DrupalCon Chicago 2026 was a celebration of 25 years of Drupal and a gathering of the brightest minds shaping the future of the open web. GovDataHosting was proud to stand among its sponsors, connecting with government technology leaders and digital innovators who share our mission: delivering secure, compliant, mission-critical digital infrastructure for the public sector.
Where Developers, Government, and Open Source Converge
Over four days, Drupal developers, government IT professionals, and open-source advocates came together to share knowledge, forge partnerships, and push the boundaries of what's possible with Drupal. As a sponsor, our team engaged directly with the community, showcased our FedRAMP High certified cloud infrastructure, and demonstrated how GovDataHosting helps agencies accelerate their path to ATO while reducing cost and complexity.
"DrupalCon Chicago reminded us why we do what we do. Being in a room full of people committed to the open web, to accessibility, to security — that's our community, and we were proud to invest in it as a sponsor."
— Ryan Wasmus, Director of Project Management Office (PMO)
Keynote Speakers
Dries Buytaert
Drupal Founder & Executive Chair, Acquia
The original creator and project lead of Drupal delivered his annual State of Drupal address — charting the platform's roadmap and vision for the open web's future. Dries holds a PhD in computer science from Ghent University and is a Young Global Leader alumnus of the World Economic Forum.
Alexandra Bell
President & CEO, Bulletin of the Atomic Scientists
Keynote: The Security Implications of AI. Bell delivered a compelling call to action on the risks and opportunities of rapidly advancing AI — from nuclear proliferation to public health — and what governments and civil society must do to responsibly manage them.
What Was Discussed
The program centered on empowering creators through smarter tools, AI-assisted workflows, and a reimagined approach to building Drupal sites. Here are the key conversations that shaped the week.
Drupal CMS 2.0 & the Launch of Drupal Canvas
Drupal CMS 2.0 arrived with Canvas — a fully component-driven visual editing experience moving beyond Layout Builder and Paragraphs. Sessions covered no-code site building, JavaScript Code Components with React and Tailwind CSS, and migration strategies from legacy tools.
AI Integration: From Content Generation to Intelligent Agents
AI was woven throughout the program — from automated content generation and RAG-powered search to AI Agents for code-free workflows and Model Context Protocol (MCP), enabling LLMs to interact directly with Drupal content.
Site Templates & the New Drupal Marketplace
The Drupal Association unveiled a curated Site Template Marketplace built by Certified Partners, with the Recipes Initiative replacing heavyweight distributions with lightweight, composable building blocks.
Enterprise Workflows, Content Moderation & the Future of ECA
The Workspaces module now powers enterprise-grade publishing workflows in Drupal Core — including staging, scheduling, and rollbacks. The ECA module's roadmap confirmed its place as Drupal's leading no-code automation framework.
GovDataHosting at DrupalCon
Our team made the most of every moment in Chicago. Here's what we brought to the event:
Our Drupal Security Framework
Drupal powers a significant share of federal and state government websites — and GovDataHosting has built Drupal security into the foundation of our platform. Rather than treating it as a post-deployment checklist, we embed a structured framework of 24 security controls across seven domains — informed by NIST SP 800-53, the OWASP Top 10, CIS/DISA STIG benchmarks, and years of operating FedRAMP High certified infrastructure.
Our seven security domains cover Patch & Release Management, Authentication & Access Control, File System & Configuration Security, HTTP Security & Network Hardening, Logging & Incident Response, Database Hardening, and Runtime & PHP Hardening. Every control is assigned a risk severity — Critical, High, Medium, or Low — driving both implementation priority and ongoing operational SLAs.
"Securing Drupal isn't a one-time checklist. It's an operational posture — one that requires continuous patch discipline, layered controls, and deep platform-level integration."
— Ryan Wasmus, Director of Project Management Office (PMO)
These 24 controls are embedded into the GovDataHosting Cloud Platform — not handed off as a post-launch to-do list. For federal customers, this means critical authentication controls, HTTP hardening, logging pipelines, and patch management workflows are operational from day one, with direct alignment to NIST SP 800-53, FedRAMP High, and ATO documentation requirements.
About GovDataHosting
GovDataHosting, a division of IT-CNP, Inc., is a national leader in fully managed government cloud hosting, cybersecurity compliance, and information management services — giving federal, state, and local agencies the tools to move faster, stay secure, and reduce costs. Our FedRAMP High JAB-certified platform delivers 10–40% cost savings over other government cloud providers, bundled compliance support, and flexible disaster recovery across three cloud zones.
Let's Continue the Conversation
Missed us in Chicago? We'd love to connect — reach out to learn how GovDataHosting can support your agency's digital future.
