The CISO conference circuit runs on a familiar formula: windowless hotel ballrooms, badge scans, forced networking receptions with warm chardonnay. Apres-Cyber Slopes Summit inverts all of it. The event runs February 25–27, 2026, at the Blair Education Center in Park City, Utah, with briefings scheduled against the backdrop of Canyons Village at Park City — the largest ski resort in the USA. Talks are 50 minutes. Lift tickets are a legitimate agenda item. The conference pass is called a Medal Pass, and the tiers are Bronze, Silver, and Gold.
The question for a cybersecurity leader weighing travel budget against return isn’t whether a ski summit sounds fun — it’s whether the deal flow, peer conversations, and technical content justify the trip. After three full editions and a fourth now on the calendar, Apres-Cyber has carved out a specific niche: a small, AI-heavy gathering where the networking happens on chairlifts instead of in exhibitor alleys.
What Apres-Cyber Actually Is
Apres-Cyber bills itself as a summit for security leaders and AI-focused practitioners. The 2026 event is built around a clean three-day structure: Wednesday, February 25 is Trainings Day; Thursday and Friday, February 26–27, run two parallel tracks of 50-minute speaker sessions. The content center of gravity has shifted decisively toward the AI/security intersection — briefings explore building or defending AI-powered systems (LLMs, agents, GenAI), red teaming, adversarial ML, model alignment, and securing data pipelines, training environments, and inference endpoints.
The organizer is Bryce Kunz, a Utah-based security operator with a recognizable resume. Kunz began his career at the Department of Homeland Security leading hunt and incident response teams, then worked on network exploitation and vulnerability research at the NSA. He now runs Gammaxon and sits on committees for BSidesSLC, BSidesCache, BSidesRedRocks, and SaintCon — a signal that Apres-Cyber has roots in the Utah security community rather than being a packaged event parachuted onto a mountain.
Attendance is small by design. The 2026 edition lists roughly 90 confirmed attendees and exhibitors in pre-event tracking. That scale matters: compared to RSAC’s tens of thousands, Apres-Cyber functions closer to a retreat than a trade show.
The Pass Tiers and What They Actually Buy
The three-tier Medal Pass structure determines how much of the event you actually experience. Gold Medal Pass holders get lunch included for the hands-on training sessions; Gold and Silver holders get lunch and light snacks during briefing days; Bronze Medal Pass holders do not get meals included, though restaurants and cafes in nearby Park City are available. Training workshops are gated to Gold.
The practical read: if you’re coming for the hands-on AI work, Gold is the only tier that gets you into Trainings Day. Past editions have featured workshops like the AI-gent Smith Workshop led by Bryce Kunz and collaborators, covering AI agents in cybersecurity, building AI-powered honeypots, triaging malware using AI, and identifying vulnerabilities in source code with AI to build proof-of-concept exploits. Bronze is for people already in Park City — you attend talks, you eat in town.
The Networking Case
Ski-mountain conferences are a specific category of professional event. They work on two mechanics. The first is time dilation: a chairlift ride is five to fifteen minutes of forced two-person conversation with no phones, no presentations, no exit. That’s closer to an airplane-seat conversation than a booth handshake. The second is self-selection: attendees who fly to Park City in February with skis already know each other’s type, which compresses the rapport-building phase most conferences eat days on.
For CISOs specifically, the pitch is peer density over peer volume. A 90-person event with a concentrated AI-security focus means the person on the next lift is plausibly someone building or defending the same class of system you are. That’s not the math at a 45,000-attendee show.
The content roster supports the positioning. Past briefings have featured practitioners like Kurtis Shelton, Principal AI Research Engineer at NetSPI, who founded the company’s AI/ML Penetration Testing service using a purple-team approach to adversarial and offensive machine learning, and John Gillis, a cybersecurity engineer with seven years across FireEye (Mandiant), Arctic Wolf, CrowdStrike, and Adobe specializing in EDR capabilities. These are working engineers, not keynote performers recycling the same deck.
What It Isn’t
Apres-Cyber is not a substitute for RSAC, Black Hat, or DEF CON if your goal is maximum vendor coverage, CVE disclosure drama, or a packed expo floor. There is no equivalent of the RSAC Innovation Sandbox. There is no Pwnie Awards. The small scale that makes peer networking tight also means the content surface is narrower — you’re choosing between two tracks, not thirty.
It’s also not cheap to attend end-to-end. Park City lodging in February runs high; lift tickets at Park City Mountain and Deer Valley are among the most expensive in North America; the Gold Pass layers training fees on top. Factor in flights to SLC and a rental car, and a three-day trip adds up quickly even before the bar tab at Canyons Village.
For leaders whose networking strategy is relationship density over scale — building standing dinners with ten trusted peers rather than exchanging two hundred LinkedIn requests — the math often works. For first-time CISOs trying to map the broader industry, a larger conference probably gives better coverage for the dollar.
The Verdict
Apres-Cyber Slopes Summit occupies a specific slot: a small, AI-security-focused summit where the format rewards people who already know what they want to discuss and just need a reason to get their circle in the same room. The 50-minute briefings are long enough for substance, the dual-track structure keeps it focused, and the mountain does the networking work that forced receptions usually fail at. The risk is the same risk every retreat-style conference carries — if your peers aren’t going, the ambient value drops fast.
Security leaders evaluating 2026 travel should look at the speaker list when it’s finalized, check whether the AI topics match their actual work, and ask two or three trusted peers whether they’re going. If the answer is yes, Apres-Cyber tends to deliver on its premise. If the answer is no, save the budget for a conference where your people will be.
