ISACA 2026 Tackles AI Governance and Quantum Cyber Threats

SCHAUMBURG, IL – March 10, 2026 – As organizations worldwide grapple with the dual pressures of rapid technological advancement and escalating digital threats, the global tech association ISACA is set to address the core challenges of governance and trust at its 2026 North America Conference. Scheduled for May 6-8 in Las Vegas and virtually, the event will convene thousands of IT audit, risk, and security professionals to navigate the complex landscape shaped by artificial intelligence, quantum computing, and a shifting regulatory environment.

The conference arrives at a critical juncture. The year 2026 is marked by the enforcement of major global regulations like the EU AI Act and a cybersecurity landscape where, according to Forrester, a public breach caused by an autonomous AI agent is anticipated. Against this backdrop, ISACA’s agenda, featuring sessions on AI governance, digital identity, and human-centric compliance, aims to equip professionals with the frameworks and knowledge needed to build and maintain digital trust.

The AI Governance Imperative

A central theme of the conference is the urgent need for robust governance around artificial intelligence. The industry is moving beyond generative AI into the realm of agentic AI—autonomous systems capable of independent action. While promising efficiency, these systems introduce profound risks related to accountability, data handling, and unintended consequences. The conference directly confronts this reality, with pre-conference workshops offering advanced certification preparation in both AI Audit (AAIA) and AI Risk (AAIR).

This focus is particularly timely. With the EU AI Act now in its enforcement phase, organizations are legally required to categorize AI systems by risk and ensure human oversight, facing steep penalties for non-compliance. In the U.S., the NIST AI Risk Management Framework is evolving to become the de facto standard for responsible AI, pushing companies to integrate AI risk management into their core cybersecurity and privacy strategies. The ISACA conference appears designed to translate these high-level regulatory demands into actionable practices for the professionals on the front lines.

The event’s opening keynote speaker, technology futurist Shelly Palmer, is slated to explore how AI and the nascent field of quantum computing are fundamentally reshaping the future. His session is expected to provide a high-level strategic overview of the opportunities and existential risks these technologies present, setting the stage for deeper dives into governance and control throughout the conference.

Fortifying Defenses in an Age of Advanced Threats

Beyond AI governance, the conference will maintain a strong focus on the ever-evolving cybersecurity threat landscape. According to recent PwC research, nearly 78% of organizations plan to increase their cybersecurity budgets, yet a mere 6% feel fully prepared for the spectrum of potential attacks. The ISACA agenda reflects these concerns, offering sessions and workshops aimed at hardening defenses.

One of the most significant long-term threats is the advent of quantum computing, which experts predict will render current asymmetric cryptography obsolete within a decade. This has created a “harvest now, decrypt later” scenario, where adversaries may be capturing encrypted data today with the intent of decrypting it once quantum computers are viable. The conference is poised to address this, aligning with industry trends that see quantum security spending projected to exceed 5% of IT security budgets in 2026.

Theresa Payton, a former White House CIO and noted cybersecurity expert, will deliver a keynote address on future-proofing organizations against relentless cyber threats. Her insights are expected to provide attendees with practical strategies for building resilience in an era of AI-driven impersonation, sophisticated ransomware attacks, and complex supply chain vulnerabilities. A dedicated pre-conference workshop, “Securing Cloud Infrastructure in the Age of AI,” further underscores the focus on providing hands-on, defensive strategies for today’s most critical infrastructure.

Upskilling for the Future of Digital Trust

Addressing these technological and security challenges requires a highly skilled workforce, yet a persistent talent shortage plagues the industry. ISACA is positioning its conference as a critical platform for professional development and upskilling. Attendees have the opportunity to earn up to 17 hours of continuing professional education (CPE) credits—essential for maintaining industry-standard certifications like CISA and CISM—with an additional 15 CPEs available through the intensive pre-conference workshops.

The content is explicitly designed to bridge identified skills gaps. As professionals in audit and risk management are increasingly tasked with overseeing complex AI and cloud systems, the demand for specialized knowledge has skyrocketed. The certification prep courses for AI audit and risk directly cater to this need, offering a pathway for professionals to validate their expertise in a high-demand, emerging field.

This focus on practical education and career advancement is a core differentiator for ISACA. By offering a curriculum that blends high-level strategy with specific, certifiable skills, the conference provides a tangible value proposition for both individuals seeking to advance their careers and organizations looking to cultivate the talent needed to navigate the digital future securely and ethically.

The Human Element: Leadership and Resilience

While technology and processes are central, the conference also emphasizes the indispensable human element of digital trust. Sessions on human-centric compliance and a keynote address from Shola Richards, CEO of Go Together Global®, highlight the importance of culture, leadership, and personal resilience.

Richards is expected to close the conference by sharing strategies used by high performers to maintain focus and effectiveness in high-stress environments—a particularly relevant topic for cybersecurity and risk professionals who face constant pressure and the threat of burnout. His message underscores a growing understanding in the industry: effective governance and security are not just byproducts of better tools, but of resilient, focused, and well-supported teams.

Furthering this focus on people, the conference will host a SheLeadsTech networking breakfast, an initiative aimed at increasing the representation and influence of women in technology. By creating spaces for mentorship and community, ISACA acknowledges that diversity of thought and experience is crucial for solving the complex ethical and security puzzles of the digital age. This holistic approach, which integrates cutting-edge technology with professional development and a focus on human well-being, defines the comprehensive vision of the ISACA 2026 North America Conference.