Cyber / AI Expo 2026 Celebrates Successful Munich Debut
With more than 700 registered participants Cyber / AI Expo brought together the community at BMW Welt to discuss digital resilience, AI, cybersecurity and regulation.
Munich, 24 June 2026 – How can organisations stay resilient as cyberattacks become more professional, artificial intelligence accelerates the threat landscape and regulatory requirements continue to rise? This was the central question discussed on 24 June at Cyber / AI Expo 2026 at BMW Welt Munich, where decision-makers, cybersecurity experts, technology providers, startups and investors from a wide range of industries came together.
Under the guiding theme “Redefining Digital Resilience”, the event made clear that cybersecurity is no longer just an IT issue. It now affects business models, supply chains, buildings, vehicles, healthcare, production environments and the strategic ability of entire organisations to remain operational.
AI, Cyber Threats & The Rules of the Game
The morning programme focused on the new rules of cybersecurity. Across keynotes, expert talks and live demos, speakers explored how AI is changing attacks — and what this means for security architectures, governance, awareness and regulation.
Sebastiaan Bäck, Cybersecurity Evangelist, Field CISO and Disaster Junky at Halcyon, illustrated how quickly attacks can now be prepared, scaled and professionalised using AI. Deepfake audio or video generated from just a few seconds of original material is one example of how low the barrier has become for highly convincing manipulation.
At the same time, AI is also becoming an important part of cyber defence. Olivier Schraner, Chief Security Advisor at Microsoft, and Jeroen Vandeleur, Senior Security Expert at NVISO, demonstrated in a live demo how AI agents and cybersecurity experts can work together in practice. Their conclusion: the model alone is not what makes the difference. What matters is the architecture around it — data pipelines, context, workflows, safeguards and the ability to translate AI insights into concrete security action.
Christian Pedersen, Chief AI Officer at emagine, and Mateusz Kaczorek, Lead AI Engineer at emagine, brought the governance challenge down to one sentence: “You can’t govern what you don’t own.” Companies need to understand exactly which parts of their AI stack they must control — from access rights and data flows to costs, sources and auditability.
Beyond technology and architecture, the morning also addressed organisational responsibility. Dr. Patricia Köpfer, Cyber Education Manager at Schwarz Digits, put the human factor centre stage. Security awareness only works when it fits into everyday work. If rules are too complicated or processes get in the way, people find workarounds — not because they do not care, but because they need to get their jobs done.
Thomas Schumacher, Managing Director at Accenture, framed cybersecurity as a leadership issue. When attacks affect production, supply chains, customer data, revenue and reputation, the conversation is no longer about IT tickets. It is about responsibility, trust and business continuity.
The legal framework was addressed by Mareike Christine Gehrmann, Partner and specialist lawyer for IT law at Taylor Wessing. The CRA, AI Act, NIS2, GDPR, Data Act and DORA are turning cybersecurity into an increasingly important governance, compliance and liability issue. Prof. Dr. Clemens Gause, Managing Director at the Verband für Sicherheitstechnik, then raised the question of what it means for companies and society when AI systems suddenly no longer behave as expected in real-world use.
Resilience First – Cyber AI Across Key Industries
In the afternoon, the focus moved beyond the server room to the places where digital systems control real-world processes: film sets, buildings, vehicles, hospitals and industrial environments.
The session opened with Eric Lehmann, CTO of Constantin Film. Screenplays, rough cuts, post-production, marketing and distribution are now deeply digital parts of the film value chain. This creates new attack surfaces — from protecting unreleased material and managing external workflows to dealing with deepfakes and AI-driven manipulation.
Volker Schmidt, Director Digital Advisory & Cyberdefense at CBRE, turned the spotlight on smart buildings. Modern buildings increasingly function like computers: connected, intelligent and therefore vulnerable. When heating, cooling, access, energy or safety systems are affected, cybersecurity is no longer abstract. It can have real physical consequences.
Martin Arend, General Manager Automotive Security at BMW Group, showed that trust in modern vehicles now depends not only on mechanics and materials, but also on secure software, protected data flows and resilient digital interfaces.
Arwid Zang, CEO of greenhats, brought the perspective of a professional hacker to the stage. Using an anonymised healthcare case, he explained which risks only become visible through 365 days of continuous threat monitoring — and why one-off security checks are often not enough in live operations.
To close the industry deep dive, Dr. Frank-Michael Kamm, Senior Technology Manager at Giesecke+Devrient, addressed secure machine identities in the Internet of Things. Connected devices will increasingly need to prove automatically who they are, who they belong to and whether they can be trusted — a key prerequisite for secure digital ecosystems.
The Expo Floor: From Debate to Implementation
The expo floor also reflected the breadth of the topic. More than 35 exhibitors showcased solutions, services and practical use cases for companies looking to strengthen their digital security and prepare for emerging risks. The exhibition covered approaches to protecting data, applications, identities, connected systems and critical business processes, as well as new ways to relieve security teams through automation and AI. Exhibitors included Akamai, Datadog, digiti solutions, emagine, Exabeam, ManageEngine, Pentera, Ping Identity, Rapid7, SECLAB, Snyk, Sopra Steria, Torq and TrendAI, alongside numerous specialised providers and emerging technology companies.
Cyber AI Innovation World Cup® 2026: Startups Take the Stage
A closing highlight of the event was the Cyber AI Innovation World Cup® 2026. Startups, scaleups and SMEs took to the stage with new approaches to AI security, detection, trust, SOC automation, cyber resilience and defence against AI-accelerated attacks. The expert jury selected the Top 3 Cyber AI Innovators 2026:
1st place: Label4.ai, France: Label4.ai is developing a multimodal detection layer that identifies AI-generated documents, images, voices and videos before they reach human or automated decision-making processes.
2nd place: Liontech Instruments, Germany: Liontech Instruments impressed the jury with hardware-based malware protection for critical infrastructure.
3rd place: SQUR, Germany: SQUR presented an autonomous pentesting platform that runs full web application and API pentests within 24 hours.
More on the pitch and the Innovation World Cup
Next Up: Cyber / AI Expo 2027 in Paris and Munich
Following two successful editions in Paris since 2025, the Munich debut marked the next step for the format. Cyber / AI Expo highlighted the strong demand for a European platform that brings together cybersecurity, artificial intelligence, regulation, industry practice and innovation.
The next edition in Paris will take place on 2 February 2027. Cyber / AI Expo will return to Munich on 30 June 2027.