November 14, 2025, 8:00 AM – 5:00 PM Pacific Time || Venue: Las Positas College, Livermore, CA

In an era of escalating geopolitical tensions and the growing impact of climate change, the cybersecurity landscape is undergoing a radical transformation. ‘The Long Game: AI-Driven Cyber Strategy in an Era of Global Disruption’ explores how organizations can leverage artificial intelligence to develop resilient, long-term cybersecurity strategies. This conference will address the critical challenges posed by systemic disruptions, offering insights into navigating complex geopolitical risks, mitigating climate-related cyber threats, and harnessing AI’s potential to anticipate and counter evolving threats. Attendees will gain actionable strategies for building robust cyber defenses, ensuring business continuity, and shaping a secure future in an increasingly unpredictable world.

Key Takeaways for Attendees:

Understanding the interconnectedness of geopolitical, climate, and cyber risks.
Learning how to leverage AI to enhance cybersecurity defenses.
Developing strategic frameworks for long-term cyber resilience.
Building a culture of cybersecurity awareness and preparedness.

ISC2EastBayNov2025TheLongGame Download

Attendees receive up to 8 CPEs for attending and providing feedback on their participation. Networking Pass can earn up to 5 CPEs. Speakers and volunteers can earn up to 13 CPEs. Contact conferencecommittee@isc2-eastbay-chapter.org to let us know you want to help with sponsor tables, serving food, coordinating live demos, signage, sign-in registration, or building set up and breaking down activities. If you can volunteer to mentor, coach, or hire interns, please get in touch with careers@isc2-eastbay-chapter.org. Volunteers earn their ticket. However, they must be assigned to a committee and registered no later than October 1st to participate in the fall conference planning.

Pricing and Registration – Your Email Address is Your Code

Your price is determined by your ISC2 East Bay Chapter Member Status, which can be applied by using your primary chapter-registered email in the “Access Code” field during registration. Members with up-to-date annual dues will automatically have a $45 member credit applied. Volunteers, Sponsors, and Speakers will receive their own distinct free registration codes, however, we will care for your ticketing process for you.

If your member record is pending or you haven’t yet set up your account, please start by creating or updating your member record. Once you are on your membership page, you can then proceed to purchase your conference tickets. If you are already a paid member, you can sign up from your member page or go directly to the registration link below.

Create or Update Member Record

Purchase Event Tickets

Early Bird Pricing ends October 31

View Pricing Details

Conference Sessions & Schedule

8:00 AM Breakfast and Registration

Pick up your badge, ribbons, and optional pre-ordered “Long Game: Cyber Emergency Kit.” Throughout the day, as you visit each vendor, your bag gets a variety of books, tools, and swag. At the end of the day, events and further awards will focus on your key takeaways. Earn additional CPE and distinction by sharing how you might or already leverage what you now have “in the bag.”

Coffee throughout the day is sponsored by One Identity. All meals are paid for by the entire list of sponsors and by a portion of each registration. Thank you to our sponsor and our members. Please visit the list of sponsoring vendors below.

8:50 AM Greetings from the ISC2 East Bay Chapter

Welcome Students, Entrepreneurs, Civic, Business, and Education Leaders, Cyber Professionals, Job Seekers. We are pleased to share a brief discussion of the ISC2 East Bay Chapter Mission, Rules for our day at Las Positas, expectations for the “In The Bag” activity, and a reminder about your mandatory feedback requirement.

Featured Speakers

Session One – 9:00 to 9:30 AM | The AI Supply Chain: A National Security Imperative; the high stakes and the integration of AI into the supply chain itself | Bob Kolasky, SVP Critical Infrastructure Sectors, Exiger

Navigating escalating cyber threats and complex global interdependencies, this session will delve into proactively managing pervasive supply chain risks. Bob Kolasky will explore the pivotal role of artificial intelligence and data-driven strategies, leveraging platforms like Exiger, to identify, assess, and mitigate vulnerabilities across the digital ecosystem. Attendees will gain insights into building resilient supply chains, strengthening third-party risk management, and fostering robust public-private partnerships vital for national and economic security. He will highlight actionable strategies for anticipating and addressing security needs, ensuring critical functions remain operational against cyber warfare and systemic disruptions, and demonstrating how advanced technology facilitates better risk outcomes. This discussion is vital for cybersecurity professionals and industry leaders, enhancing organizational cyber resilience.

Bob Kolasky is a distinguished leader in cybersecurity and critical infrastructure resilience. He was the Founding Head of the Cybersecurity and Infrastructure Security Agency’s (CISA) National Risk Management Center, where he played a pivotal role in establishing strategic, cross-sector government and industry approaches to cyber and supply chain threats. Currently, as SVP, Critical Infrastructure Sectors at Exiger, he leads the go-to-market strategy and delivery of technology, processes, and expertise to address third-party and supply chain risk for critical infrastructure. Kolasky is a recognized expert in leveraging AI and data-driven insights to illuminate supply chains, evaluate risk factors, and continuously monitor threats, significantly contributing to national and economic security.

**Bob Kolasky, SVP Critical Infrastructure Sectors, Exiger**

Exiger – Founded in 2013, Exiger arms government entities, the world’s largest corporations, including 90 of the Fortune 250, and financial institutions with Software as a Service (“SaaS”) technology solutions that allow a proactive approach to risk and compliance. Exiger has expanded its offerings to create consistency across a market struggling with an ever-growing vendor risk landscape, addressing the need for third-party, supply chain, cyber, and ESG risk solutions.

Session Two – 9:45 to 10:15 AM | The Invisible Threat Layer: Harnessing AI and Practical Physics to Secure Hardware for the Long Game | Yossi Applebaum, CEO | Sepio

The Invisible Threat Layer: Harnessing AI and Practical Physics to Secure Hardware for the Long Game. This session delves into the often overlooked physical layer of cybersecurity, learning how advanced AI and novel approaches rooted in practical physics transform the way organizations identify, manage, and mitigate hidden hardware device risks. Explore how IT, OT, and IoT environments are crucial for building enduring resilience and developing a true “Long Game” cyber strategy against systemic disruptions.

Yossi Applebaum is the CEO and co-founder of Sepio Systems, a company disrupting the cybersecurity industry by uncovering hidden hardware attacks and providing actionable visibility to manage the risk of all known and shadow assets continuously. With decades of experience in engineering and leadership, Yosi’s background includes foundational work in the Israeli intelligence corps (Unit 8200) and successfully co-founding and leading multiple startups before establishing Sepio in 2016. Under his leadership, Sepio has developed multi-disciplinary SaaS solutions that combine practical physics, Machine Learning, and Big Data for unified hardware device risk management. His team has earned global recognition for fighting attacks through malicious hardware devices, offering invaluable insights into securing IT, OT, and IoT environments. Sepio’s Rogue Device Mitigation (RDM) capabilities and notable work in Asset Risk Management and IoT Security Software, including a featured use case by the Cybersecurity and Infrastructure Security Agency (CISA), exemplify his commitment to building enduring resilience against evolving cyber threats.

Sepio: Founded in 2016 by a team of cybersecurity experts from both private industry and government agencies, Sepio is revolutionizing security by uncovering hidden hardware attacks. Embracing its name, derived from the Latin word “Sepio” meaning “defend” and “guard,” the company provides actionable visibility to continuously manage the risk of all known and shadow assets at any scale. Sepio’s Asset Risk Management (ARM) solution is built on pillars of actionable visibility, objective truth, and infinite scalability, instilling confidence in organizations facing continuously expanding and uncontrolled ecosystems of connected assets. Their innovative multi-disciplinary SaaS solutions leverage practical physics, Machine Learning, and Big Data to deliver unified hardware device risk management, including powerful Rogue Device Mitigation (RDM) capabilities across IT, OT, and IoT environments. Sepio’s significant contributions to Asset Risk Management and IoT Security Software are highlighted by a featured use case from the Cybersecurity and Infrastructure Security Agency (CISA).

Session Three – 10:15 to 10:45 AM | Resilience in the deep fake face of AI cybercrime Alissa (Dr Jay) Abdullah, PhD, SVP, Emerging Corporate Security Solutions, CISO | Mastercard

Dr. Alissa Abdullah (Dr. Jay), Deputy Chief Security Officer, Mastercard

Dr. Alissa Abdullah (Dr. Jay), is Mastercard’s deputy chief security officer. In this role, she leads the Emerging Corporate Security Solutions team and is responsible for protecting Mastercard’s information assets as well as driving the future of security.

Dr. Jay joined Mastercard in 2019 after serving as the chief information security officer of Xerox, where she established and led a corporate-wide information risk management program. She also served as the deputy chief information officer of the White House, where she helped modernize the Executive Office of the President’s IT systems with cloud services and virtualization. She currently hosts Cybercrime Magazine’s Mastering Cyber and CISO 500 podcasts. Dr. Jay is a member of Smartsheet’s Board of Directors and Girls in Tech’s Board of Directors. She also serves as vice chair of BITS, the technology policy division of the Bank Policy Institute (BPI). Dr. Jay holds a PhD in Information Technology Management from Capella University, a master’s degree in Telecommunications and Computer Networks from The George Washington University, and a bachelor’s degree in mathematics from Savannah State University.

Mastercard: Mastercard is a global technology company in the payments industry. Its mission is to connect and power an inclusive digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. For over 50 years, Mastercard has pioneered technology to reshape the digital economy, using secure data and networks, partnerships, and passion. They provide innovative solutions that help individuals, financial institutions, governments, and businesses realize their greatest potential, driving value for consumers, businesses, and shareholders worldwide.

Session Four – 10:50 to 11:25 AM | Beyond the Benchmark: AI’s Role in Resilient Cybersecurity | Indus Khaitan | RedBlock

In a landscape where traditional security measures are often insufficient against sophisticated threats, building truly resilient cybersecurity requires moving “beyond the benchmark.” Indus Khaitan, a recognized leader in AI and data resilience and the founder of Redblock, will explore how advanced AI is critical to achieving this next level of security. This session will delve into how AI-driven platforms, much like modern instantiations of computational intelligence, enable proactive risk management, intelligent data backup, and rapid recovery, minimizing downtime and ensuring business continuity. By harnessing AI’s power to automate complex tasks and illuminate unseen risks, organizations can develop a truly “Long Game” cyber strategy, transforming their approach to resilience and operations in an era of global disruption.

Indus Khaitan, Agentic AI for Identity Security. Redblock.

CEO, Indus Khaitan, is a visionary leader in cybersecurity and data resilience, currently driving innovation at Redblock. With a background deeply rooted in developing cutting-edge technology solutions, Indus is passionate about safeguarding critical enterprise assets against an increasingly complex threat landscape. His expertise lies in leveraging artificial intelligence to architect robust data protection strategies that ensure business continuity and minimize the impact of cyberattacks and system failures. Through his work, Indus aims to empower organizations with intelligent, rapid recovery capabilities, strengthening their overall operational resilience.

Redblock (redblock.ai) is a company focused on AI-driven data backup and rapid recovery solutions designed to ensure business continuity. Their innovative platform delivers resilient data protection for critical enterprise assets by minimizing downtime and data loss during cyberattacks, system failures, or disasters. Redblock’s solutions provide intelligent backup scheduling and accelerate recovery processes, significantly enhancing an organization’s operational resilience.

Session Five – 11:30 AM to 12:00 PM | Beyond Tech: Building Resilient Security Culture and Rapid Response for the AI Era | Jules Okafor, JD, CEO of RevolutionCyber

In today’s dynamic threat landscape, effective cybersecurity extends beyond technology alone. This session, led by Juliet Okafor, CEO of RevolutionCyber, will explore the critical role of human-centric security in building organizational resilience. Juliet will delve into strategies for cultivating a robust security culture across an enterprise, emphasizing how to increase user engagement, minimize friction during technology rollouts, and improve overall security program performance. The discussion will also cover key approaches to rapid incident response, empowering organizations to proactively prepare for and effectively navigate large-scale cyberattacks and disruptions, ultimately playing “The Long Game” in an AI-driven world.

Jules Okafor, JD, CXO | Attorney | Creator of ‘Build & Scale AI Ops in 90 Days’ | Security Culture & DevSecOps for High-Growth Orgs | Scalable Privacy, Risk & Trust Programs for Enterprise | Delivering Resilience at Speed

Juliet Okafor, JD, CEO, RevolutionCyber, is a cybersecurity professional who has combined her knowledge of the legal system and cybersecurity solution models into success stories across Fortune 500 industries throughout the USA. A passionate security solutions visionary and strategist, Okafor determines how to solve the company’s problem, be it vulnerability management, incident response or reducing the risk associated with technology or vendors, and then puts a plan into action. Okafor graduated from UMass Amherst with a B.A. in communication, Fordham University with an M.A. in public communication and media studies, and received her juris doctorate from Temple University – Beasley School of Law. She is currently the CEO of RevolutionCyber.

RevolutionCyber (revolutioncyber.com) is a boutique cybersecurity and resilience consulting firm that blends strategic advisory, cultural transformation, and technology enablement to redefine how organizations approach security. They focus on aligning security with core business outcomes, such as resilience, trust, and revenue generation, rather than treating it as a standalone technical function. Living at the intersection of security culture, operational resilience, and customer trust, RevolutionCyber operates as a unique hybrid: a traditional consulting firm, a managed security service provider (MSSP), and a technology-enabled service provider. Their mission is to empower businesses and individuals by creating personalized security experiences at scale, reducing technology rollout friction, increasing user happiness, and demonstrably improving overall security program performance. They also offer critical guidance and playbooks for rapid incident response, preparing organizations to navigate large-scale cyberattacks and build long-term cyber resilience effectively.

12:15 – 1:00 PM Lunch

Keynote, Session Six – 1:00 to 1:45 PM | Cybersecurity and Privacy Policy: Analysis of Executive Actions and Legislation in the 47th Presidential Term and 119th Congressional Session | Jim Dempsey | Managing director of the IAPP Cybersecurity Law Center

Jim Dempsey, Managing Director, IAPP Cybersecurity Law Center, and Senior Policy Advisor, Stanford Program on Geopolitics, Technology and Governance

Cybersecurity and Privacy Policy: Analysis of Executive Actions and Legislation in the 47th Presidential Term and 119th Congressional Session.

This keynote address will analyze the evolving cybersecurity and privacy policy landscape, focusing on potential executive actions and legislative initiatives within the 47th Presidential Term and the 119th Congressional Session. By November 2025, we will have an emerging picture of cybersecurity policy in this term. This session will compare and contrast with the Biden administration, exploring what has changed and what has continued. Which unfinished initiatives are moving forward and which seem to have been abandoned? How does competition with China shape U.S. cybersecurity policy? How is the promised emphasis on offensive operations developing? What approaches are emerging from the regulatory agencies (FTC, FCC, SEC, HHS)? Are the states stepping up their enforcement actions? He will provide insights into the long-term strategic considerations necessary for navigating the complex and rapidly changing cyber and data governance environment, addressing key issues such as AI-driven cybersecurity strategies, data privacy regulations, and the intersection of geopolitics and technology. This session will review and contextualize these and other policies and legal issues.

Jim Dempsey, managing director of the IAPP Cybersecurity Law Center, lecturer in cybersecurity law at UC Berkeley Law School, senior policy advisor to the Stanford Program on Geopolitics, Technology & Governance, co-author of Cybersecurity Law Fundamentals (2d ed. 2024).

Session Seven – 1:45 to 2:30 PM – Investing in the Future of AI-Driven Security: Next-Generation Human-Centric Cybersecurity Assistant | Ali Bouhouch, CTO | The Good Data Factory

The cybersecurity landscape is at an AI inflection point, driven by the convergence of large language models (LLMs), agentic-event-driven security automation, and API-first architectures, making real-time, autonomous cybersecurity operations finally possible. This session will explore how these powerful advancements represent a multi-billion-dollar market opportunity, poised to become an inevitable industry shift as global cybersecurity spending is projected to reach $267 billion by 2027, with AI-driven security automation as a key growth area.

Ali Bouhouch, CTO of The Good Data Factory, will discuss how enterprises, grappling with critical security staffing shortages (3.5 million unfilled cybersecurity jobs globally), can strategically invest in next-generation human-centric cybersecurity assistants. He will address how these AI-driven solutions empower security teams, reduce manual burdens, and enhance threat detection and response capabilities, enabling organizations to secure their future and play “The Long Game” against evolving cyber threats, even as incumbents heavily invest to lock in their customer base.

Ali Bouhouch, CTO, The Good Data Factory: Ali Bouhouch is an accomplished technology executive with over two decades of success leading consulting, software, and data engineering teams, delivering cutting-edge solutions across e-Commerce, AdTech, Business Intelligence, and Advanced Analytics. He possesses deep expertise in leveraging Cloud, Big Data, In-Memory Processing, and Cognitive Computing to drive success in digital marketing and retail. A champion of agile methodologies, Ali is a trusted leader who builds and inspires culturally diverse and geographically distributed teams to deliver results aligned with customer expectations, managing multi-million dollar international budgets. He is also a co-author of the “B2B Solutions Using WebSphere Business Connection” IBM Redbook and was the founder and chairman of multiple professional forums like the XML/WebServices SIG at www.ebig.org. His specialties include Analytics and Data in Retail, Oil & Gas, Telecoms and Finance industries, alongside deep knowledge in Leadership & management, Enterprise Architecture, Machine Learning, Data Science and Big Data.

The Good Data Factory (thegooddatafactory.com) steps in to fill an ever-increasing skills and capability gap by serving as a strategic data science partner to clients, from startups to large corporations. They specialize in transforming raw security data into actionable intelligence through advanced analytics and machine learning, helping organizations identify hidden patterns, predict potential threats, and optimize security operations. The Good Data Factory excels in managing the complexity of data engineering to ensure data is clean, accurate, and ready for analysis. They also offer services in advanced Big Data analytics, remote AI & data analytics lab development (including specific machine learning models and algorithm development), and creative software design and development. Their comprehensive approach aims to improve threat detection, incident assessment, and recovery processes, enabling clients to effectively shape business strategies and gain a competitive advantage in today’s market. They ensure the security and confidentiality of your data throughout all services.

2:30 – 4:30 CAKE BREAK, Socializing & Panels

Attendees should select up to two out of the three following options and leverage the alternative time to visit with vendors and develop their emergency kits.

Session Eight (A) – 3:00 to 3:45 PM – Panel: The Intersection of Geopolitics and Cyber: Strategies for Mitigating Global Threats

Tolgay Kizilelma, Ph.D. is a business-driven IT/Cybersecurity GRC leader and trusted business partner with three decades of experience in education, healthcare, distribution, and government sectors. He is the founding Director of the MS in Cybersecurity program and teaches online Cybersecurity GRC courses as an Associate Professor of Cybersecurity in the Barowsky School of Business at Dominican University of California. Tolgay has also served as the CISO for multiple University of California campuses. Early in his career, he managed the U.S. IT operations for a leading national fuel systems integrator and distributor. He has more than 50 industry certifications, a B.S. degree in computer engineering, an MBA, and a Ph.D. focusing on information security. He also volunteers for various non-profit organizations as a board member, and frequently participates at cybersecurity conferences as a presenter. His contribution to the cybersecurity community was recognized with the 2022 C100 Award – Top 100 CISOs by CISOs Connect.

Tolgay Kizilelma, Ph.D., Dominican University of California

Session Eight (B) – 3:45 to 4:30 – Panel: AI vs. AI: The Evolving Landscape of AI-Driven Cyber Warfare

Stephen Bartolini is an outcome-driven technology-risk management leader and Partner at NextPeak, adept at driving business transformation through reengineering and embracing cutting-edge technologies. With over two decades of experience, including significant leadership roles as Executive Director of Cybersecurity & Technology at JPMorgan Chase & Co. (10 years) and Senior Director positions at CA Technologies (9 years), Stephen is a trusted advisor to executive leadership on cybersecurity risks and response strategies. His expertise spans building global, diverse, cross-functional teams that deliver value by understanding client needs and engineering innovative solutions within rapidly changing, highly regulated environments across Financial Services, Technology, and Telecommunications industries. Stephen holds a Bachelor of Science in Chemical Engineering from Cornell University and is a Certified Information Security Manager (CISM) and Lean Six Sigma Black Belt.

Stephen Bartolini: Cybersecurity & Technology Executive Director | Risk Management, Lean Six Sigma, AI Data Analytics

Session Eight (C) – 4:30 – 5:00 – The Wrap Up – What You Placed in Your Bag, “The Long Game, Cyber Emergency Kit.” Conference Feedback Forms and Sharing What’s In The Bag – Main Presentation Hall

Networking Pass holders can participate in the Strategic Vendors’ “Long Game” Cyber Emergency Kit activity – completion earns 5 CPE – a bag purchase may be required.Conference Bag Suggestions for Cyber Emergency Kit

Leading up to and during the conference, we are developing the Cybersecurity Kit – a branded backpack that attendees will fill with essential resources designed to help them leverage AI in their cybersecurity ‘Long Game’. The Las Positas College Cybersecurity Club college will assist in preparing these kits in advance. We encourage sponsors to contribute items that incentivize attendees to visit their stations and engage in an activity, perhaps by collecting a ‘token’ or completing a brief interaction, to earn a valuable addition to their kit. For select vendors, participation in a recorded Podcast or Webinar can also serve as an activity to earn attendees additional CPE credits. We invite all participating sponsors to get creative with their contributions and engagement strategies. We’re pleased to acknowledge that Summit 7 has already contributed premium pens and stickers, ready for distribution. Additionally, attendees will receive small notepads to facilitate note-taking throughout the day.

The Cyber Emergency Kits will extend their value beyond the conference itself. Leading into the last day of Early Bird Pricing, October 31st, our enrollment campaign will use a “Trick or Treat” theme. In December, we’ll launch a social media campaign encouraging attendees to post about how they’re using the acquired resources, with opportunities for special recognition and to earn additional CPEs. This campaign will encourage participants to collect “Cyber Treats” or valuable takeaways throughout the event.

Astrix Security: Contribute a resource on Securing Non-Human Identities and SaaS Connectivity During Disruptions, focusing on the risks associated with API keys, service accounts, and other non-human identities, and how to maintain secure SaaS-to-SaaS connections during a crisis.
BigID: This resource focuses on Maintaining Data Privacy During a Large-Scale Cyber Emergency and emphasizes how BigID’s data intelligence platform enables rapid identification and protection of sensitive data in chaotic situations.
BreachRX: Contribute a comprehensive Emergency Incident Response Playbook outlining critical containment, recovery, and communication steps. This would be invaluable for attendees facing extreme cyber crises.
Exiger: Offers a resource on Supply Chain Risk Management and Resilience Planning for Global Disruptions. Given Exiger’s expertise in supply chain risk and third-party risk management, this guide would provide critical insights into maintaining operational continuity during large-scale events.
Happiest Minds Technologies: Provide a guide on Digital Transformation and Cybersecurity Best Practices for Crisis Resilience. This resource could offer insights into leveraging next-generation IT services, cloud security, and analytics to build resilient digital infrastructures during times of disruption.
Horizon3.ai: Provide a resource on Automated Penetration Testing for Proactive Cyber Resilience. Highlighting how their NodeZero platform continuously assesses an organization’s attack surface to identify exploitable weaknesses before adversaries do, this guide would offer actionable strategies for building robust, long-term cyber defenses and enhancing rapid incident preparedness.
Illumio: Offers a guide on Implementing Zero Trust Segmentation for Breach Containment. This resource would detail how their solution can help prevent lateral movement of attacks across hybrid environments, crucial for limiting damage during a cyber emergency.
Intezer: Provide a resource on Automating Threat Triage and Response During Security Incidents, highlighting how their AI-powered platform, leveraging code DNA analysis, can help security teams rapidly analyze alerts, understand threat context, and automate initial response actions during a crisis.
NetAlly: Provide a guide on Ensuring Network Resilience and Rapid Troubleshooting for AI-Driven Systems. This resource would highlight how their portable analysis tools offer deep visibility into wired and wireless networks, enabling swift identification and resolution of connectivity and performance issues critical for maintaining operational stability and rapid recovery of AI-dependent cybersecurity infrastructure during a crisis.
One Identity: Offer a guide on Secure Identity and Access Management in a Crisis, detailing how their solutions can help maintain secure access controls and manage identities effectively during a cyber emergency, ensuring only authorized personnel can access critical systems for recovery.
Redblock: Provide a guide on AI-Driven Data Backup and Recovery for Rapid Disaster Recovery. This will show how Redblock’s system can quickly restore systems and data during a global event.
RevolutionCyber: Provide a Rapid Incident Response Playbook for Large-Scale Cyberattacks, critical guidance for first responders during a high-impact event.
Sepio: Offer a resource on Gaining Comprehensive Asset Visibility and Mitigating Hardware-Based Security Risks During Critical Operations. Leveraging Sepio’s expertise in physical layer security, this guide would highlight the importance of understanding all connected devices, including rogue and unmanaged assets, and how to prevent hardware-based attacks that could compromise systems during a crisis.
StellarCyber: Offers a resource on Unified Security Operations for Rapid Threat Detection and Response During Systemic Disruptions, emphasizing how their Open XDR platform can provide comprehensive visibility and accelerate incident response across the entire attack surface during a crisis.
StrongDM: Offers a guide on Securely Restoring Infrastructure Access During a Systemic Disruption, demonstrating how StrongDM’s solutions enable rapid and controlled access to essential systems for recovery teams.
Summit 7: Offer a resource on Maintaining Compliance and Security in Microsoft 365 During a Crisis, emphasizing how organizations can ensure adherence to regulations and protect sensitive data within the Microsoft 365 environment during a systemic disruption, leveraging Summit 7’s expertise in Microsoft security and compliance.
Symmetry Systems: Provide a resource on Rapid Data Security Posture Assessment for Disaster Recovery, showcasing how Symmetry Systems’ platform provides critical visibility into data risks during a crisis.
The Good Data Factory: Provides a resource on Using Data Analytics for Rapid Cyber Incident Assessment and Recovery, demonstrating how The Good Data Factory’s platform enables data-driven decision-making during a crisis.

Our contributing organizations, such as IAPP, OWASP, CSA, CISA, and ACFE San Francisco, will provide essential regulatory guidance, best practices, and educational materials. We also welcome sibling chapters of ISC2, ISSA, and ISACA.

To receive all 8 CPEs, attendees must complete their Conference Feedback Form.

Thank You to Our Sponsors and Distinguished Guests

We extend our sincere gratitude to all our sponsors whose generous support makes “The Long Game: AI-Driven Cyber Strategy in an Era of Global Disruption” conference possible. Their commitment helps us deliver high-quality cybersecurity education and networking opportunities to our community. An enormous effort has also been made by the Conference Committee to bring this event to fruition.

If you are a past presenter or a Board Member to any of our partner organizations in California, ISACA, ISC2, OWASP, CSA, ISSA, please reach out to President@isc2-eastbay-chapter.org or ConferenceCommittee@isc2-eastbay-chapter.org to learn about attending the Distinguished Dinner for our Sponsors and Speakers. We would love to get you involved with our tremendous East Bay Community partnership.

Platinum Sponsors

Astrix Security: Specializes in securing non-human identities and SaaS-to-SaaS connectivity, addressing a critical and often overlooked attack surface in today’s digital landscape. Their platform provides comprehensive visibility into all non-human access, enabling organizations to enforce granular, adaptive policies and proactively prevent data breaches by meticulously managing access for API keys, service accounts, and critical cloud integrations, ensuring robust security for automated processes.
StellarCyber: Pioneers an Open XDR platform that unifies security operations across the entire attack surface, including networks, endpoints, cloud, and applications. Leveraging advanced AI and machine learning capabilities, their platform automatically detects sophisticated threats, significantly enhances security operations, and improves analyst efficiency by providing comprehensive, correlated visibility and accelerating incident response workflows from a single, integrated pane of glass.
Intezer: Leverages proprietary AI and genetic analysis to automate and streamline core Security Operations Center (SOC) tasks. Its platform automatically triages and investigates security alerts, accurately identifies malicious code by comparing it to known code families, and automates initial response actions. Intezer helps security teams reduce alert fatigue, enhance threat detection accuracy, and accelerate incident response by enabling human analysts to focus their expertise on the most critical and complex threats, improving overall SOC efficiency and effectiveness.

Gold Sponsors

RevolutionCyber: A boutique cybersecurity and resilience consulting firm that blends strategic advisory, cultural transformation, and technology enablement to redefine how organizations approach security. They focus on aligning security with core business outcomes, such as resilience, trust, and revenue generation, rather than treating it as a standalone technical function, offering services that enhance security culture and prepare for rapid incident response.
Exiger: Provides an AI-powered supply chain and third-party risk management platform that helps organizations illuminate, analyze, and mitigate complex risks across their extended enterprise. Their solutions offer deep insights into vendor vulnerabilities, geopolitical supply chain disruptions, and financial health, enabling proactive risk management and enhanced resilience in an AI-driven world.
Sepio: Offers a Hardware Access Control (HAC) and asset visibility platform that provides actionable visibility to continuously manage the risk of all known and shadow assets. Utilizing innovative multi-disciplinary SaaS solutions that combine practical physics, machine learning, and big data, Sepio delivers unified hardware device risk management, helping secure IT, OT, and IoT environments and providing defense against “invisible threat layers.”
Summit 7: Specializes in DIB cybersecurity compliance, with a core focus on CMMC (Cybersecurity Maturity Model Certification) and robust Microsoft 365 security solutions. They assist defense industrial base (DIB) companies in achieving and maintaining compliance with stringent federal regulations like CMMC, DFARS, and NIST, ensuring secure operations within the Microsoft ecosystem.

Silver Sponsors

BigID: BigID is a leading data intelligence platform that utilizes advanced AI and machine learning to comprehensively discover, classify, and manage sensitive and regulated data across diverse and hybrid environments, including cloud, on-premise, and SaaS applications. It empowers organizations to ensure stringent data privacy compliance, precisely identify and remediate security risks associated with vulnerable data exposures, and automate critical data governance processes by providing unparalleled data intelligence and control, thereby significantly enhancing overall security posture and reducing data risk.
BreachRX: Delivers an AI-powered incident response management platform that guides organizations through the complete lifecycle of a cyber incident, from initial detection and containment to full recovery and detailed post-incident analysis. It provides automated playbooks tailored to specific incident types, assigns tasks to response teams, manages internal and external communications, and rigorously tracks complex regulatory obligations and reporting deadlines, ensuring a consistent, compliant, and highly efficient incident response to minimize potential legal, financial, and reputational impacts during a cyber crisis.
Happiest Minds Technologies: A global IT services company that leverages cutting-edge technologies in digital transformation, cloud, cybersecurity, analytics, and Internet of Things (IoT) to drive enterprise success. They provide end-to-end services that help businesses achieve digital excellence, optimize operational efficiency, and foster continuous innovation with a strong emphasis on human-centric solutions, delivering comprehensive and integrated technology services that align with specific business objectives and industry standards.
Horizon3.ai: Provides NodeZero, an autonomous penetration testing platform. It continuously assesses an organization’s internal and external attack surface, automatically discovers exploitable weaknesses, and verifies vulnerabilities without human intervention. By rigorously emulating real-world attacker behaviors and techniques, NodeZero identifies critical attack pathways and provides clear, actionable remediation steps to proactively strengthen security posture and continuously validate an organization’s defenses against evolving cyber threats, supporting a continuous security validation program.
Illumio: Provides Zero Trust Segmentation to prevent the lateral movement of breaches across complex hybrid environments, including data centers, multi-cloud infrastructures, and endpoints. It meticulously visualizes application dependencies and communication flows, micro-segments networks down to individual workloads, and enforces granular, adaptive policies to contain attacks. This approach dramatically minimizes breach impact by reducing the attack surface and significantly enhancing an organization’s overall cyber resilience and security posture.
NetAlly: Offers portable network testing and analysis solutions essential for IT and cybersecurity professionals managing complex infrastructures. Its suite of tools provides deep visibility into both wired and wireless networks, enabling efficient troubleshooting of connectivity issues, precise validation of network performance, and verification of security configurations. This comprehensive approach helps ensure reliable network infrastructure, reduces downtime, and facilitates rapid issue resolution for enhanced operational stability and secure network operations.
One Identity: Offers comprehensive identity and access management (IAM) solutions that provide a unified platform for managing identities, governing access, and securing privileged accounts across an organization’s entire digital landscape. Their solutions include Identity Governance and Administration (IGA) for managing user access lifecycles, Privileged Access Management (PAM) for securing elevated accounts, and Access Management for secure authentication. This helps organizations streamline identity lifecycle management, enforce least privilege principles, and improve compliance posture across complex IT environments.
Redblock: Offers AI-driven data backup and rapid recovery capabilities essential to ensure business continuity even in the face of severe cyberattacks, system failures, or natural disasters. Their solutions minimize downtime and prevent data loss during incidents by providing intelligent, automated backup scheduling, accelerating recovery processes, and delivering resilient data protection for critical enterprise assets, thereby enhancing overall organizational resilience and operational continuity.
StrongDM: Offers a unified platform for managing and auditing access to all critical infrastructure, including servers, databases, Kubernetes clusters, and internal applications. It connects users securely without the need for traditional VPNs, meticulously logs every session for comprehensive auditing and compliance, and enforces granular, least-privilege access policies in real-time. This centralizes control over all technical access, significantly enhancing security posture and streamlining compliance workflows while improving operational efficiency.
Symmetry Systems: Specializes in Data Security Posture Management (DSPM). Its platform automatically discovers and classifies sensitive data across diverse cloud and on-premise data stores. It continuously monitors data access patterns, identifies misconfigurations, and detects risky behaviors or excessive permissions, providing clear and actionable visibility into an organization’s data security posture to help reduce exposure, mitigate risks, and ensure continuous compliance with data protection regulations.
The Good Data Factory: Enables the transformation of raw security data into actionable intelligence using advanced analytics and machine learning techniques. Their platform helps organizations identify hidden patterns and anomalies, predict potential threats with greater accuracy, and optimize security operations through robust, data-driven insights. This leads to improved threat detection capabilities, more efficient incident assessment, and accelerated recovery processes following security events, contributing to more proactive security strategies.

Please become an ISC2 East Bay Sponsor by donating to our Sponsorship Page.

About ISC2
ISC2 is the world’s leading member organization for cybersecurity professionals, driven by our vision of a safe and secure cyber world. Our nearly 675,000 members, candidates, and associates around the globe are a force for good, safeguarding the way we live. Our award-winning certifications – including cybersecurity’s premier certification, the CISSP® – enable professionals to demonstrate their knowledge, skills, and abilities at every stage of their careers. ISC2 strengthens the cybersecurity profession’s influence, diversity, and vitality through advocacy, expertise, and workforce empowerment, accelerating cyber safety and security in an interconnected world. Our charitable foundation, The Center for Cyber Safety and Education, helps create more access to cyber careers and educates those most vulnerable. Learn more and get involved at ISC2.org. Connect with us on X, Facebook, and LinkedIn.

Pricing Details

Networking Pass: For attendance from 11:30 AM to 5:00 PM. Rates range from $45 (member) to $65 (guest), or $75 (member) to $85 (guest) for a fully loaded backpack and Long Game Kit.
Full Day Pass: For full conference access from 8:00 AM to 5:00 PM, including Breakfast, Lunch, Networking, & Cake Break. Rates are $100 for members and up to $175 for non-members. The Full Day Pass also includes the Long Game Emergency Kit Backpack for as long as our supplies last. After the Early Bird pricing has ended, options to purchase the “Emergency Kit” may be limited.

Registration Type	Price (No Kit)	Price (With “Long Game” Cyber Emergency Kit)	Notes
Networking Pass (11:30 AM – 5:00 PM)			Access to Panels and Vendor Area only.
Guest Networking Pass	$65.00	$85.00	Enjoy lunch; attend panels, workshops, visit vendors
Member Networking Pass	$45.00	$75.00	Enjoy lunch; attend panels, workshops, visit vendors
Full Conference Passes (8:00 AM to 5:00 PM, Breakfast, Lunch, Networking & Cake Break)			This includes all sessions, panels, main lobby and Vendor Sponsor areas
Early Bird Member (Register by Oct 31st)	$100.00	$100.00	Kit guaranteed.
Early Bird Guest (Register by Oct 31st)	$145.00	$145.00	Kit guaranteed.
Guest (After Oct 31st)	$145.00	$175 (if available)	Kit availability is not guaranteed after Oct 31st.
Member (After Oct 31st)	$100	$100 (if available)	Kit availability is not guaranteed after Oct 31st.
Student Member* up to 25 seats (LPC and High School Award winners Free with Code) All other students pay student rate.	$45	$75	Kit guaranteed. *Valid student ID required.
Volunteer Code (Register by Oct 1st)	$0.00	$0.00	Kit guaranteed.

ISC2 East Bay 2025 Fall Conference – The Long Game: AI-Driven Cyber Strategy in an Era of Global Disruption