Presented by Ken Smallwood, Systems Engineer, Data Services and Storage • HPE
This presentation explores how organizations are navigating rising cyber threats, evolving workloads, and stricter regulations while managing legacy environments. We will discuss the growing risk of ransomware, fragmented data across cloud and edge, and the need for unified, resilient data protection strategies.
Presented by Mac Avancena, Field CISO • Check Point Software
AI adoption is accelerating, but most organizations are not ready.
While investment surges, the majority of AI initiatives fail to scale, deliver value, or operate securely. The challenge isn’t the technology; it’s the inability to align AI with governance, financial realities, and measurable business outcomes.
In this session, Mac Avancena cuts through the hype to expose the real gap between AI ambition and execution. Learn why most AI programs stall, which organizations are actually succeeding, and how leaders can fund, secure, and scale AI in constrained environments.
This session delivers a clear framework to:
AI won’t wait. The question is whether your organization can keep up, securely and profitably.
Presented by Troy Villar, Director, Information Technology, Child & Family Service • The Advisory Council
This presentation offers a non-technical, firsthand account of a nonprofit’s journey to a Zero Trust security model on a limited budget. It covers core Zero Trust principles and how they were applied in practice, while addressing key challenges such as HIPAA compliance, budget constraints, and COVID-19 disruptions. The 2020–2026 roadmap highlights major milestones, including achieving a fully cloud-based environment, network redesign and segmentation, and the implementation of NAC and Unified Access Control. It also shares lessons learned, emphasizing stakeholder engagement, effective communication, and maintaining team well-being throughout the transformation.
Troy Villar has served as Director of IT at Child & Family Service since 2020, supporting Hawaii’s oldest nonprofit dedicated to strengthening families. A CISSP with over 30 years of experience, he has led software development, hardware design, and enterprise network implementations, including the design and development of a full-scale POS system for a major Hawaii retail chain. He is Vice President of ISC2 Hawaii and leads the Cybergenerations program, advancing cybersecurity education and awareness. Troy holds a degree in Information Systems from Hawaii Pacific University, where he previously served as Associate Director of Data Services, and is currently completing his Master’s in Cybersecurity and Information Assurance at WGU. Outside of work, he enjoys mountain biking, hiking, and spending time with his family and their dogs.
Presented by Steven Gautier, Principal Solutions Architect • Thales
Welcome to our session on modern data threats and protection strategies. As cyber risks evolve, securing sensitive information is more critical than ever. We’ll explore how encryption and key management can help protect your most valuable assets, especially in cloud environments.
We’ll highlight the benefits of external key management, offering greater control and compliance. Additionally, we’ll touch on the growing impact of quantum computing—and why it’s vital to start preparing now.
Join us to discover the latest advancements in data security and learn how to stay ahead of emerging threats.
Presented by Sean Deuby, Principal Technologist, Americas • Semperis
Cyberattackers are adept at finding ways through your defenses and into identity systems like Active Directory, Entra ID, and Okta, and endpoint defenses won’t stop them. From there, they can move laterally, escalate privileges, access sensitive data and resources, and inject malware or ransomware. Implementing a layered defense that includes identity threat detection and response (ITDR) and robust identity recovery is key to true cyber resilience.
Join Sean Deuby, Principal Technologist, Semperis, to learn:
Presented by Nick McGillivray, Sr Sales Engineer • Axonius
Tired of compliance that doesn’t translate into actual risk reduction? This session brings CIS Controls 1 & 2 to life with practical, actionable steps that strengthen your security foundation.
Learn how to improve asset visibility, enforce configuration discipline, and drive measurable security outcomes beyond simply checking compliance boxes. Today’s environments change faster than traditional tools can track —new servers, SaaS apps, AI software, IoT/OT, and NHIs constantly appear, creating blind spots where risk hides.
We’ll cover how to aggregate and correlate data from all your security and IT tools to deliver a single source of truth for your entire attack surface. The result: complete asset intelligence, clear ownership, and the ability to proactively remediate & spot exposures before they become incidents.
Presented by Brook Conner • CIS Instructor & PhD Candidate, University of Hawaii at Manoa
Every organization is trying to improve itself with new technology. Today, that technology is artificial intelligence. But it isn’t working nearly as well as it is supposed to. The problem isn’t the technology, or the hype around it. The problem is that large organizations undergoing change are complicated. There is no magic wand, no silver bullet, no hammer for the nail, that will work for everyone, not even AI. You need to describe what’s going on, past, present, and future. This description needs to include the technology, but also the people, the processes, the information, the world around you, everything. By incorporating diverse fields, including enterprise architecture, organizational behavior, programming language theory, semiotics, psychology, and more, even the most baroque organizations can be described, and their roadblocks and opportunities be revealed. See how, with examples both from past successes and from current trends.
Currently earning his PhD from the University of Hawaii, Conner is an experienced cross-industry CIO. He serves as a faculty instructor at the University of Hawaii at Manoa. His dissertation is tentatively titled “A system architecture approach to digital transformations.” It builds on both work experience and prior research and publications. Prior research included some of the earliest and formative papers on interactive 3D graphics, the relationship of programming language mechanisms to interactive systems, 3D user interface design, and a redesign of the undergraduate computer science curriculum.
Previous work includes five years at the Chief Information Officer (CIO) for the Hawaiʻi State Department of Education, where his team replaced the Department’s core accounting system, modernized collaboration for all staff and students, and managed the educational technology needed to support distance learning during the COVID pandemic. Prior to that, Conner was the Chief Information Security Officer (CISO) for Estee Lauder Companies, a Fortune 500 global retailer and manufacturer. He built the vulnerability management program for Morgan Stanley in response to a nation-state cyberattack, and re-architected core parts of the Bloomberg Terminal Service. Conner has an AB in art, an ScB in Math/Computer Science, and an MSc in Computer Science, all from Brown University. He is conversational in French and Hawaiian and enjoy stand-up paddling, role-playing games, video games, and wargaming.
Presented by FBI
Hijacked networks, cryptocurrency heists, and corporate espionage are but a few examples of the spiraling cyber threat. Every year, our adversaries become savvier and increasingly callous – attacking power grids, shutting down hospitals, and stoking geopolitical tensions. State-sponsored cyber actors wield every element of their national power to target the United States and its critical infrastructure. Skilled cybercriminals exploit new and longstanding vulnerabilities to steal our money and hold our data for ransom.
Combating these threats is the primary mission of the FBI’s cyber program. As the lead federal agency for investigating cyberattacks and intrusions, we engage with victims and work to unmask those committing malicious cyber activities, wherever they are.
Join us for a session from an FBI Special Agent to learn how you can improve your security approach.
Presented by Tom Ruoff, Principal Consultant • ImageSource
Organizations face rapidly evolving cyber threats, yet many still view technology as a cost center rather than a strategic partner. This presentation reframes the conversation by translating technical risks into business and financial terms leaders understand. Attendees will learn how to identify Business Essential Functions (BEFs), quantify operational and financial impacts, and apply practical risk‑estimation methods. By establishing a common language of risk, leaders can align priorities, invest where it matters most, and meaningfully reduce enterprise exposure. The session equips both executives and IT teams with tools to build consensus and drive smarter, outcome‑based cybersecurity decisions.
Tom Ruoff serves as Principal Consultant for ImageSource, Inc. providing cybersecurity consulting services (risk assessments, threat hunting, pen testing, breach remediation, security architectures, policies, business impact assessment) to commercial clients including Native American Tribes and Tribal Casinos, he is also a founder and current CEO of Zorse Cyber. Tom retired from the Dept of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA) in June 2023, as Chief, Methodology Branch, supervising vulnerability assessments for elections, power generation/distribution, and pipelines, and Federal Government IT systems. Before DHS, Tom was the Director of Systems Division at Northrop Grumman, developing cross domain solutions (CDS) for National Security Agency (NSA) and Central Intelligence Agency (CIA). Air Force veteran with tours at NSA, CIA element of the National Geospatial-Intelligence Agency, and Defense Intelligence Agency He is a Level III Federally Certified Program Manager, PMP, CISSP, CMMI Associate, MS/BS degrees in physics and electrical engineering.
Join us during the lunch hour for Advisory Council Roundtables, an interactive opportunity to connect with council members and peers on a variety of timely industry topics. Move freely between tables, share your perspective, and gather practical insights you can take back to your organization. These conversations are informal, high-value, and designed to spark ideas and connection.
Topics & Discussion Leaders: