Key Takeaways from Xccelerate 2025: Advancing Cyber Innovation for Government

The Merlin Group’s inaugural event, Xccelerate, brought together public sector cybersecurity leaders, Zero Trust experts, and innovative technology partners for a day of invaluable insights, collaboration, and forward-thinking cybersecurity strategies. Attendees received actionable insights on how to tackle today’s most urgent cybersecurity challenges and prepare for tomorrow’s most disruptive threats. With a focus on federal cybersecurity modernization, Xccelerate sparked engaging conversations on relevant topics such as Zero Trust, AI-driven security operations, cryptographic posture management and risk management, and data and supply chain resilience.  

Here are the key takeaways from the mainstage conversations and breakout sessions that defined the day:

Identity Security is the New Perimeter: Zero Trust Starts with Identity

Across both strategic sessions and deep-dive technical demos, a common theme at Xccelerate was that securing the identity lifecycle is the cornerstone of successfully operationalizing Zero Trust. To enforce more granular and secure access controls, agencies are actively re-architecting around identity-first and least privilege principles to protect users, workloads, machine identities, and mission-critical data.

From the mainstage’s federal Zero Trust blueprint to in-depth breakout sessions with CyberArk and agency practitioners, the focus was operationalizing identity security at scale across complex, multi-cloud and hybrid environments. Specifically, there was an emphasis around the need to provision and secure machine/non-human identities, as they now outnumber human identities by 45x, and this factor is only growing. Attendees learned how to achieve measurable maturity in the identity pillar, deploy contextual identity and access management policies, and maintain control in environments where AI tools and non-human actors are growing exponentially.

“So much of Zero Trust is focused on modernizing business processes… but really the way that I look at it is building in efficiencies by automation.” – Mark Canter, CISO, GAO

Building Resilience in the Ransomware Era

With ransomware accounting for nearly one-third of cybersecurity breaches in 2023, agencies must extend security controls and protection beyond endpoints. Mobile device security and data resilience strategies were emphasized as critical initiatives to strengthen operational resilience during and after a cyberattack. Ransomware’s emergence in the federal threat landscape has redefined what resilience must look like, and recent attacks emphasize the urgent need to protect the mission accordingly. Mainstage discussions emphasized a comprehensive approach to resilience, one that includes not only hardened endpoints, but also mobile assets, IoT/OT, immutable data backups, and real-time visibility of user entity and behavior analytics (UEBA) across complex environments.

“Preparation is key to preventing ransomware attacks… those plans have to focus on quick detection of the adversary, containment, and an incident response plan that enables the organization to quickly recover from attacks and minimize downtime.” – Densmore Bartly, CISO, U.S. House of Representatives

Breakout sessions dove deeper, demonstrating how AI and automation are driving faster incident response, unifying SOC workflows, and enabling rapid recovery from attacks. The Merlin Labs threat-hunting demo brought this to life with live orchestration of events, telemetry, and automated incident response scenarios. Meanwhile, sessions on ransomware protection walked through real-world tactics to contain threats, secure human and machine identities with privileged access management, and recover systems without costly downtime.

Preparing Cryptography for the Quantum Future: Discover, Inventory, and Evolve

A major theme during mainstage was the urgent need to prepare for post-quantum cryptographic risks, while still managing today’s vulnerabilities. The quantum era may still be on the horizon, but the need to prepare for quantum-safe cryptography is immediate. The mainstage panel on post-quantum readiness outlined dual challenges: secure current vulnerabilities and modernize encryption practices now while building toward quantum-resistant cryptography and compliance with OMB M-23-02 and M-23-01.

“The danger of the quantum computer is an interesting threat that nobody has been talking about… if we do not actually act on this within the government’s provided timeline, the digital world will be in a very interesting situation because the foundation of the building will not work anymore.” – Taher Elgamal, Partner, Infosec Global and “Father of SSL”

This theme was explored further during breakout sessions and the Merlin Labs’ interactive demo, where attendees saw how cryptographic discovery and inventory tools like InfoSec Global can be integrated into workload management, endpoint, and cloud security processes. Experts emphasized the importance of asset and cryptographic visibility, not only to find outdated or weak encryption, but to strategically plan migration to quantum-safe algorithms across heterogenous multi-cloud environments.

Securing OT, Hybrid, and Multi-Cloud Environments

Federal IT is no longer centralized, and neither is the cybersecurity attack surface, meaning cybersecurity can no longer afford to be siloed and fragmented. From hybrid cloud to OT systems, government systems span a complex mix of legacy and modern infrastructure. Mainstage sessions highlighted how visibility, integration, and automation are key to defending mission-critical systems with efficient vulnerability detection, rapid threat prioritization, and proactive response across these disparate environments.

“I’m not comfortable right now saying I want fully automated response. I don’t want the machine to detect, make the change, block the firewall… I don’t think we are there yet. But what we need to do is use automation to understand what the complex vulnerabilities and exposures are where we need a human to make a decision.” – Ray Romano, Deputy Assistant Director, Cyber Threat and Investigations, Department of State

In one breakout session, Claroty demonstrated how to apply Zero Trust to OT and ICS networks without disrupting mission-critical operations and meet mandates such as BOD 23-01 and M-22-09. Another session highlighted how securing IoT, OT, and mobile endpoints requires strategic visibility and continuous asset monitoring for effective protection against the dynamic cyber threat landscape.

Additional Breakout sessions discussed the momentum behind AI-powered solutions that unify security data, boost SOC efficiency, enhance threat detection, accelerate incident response, and streamline compliance with federal mandates like M-21-31 and M-22-09.

Securing Critical Infrastructure and Supply Chains

As attacks on critical infrastructure escalate in frequency and severity, cyber resilience must be a coordinated and collective mission. To address this evolving threat landscape, cybersecurity must extend to OT and supply chain environments, as applying Zero Trust principles to these traditionally disjointed systems is key to sustainable cyber resilience.

The final breakout session emphasized the power of a unified approach between government and industry. Attendees received insights into the efficacy of public-private partnerships, successful policy frameworks, and cross-sector collaboration to defend critical infrastructure and federal missions.

Speakers highlighted that securing supply chains, industrial systems, and essential services demands alignment between technology providers, system integrators, and government leaders. Shared responsibility, open communication, and agile procurement models were all underscored as keys to long-term success in operationalizing Zero Trust across the supply chain and critical infrastructure.

Do Not Wait Until It is Too Late: Protect Against Ransomware with Merlin Cyber

Every level of the Medusa attack chain presents an opportunity for proactive prevention. A multi-layered cybersecurity strategy ensures that federal agencies have the necessary security controls implemented for effective ransomware prevention, detection, and recovery. Integrating solutions for PAM, EPM, EDR, Vulnerability Management, and Data Resilience ensures mission-critical data is protected from evolving ransomware attacks like Medusa. Adopting these solutions not only enables federal agencies to proactively protect against Ransomware but also operationalize an effective Zero Trust strategy.

The Future of Federal Cybersecurity is Integrated, Automated, and Identity-Centric

Xccelerate 2025 was not just about highlighting technology but rather aligning these innovative solutions with actionable strategies and use-cases for federal cybersecurity leaders to improve their agency’s cybersecurity posture. Covering a variety of relevant cybersecurity topics, attendees garnered insights on how to embrace automation, innovation, and integrated cybersecurity strategies to secure the mission.

Ready to Secure Your Agency’s Mission and Modernize Zero Trust?

Merlin Cyber and our technology partners are here to help your agency turn insights and strategy into action and execution. Interested in learning more from expert-led sessions at Xccelerate? Click here to access the on-demand content or contact us to schedule a Zero Trust assessment, request a demo, or explore how we can accelerate your Zero Trust, cryptographic modernization, ransomware protection, or data resilience journeys.