Archives: Seminar

[1 CPE] Speaking the Language of Risk

  Presented by Tom Ruoff, Principal Consultant • ImageSource

Organizations face rapidly evolving cyber threats, yet many still view technology as a cost center rather than a strategic partner. This presentation reframes the conversation by translating technical risks into business and financial terms leaders understand. Attendees will learn how to identify Business Essential Functions (BEFs), quantify operational and financial impacts, and apply practical risk‑estimation methods. By establishing a common language of risk, leaders can align priorities, invest where it matters most, and meaningfully reduce enterprise exposure. The session equips both executives and IT teams with tools to build consensus and drive smarter, outcome‑based cybersecurity decisions.

Tom Ruoff serves as Principal Consultant for ImageSource, Inc. providing cybersecurity consulting services (risk assessments, threat hunting, pen testing, breach remediation, security architectures, policies, business impact assessment) to commercial clients including Native American Tribes and Tribal Casinos, he is also a founder and current CEO of Zorse Cyber. Tom retired from the Dept of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA) in June 2023, as Chief, Methodology Branch, supervising vulnerability assessments for elections, power generation/distribution, and pipelines, and Federal Government IT systems. Before DHS, Tom was the Director of Systems Division at Northrop Grumman, developing cross domain solutions (CDS) for National Security Agency (NSA) and Central Intelligence Agency (CIA). Air Force veteran with tours at NSA, CIA element of the National Geospatial-Intelligence Agency, and Defense Intelligence Agency He is a Level III Federally Certified Program Manager, PMP, CISSP, CMMI Associate, MS/BS degrees in physics and electrical engineering.

[1 CPE] Why Layered Identity Defense Is the Best Offense

  Presented by Sean Deuby, Principal Technologist, Americas • Semperis

Cyberattackers are adept at finding ways through your defenses and into identity systems like Active Directory, Entra ID, and Okta, and endpoint defenses won’t stop them. From there, they can move laterally, escalate privileges, access sensitive data and resources, and inject malware or ransomware. Implementing a layered defense that includes identity threat detection and response (ITDR) and robust identity recovery is key to true cyber resilience.

Join Sean Deuby, Principal Technologist, Semperis, to learn:

  • How layered defense has changed over time
  • Why ITDR and identity recovery are essential to a robust layered defense strategy
  • How a layered defense can help you combat attacks that are designed to bypass traditional attack-detection methods
  • Which best practices lead to identity—and cyber—resilience

[1 CPE] Three Wins to Chase, Three Disasters to Dodge

  Presented by Amy McLaughlin • Chief Information Officer, University of Wyoming

Amy McLaughlin cuts through the noise surrounding artificial intelligence and focuses on what leaders should actually be doing today. Drawing on real-world experience, she will walk through three high-impact ways AI is already delivering value and three common missteps that are creating unnecessary risk, wasted effort, and loss of trust. Rather than chasing tools or trends, Amy will talk about how to make better decisions: where to lean in, where to slow down, and how to approach AI as a leadership and governance challenge, not just a technology one.

Amy McLaughlin is the Vice President of Information Technology and Chief Information Officer at the University of Wyoming, the state’s flagship and only public university, where she leads the technology organization responsible for enabling teaching, learning, research, and statewide outreach.

A nationally recognized technology and cybersecurity leader with more than two decades of experience, Amy is known for driving practical innovation, modernizing complex environments, and building high-performing teams across higher education and government. Her career spans leadership roles in enterprise IT, cybersecurity, and network services, including senior positions at Oregon State University and the State of Oregon, where she led large-scale transformation efforts, strengthened infrastructure resilience, and advanced security programs. Amy brings a strategic, people-centered approach to technology leadership, grounded in deep operational experience and a strong commitment to mission-driven outcomes.

We’re finalizing an exciting lineup of sessions and speakers. Full session descriptions and agenda details will be available as we get closer to the event. In the meantime, we’re thrilled to announce our keynote speaker: Amy McLaughlin. Registration is officially open — reserve your place today and stay tuned for updates.

[1 CPE] Securing Critical Environments

  Presented by Dan Frechette, Sales Engineer • Keystrike

Security in Industrial Control Systems and other critical environments comes with unique challenges and desired outcomes when compared to traditional cybersecurity.

[1 CPE] Observations from the Front Lines: The People Behind the Threats and Trends

  Presented by Peter Ingebrigtsen, Sr Technical Marketing Manager • Arctic Wolf

Cybersecurity threats don’t emerge in isolation—they are observed, analyzed, and stopped by real people working on the front lines every day. This session pulls back the curtain on modern security operations, focusing on the human-driven research that powers effective threat detection, incident response, and adaptive security strategies.

Drawing on Arctic Wolf Labs research, SOC analyst expertise, and real-world incident data, this talk examines how today’s attacks are identified, contextualized, and disrupted in live environments. Attendees will gain insight into the patterns behind the most persistent threats, how adversaries continually adapt, and why defenders must evolve just as quickly. Rather than focusing solely on tools or alerts, this session highlights the people, processes, and intelligence that transform raw telemetry into actionable defense – illustrating how to turn frontline observations into scalable protection for organizations of all sizes.

[1 CPE] Protect Against Organized Attackers with Verified Trust for the Extended Workforce

  Presented by Fernando Barcelo, Sr Sales Engineer • Ping Identity

Organized attacker groups aren’t just hammering your perimeter anymore—they’re impersonating your employees, contractors, and partners across hiring, access, and the helpdesk. AI-powered deepfakes, credential-stuffing, MFA fatigue, and social engineering are turning the extended workforce into the easiest path into critical systems. In this session, we will show how to move from implicit trust to Verified Trust: a continuous, identity-centric security model that binds every digital interaction back to a real, verified human—without slowing them down. You’ll see practical patterns for adding high-assurance verification and adaptive controls on top of your existing IdPs and infrastructure to stop organized attackers before they can establish a foothold.

Key Takeaways:

  • Understand how AI-driven impersonation and organized attacker groups exploit gaps across hiring, workforce access, and helpdesk workflows.
  • Learn how Continuous Verification, Verified Onboarding, Verified Access, and Verified Helpdesk reduce risk across your extended workforce without adding friction.
  • See how to layer verification, credentials, and orchestration capabilities on top of your existing identity and security stack to strengthen Zero Trust initiatives.

[1 CPE] Applied AI for Business: Turning Hype into Measurable Impact

  Presented by Greg Hatch, Sr Vice President, Strategic Growth • Gage Technologies

Despite widespread AI adoption in 2025–2026, only a small percentage of organizations are realizing significant business impact. This session cuts through the hype to clarify what AI truly is, explore the rise of generative and agentic AI, and highlight where real value is emerging—particularly in customer experience (CX) and security. Drawing on recent industry research and practical experience, we examine why many initiatives stall and what differentiates successful ones.

Participants will leave with a practical roadmap for AI success: aligning initiatives to clear business outcomes, assessing readiness, managing risks, and embedding security and governance from the start. The message is simple—AI transformation is less about the technology itself and more about strategy, data, leadership, and disciplined execution.

[1 CPE] From Endless Alerts to Continuous Action: Why CISOs Are Shifting to CTEM

  Presented by George Tang, Solution Engineer • Zafran Security

First introduced by Gartner in 2022, Continuous Threat Exposure Management (CTEM) has quickly moved beyond buzzword status to become a cornerstone of modern cybersecurity programs. Beyond traditional vulnerability management programs, CTEM focuses on continuously identifying, validating, and prioritizing exposures so security teams can act with precision.

But the stakes are rising. Adversaries are weaponizing AI to discover and exploit vulnerabilities faster than ever, leaving organizations little margin for error. For CISOs, the challenge isn’t just finding exposures—it’s keeping pace with an accelerating threat landscape while making smarter use of existing resources.

[1 CPE] The Enterprise Buyer’s Guide to AI Security Platforms

  Presented by Cato Networks

AI adoption is accelerating faster than security and governance, exposing organizations as sensitive data flows through copilots, LLM-powered apps, and agentic systems that legacy tools can’t properly protect. With a surge of AI security vendors entering the market, buying the right platform can be confusing. This presentation helps security leaders evaluate AI security solutions by clarifying the new risks AI creates, explaining the core pillars of AI security, and outlining how to compare platforms, ask the right questions, and avoid common buying mistakes.