SANS 4th Annual Cyber Compliance Countdown

September 17, 2026 | 8:00 – 12:00pm EST | 2:00 – 6:00pm CET | LIVESTREAM

Jump To

Schedule
Speakers
Register

Advancing Readiness to Meet Global Directives

As cybersecurity standards accelerate globally, organizations are entering a new era defined by rapidly evolving regulatory directives—some already in force, others imminent—that are reshaping how security is implemented across industries. According to the 2026 SANS | GIAC Workforce Report, 95% of organizations are now experiencing the impact of regulation on their cyber workforce, underscoring the urgency to adapt.

These mandates are not just compliance exercises—they are driving fundamental changes in how businesses, governments, and critical infrastructure sectors protect systems, data, and ultimately the citizens and stakeholders they serve.

The fourth annual SANS Cyber Compliance Countdown 2026 is designed to equip security leaders with the strategies and practical solutions needed to meet these demands. This event brings together directive authors, industry leaders, and top SANS instructors to provide actionable guidance on navigating today’s most impactful regulations.

Attendees will gain insights into:

The purpose, scope, and evolution of key directives
Effective approaches to incident response and regulatory reporting
Best practices for risk management and compliance alignment
Preparing for critical infrastructure and sector-specific requirements
Communicating cybersecurity posture to boards, executives, and clients

Featured directives include::

NIS2 Directive – Impacting critical infrastructure and organizations operating in the EU
Digital Operational Resilience Act (DORA) – Focused on financial sector resilience in the EU
SEC Incident Reporting Requirements – Driving transparency and accountability in public companies
CMMC – A critical requirement for U.S. Department of Defense contractors
DoD 8140 – Establishing workforce-wide cybersecurity skills validation

Don’t miss this essential forum. Gain the clarity, insights, and tools needed to stay compliant, resilient, and ahead in an increasingly complex regulatory landscape.

Sessions:

Elevating Critical Infrastructure Security Through CIP-015, Virtualization, and Cloud Standards | Tim Conway
AI Compliance Standards Around the World — From Regulation to Responsibility | Rob T. Lee
How CISOs and Security Leaders Are Turning Directives into Action | Ciaran Martin
Stop Chasing Regulations: A GRC Roadmap for Sustainable Compliance | James Tarala
Speaking Their Language: How Cyber Professionals Can Influence the C-Suite and Board | Heather Barnhart

Schedule

Showing 5 of 5

Filter by:

Select day:

Elevating Critical Infrastructure Security Through CIP-015, Virtualization, and Cloud Standards

As critical infrastructure becomes increasingly digitized, the convergence of regulatory mandates and modern technology standards is reshaping how organizations protect essential services and, ultimately, the citizens who depend on them. Standards such as CIP-015, alongside evolving virtualization and cloud security standards, are driving a fundamental shift from reactive compliance to proactive, resilient security architectures.

This session explores how these standards are elevating security across energy, utilities, and other critical sectors by establishing stronger controls around data protection, system integrity, and operational visibility. CIP-015 sets a new benchmark for detection and visibility within critical networks, while virtualization and cloud standards will allow for the introduction of new approaches and new technologies to aid entities in ensuring reliability.

Attendees will gain insight into how organizations are:

Integrating regulatory requirements with cloud and virtualized environments

Strengthening defenses against evolving threats targeting critical systems
Aligning security investments with government mandates and system reliability
Balancing innovation with compliance in increasingly complex architectures

By examining real-world approaches and emerging best practices, this session offers solutions on meeting regulatory expectations but also enhancing organizational ability to protect critical infrastructure in an era of constant cyber risk.

September 17, 2026

08:05AM - 08:50AM EDT

Virtual

Presented by

Tim Conway

SANS ICS Curriculum Lead at SANS Institute

AI Compliance Standards Around the World — From Regulation to Responsibility

The EU AI Act’s high-risk enforcement deadline of August 2, 2026 is no longer on the horizon—it’s here, bringing penalties of up to €35 million or 7% of global turnover. But this is only one piece of a rapidly expanding global regulatory landscape, where AI frameworks increasingly intersect with cybercrime laws, data protection mandates, and digital governance requirements.

This session moves beyond checkbox compliance to explore how leading organizations are building AI strategies around five core principles: transparency, accountability, privacy and security, human oversight, and societal benefit. Attendees will leave with practical insight into aligning with multiple regulatory regimes, identifying high-risk AI use cases, and operationalizing compliance in ways that drive both innovation and trust.

Organizations that act now won’t just meet mandates—they’ll lead. Those that wait risk being left behind.

September 17, 2026

08:50AM - 09:40AM EDT

Virtual

Presented by

Rob T. Lee

Chief AI Officer and Chief of Research at SANS Institute

How CISOs and Security Leaders Are Turning Directives into Action

Discover how today’s leading CISOs and security teams are translating evolving cybersecurity directives into strategic, actionable plans. According to the 2026 SANS | GIAC Workforce Report, these directives are now impacting 95% of the global cyber workforce.

Learn how organizations are:

Developing and strengthening cyber incident response plans
Embedding security best practices into day-to-day operations
Ensuring teams have the right skills to meet compliance requirements
Identifying key priorities for regulatory reporting
Effectively engaging the Board and C-suite on cybersecurity strategy

Walk away with real-world insights and practical approaches from organizations already navigating these challenges—so you can remain compliant and stay ahead of the curve.

September 17, 2026

09:40AM - 10:30AM EDT

Virtual

Presented by

Ciaran Martin

Professor, Non-Executive Director, SANS Cyber Leaders Network at SANS

Stop Chasing Regulations: A GRC Roadmap for Sustainable Compliance

Organizations are overwhelmed by a constant stream of new regulations, frameworks, and audit demands, often responding with reactive, fragmented compliance efforts. This session introduces a practical GRC Roadmap that reframes compliance as a structured, repeatable process aligned to how cybersecurity programs are actually managed. Attendees will learn how to shift from chasing individual requirements to selecting, implementing, and validating safeguards that meet multiple obligations simultaneously. The result is a more efficient, defensible, and scalable approach to compliance that reduces operational chaos while improving overall program maturity.

September 17, 2026

10:30AM - 11:15AM EDT

Virtual

Presented by

James Tarala

Managing Partner at Cyverity

Speaking Their Language: How Cyber Professionals Can Influence the C-Suite and Board

As cybersecurity regulations and directives continue to evolve, technical professionals are increasingly being called upon to brief executive leadership and boards. This session equips practitioners with the skills needed to communicate effectively in these high-stakes environments.

Attendees will learn how to align cybersecurity messaging with business objectives, translate technical concepts into clear, actionable insights, and focus on the issues that matter most to executives. Topics include engaging the C-suite and board, enabling the business through cybersecurity, prioritizing mission-critical discussions, and presenting cyber risk in business terms.

September 17, 2026

11:15AM - 12:00PM EDT

Virtual

Presented by

Heather Barnhart

DFIR Curriculum Lead and Head of Faculty at SANS Institute

Meet the Speakers

Tim Conway

SANS ICS Curriculum Lead at SANS Institute

SANS Fellow Tim Conway, co-author of ICS456, ICS310, and ICS612, blends decades of hands-on ICS/OT security and compliance expertise with ongoing frontline consulting, helping students turn complex industrial challenges into practical skills.

Learn more

Rob T. Lee

Chief AI Officer and Chief of Research at SANS Institute

Rob T. Lee is Chief AI Officer and Chief of Research at SANS Institute, where he leads research, mentors faculty, and helps cybersecurity teams and executive leaders prepare for AI and emerging threats.

Learn more

Ciaran Martin

Professor, Non-Executive Director, SANS Cyber Leaders Network at SANS

Respected as a world leader among public authorities for cybersecurity, Ciaran Martin is the UK’s National Cyber Security Centre’s (NCSC) founder and former head.

Learn more

James Tarala

Managing Partner at Cyverity

James is a managing partner at Cyverity, specializing in cybersecurity risk and governance. A SANS instructor for 20+ years, he holds 14 GIAC certs including the GSE, and has helped author the CIS Controls, CRF resources, and courses like LDR519.

Learn more

Heather Barnhart

DFIR Curriculum Lead and Head of Faculty at SANS Institute

Heather brings 24+ years of experience supporting government agencies, defense contractors, law enforcement, and Fortune 500 companies. Her extensive case experience spans fraud investigations, crimes against children, counterterrorism, and more.

Learn more

Register for SANS Cyber Compliance Countdown

First NameRequired

Last NameRequired

Your EmailRequired

Phone numberRequired

OrganizationRequired

Job TitleRequired

CountryRequired

By providing this information, you agree to the processing of your personal data by SANS as described in our Privacy Policy.

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

SANS 4th Annual Cyber Compliance Countdown

Advancing Readiness to Meet Global Directives

Schedule

Elevating Critical Infrastructure Security Through CIP-015, Virtualization, and Cloud Standards

AI Compliance Standards Around the World — From Regulation to Responsibility

How CISOs and Security Leaders Are Turning Directives into Action

Stop Chasing Regulations: A GRC Roadmap for Sustainable Compliance

Speaking Their Language: How Cyber Professionals Can Influence the C-Suite and Board

Meet the Speakers

Tim Conway

Rob T. Lee

Ciaran Martin

James Tarala

Heather Barnhart

Register for SANS Cyber Compliance Countdown

Elevating Critical Infrastructure Security Through CIP-015, Virtualization, and Cloud Standards

AI Compliance Standards Around the World — From Regulation to Responsibility

How CISOs and Security Leaders Are Turning Directives into Action

Stop Chasing Regulations: A GRC Roadmap for Sustainable Compliance

Speaking Their Language: How Cyber Professionals Can Influence the C-Suite and Board