When technology and cybersecurity move fast, the conversations that matter move even faster. At DefCamp 2025, we once again demonstrated why the conference stands as a critical meeting point for influence and decision-making in cybersecurity.
DefCamp is where hacking and security collide. But, most importantly, it’s where strategy meets execution and where the future of cybersecurity across Europe takes concrete shape.
By bringing together policymakers, executive leaders, CISOs, technology providers, researchers, and practitioners, DefCamp 2025 created a trusted environment for strategic dialogue, informed decisions, and long-term collaboration. At DefCamp 2025, organizations confronted real-world risk, regulatory pressure, and operational complexity: openly, constructively, and with a clear focus on impact.
Among the voices driving leadership and direction was Alessandro Miracca, Director Cybersecurity and Risk at Mastercard, who joined DefCamp 2025 as a speaker, panelist, and active contributor to the community and business dialogue.
With Mastercard participating as Platinum Partner and VIP Lounge Partner, the presence underscored a clear message: cybersecurity today is not just a technical challenge, but a business imperative, deeply tied to resilience, trust, and long-term growth.
We sat down with Alessandro to reflect on his first DefCamp experience, marking Mastercard’s debut within the DefCamp community, and to share insights on engaging with a highly specialized cybersecurity audience operating at the intersection of strategy, technology, and business impact.
From the evolution of Third Party Risk Management to cyber resilience in the age of AI, the conversation highlighted a shared conviction at the core of DefCamp: collaboration across organizations, sectors, and regions is no longer optional, but a critical enabler of effective risk management, operational resilience, and sustainable digital trust.
This was your first time at DefCamp. How did it feel to step on the DefCamp stage and engage with such a large and driven cybersecurity community?
I felt deeply honored to be part of such a great event and community. During the two days of the event, and also in the extra activities (e.g., the dinner) I had the chance to connect with many skilled people on Cyber Security and discuss interesting topics.
Your presentation explored how organizations should evolve their Third Party Risk Management approach in the context of complex attacks like SolarWinds, Kaseya, and NotPetya. What is the main insight you hope attendees took away from your talk?
I hope participants understood the importance of thinking at Third Parties as a part of their own organization and, therefore, something to be protected as well. A fault in a third-party system may lead to severe consequences for the company to which the service is offered. Establishing a minimum security baseline for the company and its third parties is crucial nowadays.
You also joined the panel on ‘Cyber Resilience in Financial Services: Staying Ahead in the Age of AI Threats.’
Which perspective or message from the discussion do you believe resonated the most with the DefCamp audience?
And do you think that panel discussions like this are effective in addressing sensitive cybersecurity topics and generating meaningful solutions?
I had immediate positive feedback after the panel from participants, and this makes me feel proud of being part of that. Together with the other speakers, we managed to provide different but complementary points of view about Cyber Resilience and the use of AI as a potential solution to improve Cyber Security. The most interesting discussion was about the use of AI as both a way to harm and defend companies.
DefCamp is known for bringing together experts, decision makers, practitioners, and emerging talent. How do you see the role of conferences like this in strengthening cybersecurity capabilities across Europe?
I strongly believe in information sharing in the Cyber Security field. The collaboration on certain topics, such as Threat Intelligence or Incident Management is of paramount importance to ensure that the damage suffered by one entity is not going to be experienced by anyone else. National institutions are known for doing so (e.g., national CERT); then, there are also some private associations (e.g., FIRST). I would like this to become the common way of working at world-wide level
For Mastercard, DefCamp is probably a different format compared to other events. What motivated Mastercard to be present here, and how do you see this involvement evolving in the future?
Mastercard can be considered a Tech company more than a Financial institution. The business is evolving since the beginning of the 21st century and Cyber Security represents one of the main area of investment for Mastercard: the company started to acquire several companies to improve internal processes, embedding Cyber Security and enhancing the resilience of the infrastructure, and then realized that also the payment channel might obtain an advantage from higher Cyber Security standards.
As Mastercard, we are not comparing ourselves to traditional consultancy firms or system integrators; on the other hand, we have the capabilities, under the form of skills and technologies, to provide a different point of view and support to our customers in the field of Cyber Security.
You highlighted the importance of people, processes, and technology working together. In your view, which of these pillars is currently the hardest for organizations to mature, and why?
Humans are always the weakest link in the chain. People must be trained in how to recognize cyber threats and how to react to those. Organizations sitting on the best technology and the best processes may fail rapidly in case of a compromise originating from an employee that is not aware about impacts generated by its own actions.
Years of observing how threats, technologies, and attacker behaviors evolve have shown that cybersecurity leadership cannot be built by reacting to yesterday’s risks. It requires looking beyond the current threat landscape to shape smarter decisions and future-ready strategies. This is exactly the role DefCamp has consistently played and continues to strengthen with each edition. From Alessandro’s perspective, the conference is increasingly positioning itself as a strategic platform for helping organizations prepare for what lies ahead, especially as the environment grows more complex and less predictable.
Cybersecurity entered a new phase shaped by artificial intelligence, therefore Alessandro is unequivocal: “the rise of the Generative AI era is going to introduce new threats, and companies must evolve their own defense mechanisms in order to be able to identify and counter them”. Drawing on what he experienced at DefCamp, he sees the conference as uniquely equipped to take this conversation further. By expanding its focus on AI and GenAI-related risks, DefCamp can help the community understand how these technologies can be both weaponized and leveraged for defense, while equipping organizations with the insight, context, and strategic confidence needed to respond effectively.
This forward-looking perspective naturally extends into the conversation about continuity and collaboration. With Mastercard significantly expanding its cybersecurity footprint in Romania, Alessandro also views DefCamp as a platform with long-term relevance for both individual leaders and their teams. While he is keen to return in 2026, he emphasizes that the real value lies in collective participation: “I would love to participate again in 2026, but what I would like mostly is to have colleagues together with me at the event bringing their own expertise as well”. This approach reflects a broader commitment to shared learning and multi-disciplinary engagement, both of which are essential in addressing systemic cyber risk.
As the conversation drew to a close, Alessandro reflected on his overall experience at DefCamp. Looking back, he frames DefCamp 2025 as “definitely a positive experience”, shaped by strong execution and a carefully balanced mix of local and international experts. Beyond the setting, what stood out most to him was the substance of the dialogue and the practical relevance of the discussions, particularly the opportunity to deepen his understanding of “the Cyber Threat Landscape for Europe and the tools that may allow us to defend against the most common menaces”.
For Alessandro, this level of exposure goes beyond insight alone. It creates the right conditions to “identify innovative solutions or establish partnerships aiming at the provisioning of an end-to-end support”, reinforcing DefCamp’s role as a trusted environment where strategic thinking, technical expertise, and business collaboration intersect.
In that light, DefCamp 2025 set the stage for meaningful connection, informed decision-making, and long-term collaboration across the cybersecurity ecosystem.
That energy and momentum are captured in this year’s DefCamp aftermovie – which you can watch below!
From supply-chain resilience and AI-driven threats to the human factor behind every security decision, Alessandro’s insights reinforced a reality we see across the industry: cybersecurity is a shared responsibility, and progress happens when technology, people, and trust evolve together.
As DefCamp continues to grow as the most representative cybersecurity conference in Romania and a strategic hub for Central & Eastern Europe, voices like Alessandro’s help bridge the gap between vision and execution, between global expertise and regional impact.
And this is just the beginning.
As we look toward DefCamp 2026, the mission remains clear: raise the bar, expand the dialogue, and bring even more decision makers, innovators, and practitioners into the room, where influence is built, partnerships are formed, and the future of cybersecurity is shaped.
This is a story you won’t want to watch from the sidelines. Not to tempt you with FOMO, but take our word for it:
The cybersecurity ecosystem is moving.
The conversation is evolving.
And DefCamp is right at the center of it.
