Event Agenda

As threat actors increasingly target local governments, school districts, and municipal utilities, defending the state’s digital perimeter requires a unified front. In this keynote presentation, the Cybersecurity State Coordinator of Texas for CISA pulls back the curtain on the federal blueprint designed to shield the state’s 16 critical infrastructure sectors. This session breaks down how Texas public and private entities can move from a reactive posture to proactive resilience. Attendees will discover how to leverage CISA’s no-cost risk assessments, tap into real-time threat-sharing networks, and build operational continuity plans capable of mitigating sophisticated, state-sponsored cyber disruptions.
.
● Learn how to utilize federal-state information sharing networks to defend internet-facing assets against emerging zero-day exploits
● Hear practical strategies for aligning state, local, and private infrastructure defense with CISA’s national resilience framework
● See how you can take advantage of federal cyber services, including vulnerability scanning, architectural reviews, and tabletop exercises
.
– Ernesto Ballesteros, Cybersecurity State Coordinator of Texas, Cybersecurity and Infrastructure Security Agency (CISA)
.

To survive today’s modern cyber attacks, organizations must move beyond human-scale processing and embrace the Velocity Shift. In this session, we examine the transition from human-led, tool-assisted security to AI-driven operations. We will explore how to integrate ML and GenAI into the fabric of the SOC to automate high-volume triage, predict adversary movement, and execute defensive maneuvers at a speed that traditional workflows simply cannot match.
.

• Allow AI to handle the “cognitive load” of Tier-1 analysis, allowing humans to focus on high-value hunting
• Achieve greater efficiency in identifying the “signals in the noise” before a full-scale breach occurs
• See what autonomous response looks like, and how much “human-in-the-loop” is actually required for safety

.
.

As cybercriminals shift from automated scripts to weaponized, self-learning AI, traditional perimeter defenses are crumbling. This presentation exposes how attackers use generative AI to orchestrate hyper-targeted phishing campaigns, bypass biometric authentication, and execute automated, evasive malware at scale. We will move beyond the hype to examine real-world case studies of AI-driven breaches and deliver a pragmatic blueprint for building an active, AI-powered defense. Attendees will leave equipped to modernize their security architecture for the era of cognitive warfare.
.

• • Understand how threat actors use generative models to accelerate the attack lifecycle
  • Deploy behavioral machine learning to detect and neutralize anomalies in real time
  • Implement zero-trust frameworks specifically optimized to counter synthetic identity fraud and automated exploits

.
– Senior Expert, Dispel
.

As AI capabilities accelerate, the means to defend our systems grows, but so does the ability for malicious actors to launch harmful attacks. This panel explores whether AI will secure our digital infrastructure or systematically dismantle it. Central to this debate is the recent development of Claude Mythos Preview, an unreleased frontier model that recently autonomously exposed over 10,000 high-severity vulnerabilities across critical software. Does this herold a revolution in cyber defense, or are there major concerns for what harm future AI-powered attacks will bring?
.
● What impact will models like Claude Mythos Preview have on traditional patch-management cycles?
● Is an entirely autonomous, self-healing software architecture coming in the future?
● If a ‘Mythos 1’ or similar open-source model falls into the hands of malicious actors, what does Day 1 of that reality look like for enterprise defense?
● Can we prevent these autonomous exploitation capabilities from proliferating to cybercriminals?
.
– Khamonte Johnson, CISO, Red Oak Compliance and VP, Cloud Security Alliance – Austin Chapter
– Linda Bough White, Director Information Security, Axiom Medical
.

With many threats going under the radar, what you can’t see will hurt you. This session demonstrates how External Attack Surface Management (EASM) uncovers hidden vulnerabilities and shadow IT. Learn to think like a threat actor, identifying exposed digital assets and closing critical security gaps before they are exploited.
.
.

In today’s cyber landscape, dark data has emerged as an intricate challenge, accentuated by the untapped potential of threat intelligence. While copious amounts of threat intelligence are at organizations’ disposal, many find themselves ill-equipped with the security tools needed to harness this vital information, relegating essential insights to the realm of dark data. In this session, we delve into vital technological advancements that empower organizations to embark on threat hunting within the vast expanses of dark data.
.

• • Understand the intricacies of dark data in the cybersecurity landscape
  • Dive into the latest advancements, such as AI and EDR systems, for effective threat hunting
  • Learn about practical applications, challenges, and strategies for navigating the complexities of dark data and threat intelligence

.
.

As organisations race to integrate Generative AI, the boundary between innovation and risk has never been thinner. In this case study session, our expert speaker moves beyond theoretical frameworks to provide a candid look at how a leading enterprise successfully implemented its AI governance structure. We will explore the journey from managing “Shadow AI” to establishing a robust, scalable environment that prevents data leakage whilst empowering users.
.
● Learn how we moved from reactive AI bans to a proactive, risk-based governance model
● Hear practical techniques for monitoring and securing sensitive corporate data within third-party GenAI tools
● Define the roles of Security, Legal, and IT in building a sustainable AI Oversight Committee
.
– Wyman Miles, CISO, Universal Aviation

As traditional network boundaries dissolve, identity has become the primary battleground for enterprise security. Legacy MFA is no longer enough to stop sophisticated attackers utilizing AI-driven phishing and session hijacking. This session explores how to modernize your identity strategy by aligning MFA with a strict Zero Trust architecture. We will dive into the transition toward phishing-resistant authentication—such as passkeys—and discuss how to leverage continuous behavioral signals to verify trust. Learn how to transform authentication from a static checkpoint into an adaptive, continuous shield for your organization.
.

• • Transition away from vulnerable legacy methods like SMS and basic push notifications to FIDO2-backed protocols
  • Implement context-aware authentication that continuously evaluates user behavior, device health, and risk signals
  • Integrate modern identity verification tightly into your broader network segmentation and access control frameworks

  .
  .
  

As AI technology advances, cybercriminals are rapidly shifting from manual exploits to automated, targeted, and rapid AI-powered attacks. To survive this new threat landscape, legacy defense strategies are no longer enough. This session explores how organizations can leverage machine learning and automated response tools to outsmart adaptive threats. We will break down the anatomy of an AI-driven breach and demonstrate how to build an active, predictive defense framework that neutralizes threats before they disrupt your business.
.

• • Understand how threat actors use generative AI to scale sophisticated phishing and malware campaigns
  • Transition from reactive security to predictive, AI-driven anomaly detection and automated response
  • Implement practical guardrails to secure your enterprise’s internal AI tools against data poisoning and reverse-engineering

  .
  .
  

Traditional, point-in-time vendor questionnaires can no longer keep pace with today’s dynamic supply chains. As ecosystems expand, static checklists leave blind spots that attackers exploit to breach the enterprise. This session outlines the transition to an automated, continuous monitoring approach for Third-Party Risk Management. Discover how to leverage real-time threat intelligence and automated risk scoring to actively track vendor vulnerabilities, data exposures, and compliance drifts. Move beyond reactive compliance to build an agile, data-driven framework that actively neutralizes supply chain threats before they disrupt your business operations.
.
● Replace annual point-in-time assessments with automated, real-time telemetry across your entire vendor ecosystem
● Integrate external risk data to identify and prioritize zero-day vulnerabilities within third-party environments
● Establish automated triggers and playbooks to accelerate vendor response times when critical security gaps are exposed
.
.

T1:How Do We Balance the Speed of AI-Driven Security Automation with the Need for Human Oversight to Prevent False-Positive Actions?
– TrendAI
.
T2: How do We Scale Passwordless Authentication Across Legacy Systems that Lack Modern Identity Support?
.
T3: How are You Shifting from Static Annual Questionnaires to Continuous Risk Monitoring for Your Critical Third-Party Vendors?
.
.

Today’s CISOs find themselves in an impossible position: expected to stop every sophisticated cyber threat while simultaneously driving rapid business growth. Modern security leaders must act as a business enabler. In this dynamic panel discussion, top security leaders will share how they navigate this delicate high-wire act. Discover how modern CISOs translate technical vulnerabilities into business risk for the board, overcome executive burnout, and implement strategic security frameworks that actually accelerate digital transformation and corporate innovation.
.
● How do you successfully balance aggressive product and business velocity with strict corporate risk tolerance?
● What are the most effective strategies for communicating complex cyber risk to board members and non-technical stakeholders?
● In an era of expanding executive liability and historic burnout, how do modern CISOs protect both their organizations and their teams?
.
– Mahesh Todkar, CISO, Wilsonart
– Mike Coogan, CISO, Brinks Home
.

Translating complex regulatory mandates into everyday cybersecurity operations is a critical challenge for the modern enterprise. Compliance is not a standalone checkbox; it must be structurally embedded into their defensive architecture. This panel brings together senior cybersecurity leaders to discuss practical strategies for harmonizing frameworks like ISO 27001 and NIST 2.0 with stringent regional mandates, including the Texas Data Privacy and Security Act (TDPSA). Join to learn how to build an agile governance roadmap.
.
● In a landscape of overlapping global regulations, what strategies can teams use to harmonize multiple frameworks without creating “compliance fatigue”?
● How can organizations translate technical framework metrics into a “business value” language that resonates with the Board of Directors?
● What challenges has the TDPSA posed, and what methods for compliance have you found works best?
.
– Moderator: Eric Mims, Executive Director, IT Security, University of Houston System
– Ernesto Ballesteros, Cybersecurity State Coordinator of Texas, Cybersecurity and Infrastructure Security Agency (CISA)
– John Green, Security Management Incident Response Manager – Cyber Security Officer, Texas Workforce Commission
– James Brake, Director, Cyber Security, LCRA
.

The launch of the NIST CSF 2.0 expands the gold standard of security beyond critical infrastructure to all organizations, introducing the pivotal “Govern” function. Transitioning to this modernized framework requires moving past rigid check-the-box exercises toward a dynamic, risk-based strategy. This session provides a practical roadmap to decode the updated guidelines, optimize asset management, and align cybersecurity maturity with overarching business goals. Discover how to operationalize NIST 2.0 across your entire ecosystem, fostering a culture of continuous assessment that satisfies auditors while aggressively reducing your enterprise attack surface.
.

• • Learn how to integrate the new corporate governance and supply chain risk requirements seamlessly into your security leadership strategy
  • Map your existing controls to the updated NIST 2.0 subcategories without disrupting ongoing security operations
  • Establish clear, quantifiable metrics to demonstrate framework maturity and compliance to the board and external stakeholders

.
.

With hybrid workforces and cloud adoption running apace, security begins and ends with identity. In this case study presentation, we explore a real-world enterprise journey of successfully deploying a comprehensive IAM framework. We will walk through the entire lifecycle of the implementation, from navigating multi-directory complexity and overcoming user resistance to achieving a true Zero Trust posture. Hear a practical blueprint for consolidating access controls, automating user provisioning, and enforcing strict security without bottlenecking business productivity.
.
● Learn how to architect a modern IAM framework using Principle of Least Privilege and adaptive MFA
● Discover proven methods to secure executive buy-in and minimize employee friction during a high-impact security rollout
● See the tangible metrics behind the implementation, including reduced helpdesk ticket volumes for password resets and accelerated onboarding timelines
.
– Carlos Renteria, CISO, Southside Bank
.

While speed to market is important, rapid software deployment shouldn’t come at the expense of robust security. This session provides security leaders with a strategic roadmap to balance aggressive innovation with ironclad enterprise application security. We will explore how to integrate automated security guardrails directly into development workflows, allowing your team to ship code faster while minimizing risk. Discover how to foster a collaborative culture between security and engineering teams, transforming security from an obstacle into a competitive advantage.
.

• • Scale security at the speed of DevOps by embedding automated scanning into the CI/CD pipeline
  • Reduce software supply chain risks by effectively managing third-party open-source vulnerabilities
  • Foster a “secure-by-design” culture that aligns engineering velocity with corporate risk tolerance

.
.

In today’s cyber landscape, dark data has emerged as an intricate challenge, accentuated by the untapped potential of threat intelligence. While copious amounts of threat intelligence are at organizations’ disposal, many find themselves ill-equipped with the security tools needed to harness this vital information, relegating essential insights to the realm of dark data. In this session, we delve into vital technological advancements that empower organizations to embark on threat hunting within the vast expanses of dark data.
.

• • Learn how to architect a modern IAM framework using Principle of Least Privilege and adaptive MFA
  • Understand the intricacies of dark data in the cybersecurity landscape
  • Dive into the latest advancements, such as AI and EDR systems, for effective threat hunting
  • Learn about practical applications, challenges, and strategies for navigating the complexities of dark data and threat intelligence

.
– Todd Pauley, Director of Security & Compliance, Hornblower Group
.

Explore trends in AI usage over the past few years and understand which groups are adopting AI fastest, what types of data they are inputting, and what tools they are using, both sanctioned and unsanctioned. Then pivot to how to identify and protect against sensitive data being misused with AI tooling.
.
.

Traditional application security often forces developers to choose between velocity and safety, resulting in friction, bypassed workflows, and vulnerable software. This session explores how to shift security from a reactive gatekeeper to an automated enabler. Discover how to embed seamless, context-aware guardrails directly into existing integrated development environments and CI/CD pipelines. We will discuss how we provide developers with real-time, actionable feedback and automated remediation guidance. Learn to foster a culture of shared responsibility, empowering engineering teams to write secure code by default without sacrificing development speed.
.

• • Integrate automated security testing tools natively into existing developer environments to eliminate workflow disruption
  • Deliver clear, actionable code-fix suggestions directly to developers instead of overwhelming them with raw vulnerability lists
  • Implement golden pathways and pre-approved security templates that make the secure way the easiest way to build

.
.

Your security is only as strong as your least-secure vendor. With supply chain attacks surging, organizations can no longer afford to treat third-party risk management as a static, check-the-box compliance exercise. In this session, our expert speaker delivers a pragmatic, risk-based framework for identifying, prioritizing, and mitigating vulnerabilities across your entire software and vendor supply chain. We will explore how to move away from exhausting, one-size-fits-all security questionnaires and shift toward continuous, automated threat monitoring.
.

• • Discover how to categorize vendors by data access and business impact, allowing your team to focus critical security resources where they matter most
  • Learn how to implement continuous security posture tracking to catch vendor drift and emerging supply chain vulnerabilities in real time
  • Practical methods for embedding enforceable security baselines into vendor agreements and establishing clear incident response protocols for third-party failures

.
– Jeremiah Clifton, CISO, City of Austin
.

In the current threat landscape, the “Detection-to-Response” gap is where organizations lose the most ground. Waiting for an alert to fire gives the initiative to the adversary. True cyber resilience means moving away from reactive firefighting and toward a model of Proactive Cyber Operations. In this session, our expert outlines the roadmap for evolving your security posture to neutralize threats before they become more serious.

• Learn why is “fast response” no longer enough to stop modern, automated attack chains
• Discover the specific technical indicators that allow us to identify an attack in the “pre-incident” phase
• Integrate threat hunting and vulnerability prioritization into a seamless, daily operational loop

.
– Ravindra Varma Lakamraju, Sr.Director Cyber Security Operations, LCRA
.

Traditional security awareness training is failing. As generative AI democratizes, attackers are bypassing text-based phishing in favor of hyper-realistic deepfake video calls and synthetic voice-cloning scams that effortlessly dupe well-meaning employees. This session equips security leaders with a modernized blueprint for human-centric defense. We will examine real-world case studies where synthetic media bypassed multi-million dollar defenses, and we will break down the precise physiological and contextual cues employees must look for to identify AI deception.
.
● Train your workforce to identify visual and auditory anomalies unique to real-time deepfakes, such as unnatural blinking, boundary blurring, and robotic speech cadences
● Learn how to implement ironclad corporate verification policies—like shared physical phrases and mandatory secondary channels—to authenticate high-risk requests
● Discover how to transition from standard phishing simulators to immersive, safe social-engineering drills that safely expose teams to the reality of AI deception
.
– Stephen Coty, Director Information Security, Waste Connections
.

The most sophisticated security stack is ineffective without the human intelligence to drive it. In this session, we discuss the acute cyber security skills gap by shifting the focus from external recruitment to internal talent evolution. We will explore how security leaders can build resilient, high-performing teams by implementing structured upskilling and cross-skilling programmes.
.
● Build a roadmap for transitioning IT generalists into specialised security roles, reducing reliance on a volatile hiring market
● Identify transferable skills within IT and DevOps teams to create robust internal security pipelines
● See how investing in continuous professional development reduces long-term recruitment costs and “brain drain”
● Build a “security-first” mindset across the organisation through collaborative and inclusive cross-training initiatives
.
– David Morgan, Deputy CISO, Texas Department of Public Safety
.

Join this interactive group discussion session with the whole audience with our expert moderator as we consider these questions.
.
● When your team deploys a new AI-driven security tool, what is the immediate, noticeable result?
● Do you believe AI will allow you to scale back your hiring requirements for entry-level analysts within the next two years?
● How confident are you that your current SOC team can distinguish between a high-priority, AI-generated alert and a false positive without experiencing burnout?
● What is the single biggest task you’ve handed over to AI that actually succeeded in reducing your team’s daily workload?
.
.