The California Cybersecurity Education Summit focuses on addressing the unique cybersecurity challenges faced by the public sector. The event brings together government leaders and IT security professionals to discuss strategies for safeguarding sensitive information, enhancing cybersecurity infrastructure, and staying ahead of evolving threats. Attendees can expect expert insights, collaborative discussions, and practical solutions tailored to the needs of public sector organizations.
The California Cybersecurity Education Summit is dedicated to strengthening security through collaboration, uniting public and private sector tech leaders, educators, and officials to explore emerging trends, share best practices, and develop innovative strategies. California’s cybersecurity capability continues to scale, leading the nation by example through robust collaboration across all industry and state/local sectors. Join us for this full-day, in-person event featuring top national cybersecurity experts, solution providers, and hundreds of peers.
– Vitaliy Panych, State Chief Information Security Officer, California Department of Technology
Thursday, October 9 |
|
8:00 am Pacific |
Registration and Morning Refreshments in the Exhibit Area |
9:00 am Pacific |
Opening RemarksLiana Bailey Crimmins, State Chief Information Officer & Director, Department of Technology, State of California |
9:30 am Pacific |
Keynote - Strengthening the Shield: Insights from the Trenches of National SecurityThere’s no question - public-sector leaders must continue to strengthen their cyber hygiene, foster cross-sector partnerships, and adapt to the evolving threat landscape. Join Rachel Wilson, former NSA cyber operations leader, for an engaging and action-driven keynote that bridges real-world cybersecurity expertise with the challenges of emerging technologies. Drawing on her experience safeguarding critical systems, Rachel explores the heightened risks posed by AI-enabled threats like ransomware, insider attacks, and credential exploitation. This session is a call to action for everyone, from CIOs to frontline technologists, to embrace a proactive and resilient approach to protecting critical assets in the age of AI. Rachel Wilson, Managing Director and Chief Data Officer, Morgan Stanley Wealth Management |
10:30 am Pacific |
Networking Break in Exhibit Area |
11:00 am Pacific |
Concurrent SessionsNational Threat Briefing: Current Risks Facing Public AgenciesNation-state actors and well-organized threat groups continue to target public infrastructure, agencies, and critical systems across the country. This session provides a timely, intelligence-based briefing from federal and state cybersecurity leaders. Panelists will walk through credible threat activity observed in recent months, including real-world examples and closed case insights where possible. This session is intended to raise awareness of the types of threats facing California agencies right now and the tactics being used against government targets. Demystifying Zero Trust: What It Means and Why It Matters"Zero Trust" is becoming a central concept in government cybersecurity, but what does it mean? This session breaks down the core ideas behind Zero Trust in plain language. Cybersecurity leaders will explain how Zero Trust shifts the focus from defending the perimeter to assuming no one can be trusted by default. Cybersecurity leaders will share why this mindset is essential, how it helps prevent breaches, and what it means for departments across the state. Whether you're a cybersecurity pro or a department lead, this conversation will demystify the concept and show why it matters to everyone. 2025 Update: California’s Cyber-AI Workforce & Education Pipeline and RoadmapCalifornia is building a statewide Cyber-AI career pipeline that spans all levels of education (K12 through doctoral degrees) which aligns and links industry certifications and workforce models like apprenticeships and internships. This session highlights recent developments from the California Cybersecurity Task Force, including the launch of C3EP3, a unified career education and pathway project led by Cal OES, CDT, CalCSIC, and CSU Fresno bringing Cyber-AI-IT to enhance learning across classrooms, colleges/universities, and the public sector. Panelists will explore how these efforts align with AI Cybersecurity curriculum and standards, hiring needs and regional/local hubs. Get a clear view of how California is scaling a diverse, skilled cyber-AI workforce to meet cutting-edge public-sector needs in 2025. Attack Surface Reduction: Building a Culture of Risk Awareness and Proactive DefenseAs cyber threats grow more complex, reducing your agency’s attack surface is no longer just the responsibility of the CISO or IT team. This session will focus on how to build a culture of shared ownership around risk, where every department plays a role in reducing exposure. Panelists will highlight tools and strategies for proactive defense, including threat hunting, vulnerability management, and the use of state-provided threat intelligence to stay ahead of evolving risks. Attendees will gain insights into how to align people, processes, and technology to make their organizations harder targets. Identity at the Center: Strengthening Access, Privacy, and ProtectionStrong identity management is essential to securing systems, protecting data, and maintaining public trust. This session will explore how government agencies can modernize identity practices to defend against evolving threats, including AI-powered phishing attacks and social engineering tactics. Join us to discuss the connection between identity, access control, and privacy, and share approaches to reducing risk across systems and users. Learn how identity is becoming a frontline defense in a rapidly changing threat landscape. Enterprise Risk Governance: Structure, Accountability, and MomentumEffective enterprise risk management depends on clear structures, defined responsibilities, and leadership that can turn insight into action. This session will explore how agencies can develop strong governance models to manage cyber and operational risk across departments. IT leaders will discuss how mature organizations align risk priorities with mission goals, establish decision-making processes, and use methods like the FAIR framework to quantify risk in meaningful terms. Attendees will learn how to guide their organizations toward a more disciplined, transparent, and measurable approach to risk. |
12:00 pm Pacific |
Lunch |
1:00 pm Pacific |
Bits & Bytes - GenAI 101: Cutting Through the NoiseThis quick, plain-language session will ground attendees in the fundamentals of generative AI: what it is, what it isn’t, and what it means for government work. Presenters will break down common terms, clarify capabilities and limitations, and address some of the most persistent myths and misunderstandings. Whether you’re new to the topic or just need a reset, this is your chance to align on the basics and start from a shared understanding of what GenAI can do, and what it can’t. |
1:20 pm Pacific |
Short BreakPlease proceed to the concurrent sessions |
1:30 pm Pacific |
Concurrent SessionsZero Trust Advanced: From Concept to ImplementationFor teams already familiar with the principles of Zero Trust, the next challenge is turning that understanding into action. This session will explore how to apply Zero Trust in real environments, from identity management and network segmentation to data protection and continuous monitoring. Panelists will share strategies for assessing Zero Trust maturity, aligning with NIST procedures and best practices, and integrating tools that support policy enforcement. Join us to learn how to build architecture roadmaps and secure buy-in across teams to make Zero Trust real and effective. From Intelligence to Action: Operationalizing Threat Data for DefenseThreat intelligence must be acted on. This session will explore how agencies can use credible threat intel from partners like CISA, Cal-CSIC, and others to actively reduce their attack surface and hunt for risks before they become incidents. Experts will share real-world examples of how threat indicators, vulnerability reports, and behavioral insights have been turned into specific defensive actions. Expect to leave with a clearer view of how to integrate threat intel into day-to-day cybersecurity operations. Managing Third-Party Risk: From Procurement to Ongoing OversightThird parties play a critical role in government operations, but they also introduce risk that must be actively managed throughout the contract lifecycle. This session will explore how agencies can assess cybersecurity risk during procurement and maintain visibility as third parties change systems and add features. Panelists will share strategies for monitoring third-party compliance, collaborating across departments, and adapting risk assessments as environments evolve. You will come away with practical guidance for building resilient third-party relationships and strengthening their overall security posture. Cybersecurity Help Is Here: Tools and Support from State PartnersMany government agencies face growing cyber risks without the staff or budget to fully address them. This session will spotlight the resources available from state partners like the California Department of Technology and Cal-CSIC, designed to support agencies that need expert help, tools, or guidance. We’ll look at how to access services like threat intelligence, vulnerability scans, incident response, and security assessments. Participants will leave with a better understanding of what’s available, how to request support, and how to strengthen their cybersecurity posture using tools they already have access to. AI in Cybersecurity: Risk, Readiness, and Responsible UseThe rapid growth of artificial intelligence brings new opportunities and new risks to government cybersecurity. This session will examine how AI can improve threat detection, help upskill teams, and support data loss prevention, but also how unsanctioned Shadow AI and AI-enabled attacks introduce risks that agencies may not be prepared for. Panelists will explore how to set internal guardrails, secure AI systems, and responsibly integrate AI into cybersecurity workflows. Attendees will come away with a better understanding of how to manage AI as both a tool and a risk within a cybersecurity strategy. |
2:30 pm Pacific |
Networking Break in Exhibit Area |
3:00 pm Pacific |
Cyber Smarts Showdown: A Team Trivia ChallengeThink you know cybersecurity? Ready to put that knowledge to the test? Join fellow attendees for a fast-paced, team-based trivia game covering topics like cyber hygiene, threat actors, identity management, privacy, and real-world government use cases. This interactive session is a chance to collaborate, compete, and connect with peers from across the public sector. Whether you're in it to win or just want to sharpen your knowledge and meet new people, this is your moment to engage, learn, and have some fun. |
4:00 pm Pacific |
Networking Reception in the Exhibit AreaNetwork with your colleagues and discuss technology solutions with the event exhibitors. |
4:30 pm Pacific |
End of ConferenceConference times, agenda, and speakers are subject to change. |
1230 J Street
Sacramento, CA 95814
(916) 447-1700
Andrew Bell
Information Security Officer
Military Department
State of California
Edward Bombita
CalCSIC Commander
CA Governor's Office of Emergency Services
Scott Capulong
Chief Information Officer
California Department of Tax and Fee Administration
State of California
Keith Clement
Professor
California State University, Fresno
California State University, Fresno
Faith DeuPree
SPC Manager
CA Employment Development Dept
State of California
Jeremy Espiritu
Cybersecurity Training Coordinator
Office of Emergency Services
State of California
Ryan Fogleman
Information Security Officer
Departmental Information Security Office, California Department of Technology
State of California
John Hanafee
Advisory Services Program Chief
California Department of Technology
State of California
Glenn Herdrich
Information Security Manager
County of Sacramento
Monica Hernandez
Deputy Director, Communications & Stakeholder Relations
California Department of Technology
Payam Hojjat
State of California Cyber Risk & Governance Chief
California Department of Technology
State of California
Lloyd Indig
Chief Information Security Officer
California Department of Justice
State of California
Christy Kidd
IT Manager II
CA Employment Development Dept
State of California
Tolgay Kizilelma
Chief Compliance Officer
CA State Transportation Agency
State of California
Ken Kojima
Agency Information Security Officer
Department of Corrections & Rehabilitation
State of California
Nithya Krishna
Agency Information Security Officer
California Labor & Workforce Development Agency
State of California
Albert Lam
Cyber Defense Advisor
California Health & Human Services Agency
State of California
Gerard Laygui
Cyber Operations Branch Chief
California Governor's Office of Emergency Services
State of California
Maria Lipana
Cyber Threat Intelligence Branch Chief
Cal-CSIC, Office of Emergency Services
State of California
Mikael Magnuson
Cybersecurity Manager
California National Guard
State of California
Joseph Maio
Information Security Officer
Natural Resources Agency
State of California
Thea Man
Chief Information Security Officer
Office of Data and Innovation
State of California
Robert Mayorga
Chief Security Officer
Franchise Tax Board
State of California
Scott McArdle
Chief
California Department of Food and Agriculture
State of California
Matt Nicholls
Cybersecurity Risk Officer
California State Transportation Agency
State of California
Vitaliy Panych
State Chief Information Security Officer
California Department of Technology
State of California
Daniel Pere
State Controller's Office
Dylan Pletcher
CalSTRS
Bradley Ponce
CISO
CA Governor's Office of Planning & Research
Jesse Ravera
Assistant IT Director
City of Roseville
State of California
Amy Rodriquez
California Department of Technology
Hong Sae
Chief Information Officer
City of Roseville
State of California
Ravi Sharma
Agency Information Security Officer
CalEPA
State of California
Johnny Vasquez
Information Security Officer
CA Department of Veterans Affairs
State of California
Vivian Yan
Deputy Chief Security Officer
Franchise Tax Board
State of California
Jason Fedota
Client Relationship Executive
Deloitte
Jon Holcomb
Director of Cybersecurity Consulting
U.S. West
AHEAD
Miriam Ingenito
Account Relations Director
KPMG
Michelle Law
Director, Government & Education Sales
Comcast Business
Shobha Mallarapu
President & CEO
Anvaya Solutions, Inc.
Grant Tomlin
Director of Strategic Accounts
Tanium
Bret Waugh
Public Sector Account Manager
Google LLC
Chul Yim
Sales Director, SLED West
SLED West
Socure
Open to Public Sector only.
Registration - Free
If you represent a Private Sector organization and are interested in Sponsorship Opportunities, please contact Heather Earney.
This event is open to all individuals who meet the eligibility criteria, without regard to race, color, religion, gender, gender identity, age, disability, or any other protected class. We are committed to fostering an inclusive and welcoming environment for all participants.
For registration and general assistance contact:
Tabbie Pegoda
Government Technology
A division of e.Republic
Phone: (916) 932-1411
E-mail: tpegoda@erepublic.com
Already a sponsor, but need a hand? Reach out to:
Mireya Gaton
Government Technology
A division of e.Republic
Phone: (916) 365-2308
E-mail: mgaton@erepublic.com
Want to sponsor and stand out? Reach out to explore opportunities!
Heather Earney
Government Technology
A division of e.Republic
Phone: (916) 296-2617
E-mail: heather.earney@erepublic.com