Sunday, May 24th 

"Session I" TBA

​

"Session II" TBA

Monday, May 25th 

​

"When AI Misbehaves…The Do’s and Don’ts of using Artificial Intelligence" by Steve Stasiukonis

Using Artificial Intelligence for Social Engineering Abstract: AI made breaking into a secure data center a lot less like “Mission: Impossible” and a lot more like “Mission: Improbably Easy.” During this session we demonstrate how attackers no longer rely on brute force or Hollywood-style hacking. Instead, we used artificial intelligence to gather vast amounts of open-source intelligence (OSINT) from across the internet LinkedIn profiles, conference photos, job postings, breach data, social media, and even AI-powered data-aggregation tools that quietly stitch together fragmented details into a disturbingly complete operational picture.

 

Here’s the uncomfortable truth: when sensitive information is entered into AI systems — especially public or third-party platforms it often stops being “your private data” and quietly becomes shared or cooperatively private data. That data doesn’t disappear. It becomes fuel for future attacks. How AI Turned Recon into Real Access In this scenario, AI wasn’t just used to collect information, it was used to weaponize it. AI Voice Phishing (Vishing): Threat actors cloned executive and IT support voices using nothing more than short audio samples scraped from public webinars, podcasts, or internal meeting recordings leaked online. One phone call from a “known” voice was enough to convince staff to reset credentials, disable security controls, or override physical access procedures.  AI Email Phishing: Instead of poorly written spam, AI generated perfect corporate-tone emails using actual writing styles harvested from breached mailboxes. Messages referenced internal systems, projects, and coworkers by name eliminating red flags and dramatically increasing trust.  AI Deepfakes: Video deepfakes were used to simulate urgent executive requests. In several cases, staff were shown “live” video of a leader requesting emergency access to restricted areas even though that person was nowhere near the building. 

 

The Result with AI handling reconnaissance, impersonation, and social engineering, attackers no longer need technical exploits. They simply become someone you already trust. What once required weeks of human reconnaissance is now automated, scalable, and frighteningly accurate turning physical and network security into a psychological exercise rather than a technical one. This session walks you step-by-step through how that intelligence was gathered, manipulated, and ultimately used to compromise a highly secure facility — all while keeping the tone educational, eye-opening, and yes… surprisingly funny.

 

"The C-Suite & Director's Guide to Cybersecurity-The Top Ten Things You Need to Ask IT About Your Network and Security"

by Steve Stasiukonis

is an executive-focused briefing designed to equip senior leaders with the right questions—not technical jargon—to effectively oversee cybersecurity risk. This program cuts through complexity and empowers C-suite executives, board members, and business leaders to engage confidently with their IT teams, managed service providers, and security vendors.

Through a practical, business-aligned lens, the session highlights the ten most critical questions every executive should be asking about their organization’s security posture from visibility and access control to incident response, third-party risk, and data protection. Participants will gain insight into what constitutes strong, defensible answers versus red flags that may indicate gaps, misconfigurations, or unmanaged risk.

This program is not about turning executives into engineers it’s about giving leadership the clarity and authority to hold IT accountable, make informed decisions, and ensure cybersecurity is aligned with business objectives, regulatory expectations, and real-world threat conditions.

​

Tuesday, May 26th 

​

"Steering Through Disruption: Credit Unions, Fintech Partnerships, Stablecoins, and the New Regulatory Landscape”

by Rodney Hood

​

In a moment defined by rapid policy evolution, fintech innovation, and digital transformation, credit unions have a unique opportunity to expand their reach through strategic partnerships. In this forward-looking session, former Acting Comptroller of the Currency and former NCUA Chairman Rodney E. Hood brings a rare dual-regulator perspective to the issues shaping 2026—from the maturation of fintech–credit union collaboration models, to emerging stablecoin frameworks, to the implications of the GENIUS Act and a broader shift toward regulatory recalibration and innovation enablement.

 

Drawing on leadership roles across the OCC, NCUA, and federal interagency coordination, Mr. Hood will explore how credit unions can responsibly partner with fintech firms to accelerate innovation, enhance member services, and remain competitive in a rapidly evolving financial landscape. Attendees will gain practical insight into structuring effective partnerships, managing third-party and operational risk, and aligning innovation strategies with supervisory expectations—while advancing the credit union mission in an increasingly digital, real-time, and tokenized financial system.

 

This session will feature opening remarks, a fireside chat discussion with Rodney Hood and Patrick Adams, and audience Q&A—equipping credit union leaders with the perspective and strategy needed to move forward with clarity and confidence.

​

"Session II" TBA

​

Wednesday, May 27th 

​​

"Session I" TBA

​

"Session II" TBA