FREE GRC Workshop

LEARN MORE

Recommended Event: Convene: Boston | Cybersecurity & Human Risk Conference Aug 13 - 14, 2026

IDC: IT Security Summit Barcelona 2026

Type Conference
Organization IDC
Event Format Physical
Size 101 - 300 approximate delegates
Registration Not Free
SPEAKING OPPORTUNITIES

Search for other Cybersecurity Conferences in Spain in 2026-2027.

Conference Description

Key Takeaways

  • Executive-level cybersecurity summit addressing digital trust, compliance and resilience for European enterprises
  • Focus on aligning security strategy with business objectives amid evolving regulatory requirements including NIS2
  • Coverage of AI-powered security, autonomous threat detection and responsible automation practices
  • Designed for CISOs, CIOs, security architects and compliance leaders from critical infrastructure, finance, healthcare and public sector organisations
  • Emphasis on human factors including leadership development, security culture and talent strategies

Introduction

The IDC IT Security Summit Barcelona brings together senior business and technology leaders to examine how European organisations can build resilient, compliant and trusted digital operations. As regulatory frameworks tighten and threat actors grow more sophisticated, the summit addresses the strategic imperative of positioning cybersecurity as a business enabler rather than a purely defensive function. The event arrives at a critical moment for European enterprises navigating the implementation of directives such as NIS2 while simultaneously managing the security implications of artificial intelligence adoption.

About This Event

Hosted at the Fundació Joan Miró in Barcelona, this one-day in-person summit follows an executive conference format combining analyst-led presentations, panel discussions and roundtable sessions. IDC, the global technology research and advisory firm, structures the programme around strategic foresight and practical implementation guidance rather than product demonstrations. The format facilitates direct engagement between security practitioners, industry analysts and technology providers, creating opportunities for peer learning alongside formal sessions.

The summit draws participation from organisations including Softeng, a Microsoft Cloud partner specialising in AI and cybersecurity; Horizon3.ai, known for its NodeZero autonomous penetration testing platform; ESET, the established security solutions provider; and S2Grupo, a specialist in cybersecurity, cyberintelligence and cyberdefence services.

Securing AI-Powered Business Operations

Artificial intelligence features prominently throughout the summit programme, reflecting the dual nature of AI as both a security tool and a source of new vulnerabilities. Organisations deploying AI systems face questions about model integrity, data protection and the potential for adversarial manipulation. Simultaneously, security teams are adopting AI-powered analytics and automation to manage threat volumes that exceed human processing capacity.

The summit examines responsible innovation frameworks that allow organisations to capture AI benefits while managing associated risks. This includes governance structures for AI deployment, security considerations in machine learning pipelines and the operational challenges of defending systems that incorporate autonomous decision-making. For security leaders, the conversation extends beyond technical controls to encompass board-level communication about AI risk and the development of policies that balance innovation velocity with appropriate safeguards.

Sector-Specific Security Challenges

Critical infrastructure protection receives substantial attention, reflecting heightened regulatory scrutiny and the operational consequences of security failures in essential services. The summit addresses security considerations across healthcare, finance, industrial systems and smart city deployments, each presenting distinct threat profiles and compliance requirements.

Healthcare organisations contend with patient data protection obligations alongside the security of connected medical devices. Financial institutions face sophisticated fraud schemes and strict regulatory oversight. Industrial control systems and operational technology environments present challenges around legacy equipment, safety-critical processes and the convergence of IT and OT networks. Smart city initiatives introduce complexity through the scale of IoT deployments and the interdependencies between municipal systems. The summit provides a forum for examining how security strategies must adapt to these varied operational contexts.

Operations, Analytics and Resilience Management

Building organisational resilience requires capabilities that extend beyond perimeter defence. The summit explores advanced analytics for threat visibility, managed detection and response services, and metrics frameworks that allow security teams to demonstrate programme effectiveness to business stakeholders. These operational considerations connect directly to regulatory compliance, as frameworks like NIS2 mandate specific incident detection and reporting capabilities.

Resilience metrics present particular challenges for security leaders seeking to quantify risk reduction and justify investment. The summit addresses how organisations can develop meaningful measurements that communicate security posture in business terms, moving beyond technical indicators to articulate impact on operational continuity and stakeholder trust.

Regulatory Compliance and Digital Trust

European organisations operate within an increasingly prescriptive regulatory environment. The NIS2 Directive expands cybersecurity obligations across essential and important entities, introducing stricter incident reporting requirements and personal liability provisions for management. Compliance demands have moved security discussions into boardrooms, requiring CISOs to communicate risk in terms that resonate with executive leadership and board members.

The summit positions compliance not as a checkbox exercise but as a foundation for building digital trust with customers, partners and regulators. Organisations that demonstrate robust security practices and transparent incident handling can differentiate themselves in markets where trust increasingly influences purchasing decisions and partnership opportunities.

Leadership, Culture and Talent Development

Technical controls alone cannot address the human factors that contribute to security incidents. The summit dedicates attention to leadership development, security culture programmes and strategies for addressing persistent talent shortages in cybersecurity. Risk communication emerges as a critical competency, enabling security leaders to translate technical findings into actionable guidance for business units and executive teams.

Talent development discussions acknowledge the competitive market for security professionals and explore approaches including internal training programmes, partnerships with educational institutions and the use of automation to extend the effectiveness of existing teams. Culture change initiatives recognise that security awareness must evolve beyond annual training exercises to become embedded in organisational decision-making.

Incident Recovery and Trust Restoration

When security incidents occur, organisational response determines long-term impact on reputation and stakeholder relationships. The summit addresses crisis communication strategies, forensic investigation practices and the regulatory management obligations that follow significant breaches. Insurance considerations feature in these discussions, as cyber insurance markets mature and underwriters impose increasingly specific security requirements.

Trust restoration following an incident requires coordinated efforts across technical remediation, stakeholder communication and demonstrable improvements to security posture. Organisations that handle incidents transparently and implement visible corrective measures can recover stakeholder confidence more effectively than those that minimise disclosure or delay communication.

Who Should Attend

The IDC IT Security Summit Barcelona serves senior decision-makers responsible for security strategy, risk management and compliance within large enterprises. CISOs and security architects will find value in the technical and strategic content, while CIOs and business executives can gain perspective on aligning security investments with organisational objectives. Compliance and regulatory leaders benefit from discussions addressing evolving European requirements and their operational implications.

The summit is particularly relevant for professionals from critical infrastructure sectors, financial services, healthcare and public sector organisations facing heightened regulatory scrutiny and complex threat environments. Those evaluating security technologies, managed services or strategic partnerships will find opportunities for direct engagement with providers and peer organisations navigating similar challenges.