California Cybersecurity Education Summit 2025 Banner

Overview

The California Cybersecurity Education Summit focuses on addressing the unique cybersecurity challenges faced by the public sector. The event brings together government leaders and IT security professionals to discuss strategies for safeguarding sensitive information, enhancing cybersecurity infrastructure, and staying ahead of evolving threats. Attendees can expect expert insights, collaborative discussions, and practical solutions tailored to the needs of public sector organizations.

A message from our Keynote Speaker

The California Cybersecurity Education Summit is dedicated to strengthening security through collaboration, uniting public and private sector tech leaders, educators, and officials to explore emerging trends, share best practices, and develop innovative strategies. California’s cybersecurity capability continues to scale, leading the nation by example through robust collaboration across all industry and state/local sectors. Join us for this full-day, in-person event featuring top national cybersecurity experts, solution providers, and hundreds of peers.

– Vitaliy Panych, State Chief Information Security Officer, California Department of Technology

Agenda

Thursday, October 9

8:00 am Pacific

Registration and Morning Refreshments in the Exhibit Area

9:00 am Pacific

Opening Remarks

Liana Bailey Crimmins, State Chief Information Officer & Director, Department of Technology, State of California

9:30 am Pacific

Keynote - Strengthening the Shield: Insights from the Trenches of National Security

There’s no question - public-sector leaders must continue to strengthen their cyber hygiene, foster cross-sector partnerships, and adapt to the evolving threat landscape. Join Rachel Wilson, former NSA cyber operations leader, for an engaging and action-driven keynote that bridges real-world cybersecurity expertise with the challenges of emerging technologies. Drawing on her experience safeguarding critical systems, Rachel explores the heightened risks posed by AI-enabled threats like ransomware, insider attacks, and credential exploitation. This session is a call to action for everyone, from CIOs to frontline technologists, to embrace a proactive and resilient approach to protecting critical assets in the age of AI.

Rachel Wilson, Managing Director and Chief Data Officer, Morgan Stanley Wealth Management

10:30 am Pacific

Networking Break in Exhibit Area

11:00 am Pacific

Concurrent Sessions

National Threat Briefing: Current Risks Facing Public Agencies

Nation-state actors and well-organized threat groups continue to target public infrastructure, agencies, and critical systems across the country. This session provides a timely, intelligence-based briefing from federal and state cybersecurity leaders. Panelists will walk through credible threat activity observed in recent months, including real-world examples and closed case insights where possible. This session is intended to raise awareness of the types of threats facing California agencies right now and the tactics being used against government targets.

Demystifying Zero Trust: What It Means and Why It Matters

"Zero Trust" is becoming a central concept in government cybersecurity, but what does it mean? This session breaks down the core ideas behind Zero Trust in plain language. Cybersecurity leaders will explain how Zero Trust shifts the focus from defending the perimeter to assuming no one can be trusted by default. Cybersecurity leaders will share why this mindset is essential, how it helps prevent breaches, and what it means for departments across the state. Whether you're a cybersecurity pro or a department lead, this conversation will demystify the concept and show why it matters to everyone.

2025 Update: California’s Cyber-AI Workforce & Education Pipeline and Roadmap

California is building a statewide Cyber-AI career pipeline that spans all levels of education (K12 through doctoral degrees) which aligns and links industry certifications and workforce models like apprenticeships and internships. This session highlights recent developments from the California Cybersecurity Task Force, including the launch of C3EP3, a unified career education and pathway project led by Cal OES, CDT, CalCSIC, and CSU Fresno bringing Cyber-AI-IT to enhance learning across classrooms, colleges/universities, and the public sector. Panelists will explore how these efforts align with AI Cybersecurity curriculum and standards, hiring needs and regional/local hubs. Get a clear view of how California is scaling a diverse, skilled cyber-AI workforce to meet cutting-edge public-sector needs in 2025.

Attack Surface Reduction: Building a Culture of Risk Awareness and Proactive Defense

As cyber threats grow more complex, reducing your agency’s attack surface is no longer just the responsibility of the CISO or IT team. This session will focus on how to build a culture of shared ownership around risk, where every department plays a role in reducing exposure. Panelists will highlight tools and strategies for proactive defense, including threat hunting, vulnerability management, and the use of state-provided threat intelligence to stay ahead of evolving risks. Attendees will gain insights into how to align people, processes, and technology to make their organizations harder targets.

Identity at the Center: Strengthening Access, Privacy, and Protection

Strong identity management is essential to securing systems, protecting data, and maintaining public trust. This session will explore how government agencies can modernize identity practices to defend against evolving threats, including AI-powered phishing attacks and social engineering tactics. Join us to discuss the connection between identity, access control, and privacy, and share approaches to reducing risk across systems and users. Learn how identity is becoming a frontline defense in a rapidly changing threat landscape.

Enterprise Risk Governance: Structure, Accountability, and Momentum

Effective enterprise risk management depends on clear structures, defined responsibilities, and leadership that can turn insight into action. This session will explore how agencies can develop strong governance models to manage cyber and operational risk across departments. IT leaders will discuss how mature organizations align risk priorities with mission goals, establish decision-making processes, and use methods like the FAIR framework to quantify risk in meaningful terms. Attendees will learn how to guide their organizations toward a more disciplined, transparent, and measurable approach to risk.

12:00 pm Pacific

Lunch

1:00 pm Pacific

Bits & Bytes - GenAI 101: Cutting Through the Noise

This quick, plain-language session will ground attendees in the fundamentals of generative AI: what it is, what it isn’t, and what it means for government work. Presenters will break down common terms, clarify capabilities and limitations, and address some of the most persistent myths and misunderstandings. Whether you’re new to the topic or just need a reset, this is your chance to align on the basics and start from a shared understanding of what GenAI can do, and what it can’t.

1:20 pm Pacific

Short Break

Please proceed to the concurrent sessions

1:30 pm Pacific

Concurrent Sessions

Zero Trust Advanced: From Concept to Implementation

For teams already familiar with the principles of Zero Trust, the next challenge is turning that understanding into action. This session will explore how to apply Zero Trust in real environments, from identity management and network segmentation to data protection and continuous monitoring. Panelists will share strategies for assessing Zero Trust maturity, aligning with NIST procedures and best practices, and integrating tools that support policy enforcement. Join us to learn how to build architecture roadmaps and secure buy-in across teams to make Zero Trust real and effective.

From Intelligence to Action: Operationalizing Threat Data for Defense

Threat intelligence must be acted on. This session will explore how agencies can use credible threat intel from partners like CISA, Cal-CSIC, and others to actively reduce their attack surface and hunt for risks before they become incidents. Experts will share real-world examples of how threat indicators, vulnerability reports, and behavioral insights have been turned into specific defensive actions. Expect to leave with a clearer view of how to integrate threat intel into day-to-day cybersecurity operations.

Managing Third-Party Risk: From Procurement to Ongoing Oversight

Third parties play a critical role in government operations, but they also introduce risk that must be actively managed throughout the contract lifecycle. This session will explore how agencies can assess cybersecurity risk during procurement and maintain visibility as third parties change systems and add features. Panelists will share strategies for monitoring third-party compliance, collaborating across departments, and adapting risk assessments as environments evolve. You will come away with practical guidance for building resilient third-party relationships and strengthening their overall security posture.

Cybersecurity Help Is Here: Tools and Support from State Partners

Many government agencies face growing cyber risks without the staff or budget to fully address them. This session will spotlight the resources available from state partners like the California Department of Technology and Cal-CSIC, designed to support agencies that need expert help, tools, or guidance. We’ll look at how to access services like threat intelligence, vulnerability scans, incident response, and security assessments. Participants will leave with a better understanding of what’s available, how to request support, and how to strengthen their cybersecurity posture using tools they already have access to.

AI in Cybersecurity: Risk, Readiness, and Responsible Use

The rapid growth of artificial intelligence brings new opportunities and new risks to government cybersecurity. This session will examine how AI can improve threat detection, help upskill teams, and support data loss prevention, but also how unsanctioned Shadow AI and AI-enabled attacks introduce risks that agencies may not be prepared for. Panelists will explore how to set internal guardrails, secure AI systems, and responsibly integrate AI into cybersecurity workflows. Attendees will come away with a better understanding of how to manage AI as both a tool and a risk within a cybersecurity strategy.

2:30 pm Pacific

Networking Break in Exhibit Area

3:00 pm Pacific

Cyber Smarts Showdown: A Team Trivia Challenge

Think you know cybersecurity? Ready to put that knowledge to the test? Join fellow attendees for a fast-paced, team-based trivia game covering topics like cyber hygiene, threat actors, identity management, privacy, and real-world government use cases. This interactive session is a chance to collaborate, compete, and connect with peers from across the public sector. Whether you're in it to win or just want to sharpen your knowledge and meet new people, this is your moment to engage, learn, and have some fun.

4:00 pm Pacific

Networking Reception in the Exhibit Area

Network with your colleagues and discuss technology solutions with the event exhibitors.

4:30 pm Pacific

End of Conference

Conference times, agenda, and speakers are subject to change.

Sheraton Grand Sacramento

1230 J Street
Sacramento, CA 95814
(916) 447-1700

Get Directions To
Sheraton Grand Sacramento

Advisory Board

Government Representatives

Andrew Bell
Information Security Officer
Military Department
State of California

Edward Bombita
CalCSIC Commander
CA Governor's Office of Emergency Services

Scott Capulong
Chief Information Officer
California Department of Tax and Fee Administration
State of California

Keith Clement
Professor
California State University, Fresno
California State University, Fresno

Faith DeuPree
SPC Manager
CA Employment Development Dept
State of California

Jeremy Espiritu
Cybersecurity Training Coordinator
Office of Emergency Services
State of California

Ryan Fogleman
Information Security Officer
Departmental Information Security Office, California Department of Technology
State of California

John Hanafee
Advisory Services Program Chief
California Department of Technology
State of California

Glenn Herdrich
Information Security Manager
County of Sacramento

Monica Hernandez
Deputy Director, Communications & Stakeholder Relations
California Department of Technology

Payam Hojjat
State of California Cyber Risk & Governance Chief
California Department of Technology
State of California

Lloyd Indig
Chief Information Security Officer
California Department of Justice
State of California

Christy Kidd
IT Manager II
CA Employment Development Dept
State of California

Tolgay Kizilelma
Chief Compliance Officer
CA State Transportation Agency
State of California

Ken Kojima
Agency Information Security Officer
Department of Corrections & Rehabilitation
State of California

Nithya Krishna
Agency Information Security Officer
California Labor & Workforce Development Agency
State of California

Albert Lam
Cyber Defense Advisor
California Health & Human Services Agency
State of California

Gerard Laygui
Cyber Operations Branch Chief
California Governor's Office of Emergency Services
State of California

Maria Lipana
Cyber Threat Intelligence Branch Chief
Cal-CSIC, Office of Emergency Services
State of California

Mikael Magnuson
Cybersecurity Manager
California National Guard
State of California

Joseph Maio
Information Security Officer
Natural Resources Agency
State of California

Thea Man
Chief Information Security Officer
Office of Data and Innovation
State of California

Robert Mayorga
Chief Security Officer
Franchise Tax Board
State of California

Scott McArdle
Chief
California Department of Food and Agriculture
State of California

Matt Nicholls
Cybersecurity Risk Officer
California State Transportation Agency
State of California

Vitaliy Panych
State Chief Information Security Officer
California Department of Technology
State of California

Daniel Pere
State Controller's Office

Dylan Pletcher
CalSTRS

Bradley Ponce
CISO
CA Governor's Office of Planning & Research

Jesse Ravera
Assistant IT Director
City of Roseville
State of California

Amy Rodriquez
California Department of Technology

Hong Sae
Chief Information Officer
City of Roseville
State of California

Ravi Sharma
Agency Information Security Officer
CalEPA
State of California

Johnny Vasquez
Information Security Officer
CA Department of Veterans Affairs
State of California

Vivian Yan
Deputy Chief Security Officer
Franchise Tax Board
State of California

Industry Representatives

Jason Fedota
Client Relationship Executive
Deloitte

Jon Holcomb
Director of Cybersecurity Consulting
U.S. West
AHEAD

Miriam Ingenito
Account Relations Director
KPMG

Michelle Law
Director, Government & Education Sales
Comcast Business

Shobha Mallarapu
President & CEO
Anvaya Solutions, Inc.

Grant Tomlin
Director of Strategic Accounts
Tanium

Bret Waugh
Public Sector Account Manager
Google LLC

Chul Yim
Sales Director, SLED West
SLED West
Socure

Registration Information / Contact Us

Event Date: October 9, 2025

Open to Public Sector only.

Registration - Free

If you represent a Private Sector organization and are interested in Sponsorship Opportunities, please contact Heather Earney.

This event is open to all individuals who meet the eligibility criteria, without regard to race, color, religion, gender, gender identity, age, disability, or any other protected class. We are committed to fostering an inclusive and welcoming environment for all participants.

Contact Information

For registration and general assistance contact:

Tabbie Pegoda
Government Technology
A division of e.Republic
Phone: (916) 932-1411
E-mail: tpegoda@erepublic.com

Already a sponsor, but need a hand? Reach out to:

Mireya Gaton
Government Technology
A division of e.Republic
Phone: (916) 365-2308
E-mail: mgaton@erepublic.com

Want to sponsor and stand out? Reach out to explore opportunities!

Heather Earney
Government Technology
A division of e.Republic
Phone: (916) 296-2617
E-mail: heather.earney@erepublic.com

Venue

Sheraton Grand Sacramento

1230 J Street
Sacramento, CA 95814
(916) 447-1700