Agenda
May 28, 2025
Times are subject to change.
Registration, Breakfast & Networking
Pick up your event badge and network with your peers!
Pick up your event badge and network with your peers!
Opening Remarks
Welcome to The Qualys Public Sector Cyber Risk Conference
Welcome to The Qualys Public Sector Cyber Risk Conference

George Jackson
Executive Producer and HostGovExec TV
Morgan Stanley Keynote

Rachel Wilson
Head of Wealth Management Data Security & Infrastructure RiskMorgan Stanley
Journey from ASM to RSM: Unveiling a New Approach to Risk-Based Cybersecurity

Sumedh Thakar
Chief Executive OfficerQualys
AI Integration: Transforming Federal Cybersecurity
Artificial intelligence is reshaping the cybersecurity landscape, enabling faster threat detection, automated response, and enhanced risk management. In this fireside chat, a federal cybersecurity leader will discuss how agencies are leveraging AI to strengthen their security postures, improve situational awareness, and mitigate emerging threats. The conversation will explore best practices for AI adoption, key implementation challenges, and strategies for ensuring responsible and secure AI integration, safeguarding AI-driven systems, and optimizing automated workflows to enhance cybersecurity operations.
Artificial intelligence is reshaping the cybersecurity landscape, enabling faster threat detection, automated response, and enhanced risk management. In this fireside chat, a federal cybersecurity leader will discuss how agencies are leveraging AI to strengthen their security postures, improve situational awareness, and mitigate emerging threats. The conversation will explore best practices for AI adoption, key implementation challenges, and strategies for ensuring responsible and secure AI integration, safeguarding AI-driven systems, and optimizing automated workflows to enhance cybersecurity operations.

Kat Megas
Program Manager, Cybersecurity, Privacy & AINIST

Vinay Singh
Former CAIO & Chief Financial Officer, HUDChief Strategy Officer, Technuf LLC

George Jackson
Executive Producer and HostGovExec TV
Modernizing FISMA: Addressing the Gaps in Visibility, Culture, and Technology
As federal agencies strive to strengthen their cybersecurity posture, many continue to grapple with foundational challenges in meeting FISMA requirements. Inconsistent maturity levels, decentralized accountability, and outdated technology investments make it difficult to establish centralized visibility and sustain continuous monitoring efforts. At the same time, evolving threats and a rapidly expanding attack surface—from cloud environments to interconnected systems—demand more agile, risk-informed approaches. Cultural resistance to change and competing priorities further complicate efforts to modernize compliance programs. This panel will explore the systemic barriers that hinder progress and discuss strategies for re-establishing the basics, aligning efforts across federated environments, and leveraging automation to close visibility gaps and enable smarter risk-based decisions. Join us for a candid conversation about what it really takes to make FISMA compliance meaningful—and achievable—in today’s high-stakes threat landscape.
As federal agencies strive to strengthen their cybersecurity posture, many continue to grapple with foundational challenges in meeting FISMA requirements. Inconsistent maturity levels, decentralized accountability, and outdated technology investments make it difficult to establish centralized visibility and sustain continuous monitoring efforts. At the same time, evolving threats and a rapidly expanding attack surface—from cloud environments to interconnected systems—demand more agile, risk-informed approaches. Cultural resistance to change and competing priorities further complicate efforts to modernize compliance programs. This panel will explore the systemic barriers that hinder progress and discuss strategies for re-establishing the basics, aligning efforts across federated environments, and leveraging automation to close visibility gaps and enable smarter risk-based decisions. Join us for a candid conversation about what it really takes to make FISMA compliance meaningful—and achievable—in today’s high-stakes threat landscape.

Mark Canter
Chief Information Security OfficerGovernment Accountability Office

Richard Grabowski
Acting Program Manager, CDMCISA

Victoria Yan Pillitteri
Manager, Security Engineering & Risk Management GroupNIST

Jonathan Trull
CISO & SVP Security Solution ArchitectureQualys

Anna Pettyjohn
Executive Vice President, Product & StrategyGovExec
Operationalizing Zero Trust: Strategies for Federal Cybersecurity Modernization
Operationalizing Zero Trust is transforming federal cybersecurity, requiring agencies to reevaluate how they quantify asset risk with the speed and agility needed to make real-time enforcement decisions. But Zero Trust goes beyond simply granting or denying access — it also demands the ability to rapidly remediate risk so assets can securely regain access, as delays in identifying and mitigating risk factors can lead to operational slowdowns and security gaps. In this fireside chat, we’ll explore the improvements needed to quickly and effectively quantify risk for just-in-time decision-making, how automation can enable faster remediation and reduce operational friction, and strategies for aligning Zero Trust with federal mandates while improving security outcomes. Join us to gain a deeper understanding of Zero Trust in practice and learn how agencies can modernize security architectures while reducing risk and strengthening resilience.
Operationalizing Zero Trust is transforming federal cybersecurity, requiring agencies to reevaluate how they quantify asset risk with the speed and agility needed to make real-time enforcement decisions. But Zero Trust goes beyond simply granting or denying access — it also demands the ability to rapidly remediate risk so assets can securely regain access, as delays in identifying and mitigating risk factors can lead to operational slowdowns and security gaps. In this fireside chat, we’ll explore the improvements needed to quickly and effectively quantify risk for just-in-time decision-making, how automation can enable faster remediation and reduce operational friction, and strategies for aligning Zero Trust with federal mandates while improving security outcomes. Join us to gain a deeper understanding of Zero Trust in practice and learn how agencies can modernize security architectures while reducing risk and strengthening resilience.

Daryl Haegley
Technical Director, Control Systems Cyber ResilienceU.S. Air Force

Lt. Col. Jason Carter
Operations Officer, Marine Corps Cyberspace Operations GroupU.S. Marine Corps

Shailesh Athalye
SVP Product ManagementQualys

Anna Pettyjohn
Executive Vice President, Product & StrategyGovExec
Empowering Public Sector with a Risk-Centric Cybersecurity Strategy for Proactive Defense
In this fireside chat, Qualys CISO Jonathan Trull joins Mayuresh Ecktre, VP Product Management, to discuss why a shift to proactive, risk-centric cyber operations is not just beneficial—but essential. Together, they’ll explore how the ROC model empowers public sector organizations to optimize their current tools, prioritize risk, and gain the efficiencies necessary to proactively and predictively defend their mission.
In this fireside chat, Qualys CISO Jonathan Trull joins Mayuresh Ecktre, VP Product Management, to discuss why a shift to proactive, risk-centric cyber operations is not just beneficial—but essential. Together, they’ll explore how the ROC model empowers public sector organizations to optimize their current tools, prioritize risk, and gain the efficiencies necessary to proactively and predictively defend their mission.

Mayuresh Ektare
VP Product ManagementQualys

Jonathan Trull
CISO & SVP Security Solution ArchitectureQualys
Securing the Supply Chain: DevSecOps and SBOM Implementation
Securing the federal software supply chain is a growing priority as agencies work to mitigate vulnerabilities and prevent cyber disruptions. This fireside chat will focus on the role of DevSecOps in strengthening supply chain security and the importance of Software Bill of Materials (SBOM) in maintaining software integrity. The discussion will explore how agencies can integrate security throughout the development lifecycle and ensure compliance with federal supply chain security guidelines.
Securing the federal software supply chain is a growing priority as agencies work to mitigate vulnerabilities and prevent cyber disruptions. This fireside chat will focus on the role of DevSecOps in strengthening supply chain security and the importance of Software Bill of Materials (SBOM) in maintaining software integrity. The discussion will explore how agencies can integrate security throughout the development lifecycle and ensure compliance with federal supply chain security guidelines.

Gharun Lacy
Deputy Assistant Secretary of State for Cyber and Technology Security Bureau of Diplomatic SecurityDepartment of State

Courtney O'Neal-Allen
Director, Events ContentGovExec
Federated Visibility Challenges: Bridging the Gaps in Cyber Oversight
Achieving comprehensive cybersecurity visibility across federal agencies remains a significant challenge, requiring seamless coordination and information sharing. This panel will bring together experts to examine the complexities of federated visibility, explore technical solutions, and discuss strategies for breaking down silos. Panelists will highlight real-world examples of cross-agency collaboration and the latest capabilities for enhancing threat detection and response.
Achieving comprehensive cybersecurity visibility across federal agencies remains a significant challenge, requiring seamless coordination and information sharing. This panel will bring together experts to examine the complexities of federated visibility, explore technical solutions, and discuss strategies for breaking down silos. Panelists will highlight real-world examples of cross-agency collaboration and the latest capabilities for enhancing threat detection and response.

TraudLinde Clark
Chief Information Security OfficerDepartment of Justice

Jessie Posilkin
Acting Executive DirectorTechnology Modernization Fund, GSA

Renata Spinks
Former CISO and Deputy CIO, IC4, USMCCEO of CyberSec International, Inc.

Mayuresh Ektare
VP Product ManagementQualys

Heather Kuldell-Ware
Former Editor-in-ChiefGovExec
Threats in Cyber Intelligence: Staying Ahead of Emerging Risks
As cyber threats grow more sophisticated, intelligence-driven security is essential for proactive defense. This keynote will examine the latest trends in cyber intelligence, including threat actor tactics, nation-state threats, and the role of AI in predictive analytics. The speaker will discuss strategies for leveraging cyber intelligence to strengthen threat detection, improve incident response, and enhance national security.
As cyber threats grow more sophisticated, intelligence-driven security is essential for proactive defense. This keynote will examine the latest trends in cyber intelligence, including threat actor tactics, nation-state threats, and the role of AI in predictive analytics. The speaker will discuss strategies for leveraging cyber intelligence to strengthen threat detection, improve incident response, and enhance national security.

Daniel Joyner
DirectorCGI

April Lenhard
Principal Product ManagerQualys

Saeed Abbasi
Qualys Threat Research GroupQualys

Heather Kuldell-Ware
Former Editor-in-ChiefGovExec
Cloud Security Efficiency: Strengthening Resilience in a Multi-Cloud Environment
As federal agencies expand their cloud infrastructure, securing these environments while maintaining operational efficiency is critical. This panel will examine strategies for managing cloud security at scale, optimizing threat detection, and ensuring compliance with federal mandates. Cloud security topics will include zero trust, as well as DevSecOps and container security. Panelists will discuss best practices for reducing cyber risk, enhancing visibility across hybrid and multi-cloud systems, and aligning with evolving government security frameworks.
As federal agencies expand their cloud infrastructure, securing these environments while maintaining operational efficiency is critical. This panel will examine strategies for managing cloud security at scale, optimizing threat detection, and ensuring compliance with federal mandates. Cloud security topics will include zero trust, as well as DevSecOps and container security. Panelists will discuss best practices for reducing cyber risk, enhancing visibility across hybrid and multi-cloud systems, and aligning with evolving government security frameworks.

Capt. Daniel Rogers
Chief Data and Artificial Intelligence OfficerU.S. Coast Guard

Shailesh Athalye
SVP Product ManagementQualys

George Jackson
Executive Producer and HostGovExec TV
Closing Remarks
Thank you for attending the Qualys Public Sector Cyber Risk Conference!
Thank you for attending the Qualys Public Sector Cyber Risk Conference!

George Jackson
Executive Producer and HostGovExec TV