AI, behaviour and sovereignty take centre stage at Cybersec Netherlands 2026
Trade fair announces first three speakers
The first speakers for Cybersec Netherlands 2026 have been announced. With contributions from Mandy Andress, Arno Reuser and Ferry Stelte, the conference immediately sets the tone: less abstraction, more reality. The 2026 edition, taking place on 9 and 10 September at Jaarbeurs in Utrecht, focuses explicitly on how organisations can truly remain resilient in an increasingly complex digital threat landscape.
Cybersec Netherlands has for years positioned itself as a meeting place for CISOs, executives, policymakers and security professionals. The content direction for 2026 has been partly shaped by the Advisory Board, which includes representatives from both the private and public sectors. Their input shows a clear shift: from technology and tooling towards responsibility, resilience and strategic decision-making.
Themes 2026
One of the key themes is digital sovereignty—not as an abstract policy concept, but as a concrete consideration in architecture, dependencies and geopolitical reality. The question of how Europe and the Netherlands maintain control over critical digital infrastructure runs as a common thread throughout the programme. At the same time, the impact of AI on the threat landscape is explored, focusing not only on risks but also on the fundamental redefinition of security models that comes with it.
There is also a strong emphasis on leadership, specifically the role of the CISO—not only from a governance and strategy perspective, but also in terms of the pressure and responsibility associated with incidents and public accountability. Cybersecurity is therefore no longer purely a technical discipline, but clearly a board-level issue.
Another notable aspect is the explicit choice for “the real stories”: practical cases that go beyond successful implementations or theoretical models. Incidents, dilemmas and decision-making under pressure take centre stage. This aligns with the growing demand in the market for recognition and actionable insights, rather than abstract best practices.
Finally, cybersecurity is increasingly approached as an ecosystem challenge. Organisations do not operate in isolation, but within chains of dependencies where vulnerabilities shift and amplify. Innovation plays a role here, but always in combination with collaboration and shared responsibility.
First three speakers
The first announced speakers align seamlessly with these themes.
Mandy Andress, Global Chief Information Security Officer at Elastic, will focus her keynote on the impact of AI on cybersecurity. According to her, we are at a tipping point where traditional, compliance-driven security models are no longer sufficient. Instead, she advocates for a fundamentally risk-driven approach, in which organisations must redefine their attack surface, threat models and risk tolerance. In this context, AI is not only a threat, but also a strategic defence tool.
While Andress addresses the future, Arno Reuser takes a critical look at the present. In his keynote, he argues that cybersecurity does not fail because of attackers, but because of how organisations attempt to protect themselves. The fixation on technology, combined with a lack of awareness and accountability, creates a structurally vulnerable system. His message is confrontational: as long as behaviour and accountability are not central, security remains an illusion.
With Ferry Stelte, the programme introduces a strong real-world case. As CISO of SIDN, he found himself in the middle of a national debate during his very first week, concerning the cloud strategy behind the .nl domain. What started as a technical decision quickly evolved into a political and societal discussion on digital sovereignty. His story demonstrates how abstract concepts such as autonomy and control become tangible under public and political pressure—and why they are rarely black and white.
From theory to reality
With these first names, Cybersec Netherlands 2026 clearly signals its direction: less focus on tools and more on choices, less on promise and more on reality. At a time when cyber threats are increasingly intertwined with geopolitics, economics and societal stability, the conversation is shifting. It is no longer just about how systems remain secure, but about who is responsible, which risks are acceptable and how organisations position themselves in a changing digital landscape.
More speakers and sessions will be announced in the coming months. What is already clear: Cybersec Netherlands 2026 will not be a showcase of solutions, but a confrontation with the questions that truly matter.
