• Overview
  • Call For Presentations
  • Program
  • Sponsors

Fortifying our Trusted Ecosystem

Overview 

Join fellow FS-ISAC members from across the Americas for three full days of learning, collaboration, and networking. 

Summits are our largest events of the year, packed with insightful presentations, workshops, and panels on topics relevant to the security of the global financial services industry. 

Highlights 

Relevance
The synthesis of cybersecurity and the financial sector distinguishes FS-ISAC Summits from other large industry events. The Americas Summit is specifically designed for cybersecurity professionals in financial institutions. 

Content
Sessions are divided into three tracks – Intelligence, Security, and Resilience – so that you can focus on the most pressing issues in your organization today. 

Connection
Collaborating with cybersecurity experts from across the Americas advances your skills and the sector’s security. And by learning from others, you can develop invaluable connections that outlast the Summit. 

Exercise
Participating in exercises increases resilience. Take part in our in-person tabletop exercise, "Undersea Cables", on 1 March. This exercise is hosted in conjunction with the 2026 Americas Spring Summit, but registration is separate. Find out more about the exercise here.

Interested in Sponsoring This Event?

We are fully sold out for the 2026 Americas Spring Summit. No sponsorship packages or sponsor passes are available. Email sales@fsisac.com to learn about future events and see upcoming events here.

 

 

 

 

Call for Presentations

Submitting Your CFP

The call for presentations has closed. Notifications will be sent out on 11 December.

2026 Theme

The theme for the 2026 Americas Spring Summit is Fortifying our Trusted Ecosystem.

Trust in the financial sector is no longer built by financial institutions alone - it is shaped by the strength of the entire ecosystem, including partners, providers, and policymakers. This year’s Summit centers on the importance of collaboration across sectors to secure the global financial system.

Content can be presented as presentations, roundtables, discussions, or panels in the Intelligence, Security, and Resilience tracks. We invite you to share your real-world examples, innovative approaches, successes, and lessons learned on:

  • Working across stakeholders to respond to incidents and strengthen defenses
  • Collaborating to identify vulnerabilities and improve risk mitigation approaches
  • Sustained partnerships that result in a more secure and resilient financial system, including direct and indirect influence and measurable outcomes

Hint: co-presenting with a member is an actionable measurement of collaboration!

Tracks

Intelligence

  • Incidents and Campaigns
  • Intel Practices and Methodology
  • Actor TTP Analysis
  • Fraud

Security

  • Working Group Outputs, COIs or Industry Specific Topics
  • Network Defense
  • App and Data Security
  • Emerging Technology
  • Career Advice
  • Organization Management

Resilience

  • Board Reporting
  • Exercises
  • Insider Risk
  • Operational Resilience
  • Third Party Risk Management

*the above are illustrative tracks, not the exclusive list or representational

There are no third-party sponsors for this event. FS-ISAC completely runs the CAPS exercises.
  1. March 1 Sunday

  2. 11:30 - 3:00 PM

    Undersea Cables Tabletop Exercise

  3. 11:30 - 3:30 PM

    Fraud Workshop

  4. 3:00 - 6:30 PM

    Early Registration

  5. 3:30 - 5:00 PM

    Womens Reception

  6. 5:30 - 6:30 PM

    Welcome Reception

  7. March 2 Monday

  8. 7:00 - 6:30 PM

    Registration

  9. 7:00 - 8:00 AM

    Breakfast

  10. 8:15 - 8:30 AM

    Opening Remarks

  11. 8:30 - 9:00 AM

    TBD

  12. 9:00 - 9:45 AM

    Keynote

  13. 9:45 - 10:15 AM

    From Threats to Abuse - Lessons Learned in AI Red Teaming

    Platinum
    Event Toggle Arrow
    Ram Shankar, Microsoft’s AI Red Team founder, shares key lessons from testing 100+ generative AI tools/apps. Learn best practices, taxonomies, proven safeguards, common findings, how to leverage agents, and necessary policies. This session will highlight patterns, sample test cases, and checklists.

  14. 10:15 - 10:45 AM

    Beyond Cyber Fusion: Converged Security Operations

    Platinum
    Event Toggle Arrow
    Cyber fusion centers unified SOC operations, but today's threats demand more. Adversaries blend cyber, fraud, physical, & insider attacks simultaneously. Converged Security breaks down silos through unified data platforms & integrated intelligence - delivering executives one view of enterprise risk.

  15. 10:45 - 11:15 AM

    AM Networking & Snacks

  16. 11:15 - 12:00 PM

    From Reactive to Proactive: How Cyber and Fraud Unite

    Ryan Praskovich, Nationwide Mutual Insurance Company; Wyatt Skirtich, Nationwide Mutual Insurance Company Fusion
    Event Toggle Arrow
    As the line between cyberattacks and financial fraud blurs, organizations must evolve from siloed defense to integrated collaboration and intelligence. This session explores how a Cyber and Fraud fusion model enables earlier detection and stronger prevention of fraud events.

  17. 11:15 - 12:00 PM

    AI Code Generation: Balancing Innovation, Risk, and Security

    Ajoy Kumar, Wells Fargo; David Ritenour, Wells Fargo AI Threats
    Event Toggle Arrow
    AI tools are writing and testing code and accelerating software development and reshaping engineering workflows. But they are also introducing risks: security, reduced accuracy, and unclear accountability. This panel explores how enterprises can adopt these tools and practices safely.

  18. 11:15 - 12:00 PM

    Second Line in Practice: Regional Collaboration on Cyber

    Russell Derrick, TD Bank; Eduardo Delgado, TD Bank Op Resilience
    Event Toggle Arrow
    This panel will share key takeaways from the first regional “Second Line of Defense” working group meeting in Canada. The session will demonstrate how collaboration is strengthening oversight and operational resilience, providing attendees with practical strategies for their own second line program

  19. 11:15 - 12:00 PM

    Grand Theft No Auto: No Cars, Just Cons

    Morgan Campbell, Navy Federal Credit Union; Amber Hamlet, Navy Federal Credit Union Fraud
    Event Toggle Arrow
    Learn how OSINT and cross-team collaboration exposed a massive scam defrauding FI members via fake listings of machinery, equipment, and vehicles through wire transfers. Gain OSINT tips, preventative defense tactics, and intelligence-sharing models to fight rising marketplace scams.

  20. 11:15 - 12:00 PM

    From Awareness to Action: Reframing Strategic CTI

    Kenneth Wolf, Citi CTI
    Event Toggle Arrow
    This presentation offers strategic CTI practitioners an approach to creating better, customer-defined, intelligence requirements, improving the overall value to their respective organizations and

  21. 11:15 - 12:00 PM

    Standardization to Fortify the Ecosystem

    Michael Habash, State Street GRC
    Event Toggle Arrow
    Cybersecurity at financial services firms is largely driven by regulation, audits, and emerging technology. And we are always being held to standards. Standards we usually didn’t have a hand in writing. But we Should! I will cover the structure of the standards community, who is in the room, and why

  22. 11:15 - 12:00 PM

    Losing Your Company in 24 Hours - The Board Experience

    Aurobindo Sundaram, RELX Group C-Suite
    Event Toggle Arrow
    Imagine being a Board member or senior executive when the news comes in - your systems are unavailable, your backups are corrupted, your partners are calling, so too is the attacker offering to bring your systems back for a price, and your revenue has run dry. 

  23. 12:15 - 1:00 PM

    Fusion Forward: Strengthening Cyber Fraud Response

    Meaghan Welch, Bank of America Fusion
    Event Toggle Arrow
    Learn how Bank of America built its Cyber Fraud Fusion Center to tackle evolving threats. This session shares strategy, structure, and lessons learned to help institutions create their own fusion model for stronger cyber-fraud response and cross-organizational collaboration.

  24. 12:15 - 1:00 PM

    AI Pressure on SaaS Supply Chains: Stay Secure & Compliant

    GRC
    Event Toggle Arrow
    SaaS now forms the core of financial infrastructure, with OAuth tokens replacing firewalls as the new perimeter. This keynote unpacks SaaS and AI supply chain risks, modern attack paths, and a control framework aligning with OCC, Fed, and NYDFS expectations for resilient defense.

  25. 12:15 - 1:00 PM

    Graph vs. Noise: How Intel Becomes Risk Reduction

    CTI
    Event Toggle Arrow
    This session shows how real-time graph intelligence correlates seemingly minor threat signals into a single impersonation campaign. Attendees will learn how this approach enables the dismantling of attacker infrastructure in real-time, reducing risk rather than just reporting it.

  26. 12:15 - 1:00 PM

    Meta and FS-ISAC: Fighting Fraud Together

    Bryonna Burga, FS-ISAC; Troy Wells, FS-ISAC; Raul Burgos, Meta Financial Technologies; Kristin Connors, Meta Financial Technologies Fraud
    Event Toggle Arrow
    This panel covers the collaboration between Meta and FS-ISAC combat fraud through Meta’s Fraud and Scam reporting solutions including the FIRE program. Panelists will explain Meta’s F&S approach, the FIRE program, provide case studies, key metrics, and investigative insights.

  27. 12:15 - 1:00 PM

    TBD

    Gold

  28. 12:15 - 1:00 PM

    AI in the Financial Trenches: Securing Digital Trust

    AI Threats
    Event Toggle Arrow
    Financial institutions are confronting a new class of AI-enabled attacks, from prompt injection and data poisoning to synthetic identity automation. This talk explores how the financial sector can secure AI adoption, harden data pipelines, and maintain digital trust at machine speed.

  29. 12:15 - 1:00 PM

    AI & Trust: A CISO’s Playbook to Secure What Matters

    C-Suite
    Event Toggle Arrow
    AI is transforming the financial sector — accelerating innovation, but also expanding the threat surface. As attackers adopt AI, CISOs must rethink how to defend an increasingly complex and interconnected ecosystem. This session explores the CISO’s role in securing trust across the AI journey.

  30. 1:00 - 2:00 PM

    Lunch

  31. 2:15 - 3:00 PM

    From ROT to RAG: Foundational Controls for Responsible AI

    GRC
    Event Toggle Arrow
    As financial institutions adopt AI, the risks of data exposure, model misuse, and unpredictable outputs grow. Understand practical controls that span the full AI lifecycle – from data readiness, to model implementation, to governance – which can be leveraged for a comprehensive controls framework.

  32. 2:15 - 3:00 PM

    The Trust Trap: How Concentration Risk Threatens Scale

    Op Resilience
    Event Toggle Arrow
    As the financial sector modernizes, its trusted, interconnected ecosystem faces a new paradox: concentration risk. This session explores how reliance on a few critical tech providers threatens scale and resilience, and how collaboration, transparency, and innovation can rebuild trust.

  33. 2:15 - 3:00 PM

    Agentic AI Security: From Threats to Active Defense

    Agentic AI
    Event Toggle Arrow
    Agentic AI is shifting from an assistant to an operational actor, expanding the attack surface. This presentation shares perspectives on securing the use of agents including an overview of the threats, a framework to design/launch/run securely, and introduce an ecosystem of guardrails for visibility

  34. 2:15 - 3:00 PM

    The Imitation Game: How Deepfakes Are Invading

    Attacks
    Event Toggle Arrow
    Across every channel, fraud is surging. Pindrop data shows that 1 in 599 calls is fraudulent, 1 in 6 job applicants exhibits signs of identity or credential fraud. Among those, 1 in 343 has direct links to nation-state–affiliated activity

  35. 2:15 - 3:00 PM

    Tearing Down Departmental Silos

    Jeff Korte, FS-ISAC; Tiffany Kiefer, Golden 1 Credit Union; Keith Vandegrift, Corning Credit Union C-Suite
    Event Toggle Arrow
    Silos are organizational issues that lead to poor communication, reduced efficiency, and missed opportunities to prevent fraud. We will discuss silos, why we create them, why they don’t work, and show how to dismantle them.

  36. 2:15 - 3:00 PM

    Chinese ORB Networks and You: A Threat Intel Primer

    John TerBush, JPMorgan Chase CTI
    Event Toggle Arrow
    ORB networks offer a new way to for adversaries to obfuscate their operations. What are ORB networks, and what kinds are there? How do Chinese nation-state operations use them? How have China-nexus operations changed over the years? How do they increase the difficulty of detection?

  37. 2:15 - 3:00 PM

    Case Study: Legitimate Numbers, Illegitimate Calls

    Casey Hertz, US Bank; Micah Semon, Bank of America; Adrianna Melendez, Wells Fargo Fraud
    Event Toggle Arrow
    Case Study: Legitimate Numbers, Illegitimate Calls The Hacked Enterprise PBX Spoofing Problem Join a panel of financial institutions to discuss how multiple FSISAC members have joined forces with cross-industry partners to investigate and resolve several cases of extensive spoofing of official c

  38. 3:00 - 3:30 PM

    PM Networking & Snacks

  39. 3:30 - 4:15 PM

    Modern Threat Hunting: From Intelligence to Advantage

    Kris Schroeder, CTI
    Event Toggle Arrow
    Moderated panel that will pull together 2 FS ISAC members and Replica to discuss best practices that sector threat intelligence team should be following. This will not be an overview of how to do your work and not expose the corporate network to threat actor observations.

  40. 3:30 - 4:15 PM

    Hidden in Plain Site: How Threats Actors Exploit AI Tools

    Jared Skivington, Bank of America; Martin Sutton, Bank of America AI Threats
    Event Toggle Arrow
    As people begin to rely on prompts over searches, threat actors have begun to target AI tools to compromise both customer and company. This presentation will delve into current threat actor trends in AI targeting, as well as provide insight into how to monitor for and mitigate such threats.

  41. 3:30 - 4:15 PM

    Wall St. to São Paulo: AI Cyberattacks Across the Americas

    Ashley Salisbury, BNP Paribas; Danica Reardon, BNP Paribas Attacks
    Event Toggle Arrow
    AI is rapidly changing the threat landscape. From public-private collaborations to LLM weaponization by threat actors, it is essential to track the global cyber impact of AI. This presentation explores how governments and business across the Americas are affected by and adapting to changing threats.

  42. 3:30 - 4:15 PM

    Architecting an Exercise Program to Build Resilience

    Jean-Pascal Deillon, Sumitomo Mitsui Financial Group; Vu Cap, Sumitomo Mitsui Financial Group Op Resilience
    Event Toggle Arrow
    An interactive session on how financial institutions can design, mature, and sustain an exercise program that strengthens operational resilience. Learn proven practices, discover common pitfalls, and share your own experiences across governance, strategy, execution, and continuous improvement.

  43. 3:30 - 4:15 PM

    Beyond Third-Party Risk: The Invisible Threat in Your Supply

    GRC
    Event Toggle Arrow
    Annual vendor reviews capture snapshots while SaaS supply chains evolve daily. New sub-processors appear between assessments, creating months of exposure. Learn how visibility across 20% of the Internet enables continuous Nth-party monitoring that individual institutions can't achieve alone.

  44. 3:30 - 4:15 PM

    Dialing Up Disruption - Stop Phone-based Scams & AI Threats

    Ryan Woodley, Netcraft; Kaleb Beasley, Fifth Third Bancorp; Kris Reed, Square Fraud
    Event Toggle Arrow
    From major banks to fintech innovators, Bank of America, Square, Fifth Third Bank, and Netcraft explore how phone-based scams and other emerging threats are reshaping brand protection. Learn how leading institutions are adapting defenses and scaling disruption to protect customers and brand trust.

  45. 3:30 - 4:15 PM

    Your Security Testing has an Identity Crisis

    C-Suite
    Event Toggle Arrow
    Security teams face confusion across testing types—Exposure/Vulnerability Management, Continuous Pen Testing, Red Teaming, and Attack Path Management. This session from SpecterOps and MUFG clarifies how each aligns to reduce risk, validate defenses, and strengthen collaboration in modern programs.

  46. 4:30 - 5:30 PM

    Winning the AI Cyber Arms Race in Financial Services

    Silver Solutions Showcase
    Event Toggle Arrow
    AI is transforming cybersecurity, fueling a high-stakes arms race in financial services. Attackers use it for new threats—but AI is also the defense. Corelight delivers multi-layered AI detection, AI-powered SOC workflows, and AI-ready data to help security leaders stay ahead.

  47. 4:30 - 5:30 PM

    Beyond Compliance: Device Posture as Defense

    Tal Kollender, Remedio Silver Solutions Showcase
    Event Toggle Arrow
    As financial institutions face increasing regulatory pressure, proactive device posture management is redefining compliance. Learn how automation and safe remediation help detect, fix, and validate misconfigurations in real time - turning compliance into continuous defense.

  48. 4:30 - 5:30 PM

    DSPM for Financials: Securing Data from Endpoint to Cloud

    Silver Solutions Showcase
    Event Toggle Arrow
    Financial institutions face relentless data sprawl across cloud environments, SaaS platforms, and collaboration tools—making risk harder than ever to manage. The question isn’t if sensitive data is exposed, but finding where it resides and how quickly you can secure it.

  49. 4:30 - 5:30 PM

    Managing Cryptographic Risk in the Age of Quantum & AI

    Silver Solutions Showcase
    Event Toggle Arrow
    Disruptors like quantum and AI have moved cryptography from an invisible safeguard to a board priority. Learn how to discover hidden keys, certificates, algorithms, and libraries, and automate cryptographic visibility, compliance, and resilience across your enterprise’s cryptographic ecosystem.

  50. 4:30 - 5:30 PM

    Mobile EDR: Securing the Human Layer of Finance

    Andy Olpin, Lookout Inc. Silver Solutions Showcase
    Event Toggle Arrow
    Financial institutions face new risks from people, not infrastructure. AI-driven smishing, deepfakes, and social engineering exploit mobile devices. Learn how banks use Lookout Mobile EDR to detect, contain, and report adaptive threats—protecting people, data, and compliance.

  51. 4:30 - 5:30 PM

    Beyond DPRK: Detecting Fraudulent Employee Identities

    Silver Solutions Showcase
    Event Toggle Arrow
    Fraudulent identities exploit gaps between HR, security, & identity teams that traditional tools can't see. Learn how criminals weaponize stolen credentials & malware-exfiltrated data to build convincing personas in the underground, and investigative methods that expose them before system access.

  52. 4:30 - 5:30 PM

    Preemptive Cyber Defense: Stopping Threats Before Impact

    Silver Solutions Showcase
    Event Toggle Arrow
    Silent Push demonstrates how to uncover pre-weaponized infrastructure targeting the financial sector and take active defense measures. Learn how early detection allows institutions to anticipate, disrupt, and prevent threats before they impact operations.

  53. 5:30 - 6:30 PM

    Booth Crawl Reception

  54. March 3 Tuesday

  55. 7:00 - 8:00 AM

    Breakfast

  56. 7:00 - 6:15 PM

    Registration

  57. 8:15 - 8:30 AM

    Opening Remarks

  58. 8:30 - 9:00 AM

    Critical Provider Panel

  59. 9:00 - 9:30 AM

    Secure Innovation Through Identity & AI Transformation

    Platinum
    Event Toggle Arrow
    As generative AI reshapes work, security leaders must balance innovation and risk. How are organizations governing AI, protecting data, and defining accountability? Join Saviynt’s Chief Trust Officer, Jim Routh, to explore 2025 AI security trends and how identity enables responsible innovation.

  60. 9:30 - 10:00 AM

    The Measurement of Trust

    Platinum
    Event Toggle Arrow
    Trust is the most vital yet least measured asset in the financial system. It is often treated as intangible and assumed rather than demonstrated. Richard Seiersen explores how institutions can decompose trust into measurable components — transparency, control, and resilience.

  61. 10:00 - 10:30 AM

    AM Networking & Snacks

  62. 10:30 - 11:15 AM

    Managing & Protecting APIs in the Age of Autonomous Agents

    API Security
    Event Toggle Arrow
    The Internet of Agents is reshaping FSIs with new API-like protocols such as MCP and A2A. API threats also evolve, making discovery, runtime protection, and posture management more critical than ever. Learn about these latest trends, best practices and AI-powered strategies for resilience.

  63. 10:30 - 11:15 AM

    Solving Mysteries with the Cyber Fraud Prevention Framework

    Adam Perino, Regions Financial; Allison Glenn, Bank of America; Leigh Williams, Zelis; Ryan Praskovich, Nationwide Mutual Insurance Company Fraud
    Event Toggle Arrow
    Cyber-fraud threat actors steal from our clients in novel ways, and our Cyber and Fraud teams must work together to mitigate them. Bring your questions to our roundtable discussion as we apply FS-ISAC’s Cyber Fraud Prevention Framework (CFPF) to map attack paths and recommend effective controls.

  64. 10:30 - 11:15 AM

    Using Agentic AI to Build a BISO Program

    Alex Foley, Truist Agentic AI
    Event Toggle Arrow
    Learn how to use a LLM, MCP server, and FS-ISAC best practices to build a fully documented, effective BISO program in just 12 months. Leave equipped with a BISO program-in-a-box with 25 deliverables, 5 guides, and an implementation plan ready to tailor to your organization.

  65. 10:30 - 11:15 AM

    Building an Effective Data Exposure Response Program

    Samuel Strohm, PNC; Anthony Marmo, PNC; Matthew Dragovich, PNC SOC
    Event Toggle Arrow
    It is not a matter of if, but when your institution experiences a cyber incident. More specifically, this program will speak about data exposure events. As the financial sector continues to advance technologically and integrate complex digital infrastructures, companies will face increasing risks.

  66. 10:30 - 11:15 AM

    Inside Out: How T-Mobile Tackles Insider Risk

    Mara Batinica, T-Mobile; Jim Keene, T-Mobile; Olivia LePlastrierRay, T-Mobile Insider Threat
    Event Toggle Arrow
    T-Mobile’s Insider Threat and CTI teams unite to detect, disrupt, and refer cybercriminals to law enforcement. This session outlines strategic program elements, real-world cases, undercover engagement tactics, and blockchain wallet tracing for effective attribution and investigation.

  67. 10:30 - 11:15 AM

    Applying Lessons from Applied Intelligence

    Amanda Lerner, CME Group; Sarah Baker, CME Group; Bilal Rahmani, CME Group CTI
    Event Toggle Arrow
    Beyond tactical and strategic, the phrase “Applied CTI” can mean different things to different people. This panel will define what Applied CTI is, what gaps it can help fill, and the lessons learned at CME Group from implementing Applied CTI as a third threat intelligence domain.

  68. 10:30 - 11:15 AM

    Autonomy, Resilience & the Human Force Multiplier

    Marina Kaganovich, Google; Dan Manley, CME Group; Sasha Spalding, First Citizens Bank; Liza Russell, Barclays AI GRC
    Event Toggle Arrow
    The core risk landscape in financial services is fundamentally changing. As the industry moves from simple automation to deploying autonomous AI agents, the security model of "Trust but Verify" has become obsolete, requiring enterprises to pivot to a new mandate: Govern by Design. This talk explores

  69. 11:30 - 12:15 PM

    AI Browsers: The Trojan Horse for Cyber-Fraud Fusion

    AI Threats
    Event Toggle Arrow
    AI browsers are reshaping digital identity as agentic AI blends user and machine behavior. Fraudsters now exploit AI emulators to bypass IAM. Learn how this shift forces convergence of fraud, risk, and identity—and how to build fusion‑ready systems that preserve trust.

  70. 11:30 - 12:15 PM

    Democratizing SOAR: Unlocking Automation Value

    SOC
    Event Toggle Arrow
    Enhancing SOAR capabilities and value in the Agentic AI era targeting process efficiencies, trust through transparency, data integration, and cost optimization. A walk through of real world use cases to leverage SOAR more broadly across the cybersecurity program.

  71. 11:30 - 12:15 PM

    AI Risks, Roles, and Recommendations for the Enterprise

    Donavon Swinney, Whatcom Educational Credit Union; Sara Thom, Whatcom Educational Credit Union; Pamela Simpson, TD Bank; Melissa Burchell-Dogra, Hy Cite AI GRC
    Event Toggle Arrow
    Learn how financial institutions can secure AI initiatives through strong data governance and clear roles. This session covers lifecycle controls, stakeholder engagement, and scalable frameworks to ensure accountability, compliance, and resilience.

  72. 11:30 - 12:15 PM

    Stop the Silent Invasion Before It Escalates

    Rachael Conover, Mastercard Insider Threat
    Event Toggle Arrow
    In an era where remote work is the norm, fraudsters are infiltrating IT teams, compromising security, draining resources, and eroding trust. We can no longer afford to be reactive—it's time to safeguard the industry's backbone with proactive measures. Stop this silent invasion with a Fusion Center.

  73. 11:30 - 12:15 PM

    From Threat Intel to Validated Defenses

    CTI
    Event Toggle Arrow
    As adversaries rapidly evolve with new tools and TTPs, defenders must keep pace. This session explores how CTI, Blue, and other teams can accelerate the mobilization of threat intel with AI, leveraging reasoning, semantic mapping, and validation workflows to find and fix gaps and ensure readiness.

  74. 11:30 - 12:15 PM

    The Silent Heist: When Bad Bots Weaponize APIs

    API Security
    Event Toggle Arrow
    When bad bots weaponize APIs, data theft becomes silent and scalable. We’ll expose how automated threats evade traditional security to harvest customer PII and intellectual property directly through the APIs you rely on every day and share how you can mitigate this new risk.

  75. 11:30 - 12:15 PM

    Effective Fraud Incident Response Through Collaboration

    Amanda McCracken, PNC; Matthew Dragovich, PNC; Ryan Knight, PNC; Thenu Radhakrishnan, PNC Fraud
    Event Toggle Arrow
    Learn how PNC builds a resilient fraud incident response framework through cross-functional collaboration and analytics. Discover strategies for rapid detection, containment, and mitigation of fraud incidents, plus lessons learned from implementing proactive countermeasures.

  76. 12:15 - 1:15 PM

    Lunch

  77. 1:30 - 2:30 PM

    Deepfake-Resistant Security for the Auditory & Visual Layers

    Tempt the Titans
    Event Toggle Arrow
    GenAI has shattered digital trust. GetReal Security’s Digital Integrity Platform restores it with deepfake-resistant, real-time identity protection that detects audio and video manipulation, tracks users’ biometric consistency over time, and automates policy-driven response to identity violations.

  78. 1:30 - 2:30 PM

    Ending the False Choice: Secure AND Seamless Authentication

    Tempt the Titans
    Event Toggle Arrow
    Banks have been forced to choose: secure or seamless. This false choice costs billions in fraud and abandoned transactions. Glide Identity proves you can have both with passwordless cryptography rooted in the SIM. Safe and seamless for humans and their agents.

  79. 1:30 - 2:30 PM

    Operationalizing 3rd Party Resilience: a 48-Hour Head Start

    Kevin Sherry, Darkweb IQ Tempt the Titans
    Event Toggle Arrow
    Most ransomware attacks start with third parties. Current tools flag CVEs or send irrelevant alerts after the damage is done. DWIQ collaborates with law enforcement to infiltrate the access broker ecosystem, identify impending attacks, and give teams time to act before attacks spread.

  80. 3:00 - 3:45 PM

    Sourcing Indicators for Early Detection

    Fraud
    Event Toggle Arrow
    Purchase scams abuse cardholder-authorized transactions to blunt the efficacy of traditional authentication and authorization controls. To combat this, financial institutions can source and validate purchase scam indicators for earlier preventative action.

  81. 3:00 - 3:45 PM

    How to Fail at Cyber Threat Intelligence

    Tony Drake, ICE CTI
    Event Toggle Arrow
    Everyone has a Cyber Threat Intelligence Program. Therefore we need to have a Cyber Threat Intelligence Program. The boss says "Go build it".So what do you do now? Based on a couple of decades of experience and observation of programs, I walk through what happens when you try to start a program.

  82. 3:00 - 3:45 PM

    The Results Are In: Human Risk Benchmark Survey

    Diana Fashjian, FM; Betsy Balgooyen Keller, Bank of America; Amber Buening, Huntington Bank; Charles Sapp, Raymond James & Associates Insider Threat
    Event Toggle Arrow
    The importance of quantifiable data in human risk to evaluate programs, benchmark against peer organizations, & make informed decisions to improve/mature your program is undisputable. The Training & Awareness WG launched the first human risk benchmark survey Oct 2025. Join us to talk results!

  83. 3:00 - 3:45 PM

    How Mobile Devices Became a Threat Hiding in Plain Sight

    Attacks
    Event Toggle Arrow
    Mobile devices have evolved from security afterthought to a critical threat vector. This talk examines the myths about mobile security, traces adversary tactics from early exploitation to current sophisticated attacks, and demonstrates why ubiquitous mobile use forces a shift in security mindset.

  84. 3:00 - 3:45 PM

    Fortifying Third-Party Trust in the Era of AI

    Pat McMahon, TIAA; Nathan Rodgers, JPMorgan Chase; Eric Grindstaff, JPMorgan Chase; Joseph Traietta, Capital One AI GRC
    Event Toggle Arrow
    Your security is only as strong as your weakest supplier. As reliance on 3rd parties grows and AI empowers adversaries, traditional TPRM approaches fail. Discover how leading institutions use AI, continuous control validation, SBOMs, AIBOMs, and attack surface monitoring to fortify defenses.

  85. 3:00 - 3:45 PM

    Topology-Driven Cryptographic Inventory for Quantum Security

    Peter Bordow, Wells Fargo; Dawn Elliott, Wells Fargo Cryptography
    Event Toggle Arrow
    As quantum computing advances, traditional cryptographic systems face unprecedented risks, necessitating proactive remediation strategies across enterprise environments. This presentation introduces a scalable approach to building an enterprise topology model designed to support comprehensive crypto

  86. 3:00 - 3:45 PM

    Securing MCP in the Enterprise

    Agentic AI
    Event Toggle Arrow
    Securing Model Context Protocol (MCP) : As vital components in agent workflow deployment, these assets present new threat surfaces and necessitate updated security and internal governance methods. We will explore real-world vulnerabilities, exploits, and techniques.

  87. 3:45 - 4:15 PM

    PM Networking & Snacks

  88. 4:15 - 5:00 PM

    Quantum-Ready Enterprise Cryptography: Strategy & Challenges

    Rich Bush, State Farm Cryptography
    Event Toggle Arrow
    We’ll share how we’re modernizing enterprise cryptography for quantum threats—covering timelines, trusted crypto inventories, abstraction to ease migrations, sunsetting vulnerable algorithms, automating compliance evidence, key challenges faced, and strategies to overcome them.

  89. 4:15 - 5:00 PM

    Practical AI Risk Management for Financial Services

    Angela Patel, Cyber Risk Institute AI GRC
    Event Toggle Arrow
    Explore the FS AI RMF, a practical framework for managing AI risk in financial services. Learn to assess AI initiatives, integrate controls into governance, benchmark practices, and promote responsible AI deployment while enhancing resilience and regulatory alignment.

  90. 4:15 - 5:00 PM

    Takedown, or Move-Around? Tracking Cobalt Strike Trends

    Ariana Mirian, Censys Attacks
    Event Toggle Arrow
    Command and Control (C2) servers are frequent law enforcement targets. Do takedowns eliminate them or simply force relocation? Using Cobalt Strike as a case study, we explore how C2 infrastructure evolves over time to reveal whether these systems disappear or simply move across the Internet.

  91. 4:15 - 5:00 PM

    Innovating Fearlessly with Secure Agentic AI

    Agentic AI
    Event Toggle Arrow
    Agentic AI is transforming finance—from fraud prevention to workflow automation. But with new power comes new risk. This session explores how to secure every stage of the agentic AI lifecycle while scaling adoption and innovation with confidence.

  92. 4:15 - 5:00 PM

    Reimagine Cyber Defense: The Rise of AI-Driven Cyber Fusion

    CTI
    Event Toggle Arrow
    Cyber threats are no longer isolated incidents, they’re coordinated campaigns powered by varied threat actors including adversarial AI. Traditional CTI / SOCs struggle to keep pace and enterprises need a new kind of defense: AI & agentic powered, intelligent, adaptive, and collaborative.

  93. 4:15 - 5:00 PM

    Check Fraud: Observations from the FDIC

    Lloyd McIntyre, FDIC Fraud
    Event Toggle Arrow
    This presentation covers current check fraud vectors and how check fraud is impacting the financial industry. The presentation will also focus on the mitigating solutions that institutions are implementing to create a multi-layered defense against this fraud.

  94. 4:15 - 5:00 PM

    Deepfake Defense: Protecting ID & Auth in the Age of Gen AI

    John Carlson, American Bankers Association Insider Threat
    Event Toggle Arrow
    This expert panel will discuss 10 current and emerging attack types, mitigation strategies and ways the US government can help in the fight against Gen AI attacks on identity and authentication systems. The panel will discuss the work of a public-private sector collaboration launched in early 2024.

  95. 5:15 - 6:00 PM

    Exploit Intelligence for Vulnerability Prioritization

    Silver Solutions Showcase
    Event Toggle Arrow
    Learn how to apply the Cyber Threat Intelligence Capability Maturity Model to align CTI programs with organizational maturity, strengthen collaboration across teams, and reduce risk from rapidly exploited vulnerabilities through measurable, outcome-based intelligence-driven defense.

  96. 5:15 - 6:00 PM

    Mapping the Invisible Thread

    Chris Block, Graphika Technologies; Thomas Lederer, Graphika Technologies Silver Solutions Showcase
    Event Toggle Arrow
    Stop wasting budget and analyst time battling fraud reactively. Graphika maps the “Invisible Thread,” exposing cross-platform scam networks behind fake ads and accounts. Our technology accelerates takedowns and supports legal action against organized fraud targeting your customers.

  97. 5:15 - 6:00 PM

    Unlocking Cross-Industry Intelligence to Combat Fraud

    Silver Solutions Showcase
    Event Toggle Arrow
    **Title:** *Beyond the Bank: Cross-Industry Intelligence for Smarter Risk Decisions* **Summary (≤300 characters):** As financial behavior expands beyond banks into fintech, crypto, and marketplaces, siloed data leaves gaps in risk detection. Learn how cross-industry intelligence enhances fraud a

  98. 5:15 - 6:00 PM

    Your Next Breach Won’t Come From a File, but From a Plug-In

    Idan Dardikman, Koi Security Silver Solutions Showcase
    Event Toggle Arrow
    From Chrome extensions to npm and model hubs, attackers now publish straight into the tools your teams use daily. This talk breaks down how that pipeline gets hijacked, and shows how Koi maps what’s really running, exposes risky permissions, and locks down marketplace software without slowing anyone

  99. 5:15 - 6:00 PM

    Scattered Spider: The $1B Threat to Financial Systems

    Austin Gadient, Silver Solutions Showcase
    Event Toggle Arrow
    Scattered Spider’s attacks on U.S. banks have highlighted how vulnerable the virtualization layer is. See how Vali Cyber stops Scattered Spider preemptively—blocking MFA bypass, lateral movement, and ESXi encryption—to protect uptime, your environment, and customer trust.

  100. 5:15 - 6:00 PM

    Uncover & Quantify Identity Risk

    Deena Thomchick, Axiad Silver Solutions Showcase
    Event Toggle Arrow
    Experience next-gen identity risk intelligence with Axiad Mesh. See and quantify risk across human and non-human identities managed or not. Prioritize resource allocation and mitigation actions, measure with integrated FAIR analysis, and streamline compliance in one seamlessly integrated solution.

  101. 5:15 - 6:00 PM

    Live Demo: KnowBe4's Complete Security Platform

    Silver Solutions Showcase
    Event Toggle Arrow
    Interactive demonstration of KnowBe4's complete security platform in action. Witness how threat detection, phishing simulations, and access management collaborate to protect financial institutions. Learn practical strategies to reduce human risk and strengthen your security posture.

  102. 6:30 - 11:30 PM

    Signature Dinner Event

  103. March 4 Wednesday

  104. 7:30 - 8:30 AM

    Breakfast

  105. 7:30 - 3:45 PM

    Registration

  106. 8:45 - 9:00 AM

    Opening Remarks

  107. 9:00 - 9:30 AM

    Intel Panel

  108. 9:30 - 10:15 AM

    Decoding Crypto Crime | Evolving Threats & Responses

    Karen Helmberger, FS-ISAC; Erin West, General Session
    Event Toggle Arrow
    Experts in cyber intelligence and fraud prevention come together to examine how threat actors exploit cryptocurrency and blockchain and use advanced tactics to scam consumers. More importantly, they will discuss what we can collaboratively do to investigate and prevent threats.

  109. 10:30 - 11:15 AM

    AI-Enhanced Malware Reverse Engineering

    Dan Dumitrescu, Northern Trust; Michael Toczycki, Northern Trust; Aimee Moriarty, Northern Trust Attacks
    Event Toggle Arrow
    We review several AI-assisted malware reverse engineering workflows in order to give the audience a starting point in reverse engineering malware using AI tools.

  110. 10:30 - 11:15 AM

    The Case of the Missing Data

    Jeff Jackson, NASB; Nate Aguilar, Metro Credit Union (NE); Vincent Dattilo, TD Bank; Jeff Korte, FS-ISAC Data Security
    Event Toggle Arrow
    Bank facilities contain large volumes of documents with strategic and financial data, PII, and access to information systems. Following an incident, will you have all the data needed to solve the mystery? Put on your detective cap as we show you how to solve the mystery of the missing data.

  111. 10:30 - 11:15 AM

    Redefining Resilience: Minimum Viable Business

    Op Resilience
    Event Toggle Arrow
    Learn how financial institutions can define, evolve, and continuously test their Minimum Viable Business, the core operations that must keep running and deliver essential services despite external factors such as cyber threats, AI-driven changes, regulatory shifts, or partner dependencies.

  112. 10:30 - 11:15 AM

    Protecting Our Most Vulnerable: Financial Institution Strate

    Olga Zlatkova-Georgiev, Patelco CU; James Hogan II, JPMorgan Chase; Tiffany Kiefer, Golden 1 Credit Union Fraud
    Event Toggle Arrow
    A panel of fraud prevention and security leaders from financial institutions will explore the growing threat of elder financial exploitation. The session will highlight institutional vulnerabilities, detection strategies, and collaborative solutions across fraud, compliance, and member services.

  113. 10:30 - 11:15 AM

    TIC Talk: From Insight to Impact

    Amanda Misko, Citi; Elizabeth Wanic, Morgan Stanley; Adam Perino, Regions Financial; Monica Maher, Vanguard CTI
    Event Toggle Arrow
    FS-ISAC's Threat Intelligence Committee (TIC) is driven by members for members. Join elected TIC Executive Committee representatives for an interactive discussion about what the TIC does and share ideas about what the TIC should do. The outcome of this presentation will help drive 2026 priorities

  114. 10:30 - 11:15 AM

    Compliant and Lightweight DevSecOp for Legacy Systems

    Jeffrey Wiley, Third Coast Bank People
    Event Toggle Arrow
    Mid-sized banks can’t drop everything for DevSecOps. Learn how a $5B bank built a lightweight, regulator-friendly SDLC for legacy apps—aligned to NIST, FFIEC, and GLBA—without drowning devs. Includes templates, Navex IRM tips, and practical onboarding tactics.

  115. 11:00 - 11:30 AM

    AM Networking & Snacks

  116. 11:30 - 12:15 PM

    Clop Till You Drop: Lessons Learned from 7 Campaigns

    Attacks
    Event Toggle Arrow
    This session analyzes six years of campaigns from Clop ransomware reviewing infrastructure trends, 0days utilized, and the history of the group. This session will also evaluate the architectural failures of MFTs and what changes can be made to mitigate the risks of future campaigns.

  117. 11:30 - 12:15 PM

    Cross-Sector Resilience at the National-Level

    Kristin Royster, BITS | Bank Policy Institute; Benjamin Flatgard, JPMorgan Chase; Michele Guido, Op Resilience
    Event Toggle Arrow
    Over the past several years, financial institutions have placed significant emphasis on their individual resilience. But resilience is about more than any one company’s ability to withstand an event. National resilience requires cooperation not only within entire sectors, but across sectors.

  118. 11:30 - 12:15 PM

    Modernizing Data Security for a Multimodal World

    Data Security
    Event Toggle Arrow
    Cloud and AI have shattered old data security models. Perimeter defenses fail when data and models live beyond your control. This session explores why legacy architectures break and introduces a modern framework built on continuous discovery, real-time visibility, and data-centric protection.

  119. 11:30 - 12:15 PM

    Response Intelligence

    Eric Baldwin, MetLife; Chelsea Koester, MetLife; Kyle Stephens, MetLife CTI
    Event Toggle Arrow
    Incident response is a goldmine of security intelligence, but most of it is lost when the ticket closes. This talk introduces "Response Intelligence," a practical framework for transforming post-incident data into a predictive, strategic asset.

  120. 11:30 - 12:15 PM

    From Bait to Great: One Year. Big Wins. Banned Phish Mascot

    Lindsay Cooley, M&T Bank People
    Event Toggle Arrow
    From Bait to Great: One Year. Big Wins. Stronger Security. And a banned Phish Mascot. See how one year of creative strategies, real-time learning, and Ace the Phish Detective transformed phishing awareness into a culture of security and engagement.

  121. 11:30 - 12:15 PM

    If We Were to Build a Cyberfraud Intel Team

    Guy Pearson, Bank of America; Kaleb Beasley, Fifth Third Bancorp; Joe Lavelle, PNC; Daniel Stiving, JPMorgan Chase Fraud
    Event Toggle Arrow
    Our industry’s priority is defending against complex, fast-paced threats to our infrastructure, industry and supply chains. However, countering industrialized cybercrime requires intel support. This session will share insights on how to shift from "defend the network" to "defend the consumer."

  122. 12:30 - 1:15 PM

    Operationalizing Threat Intel for Financial Resilience

    Samuel Hassine, Filigran; Julie Smith, Tokio Marine Holdings; Keith OSullivan, Tokio Marine Holdings Op Resilience
    Event Toggle Arrow
    Tokio Marine and Filigran share how financial institutions can turn threat intelligence into operational resilience. Attendees will learn how structured data, open tooling, and collaborative processes transform intelligence into measurable readiness and response capabilities.

  123. 12:30 - 1:15 PM

    Establishing a Vishing Assessment Program

    Jeremiah Olver, JPMorgan Chase; Marianna Havkin, JPMorgan Chase People
    Event Toggle Arrow
    This presentation explores the design and implementation of a vishing assessment program to improve employee awareness of and response to vishing attacks. The presentation shares best practices, challenges, and recommendations for building strong defenses against vishing.

  124. 12:30 - 1:15 PM

    Vendors, SaaS, and a Call to Action

    JW Merrow, Huntington Bank; Jeremy Mann, Northern Trust; Cord Graham, Huntington Bank Op Resilience
    Event Toggle Arrow
    SaaS dominates enterprise delivery, but trusting providers for security challenges zero-trust principles. SSPM helps, but visibility is limited by vendor APIs. This talk explores vendor limitations and how we can challenge them to help us improve SaaS security posture.

  125. 12:30 - 1:15 PM

    Deep and Dark Web Collections and Downstream Investigations

    Sean Kowalski, TD Bank; Eric Huber, TD Bank CTI
    Event Toggle Arrow
    The presentation will cover underground (Deep and Dark Web) collection efforts to thwart cyber fraud impact and how the collections can be utilized for fraud investigations to support downstream teams.

  126. 12:30 - 1:15 PM

    Untangling the Web of Fluffy Spider Attacks

    Fraud
    Event Toggle Arrow
    Fluffy Spider is a large collection of cyber fraud threat actors that use telecom-based attacks to conduct account takeover attacks on commercial clients. We named them; we attributed their activity; and we mitigated them. Learn how you can too.

  127. 12:30 - 1:15 PM

    The Art of Deception - Implementing Active Defense Technique

    Param Patel, TIAA; Chris Pitts, TIAA; Adam Zamora, TIAA; Jill Dahlem, TIAA Attacks
    Event Toggle Arrow
    Learn how TIAA deployed deception technology to outsmart sophisticated attackers. Discover practical tactics to detect threats early, reduce dwell time, and expose attacker methods—plus anecdotes, lessons learned, and steps to start today.

  128. 1:15 - 2:30 PM

    Lunch

  129. 2:45 - 3:30 PM

    Hook, Line, & Sinker: Using GenAI to Catch Phishing Campaign

    Courtney Jacobs, Capital One; Rebecca Kern, Capital One Members Only
    Event Toggle Arrow
    Sophisticated phishing attacks, which impersonate brands with pixel-perfect accuracy, erode customer trust and are increasingly difficult to combat with manual monitoring. This talk will show how Vision Language Models can identify phishing sites from screenshots, enabling faster responses.

  130. 2:45 - 3:30 PM

    Smart or Risky? AI for CTI Teams

    Monica Maher, Vanguard; Troy Wells, FS-ISAC Members Only
    Event Toggle Arrow
    Feeling left behind? AI promises to transform the way CTI teams collect and analyze, but is it just hype? We’ll explore realistic use cases for AI across the CTI lifecycle while avoiding pitfalls like hallucinations and overreliance. Learn where AI adds the most value—and where caution is critical.

  131. 2:45 - 3:30 PM

    The SIM Box Ecosystem: From Grey Markets to Global Scams

    Aric Ward, T-Mobile; Kimberly Myhrer, T-Mobile Fraud
    Event Toggle Arrow
    SIM boxes don’t just enable fraud—they power a global ecosystem of scams, spoofing, and anonymous threats. This session traces how actors weaponize mobile infrastructure and evade detection, with a case study on transnational bank fraud and practical disruption strategies.

  132. 2:45 - 3:30 PM

    Threat Hunting with Anomalous Indicators

    William Miskimen, Fannie Mae; Allissa Hooley, Fannie Mae Members Only
    Event Toggle Arrow
    In today’s dynamic threat landscape, reactive security is no longer enough. This session explores how our team transformed our approach to threat detection by leveraging anomalous indicators within our Endpoint Detection and Response (EDR) and other tooling.

  133. 3:45 - 4:30 PM

    Turning Cybercrime Operations Purple

    Heather Scheetz, TransUnion; Chris Plaisance, TransUnion Fraud
    Event Toggle Arrow
    This presentation discusses a model that TransUnion has developed to facilitate interdepartmental collaboration between various fraud, information security, and business technology departments for the purpose of engaging in purple team exercises to better mitigate real-world cyber fraud threats.

  134. 3:45 - 4:30 PM

    From Fragile to Agile: Building Resilient Detections

    Trent Liffick, Fifth Third Bancorp Members Only
    Event Toggle Arrow
    Detection Engineering is an iterative process of designing, implementing, testing, and maintaining your organizations ability to detect bad in your environment. This talk will walk you through a mindset shift, to focus on building high fidelity detections that last longer than a single campaign

  135. 3:45 - 4:30 PM

    Smarter Threats, Smarter Shields: The Role of AI

    Gabrielle Reyes, Morgan Stanley; Zoe Metzger, Morgan Stanley Members Only
    Event Toggle Arrow
    Artificial intelligence is accelerating both cyber threats and defenses. This session highlights the surge in AI-driven attacks, including those leveraging deepfakes, and the rapid evolution of detection and response strategies shaping the future of cybersecurity.

  136. 3:45 - 4:30 PM

    Maturing Vulnerability and Configuration Management

    Steven Lodin, Sallie Mae Members Only
    Event Toggle Arrow
    Sallie Mae’s exposure management program uses risk-based prioritization, automation, and improved reporting to reduce vulnerability noise by 90%, accelerate remediation, and strengthen compliance and trust across the enterprise.

  137. 4:30 - 5:30 PM

    Closing Reception

fs-isac-greyscale

© Copyright 1999 - FS-ISAC, Inc. All Rights Reserved.

Terms and Policies