Cybersecurity & Ransomware Live! 2026 -- Cybersecurity & Ransomware Live!

Cybersecurity & Ransomware Live! 2026

The Call for Presentations for Cybersecurity & Ransomware Live! 2026 is now OPEN.

Proposals are due: Monday, March 23, 2026 11:59 PM EST

Submit your proposals here: https://sessionize.com/live-360-tech-con-orlando-2026/

Cybersecurity & Ransomware Live! (Part of Live! 360 Tech Con)
November 15-20, 2026
Loews Royal Pacific Resort Conference Center, Orlando, FL.

Cybersecurity & Ransomware Live! (Part of Live! 360 Tech Con) Orlando will offer a combination of in-depth and interactive sessions including workshops, hands-on labs, 75-minute breakouts, and 20-minute fast focuses. We invite you to submit sessions in any and all of these categories, and you may also submit across multiple topic areas.

To help you in creating successful submissions, we want to share some of the considerations that go into our process of selecting our speakers and sessions for this event. First, each speaker will typically be selected to deliver two presentations. That means that it is in your best interest to submit at least three breakout sessions in addition to any Fast Focus topics you may be submitting. This ensures that the conference chairs have more than two options per speaker, particularly if the topic you are submitting is popular and is being submitted by a number of people for the same conference. Next, please make sure that your title is clear and appropriate to the track you are submitting it to, and that your description includes enough detail to understand what audience members will walk away from your sessions having learned. Again, many speakers often provide submissions on the same topics, meaning it comes down to a meaningful title and a quality abstract.

Wanting to dig in even deeper and offer hands on experience and learning? We are also looking for speakers willing to deliver two-day & 4-day hands-on labs that will be offered as part of the 2026 Virtual Seminar Training Course series.

Session, workshop, and hands-on lab proposals are welcome in the following topic areas:

Threat Intelligence & Human Risk

This track focuses on understanding adversaries and human-centric attack vectors that enable modern ransomware and cyber intrusions. Participants will learn how threat actors operate, how campaigns are planned and monetized, and how human behavior is exploited at scale. Topics include open-source intelligence (OSINT), adversary profiling, initial access brokers (IABs), social engineering, phishing operations, deepfake and AI-assisted deception, and leak-site monitoring.

The track also covers practical threat intelligence workflows: collecting, enriching, analyzing, and operationalizing intelligence to support detection, prevention, and incident response. Through hands-on exercises and realistic scenarios, participants will learn how to anticipate attacks, disrupt early access paths, and reduce human risk across the organization.

Secure Development & DevSecOps

This track is dedicated to securing software development practices and modern delivery pipelines in the face of ransomware and supply-chain threats. Participants will learn how attackers target developers, source code, CI/CD pipelines, secrets, and build systems—and how to defend against these attacks effectively.

Topics include secure coding principles, dependency and package security, secrets management, CI/CD hardening, cloud-native application security, and detection of malicious code and pipeline abuse. The track emphasizes practical controls that integrate security into development workflows without slowing delivery, aligning with modern DevSecOps practices.

Through hands-on labs and real-world case studies, participants will gain the skills needed to reduce application-layer risk and prevent development environments from becoming an initial access vector for ransomware and other advanced attacks.

Ransomware Industry

This track provides an unfiltered, real-world view into the modern ransomware ecosystem and how it operates as a mature criminal industry. Participants will gain insight into how ransomware groups organize, monetize attacks, and scale operations through affiliates, initial access brokers, and data-leak platforms. The focus is on understanding attacker incentives, decision-making, and business models in order to defend against them more effectively.

Topics include ransomware-as-a-service (RaaS) operations, double and triple extortion tactics, data-theft and leak-site dynamics, victim profiling, and negotiation realities. The track also covers defensive strategies informed by attacker behavior, including early indicators of ransomware campaigns, incident response planning, recovery constraints, and the impact of cyber insurance and regulatory pressure on response decisions.

Through case studies, simulations, and attacker-centric analysis, participants will develop a realistic understanding of how ransomware attacks unfold in practice—and how organizations can disrupt them before, during, and after an incident.

Incident Response

This track prepares participants to respond effectively to modern cyber incidents, with a strong emphasis on ransomware, identity compromise, and cloud-based attacks. Attendees will learn how to detect, contain, and recover from incidents that impact hybrid, cloud, and SaaS environments—often under severe time pressure, incomplete information, and regulatory scrutiny.

The track goes beyond traditional technical response to address the full incident lifecycle, including crisis management, executive communication, legal and regulatory obligations, and coordination with cyber insurance providers. Topics include rapid triage and scoping, identity and access containment, forensic readiness, evidence preservation, ransomware negotiation considerations, backup destruction scenarios, and realistic recovery planning.

Through hands-on exercises, tabletop simulations, and real-world case studies, participants will develop the skills needed to lead or support incident response efforts that minimize operational disruption, financial impact, and long-term business risk. This track equips responders to operate effectively not only in the SOC, but also at the intersection of technology, leadership, and business continuity.

Blue Team

In this track, participants will dive into the world of cybersecurity and ransomware from the perspective of the blue team. They will learn about the fundamental principles of cybersecurity, explore various defensive strategies, and develop hands-on skills to protect against ransomware attacks. The track will cover identity-first security, API security, network security, vulnerability management, attack path management, EDR/XDR, threat intelligence, and incident detection and response. Participants will engage in practical exercises, simulations, and case studies to strengthen their ability to mitigate and defend against cyber threats, ultimately becoming proficient members of the blue team.

Red Team Tactics and Techniques

The Red Team track focuses on modern offensive techniques used by advanced threat actors and ransomware operators to compromise organizations. Participants will learn how attackers gain initial access, evade defenses, move laterally, and escalate privileges across on-premises, cloud, and SaaS environments—often without deploying traditional malware.

Topics include identity-based attacks, credential and token theft, Kerberos and authentication abuse, living-off-the-land techniques, cloud control-plane compromise, and MFA bypass strategies. The track emphasizes realistic attack chains aligned with modern ransomware operations, rather than isolated exploitation techniques.

Through hands-on labs, adversary emulation exercises, and simulated campaigns, participants will sharpen their ability to think like attackers, validate defensive controls, and provide actionable insights to blue and purple teams. This track equips red teamers to test real-world resilience, expose blind spots, and drive measurable improvements in organizational security posture.

Purple Team

The purple team track offers participants a unique opportunity to explore the intersection of offensive and defensive strategies in the context of the ransomware industry. Participants will gain insights into the tactics, techniques, and procedures (TTPs) employed by threat actors behind ransomware attacks and use that knowledge to enhance their defensive capabilities. The track will cover penetration testing, vulnerability analysis, threat modelling, and security assessment. Additionally, participants will engage in hands-on exercises that simulate real-world scenarios, enabling them to operate effectively in a purple team environment and strengthen their organization's defenses against ransomware.

AI in Cybersecurity: Attack, Defense, and Governance

This track explores the rapidly evolving role of artificial intelligence in cybersecurity—both as a powerful defensive capability and as a weapon increasingly leveraged by attackers. Participants will gain a practical understanding of how AI is transforming ransomware operations, social engineering, malware development, detection engineering, and security operations at scale.

Topics include AI-assisted phishing and impersonation, deepfakes and synthetic identities, automated vulnerability discovery, adversary use of large language models, and the emerging risks of AI supply chains and model abuse. On the defensive side, the track covers AI-driven detection and response, behavioral analytics, security copilots, autonomous response considerations, and the limits and failure modes of AI in real-world incidents.

The track also addresses governance, risk, and compliance challenges related to AI adoption, including data leakage, prompt injection, model poisoning, regulatory expectations, and responsible use in security operations and development environments. Through hands-on sessions, case studies, and forward-looking discussions, participants will learn how to safely adopt, defend, and respond to AI-powered threats while leveraging AI to improve security outcomes.

Submission Guidelines
Please include the following information with your submission (failure to supply all requested information may limit opportunities for selection):

Speaker's Name
Speaker's Title
Speaker's Company
Title of Presentation
100-word Description of Presentation
3-5 Bullets, explaining what the attendee will learn from presentation (learning objectives)
Speaker's Color Photo (hi-resolution)
Speaker's Bio, including previous conference speaking/presentation experience

Speakers chosen to present at Cybersecurity & Ransomware Live! events will receive a full-conference pass and a stipend for each session they present. Speakers are responsible for their own travel costs and incidentals. The speaker stipend for two talks typically covers domestic flight costs and travel to/from the airport. Cybersecurity & Ransomware Live! will also cover hotel accommodation (room and tax only) for a pre-determined number of nights at a host hotel as outlined in the speaker agreement.

Proposals are due: Monday, March 23, 2026 11:59 PM EST

Submit your proposals here: https://sessionize.com/live-360-tech-con-orlando-2026/

We look forward to your submissions!
~ The Cybersecurity & Ransomware Live! Event Team

For questions or to be added to our call for presentations notification list, please contact:
Danielle Potts
Sr. Event Manager
[email protected]
925.207.0468

For questions regarding exhibit or sponsorship sales, please contact:
Brent Sutton
VP, Events
[email protected]
415.518.1962

Cybersecurity & Ransomware Live! is committed to fostering diverse perspectives and inclusive participation. We especially encourage submissions from underrepresented groups in security and technology.