Registration and Morning Refreshments in the Exhibit Area

Welcome and Opening Remarks

Hacking the Hackers: Strategies for Building Cyber Resilient Organizations

As cyber threats grow more sophisticated, organizations must stay ahead to protect their data, operations, and reputation. This session offers a glimpse into a hacker’s mindset, revealing both common and lesser-known threats. Attendees will learn practical strategies to strengthen system defenses, reduce vulnerabilities, and foster resilience. The session also explores the human side of cybersecurity, emphasizing how leaders can empower their people to play their part in upholding the organization’s cyber defense strategy. 

Tarah Wheeler,  Cybersecurity Expert, White Hat Hacker

Networking Break in the Exhibit Area

Concurrent Sessions

Practical AI and Automation for Local Government

Illinois agencies are experimenting with AI while actively pushing back on hype and “AI theater.” What’s working today comes into focus: introducing AI through clear policies, training staff on practical tools, and using automation to help small teams scale impact. This conversation explores how to build comfort among non-technical users, avoid overpromising, and align AI efforts with governance and security frameworks such as zero trust and defense-in-depth, keeping adoption realistic, responsible, and valuable.

Doing More with Less in Public Sector Cybersecurity

From three-person municipal IT shops to lean statewide teams supporting multiple agencies, many Illinois organizations are expected to deliver enterprise-grade security with limited staff and budget. Practical strategies already in use across the state take center stage, prioritizing continuous learning to build in-house expertise, structuring roles so generalists can still cover critical functions, and engaging vendors and events with intention rather than urgency. Peer examples highlight how teams balance daily operations with long-term maturity, offering tactics that work even without a large security organization.

Managing Vendor and Third-Party Risk Across Government

As reliance on SaaS, cloud platforms, and specialized vendors grows, third-party risk has become a shared responsibility across the government. End-to-end risk management is examined, from understanding what agencies still own when services are outsourced, to embedding security expectations into procurement and evaluating incident-response partners. Real-world examples from state and local initiatives ground the discussion, with practical checklists and talking points participants can use with purchasing, legal, and leadership teams.

Lunch

General Session - Building a Shared Cybersecurity Responsibility Across Illinois

Across Illinois, cybersecurity success depends on collaboration across agencies, sectors, and levels of government. State, local, and higher education leaders explore how shared responsibility, coordinated services, and strategic partnerships are strengthening cyber resilience across the state. Learn how to leverage programs delivered by the Department of Innovation and Technology (DoIT), build regional and university partnerships, and structure vendor relationships more effectively. The takeaways include a practical understanding of ownership, access points into statewide initiatives and identifying where limited resources can deliver the greatest return.

Short Break

Please proceed to the concurrent sessions.

Concurrent Sessions

Incident Response That Works When It Matters

Local leaders consistently ask for real-world incident response guidance, not theory. Lessons from the field highlight how agencies build test response playbooks and incident response plans that hold up during nights, weekends, and holidays. Join us as we discuss working with vendors during live incidents, aligning documentation with what happens under pressure, and using risk assessments and audits as tools for readiness rather than shelfware. Discover how clearer expectations emerge around what “prepared” truly looks like.

Threat Intelligence and Data Sharing Without Federal Backstops

With growing concern about reduced reliance on federal programs, Illinois leaders are rethinking how threat intelligence is shared at the state, regional, and local levels. Together, we will share practical data-sharing models and explore what “useful” threat intelligence looks like for small and mid-size teams. We will address legal and risk constraints, with an emphasis on Illinois-specific approaches that agencies can begin using immediately.

Securing Critical Infrastructure in Municipalities

For municipalities operating utilities, generators, hydro facilities, or municipal fiber networks, cybersecurity extends far beyond email and endpoints. Attention turns to operational technology security, integrating IT and OT risk management, and coordinating across multiple vendors and compliance requirements. Together, we will examine realistic funding strategies and regional collaboration models to demonstrate how meaningful improvements in critical infrastructure security are being achieved today.

Networking Break in the Exhibit Area

General Session – Why Do Security Pros and Teams Fail, and What Can You Do About It?

Why do cybersecurity and technology professionals and their teams fail? Drawing on years of experience as Michigan’s former CISO and enterprise-level CIO, CTO, and CSO, Dan Lohrmann explores this question through surprising real-world stories and insights from leading award-winning government teams. While many believe the solution lies in more training, certifications, higher salaries, bigger budgets, better leadership skills, or stronger executive buy-in, Lohrmann reveals why even well-resourced teams can still fall short and what truly drives success. This keynote outlines seven ways to revitalize your role, your team, and your professional outlook, offering practical, actionable guidance along with interactive table discussions designed to help attendees personally apply the lessons learned.

Dan Lohrman, Senior Fellow, Center for Digital Government

Reception in the Exhibit Area

End of Conference

Conference times, agenda, and speakers are subject to change.