Registration and Morning Refreshments in the Exhibit Area

Opening Remarks

Shawnzia Thomas, Chief Information Officer, State of Georgia

Cybersecurity State of the State

This session will provide an in-depth look at Georgia’s cybersecurity landscape, key threats, and ongoing initiatives to strengthen cyber resilience. Learn about the recent advancements in security frameworks, interagency collaboration, incident response, and vulnerability management. In addition to hearing about the current landscape, you’ll have an opportunity to learn what has accomplished to date and the priorities ahead to safeguard Georgia’s digital infrastructure and assets.

Steve Hodges, Chief Information Security Officer, Georgia Technology Authority

Cyberchat Q&A: Insights for Elevating Cyber Resilience in Your Organization

Once adversaries in the cybersphere, Hector Monsegur and Chris Tarbell have joined forces to help organizations confront today’s most pressing cyber threats. Drawing on their extraordinary experiences - one as a former black-hat hacker, the other as an FBI special agent - their conversation offers a rare, dual-lens view of the modern threat landscape. In a dynamic, audience-driven discussion, Monsegur and Tarbell break down the most significant risks facing organizations today, how real-world attacks unfold, and where defenses most often fail. Together, they share practical insights and actionable frameworks that leaders can apply to strengthen security, reduce risk, and protect operations from disruptions that can cripple organizations and erode trust.

Chris Tarbell, Director, Cyber Security and Investigations, Berkley Research Group and Former FBI Special Agent

Hector Monsegur, Cyber Security Expert and Co-founder, SafeHill

Networking Break in the Exhibit Area

Concurrent Sessions

Phishing, Social Engineering, and the Human Firewall

Phishing and social engineering remain the easiest entry point into government networks, often exploiting trust and human behavior rather than technical gaps. This session explores how public-sector organizations can modernize cybersecurity awareness by focusing on human-centered risk and real-world threats such as phishing, spoofed websites, and deepfakes, and equip employees with practical skills to recognize and respond effectively.

Moderator: Dr. Joe Lewis, Associate Vice President of Information Technology and Chief Information Security Officer, Office of Information Technology, Georgia Institute of Technology

Donald Graham, Chief Information Security Officer, City of Atlanta

Keith Jarvis, Principal Threat Researcher, Sophos Inc.

From Policy to Practice: Cybersecurity Governance in the Age of AI

As AI adoption accelerates, public-sector agencies must rethink governance, risk, and compliance alongside data privacy and regulatory obligations. This session explores how to build an AI governance roadmap within existing GRC frameworks while addressing data exposure, AI-generated records, data subject requests, and the risks that emerge when sensitive data is shared, analyzed, or managed in AI-enabled environments.

Moderator: Nikhil Deshpande, Chief Digital and AI Officer, State of Georgia

Stanton Gatewood, Cybersecurity State Coordinator, Integrated Operations Division, Region 4 – Georgia, Cybersecurity and Infrastructure Security Agency (CISA)

Making Cybersecurity Make Sense: Communicating Risk to Non-Technical Stakeholders

Cybersecurity success depends on collaboration across the enterprise. Learn practical strategies for translating cyber risk into business and mission impact, enabling more effective communication with executives, policymakers, finance teams, and program leaders who don’t speak “cyber.

Alex Kirkland, State Deputy Chief Information Security Officer, Office of Information Security, Georgia Technology Authority

Lunch

Short Break

Please proceed to the concurrent sessions.

Concurrent Sessions

From Suspicion to Recovery: Building Cyber Resilience and Continuity in the Real World

Incident response and resilience planning are increasingly complex, shaped by vendor dependencies, reporting requirements, and the need to maintain essential services during disruption. This session explores how public-sector agencies can move from early suspicion to effective incident response while designing resilient systems and continuity strategies that support recovery. Attendees will learn how to prioritize critical functions, coordinate with vendors, and shift from reactive response to proactive resilience across cyber incidents, disasters, and operational failures.

Journey to the Dark Web

Step into the world of cyber threats in this interactive session designed to raise awareness and strengthen cybersecurity practices across the public sector. Participants will experience a guided demo of information found on the dark web, engage with a panel of experts during an open Q&A, and take part in a collaborative group exercise on password protection. Walk awa with practical insights and tools to better safeguard your organization and constituents.

Identity Under Siege

Identity is often the first line of defense against cyber threats. However, as attacks targeting identity become increasingly sophisticated, we must continuously upgrade our defensive strategies to stay ahead. This session delves into the evolving tactics used by cyber adversaries to exploit identities and the critical importance of Multi-Factor Authentication (MFA) and advanced authentication methods. We will explore various forms of authentication, discuss real-world examples of identity attacks, and provide actionable strategies to fortify your organization's defenses.

Networking Break in the Exhibit Area

General Session - External Allies, Internal Security: Managing Third-Party Risks

In today’s interconnected environment, public sector organizations increasingly rely on third-party vendors for various services and solutions. However, with these partnerships come risks that must be carefully managed to protect sensitive data and maintain operational integrity. How do you safeguard your organization while leveraging the benefits of third-party collaborations? This session covers strategies for effective consequence management and mitigation.

Moderator: Anh Le, Chief of Business Operations and General Counsel, Georgia Technology Authority, State of Georgia

General Session – The Expanding Threat Landscape: Vendors, Ransomware, and Emerging Risks

From ransomware and IoT vulnerabilities to third-party risk and the dark web, public-sector threat vectors continue to evolve. This session covers vendor risk management, compliance validation, data ownership and retrieval, and ransomware preparedness—highlighting how agencies can modernize best practices without losing sight of basic cyber hygiene.

Special Agent Nate Langmack, FBI Atlanta Cyber

Networking Reception in the Exhibit Area

Network with your colleagues and discuss technology solutions with the event exhibitors.

End of Conference

*Conference times, agenda, and speakers are subject to change.