Registration / Help Desk / Exhibit Hall

Welcome Reception

End of Reception

Registration / Continental Breakfast / Help Desk / Exhibit Hall

Welcome Remarks

Color Guard and National Anthem

Keynote Introduction

Keynote Presentation – How to Work Better Together – Through Collaboration in Tech, Security and AI

Transition Remarks

Networking Break in the Exhibit Hall

Network with your colleagues and discuss technology solutions with the event sponsors.

Concurrent Sessions I

Sponsored Session

Session title and description forthcoming.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Sponsored Session

Session title and description forthcoming.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Ransomware Ready (1 of 4): Foundations First – Access Control and Backups That Protect What Matters

(Ransomware Prevention/Resilience)

Small jurisdictions often face the perfect storm of limited staff, aging technology, and increasing ransomware pressure. This session focuses on two of the most powerful and achievable starter controls: Access Control and Data Backup. Participants will learn how these foundational policies prevent unauthorized access, limit lateral movement, and enable reliable recovery, even in environments with minimal resources, and will leave with sample policies and simple implementation checklists from peer jurisdictions.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Elections in the Age of AI

(Elections Security)

Session description forthcoming.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Building Trustworthy AI: Practical Guidance for SLTTs on Transparency, Governance, and Secure GenAI Adoption

(AI, GenAI, Machine Learning)

As generative AI becomes embedded across SLTT operations, jurisdictions must establish clear expectations for responsible use grounded in transparency, governance, and security. This session provides SLTT leaders and practitioners with a practical blueprint for creating a GenAI transparency statement, developing Responsible AI guidance, and operationalizing AI Playbooks for AI Readiness, Governance, Risk Review, and Procurement. Attendees will walk away with actionable templates and best practices for responsibly integrating GenAI into enterprise workflows.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Whole-of-State in Action, Part I: State Playbooks for Advancing Local Cyber Resilience

(Whole-of-State)

In this first session of the Whole-of-State in Action series, panelists from two to three states provide an unfiltered look into how their government structures, funding strategies, SLCGP implementations, and intergovernmental partnerships are shaping cyber resilience for municipalities, counties, school districts, and tribes. State leaders will share their practical playbooks: what's working, what they would do differently, and how they are building trust while navigating political, financial, and operational realities.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Campus-Powered Cyber Defense: How Regional Higher-Ed SOCs Are Advancing Local Government Resilience

(Higher Education)

Colleges and universities are stepping forward as vital force-multipliers in SLTT cybersecurity, operating student-powered Security Operations Centers that deliver real-time monitoring, threat analysis, and incident response for local governments and regional partners. This session presents a case study from one such institution and concludes with a proposal to launch an MS-ISAC Connect-based Student Threat Intelligence Sharing and Collaboration Community enabling student analysts across the nation to exchange insights and collaboratively track emerging threats.

* * * * * * * * * * * * * * * * * * * * * * * * * *

GovRamp Session

(GovRamp)

Session title and description forthcoming.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Breaking the Enemy: Proactive Defense with Threat Intelligence

(Threat Intel/SecOps/IR)

This session shows a better way to operationalize threat intelligence at scale—blending free and low-cost public intel with commercial EDR, NGFW, and intelligence platforms plus strategic manual investigation to hunt and disrupt attacker infrastructure before they strike. Attendees will leave with a practical, implementable playbook covering MS-ISAC threat bulletins, pivot techniques with free tools, manual and automated workflows, and repeatable playbooks that turn one-off hunts into systematic controls.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Short Break

Concurrent Sessions II

Sponsored Session

Session title and description forthcoming.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Modernizing Vulnerability Operations at State Scale: Virginia's Journey to Unified Risk Management in a Decentralized Environment

(Vulnerability Management/Risk Management)

In this case study, the Virginia Information Technologies Agency (VITA) shares its multi-year effort to modernize statewide vulnerability and exposure management across 68 independent executive branch agencies. Session attendees will learn how VITA reduced manual triage effort by 80%, cut high-risk vulnerabilities by 50% in three months, and established a scalable, intelligence-driven model for remediation across a decentralized enterprise.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Ransomware Ready (2 of 4): Block the Bait, Seal the Gaps — Email/Phishing Defense and Software Update Policies

(Ransomware Prevention/Resilience)

Ransomware most often enters through an email click or an unpatched system—two risks that small and under-resourced jurisdictions can meaningfully reduce with clear policy and consistent practice. This session centers on developing and implementing Email and Phishing Protection and Software Update (Patch Management) policies that meet the needs of small, diverse government environments, including practical guidance on handling suspicious messages, patching prioritization, and a "minimum viable patching calendar."

* * * * * * * * * * * * * * * * * * * * * * * * * *

Ongoing Election Threats, Information Sharing and What's Left at the Federal Level

(Elections Security)

Session description forthcoming.

* * * * * * * * * * * * * * * * * * * * * * * * * *

AI, Human Behavior, and Cyber Resilience in Government

(AI, GenAI, Machine Learning)

As artificial intelligence reshapes the cyber threat landscape, government organizations must prepare for more than technical attacks alone. This session presents a practical case study from a large local government environment and introduces a multidisciplinary approach integrating cybersecurity leadership, AI risk, cyber psychology, and Organizational Psychology. Attendees will learn how modern threats increasingly exploit cognitive overload, trust gaps, and behavioral predictability, and how leaders can respond by building resilience in people, systems, and institutions.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Whole-of-State in Action, Part II: Confronting Real Challenges in State–Local Cyber Partnerships

(Whole-of-State)

Building on Part I, this second panel dives deeper into the realities and friction points of operationalizing whole-of-state cybersecurity. Panelists representing states at different maturity levels will discuss nuanced challenges that arise when aligning state strategies with local jurisdictions—including sustaining local engagement, addressing unfunded mandates, balancing compliance and flexibility, and building long-term resilience beyond grant cycles.

* * * * * * * * * * * * * * * * * * * * * * * * * *

MS-ISAC Higher Ed Member Connect and Fraudulent Student Applications

(Higher Education)

This session focuses on the value of MS-ISAC's Member Connect platform for higher education and the importance of expanding participation across institutions. The session then transitions to a discussion on ghost student accounts—fraudulent enrollment records—and their significant impact on federal funding for higher-education organizations.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Secure by Design: Embedding Enterprise Cyber Resilience into Local Government Software

(Local Government)

This session explores how organizations can make security a foundational characteristic across the entire system lifecycle, from concept and design to deployment, operation, and decommissioning. Drawing on enterprise cyber strategies, real-world case studies, and practical frameworks, attendees will learn how to embed security into culture, governance, and supply chains to create infrastructure that is inherently robust, resistant to attack, and capable of rapid recovery.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Response to Business Email Compromise in Gmail: The First 10 Minutes, Hour, Day...

(Threat Intel/SecOps/IR)

In this session, you will examine the real-life actions of an Incident Response Team faced with Business Email Compromise of a staff member's Gmail account in a Google Workspace for Education Plus tenant. From initial detection and the first 10 minutes through the first day, you will critique the decisions, tools, and techniques used when the Incident Response Plan was put to the test. You will hear the good, the bad, and the ugly of a real-life incident response, and have the opportunity to suggest actions that might have made the response more efficient or effective.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Working Lunch

General Session – Joint Threat Brief: Center for Internet Security and Center for Digital Government

Networking Break in the Exhibit Hall

Network with your colleagues and discuss technology solutions with the event sponsors.

Concurrent Sessions III

Sponsored Session

Session title and description forthcoming.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Vulnerability Management Best Practices

(Vulnerability Management/Risk Management)

Effective vulnerability management requires clear articulation of value, urgency, and business impact. This session facilitates a conversation on practical strategies to strengthen vulnerability management programs and secure the budgets needed to sustain them—covering how to speak the language of the business, frame risk effectively, and position security investments as essential enablers rather than cost centers.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Ransomware Ready (3 of 4): Detect, Contain, Recover — Endpoint Protection and Incident Response for Lean Teams

(Ransomware Prevention/Resilience)

Even with preventative controls in place, small jurisdictions must be ready to act fast when ransomware indicators appear. This session helps participants implement Endpoint Protection and Incident Response policies in a way that fits "small shop" realities: shared roles, limited monitoring, and mixed device inventories. Attendees will receive actionable draft policies, role checklists, and "first 30 minutes" response guidance, plus opportunities to join future MS-ISAC-hosted tabletop exercises.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Promoting AI's Safe Usage for Elections

(Elections Security)

This session explores the evolving role of artificial intelligence in electoral processes, focusing on its potential to improve data-driven decision-making amid the growing challenges of misinformation, manipulation, and voter suppression. It examines how AI tools could address information gaps for voters, candidates, and election commissions while acknowledging the skepticism and concerns that surround the use of AI in critical civic functions.

* * * * * * * * * * * * * * * * * * * * * * * * * *

The Gaming Industry – Organically Aligned with AI

(AI, GenAI, Machine Learning)

This session discusses the evolving threat landscape of the casino industry and the challenges faced with the emergence of artificial intelligence, exploring how the gaming sector's technology-forward culture creates both unique vulnerabilities and innovative defense strategies.

* * * * * * * * * * * * * * * * * * * * * * * * * *

GovRamp Session

(GovRamp)

Session title and description forthcoming.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Location, Location, Location! Leveraging the Power of Proximity

(Higher Education)

This session highlights the University of South Carolina Aiken's strategic advantage in cultivating a world-class cyber and technical workforce through close partnerships with the Savannah River Site, Fort Gordon's U.S. Army Cyber Command, and the South Carolina National Guard. A cornerstone of this proximity-driven strategy is the development of the Cyber Innovation Center (CIC) and the future on-campus home of the SC National Guard's 125th Cyber Battalion, creating a living laboratory where academic programs, military cyber units, and industry partners train side-by-side.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Small Government, Big Problems: Utilizing Open-Source Software to Support Citizens

(Local Government)

Small and local governments face an outsized challenge: rising expectations from citizens paired with shrinking budgets, limited staff, and a complex technology landscape. This session explores how open-source software can help governments break out of that cycle—providing flexibility, transparency, and long-term sustainability while reducing vendor lock-in and enabling collaboration across agencies. The session addresses common concerns around support, security, and staffing, and separates myth from reality around open source in government.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Log Aggregation and SIEM Overview

(Threat Intel/SecOps/IR)

This technical presentation provides a practical overview of log aggregation and its evolution into full Security Information and Event Management (SIEM) capabilities. The session covers centralized log aggregation, real-world methods for collecting logs from diverse sources (Linux, Windows, network devices, cloud/container environments), prevalent log formats and parsing techniques, and the distinction between basic aggregation platforms and mature SIEM solutions. Attendees will leave with actionable insights to design scalable logging pipelines.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Short Break / Transition to the General Session

Fireside Chat

General Session – Strengthening the Nation Together: The New MS-ISAC Charter and Governance Model for the Future of SLTT Cybersecurity

In this end-of-day plenary keynote, the Chair of the Interim Member Governance Board (IMGB) will unveil the newly revised MS-ISAC Charter and Governance Model, developed through rigorous engagement with the SLTT community. This session explores how the revised governance structure strengthens MS-ISAC's value proposition, reinforces transparency and member influence, and creates a more unified, collaborative environment among the MS-ISAC and the state, local, tribal, and territorial government ecosystem. The session concludes with a first-of-its-kind MS-ISAC Champagne Toast.

ISAC Awards Ceremony

Closing Reception

Adjourn Day 1

Registration / Continental Breakfast / Help Desk / Exhibit Hall

Opening Remarks and Day 1 Recap

Keynote Presentation – Cyberchat Q and A: Insights for Elevating Cyber Resilience in Your Organization

Once adversaries in the cybersphere, Hector Monsegur and Chris Tarbell have joined forces to help organizations confront today’s most pressing cyber threats. Drawing on their extraordinary experiences - one as a former black-hat hacker, the other as an FBI special agent - their conversation offers a rare, dual-lens view of the modern threat landscape. In a dynamic, audience-driven discussion, Monsegur and Tarbell break down the most significant risks facing organizations today, how real-world attacks unfold, and where defenses most often fail. Together, they share practical insights and actionable frameworks that leaders can apply to strengthen security, reduce risk, and protect operations from disruptions that can cripple organizations and erode trust.

Chris Tarbell, Director, Cyber Security and Investigations, Berkley Research Group and Former FBI Special Agent

Hector Monsegur,  Cyber Security Expert and Co-founder, SafeHill

Transition Remarks

Networking Break in the Exhibit Hall

Network with your colleagues and discuss technology solutions with the event sponsors.

Concurrent Sessions I

Sponsored Session

Session title and description forthcoming.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Translating Cyber Risk: The Bridge Between Security Operations and Governance

(Vulnerability Management/Risk Management)

Security operations teams generate metrics; executive leadership requires decision-ready intelligence tied to mission continuity, fiscal stewardship, and public trust. This session presents a practical case study on translating cybersecurity operations into executive-level governance reporting—covering how to convert operational security metrics into strategic risk narratives, design executive dashboards that emphasize clarity over complexity, and establish reporting rhythms that sustain cross-functional accountability.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Ransomware Ready (4 of 4): People Are the Perimeter — Practical User Awareness and Training That Changes Behavior

(Ransomware Prevention/Resilience)

The most effective ransomware defense combines technical controls with an informed, confident workforce. This capstone session of the Ransomware Ready series focuses on establishing a User Awareness and Training Policy that empowers staff across all departments to identify and prevent ransomware risks. The session will launch a year-long MS-ISAC collaborative initiative where participants exercise new policies in virtual training settings and contribute to periodic updates of the Ransomware Prevention Toolkit.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Managing Election Supply Chain Security Through Procurement

(Elections Security)

Election infrastructure relies on complex supply chains spanning technology, services, and physical materials, making procurement a critical control point for managing security risk. This session explores how election officials can integrate supply chain security into procurement practices to safeguard the integrity, availability, and trustworthiness of election systems and technology providers.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Shadow AI in the C-Suite: What You Don't Know About

(AI, GenAI, Machine Learning)

Right now, someone in your organization is pasting sensitive data into an AI tool you didn't approve, don't monitor, and can't audit. This session demystifies AI for executive leaders, cutting through the hype to show that AI runs on the same infrastructure you already secure. The session walks through four critical privacy risk categories—including data exposure, shadow AI adoption, and vendor liability, then delivers a practical decision framework for accepting or mitigating each one.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Whole-of-State in Action, Part III: State Oversight of Cybersecurity: Protecting Sensitive Data and Critical Infrastructure

(Whole-of-State)

States can play a pivotal role in assessing the effectiveness of existing cybersecurity controls and driving improvement across their jurisdictions. This session explores how cybersecurity oversight frameworks can protect sensitive data and critical infrastructure, emphasizing that improvements must come through effective risk management, governance, and well-thought-out partnerships across local, state, federal, and private sectors, especially when resources are limited.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Protecting PLC/SCADA Labs in Higher Education

(Higher Education)

In higher-education institutions that collaborate with local industry partners to support workplace-learning programs, securing environments that rely on PLC/SCADA hardware is essential. This discussion outlines how one institution protected its operational environment, given the software's limitations and its challenges operating within modern network architectures.

* * * * * * * * * * * * * * * * * * * * * * * * * *

From Reactive to Resilient: Securing Executive Buy-In to Scale Local Government Cybersecurity

(Local Government)

This case study explores the journey of transforming a reactive security posture into a fully funded, proactive program within a county government. The session pulls back the curtain on specific strategies used to secure executive buy-in for a 300% increase in staffing and the budget for a modernized security stack—covering how to speak the language of elected officials, leverage strategic partnerships, and navigate the local government budget cycle.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Beyond Passwords: Evolving Authentication in a Threat-Filled World

(Security Best Practice)

Traditional username/password authentication remains the most common - and most exploited - identity verification method. This session examines persistent weaknesses in password-based systems, quantifies the security gains and remaining attack surface of common MFA implementations, and explains why these methods continue to fail against determined attackers. The presentation then introduces FIDO2 passkeys as a modern, phishing-resistant alternative using public-key cryptography and device-bound credentials.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Short Break

Concurrent Sessions II

Sponsored Session

Session title and description forthcoming.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Why Do Security Pros and Teams Fail, and What Can You Do About It?

(Professional Development)

Session description forthcoming.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Malicious Code Analysis Platform (MCAP)

(Threat Intel/SecOps/IR)

This session walks through MCAP (Malicious Code Analysis Platform) capabilities and demonstrates how members can incorporate MCAP into their incident response workflows, including a real-world analysis example showing how MCAP reduces investigation time and strengthens incident response. The session will also review the product roadmap and discuss how it will be shaped by member feedback.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Secure Elections: Working with Emergency Managers

(Elections Security)

Secure elections require more than cybersecurity; they demand close coordination between election officials and emergency managers. As elections are designated critical infrastructure, election officials must integrate emergency planning, incident command, risk assessment, and crisis communication into election operations. This session explores how emergency management expertise in preparedness, response coordination, and recovery helps ensure continuity of voting during natural disasters, cyber incidents, and physical threats.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Advanced DLP Protection for GenAI

(AI, GenAI, Machine Learning)

GenAI isn't the real problem—unmanaged data is. This session examines practical approaches to securing both GenAI and sensitive data assets, sharing two logical approaches to address data loss across three primary categories: sensitive corporate data and intellectual property, PII/PHI, and maliciously generated code. Attendees will leave with a clearer picture of how smarter XDR-based protection enables teams to innovate without leaking what matters most.

* * * * * * * * * * * * * * * * * * * * * * * * * *

San Bernardino County Sheriff's Department — Royal Ransomware Recovery I Right of Boom Realities: Leadership Lessons on Key Activities That Enhance Preparedness

(Ransomware Prevention/Incident Response)

This session presents an in-depth overview of the Royal Ransomware attack that struck the San Bernardino County Sheriff's Department on 4/7/2023, one of the largest law-enforcement agencies in the nation. The attack prompted immediate coordination with Cyber Insurance, County IT, the FBI, DHS, CalOES, JRIC, and Microsoft, and disrupted multiple mission-critical systems including CAD, CLETS, report writing, jail and patrol systems, and more. Attendees will gain firsthand insight into the response timeline, key decisions, and lessons learned. In this candid panel discussion, leaders who have navigated real-world cyber crises share the essential lessons they learned "right of boom," providing insights on best practices that should be contemplated and operationalized long before an incident occurs. Panelists explore the practical value of pre-event planning, including establishing and exercising response policies, validating communication chains, pre-authorizing decision pathways, and conducting meaningful tabletop exercises that truly stress-test assumptions.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Why Should I Be Bothered? OT Teams and the Cybersecurity Hassle

(Operational Technology (OT) Security)

This session examines the unique challenges faced by Operational Technology (OT) teams when confronted with cybersecurity requirements, exploring why OT professionals often view security mandates as a "hassle" and how to bridge the gap between IT security practices and OT operational realities.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Building Defensible Cyber Maturity in Resource-Constrained Governments

(Local Government)

Many state and local government entities approach cybersecurity maturity assessments as compliance exercises—something to complete, file, and forget. This session challenges that model. Drawing from hands-on experience designing and delivering Texas Cybersecurity Framework (TCF) assessments across a wide range of SLED entities, this session walks through how to build assessment methodology that is consistent, repeatable, and genuinely defensible. Attendees will leave with a clearer framework for thinking about maturity assessment not as a snapshot, but as a foundation for long-term program development.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Operationalizing Zero Trust: Advancing Maturity Through SASE and SSE

(Security Best Practice)

This session provides a practical framework for operationalizing Zero Trust using Secure Access Service Edge (SASE) and Security Service Edge (SSE) capabilities aligned to CISA's Zero Trust Maturity Model (ZTMM). The discussion focuses on how SLTT entities can move from "Initial" to "Advanced" maturity by integrating identity, device posture, network segmentation, application access, and data protection into a cohesive enforcement fabric.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Working Lunch

General Session – From Crisis to Cohesion: Strengthening SLTT Resilience Through Integrated Emergency Management and Cyber Defense

This luncheon panel session brings together leading experts from the National Homeland Security Consortium (NHSC) for a dynamic, facilitated discussion focused on the evolving landscape of emergency management and its critical intersection with security and resilience among SLTT governments. Panelists will explore whole-community readiness, cross-jurisdictional coordination, intelligence-informed planning, and the operational convergence of cyber and physical incident response.

National Homeland Security Consortium (NHSC)

Networking Break in the Exhibit Hall

Network with your colleagues and discuss technology solutions with the event sponsors.

Concurrent Sessions III

Sponsored Session

Session title and description forthcoming.

* * * * * * * * * * * * * * * * * * * * * * * * * *

IT Budgets: From Cost Centers to Business Enablers

(Budget/Leadership)

Cybersecurity remains one of the toughest investments to justify because its ROI is largely invisible. When security works, nothing happens, and "nothing" is a hard sell. This session is a facilitated conversation focused on practical strategies to increase your chances of getting IT and cybersecurity budgets approved—by speaking the language of the business, framing risk effectively, and positioning security as a business enabler rather than a cost center.

* * * * * * * * * * * * * * * * * * * * * * * * * *

SCARE to CARES: Navigating Ransomware Incidents without Chaos

(Ransomware Prevention/Incident Response)

Ransomware attacks rarely fail because of technology alone. Organizations struggle when stress rises, communication breaks down, and teams lose clarity during fast-moving incidents. This session introduces the SCARE to CARES leadership framework—developed from real-world experience leading through a major ransomware incident—helping leaders guide teams from fear and chaos toward calm, coordination, and decisive action through: Communicate, Adapt, Relationships, Empower, and Stay Calm.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Understanding the Perpetrators Who Threaten Election Workers: Behavioral Insights from DOJ Election Threat Cases

(Elections Security)

This session presents a case-study analysis of twenty-one criminal cases prosecuted by the Department of Justice's Election Threats Task Force, analyzed through the lens of behavioral threat assessment frameworks. The discussion connects research findings to the current election threat environment and presents ten actionable recommendations that election officials and security partners can implement to strengthen prevention, detection, and response efforts.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Envisioning a Future State Cybersecurity Program 2028 (Public Sector)

(AI, GenAI, Machine Learning)

Public sector cybersecurity programs are trying to fight today's attacks with yesterday's organizational operating models. This session outlines a near-term, achievable future state model for public sector cybersecurity that fully leverages data science and generative AI technologies, backed by strong governance and leadership—connecting emerging technology with frameworks like NIST NICE, CSF, and ISO 27001 to present a notional Future State Program for 2028.

* * * * * * * * * * * * * * * * * * * * * * * * * *

NIST Session

(Standards and Frameworks)

Session title and description forthcoming.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Quantum Resiliency in Cryptography for SLTT Security

(Emerging Technology)

Cryptographically-relevant quantum computers will arrive any time now, and as long-lived institutions, SLTTs are uniquely valuable targets for "harvest now, decrypt later" strategies. This session covers why quantum matters for SLTTs, a plain-English overview of quantum computing, which classical cryptographic algorithms are at risk (including RSA and Elliptic Curve Cryptography), what quantum-resilient cryptography looks like, and a practical roadmap for cryptographic inventory, prioritization, and pilot PQC deployment.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Too Small for a CISO

(Local Government)

The vast majority of small agencies can barely afford a single person in an IT Leadership role, let alone a dedicated CISO. This panel discussion brings together small agency CIOs in "dual-hat" roles to discuss the pros and cons of this approach and what they have done to make it work—including how to build cross-functional teams that successfully balance technology facilitation and organizational defense.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Visualizing Security Posture by Mapping Tools to the CIS Framework

(Security Best Practice)

This case study explores a practical, visual approach to Governance, Risk, and Compliance (GRC) designed to solve the challenges of assessment fatigue, redundant toolsets, and resource drain. Attendees will walk through a complete use case of mapping an organization's security stack directly to CIS Control Safeguards, highlighting rapid identification of coverage gaps, elimination of overlapping vendor solutions, and the ability to clearly communicate compliance posture to both technical teams and executive leadership.

* * * * * * * * * * * * * * * * * * * * * * * * * *

Short Break / Transition to the General Session

General Session

Fireside Chat – Elections

Adjourn Day 2

Registration / Continental Breakfast / Help Desk

Opening Remarks and Day 2 Recap

General Session – State Key State Key Perspectives on the Future of SLTT Cybersecurity – NASCIO Survey Results Briefing

Transition Remarks

General Session – From Vision to Reality: How Florida is Ensuring Stable State Funding for Local Government Cybersecurity Programs

The State of Florida is breaking new ground by advancing landmark legislation establishing a dedicated statewide appropriation to strengthen cybersecurity programs, tools, and services specifically for counties, cities, school districts, and special districts. This session brings together local government leadership who championed the effort and state legislators who sponsored and shaped the bill, offering attendees rare insights into how policy, advocacy, and operational needs can converge to produce a transformative funding model for local governments.

Transition Remarks

General Session – “LTT” Key Perspectives on the Future of SLTT Cybersecurity

Transition Remarks

General Session – The Voice of the SLTT: How to Thrive in Cybersecurity in 2026–2027

Closing Remarks: Next Steps in Our SLTT Cybersecurity Call to Action

End of Summit

Conference times, agenda, and speakers are subject to change.