This event is now complete

As ransomware attacks escalate, state-sponsored threats grow bolder, and critical infrastructure systems age, Texas faces a complex and evolving cybersecurity landscape. This panel brings together public sector leaders to discuss how agencies are tackling deep-rooted vulnerabilities—such as legacy infrastructure, fragmented coordination, and insufficient breach readiness—while striving for a more unified and resilient cybersecurity future.

• Modernizing Legacy Systems Without Disruption: How can state agencies balance modernization with service continuity?
• Strengthening Interagency Collaboration: What mechanisms are in place—or needed—to ensure real-time threat intelligence sharing, coordinated response, and standardized cybersecurity protocols across local and state government?
• Securing Healthcare and Citizen Data at Scale: In light of large-scale breaches affecting millions, how are agencies addressing gaps in data security and privacy protections across health and human services?
• Preparing for Nation-State Threats and APTs: How are Texas agencies adapting their cybersecurity postures in response to complex, politically motivated cyber threats, such as those seen with Volt Typhoon and CARR?

Effective cybersecurity requires more than finding risks - it demands prioritized action that reduces exposure. Faced with limited resources and rising cyber mandates, state and local governments can’t afford multiple point tools, technical debt, or audit fatigue. In this session, we will explore how agencies can shift from reactive security to a risk-centric approach - turning overwhelming volumes of alerts into prioritized, actionable insights. Learn how Qualys - now FedRAMP High Authorized, the only full-spectrum risk management platform validated at this level - empowers governments to embedding mission context, unify visibility by consolidating siloed tools, prioritize with TruRisk™ and automate compliance. Discover how a holistic, risk-centric approach empowers state and local government teams to optimize resources, protect critical services, and measurably reduces cyber risk at scale.

AI in cybersecurity enhances threat detection and response with machine learning, offers significant operational benefits, faces technical and implementation challenges, and continues to evolve through emerging trends and future developments.

• -AI/ML Threat Detection and Response Capabilities: What capabilities do machine learning algorithms provide for modern cybersecurity or incident response?
• Implementation Benefits and Operational Advantages: What are the key benefits and advantages of using AI in cybersecurity and threat detection?
• Technical and Operational Challenges: What are the main challenges, limitations, or hurdles organizations face when implementing and maintaining AI-powered cybersecurity systems?
• Emerging Trends and Future Developments: What are the key emerging trends and future developments shaping the cybersecurity landscape?

As organizations modernize their security posture, two root causes demand focus: passwords/credentials and discoverable networks. This session outlines a practical path to remove these barriers, make services non-scannable, and “chunk up” change through low-risk pilots that measurably cut incidents, speed access, and simplify compliance.

• Eliminate Shared Secrets: Replace passwords with device-bound, passwordless authentication to reduce phishing, credential attacks, and help-desk resets.
• Go Non-Discoverable: Prevent scanning and lateral movement by configuring internal services invisible-by-default and reachable only from trusted devices.
• Deliver: SaaS protection and internal and external device protection.
• Operational Upside: Improve user experience, shrink audit scope, and align identity, network, and endpoint teams around a simpler control plane.

A cross-state perspective on defending the digital frontlines. Drawing from Arizona’s real-world experiences in securing economic and human services systems, he underscores the value of collaboration, threat intelligence sharing, and ecosystem thinking. This session challenges Texas leaders to look beyond jurisdictional lines and embrace a national mindset—because in cybersecurity, progress anywhere strengthens security everywhere.

• Cybersecurity Without Borders: Highlight the interdependence of state systems across the country, and why collaboration between states like Arizona and Texas can elevate collective defense against evolving threats.
• Economic and Human Services Under Siege: Share Arizona’s lessons in securing vital public services—including unemployment systems, benefits portals, and citizen-facing platforms—with relevance to Texas’ own digital infrastructure.
• Bridging the Talent Gap: Discuss cross-state strategies for strengthening the cybersecurity workforce, from joint training programs to public-private upskilling initiatives, and how these models can inspire Texas partnerships.
• Call to Action for a United Front: Encourage Texas agencies and partners to double down on information-sharing, cross-agency coordination, and proactive investment—framing cybersecurity as a mission shared not just across sectors, but across state lines.

Roundtable 1: Generative AI: The Double-Edged Sword in Cyber Defense Facilitated by: Tim Chase, Principal Technical Evangalist, Orca Security

Roundtable 2: Building Resilient Cyber Defenses for State & Local Governments: Harnessing AI-Driven Risk Prioritization and Automated Response Facilitated by: Nate Cain, Major Accounts Solutions Architect, Qualys

Roundtable 3: Invisible Defense – The Future of Access and Network Defense Facilitated by: Tom Hines, COO, Circle Security

Roundtable 4: Bridging the Trust Gap: Building Confidence in Working with the Ethical Hacking Community Facilitated by: Terry Marks, Sr. Sales Manager Public Sector, HackerOne

Despite bold investments in infrastructure and policy, Texas’ cybersecurity resilience hinges on a less visible but deeply critical issue—the shortage of skilled professionals to protect and defend the state’s digital frontlines. This keynote dives into how Texas is building its cyber workforce pipeline, modernizing training, and aligning education with operational needs across the public sector.

• The Scope of the Problem: Outline the workforce shortage across Texas agencies, its impact on response capabilities, and projections for future demand in both urban and rural jurisdictions.
• Growing Talent at Home: Highlight partnerships between state government, universities, and technical schools to build localized cyber workforce pipelines (e.g., through apprenticeships, certifications, and Texas’ cyber-focused higher ed programs).
• Modernizing Training and Recruitment: Showcase new efforts in upskilling government employees, creating reskilling pathways for veterans and career changers, and making cybersecurity careers more accessible and attractive.
• Institutionalizing Workforce Resilience: Discuss how the State Cybersecurity Strategic Plan (2024–2028) embeds workforce development into broader cyber readiness goals, ensuring Texas is not just filling seats—but cultivating leaders.

Brian Gardner

Chief Information Security Officer, City of Austin

Nathan Haselhorst

Information Security Officer, Office of State Administration, Texas Military Department

Michael McKinley

Sr. Solution Engineer, HackerOne

Tim Chase Moderator

Principal Technical Evangalist, Orca Security

Texas agencies are meeting their compliance obligations - but compliance alone doesn't equal resilience. This session unpacks how state and local entities can evolve from tick-box cybersecurity to measurable, outcome-driven resilience that protects citizen services and public trust. What you'll learn:

• The Resilience Scale: How to progress from compliance and maturity tracking to true operational resilience.
• Why Tick-Box Thinking Fails: Why meeting the standard isn't the same as being secure.
• Metrics That Matter: How outcome-driven metrics reveal control effectiveness and impact.
• Driving Resilience with Data: Using incident insights and effectiveness metrics to target and uplift the key areas that build resilience.