BLACK HAT 2026 | CONFERENCE
11 min read

Black Hat 2026 CISO Summit: What Security Leaders Need to Know

An invitation-based executive program running alongside Briefings, built for strategic discussion rather than technical research

August 5-6
CISO Summit dates, concurrent with Briefings
Invitation
CISO Summit requires separate registration and invitation
10,000+
Glasswing findings directly relevant to CISO Summit AI security discussions
1997
Year Black Hat was founded by Jeff Moss

SponsoredRetool

Retool's new app builder is where AI-generated code ships safely

Building apps with AI is easy. Getting them to production safely is another story.

Start building for free today

The Black Hat CISO Summit runs alongside the main Briefings conference on August 5-6 at Mandalay Bay Convention Center. It is an invitation-based program designed for CISOs and senior security leaders, operating in a separate space from the main Briefings sessions with a different format and agenda. Where Briefings is a high-volume research conference with hundreds of technical sessions, the CISO Summit is a curated peer environment: smaller attendance, roundtable format, and content focused on the organizational and strategic dimensions of security leadership rather than the latest vulnerability research. For the right executive, the Summit is one of the most valuable two days of the year. For others, the main Briefings conference delivers more actionable intelligence. This guide explains what the CISO Summit is, how it differs from Briefings, what the 2026 agenda is likely to cover given the current threat landscape, and how to decide which format serves your needs better.

What the CISO Summit Is

The Black Hat CISO Summit is a curated executive program that Informa Tech runs concurrently with Black Hat Briefings. It has its own separate registration process, eligibility requirements (typically CISO or equivalent senior security leadership title), and dedicated space within the Mandalay Bay Convention Center. The Summit format combines two types of sessions. Keynote and panel sessions bring in speakers addressing the strategic security topics most relevant to executive leadership: regulatory developments, board dynamics, AI strategy, and market trends. These sessions are more prescriptive and less technical than Briefings talks. Roundtable sessions are peer discussion groups where participants with similar organizational contexts (by sector, company size, or specific challenge) work through shared problems without a formal presenter. Roundtables are the most valued component of the Summit for most attendees: structured peer conversation with other CISOs facing the same pressures is difficult to replicate outside of a curated setting like this. The smaller attendee count and invitation-based format means the CISO Summit conversation is typically more candid than what happens in large open conference environments.

How the CISO Summit Differs from Main Briefings

The most important difference between the CISO Summit and the main Briefings conference is the audience and conversation format. Briefings is open registration (with a paid pass) and attracts tens of thousands of attendees across the full spectrum of security roles: practitioners, researchers, students, vendors, and executives. Sessions are lecture-format with limited Q&A, and the content is research-driven, often covering specific vulnerabilities, attack techniques, and defensive methodologies at a technical depth appropriate for practitioners. The CISO Summit is invitation-based and designed for a smaller, more senior audience. Content is strategic rather than technical: the Summit does not cover exploitation techniques or tool demonstrations. It covers the organizational, regulatory, and business dimensions of running an enterprise security program. Format-wise, roundtables and panel discussions replace lecture-format talks, creating more interactive discussion. A CISO attending Briefings will see the same content as their security engineers. A CISO attending the CISO Summit will see content calibrated to the decisions only they can make: board reporting frameworks, regulatory response strategy, budget justification approaches, and peer consensus on AI security governance.

Free daily briefing

Briefings like this, every morning before 9am.

Threat intel, active CVEs, and campaign alerts, distilled for practitioners. 50,000+ subscribers. No noise.

Who Attends and How to Request an Invitation

The CISO Summit targets CISOs, VPs of Information Security, Directors of Security, and equivalent senior security leadership roles at organizations of significant size. The invitation-based format is intended to maintain a peer environment: the Summit is more useful when every attendee faces similar organizational challenges, which means keeping the audience homogeneous by seniority and scope. To request an invitation, visit the Black Hat USA 2026 CISO Summit registration page and submit your registration request with your title, organization, and relevant context about your security leadership role. Informa Tech reviews requests and confirms eligibility. Submission timing matters: the CISO Summit typically fills to capacity well before the conference date, and late requests may be waitlisted. Plan to submit your invitation request at the same time you register for the main conference if you intend to attend both. Practitioners who do not hold a qualifying senior leadership title are not eligible for the CISO Summit and should focus on the main Briefings, which provides full access to the technical research content.

Typical CISO Summit Agenda Format

The CISO Summit spans both Briefings days (August 5-6) and runs for most of each day. The agenda format combines keynote sessions in the morning with themed roundtable discussions throughout the day, with breaks structured for peer networking. Morning keynotes typically run 30-45 minutes and address high-level strategic topics, often featuring security executives from major enterprises, government officials (CISA Director appearances have historically been a component of Black Hat programming), or technology leaders addressing the CISO's organizational challenges. Roundtables are the core format: groups of 8-15 CISOs convene around specific topics moderated by a facilitator. Common roundtable structures include sector-specific discussions (financial services, healthcare, critical infrastructure), challenge-specific discussions (AI security strategy, board communication, vendor consolidation), and size-specific discussions (enterprise, mid-market). Roundtable discussions are typically under Chatham House rules: what is said stays in the room, which enables candor that is rare in public conference settings. Networking sessions at the Summit are deliberately structured to maximize introductions across organizations and sectors.

2026 Topic Preview: AI Security Strategy, SEC Disclosure, Cyber Insurance, and Patch Management

The 2026 CISO Summit agenda will reflect the most pressing challenges facing security leaders this year. Four topic areas are expected to dominate. AI security strategy is the top-of-agenda topic for most CISOs in 2026. The AI vulnerability discovery demonstrated by Project Glasswing, which found 10,000+ vulnerabilities in 90 days across 200+ organizations, has changed the strategic calculus for security programs. CISOs are grappling with how to adapt patch management processes, threat models, and detection strategies to account for AI-powered adversaries. Roundtable discussions on AI security governance, AI-era board communication, and AI security tool procurement are expected to be heavily subscribed. SEC cybersecurity disclosure rules continue to generate operational challenges. The requirement to disclose material cybersecurity incidents within four business days of determining materiality, and the annual disclosure of cybersecurity risk management and governance programs, affects public company CISOs directly. The CISO Summit typically includes sessions helping executives understand the practical implications of regulatory developments for their programs. Cyber insurance market dynamics are a perennial CISO Summit topic. Premium increases, coverage restrictions, and underwriter requirements for specific security controls create procurement and compliance challenges that roundtable discussions address well. AI-era patch management is an emerging topic that follows directly from the Glasswing findings: when AI can discover vulnerabilities in weeks that conventional scanning missed for years, the organizational capacity to patch faster becomes a strategic security investment.

CISO Summit vs. Briefings: Making the Decision

The choice between the CISO Summit and the main Briefings conference depends on your current priorities as a security leader. The CISO Summit is the right choice when your most pressing challenges are board-facing, regulatory, or organizational: you need frameworks for explaining AI security risk to the board, guidance on implementing SEC disclosure procedures, or peer benchmarking on budget and headcount decisions. It is also the right choice when you value peer network investment and want structured opportunities to build relationships with CISOs at peer organizations. The main Briefings conference is the right choice when your most pressing challenges are threat intelligence and technical strategy: you want to understand the AI vulnerability discovery landscape firsthand, you want to see what tools your practitioners will be using, or you want to engage directly with the researchers whose work is shaping the field. Many senior security leaders do both, splitting their time between Summit sessions in the morning and Briefings sessions in the afternoon. If you are deciding between the two for your full conference time, the answer usually comes down to whether your current work is primarily internal and organizational or primarily external-facing and threat-driven.

Networking Value for Senior Leaders

One of the primary reasons CISOs prioritize the Black Hat CISO Summit over other security conferences is the peer networking quality. The invitation-based, senior-audience-only format creates a concentration of security executives that is difficult to find elsewhere. Peer CISO relationships provide value that no conference session can match: direct experience-sharing on vendor evaluations, regulatory response approaches, incident experiences, and organizational challenges. A CISO who built a relationship at a previous Summit roundtable has a trusted peer they can call when facing a board presentation on AI security risk or a ransomware incident response decision. The Summit is one of the few places where those relationships form in a structured setting. The most productive Summit networking is deliberate: identify the CISOs whose organizational context most closely resembles yours before arriving, seek out roundtable sessions that will put you in the same room as peer executives from your sector or with your specific challenge set, and follow up within a week of the conference while the conversations are fresh.

What to Bring and How to Prepare

Arriving at the CISO Summit prepared makes the experience significantly more valuable. Before attending, review the published agenda once it is released and identify the roundtable sessions most relevant to your current challenges. Prepare two or three specific questions or challenges you want to bring to roundtable discussions: the best roundtables are driven by participant contributions, and specific challenges generate more useful discussion than general interest. For the AI security strategy sessions, review the Project Glasswing findings before arriving. Understanding what AI-powered vulnerability discovery has already demonstrated changes the quality of the strategic discussion you can participate in. The Mythos Brief at decryptiondigest.com/mythos-brief provides a practitioner-accessible summary of the Glasswing findings and their implications for enterprise security programs, calibrated for exactly the kind of briefing material that is useful before an AI security roundtable. Bring business cards or a digital contact exchange method: the Summit is a high-value networking environment and most attendees actively exchange contact information.

CISO Summit Prep Resources for Subscribers

The complete CISO Summit preparation guide, including AI security briefing materials for the Summit's AI strategy sessions, a roundtable discussion framework, SEC disclosure implementation guidance, and a peer CISO networking plan template, is available in the Mythos Brief for Decryption Digest subscribers.

Subscribe to unlock Remediation & Mitigation steps

Free subscribers unlock full IOC lists, Sigma detection rules, remediation steps, and every daily briefing.

The bottom line

The Black Hat CISO Summit provides something the main Briefings conference does not: a structured peer environment for senior security leaders to discuss the organizational, regulatory, and strategic challenges that practitioners do not face. For CISOs in 2026, the AI security strategy discussions are the most pressing agenda item, given the AI vulnerability discovery demonstrated by Project Glasswing and the implications for patch management, threat modeling, and board communication. The Mythos Brief at decryptiondigest.com/mythos-brief provides the AI security briefing material you need to walk into those Summit roundtables prepared. And if you are not yet registered for Black Hat Briefings, which is the gateway to the full conference, enter to win a free Briefings pass at decryptiondigest.com/blackhat-2026.

Frequently asked questions

What is the Black Hat CISO Summit?

The Black Hat CISO Summit is a curated executive program that runs concurrently with Black Hat Briefings (August 5-6, 2026) at Mandalay Bay Convention Center in Las Vegas. It is designed specifically for CISOs and senior security leaders, offering peer roundtable discussions, strategic keynotes, and briefings on enterprise security topics. Unlike the main Briefings conference, which covers technical vulnerability research and new attack techniques, the CISO Summit focuses on the executive and strategic dimensions of security leadership: board communication, security program ROI, regulatory compliance, AI security strategy, and vendor consolidation decisions. The Summit operates in a separate space from the main Briefings sessions and maintains a smaller, invitation-based attendee list.

How do I get invited to the CISO Summit?

The CISO Summit requires a separate registration and is invitation-based. Qualifying attendees typically hold CISO, VP of Security, Director of Security, or equivalent senior security leadership titles. To request an invitation, visit the Black Hat CISO Summit page on the Black Hat USA 2026 website and submit a registration request with your title and organization information. Informa Tech, the conference organizer, reviews requests and confirms eligibility. The Summit may involve a separate registration fee or may be included with a Briefings pass depending on the year's format. Check the Black Hat 2026 registration page for current pricing and eligibility details.

Is the CISO Summit free?

The CISO Summit registration details vary by year and are set by Informa Tech, the conference organizer. In some years, the CISO Summit has been included with a Briefings pass for qualifying executives. In other years, it has required a separate registration. Check the Black Hat USA 2026 registration page for current pricing and whether your Briefings pass includes Summit access. Even if the Summit itself is included, you still need a Briefings pass to attend Black Hat 2026, which starts at $2,495. Enter to win a full Briefings pass at decryptiondigest.com/blackhat-2026.

What topics does the CISO Summit cover?

The CISO Summit agenda typically covers the strategic and organizational dimensions of security leadership rather than technical research. Recurring topic areas include communicating security risk to the board and executive leadership, measuring and demonstrating security program ROI, navigating the regulatory landscape (SEC disclosure rules, state privacy laws, sector-specific requirements), AI security strategy for enterprise programs, vendor consolidation and platform versus best-of-breed decisions, and cyber insurance market dynamics. In 2026, the AI vulnerability discovery context from Project Glasswing and the broader AI-powered threat landscape are expected to be central to the Summit agenda.

Should a CISO attend the Summit or the main Briefings?

The right answer depends on the CISO's current priorities. CISOs who need to stay current on the technical threat landscape and who engage directly with their security engineering teams benefit from Briefings attendance, where they can hear the same research their practitioners will be discussing. CISOs who are primarily managing upward (board relationships, regulatory response, budget justification) and lateral (peer CISO network, vendor relationships) benefit more from the CISO Summit's structured peer discussions and executive-format briefings. Many senior security leaders attend both: morning sessions in the CISO Summit for strategic discussions, afternoon time in the Briefings sessions for technical context. Check your schedule against the Summit and Briefings agenda once they are published.

How should a CISO translate the AI vulnerability discovery findings from Glasswing into a board-ready risk narrative?

The most effective board narrative for AI vulnerability discovery translates the Glasswing findings into three business-language frames: timeline compression, scope expansion, and defensibility gap. Timeline compression: Glasswing demonstrated that an AI system can move from vulnerability discovery to a reproducible exploit in hours to days for vulnerability classes it excels at, compared to the weeks-to-months assumption in most board-level cyber risk frameworks. This compresses the remediation window your security team has before active exploitation. Scope expansion: the same AI system that found vulnerabilities in one organization's environment simultaneously scanned 200+ partner organizations, meaning AI-powered adversaries can target many organizations at once rather than selecting individual victims. This changes the 'why would they target us' framing that boards sometimes use to underestimate risk. Defensibility gap: the nine Glasswing CVEs include vulnerability classes (17-year-old bugs, hypervisor escapes, JIT compiler vulnerabilities) that conventional security tooling had not surfaced, which means your current control baseline may have material gaps that AI-powered discovery can identify faster than your remediation cycle. Each of these frames connects directly to the board's fiduciary responsibility and the SEC disclosure materiality standard, making them more actionable for budget conversations than technical vulnerability counts alone.

Sources & references

  1. Black Hat USA 2026 CISO Summit
  2. Black Hat USA 2026 Official Site
  3. SEC Cybersecurity Disclosure Rules
  4. Anthropic Project Glasswing 90-Day Report
  5. Informa Tech, Black Hat Organizer

Free resources

25
Free download

Critical CVE Reference Card 2025–2026

25 actively exploited vulnerabilities with CVSS scores, exploit status, and patch availability. Print it, pin it, share it with your SOC team.

No spam. Unsubscribe anytime.

Free download

Ransomware Incident Response Playbook

Step-by-step 24-hour IR checklist covering detection, containment, eradication, and recovery. Built for SOC teams, IR leads, and CISOs.

No spam. Unsubscribe anytime.

Free newsletter

Get threat intel before your inbox does.

50,000+ security professionals read Decryption Digest for early warnings on zero-days, ransomware, and nation-state campaigns. Free, daily, no spam.

Unsubscribe anytime. We never sell your data.

Eric Bang
Author

Founder & Cybersecurity Evangelist, Decryption Digest

Cybersecurity professional with expertise in threat intelligence, vulnerability research, and enterprise security. Covers zero-days, ransomware, and nation-state operations for 50,000+ security professionals every morning.

Black Hat Giveaway

Win a $2,495 Black Hat pass.

Full-access to Black Hat USA 2026 in Las Vegas. Subscribe free to enter.

Joins Decryption Digest daily briefing. Unsubscribe anytime.

Giveaway: Black Hat USA 2026 Full-Access Pass ($2,495 value)

Details →
Daily Briefing

Subscribe to enter the giveaway

Every subscriber is automatically entered. You also get daily threat intel every morning: zero-days, ransomware, and nation-state campaigns. Free. No spam.

Already subscribed? You're already entered.

Giveaway

Win a $2,495 Black Hat USA 2026 pass.