Emerging Technology Conference 2026

Date and Time

The conference will be held on February 19, 2026 from 8:30 am to 12:30 pm.

Add this event to your calendar using the Add to Calendar link at the bottom of the page.

Virtual Event

The conference will be held using Zoom.

Prior to the event, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.

Pricing

The fee for GWDC Members is $10 for the conference.
The fee for all other registrants is $30 for the conference.

To become a member and take advantage of the member rate for our events, among other benefits, join ISACA and select the Greater Washington D.C. Chapter as your local chapter.

Event Policies

Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details.

The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services.
All complaints should be submitted through the Registration Contact Form.

Guardrails for AI Coding

Presenter: Jon Zeolla (Zenable and SANS Instructor)

Generative AI is quickly becoming a default part of the software development lifecycle. Faster delivery can also increase security risk, operational fragility, and decisions that are difficult to review or audit after the fact. This session focuses on AI coding guardrails: practical, developer-friendly controls that help teams adopt coding assistants with confidence while maintaining strong security, governance, and assurance.

We will walk through three maturity levels for agentic coding controls. Level 1 uses built-in steering mechanisms in modern agentic IDEs, including project context files, rules, and instruction layers. These establish consistent expectations for architecture, security patterns, data handling, logging, and “how we do things here,” so teams reduce variability and improve repeatability. Level 2 adds context-injection agents that deliver guidance at the right time. They provide the relevant requirements, approved patterns, and constraints based on what is changing, the type of work underway, and where the developer is in the workflow. Level 3 adds deterministic, policy-as-code guardrails in pull requests and CI/CD to enforce security, quality, and compliance requirements with measurable outcomes and audit-ready evidence. These guardrails also learn from code changes and review outcomes, continuously improving the context used in Levels 1 and 2 to strengthen controls over time.

AI, Data Governance, and Sensitive Data Handling in Government Environments

Presenter: Larry Pitts

This session explores how artificial intelligence tools interact with sensitive data in regulated and government-adjacent environments. Drawing on over a decade of government contracting experience, Larry Pitts examines governance considerations for AI-enabled platforms, including how data is collected, processed, stored, and retained across government and commercial cloud infrastructures. 

The presentation will highlight practical differences between public-sector and commercial data architectures, common governance gaps organizations encounter when adopting AI tools, and the importance of transparency, policy alignment, and ethical considerations in AI deployment. Attendees will gain a clearer understanding of how to evaluate AI solutions through a data governance and compliance lens without slowing innovation.

Key Takeaways:

• How AI-based tools handle sensitive and regulated data in government contexts
• Key governance considerations when adopting AI in regulated environments
• Differences between government and commercial cloud and data infrastructures
• Practical questions GRC teams should ask vendors about AI data usage
• Ethical and policy-driven considerations for responsible AI adoption

AI integration, and cybersecurity resilience across the Defense Industrial Base (DIB)

Presenter: Allen Westley

This session provides a senior-leadership perspective on emerging technologies, AI integration, and cybersecurity resilience across the Defense Industrial Base (DIB). Drawing from experience leading cybersecurity programs supporting mission-critical and classified environments, Allen Westley discusses how organizations can align AI adoption with enterprise risk governance, compliance obligations, and operational resilience.

The presentation bridges strategy and execution, focusing on translating digital risk into actionable leadership decisions. Topics include AI governance in high-assurance environments, classified and unclassified network considerations, and the human dimension of cybersecurity, including mind privacy and cognitive security. Attendees will leave with a clearer understanding of how to balance innovation, compliance, and mission priorities at scale

Key Takeaways:

• Leadership considerations for AI adoption in classified and regulated environments
• Aligning AI strategy with enterprise risk governance and compliance needs
• Managing cybersecurity risk across classified and unclassified domains
• Understanding the human and cognitive dimensions of emerging technology risk
• Practical insights for building resilient, compliance-driven AI governance models

Autonomous Cybersecurity

Presenter: Dr. Jeffrey Duffany (Politechnic University of Puerto Rico)

Autonomous cybersecurity refers to the use of artificial intelligence (AI), machine learning (ML), and automation to detect, prevent and respond to cyber threats with minimal human intervention. It aims to enhance traditional cybersecurity by improving speed, accuracy, and adaptability to emerging threats. The main benefits are faster threat mitigation, reduced reliance on human analysts, improved accuracy in threat detection and scalability across large networks. Some of the major challenges include sophisticated adversarial attacks against AI models and ethical concerns around full automation. Autonomous cybersecurity systems leverage AI, machine learning (ML) and automation to identify, analyze, and neutralize cyber threats in real time. This approach significantly enhances an organization’s ability to counter advanced cyberattacks.

Jon Zeolla
CEO @ Zenable; SANS Instructor
GCSA, GCWN, GPEN, GCUX, GPPA, CISSP

Jon Zeolla is a full-stack security engineer and the founder and CEO of Zenable, working at the intersection of quality engineering, automation, and emerging tech. He focuses on helping teams move fast without breaking things or compromising security. As a SANS Certified Instructor, Jon travels globally to train organizations on AI safety, cloud-native security, and compliance. He is also a CNCF Ambassador and an active contributor to the open-source community. Jon regularly builds and shares projects that embed Governance, Risk Management, and Compliance (GRC) directly into developer workflows—favoring guardrails over gates to reduce friction and accelerate innovation.

Finally, Jon is an organizer of BSides Pittsburgh (the city’s largest security conference), an IANS Faculty member, and an AWS community builder. You can see more of his contributions and awards at jonzeolla.com.

As a SANS Certified instructor, Jon feels it is his responsibility to encourage curiosity in his students, helping them to understand more than just what a tool says it can do on its label, but digging deeper and working to understand how it was developed, learning its tradeoffs and alternative use cases. He encourages students to get creative with how to use tools, but also to periodically develop their own, if only just to learn or better appreciate a solution. Jon’s expertise allows him to explain things simply and thoroughly while incorporating real-life examples.

From an early age, Jon started learning about security due to his competitiveness in video gaming. After developing and improving on a series of hacks and glitches, he turned his attention to the systems and networks around him, eventually getting to the point where his high school hired him part time to remediate vulnerabilities that he identified and disclosed. Jon’s love of finding ways that things could have unintended consequences, coupled with his desire for efficiency and naturally analytical mind, made the DevOps and Security Automation work a natural progression for him out of college. He has been digging into code, processes, and assumptions ever since, with the goal of identifying and fixing vulnerabilities through automation and the creation of low-friction systems.

Early in his career, Jon identified his interest in solving difficult and unique business problems through technology. When he noticed a clear gap in local technical networking events, he created Steel City InfoSec and has been creating hands-on labs, giving and facilitating presentations, and setting up networking sessions for its roughly 1,000 members of practitioners over the decade since. Throughout his career working at an R1 research university, a top 5 US-based bank, and a retailer with over 1,200 stores, Jon has leveraged automation and large scale analysis of security data to perform automated, active defense activities shown to detect and withstand regular APT activities.

Jon holds three undergraduate degrees, including a bachelor’s degree in Cyber Forensics and Information Security, and while in school he was the recipient of two notable awards: “CIS Outstanding Undergraduate Student Award” and “IT Outstanding Student Award”. In 2017 he was inducted into the National Technical Honor Society as an Honorary Member. He holds a number of industry certifications including GCSA, GCWN, GPEN, GCUX, GPPA and CISSP. He is also a faculty member of the SANS Technology Institute, an NSA Center of Academic Excellence in Cyber Defense and multiple winner of the National Cyber League competition. Jon is an active contributor to the cybersecurity community in Pittsburgh and nationally through various affiliations.

When not behind a computer screen, Jon can be found mountain biking through the Appalachian hills, in the gym weightlifting, or playing chess with his son.

Larry Pitts
Director of Customer Success | AI Enablement & Government Technology

Larry Pitts is a government contracting professional with over a decade of experience supporting state and federal agencies. He specializes in AI enablement, data governance in AI-driven tools, and technology adoption within regulated government environments. Larry has worked across the procurement lifecycle and understands the operational and compliance considerations that shape technology decisions in the public sector.

An active voice in the technology community, he has moderated and participated in panels advocating for ethical AI adoption and expanded small business participation in government contracting. His work focuses on balancing innovation with responsible data governance practices.

Allen Westley
Senior Cybersecurity Leader | Founder | AI & Classified Network Strategy

Allen Westley is a senior cybersecurity leader in the Aerospace and Defense sector, where he drives classified network optimization, AI-integrated cyber defense strategies, and enterprise risk governance across mission-critical environments. He has led cybersecurity programs protecting multi-billion-dollar defense contracts and managed teams across secure and unclassified domains.

Allen builds AI governance frameworks designed for high-assurance, compliance-driven organizations within the Defense Industrial Base. He is also the founder of Cyber Explorer LLC and serves as a CISO-level advisor. A frequent speaker at NIST FISSEA, ISC2, and ISACA forums, he writes and speaks on AI governance, cognitive security, and the evolving human dimension of cyber risk.

Dr. Jeffrey Duffany
Professor @ Politechnic University of Puerto Ric

Dr. Jeffrey L. Duffany is a full professor at Politechnic University of Puerto Rico in the graduate school of computer science. Duffany has many academic achievements to his name, including being both a visiting scientist and visiting faculty member at several government and military research labs working in the area of cyberdefense. His biography is listed in “Who’s Who in the World,” and he is a recipient of the Albert N. Marquis Lifetime Achievement Award for teaching and research. Widely published, Duffany’s articles have appeared in many engineering and technology journals, and he was asked by the Springer-Verlag publishing company to write the introductory chapter for a new book on computer and network security essentials. Duffany holds a BS in Electrical Engineering from the University of Connecticut; an MS in electrical engineering from Columbia University; and a dual PhD in computer and information engineering from Stevens Institute.

Poll Questions

Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls.

CPE Distribution and Evaluation Survey

CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.

Learning Objective

After attending this event, attendees will learn about current and future trends in the emerging technology space.

CPE-Related Details

• Prerequisites: None
• Advance Preparation: None
• Program Knowledge Level: Basic
• Delivery Method:  Group Internet Based
• Field of Study:  Information Technology – Technical