GovCon industry speakers. Representatives from MANTECH, Trellix, Capgemini Government Solutions and SentinelOne spoke on a lunch panel at the 2026 Cyber Summit.

Key Takeaways From the 2026 Cyber Summit

Posted on May 29, 2026 by Charles Lyons-Burt

Co-authored with Pat Host and Gabriella DeCesare

Potomac Officers Club’s 2026 Cyber Summit arrived at the culmination of a Spring’s worth of major cybersecurity developments — the White House’s release of the Cyber Strategy for America; Anthropic rocking the tech industry with its Mythos tool and Project Glasswing; the infiltration capabilities of agentic AI growing by the day; among many others. These topics were much discussed by the federal officials and GovCon industry leaders that made up the day’s program of impassioned keynotes and lively panels.

Department of War Chief Information Security Officer Aaron Bishop’s remarks opened the May 21 event and Federal CISO Michael Duffy closed it out, with perspectives from the Coast Guard Cyber Command, CISA, the FBI, the Centers for Medicaid and Medicare Services, and more, represented in between. Industrial base attendees thus took in the full scope of defense, civilian, intelligence and health mission priorities for cyber.

We are hugely grateful to our Lead Platinum Sponsor Everforth ECS for their partnership, and to our Platinum sponsors: MANTECH, North Star Labs, Corelight, Capgemini Government Solutions, Alpha Omega, Core4ce, Acronis, Fortinet Federal, Celerium, Grist Mill Exchange and Precise Software Solutions.

Have you seen the lineup for Potomac Officers Club’s next event? The speakers we’ve tapped for the 2026 Army Summit on June 18 will really impress you. Sign up today to engage with top leadership from the DOW’s largest service branch, including Assistant Secretary and Comptroller Marc Andersen, Deputy Chief of Staff, G-6 Jeth Rey and many more.

Below are the highlights from the 2026 Cyber Summit.

Jason Tama and event attendee. The Coast Guard RADM and cyber commander spoke with guests at the 2026 Cyber Summit from Potomac Officers Club. — RADM Jason Tama, keynote speaker and Coast Guard cyber commander, engages with guests at the 2026 Cyber Summit. Photo: EM

What Were the Key Takeaways From the 2026 Cyber Summit?

Stats to Remember

“[The Coast Guard] got $25 billion out of [the One Big Beautiful Bill Act]…USCG annually runs [on a] $15 billion budget. We’ve obligated $13 billion out of $25 billion so far. We’ll obligate all that by the end of the year by adopting commercial technologies rapidly.” —RDML Jason Tama, U.S. Coast Guard Cyber Command leader

“Approximately two-thirds of the installation OT infrastructure systems are standalone or isolated, not connected to any base network or the internet.” —Daryl Haegley, technical director, DAF Cyber Resiliency Office for Control Systems, a.k.a. CROCS

“The U.S. Marine Transportation System handles more than $5.4 trillion in goods and services every year.” —RDML Tama

“80 percent of the USAF’s operational technology runs on Windows 7 or earlier.” —Haegley

“We have 85 percent reliance on commercial partners. —Mike Howard, U.S. Transportation Command J6 engineering/digital transformation division chief

“The [defense industrial base] is one of 16 critical infrastructure sectors.” —Terry Kalka, director, DOW Cyber Crime Center’s DOW-Defense Industrial Base Collaborative Information Sharing Environment

Terry Kalka. The Department of War Cyber Crime Center official addressed Potomac Officers Club's 2026 Cyber Summit. — Department of War Cyber Crime Center official Terry Kalka speaks on the Cyber Summit panel Cyber Risk to Mission Risk. Photo: EM

Remarks That Stood Out

“What we have seen over the last few years is that our adversaries are no longer knocking at the door of our house. They’re already in. The idea of purely having a perimeter defense is really not effective.” —Katherine Sutton, assistant secretary of war for cyber policy and principal cyber advisor, DOW

“It’s not always just about the tool, it’s about all of the non-materiel aspects that are needed to truly operationalize that tool for our warfighter. A tool without a framework is really just code.” —Sutton

“AI is also introducing additional risks. We have people who don’t understand it and they are copying and pasting stuff into LLMs. Then we see stuff coming from outside like incidental outsider threats. There’s a lot of promise with AI but it’s not going to replace all of our cyber pros. It will augment their services and help build the skills of our teams. —Leslie Nettles, acting deputy CISO, CMS

“OT and the physical infrastructure is what keeps me up at night. We’re building out massive data centers…each one of those requires things where cyber has for years been an afterthought. I’m worried that unless we treat all this as critical infrastructure, the first place adversary will look is targeting those upstream elements.” —Davey Gibian, deputy chief digital and artificial intelligence officer for warfighting mission area, DOW

“I’d encourage people to think about, when we define a domain like air or cyber…land is not the tanks, it’s the place where the tanks move. Same with cyber. The network is the central aspect of it.” —Jeremy Kepner, MIT Lincoln Laboratory fellow

Mohammad Sohail Chaudhry. The Precise Software Solutions VP and CIO moderated a panel on AI in Cyber Defense at the 2026 Cyber Summit. — Precise Software Solutions VP and CIO Mohammad Sohail Chaudhry moderated a panel on AI in Cyber Defense. Photo: EM

Recurring Themes/Major Insights

Mark Maglin. The Everforth ECS executive moderated a panel at Potomac Officers Club's 2026 Cyber Summit. — Everforth ECS Vice President Mark Maglin moderates the Quantum Computing and Post Quantum Cryptography panel. Photo: EM

There’s more to cyber than just patching

“We can’t patch our way out of this.” That warning from Vince Crisler, chief strategy officer at Celerium, captured one of the defining themes of the Cyber Summit: the threat landscape is evolving faster than traditional cybersecurity practices can respond. As AI accelerates vulnerability discovery and enables increasingly sophisticated attacks, Crisler argued that “the solution to faster vulnerability detection is not faster patching.” Instead, organizations must rethink the underlying architectures, processes and systems that have long defined cyber defense.

Crisler described AI as “the biggest transformation in cybersecurity since cybersecurity became a thing,” pointing to emerging models that can identify vulnerabilities and connect patterns at a scale and speed beyond human capability. As these tools become more accessible, the challenge facing government and industry is no longer simply keeping up with alerts and patches, but preparing for an environment where both defenders and adversaries can operate at machine speed.

GovCons should remember that modernization can no longer be approached as a series of incremental upgrades. Success will depend on helping agencies move beyond reactive security models and toward resilient, adaptable architectures built for an AI-driven future. Organizations that continue to rely on legacy systems and patch-centric strategies risk falling behind, while those investing in transformation today will be better positioned to support federal missions as cyber threats continue to evolve.

DOW’s three priorities for cybersecurity, shared by Katherine Sutton:

Integrate cyber into all domains of warfare
Maintain a strategic advantage in cybersecurity
People focus — “we must organize our cyber forces to dominate”

(Aaron Bishop echoed Sutton’s emphasis on people during his keynote.)

A recommendation for how to reach desired speed-to-mission with technology

“The threat space is wide and expanding. It’s also complex down to the thermostat involved. When we talk speed…new changes allow government to bring in commercial capabilities quickly and test them without massive upfront investments. That is one way we get to speed very quickly.

Also, rather than build then integrate, you do those together. When you start, let’s integrate that idea of integration all up front so we’re getting to the end state much quicker.” —Jennifer Obernier, CEO, Grist Mill Exchange

Zero trust is a continuous cyber strategy

“Zero trust isn’t a product. It’s absolutely an architecture that…promotes a large language model of activity that artificial intelligence actually makes adaptive and usable,” said TRANSCOM J6 Engineering and Digital Transformation Division Chief Mike Howard, capturing another central theme of the Cyber Summit: zero trust is evolving from a security framework into the foundation for modern, data-driven operations. As agencies seek to leverage AI at scale, panelists emphasized that success depends on building architectures that provide the visibility, identity controls and continuous monitoring needed for AI to make informed decisions and adapt to changing threats.

That architectural mindset was also shared by Space Force Senior Chief Advisor Reb Butler, who, during a zero-trust-focused panel, argued that technology alone is not enough.

“I know we got it right when the workforce can explain how they are implementing zero trust in their environment and which tools they are using,” Butler stated. His comment underscored that zero trust maturity is ultimately measured by adoption and understanding across the organization.

Together, the two perspectives highlighted a broader shift underway across federal cybersecurity. Agencies are moving beyond viewing zero trust as a compliance requirement and instead treating it as a living operational architecture, one that enables resilience, supports AI-driven decision-making and requires continuous engagement from both technology teams and mission operators. For industry partners, the opportunity lies in helping agencies build interoperable, adaptable environments that can evolve alongside emerging threats and mission demands.