Monday, Sept. 29, 2025
8 a.m.-4 p.m.
Nebraska Innovation Campus
Conference Center
2021 Transformation Drive, Lincoln, NE
Doors open at 7:30 a.m. for check-in
|
Regular Rate: $149 Registration Deadline: September 15 |
In today’s world, we rely on technology and the Internet for a variety of transactions, communication and information – at home, in school and at the workplace. While we are familiar with the myriad of conveniences provided through Internet use, it is difficult to stay abreast of all the changes and the potential risks presented by the Internet. We are all “virtual neighbors” in cyberspace, and what we do, or don’t do, can affect many others.
The Nebraska Cyber Security Conference will assist in raising our awareness of cyber security and help in protecting all of us in cyberspace. If we do our part individually, we can have a tremendous positive impact collectively on our state’s cyber security.
This will be valuable time learning from skilled industry experts. The day will be filled with a variety of breakout sessions that will encompass different areas of information security and technology.
| Time | Description |
|---|---|
|
7:30 a.m. |
Check-in |
| 8 a.m. |
Opening Remarks |
| 8:45 a.m. |
Break |
| 9 a.m. |
First Session |
| 9:45 a.m. |
Break |
| 10 a.m. |
Second Session |
| 10:45 a.m. |
Break |
| 11 a.m. |
Third Session |
| 11:45 a.m. |
Lunch |
| 1 p.m. |
Keynote |
| 2 p.m. |
Break |
| 2:15 p.m. |
Fourth Session |
| 3 p.m. |
Break |
| 3:15 p.m. |
Fifth Session |
Raul Barreras
University of Nebraska
Raul Barreras is an information security professional with more than 20 years of experience in systems administration, development, teaching, information security leadership and hands-on penetration testing. In recent years, as cloud and application security manager at the University of Nebraska, he has focused on helping teams build secure and resilient software by promoting secure development practices and leveraging his broad technical and leadership background. Passionate about building communities of security-aware professionals, Barreras mentors developers and works to turn secure development from a checkbox into a habit.
- Leveling UP Vulnerability Disclosure: A Gamified Approach at the University of Nebraska
Matt Bednarski
Tanium
Matthew Bednarski is a client service leader at CDM Smith with more than 20 years of experience in civil engineering and infrastructure development. Throughout his career, he has led complex public works and environmental projects, bringing a strategic, client-focused approach to solving today’s most pressing infrastructure challenges. Bednarski is a trusted advisor to municipalities and agencies, known for his ability to align technical innovation with community needs. He holds a Bachelor of Science in civil engineering from the University of Wisconsin-Milwaukee and is an active member of the American Public Works Association.
- Command, Control, Automate: The Future of Endpoint Management
Karla Carter
Bellevue University
Karla Carter is an Associate Professor of Cybersecurity in the College of Science and Technology at Bellevue University, in Bellevue, NE. Drawing on degrees in psychology, history and cybersecurity, and more years than she should admit to of information technology experience, she teaches undergraduate and graduate courses in cybersecurity operations, social engineering, human factors, security awareness, white-collar crime, information warfare, and technology ethics. Additionally, she serves on the IEEE Nebraska Section Executive Committee and ACM Committee on Professional Ethics. Curious, intense and irreverent, Carter lives by the question, "what if...?" and has a low tolerance for the phrase "because that’s the way we’ve always done it." Ask her about her growing (and glowing!) uranium glass collection!
- Shani the Zebra Knows More About Cybersecurity Than You
Phil Redfern
University of Nebraska
Phil Redfern is the director of security engineering at the University of Nebraska. Throughout his career, Redfern has led various enterprise IT initiatives and projects, successfully integrating risk-based cybersecurity across the university system. Highlights include a unified security model for edge networks, security baselines for endpoints, and the implementation of updated IT security policies and standards. He received his Bachelor of Fine Arts from the University of Nebraska-Lincoln and his Master of Science from the University of Nebraska at Omaha.
- Leveling UP Vulnerability Disclosure: A Gamified Approach at the University of Nebraska
Mike Rider
DTEX
Mike Rider is a senior counter-insider threat engineer at DTEX Systems with 24 years of experience in cybersecurity, 12 of which have been dedicated to U.S. government insider threat programs. He also completed a 20-year U.S. Navy career as a cryptologic warfare officer. Some of his noteworthy Department of Defense roles include positions at the White House Communications Agency, the National Security Agency, U.S. Strategic Command and Joint Special Operations Command, as well as technical roles at leading security vendors such as Forcepoint, Tanium and Menlo Security.
- Insider Threats Aren't New. But Our Defenses Should Be.
Bruce Wray
Wray Law TCP
Bruce thrives where the Law intersects with Technology, Cybersecurity and Privacy. He leverages a Master’s in Computer Science focused on Information Assurance, a CISSP, more than a decade working in IT, and now more than a decade providing legal guidance to global corporations, in order to enable organizations to manage their TCP risks.
Bruce operates a boutique legal practice, Wray Law TCP, and is the Director of the Innovation and Entrepreneurship Legal Clinic at Creighton School of Law. He serves on the boards of both NebraskaCERT and ISC2 Omaha/Lincoln Local Chapter, the latter as President.
Bruce is a frequent presenter with local information security organizations, including ISACA , NECERT and ISC2 Omaha/Lincoln Local Chapter, and will be speaking this October at the ISC2 Security Congress 2025 in Nashville.
- TTX: How Not To Crisis Your Crisis
Command, Control, Automate: The Future of Endpoint Management
Matt Bednarski, Tanium
In an era when cyber threats evolve faster than traditional tools can respond, organizations need real-time visibility and control across every endpoint. This session explores how Tanium’s autonomous endpoint management platform unifies IT operations and security to deliver instant insights, rapid response and operational resilience.
Insider Threats Aren't New. But Our Defenses Should Be.
Mike Rider, DTEX
In today’s dynamic digital environment, the perimeter is gone — but the insider risk remains. As organizations accelerate adoption of AI tools and hybrid work continues to redefine where and how people operate, traditional methods of monitoring and mitigating insider threats are proving inadequate. Legacy user activity monitoring tools, while well-intentioned, are reactive, intrusive and often blind to the early indicators of risky behavior.
This session explores a modern approach to insider risk — one that prioritizes context, intent and proactive mitigation over surveillance. Drawing on lessons learned from engagements across federal and commercial sectors, we’ll examine the behavioral patterns and digital exhaust that precede insider incidents — and how organizations can use this intelligence to shift left: detecting risk before it escalates to a threat.
Leveling UP Vulnerability Disclosure: A Gamified Approach at the University of Nebraska
Phil Redfern & Raul Barreras, University of Nebraska
Discover how the University of Nebraska has leveled up its Vulnerability Disclosure Program through gamification. This presentation will highlight the collaborative efforts between the university and independent security researchers to strengthen its security posture and recognize the contributions of experienced researchers. Attendees will gain insights into NU’s innovative program model, built on the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency template, and learn effective strategies for engaging in remediation.
Shani the Zebra Knows More About Cybersecurity Than You
Karla Carter, Bellevue University
What can a foal, a crocodile and a dusty river crossing teach us about digital risk management? More than most security frameworks, it turns out. This session leverages one of nature’s most compelling cybersecurity metaphors — the African migration — to reframe enterprise risk management through the lens of survival. Following Shani the zebra and her vulnerable newborn through a perilous journey, we’ll examine how predators exploit every transition point, mirroring the attack vectors that compromise digital ecosystems. Drawing from behavioral ecology and threat intelligence, this presentation maps the NIST Risk Management Framework to migration survival patterns: asset management as herd dynamics, vulnerability assessment as environmental scanning, incident response as predator evasion, and legacy system integration through the lens of warthogs — ugly but resilient. Through this unconventional framework, attendees will develop practical strategies for risk visualization, stakeholder communication and security program optimization. The session includes actionable deliverables: a field guide for mapping organizational “predator patterns,” threat classification cards and assessment templates designed for immediate implementation. Participants will learn to apply biological risk models to cybersecurity program design, develop enhanced risk communication strategies using natural metaphors, and create visual frameworks for executive reporting that actually resonate. Come for the metaphor. Stay for the methodology. Leave with tools that work in both the Serengeti and the SOC.
TTX: How Not To Crisis Your Crisis
Bruce Wray, Wray Law TCP
The truism “When Not If” has these corollary: crises will happen, crises are unavoidable, and crises are part of business. An organization’s preparation and response are all that you can control.
This interactive discussion will focus on Practicing Your Crisis before you Crisis Your Crisis. We will explore how other crisis training approaches preparation and how your organization can adopt and implement Table Top Exercises to avoid common pitfalls that businesses face when the unthinkable, but inevitable, occurs.
Sponsor Levels
Platinum Sponsor $3,000 (Limit 7)
- Premier table placement in Main Hallway
- Table and two chairs
- Complimentary Tickets: 3 (additional tickets may be purchased at attendee rates)
Sign Up as a Platinum Sponsor Today!
Gold Sponsor $2,000 (Limit 7)
- Table placement in 1st floor South Hallway
- Table and two chairs
- Complimentary Tickets: 2 (additional tickets may be purchased at attendee rates)
Sign Up As A Gold Sponsor Today!
Diamond Lunch Sponsor $10,000 (Limit 1)
- Logo placards placed on banquet tables
- Table placement next to banquet hall in a high-traffic area next to auditorium
- Two table and four chairs
- Complimentary Tickets: 5 (additional tickets may be purchased at attendee rates)
Sign Up As A Diamond Lunch Sponsor Today!
Emerald Breakfast Sponsor $5,000 (Limit 1)
- Logo placards placed on banquet tables
- Table placement next to banquet hall in a high-traffic area next to auditorium
- Two table and four chairs
- Complimentary Tickets: 4 (additional tickets may be purchased at attendee rates)
Sign Up As A Emerald Lunch Sponsor Today!
Each sponsor will receive the following:
- Logo published on our conference website
- Logo printed in conference guide
- Room for one standup banner (not to exceed 3’ wide x 6’tall) by your table
- Access to Electrical - sponsors must bring their own extension cord. The conference center does not have any available to lend.
- WIFI access
Nebraska Innovation Campus (NIC) Conference Center
2021 Transformation Drive, Lincoln NE
Please review the Parking Information for all of the parking options around the Conference Center.
State of Nebraska OCIO
SCC Continuing Education
