This is the Leadership Track. We accept 35-minute talks, lightning talks, and workshops — no panels, no fireside chats, no "state of the industry" keynotes. The format is the wrapper; the talk has to deliver.

Every accepted talk must include original work. For the Leadership Track, that means a real decision framework, a post-mortem with the trade-offs left in, original data from a program you've run, or a strategic approach that's been pressure-tested in production. If your talk could be delivered by someone who read the same articles as you, it won't make the cut.

Topics

We're interested in talks that advance the practice of AI security leadership. Priority areas include, but aren't limited to:

• AI governance and org design: building (or rebuilding) the program — structure, ownership, headcount, where it lives, how it reports
• Board-level risk communication: how you frame AI risk for the board, what works, what doesn't, and the slides you actually use
• Model and vendor due diligence: how you evaluate providers, what you require contractually, where exposure hides, and what you've stopped accepting
• Staffing for the new threat surface: roles that didn't exist two years ago, where you're sourcing talent, and how you're evolving existing teams
• Regulatory and compliance strategy: navigating the EU AI Act, sector-specific frameworks, and how to make compliance operational rather than performative
• Real incident reviews: what happened, what you decided in the room, what the trade-offs were, and what you'd do differently
• The hard calls: the decisions you didn't have a playbook for — build vs. buy, internal vs. third-party models, what you've shut down, what you've doubled down on

If you're working on a problem at the leadership level that doesn't fit neatly into these categories, submit anyway. We leave room for the unexpected.

What we don't want

• Product pitches or vendor demos disguised as leadership talks
• High-level overviews of the AI threat landscape (the audience already knows)
• Talks without original thinking, real data, or a battle-tested decision framework
• Content that has already been presented at other conferences without significant new material
• Speculative talks about theoretical risks without concrete, operational substance

Formats

• 35-minute talk: the main format. Deep enough to walk through a real program, framework, or post-mortem.
• Lightning talk: 10 minutes. One idea, one decision, one finding — sharp and specific.
• Workshop: hands-on, interactive, small-group. For frameworks the audience can actually leave with and apply.

Level of expertise

Talks should target a senior, technically literate audience. Assume attendees run security, AI, or risk functions at scale and have working knowledge of machine learning, software security, and current AI deployment patterns. You don't need to explain what an LLM is or what prompt injection means.

Target audience

The Leadership Track audience includes: CISOs, CTOs, VPs of Security, Heads of AI, Heads of Risk, and security leaders accountable for AI risk at the executive level. These are people who set budgets, choose vendors, and answer to the board when something goes wrong. They're here to take something back to their org on Monday.

Selection criteria

Proposals are evaluated on:

• Originality: Is this a new approach, new data, or a new framework — or just a retelling of the consensus?
• Operational depth: Does the talk go past the principle and into the program?
• Specificity: Can you point to a concrete decision, framework, or outcome?
• Practical value: Will an attendee leave with something they can take to their team?
• Clarity: Is the proposal specific about what the audience will learn and why it matters now?

We reject more proposals than we accept. A strong proposal is specific: it tells us exactly what decision or framework you'll walk through, what the audience will leave with, and why it matters now.