Event Agenda

Innovation often requires rapid development and experimentation. Yet, this combination often introduces new vulnerabilities and expands the attack surface, making robust cybersecurity more critical than ever. In this expert panel discussion, we explore the delicate yet crucial equilibrium between pushing technological boundaries and maintaining a strong security posture.
.
● How can organizations ensure cybersecurity is integrated into fast-paced environments without stifling creativity or speed?
● What role should leadership play in aligning cybersecurity with innovation goals?
● How might collaboration between security and development teams ensure business needs are met?
.
– Moderator: Nathan Haselhorst, Information Security Officer, Office of State Administration, Texas Military Department
– Jack Leidecker, CISO, Gong
– Sean Mack, Managing Director, Information Security Media Group (ISMG)
– William Clark, Director of Cybersecurity, BasePoint Capital LLC
.

AI has become the new nervous system of modern IT, moving from a brute force ‘look up table’ to a sophisticated learning approach. The science of modern AI is built on Neural Networks with Hidden Layers, inputs, outputs, and parameters. This shift enables the move from reactive to predictive defense.
This session explores how AI is redefining IT management by detailing the “Good”—AI strengthening cybersecurity —and the “Ugly”—cybercriminals weaponizing AI with deepfakes and adaptive malware. To prepare, organizations must adopt a focus on Vision & Strategy, People & Skills, and Cybersecurity. ManageEngine’s AI-driven solutions empower IT teams to achieve their mission of improving efficiency, resilience, and compliance.
.
– Nitin Devanand, Director, Solutions Engineering & Channel Management, ManageEngine
.

Texas’s leading industries are accelerating digital transformation, adopting new technologies to drive growth. Today’s threat actors are not just opportunistic; they are strategic, well-resourced, and increasingly leveraging automation and generative AI to disrupt the systems that keep our organizations running. As the attack surface expands, AI-powered threats are becoming more dynamic and harder to detect. This session explores how adversaries exploit vulnerabilities in APIs, access controls, and service availability, and offers actionable strategies for building resilience and defending against evolving risks. Learn how Texas’s security leaders can stay ahead of the next generation of AI-driven threats.
.
– Chip Witt, Principal Security Evangelist, Radware
.

Building a strong culture of cybersecurity within our organizations is no longer optional; it’s essential for survival. But what does this culture look like? In this session, we hear from an expert security strategist who implemented a cultural change in their company. Join us to hear the results.
.
● What do we mean by ‘security culture’, and what does it look like?
● How can we cultivate an environment of communication and collaboration around security matters?
● How should we as security leaders use our voice to champion awareness and responsibility?
.
– Scot Miller, SVP, CISO, Mr. Cooper
.

We all rely on MFA to protect our accounts, but what if the weakest link is the outcome of that authentication? Modern web authentication still relies on an old, insecure technology: the browser cookie. A stolen authentication cookie is a stolen identity, and the rise of information-stealing malware proves hackers are more than aware of this. In 2024, one infostealer alone compromised the data of over 450 million people. In this session, we demonstrate the stark reality that MFA doesn’t protect against stolen session cookies. Our expert speaker will propose a new defense strategy for your organization: canary session cookies to detect and mitigate this attack method.
.
– Caleb Patten, Special Agent- Cyber Field Office, Naval Criminal Investigative Service (NCIS)
.

The global supply chain has become increasingly interconnected and reliant on digital technologies. This interconnectedness, while enabling efficiency and innovation, also exposes organizations to a wide range of cyber threats. This session will delve into the critical aspects of securing the digital supply chain, exploring strategies to mitigate risks and ensure business continuity.
.
● Identify emerging threats and vulnerabilities that target supply chains
● Enhance visibility into the supply chain to detect and respond to potential threats
● Explore the role of emerging technologies like blockchain and AI in securing the supply chain
.
– James Brake, Director, Cybersecurity, LCRA

Generative AI enables attackers to craft highly personalized email threats in hours, yet most organizations rely on centralized security that treats every company identically. This talk examines why standardized detection fails against context-aware attacks, how uniform defenses struggle when threats evolve faster than systems can adapt, and why the centralized security model may be structurally incompatible with AI-powered threats.
.
– Jennie Davidowitz, Cyber Security Expert, Sublime Security

Understanding the impact of AI on cybersecurity is paramount. In this session, we explore essential insights into preparing for the AI-driven landscape, with a critical focus on cyber resilience. Join to gain a comprehensive understanding of how to navigate the future with AI, ensuring your organization is not just prepared, but fortified against the cybersecurity challenges ahead.
.
● Hear how to utilize AI for both defense and offensive security against adversaries
● Identify new cybersecurity vulnerabilities develop strategic advantages with emerging AI integration across industries
● Develop strategies to strengthen cybersecurity frameworks, data governance, and incident response plans in an AI-infused environment
.
– Colonel Georgeo X Pulikkathara, Colonel, Cyber Operations, US Army Reserve

Cyber threats are constantly evolving, and while technology plays a vital role in our defense, the human factor remains the greatest asset – and source of risk – in our network. In this session, we look at how understanding human strengths and weaknesses can significantly mitigate cyber risk, and how the security leader can leverage this.
.
● Empower leaders and employees to make better informed decisions and become the first line of defense
● Moving from awareness to enablement – make your security measures truly user-friendly and promote positive security behavior
● How to build a culture-driven cybersecurity program by transparency, accountability, and empowerment
.
– Manju Mude, Industry CISO, Cyber-Risk Executive
.

T1: Security Debt: The Next Tech Debt Crisis No One’s Tracking
– Chad Johnston, Strategic Manager, Axonius
.
T2: Cloud Security: How are Risk, Cost, and Long-Term Value Shaping Your Supplier Choices
– Josh Poage, Security Manager, Dimensional Fund Advisors
.
T3: How can Organizations Balance the Need for Robust Security with User Convenience and Productivity?
– Hemanth Khambhammettu, Director, Cybersecurity GRC, Digital Turbine
.
T4: What are the Uses and Applications of Artificial Intelligence in Cybersecurity?
– Krystal Mosshart, Director of Security Governance, Risk & Compliance, Texas Department of Family and Protective Services
.
T5: How Should We Govern Data in the Age of AI
– Vijayent Kohli, Principal Software Engineer – Cyber Security & IAM, Ford Motor Company

Achieving alignment with all sides of the IT department is a task easier said than done. From the CIO to the CISO, conflicting priorities can lead to difficulty and inefficiency. In this expert panel discussion, we bring together voices from different sides of IT to explore the critical importance of fostering strong collaboration and alignment between IT Security and the broader IT team.
.
● What are the negative impacts of disjointed communication and conflicting priorities between security and other IT functions?
● What strategies for improving communication and knowledge sharing have proven effective?
● How do you foresee the security lens shifting with the rapidly advancing GenerativeAI?
.
– Moderator: Swati Popuri, Data Privacy Architect, Allegis Group
– Todd Pauley, Director of Security & Compliance, Hornblower Group
– Alexanne Collison, Director of Information Security, Surface Area Management, Cargill
– Rakesh Mahadevan, Solutions Engineer, ManageEngine
– John Sapp, Vice President, Information Security & CISO, Texas Mutual Insurance Company
.

Cybercriminals now deploy adaptive, AI-powered malware that moves faster and evades detection with increasing precision. This session examines how attackers use agentic systems to automate reconnaissance, exploit vulnerabilities, and bypass controls. We’ll walk through recent threat intelligence and case studies that highlight the shift toward ransomware 3.0 and the growing role of agentic AI in offensive operations.
On the defense side, we’ll explore how security teams can use anomaly detection, autonomous containment, and ensemble learning to respond at machine speed. The session offers practical guidance for operationalizing AI securely, including managing non-human identities, improving interpretability, and enforcing governance. Attendees will leave with a clear understanding of how to deploy agentic AI responsibly and effectively in modern SOC environments.
.
– Cameron Molfetto, Senior AI Consultant, Darktrace

There has recently been an increased focus on cyber resilience: our capacity to weather the effects of a cyber attack with as little impact as possible. This session equips you with the knowledge and tools to navigate these digital storms, focusing on both preparation and recovery strategies. We will explore how to identify weaknesses in your systems and networks, ensuring that, when the time comes, you will be ready to face up to almost any cyber storm.
.
● Learn essential security measures like firewalls, data encryption, and employee training
● Develop a comprehensive incident response plan
● Explore strategies for swift recovery and data restoration to minimize disruption and financial impact
● Analyse attacks and strengthen your defenses to prevent similar incidents in the future
.
– Aaron Lafferty,, Director Information Security, Amherst
.

While security threat modeling often centers around protecting systems from unauthorized access or attacks, privacy threat modeling emphasizes respecting individual’s preferences and regulatory requirements for handling data. It considers data flows, disclosures, consent and transparency often requiring inputs from privacy, security, legal, engineering, and product teams. Frameworks like LINDDUN make this cross-functional work accessible without deep technical prerequisites and guide teams to consider real world privacy harms not just technical vulnerabilities. The focus is on preventing harms to individuals arising from misuse, overexposure and non-transparent processing of their information. Hence privacy threat modeling helps organizations build trust, meet regulatory obligations, and integrate privacy by design principles throughout their development lifecycle.
.
– Swati Popuri, , Data Privacy Architect, Allegis Group

The accelerating adoption of artificial intelligence (AI) by threat actors represents a paradigm shift in the cyber threat landscape, rendering traditional perimeter-based security models fundamentally obsolete. AI-powered attacks leverage automated vulnerability discovery, hyper-realistic social engineering (e.g., deepfake phishing), and adaptive malware that can learn to evade static defenses. This presentation argues that Zero Trust Architecture (ZTA)—the principle of “never trust, always verify”—is no longer merely a best practice but a critical imperative for organizational resilience and preservation of trust.
.
– Imran Khan, VP Cybersecurity, BNP Paribas
.

Cybersecurity teams face an overwhelming number of vulnerabilities, but only a small fraction pose a real threat. The key challenge is no longer just seeing the risks, but prioritizing them effectively and proving their reduction in business terms. In this session, we show how AI is transforming cyber risk management.

• Explore how AI models analyze vulnerability data and threat intelligence to predict which exposures are most likely to be exploited
• Discover real-world tools like Qualys TruRisk and Copilot, demonstrating how AI can accelerate AppSec, SOC operations, and vulnerability prioritization
• Learn how to use AI to move from reactive patching to predictive defense and translate technical risks into business-ready metrics for executives.

.
– Gaurav Malik,Associate Information Security Manager, Goldman Sachs

Join this interactive group discussion session with the whole audience with our expert moderator as we consider these questions.
.
● With the establishment of the Texas Cyber Command, what is the single most critical challenge in centralizing threat intelligence and coordinating response across decentralized state, county, and city governments?
● How can the state enforce minimum cybersecurity standards across both public and private critical infrastructure partners without stifling innovation or overburdening small providers?
● How should state defense systems evolve to counter the increasing use of AI and automated exploits by adversaries? What new security skillsets or tools are required to detect AI-driven attacks?
.
– Moderator:
– Imran Khan, VP Cybersecurity, BNP Paribas
– Jesse Lands, Director of Incident Response, United Airlines
.

Artificial intelligence and machine learning are revolutionising the field of cybersecurity. This session will explore how these technologies can be leveraged to enhance security defenses, detect threats more effectively, and respond to incidents faster.
.
● Learn how AI and ML can identify sophisticated attacks that traditional security tools miss
● Utilize AI to automate routine tasks and accelerate incident response times
● Leverage AI to anticipate future threats and proactively protect systems
.
– Zechariah Akinpelu, CISO, Unity Bank Plc
.

The core challenge of modern software delivery is the perceived trade-off between speed and security. Too often, organizations struggle with security teams acting as bottlenecks late in the cycle, forcing slow, costly rework and frustrating development teams. In this session, Sean D. Mack, Managing Director of ISMG’s CXO Advisor and author of The DevSecOps Playbook, explores how integrating security seamlessly into the development lifecycle empowers teams to move faster, safer, and smarter. Drawing from real-world experience as a former CIO & CISO, Sean breaks down the cultural, organizational, and technical shifts required to truly deliver securely at speed.
.
● Learn how you can integrate the principles of DevSecOps to deliver secure products to market without sacrificing speed
● Gain insight into evolving threat landscapes and why traditional perimeters no longer work
● Hear techniques for fostering a shared security ownership model that bridges the gap between Development, Security, and Operations teams
● Adopt best practices for handling, prioritizing, and remediating security findings at scale while maintaining high delivery frequency
● Find out how to successfully drive transformation in your organization
.
– Sean Mack, Managing Director, Information Security Media Group (ISMG).