Registration and Morning Refreshments in the Exhibit Area

Welcome and Opening Remarks

Trina Zanow, Chief Information Officer / Division Administrator, Division of Enterprise Technology, State of Wisconsin

Bill Brinkley, Chief Information Security Officer / Division Administrator, Division of Enterprise Technology, State of Wisconsin

Strengthening the Shield: Insights from the Trenches of National Security

Public-sector leaders are under pressure to defend against AI-enabled threats while modernizing critical services. Drawing on years of leading cyber operations at the NSA and protecting global financial systems, Rachel Wilson connects national security-grade lessons to state, local, and education environments. She explores how AI amplifies risks like ransomware, credential theft, and insider threats—and what CIOs, CISOs, and frontline technologists can do now to strengthen hygiene, resilience, and cross-sector collaboration. Attendees leave with concrete priorities to better protect critical assets in the age of AI.

Rachel Wilson, Managing Director and Chief Data Officer, Morgan Stanley Wealth Management; Former NSA Senior Executive

Networking Break in the Exhibit Area

Concurrent Sessions

First 24 Hours: RealWorld Incident Response in Wisconsin

When an incident hits, sequence matters. This session walks through real scenarios from Wisconsin and peer states to answer: who do you call first, second, and third; what decisions must be made in hour one; and which mistakes cause the most pain. Speakers unpack actual playbook steps—from containment to communications—and highlight how CRT, vendors, and law enforcement plug in. You’ll see redacted timelines, sample decision logs, and notification templates you can adapt for your own incident response plan.

Local Government Help Desk: Free & Low-Cost Cyber Services You’re Not Using

Many Wisconsin local governments are unaware of the cybersecurity support already available to them. This overview inventories state, regional, and federal cyber services—including incident response support, assessments, training, threat intelligence, and vendor-supported offerings—that are free or heavily subsidized. It clarifies what each service provides, who is eligible, and how to access them, including contracts and procurement paths. Participants will leave with a short, prioritized menu of services to pursue this year, along with contacts and ready-to-use language for leadership or boards.

Human Risk Management: Moving Beyond Annual Training

Traditional once-a-year awareness training is no longer sufficient. Discuss practical ways to treat people as a managed cyber risk rather than a compliance checkbox. It explores how to build effective programs using simulated phishing, role-based microlearning, leadership messaging, and positive reinforcement. Attendees will review behavior-focused metrics, strategies for gaining business leader buy-in, and techniques that work even when user attention is limited. Discover real-world lessons and proven approaches over generic slides or theoretical models.

Hackathon Lab – Student & EarlyCareer Track (On Going)

This hands-on lab kicks off a guided hackathon experience tailored for high school, college, and earlycareer participants. Facilitators introduce the environment, basic rules of engagement, and safety expectations. Attendees form teams, receive starter challenges, and learn how to think like an attacker while maintaining an ethical mindset. The lab remains open throughout the afternoon for continued play, mentoring, and informal coaching from volunteers, state practitioners, and vendor security engineers.

Lunch

General Session - What’s Really Hitting the Public Sector Now

Cyber threats are not slowing down, and they are not evenly distributed. Drawing on current incident data and front-line investigations, this vendor-neutral briefing examines who is actively targeting state, local, and education organizations, how attackers are getting in, and what happens once they do. From ransomware and business email compromise to fraud and attacks on cloud and OT environments, this session focuses on patterns that matter most right now. Special attention is given to trends affecting smaller jurisdictions and K–12 across Wisconsin, translating global threat intelligence into practical, defensible priorities. Attendees will leave with a short, focused list of “must-fix” gaps to review back home.

Short Break

Please proceed to the concurrent sessions.

Concurrent Sessions

Cyber Hygiene 101 for Small & Rural Governments

Designed for towns, small cities, school districts, and resource-constrained agencies, this discussion focuses on the small set of cybersecurity controls that deliver the greatest impact. It outlines clear, cost-effective steps to strengthen internet filtering, account security, backups, and device hardening. Attendees will review real-world examples of simple policies, communication templates, and checklists that can be reused immediately. The conversation avoids jargon and complex frameworks, emphasizing straightforward, “do this next week” guidance grounded in the realities of local government and education environments.

Secure Cloud Migration: Getting the “Security You Get for Free” (and Fixing the Rest)

Moving to the cloud can either reduce risk or shift it. This session focuses on practical security wins that come “out of the box” from major cloud providers, and where configuration mistakes reintroduce risk. Speakers share checklists for identity management, logging, backups, and data classification, along with examples of common misconfigurations encountered in audits and incidents. The goal is not clouding evangelism, but realistic guidance on how state, local, and education entities can modernize safely and at their own pace.

Cyber Risk & Funding: Grants, CostSharing, and Making the Business Case

Many agencies struggle to translate cyber risk into dollars and funding opportunities. This session explains the current state and federal grant options, common cost-sharing models (such as 80/20), and which cyber services or tools are eligible for grant funding. Presenters share examples of successful applications and how vendors can support projects without driving the agenda. You’ll learn how to frame cyber investments in terms of risk reduction, resilience, and service continuity so finance, boards, and councils understand why it matters now.

Hackathon Lab – Student & EarlyCareer Track (On Going)

This hands-on lab kicks off a guided hackathon experience tailored for high school, college, and earlycareer participants. Facilitators introduce the environment, basic rules of engagement, and safety expectations. Attendees form teams, receive starter challenges, and learn how to think like an attacker while maintaining an ethical mindset. The lab remains open throughout the afternoon for continued play, mentoring, and informal coaching from volunteers, state practitioners, and vendor security engineers.

Networking Break in the Exhibit Area

General Session – Women Leading Cyber – Visibility, Allies, and Real Change

Rather than isolating women into a separate day, this session centers women’s experiences while inviting everyone into the conversation. A panel of women cyber leaders from state, local, and military roles discuss navigating career paths, leading through crisis, and building teams where diverse voices are heard. Panelists and allies share concrete actions male and female leaders can take to sponsor talent, structure fair opportunities, and address subtle barriers. Attendees leave with practical ideas for mentoring, hiring, and culture change.

Networking Social in the Exhibit Area

Day 1 wraps with a relaxed social designed to blend learning, connection, and a little fun. Hackathon teams briefly share early progress, favorite challenges, or creative approaches, while volunteer mentors circulate to talk careers, certifications, and skill-building. Informal “Ask Me Anything” corners, featuring roles such as CISO, SOC analyst, and student, create space for candid questions and real-world insights. Light refreshments and a short cyber trivia segment keep the energy high without feeling forced. Prizes recognize standout student efforts and memorable team names, but the real objective is building relationships across Wisconsin that carry into Day 2 and beyond.

End of Day One

Registration and Morning Refreshments in the Exhibit Area

Welcome and Opening Remarks – Recap of Day 1

Bill Brinkley, Chief Information Security Officer / Division Administrator, Division of Enterprise Technology, State of Wisconsin

Major General Matthew J. Strub, The Adjutant General – Wisconsin

General Session - Local Government Offerings: Services, Volunteers, and CRT

Cybersecurity support is available to local governments, but knowing how to access it, and when, can make all the difference. Designed for counties, municipalities, school districts, and small agencies, this session brings together voices from CRT, volunteer cyber organizations, and local government to explain how assistance works in practice. What happens when a small jurisdiction calls for help? Which services are proactive versus reactive? And how do agencies get on the radar before an incident occurs? Through real stories and practical guidance, this session highlights simple entry points, clear expectations, and effective collaboration models already working across Wisconsin.

Networking Break in the Exhibit Area

Concurrent Sessions

Power AI Detection, Response, and Government Safe Use Cases

AI is reshaping both sides of the cybersecurity equation, accelerating how attacks scale and how defenders respond. For public-sector teams, the opportunity lies in using AI to improve detection, triage, and response, without introducing new privacy, data-handling, or governance risks. This session explores practical, safe use cases already emerging in government, including assisted log analysis, alert summarization, and response playbook automation. Speakers will highlight where human judgment must remain firmly in the loop and how to set clear policy guardrails. Attendees will also learn how to evaluate “AI-powered” vendor claims with the right questions, separating real capability from hype.

OT & Critical Infrastructure: Protecting the Systems You Can’t Just Patch

Many of the systems that keep communities running, water, transportation, facilities, and public safety, rely on legacy operational technology, where downtime is not an option and cyber protection is limited. So how do you reduce risk without disrupting operations? This session brings together federal and non-federal experts to walk through practical first steps to improve visibility, segmentation, and monitoring in OT environments. Using real-world case studies, attendees will learn how jurisdictions are inventorying OT assets, separating IT and OT risk, and navigating vendor-owned systems. The focus is on practical, achievable actions that meaningfully reduce risk while keeping critical services online across Wisconsin.

From Tabletop to Action: Making Exercises Actually Improve Readiness

Tabletop exercises are meant to strengthen readiness, but too often they end with good discussion and little follow-through. This session focuses on how to design, run, and close the loop on exercises that drive real improvement. Learn how to select realistic scenarios, involve the right non-technical leaders, capture decisions and gaps clearly and effectively, and use them to drive action. Presenters will share examples of effective after-action reports, prioritized task lists, and practical methods for assigning ownership. The goal is simple: help agencies move from “lessons identified” to “lessons implemented” before the next test or the next real incident.

Designing Security Programs People Actually Follow

The strongest technical controls mean little if people find ways around them. This session focuses on designing security programs with end users in mind, so processes are realistic, understandable, and more likely to be followed. Through practical examples, presenters will walk through common workflows such as onboarding, remote access, and privileged actions, showing how small design changes led to meaningful improvements in adoption. Attendees will also see examples of effective communications, quick-hit campaigns, and low-effort nudges that influence behavior without adding training burden. The session is especially relevant for agencies with limited time for annual awareness training but high expectations for results.

Lunch

General Session - Building Wisconsin’s Cyber Workforce Pipeline

Cybersecurity talent does not appear overnight, it is built through sustained, coordinated investment across education and workforce systems. This session reframes cyber as a long-term pipeline rather than a collection of one-off programs. Leaders from K–12, higher education, and workforce initiatives will share how they are introducing cyber concepts early, expanding dual-credit and certificate pathways, and connecting students to real-world experience. Attendees will also hear examples from other jurisdictions and explore what it would take to adapt or scale similar models in Wisconsin. The focus is on practical partnerships, funding opportunities, and local actions that can strengthen the next generation of cyber defenders.

Short Break

Please proceed to the concurrent sessions.

Concurrent Sessions

Fraud, Scams, and Cyber-Enabled Crime: What Security Teams Need to Know

Not every cyber incident starts or ends in IT. Many of today’s most damaging events are fraud-driven, pulling in finance, HR, program teams, and executive leadership. This session brings together law enforcement and fraud investigators to explain how modern cyber-enabled crime operates, from overseas fraud rings to business email compromise and payment diversion. Through real case studies, attendees will learn common patterns, early red flags, and why some of the most effective controls live in business processes, not security tools. The session emphasizes coordinated response and leaves participants with practical checklists and awareness messages they can share with non-technical colleagues.

Vendor & Third-Party Risk: Making Cloud and SaaS Work for You

Cloud and SaaS can accelerate modernization, but only if third-party risk is managed realistically. For many agencies, traditional vendor reviews are too heavy to sustain and too shallow to be effective. This session presents a practical approach to third-party risk tailored for smaller teams, focusing on where attention matters most and which questions actually reduce exposure. Speakers will share examples of right-sized due diligence, including contract clauses, RFP language, and strategies for leveraging statewide contracts. Attendees will also explore how tools, including AI, can streamline reviews, making it easier to say “yes” to cloud adoption while still protecting data and systems.

Soft Skills, Storytelling, and Executive Buy-In

Today’s cyber leaders influence outcomes as much as they configure technology. This session focuses on the leadership and communication skills required to move security from a perceived blocker to a trusted advisor. Speakers will share practical techniques for framing cyber risk in business terms, telling clear and compelling stories for executives, and running meetings that lead to decisions—not confusion. The discussion also covers mentoring emerging leaders, building diverse and resilient teams, and handling pushback from skeptical stakeholders. Attendees will leave with concrete approaches to strengthen executive buy-in and advance cyber programs across Wisconsin organizations.

Networking Break in the Exhibit Area

General Session – Where Wisconsin Cyber Goes Next

The summit closes with a forward-looking conversation that brings together leaders from state and local government, higher education, and federal and vendor partners. Panelists will reflect on key themes from the past two days and outline near-term priorities across AI, operational technology, local government support, funding, and workforce development. Audience questions collected throughout the summit will help shape the discussion, keeping it grounded in real needs. The session emphasizes practical next steps, highlighting actions agencies can take over the next three to six months, and reinforces a shared responsibility for strengthening cyber resilience across Wisconsin.

Reception in the Exhibit Area

End of Conference

Conference times, agenda, and speakers are subject to change.