What’s Next in Cyber Economics: 2026 Security Strategies from Industry Leaders

Attackers follow money, not novelty. As cybersecurity professionals, our challenge isn’t attacker innovation, it’s scale. Our current tools and traditional scoring systems fail to forecast what will be hit next. That’s why security leaders need to shift and adopt business-first approach program that seeks to understand exposure and financial impact.

In this forward-looking session, Nick Nolen, Vice President of Cybersecurity Strategy & Operations at Redpoint Cyber; Jeremiah Grossman, CEO of Root Evidence; and Chris Ray, Field CTO at GigaOm, will share experiences from the trenches, hard-won lessons, and real-world perspectives on exploitation trends and how teams should prepare for 2026 realities. Together, they will explore:

• Rethinking risk models: why CVSS and other scoring systems fail to predict real-world exploitation and how to ground prioritization in evidence.
• The scale problem: how visibility gaps, misconfigurations, and shadow assets widen exposure faster than organizations can respond.
• Adversary economics: understanding attacker motivations, disruption strategies, and how to make attacks too costly to pursue.
• AI in TEM: separating practical automation from overhyped “agentic” solutions and the limits of auto-patching.
• Defensible resilience: shifting from vulnerability counts to risk reduction, time-to-detect, and business impact as key metrics.

Attendees will leave with a grounded view of cyber risk, what truly moves the needle on reduction, and how to align exposure management strategies with the evolving realities of both attackers and business.