ISMS Forum and its Artificial Intelligence Group (GIA) held the third edition of the AI & Cyber Security Forum, establishing itself as a key event for cybersecurity and compliance professionals interested in artificial intelligence. With the participation of 500 experts, the forum practically addressed the challenges of integrating AI into business policies. Carlos Sáiz, vice president of ISMS Forum and director of the Data Privacy Institute, highlighted the relevance of the initiatives presented by the GIA, such as the Decalogue of Security in Agent AI, the Inventory of AI Services and Systems, and the MIT Risk Map. These documents provide CISOs and security leaders with tools to adapt their policies in light of the rapid evolution of AI. Among the most relevant presentations, Fernando Rubio (Microsoft) and Daniel Largacha (MAPFRE) discussed active resilience and the need to evolve defense models to anticipate threats and strengthen organizations' response capabilities. They agreed on the importance of balancing recovery, research, and risk control, integrating security and business continuity. In a panel on accountability and AI, experts from Telefónica, MAPFRE, and Securiti AI analyzed responsibility and accountability under the new AI Regulation (RIA), noting the usefulness of previous experience with the GDPR and the differences in governance models among organizations. The event was structured into two tracks. The first, focused on the relationship between AI and security, featured Alejandro Las Heras from the Cybersecurity Agency of the Community of Madrid, who presented initiatives to boost business cybersecurity. The second, dedicated to governance and compliance, included Manuel Ruiz from the Madrid City Council, who explained digital transformation and the application of AI in public management. During the forum, the MIT Risk Map was presented, developed with the collaboration of experts from Barceló Hotel Group, Iberdrola, and SpaceMinds. This report, based on the analysis of 65 taxonomies and over 1,600 risks, helps organizations identify and manage risks associated with AI, aligning with the RIA, GDPR, and regulations such as NIS2 and ENS. The map introduces a dual taxonomy, causal and domain-based, facilitating the prioritization of controls and the integration of AI into corporate risk matrices. The Inventory of AI Services and Systems, presented by representatives from Tendam and Cesce, has become a reference for compliance with the RIA, allowing for risk identification, improved traceability, and enhanced security in AI usage, supported by international frameworks like NIST and ISO. The Decalogue of Security in Agent AI, presented by Angel Pérez and Eduardo de Prado, addresses new security challenges posed by the emergence of autonomous AI agents. Based on references like OWASP and MITRE ATLAS, it proposes ten principles to mitigate emerging threats, such as prompt injections or credential leaks. In another panel, experts from Codere, Ecix, and L'Oréal discussed the new guidelines from the Spanish Agency for the Supervision of Artificial Intelligence (AESIA), highlighting their usefulness in adapting governance and control models, and the importance of involving the entire organization in managing risks such as biases, impact on rights, and transparency. The forum concluded with Lucas Varela's presentation, analyzing how AI is transforming ransomware, enabling more automated and sophisticated attacks. He emphasized the importance of strengthening controls like multi-factor authentication and the need to continuously adapt defense strategies. With this edition, the AI & Cyber Security Forum reaffirms itself as a reference space in Spain for discussing the challenges of artificial intelligence in security, governance, and risk management, promoting the development of practical tools for the safe and responsible adoption of AI in organizations.