California Cybersecurity Education Summit 2025 Banner

Overview

The California Cybersecurity Education Summit focuses on addressing the unique cybersecurity challenges faced by the public sector. The event brings together government leaders and IT security professionals to discuss strategies for safeguarding sensitive information, enhancing cybersecurity infrastructure, and staying ahead of evolving threats. Attendees can expect expert insights, collaborative discussions, and practical solutions tailored to the needs of public sector organizations.

A message from our Keynote Speaker

The California Cybersecurity Education Summit is dedicated to strengthening security through collaboration, uniting public and private sector tech leaders, educators, and officials to explore emerging trends, share best practices, and develop innovative strategies. California’s cybersecurity capability continues to scale, leading the nation by example through robust collaboration across all industry and state/local sectors. Join us for this full-day, in-person event featuring top national cybersecurity experts, solution providers, and hundreds of peers.

– Vitaliy Panych, State Chief Information Security Officer, California Department of Technology

Speakers

Claire Bailey

Claire Bailey

Chief Security Advisory, State and Local Government and Education, Tanium

Claire Bailey is the Chief Security Advisor at Tanium, supporting U.S. State and Local Government & Education (SLED). Her more than 40 years of experience includes driving modernization, security, and transformation initiatives for federal, state and local governments, in both private and public sector leadership roles. Some of her most prominent positions include serving as Chief Technology Officer for the State of Arkansas, and several industry vice president and director roles at Veracode, KWR Strategies, and Compuware, among others. Bailey’s contributions to public service and innovation have earned her honors and recognition from several institutions including the Governor’s Quality Award (Arkansas), Government Technology, StateScoop, and the Arkansas Academy of Computing.

More
Mike Cook

Mike Cook

Head of Fraud Insights, Socure  

Mike Cook is a pioneering voice in the world of digital identity and fraud prevention. As Head of Fraud Insights at Socure, the leading platform for trust and identity verification, Cook draws on nearly 40 years of hands-on experience building data-first solutions that safeguard consumers and institutions alike. He’s helped shape fraud strategy for government agencies, regulators, startups, and Fortune 500 giants—delivering results at scale, with precision.
He’s best known as the co-founder and COO of ID Analytics, where he turned a startup concept into one of the most trusted identity risk engines in the country. Under his leadership, ID Analytics became a mission-critical partner to 280+ enterprise clients—including top banks, credit card issuers, and wireless carriers—before being acquired by LifeLock, and later by Symantec and LexisNexis.
Cook has consistently been ahead of the curve. In 2003, he identified a new, invisible form of fraud—and coined the term “synthetic identity fraud”, which is now a major focus for financial institutions and federal agencies. He also helped the Federal Reserve craft the industry’s first framework to combat it. His work has led to multiple patented technologies, and he’s built fraud, compliance, and credit scoring solutions that are now woven into the fabric of modern risk decisioning.
Cook is a strong believer in collaborative intelligence—pioneering the use of consortium data to help companies share insights and defeat fraudsters together. His innovative approaches have set industry standards and redefined how risk is measured in the digital age.
In the public sector, Cook has worked closely with federal agencies and testified before U.S. Congress on identity security. Following the 2006 breach at the Department of Veterans Affairs, which exposed 26.5 million veteran records, Cook didn’t just testify—he built and gifted technology to help VA detect misuse of the stolen data.
Earlier in his career, Cook held executive roles at American Express, Experian, Early Warning Services, and helped launch Consumer Credit Associates, which later became Innovis—the “fourth credit bureau.”
Today, Mike is a sought-after speaker on synthetic fraud, data sharing, public-private tech collaboration, and the future of digital identity governance. Whether on a stage, in a strategy room, or briefing a federal agency, Cook brings insight, urgency, and decades of experience solving the identity challenges that matter most.

More
Josh Ehlers

Josh Ehlers

Chief Information Officer, California Highway Patrol 

Chief Ehlers is a 24-year veteran of the California Highway Patrol (CHP) and currently serves as the Department’s Chief Information Officer. As the CIO and leader of Information Management Division, he oversees the strategic direction, development, and management of technology systems that support one of the nation’s most respected and largest law enforcement agencies.
With a focus on innovation, cybersecurity, and operational efficiency, he leads a team responsible for ensuring the seamless delivery of mission-critical IT services, including communications infrastructure, data systems, and emerging technologies. His role bridges technology and public safety, ensuring officers and professional staff have the tools they need to serve and protect California’s communities effectively, efficiently, and safely. Chief Ehlers continues to focus on key areas that will modernize IT infrastructure to enhance operational performance, strengthening cybersecurity resilience to protect critical assets, develop data-driven solutions to improve public safety outcomes, and drives digital transformation to support the CHP’s evolving mission.
Prior to joining the Department, he attended the University of California, Davis where he earned a bachelor’s degree in political science. Chief Ehlers holds a master’s degree in criminal justice from California State University, Sacramento, is a graduate of the Naval Post Graduate School, Executive Leaders Program, FBI National Academy, and is the past President of the FBI National Academy Associates California Chapter. Josh has been married for 22 years and has three children. Josh is an avid golfer and in his spare time volunteers in his community and is a youth sports coach.

More
Kory Fesliyan

Kory Fesliyan

Statewide Risk Program Manager, Office of Information Security, CA Department of Technology

Kory Fesliyan serves as California’s Statewide Risk Program Manager, where he leads the state’s third-party risk management efforts. In this role, Kory provides strategic guidance to leaders on policies, standards, and oversight mechanisms that safeguard California’s critical operations from vendor and supply chain vulnerabilities. By working across departments and with external partners, Kory ensures that state technology and business programs are supported by secure, resilient, and compliant third-party services.
With more than 10 years of experience in cybersecurity and compliance across both public and private sectors, Kory has been instrumental in building California’s risk management approach to managing vendor and supply chain risk. Under his leadership, the state has implemented enhanced governance and assessment frameworks that strengthen oversight of third-party providers, while also streamlining the process for state departments to adopt secure and innovative solutions.
Kory also plays a central role in advancing California’s resilience goals by ensuring third-party risk practices align with state priorities, federal regulations, and national standards such as NIST and FedRAMP. Through statewide training, policy development, and collaborative partnerships, Kory has helped foster a culture of accountability and transparency in the management of external service providers.
Before assuming this role, Kory held senior positions in cybersecurity operation center, information security, and compliance management, where he successfully led initiatives to modernize the States efforts to provide cybersecurity as a service and strengthen data protection practices. Drawing from this extensive background, Kory continues to advance California’s commitment to building a secure, forward-thinking government that protects the interests of all Californians.

More
Ryan Fogleman

Ryan Fogleman

Information Security Officer, State of California - Department of Technology

Mr. Fogleman has over 30 years of Information Technology and Information Security Experience. He is both alumni and retired adjunct faculty in Computer Science and Information Security at California State University Sacramento, Los Rios Community College District, and Sierra College.
Mr. Fogleman’s career in Information Technology and Information Security spans the globe. As the Director of Global WAN Implementation with Lucent Technologies, Mr. Fogleman and his team were responsible for the deployment and securing of the broadband carrier networks for more than 25 countries in the Americas, Europe, Asia, Africa, and the Middle East.
Prior to beginning his career in the State of California in 2006, Mr. Fogleman was the Chief Information Officer, Chief Technology Officer, and owner of three successful Information Technology and Information Security businesses, one of which operated the largest private wireless internet service provider in the United States.
Prior to his current role as the Information Security Officer for the Department of Technology where he and his team are responsible for the security of the enterprise network and data centers for many of the mission critical systems for the State of California, Mr. Fogleman was the Statewide Information Security Architect and has been a confidential advisor for three State of California departments. Mr. Fogleman is the recipient of numerous Director’s Awards, Superior Achievement Awards, private sector acknowledgments and media articles, a graduate of the State of California Information Technology Leadership Academy and is a regular contributor to the State of California Information Security Leadership Academy.

More
Matthew Forsberg

Matthew Forsberg

Cyber Operations Branch Manager, CA Cybersecurity Integration Center (Cal-CSIC), CA Office of Emergency Services 

Matthew Forsberg is the Operations Branch Chief at the California Cybersecurity Integration Center (Cal-CSIC) with a background as a 35N Signals Intelligence Analyst and in state-level cyber operations. At Cal-CSIC, he architected and deployed the center’s core security systems before pivoting to focus on operational technology (OT) and industrial control systems (ICS). In this role, he has advanced Zero Trust–based network architecture and built an OT lab that delivers hands-on training and testing to strengthen the cybersecurity of critical infrastructure.

More
Anthony Freed

Anthony Freed

Director of Research, Halcyon  

Strategic communications leader, award-winning author, researcher, publisher and podcast producer. Previously a freelance security journalist leading headline-making investigations that included the Symantec NAV source code leak, the mass compromise of US government agency account credentials, hacktivist the J35t3r’s Libyan psy-ops campaign and denial-of-service attack that took down WikiLeaks, the Heartland breach and more. Prior to that, an analyst working with Secondary and Capital markets divisions at the biggest banks around the world and had a front row seat to the bursting of the credit bubble in the late 2000’s.

More
John Hanafee

John Hanafee

Advisory Services Program Chief, CA Information Security Office, CA Department of Technology 

John Hanafee is the Advisory Services Program Chief. He has spent 29 of his 33 years of working for the state of California in information technology. He spent 10 years as the operations section manager for the Secretary of State where he was responsible for networks, servers, helpdesk, telecommunications, databases, data-center management, and web/cloud systems. In this position he also served as the agency Technical Recovery Manager and the State Digital Signature Certificate Program Administrator. Prior to his tenure as section manager, he spent 15 years as a system administrator for several departments, with a focus on Active Directory, messaging, virtualization, and resiliency. Additionally, he spent several years as a fiscal and policy analyst in support of child protection programs, including the development and implementation of the original CWS/CMS system as the system’s first global administrator. John holds a bachelor’s degree in political science and a Master of Public Administration degree from Cal State University, East Bay. He is a CISSP, CDPSE and is ITILv4 certified.

More
Crystal Holcomb

Crystal Holcomb

Deputy Director, Department of Technology, State of California

Crystal Holcomb is the Deputy Director for the Office of Professional Development at the CA Department of Technology (CDT). With 25 years of state government experience, and more than 20 years in technology, Crystal has led multiple high performing teams always focused on providing top notch customer service. Her leadership experience includes workforce development, customer engagement, change management, project management, application development, Service Desk, and IT procurement. She is passionate about making a positive impact and serving others.
Crystal has a bachelor’s degree in Business Administration from the CA State University, Sacramento. She is also a proud graduate of ITLA Class 22. Outside of work, she enjoys spending time with her family at sporting events, or anything outdoors.

More
Jon Holcomb

Jon Holcomb

Director of Cybersecurity Consulting, U.S. West, AHEAD 

Jon is an innovative cybersecurity leader with over 20 years of experience shaping security strategies across some of the most complex IT/OT environments. He has driven transformation in diverse industries, including technology, energy, healthcare, finance, and state and federal government, bringing a broad, practical perspective to modern security challenges. Specializing in Zero Trust readiness and maturity assessments, Jon partners with executives to design scalable programs that reduce risk, ensure compliance, and align security priorities with organizational objectives. Known for translating technical depth into clear, actionable strategies, he has led cross-functional teams through enterprise transformations that strengthen resilience and enable innovation. Jon holds CISSP, CISM, GPEN, and PMP certifications, along with a BS in Cyber Security from Colorado Technical University.

More
Tolgay Kizilelma, PhD.

Tolgay Kizilelma, PhD.

Chief Cybersecurity Compliance Officer, California State Transportation Agency 

Dr. Kizilelma is a business-driven IT/Cybersecurity Governance, Risk, Compliance (GRC) leader with three decades of experience covering Education, Healthcare, Research, Government, and Private sectors. He is currently serving as the Chief Cybersecurity Compliance Officer at CalSTA. He is also the founding Director of the business focused Masters in Cybersecurity program and teaches online Cybersecurity GRC courses as an Associate Professor of Cybersecurity in the Barowsky School of Business at Dominican University of California. Dr. Kizilelma also served as the Chief Information Security Officer for multiple University of California campuses, and as the Information Security Officer for the top Sutter Health hospitals in the Bay Area. He has more than 50 industry certifications, is an accredited ISACA trainer for all the major certifications, has a B.S. degree in Computer Engineering, an MBA, and a Ph.D. focusing on information security, patient safety and quality management systems. He volunteers for various non-profit organizations as a board member focusing on education, awareness, training, and community outreach efforts. He is the president of FBI Sacramento Citizens Academy Alumni Association and ISACA Sacramento Chapter.
His contribution to the cybersecurity community was recognized with the 2022 C100 Award – Top 100 CISOs by CISOs Connect. 

More
Ken Kojima

Ken Kojima LinkedIn

Chief Information Security Officer, CA Department of Corrections and Rehabilitation

As the Chief Information Security Officer, Ken Kojima is responsible for overseeing the information security program at the CA Department of Corrections and rehabilitation.  As a member of CDCR’s IT executive leadership team, Ken is directly responsible for the department's information security governance, risk, and compliance programs as well as security engineering and the intelligence and operations center.
Currently based out of the Sacramento region and with over 16 years of experience with his current department.  Prior to being appointed to his current position, Ken has served in various capacities including, but not limited to, cybersecurity operations, security engineering, info sec auditing, technology recovery, and IT change management.
Ken is also and advisor for the CA Dept of Technology's Information Security Leadership Academy and sits on the CA Cybersecurity Taskforce’s Workforce Development team.
Ken graduated from the University of California at Davis with a Bachelor of Science in Electrical Engineering.

More
Nithya Krishna

Nithya Krishna

Agency Information Security Officer, Labor and Workforce Development Agency 

Nithya Krishna is the Agency Information Security Officer at the California Labor and Workforce Development Agency, with extensive experience in IT leadership, security, risk management, and information governance. She holds a B.S. in Computer Science from Cal State East Bay and certifications including PMP, CSM, CISM, and CISSP.

More
Abdullah Lababidi

Abdullah Lababidi

Cybersecurity Risk Specialist, Department of Technology, State of California

Abdullah works at the Office of Information Security - California Department of Technology with the Risk Management team, as part of the Security, Risk, and Governance unit. His team focuses on assisting State Entities with Risk Management Oversight, Compliance Monitoring, and Information Security Program Development & Operations. He has worked in both the private and public sectors, utilizing his experience in GRC, Incident Management, Policy, and GenAI Risk Assessments. Abdullah is passionate about strengthening California's security posture through facilitating collaboration across agencies, safeguarding information integrity, and delivering secure technological services.

More
Gerard Laygui

Gerard Laygui LinkedIn

Chief of Information Technology Operations, Chief Information Security Officer, Information Technology, CA Governor’s Office of Emergency Services (Cal OES)  

Gerard works at the California Governor’s Office of Emergency Services (Cal OES). Gerard serves as both the Chief of Information Technology Operations (CITO) and as the Chief Information Security Officer (CISO). He has worked in various roles in security: CISO, ISO, Cal-CSIC Cyber Operations Branch Chief, Compromise Forensics, and Malware Reverse Engineer. He has over 25 years of experience in the IT industry. He has a CISSP and numerous ISACA and GIAC certifications, a BS in Computer Science, and an MS in Business Administration.

More
Nate Le

Nate Le LinkedIn

Assistant Special Agent in Charge, Federal Bureau of Investigation

Nathaniel Le entered on duty as a special agent of the FBI in 2005. He has taken on a variety of assignments during his career, both domestically and internationally, with a specialty in cyber and high-tech crimes. He is an experienced leader of interdisciplinary teams responsible for complex cyber investigations, cyber threat intelligence, and digital forensic examinations.

More
Shobha Mallarapu

Shobha Mallarapu

President and CEO, Anvaya Solutions, Inc.  

Shobha Mallarapu is the President and CEO of Anvaya Solutions, Inc., a multi-award-winning, woman-owned cybersecurity and information assurance firm she founded in 2007 after a decade at Intel Corporation. With over two decades of experience, Shobha has led her team in delivering services ranging from risk and vulnerability assessments, penetration testing, advisory and incident management to developing innovative risk management solutions that have protected hundreds of millions of records nationwide. She holds a master’s degree in electronics engineering, is a certified PMP and CISA, and has earned recognition from the Small Business Administration, NAWBO, Enterprising Women Magazine, and the Sacramento Business Journal. Shobha is also an inventor, holding 11 U.S. patents in circuit design and security engineering. Beyond her professional achievements, she is a passionate advocate for STEM education, mentoring students, supporting robotics teams, and providing pro-bono cybersecurity training for small businesses.  

More
Thea Man

Thea Man

Chief Information Security Officer, Office of Data and Innovation, State of California

Thea Man is the Chief Information Security Officer at the California Office of Data and Innovation (ODI), where she serves as the department’s first CISO. She leads the strategic direction, oversight and development of ODI’s information security program, bringing over 25 years of experience in various technology roles across both corporate and public sectors—with the last 16 years focusing on cybersecurity.
Thea is recognized for her broad expertise across security domains and her role as a trusted advisor to executive leadership and stakeholders on cybersecurity risk strategy and governance. Among her accomplishments,Thea successfully led information security program audits resulting in minimal findings and was named IT Employee of the Year in 2009 at the California State Teachers’ Retirement System (CalSTRS) for leading a major data center migration.
She is a graduate of the inaugural Information Security Leadership Academy (ISLA 2018), established by the California Department of Technology and was recently honored with the IT Leadership Award at the 2025 California Public Sector CIO Academy.

More
Mike Marshall

Mike Marshall

Agency Information Officer, Environmental Protection Agency, State of California

Mike Marshall assumed the role of CalEPA’s Agency Information Officer (AIO) in January of 2024, following his tenure as the Agency Information Security Officer (AISO) beginning in December 2017. With a wealth of experience in information security, Mike significantly contributed to CalEPA’s cyber resilience during his time as AISO.
Prior to his role at CalEPA, Mike dedicated nearly a decade to various information security roles at the California Public Employees’ Retirement System (CalPERS) from 2008 to 2017. His extensive experience at CalPERS equipped him with a deep understanding of information security principles and practices, which he has applied effectively in his leadership roles at CalEPA.
With his proven track record of leadership and expertise in information security, Mike continues to play a pivotal role in safeguarding CalEPA’s information assets and advancing its technological capabilities to meet the evolving needs of the agency and its stakeholders.
Mike earned his Bachelor of Science in Management Information Systems from California Polytechnic State University, San Luis Obispo.

More
Robert Mayorga

Robert Mayorga

Chief Information Security Officer, CA Franchise Tax Board 

Robert Mayorga is Franchise Tax Board’s Chief Security Officer and Director of FTB’s Privacy, Security and Disclosure Bureau. At FTB he is responsible for the strategic direction of the department’s cybersecurity, privacy and physical security programs. In his role with the Government Operations agency, he advises the Secretary and GovOps staff on Information Security matters and assists with cybersecurity strategy for the GovOps departments. 
Robert received a Bachelor of Science in Business with a concentration in Finance from California State University, Sacramento. Robert is a Certified Information Security Systems Professional (CISSP) and is a graduate of the Information Security Leadership Academy Cohort 2 (ISLA 2019).

More
Steve Meyer

Steve Meyer

Senior Security Consultant, World Wide Technology  

Steve Meyer, Senior Security Consultant at World Wide Technology, brings over 20 years of cybersecurity expertise. He specializes in building strong teams, developing risk mitigation strategies, and guiding organizations through crises with confidence. At WWT, he enables state and local governments, as well as K-12 and higher education, by delivering cybersecurity solutions and serving as a trusted subject matter expert. Previously, Mr. Meyer spent 21 years with the State of Missouri, where he served as CISO and established the state’s Security Operations Center, the security awareness program, and enterprise-wide security strategies.

More
Matt Nicholls

Matt Nicholls

Chief Cybersecurity Risk Officer, CA State Transportation Agency

Matt’s California state service, which has encompassed both the Judicial and Executive branches, began in 2005. His service started at Yolo Superior Court and, later, at the Judicial Council of California. It was at the Judicial Council that he initiated and established the Office of Information Security and assisted all levels of court with security efforts.  In 2021, Matt joined the California Department of Technology Office of Information Security and, recently, accepted the role of Chief Cybersecurity Risk Officer for the California State Transportation Agency.  The Agency team works with the state’s transportation departments―some of the largest departments in the state―to mature governance, risk, and compliance programs in accordance with CA strategy, governance, and initiatives.

More
Jamie Parker

Jamie Parker

Senior Manager, Mandiant Intelligence, Google Cloud  

Jamie Parker is the Regional Senior Manager for Google's Threat Intelligence Services for Government. Leveraging extensive experience from a distinguished career in the U.S. Government, he leads a team dedicated to providing actionable threat intelligence to help public sector partners defend against sophisticated cyber threats.

More
Jared Paulsen

Jared Paulsen

Senior Solutions Consultant, Palo Alto Networks 

Jared Paulsen is a highly experienced professional with a robust background in cybersecurity and network infrastructure. As a Senior Solutions Consultant at Palo Alto Networks, he specializes in cyber strategy and the implementation of Zero Trust. His role aligns directly with Palo Alto Networks' strategic commitment to Zero Trust, which focuses on eliminating implicit trust and continuously validating every stage of digital interaction across an organization. With over six years at Palo Alto Networks, including significant time as a Systems Engineer for State, Local, and Education (SLED) accounts, Jared has been pivotal in advancing security solutions across California.He guides customers in adopting this holistic security model, ensuring 'security by design' across users, applications, and infrastructure, ultimately simplifying risk management and enhancing overall security posture.He guides customers in adopting this holistic security model, ensuring 'security by design' across users, applications, and infrastructure, ultimately simplifying risk management and enhancing overall security posture.

More
Dylan Pletcher

Dylan Pletcher

Chief Information Security Officer, CalSTRS

Dylan Pletcher, recently appointed CalSTRS Chief Information Security Officer (CISO), brings his motto of “Yes, securely” to life while protecting the largest educator-only retirement system in the world. With over 25 years of security-related roles, including ten years as CISO of the California Department of State Hospitals and nearly a decade as the lead security architect at the California Highway Patrol, Dylan has employed strong engagement with business at all levels to promote a culture of security.  Dylan is an active member of the State of California Information Security community, participating regularly in workgroups, mentoring current and future professionals, and championing positive change across all disciplines.

More
Bradley Ponce

Bradley Ponce

Chief Information Security Officer, Governor’s Office of Land Use and Climate Innovation 

Bradley Ponce has been working in enterprise Information Technology and Cybersecurity since 2000 to present – strategically planning and managing security oversight in risk management, governance and compliance, security operations and managed and secured many different types of systems, applications, and network methodologies throughout his IT career.   As a security leader, Bradley is currently the Chief Information Security Officer of the Governor’s Office of Land Use and Climate Innovation.   From 2022 to 2023, Brad had been OIS’s Advisory Services Program’s vCISO Manager helping support agency security programs ISA and audit preparations.  From 2017 to 2022, Brad had been OIS’s Security Operations Center Manager where he and the SOC established and baselined the staffing, security controls, compliance, process, and procedures the SOC uses today.”

More

Jay Shah

Senior Solutions Architect, Horizon3.ai  

With over 23 years of experience, Jay is a cybersecurity expert specializing in cross-platform computing architectures. He has a proven track record of leading high-performing technical teams and developing client-centric solutions that mitigate risk and enhance business value. Jay excels at translating complex technical information for diverse audiences, ensuring security strategies are clearly understood and effectively implemented.

More
Jason Thompson

Jason Thompson

Advanced Security Engineer, Comcast Business  

Jason Thompson is a skilled Security Specialist with Comcast Business. Currently working out of the Los Angeles area, he has over a decade of experience in the cybersecurity vertical and has worked with businesses of all sizes to align security solutions with their strategic objectives. Throughout his career, Jason has held support, solution engineering and specialist’s roles at leading cybersecurity companies, including Rapid7, Varonis, Forcepoint, BlackBerry Cylance and Arctic Wolf. He holds a Bachelor of Science in Computer Information Systems from Hampton University and continues to pay it forward by helping people launch their own careers in the cybersecurity industry.

More
Laura Walls

Laura Walls

Coordinator, CA Career Resource Network, CA Department of Education

Laura Walls is an Education Programs Consultant at the California Department of Education and Coordinator of the California Career Resources Network (CalCRN). With a background in science instruction and academy development, Laura brings a unique lens to cybersecurity education—connecting STEM foundations with career readiness. She previously supported the development of the California Science Test and now works to expand access to high-quality career resources across the state.

More
Mike Wyatt

Mike Wyatt

Principal, Deloitte  

Michael Wyatt is a Cyber Principal in Deloitte & Touche LLP with over 30 years of professional experience in cybersecurity, privacy, and systems engineering. He serves as the Cyber leader for Deloitte’s State Local and Higher Education Practice as well as serving as the Cyber leader for the states of Texas, Arkansas, and North Carolina. Previously, Michael led Deloitte’s Global Identity Management practice and led Deloitte’s US Identity practice. In addition, Michael led statewide breach remediation and information security program design and implementation for the states of Utah and South Carolina. He has led the design and delivery of numerous complex identity management and cybersecurity projects across multiple industries including state government, higher education, financial services, media, energy, aerospace and defense, and healthcare. In addition, Michael serves as an adjunct professor at the University of Texas in the Master of Science in Information Security and Privacy (MSISP) program where he focused on how to influence public policy.

More

Agenda

Thursday, October 9

8:00 am Pacific

Registration and Morning Refreshments in the Exhibit Area

Magnolia Room, Grand Nave Lobby and 2nd Floor

9:00 am Pacific

Opening Remarks

Camellia/Gardenia

Liana Bailey Crimmins, State Chief Information Officer & Director, Department of Technology, State of California

9:30 am Pacific

Keynote - Strengthening the Shield: Insights from the Trenches of National Security

Camellia/Gardenia

There’s no question - public-sector leaders must continue to strengthen their cyber hygiene, foster cross-sector partnerships, and adapt to the evolving threat landscape. Join Rachel Wilson, former NSA cyber operations leader, for an engaging and action-driven keynote that bridges real-world cybersecurity expertise with the challenges of emerging technologies. Drawing on her experience safeguarding critical systems, Rachel explores the heightened risks posed by AI-enabled threats like ransomware, insider attacks, and credential exploitation. This session is a call to action for everyone, from CIOs to frontline technologists, to embrace a proactive and resilient approach to protecting critical assets in the age of AI.

Rachel Wilson, Managing Director and Chief Data Officer, Morgan Stanley Wealth Management

10:30 am Pacific

Networking Break in Exhibit Area

Magnolia Room, Grand Nave Lobby and 2nd Floor

11:00 am Pacific

Concurrent Sessions

National Threat Briefing: Current Risks Facing Public Agencies

Tofanelli, 2nd Floor

Nation-state actors and well-organized threat groups continue to target public infrastructure, agencies, and critical systems across the country. This session provides a timely, intelligence-based briefing from federal and state cybersecurity leaders. Panelists will walk through credible threat activity observed in recent months, including real-world examples and closed case insights where possible. This session is intended to raise awareness of the types of threats facing California agencies right now and the tactics being used against government targets.

Moderator: Josh Ehlers, Chief and CIO of Information Management Division, California Highway Patrol

Anthony Freed, Director of Research, Halcyon

Adam German, Agency Chief Information Security Officer, California Health and Human Services Agency

Nate Le, Assistant Special Agent in Charge, Federal Bureau of Investigation

Maria Lipana, Cyber Threat Intelligence Branch Chief, Cal-CSIC, CA Governor’s Office of Emergency Services

Demystifying Zero Trust: What It Means and Why It Matters

Bataglieri, 2nd Floor

"Zero Trust" is becoming a central concept in government cybersecurity, but what does it mean? This session breaks down the core ideas behind Zero Trust in plain language. Cybersecurity leaders will explain how Zero Trust shifts the focus from defending the perimeter to assuming no one can be trusted by default. Cybersecurity leaders will share why this mindset is essential, how it helps prevent breaches, and what it means for departments across the state. Whether you're a cybersecurity pro or a department lead, this conversation will demystify the concept and show why it matters to everyone.

Moderator: Faith DeuPree, Security Policy and Compliance Manager, Cybersecurity Division, CA Employment Development Department

Matthew Forsberg, Cyber Operations Branch Manager, CA Cybersecurity Integration Center (Cal-CSIC), CA Office of Emergency Services

Jon Holcomb, Director of Cybersecurity Consulting, U.S. West, AHEAD

Eric Nehls, Policy and Standards Program Manager, Office of Information Security, CA Department of Technology

2025 Update: California’s Cyber-AI Workforce & Education Pipeline and Roadmap

Bondi, 2nd Floor

California is building a statewide Cyber-AI career pipeline that spans all levels of education (K12 through doctoral degrees) which aligns and links industry certifications and workforce models like apprenticeships and internships. This session highlights recent developments from the California Cybersecurity Task Force, including the launch of C3EP3, a unified career education and pathway project led by Cal OES, CDT, CalCSIC, and CSU Fresno bringing Cyber-AI-IT to enhance learning across classrooms, colleges/universities, and the public sector. Panelists will explore how these efforts align with AI Cybersecurity curriculum and standards, hiring needs and regional/local hubs. Get a clear view of how California is scaling a diverse, skilled cyber-AI workforce to meet cutting-edge public-sector needs in 2025.

Moderator: John Hanafee, Advisory Services Program Chief, CA Information Security Office, CA Department of Technology

Keith Clement, Ph.D., Professor, Department of Criminology, California State University, Fresno

Crystal Holcomb, Deputy Director, Office of Professional Development, CA Department of Technology

Laura Walls, Coordinator, CA Career Resource Network, CA Department of Education

Attack Surface Reduction: Building a Culture of Risk Awareness and Proactive Defense

Beavis, 2nd Floor

As cyber threats grow more complex, reducing your agency’s attack surface is no longer just the responsibility of the CISO or IT team. This session will focus on how to build a culture of shared ownership around risk, where every department plays a role in reducing exposure. Panelists will highlight tools and strategies for proactive defense, including threat hunting, vulnerability management, and the use of state-provided threat intelligence to stay ahead of evolving risks. Attendees will gain insights into how to align people, processes, and technology to make their organizations harder targets.

Moderator: Bradley Ponce, Chief Information Security Officer, Governor’s Office of Land Use and Climate Innovation

Gerard Laygui, Chief of Information Technology Operations, Chief Information Security Officer, Information Technology, CA Governor’s Office of Emergency Services (Cal OES)

Jason Thompson, Advanced Security Engineer, Comcast Business

Identity at the Center: Strengthening Access, Privacy, and Protection

Compagno, 2nd Floor

Strong identity management is essential to securing systems, protecting data, and maintaining public trust. This session will explore how government agencies can modernize identity practices to defend against evolving threats, including AI-powered phishing attacks and social engineering tactics. Join us to discuss the connection between identity, access control, and privacy, and share approaches to reducing risk across systems and users. Learn how identity is becoming a frontline defense in a rapidly changing threat landscape.

Moderator: Mike Marshall, Agency Information Officer, CA Environmental Protection Agency

Mike Cook, Head of Fraud Insights, Socure

Matt Mello, Chief Information Security Officer, CA Department of Education

Mike Wyatt, Principal, Deloitte

Enterprise Risk Governance: Structure, Accountability, and Momentum

Carr, 2nd Floor

Effective enterprise risk management depends on clear structures, defined responsibilities, and leadership that can turn insight into action. This session will explore how agencies can develop strong governance models to manage cyber and operational risk across departments. IT leaders will discuss how mature organizations align risk priorities with mission goals, establish decision-making processes, and use methods like the FAIR framework to quantify risk in meaningful terms. Attendees will learn how to guide their organizations toward a more disciplined, transparent, and measurable approach to risk.

Moderator: Matt Nicholls, Chief Cybersecurity Risk Officer, CA State Transportation Agency

Claire Bailey, Public Sector CIO, Tanium

Ryan Fogleman, Information Security Officer, Departmental Information Security Office, CA Department of Technology

Shobha Mallarapu, President and CEO, Anvaya Solutions, Inc.

Robert Mayorga, Chief Information Security Officer, CA Franchise Tax Board

12:00 pm Pacific

Lunch

Camellia/Gardenia

1:00 pm Pacific

Bits & Bytes - GenAI 101: Cutting Through the Noise

Camellia/Gardenia

This quick, plain-language session will ground attendees in the fundamentals of generative AI: what it is, what it isn’t, and what it means for government work. Presenters will break down common terms, clarify capabilities and limitations, and address some of the most persistent myths and misunderstandings. Whether you’re new to the topic or just need a reset, this is your chance to align on the basics and start from a shared understanding of what GenAI can do, and what it can’t.

Tolgay Kizilelma, PhD., Chief Cybersecurity Compliance Officer, California State Transportation Agency

Nithya Krishna, Agency Information Security Officer, Labor and Workforce Development Agency

1:20 pm Pacific

Short Break

Please proceed to the concurrent sessions

1:30 pm Pacific

Concurrent Sessions

Zero Trust Advanced: From Concept to Implementation

Tofanelli, 2nd Floor

For teams already familiar with the principles of Zero Trust, the next challenge is turning that understanding into action. This session will explore how to apply Zero Trust in real environments, from identity management and network segmentation to data protection and continuous monitoring. Panelists will share strategies for assessing Zero Trust maturity, aligning with NIST procedures and best practices, and integrating tools that support policy enforcement. Join us to learn how to build architecture roadmaps and secure buy-in across teams to make Zero Trust real and effective.

Moderator: Payam Hojjat, Statewide Cybersecurity Risk Governance Chief, Office of Information Security, CA Department of Technology

Adam German, Agency Chief Information Security Officer, CA Health and Human Services Agency

Abdullah Lababidi, Cybersecurity Risk Specialist, Department of Technology, State of California

Jared Paulsen, Senior Solutions Consultant, Palo Alto Networks

From Intelligence to Action: Operationalizing Threat Data for Defense

Bataglieri, 2nd Floor

Threat intelligence must be acted on. This session will explore how agencies can use credible threat intel from partners like CISA, Cal-CSIC, and others to actively reduce their attack surface and hunt for risks before they become incidents. Experts will share real-world examples of how threat indicators, vulnerability reports, and behavioral insights have been turned into specific defensive actions. Expect to leave with a clearer view of how to integrate threat intel into day-to-day cybersecurity operations.

Moderator: Vanessa Faur, Cyber Security Analyst, CA Cybersecurity Integration Center, CA Office of Emergency Services

Josh Ehlers, Chief and CIO of Information Management Division, California Highway Patrol

Nate Le, Assistant Special Agent in Charge, Federal Bureau of Investigation

Jamie Parker, Senior Manager, Mandiant Intelligence, Google Cloud

Managing Third-Party Risk: From Procurement to Ongoing Oversight

Bondi, 2nd Floor

Third parties play a critical role in government operations, but they also introduce risk that must be actively managed throughout the contract lifecycle. This session will explore how agencies can assess cybersecurity risk during procurement and maintain visibility as third parties change systems and add features. Panelists will share strategies for monitoring third-party compliance, collaborating across departments, and adapting risk assessments as environments evolve. You will come away with practical guidance for building resilient third-party relationships and strengthening their overall security posture.

Moderator: Tolgay Kizilelma, PhD., Chief Cybersecurity Compliance Officer, California State Transportation Agency

Kory Fesliyan, Statewide Risk Program Manager, Office of Information Security, CA Department of Technology

Steve Meyer, Senior Security Consultant, World Wide Technology

Dylan Pletcher, Chief Information Security Officer, CalSTRS

Cybersecurity Help Is Here: Tools and Support from State Partners

Beavis, 2nd Floor

Many government agencies face growing cyber risks without the staff or budget to fully address them. This session will spotlight the resources available from state partners like the California Department of Technology and Cal-CSIC, designed to support agencies that need expert help, tools, or guidance. We’ll look at how to access services like threat intelligence, vulnerability scans, incident response, and security assessments. Participants will leave with a better understanding of what’s available, how to request support, and how to strengthen their cybersecurity posture using tools they already have access to.

John Hanafee, Advisory Services Program Chief, CA Information Security Office, CA Department of Technology

Matt Mello, Chief Information Security Officer, CA Department of Education

AI in Cybersecurity: Risk, Readiness, and Responsible Use

Compagno, 2nd Floor

The rapid growth of artificial intelligence brings new opportunities and new risks to government cybersecurity. This session will examine how AI can improve threat detection, help upskill teams, and support data loss prevention, but also how unsanctioned Shadow AI and AI-enabled attacks introduce risks that agencies may not be prepared for. Panelists will explore how to set internal guardrails, secure AI systems, and responsibly integrate AI into cybersecurity workflows. Attendees will come away with a better understanding of how to manage AI as both a tool and a risk within a cybersecurity strategy.

Moderator: Thea Man, Chief Information Security Officer, CA Office of Data and Innovation

Nithya Krishna, Agency Information Security Officer, Labor and Workforce Development Agency

Jay Shah, Senior Solutions Architect, Horizon3.ai

2:30 pm Pacific

Networking Break in Exhibit Area

Magnolia Room, Grand Nave Lobby and 2nd Floor

3:00 pm Pacific

Cyber Smarts Showdown: A Team Trivia Challenge

Camellia/Gardenia

Think you know cybersecurity? Ready to put that knowledge to the test? Join fellow attendees for a fast-paced, team-based trivia game covering topics like cyber hygiene, threat actors, identity management, privacy, and real-world government use cases. This interactive session is a chance to collaborate, compete, and connect with peers from across the public sector. Whether you're in it to win or just want to sharpen your knowledge and meet new people, this is your moment to engage, learn, and have some fun.

Hosted by:

Ken Kojima, Chief Information Security Officer, CA Department of Corrections and Rehabilitation

Thea Man, Chief Information Security Officer, CA Office of Data and Innovation

4:00 pm Pacific

Networking Reception in the Exhibit Area

Magnolia Room, Grand Nave Lobby and 2nd Floor

Network with your colleagues and discuss technology solutions with the event exhibitors.

4:30 pm Pacific

End of Conference

Conference times, agenda, and speakers are subject to change.

Sheraton Grand Sacramento

1230 J Street
Sacramento, CA 95814
(916) 447-1700

Get Directions To
Sheraton Grand Sacramento

Advisory Board

Government Representatives

Andrew Bell
Information Security Officer
Military Department
State of California

Edward Bombita
CalCSIC Commander
Governor's Office of Emergency Services
State of California

Scott Capulong
Chief Information Officer
Department of Tax and Fee Administration
State of California

Keith Clement
Professor
California State University, Fresno

Faith DeuPree
SPC Manager
Employment Development Dept
State of California

Josh Ehlers
Chief Information Officer
California Highway Patrol

Jeremy Espiritu
Cybersecurity Training Coordinator
Office of Emergency Services
State of California

Ryan Fogleman
Information Security Officer
Departmental Information Security Office, California Department of Technology
State of California

Matthew Forsberg
Cyber Operations Manager
Governor's Office of Emergency Services
State of California

John Hanafee
Advisory Services Program Chief
Department of Technology
State of California

Glenn Herdrich
Information Security Manager
County of Sacramento

Monica Hernandez
Deputy Director, Communications & Stakeholder Relations
Department of Technology
State of California

Payam Hojjat
State of California Cyber Risk & Governance Chief
Department of Technology
State of California

Lloyd Indig
Chief Information Security Officer
California Department of Justice
State of California

Christy Kidd
IT Manager II
Employment Development Dept
State of California

Tolgay Kizilelma
Chief Cybersecurity Compliance Officer
State Transportation Agency
State of California

Ken Kojima
Agency Information Security Officer
Department of Corrections & Rehabilitation
State of California

Nithya Krishna
Agency Information Security Officer
Labor & Workforce Development Agency
State of California

Albert Lam
Cyber Defense Advisor
Health & Human Services Agency
State of California

Gerard Laygui
Cyber Operations Branch Chief
Governor's Office of Emergency Services
State of California

Maria Lipana
Cyber Threat Intelligence Branch Chief
Cal-CSIC, Office of Emergency Services
State of California

Mikael Magnuson
Cybersecurity Manager
National Guard
State of California

Joseph Maio
Information Security Officer
Natural Resources Agency
State of California

Thea Man
Chief Information Security Officer
Office of Data and Innovation
State of California

Robert Mayorga
Chief Security Officer
Franchise Tax Board
State of California

Scott McArdle
Chief
California Department of Food and Agriculture
State of California

Matthew Mello
Chief Information Security Officer
Department of Education
State of California

Matt Nicholls
Cybersecurity Risk Officer
California State Transportation Agency
State of California

Doug Novak
Deputy State Chief Information Security Officer
Department of Technology
State of California

Vitaliy Panych
State Chief Information Security Officer
California Department of Technology
State of California

Daniel Pere
State Controller's Office
State of California

Jason Piccione
Chief Information Officer
Business Consumer Services and Housing Agency
State of California

Dylan Pletcher
Chief Information Security Officer
CalSTRS
State of California

Bradley Ponce
CISO
Governor's Office of Planning & Research
State of California

Aman Prasad
Partner integration Planner
Cal-CSIC
State of California

Jesse Ravera
Assistant IT Director
City of Roseville
State of California

Amy Rodriquez
Department of Technology
State of California

Hong Sae
Chief Information Officer
City of Roseville
State of California

Ravi Sharma
Agency Information Security Officer
CalEPA
State of California

Johnny Vasquez
Information Security Officer
Department of Veterans Affairs
State of California

Vivian Yan
Deputy Chief Security Officer
Franchise Tax Board
State of California

Industry Representatives

Jason Fedota
Client Relationship Executive
Deloitte

Jon Holcomb
Director of Cybersecurity Consulting
U.S. West
AHEAD

Miriam Ingenito
Account Relations Director
KPMG

Katherine Kennedy Gottfried
District Sales Manager
Palo Alto Networks

Michelle Law
Director, Government & Education Sales
Comcast Business

Shobha Mallarapu
President & CEO
Anvaya Solutions, Inc.

Vaishali Patel
Account Executive - SLED
Halcyon

Grant Tomlin
Director of Strategic Accounts
Tanium

Bret Waugh
Public Sector Account Manager
Google LLC

Chul Yim
Sales Director, SLED West
SLED West
Socure

Registration Information / Contact Us

Event Date: October 9, 2025

Open to Public Sector only.

Registration - Free

If you represent a Private Sector organization and are interested in Sponsorship Opportunities, please contact Heather Earney.

This event is open to all individuals who meet the eligibility criteria, without regard to race, color, religion, gender, gender identity, age, disability, or any other protected class. We are committed to fostering an inclusive and welcoming environment for all participants.

Contact Information

For registration and general assistance contact:

Tabbie Pegoda
Government Technology
A division of e.Republic
Phone: (916) 932-1411
E-mail: tpegoda@erepublic.com

Already a sponsor, but need a hand? Reach out to:

Mireya Gaton
Government Technology
A Division of e.Republic
Phone: (916) 296-2617
E-mail: mgaton@erepublic.com

Want to sponsor and stand out? Reach out to explore opportunities!

Heather Earney
Government Technology
A Division of e.Republic
Phone: (916) 365-2308
E-mail: heather.earney@erepublic.com

Venue

Sheraton Grand Sacramento

1230 J Street
Sacramento, CA 95814
(916) 447-1700

Show More

Room Block 

There is no room block set up for this event. To book a room at the venue, click here:
https://www.marriott.com/en-us/hotels/sacsi-sheraton-grand-sacramento-hotel/overview/

Map and Directions 

https://www.marriott.com/en-us/hotels/sacsi-sheraton-grand-sacramento-hotel/overview/

Event Parking 

Valet parking:  $40/day or $45/overnight

Note: No trailers or RVs allowed.

There are a number of local parking lots and garages in the area. 

Parking fees subject to change without notice.