In a world plagued with Ransomware, you would be forgiven for thinking that Cybercriminals just do the same thing over and over again. The reality however is quite different - with a sophisticated, and efficient, service industry propping up crime online. Over the last year this ecosystem has evolved further, with new Criminal Business Models emerging - in particular as criminals have steadily increased their usage of AI. These changes will continue to test our defences, and force us to evolve also.

But AI in particular is not an even technology - while it is a great enabler for all industries, crime included, it stands to enhance some more than others. Of all these industries, Cybersecurity - and Law Enforcement who focus on it - are possibly the most ready to take advantage of the unique benefits it brings. 

In this talk, we'll dive into recent Criminal evolutions, and show why this time is a period where those on the defensive side of CyberSecurity stand to gain the biggest advantage in this never ending conflict.

LLMs are one of the most powerful inventions since the birth of computers. Not only are they a crucial piece in transforming information into knowledge, but they also serve as the foundation for building the AI-driven world. In just three to four years, LLMs have taken the world by storm, igniting a series of frenzied AI revolutions that have pushed the boundaries of technological advancement. However, with every leap in technology comes new challenges.

Unlike conventional software, LLMs are highly unpredictable, behaving more like "singularities" that do not conform to traditional information systems. Standard software quality control methods and testing tools are nearly ineffective in this domain, and existing cybersecurity frameworks struggle to adapt. We cannot approach LLM security as merely another software issue.

In this talk, we will explore the new cybersecurity challenges posed by AI applications from a security professional’s perspective. Join us as we delve into the risks and strategies needed to prepare for this transformative wave in the information industry! 

We conducted a research project on communications resilience for Taiwan. We asked a simple question: If in conflict, can Taiwan's people, private sector, and government demonstrate the same kinds of resilience we saw conducted by Zelensky in Ukraine? This proposal will tell the story of our research process, our findings, and how we created a war game / table top exercise to conduct at DefCon and Blackhat Las Vegas in 2024 to try to answer our simple question.

Digital sovereignty is a crucial aspect of modern democracy, determining a state's ability to control its digital infrastructure, regulate technology, and protect citizen data. In today’s world, data has become the most valuable resource, surpassing even oil and gold, as it enables those who control it to influence public perception and decision-making. Democratic states prioritize transparency, freedom of speech, and data protection, while autocratic regimes use digital tools for censorship, surveillance, and propaganda. The European Union (EU) and other democratic nations implement regulations such as GDPR, DSA, and DMA to ensure fair competition, secure personal data, and counter disinformation. However, the challenge remains: balancing security with fundamental freedoms. The global contest over digital sovereignty reflects the broader geopolitical struggle between democratic and authoritarian models. While democracies regulate digital platforms to protect citizens, autocratic states monopolize online spaces to control narratives. International collaboration, such as between the EU and Taiwan, is vital for strengthening cybersecurity, countering digital propaganda, and fostering technological independence. Ultimately, digital sovereignty must not lead to isolation but serve as a tool for democratic resilience. The future lies in cooperation, transparency, and the protection of fundamental rights in the digital realm.

An overview of cyber threat intelligence on current and near-term adversary use of artificial intelligence to generate cyber threats. Google Mandiant insights on ways to defend cloud infrastructure on which AI rests, and how generative AI can be used to enhance the capabilities of defensive cyber threat intelligence teams and network defenders.

Step into the eerie echoes of Charles Dickens' *The Signal-Man* to uncover a chillingly relevant parable for our age of AI and cybersecurity. In a world where AI systems power decisions at unprecedented speeds, are we, like the lonely signalman, misinterpreting critical warnings while hurtling toward disaster? Join Dimitri van Zantvliet, the Cybersecurity Director of Dutch Railways, for a keynote that fuses storytelling with cutting-edge insights into the rail sector’s digital transformation and cybersecurity strategies.

This session will unravel the lessons of Dickens' tragic tale, exploring the parallels between Victorian railways and today’s AI-driven systems. From opaque "black box" algorithms to over-reliance on automated defenses, we face a critical crossroads: embrace AI with responsibility or risk repeating the signalman’s fate.

Discover how the rail industry navigates waves of digitization, compliance tsunamis, and escalating threats while building ethical, transparent, and sustainable AI frameworks. You’ll learn practical strategies to balance human oversight with AI’s vast potential, ensuring trust, security, and resilience in an era where the stakes have never been higher.

Don’t miss this captivating blend of history, innovation, and foresight—a call to action for leaders who refuse to be overwhelmed by the warnings they cannot understand. Together, let’s rewrite the future and ensure the signals of tomorrow guide us to safety, not tragedy.