Registration and Morning Refreshments in the Exhibit Area

Opening Remarks and Cybersecurity Update

Keynote – Inside the Hacker's Playbook: Learning from Attackers to Optimize Defenses

Hackers and bad actors have become more sophisticated than ever. Understanding how they operate and approach the attack vector is crucial to understanding the complexities of a potential cyber-attack. In this session, ethical Hacker Mishaal Khan will walk us through a cyber battle - exploring each layer of an attack from the perspective of both the attacker and defender. Join us as we discuss best practices to enhance our security posture while providing actionable insights to fortify your defenses.

Mishaal Khan, Ethical Hacker, Author and Speaker

Networking Break in the Exhibit Area

Concurrent Sessions

Smart Threats, Smarter Defenses

Effective threat detection is crucial for safeguarding public sector organizations. But to enhance threat detection capabilities, we must improve incident response strategies and stay ahead in the ever-changing cybersecurity landscape. This session examines the latest advancements in threat detection, emphasizing the importance of intelligence sharing and incident reporting for creating a unified defense. We'll also consider the two dimensions of AI: how it is reshaping the threat landscape by enabling more complex attacks and simultaneously empowering defenders with advanced detection capabilities.

Stronger Together: The Power of Collaboration and Communication in Cybersecurity

Effective cybersecurity requires collaboration across all levels of government. This isn't the old way of handling cyber threats with isolated teams working behind closed doors. Instead, it demands a whole-of-government approach where state and local governments work together proactively, using shared models to combat the ever-increasing and evolving cyber-attacks. This session explores the vital resources and partnerships that can help keep everyone safe, emphasizing the importance of teamwork and communication in building a resilient cybersecurity strategy.

External Allies, Internal Security: Managing Third-Party Risks

In today’s interconnected environment, public sector organizations increasingly rely on third-party vendors for various services and solutions. However, with these partnerships come risks that must be carefully managed to protect sensitive data and maintain operational integrity. How do you safeguard your organization while leveraging the benefits of third-party collaborations? This session covers strategies for effective consequence management and mitigation.

Lunch

Spotlight Conversations - Resources at the Ready!

Join us for a fast-paced, resource-packed session that will equip your agency with the tools and strategies needed to enhance your cybersecurity posture. We'll spotlight key resources available to organizations of all sizes and discuss simple steps to elevate your cyber maturity. Learn how to effectively leverage organizations like MS-ISAC and CISA to prepare and defend against cyber threats. This conversation is designed to provide actionable insights and practical advice to help your agency stay secure.

Moderator: Phil Bertolini, Senior Vice President of Events, Government Technology

Short Break

Please proceed to the concurrent sessions.

Concurrent Sessions

Identity Under Siege

Identity is often the first line of defense against cyber threats. However, as attacks targeting identity become increasingly sophisticated, we must continuously upgrade our defensive strategies to stay ahead. This session delves into the evolving tactics used by cyber adversaries to exploit identities and the critical importance of Multi-Factor Authentication (MFA) and advanced authentication methods. We will explore various forms of authentication, discuss real-world examples of identity attacks, and provide actionable strategies to fortify your organization's defenses.

The Human Side of Cyber: Strengthening Security in the Age of Evolving Threats

Traditional cyber training is becoming increasingly irrelevant, and we need a new approach that emphasizes psychology and anticipates the current tactics of cyber adversaries. How do you train users effectively in this new landscape? What specific skills are required to combat modern threats like spoofed websites, phishing emails, and deepfake technology? This session considers the intersection of human behavior, cybersecurity, and training, and will help you build a resilient defense strategy that evolves to emerging threats.

From Chaos to Control: Building Your Plan for Recovery

In the face of potential disruptions, it's vital for government organizations to shift their business continuity plan from a reactive mindset to a proactive approach. You must consider strategies for managing internal risk, maintaining operational resilience, and securing the continuity of essential services. This session investigates the importance of identifying and prioritizing critical tasks that must continue, regardless of which systems may fail. After this session, you’ll know how to think differently about conducting risk assessments.

Networking Break in the Exhibit Area

Interactive Session – Real-World Cyber Attack Simulation: Preparing Defenders for the Frontline

There’s no substitute for real-world experience when it comes to preparing for cyber incidents. In an ideal world, analysts would be able to gain experience long before ever stepping foot into a Security Operations Center (SOC), but that simply hasn’t been the reality. This session offers a realistic cyber-attack tabletop exercise, immersing attendees in the intensity and dynamics of an actual attack. By engaging in this scenario, participants will develop the skills and confidence needed to respond effectively when real cyber threats occur. Join us to gain the critical experience that can make all the difference in a high-stakes environment.

Phil Bertolini, Senior Vice President of Events, Government Technology

John Petrozzelli, Director, MassCyberCenter

Networking Reception in the Exhibit Area

Network with your colleagues and discuss technology solutions with the event exhibitors.

End of Conference

Conference times, agenda, and speakers are subject to change.