The NetDiligence Cyber Risk Summit does not operate like most industry conferences. There are no keynotes designed to sell you something. The people in the room are breach counsel, forensic investigators, insurance carriers, and CISOs who have lived through actual incidents. The conversations are frank, sometimes uncomfortable, and consistently useful. That is exactly why Aeren LPO keeps showing up.
This year, the summit has made stops in Miami and Toronto, with San Diego coming up on May 19 and 20. We were on the ground in Miami. Here is our honest account of what the 2026 series has surfaced so far, and what it means for anyone working at the intersection of cyber risk and legal response.
A Quick Word on NetDiligence
NetDiligence has been in the cyber risk space since 2001, which means over 20 years of watching how breaches actually unfold and what the insurance industry needs to respond to them. They are an award-winning provider of cyber risk management software and services, known for tools like QuietAudit cyber risk assessments, the eRiskHub cyber risk management portal, and Breach Plan Connect for data breach response planning. They also publish an annual Cyber Claims Study that carries real weight in the industry.
The summit series, which covers Philadelphia, California, Toronto, Florida, and Bermuda each year, is an extension of that same focus. It is not a general security conference. The audience is insurers, breach coaches, privacy attorneys, risk managers, and forensic experts who are dealing with real claims and live incidents. When conversations happen here, they are grounded in actual data and hard-won experience.
Miami: The Ground Truth on Cyber Preparedness
Our VP of Business Development, Dominic Hithon, attended the Miami summit, and the sessions did not pull punches. The central reality that came through across every discussion was this:
No organization is fully prepared for a breach. The differentiator is not the technology they have. It is whether their incident response planning is structured, documented, and legally defensible before anything goes wrong.
Legal privilege and transparency have become serious boardroom issues. Regulators are increasingly treating transparency not just as good governance but as a compliance obligation. Organizations that cannot show documented, defensible decision-making during a breach are exposed on multiple fronts at once.
The CISO conversation was one of the most grounded of the summit. CISOs hold the cybersecurity budget, but meaningful action keeps hitting the same wall: leadership that has not yet accepted that cyber risk is business risk. Until that shift happens at the board level, response stays reactive, and the cost of that reactive posture shows up clearly in claims data.
AI got serious scrutiny, too. Yes, it is speeding up digital forensics and first-pass document review. But the question one session raised has stayed with us: “Would you have AI get on the witness stand?” That is not a hypothetical. It is the core tension the industry is working through right now. Chain-of-custody integrity, evidentiary defensibility, regulatory scrutiny: these are not problems AI has solved yet, and pretending otherwise creates real legal exposure.
DFIR (Digital Forensics and Incident Response) also featured heavily, and rightly so. It is not eDiscovery. It requires custodian-level PII review under time pressure, with faster and more subjective decision-making than traditional legal review workflows are built to handle. Organizations that treat the two as interchangeable find out the hard way why they are not.
Toronto: When the Complexity Outgrows the Response Model
The 12th Annual NetDiligence Toronto Summit picked up where Miami left off, and the tone was equally direct. The headline from Toronto is that the complexity of cyber incidents is growing faster than most organizations’ ability to respond to them.
AI governance has crossed a threshold. It is no longer a forward-looking best practice. Underwriters are already factoring it into insurability decisions. If your organization cannot demonstrate a working AI risk framework, that gap will surface at renewal time.
Deepfake social engineering earned its own plenary, and the concern is well-founded. Wire fraud incidents involving deepfakes are creating verification problems that legal teams are not yet fully equipped to handle. The evidentiary challenges are live issues in active litigation, and the legal tail on these cases is getting expensive.
Privacy litigation and data breach trends rounded out the Toronto agenda with a sobering picture. The notification phase of a breach used to be the hard part. In 2026, it is closer to the opening act. Class actions, dark web data circulation, and repeated claims long after an incident is considered closed are stretching the exposure window in ways that demand a genuinely scalable legal review process.
San Diego Is Next, and Aeren LPO Will Be There
The NetDiligence Cyber Risk Summit in San Diego runs May 19 to 20, 2026. Dominic Hithon will be representing Aeren LPO on-site, and based on the trajectory of Miami and Toronto, San Diego is set to push the AI governance conversation into more practical territory, sharpen the focus on third-party and supply chain risk, and give the insurance market a clearer look at where coverage standards are heading.
If you are attending, we would genuinely welcome the conversation. The work Aeren LPO does sits right at the center of what these summits discuss: scalable, defensible legal review for cyber incidents, from breach notification to custodian-level PII review under real-time pressure.
The organizations navigating this well are not the ones with the biggest security budgets. They are the ones who have built their response around defensibility, legal accountability, and processes that hold up when it matters most. That is the standard the NetDiligence Cyber Risk Summit 2026 keeps coming back to, and it is the standard we build our work around too.