New speakers at Cybersec Europe 2026 focus on supply-chain risks and sovereignty
With the announcement of new speakers, Cybersec Europe is further sharpening its content direction. On 20 and 21 May 2026 at Brussels Expo, supply-chain and third-party security will be high on the agenda, with European legislation such as the Cyber Resilience Act presented as a necessary response to these risks. At the same time, digital sovereignty remains a second, equally critical trend within the broader cybersecurity debate.
That evolution takes shape at Cybersec Europe 2026 with Patricia Shields, CEO and co-founder of Dublin-based Cyber Cert Labs. In her keynote, she places the Cyber Resilience Act (CRA) at the centre as a policy instrument to address supply-chain security in a structural way. Cyber Cert Labs supports organisations—including smaller companies—in meeting the new requirements around product security, software components, and supplier chains.
Shields emphasises that the CRA goes beyond internal security measures: companies are explicitly made responsible for the cyber resilience of their entire ecosystem. Legislation thus becomes a lever to make risks in complex digital chains more transparent, measurable, and manageable.
Figures also show why this approach is needed. A previous report from HP Wolf Security reveals that 34 percent of IT leaders have seen a supplier fail a cybersecurity audit in the past five years. For 18 percent, the shortcoming was so serious that the collaboration was terminated. Shields makes clear how regulation such as the CRA is designed to detect these kinds of scenarios earlier—and prevent incidents.
Sovereignty as a second strategic pillar
In addition to supply-chain risks and legislation, the new speakers also reaffirm digital sovereignty as a second major focus of Cybersec Europe 2026. Questions around where data is stored, which jurisdiction it falls under, and how dependent organisations are on external infrastructure are becoming increasingly urgent in a geopolitically tense context.
These questions take shape with the participation of Pascal Rogiest, General Manager of Clarence. Clarence is the joint venture between LuxConnect and Proximus. The platform claims to offer Europe’s first fully internet-disconnected, sovereign cloud environment.
Rogiest joins the debate on sovereignty. “People and organisations have realised that storing sensitive data in public cloud environments carries a risk,” he states. Clarence positions itself as an alternative for organisations seeking maximum control, isolation, and legal certainty for their most critical data.
European and international perspective
With Patricia Shields from Ireland and Pascal Rogiest from Luxembourg, the new announcements once again reinforce the international and European character of Cybersec Europe. As with previously announced speakers, the focus is on expertise from within Europe itself, linked to current trends, concrete use cases, and policy challenges.
