Converge Cyber + AI Conference

ABOUT

SPEAKERS

AGENDA

SCHEDULE

LOCATION

Erich Kron

Cybersecurity's hardest problem isn't the tech. It's the humans using it. Erich Kron has spent three decades helping organizations close that gap, and he's kicking off Converge with the session that sets the tone for the entire event.

As CISO advisor at KnowBe4, Kron works with security leaders to build defenses that account for how people actually behave, not how we wish they did. His experience spans the medical, aerospace, manufacturing, and defense sectors, including his role as security manager for the U.S. Army's 2nd Regional Cyber Center. He's an author, podcast host, and regular voice in cybersecurity publications, and holds CISSP and CISSP-ISSAP certifications.

Expect practical, human-centered guidance you can put to work Monday morning, and a strong reason to stick around for everything that follows.

Brian Brushwood

Brian Brushwood has spent the past decade teaching social engineering to millions of people. Most of them didn't realize that's what they were watching.

Host of the YouTube channels Scam Nation (nearly 2 million subscribers) and The Modern Rogue (1.7 million subscribers), along with the podcasts Cordkillers and Great Night, Brushwood built his platform by translating cons, scams, and the psychology of deception into entertainment. He's appeared on Discovery Channel's "Scam School" and National Geographic's "Hacking the System," breaking down everyday exploits, hacks, and security loopholes for a mainstream audience. Long before social engineering became a cybersecurity buzzword, Brushwood was teaching it.

Brushwood closes Converge with the kind of session that turns two days of conversation into something attendees will still be talking about on the flight home. Expect entertainment, insight, and a fresh look at how humans actually get hacked.

Tim Leonard

Tim Leonard is the rare bank CIO who's as fluent in hands-on tech as he is in regulatory compliance. Known for high-energy, humorous talks that earn top marks at state and national banking conferences, he brings a tinkerer's curiosity to a field most people associate with caution.

As CIO at Commercial Bank of Texas, Leonard has spent 27 years leading IT strategy, infrastructure, compliance, and information security. He holds a CISSP and a master's in cybersecurity from Penn State University, teaches at Texas Tech University's Graduate School of Banking, and got his start as a private investigator and computer forensic examiner.

At Converge, Leonard shows how to wire Claude Code into a personal AI command center built from a Raspberry Pi feeder, a robotic telescope, and a mesh network, all to find some of the most interesting aircraft in America's military. Expect a teardown of the harness, the gotchas, and enough source code to start your own.

Michael Benardo

When regulators talk about cyber and financial crimes risk, Michael Benardo helped write the playbook. He spent 35 years at the FDIC, most recently as associate director of the Anti-Money Laundering and Cyber Fraud Branch, where he led the policy, guidance, and examiner training that shaped how the industry thinks about these threats.

Benardo's Converge sessions draw on that perspective: what three decades of technology risk supervision, from Y2K to AI, can tell us about the next wave of threats, and where boards are falling short on cyber governance now that regulators expect them to step up.

If you've ever wondered what examiners are really looking for, or how to brief your board with confidence, Benardo's sessions are worth blocking time for.

Brian Blodgett

Brian Blodgett's central message is blunt: Technology amplifies process quality, good or bad. Skip the people and process work, and AI just helps you fail faster.

Founder and executive advisor at Next Generation Strategy, Blodgett has spent 25+ years helping organizations build AI and automation strategies that actually stick. His path is unusual: physics teacher, tech company builder, fire chief, board member for banks, schools, and nonprofits. The through-line is the same. Leadership and process come first.

In his Converge breakout, Blodgett shares the real-world (and genuinely funny) lessons of aligning people, process, and technology before you automate. Come for the strategy. Stay for the ongoing saga of his golden retriever versus the autonomous lawnmower.

Jon Waldman

Jon Waldman believes the most powerful security control is an educated organization, and he's spent his career proving it. As co-founder and president of SBS CyberSecurity, Waldman oversees the SBS service teams and the SBS Institute, the education arm he helped build to bring specialized cybersecurity training to the banking industry.

For more than 20 years, Waldman has worked alongside community banks and credit unions to help them identify, reduce, and stay ahead of cybersecurity risk in real terms — not abstract ones. He holds CISA, CRISC, and CDPSE certifications and earned his master's in information assurance from Dakota State University, an NSA-designated Center of Academic Excellence.

At Converge, Waldman covers the threats and gaps that matter most right now: how AI is reshaping identity attacks in a world where trust, not passwords, is the target; how leading institutions are turning culture into a real line of defense; and how to translate cybersecurity frameworks into something teams can actually execute.

Chad Knutson

Chad Knutson has spent two decades helping financial institutions move beyond compliance-driven cybersecurity to genuine risk understanding, and he's bringing three of Converge's most timely sessions to executive audiences.

As co-founder and CEO of SBS CyberSecurity, Knutson has shaped how community institutions think about cybersecurity at the leadership level. He holds CISSP, CISA, CRISC, and CDPSE certifications and earned his master's in information assurance from Dakota State University. He led the SBS Institute as its president and serves on the faculty at the Graduate School of Banking, University of Wisconsin–Madison.

His sessions cover the questions keeping leaders up at night: how to make the call during a live cyber incident when the playbook breaks, what deepfakes and voice-cloning fraud already look like at institutions your size, and how to build AI governance that doesn't slow innovation. If you set strategy, these are your sessions.

Laura Zannucci

Vendor risk used to be a checklist. Now your vendors are running AI inside their products, and you're inheriting exposure you didn't sign up for. Laura Zannucci has spent her career helping organizations understand exactly that kind of shift.

As audit manager at SBS CyberSecurity, Zannucci translates cybersecurity risks into business decisions executives can actually make. She holds CISA, CISM, CRISC, and CDPSE certifications and is a frequent speaker, webinar host, and author on audit and risk topics.

Her Converge session digs into how vendor risk is evolving now that AI is embedded across the supply chain and what to rethink in your program before examiners do it for you.

Hunter Cockrell

Most security programs still assume attackers move at human speed. Hunter Cockrell is here to show you why that's a dangerous assumption.

As principal network security engineer at SBS CyberSecurity, Cockrell has spent nearly a decade running social engineering, penetration testing, and vulnerability assessments against real environments, and lately, building the agentic AI systems that automate large parts of that work.

He brings two sessions to Converge. One walks through a live, agent-assisted assessment so you can see what's actually getting automated today and where the agents still hit walls. The other is an honest field guide on when building AI internally is the right call and when it isn't.

Will Keller

Cybersecurity is only useful when people can actually act on it. Will Keller spends his days helping clients turn complex guidance into clear next steps, and he's bringing the list every defender should already have.

A network security engineer at SBS CyberSecurity, Keller has more than a decade of IT experience, with several years specialized in cybersecurity across consulting, system administration, and security engineering roles. He holds the CompTIA Security+ certification and is known for explaining the why behind security in language anyone in the room can follow.

His session walks through the controls that consistently stop attackers, drawn from real engagements rather than theory. If your team is buried in frameworks but light on what to actually implement first, this is the short list you've been looking for.

Dylan Kreutzfeldt

Examiners are catching up to AI faster than most institutions are catching up to their own Microsoft 365 environments. Dylan Kreutzfeldt works on both ends of that gap.

As a senior information security consultant at SBS CyberSecurity and an instructor for the SBS Institute, Kreutzfeldt holds his CISM certification, leads the Certified Banking Security Technology Professional course, and regularly delivers training, webinars, and security awareness sessions for clients nationwide.

His two Converge sessions hit where most teams are exposed: what regulators will expect next as cyber and AI oversight converge, and the critical controls, configurations, and blind spots most M365 environments are missing. If you're running M365 or briefing a regulator, both are worth your time.

23 Sessions. Endless Takeaways.

Converge brings together keynotes, general sessions, breakouts, hands-on workshops, and panel discussions to create a high-impact learning experience built for both big-picture thinking and practical execution. No filler — just a carefully curated mix of strategic vision and actionable takeaways, ensuring participants can tailor their experience to their role, interests, and level of expertise.

MORE THAN 20 CPE CREDITS AVAILABLE

Session Sneak Peek

Leading Through Cyber Uncertainty: Executive Decision-Making When the Playbook Breaks

When a cyber incident hits, there’s no script — only decisions. This session puts you in the executive seat to navigate high-stakes scenarios where risk, reputation, and response collide. Learn how leaders make the call when clarity is gone and consequences are real.

Who Should Attend: C-suite (CEO, COO, CIO), CISOs, Executive Leadership, Board-Level Advisors

Creating a Culture of Cybersecurity

Technology doesn’t fail—people do (and that’s fixable). Discover how leading institutions are turning employees into their strongest line of defense through culture, accountability, and behavior change. This isn’t awareness training—it’s organizational transformation.

Who Should Attend: HR Leaders, Compliance Officers, CISOs, IT Leaders, Operations Leaders

Third-Party Risk in an AI-Driven Supply Chain

Your vendors now use AI—and that changes everything. Explore how third-party risk is evolving as AI accelerates decision-making, data sharing, and exposure. If you’re not rethinking vendor risk today, you’re already behind.

Who Should Attend: Vendor Management, Compliance Officers, Risk Officers, CISOs, IT Leaders

Here’s How We Got In: A Live Financial Institution Attack Simulation

This is where theory meets reality. Watch a live walkthrough of how attackers penetrate financial institutions—from initial access to full compromise. It’s uncomfortable, eye-opening, and exactly what you need to see.

Who Should Attend: IT Security Teams, Network Engineers, CISOs, Risk Officers, Technical Practitioners

2025–2026 Data Breaches: Lessons for Financial Institutions

The breaches are real, recent, and closer to home than you think. We break down what actually happened, what failed, and what could have stopped it. Walk away with practical lessons you can apply immediately.

Who Should Attend: CISOs, IT Leaders, Risk Officers, Compliance Officers, Executive Leadership

AI Risk & Governance

AI is moving faster than policy—and that’s a problem. Learn how to build governance frameworks that keep innovation moving without exposing your institution to unnecessary risk. Because “figure it out later” is not a strategy.

Who Should Attend: CISOs, Risk Officers, Compliance Leaders, Executive Leadership, Data/AI Governance Teams

Cybersecurity Risk Management Strategies: Real World Insights & Practical Applications

Frameworks are great until you try to use them. This session translates theory into action with real-world strategies that actually work inside financial institutions. Expect practical guidance, not textbook talk.

Who Should Attend: Risk Officers, CISOs, IT Leaders, Compliance Officers, Audit Professionals

Securing Microsoft 365 - The Must-Haves

Microsoft 365 is everywhere—and so are the vulnerabilities. We’ll break down the critical controls, configurations, and blind spots most organizations miss. If you’re using M365, this session isn’t optional.

Who Should Attend: IT Administrators, Security Engineers, CISOs, Network Teams, Technical Practitioners

Security, Privacy, and Use Cases of Top AI Models

Everyone’s using AI—few understand the risk. Explore how leading models handle data, where privacy concerns live, and how to safely unlock value without exposing your organization. Clarity beats hype every time.

Who Should Attend: IT Leaders, Data/AI Teams, CISOs, Compliance Officers, Innovation Leaders

Deepfakes, Voice Cloning & Fraud: What’s Already Hitting Organizations Like Yours

This isn’t future-state fraud—it’s happening now. See how attackers are using AI-generated voices and deepfakes to bypass controls and manipulate employees. If your defenses aren’t evolving, neither are your outcomes.

Who Should Attend: Fraud Teams, Risk Officers, Compliance Officers, CISOs, Executive Leadership

From FFIEC to AI: What Examiners Will Expect Next

Regulators are catching up to AI—and expectations are changing fast. Get ahead of what examiners will be looking for as cyber and AI oversight converge. The best time to prepare was yesterday.

Who Should Attend: Compliance Officers, Risk Officers, Audit Teams, CISOs, Executive Leadership

Trust Is the Target: How AI Is Reshaping Identity Attacks

Passwords are no longer the weak link—trust is. Learn how AI is redefining identity attacks and what it means for authentication, access, and user behavior. The perimeter is gone—now what?

Who Should Attend: CISOs, IT Security Teams, Identity & Access Management (IAM) Teams, Risk Officers

Tuesday, October 6, 2026
8:30 AM	Registration
10:00 AM	Kickoff & Opening Remarks
10:15 AM	Opening Keynote
11:15 AM	General Session
12:15 PM	Lunch
1:00 PM	Breakout 1	Breakout 2	Breakout 3
2:00 PM	Breakout 4	Breakout 5	Breakout 6
2:50 PM	Coffee Break
3:30 PM	Breakout 7	Breakout 8	Breakout 9
4:30 PM	Closing Session
6:00 PM	Reception
7:00 PM	Dinner

Wednesday, October 7, 2026
7:30 AM	Registration & Breakfast
9:00 AM	General Session Opening Remarks
9:15 PM	Panel Discussion
10:30 AM	Breakout 10	Breakout 11	Breakout 12
12:00 PM	Lunch
1:00 PM	Breakout 13	Breakout 14	Breakout 15
2:00 PM	Breakout 16	Breakout 17	Breakout 18
2:50 PM	Coffee Break
3:15 PM	General Session
4:30 PM	Conference Ends