Qualys Public Sector Cyber Risk Conference - Agenda
Register    ➤

Agenda

Times are subject to change.

7:30 AM EDT Wednesday, May 28

Registration, Breakfast & Networking

1 hour

Pick up your event badge and network with your peers!

Pick up your event badge and network with your peers!

Read More
8:30 AM EDT Wednesday, May 28

Opening Remarks

5 minutes

Welcome to The Qualys Public Sector Cyber Risk Conference

Welcome to The Qualys Public Sector Cyber Risk Conference

George Jackson
George Jackson
Executive Producer and Host
GovExec TV
Read More
8:35 AM EDT Wednesday, May 28

Morgan Stanley Keynote

25 minutes
Rachel Wilson
Rachel Wilson
Head of Wealth Management Data Security & Infrastructure Risk
Morgan Stanley
Read More
9:00 AM EDT Wednesday, May 28

Journey from ASM to RSM: Unveiling a New Approach to Risk-Based Cybersecurity

25 minutes
Sumedh Thakar
Sumedh Thakar
Chief Executive Officer
Qualys
Read More
9:30 AM EDT Wednesday, May 28

AI Integration: Transforming Federal Cybersecurity

25 minutes

Artificial intelligence is reshaping the cybersecurity landscape, enabling faster threat detection, automated response, and enhanced risk management. In this fireside chat, a federal cybersecurity leader will discuss how agencies are leveraging AI to strengthen their security postures, improve situational awareness, and mitigate emerging threats. The conversation will explore best practices for AI adoption, key implementation challenges, and strategies for ensuring responsible and secure AI integration, safeguarding AI-driven systems, and optimizing automated workflows to enhance cybersecurity operations.

Artificial intelligence is reshaping the cybersecurity landscape, enabling faster threat detection, automated response, and enhanced risk management. In this fireside chat, a federal cybersecurity leader will discuss how agencies are leveraging AI to strengthen their security postures, improve situational awareness, and mitigate emerging threats. The conversation will explore best practices for AI adoption, key implementation challenges, and strategies for ensuring responsible and secure AI integration, safeguarding AI-driven systems, and optimizing automated workflows to enhance cybersecurity operations.

Kat Megas
Kat Megas
Program Manager, Cybersecurity, Privacy & AI
NIST
Vinay Singh
Vinay Singh
Former CAIO & Chief Financial Officer, HUD
Chief Strategy Officer, Technuf LLC
George Jackson
George Jackson
Executive Producer and Host
GovExec TV
Read More
9:55 AM EDT Wednesday, May 28

Modernizing FISMA: Addressing the Gaps in Visibility, Culture, and Technology

40 minutes

As federal agencies strive to strengthen their cybersecurity posture, many continue to grapple with foundational challenges in meeting FISMA requirements. Inconsistent maturity levels, decentralized accountability, and outdated technology investments make it difficult to establish centralized visibility and sustain continuous monitoring efforts. At the same time, evolving threats and a rapidly expanding attack surface—from cloud environments to interconnected systems—demand more agile, risk-informed approaches. Cultural resistance to change and competing priorities further complicate efforts to modernize compliance programs. This panel will explore the systemic barriers that hinder progress and discuss strategies for re-establishing the basics, aligning efforts across federated environments, and leveraging automation to close visibility gaps and enable smarter risk-based decisions. Join us for a candid conversation about what it really takes to make FISMA compliance meaningful—and achievable—in today’s high-stakes threat landscape.

As federal agencies strive to strengthen their cybersecurity posture, many continue to grapple with foundational challenges in meeting FISMA requirements. Inconsistent maturity levels, decentralized accountability, and outdated technology investments make it difficult to establish centralized visibility and sustain continuous monitoring efforts. At the same time, evolving threats and a rapidly expanding attack surface—from cloud environments to interconnected systems—demand more agile, risk-informed approaches. Cultural resistance to change and competing priorities further complicate efforts to modernize compliance programs. This panel will explore the systemic barriers that hinder progress and discuss strategies for re-establishing the basics, aligning efforts across federated environments, and leveraging automation to close visibility gaps and enable smarter risk-based decisions. Join us for a candid conversation about what it really takes to make FISMA compliance meaningful—and achievable—in today’s high-stakes threat landscape.

Mark Canter
Mark Canter
Chief Information Security Officer
Government Accountability Office
Richard Grabowski
Richard Grabowski
Acting Program Manager, CDM
CISA
Victoria Yan Pillitteri
Victoria Yan Pillitteri
Manager, Security Engineering & Risk Management Group
NIST
Jonathan Trull
Jonathan Trull
CISO & SVP Security Solution Architecture
Qualys
Anna Pettyjohn
Anna Pettyjohn
Executive Vice President, Product & Strategy
GovExec
Read More
10:35 AM EDT Wednesday, May 28

10:50 AM EDT Wednesday, May 28

Operationalizing Zero Trust: Strategies for Federal Cybersecurity Modernization

35 minutes

Operationalizing Zero Trust is transforming federal cybersecurity, requiring agencies to reevaluate how they quantify asset risk with the speed and agility needed to make real-time enforcement decisions. But Zero Trust goes beyond simply granting or denying access — it also demands the ability to rapidly remediate risk so assets can securely regain access, as delays in identifying and mitigating risk factors can lead to operational slowdowns and security gaps. In this fireside chat, we’ll explore the improvements needed to quickly and effectively quantify risk for just-in-time decision-making, how automation can enable faster remediation and reduce operational friction, and strategies for aligning Zero Trust with federal mandates while improving security outcomes. Join us to gain a deeper understanding of Zero Trust in practice and learn how agencies can modernize security architectures while reducing risk and strengthening resilience.

Operationalizing Zero Trust is transforming federal cybersecurity, requiring agencies to reevaluate how they quantify asset risk with the speed and agility needed to make real-time enforcement decisions. But Zero Trust goes beyond simply granting or denying access — it also demands the ability to rapidly remediate risk so assets can securely regain access, as delays in identifying and mitigating risk factors can lead to operational slowdowns and security gaps. In this fireside chat, we’ll explore the improvements needed to quickly and effectively quantify risk for just-in-time decision-making, how automation can enable faster remediation and reduce operational friction, and strategies for aligning Zero Trust with federal mandates while improving security outcomes. Join us to gain a deeper understanding of Zero Trust in practice and learn how agencies can modernize security architectures while reducing risk and strengthening resilience.

Daryl Haegley
Daryl Haegley
Technical Director, Control Systems Cyber Resilience
U.S. Air Force
Lt. Col. Jason Carter
Lt. Col. Jason Carter
Operations Officer, Marine Corps Cyberspace Operations Group
U.S. Marine Corps
Shailesh Athalye
Shailesh Athalye
SVP Product Management
Qualys
Anna Pettyjohn
Anna Pettyjohn
Executive Vice President, Product & Strategy
GovExec
Read More
11:25 AM EDT Wednesday, May 28

Empowering Public Sector with a Risk-Centric Cybersecurity Strategy for Proactive Defense

20 minutes

In this fireside chat, Qualys CISO Jonathan Trull joins Mayuresh Ecktre, VP Product Management, to discuss why a shift to proactive, risk-centric cyber operations is not just beneficial—but essential. Together, they’ll explore how the ROC model empowers public sector organizations to optimize their current tools, prioritize risk, and gain the efficiencies necessary to proactively and predictively defend their mission.

In this fireside chat, Qualys CISO Jonathan Trull joins Mayuresh Ecktre, VP Product Management, to discuss why a shift to proactive, risk-centric cyber operations is not just beneficial—but essential. Together, they’ll explore how the ROC model empowers public sector organizations to optimize their current tools, prioritize risk, and gain the efficiencies necessary to proactively and predictively defend their mission.

Mayuresh Ektare
Mayuresh Ektare
VP Product Management
Qualys
Jonathan Trull
Jonathan Trull
CISO & SVP Security Solution Architecture
Qualys
Read More
11:45 AM EDT Wednesday, May 28

Securing the Supply Chain: DevSecOps and SBOM Implementation

25 minutes

Securing the federal software supply chain is a growing priority as agencies work to mitigate vulnerabilities and prevent cyber disruptions. This fireside chat will focus on the role of DevSecOps in strengthening supply chain security and the importance of Software Bill of Materials (SBOM) in maintaining software integrity. The discussion will explore how agencies can integrate security throughout the development lifecycle and ensure compliance with federal supply chain security guidelines.

Securing the federal software supply chain is a growing priority as agencies work to mitigate vulnerabilities and prevent cyber disruptions. This fireside chat will focus on the role of DevSecOps in strengthening supply chain security and the importance of Software Bill of Materials (SBOM) in maintaining software integrity. The discussion will explore how agencies can integrate security throughout the development lifecycle and ensure compliance with federal supply chain security guidelines.

Gharun Lacy
Gharun Lacy
Deputy Assistant Secretary of State for Cyber and Technology Security Bureau of Diplomatic Security
Department of State
Courtney O'Neal-Allen
Courtney O'Neal-Allen
Director, Events Content
GovExec
Read More
12:10 PM EDT Wednesday, May 28

1:05 PM EDT Wednesday, May 28

Federated Visibility Challenges: Bridging the Gaps in Cyber Oversight

40 minutes

Achieving comprehensive cybersecurity visibility across federal agencies remains a significant challenge, requiring seamless coordination and information sharing. This panel will bring together experts to examine the complexities of federated visibility, explore technical solutions, and discuss strategies for breaking down silos. Panelists will highlight real-world examples of cross-agency collaboration and the latest capabilities for enhancing threat detection and response.

Achieving comprehensive cybersecurity visibility across federal agencies remains a significant challenge, requiring seamless coordination and information sharing. This panel will bring together experts to examine the complexities of federated visibility, explore technical solutions, and discuss strategies for breaking down silos. Panelists will highlight real-world examples of cross-agency collaboration and the latest capabilities for enhancing threat detection and response.

TraudLinde Clark
TraudLinde Clark
Chief Information Security Officer
Department of Justice
Jessie Posilkin
Jessie Posilkin
Acting Executive Director
Technology Modernization Fund, GSA
Renata Spinks
Renata Spinks
Former CISO and Deputy CIO, IC4, USMC
CEO of CyberSec International, Inc.
Mayuresh Ektare
Mayuresh Ektare
VP Product Management
Qualys
Heather Kuldell-Ware
Heather Kuldell-Ware
Former Editor-in-Chief
GovExec
Read More
1:45 PM EDT Wednesday, May 28

Threats in Cyber Intelligence: Staying Ahead of Emerging Risks

40 minutes

As cyber threats grow more sophisticated, intelligence-driven security is essential for proactive defense. This keynote will examine the latest trends in cyber intelligence, including threat actor tactics, nation-state threats, and the role of AI in predictive analytics. The speaker will discuss strategies for leveraging cyber intelligence to strengthen threat detection, improve incident response, and enhance national security.

As cyber threats grow more sophisticated, intelligence-driven security is essential for proactive defense. This keynote will examine the latest trends in cyber intelligence, including threat actor tactics, nation-state threats, and the role of AI in predictive analytics. The speaker will discuss strategies for leveraging cyber intelligence to strengthen threat detection, improve incident response, and enhance national security.

Daniel Joyner
Daniel Joyner
Director
CGI
April Lenhard
April Lenhard
Principal Product Manager
Qualys
Saeed Abbasi
Saeed Abbasi
Qualys Threat Research Group
Qualys
Heather Kuldell-Ware
Heather Kuldell-Ware
Former Editor-in-Chief
GovExec
Read More
2:25 PM EDT Wednesday, May 28

Cloud Security Efficiency: Strengthening Resilience in a Multi-Cloud Environment

40 minutes

As federal agencies expand their cloud infrastructure, securing these environments while maintaining operational efficiency is critical. This panel will examine strategies for managing cloud security at scale, optimizing threat detection, and ensuring compliance with federal mandates. Cloud security topics will include zero trust, as well as DevSecOps and container security. Panelists will discuss best practices for reducing cyber risk, enhancing visibility across hybrid and multi-cloud systems, and aligning with evolving government security frameworks.

As federal agencies expand their cloud infrastructure, securing these environments while maintaining operational efficiency is critical. This panel will examine strategies for managing cloud security at scale, optimizing threat detection, and ensuring compliance with federal mandates. Cloud security topics will include zero trust, as well as DevSecOps and container security. Panelists will discuss best practices for reducing cyber risk, enhancing visibility across hybrid and multi-cloud systems, and aligning with evolving government security frameworks.

Capt. Daniel Rogers
Capt. Daniel Rogers
Chief Data and Artificial Intelligence Officer
U.S. Coast Guard
Shailesh Athalye
Shailesh Athalye
SVP Product Management
Qualys
George Jackson
George Jackson
Executive Producer and Host
GovExec TV
Read More
3:05 PM EDT Wednesday, May 28

Closing Remarks

10 minutes

Thank you for attending the Qualys Public Sector Cyber Risk Conference!

Thank you for attending the Qualys Public Sector Cyber Risk Conference!

George Jackson
George Jackson
Executive Producer and Host
GovExec TV
Read More
3:10 PM EDT Wednesday, May 28

Promo Image