ThreatSpike exhibited at Infosecurity Europe 2026 at ExCeL London from 2–4 June this year. Three days, ten expert sessions presented on our stand and more conversations about AI than we’ve had at any event in recent memory. This is our round-up: what we saw on the floor, what we presented, and what the industry is clearly wrestling with right now.
What The Floor at Infosecurity Europe 2026 Was Talking About
AI came up in practically every conversation at the show – on the main stages, in the sessions, and in the informal conversations between stands. The conference agenda was full of AI topics from big people in the sector. Ciaran Martin, former head of the NCSC, chaired the keynote stage, and the sessions that followed set a tone that was less ‘here’s what’s coming’ and more ‘here’s what’s already here’. The NCSC itself gave a State of the Nation address on the UK threat picture. Jonna Mendez, former CIA Chief of Disguise, opened proceedings by dissecting the mechanics of deception: Cold War tradecraft applied to today’s digital battleground and the relevance to a room full of security professionals wasn’t lost on anyone. Frost & Sullivan presented research on what security leaders are actually funding in 2026, which told its own story about where the anxiety is sitting.
Two things kept surfacing across all of it:
- Agentic AI as an attack vector. Not AI writing better phishing emails (that’s old news), but AI agents acting autonomously: escalating privileges, authenticating as legitimate users, operating across systems without a human in the loop. Several main stage sessions addressed this directly, and our own Head of Offensive Security, Simon Exley, tackled it from a different angle in his deepfake session. The consensus, if there was one, was that most defences were designed for a threat model that assumed human attackers operating at human speed. That assumption is being stress-tested.
- Organisations are worried about what’s going into AI tools. We heard this repeatedly at our own stand, but it was clearly a wider sector conversation too. It wasn’t about the output risk, but the input side. What are employees typing into Claude, Copilot, ChatGPT? What data is being shared, knowingly or not, and who’s monitoring it? It came up from IT Directors and CISOs in roughly equal measure, and very few people had a clean answer. The tools are already embedded in daily workflows. The governance around them is catching up slowly.
What connected both themes was cost now that AI has collapsed the barrier to entry for attackers. Building a convincing deepfake used to take real resources: expertise, equipment, time – now it takes a laptop and twenty dollars. An AI agent that escalates its own privileges and authenticates as a legitimate user was, until recently, a theoretical concern – at Infosec 2026 it was a keynote topic. The barrier to entry for attackers has dropped so far, so fast, that the attack surface hasn’t just grown, it’s been industrialised and handed to anyone who wants it.
ThreatSpike Sessions
We ran a full live session programme across all three days; ten sessions in total, covering AI-managed IT, the economics of AI-driven attacks, physical penetration testing, and a live customer conversation with Lee Scott from Inchcape Shipping Services.
A few highlights:
Simon Exley’s deepfake session drew the biggest crowd and interaction of the show for us. He built a deepfake of himself on stage: voice cloned, lip-synced video in under ten minutes. The thing that landed hardest wasn’t the video demonstration. It was the follow-up: voice cloning combined with a spoofed caller ID and an AI autodialler running thousands of calls a day for pennies each. No camera. No Zoom link. Just a familiar voice on a familiar number, at scale.
Clinton Elves on physical penetration testing also drew strongly. There’s something about watching someone explain, calmly and methodically, how they walked out of a superyacht with network access that focuses the mind. The session was drawn entirely from real engagements, and the audience could tell.
Our CEO, Adam Blake’s product demos pulled people in from the floor. The AI applications discussion – specifically showing what agentic AI running across operational IT functions actually looks like in practice – generated more stop-and-watch moments than any slide deck could. The conversations that started there ran long.
Between sessions, the stand was busy. Demand for our AI capabilities came up more than anything else. People wanted to understand what the platform was actually doing, what it was running, deciding, and acting on autonomously. That question felt new this year. Twelve months ago people were asking whether AI was involved, this year they were asking how it worked and who was accountable for what it did.
For a full breakdown of our sessions, you can read each synopsis here. All session recordings will follow.
Our Takeaway About the State of AI and Cyber Defence
The defences most organisations have in place were built for a different threat model. They assume a human attacker making deliberate choices, operating at human speed. Agentic AI operates faster, at scale, and without fatigue. The access control that catches a human brute-forcing credentials may not catch an AI agent trained to behave like a trusted user.
What we kept coming back to in our own conversations is that the answer to AI-powered attacks is AI-powered defence, but only if the foundation is right. Agentic AI running security operations across a fragmented environment, with five vendors and no unified visibility, adds another layer to the problem. The businesses that will fare best are the ones where IT and security are managed as a single function, by a team with full-stack context, running on a platform designed to operate that way from the ground up. That’s the platform we build. After three days on the floor at Infosec, it’s clear the conversation is catching up to it.
It Wasn't All Business...
Between sessions, several members of the ThreatSpike team discovered a strength test on a neighbouring stand. This was, of course, treated with the full competitive seriousness it deserved.
Josh took the men’s title. Ellie took the women’s. Both results are final.
We talk a lot about resilience: Infrastructure that holds, environments that don’t buckle. It turns out we also take this quite literally…
Infosec 2026 confirmed what we already believed: the threat landscape is moving fast, and the businesses that will weather it are the ones who’ve got their foundations right. If you want to find out how ThreatSpike can help you lay those foundations across your IT & security estate, get in touch.
