makers and practitioners
- Help define how cyber decisions will be made in the Age of AI
Join the Conversation
Cyber risk management is evolving from a measurement discipline into a decision discipline — and AI is accelerating that shift.
FAIRCON26 is about confronting what that means.
If you have a story, insight, or breakthrough that can help organizations move from fragmented, point-in-time approaches toward continuous, unified, decision-centric cyber risk management, we invite you to be part of the program.
Join us in shaping what comes next.
