Phish and Brews 2026

Drawing on 580+ incident response engagements, this keynote deconstructs what separates organizations that recover quickly from those that don’t. Travis moves beyond the standard “prevent and detect” framework to address the leadership decisions, authority structures, and cultural conditions that determine how an organization performs under real attack conditions. Practical, direct, and grounded in operational experience rather than theory.

All business leaders are being inundated with information but very little of this is structured into anything resembling a plan. Organizations are dealing with AI and Cyber Security without the proper risk frameworks in place. What should you action and how? What gets the most value for your budget spend and reduces the risk profile?  Jason adds real world prospective and actions you should be taking to address these questions. 

To do real damage, a threat actor needs just two things: access and privilege. In today’s world of dissolving perimeters, hybrid infrastructure, and remote workforces, identity has become the new battleground — and privileged accounts are the ultimate prize.

This session delivers a clear, practical introduction to Privileged Access Management (PAM) — what it is, why it’s the keystone of modern identity security, and how organizations can begin building a mature PAM program that reduces risk without disrupting the business.

Attendees will walk away with a solid understanding of the core PAM disciplines — from Privileged Account & Session Management (PASM) and Endpoint Privilege Management (PEDM) to Secrets Management and Cloud Infrastructure Entitlement Management (CIEM) — and how they work together to protect both human and non-human identities across on-premises, hybrid, and cloud environments.

We’ll also introduce the PAM Maturity Model, helping you assess where your organization stands today and what a practical path forward looks like — from foundational credential vaulting to just-in-time access and zero standing privileges.

Key takeaways:

• What PAM is (and what it isn’t)
• The types of privileged accounts that put your organization at risk
• The four core disciplines of a complete PAM program
• How to assess your current PAM maturity and prioritize next steps

Technology is no longer responsible for simply keeping the lights on. It now sits at the core of how organizations grow, manage risk, protect trust, and remain resilient in the face of constant change. Decisions about technology directly shape business outcomes; whether leaders intend them to or not.

As a result, technology leaders can no longer operate as functional specialists working behind the scenes. They are business leaders first, accountable for strategy, outcomes, and core value creation, and they must have a seat at the executive table.

In this keynote, Jennifer Hutton challenges the outdated notion that technology can be delegated away from leadership. Drawing on her real‑world executive experience across technology, cybersecurity, privacy, and enterprise risk, she reframes technology as a leadership responsibility, not an IT one. The session helps leaders cut through buzzwords, move beyond tool‑driven conversations, and take intentional ownership of how technology enables growth, resilience, and sustainable performance in your business.