Programs and Tracks

This track focuses on the people side of cybersecurity and privacy, where culture, communication, education, and creativity intersect to reduce human risk and build institutional defenses. Sessions will explore strategies for designing and delivering awareness programs, training initiatives, and human-centric interventions that resonate across campus and extend into our communities.

Discover how to deliver training and campaigns that promote secure behavior, and build a culture where responsibility is shared, not mandated. Sessions will cover topics such as security awareness campaigns, phishing and social engineering training, using generative AI, addressing insider threat, newsletters and campaigns, behavioral metrics and program assessment, security culture gamification, engagement strategies, privacy literacy, creative events and communications, and extending security awareness into community and personal contexts.

This track addresses the critical intersection of governance structures, regulatory compliance, and risk management in higher education. Sessions explore effective governance models that drive strategic alignment, accountability, and data-informed decision-making. Participants will examine responsible AI policy adoption, ensuring institutional data protection while advancing innovation.

The compliance component addresses diverse regulatory requirements, including FERPA, HIPAA, GDPR, CCPA, regulated research, export controls, and CUI. Practical guidance covers auditing practices, breach notification, and managing compliance across complex digital infrastructures.

Risk management sessions focus on cybersecurity risks, third-party vendor assessment, cloud service security, and supply chain risk, providing actionable frameworks for how risk assessment informs threat mitigation. Attendees from all institutional roles will gain strategies to strengthen governance, ensure compliance, calculate risk, and build programs that support the mission of higher education in an evolving regulatory landscape.

This track explores the leadership skills and strategies needed to build, sustain, and advance cybersecurity and privacy as institutional functions that span the entire fabric of higher education. Sessions examine how to secure resources, measure return on program investments, build effective teams, influence key stakeholders, build community and connection across institutions, and position security and privacy as enablers of institutional success.

Discover how to build high-performing teams in resource-constrained environments, support the mental health and well-being of cybersecurity and privacy professionals, lead remote and distributed teams effectively, and secure executive buy-in for critical initiatives. Sessions address organizational change management, cross-functional collaboration, developing security culture, advocating for resources, building strategic partnerships, and demonstrating how cybersecurity and privacy functions influence and support all areas of campus, from academics to research to student services.

This track explores technical strategies and operational improvements that enhance the effectiveness of cybersecurity operations and privacy programs through automation, streamlined processes, and innovative implementations. Attendees will discover practical approaches to consolidate security tool functionalities, improve visibility across their environment, and optimize day-to-day operations, from managing data inventory and privacy impact assessments to incident response and threat detection.

Presenters will share how they streamlined incident response workflows, automated request handling, managed alert fatigue, enabled credential rotation and secrets management, deployed infrastructure as code, updated asset inventories and SBOMs, and leveraged community resources and open-source solutions to drive cost-effective innovation. Sessions include case studies showcasing successful implementations and lessons learned. Topics also include student-powered security operations centers, integrating AI into security and privacy operations, optimizing detection and response pipelines, and adopting technical workflows that address the unique operational challenges of higher education environments.

This track provides technical deep dives into the evolving threat landscape and advanced defensive architectures for higher education. Designed for anyone seeking to understand how sophisticated attacks work and how to defend against them, sessions explore cutting-edge attack vectors, including AI-powered attacks, adversarial machine learning, ransomware evolution, and advanced persistent threats, alongside sophisticated defense mechanisms.

Attendees will examine zero trust architecture, privacy-enhancing technologies, secure AI/ML systems, post-quantum cryptography, secure enclaves, endpoint device management, and proactive intrusion and data loss detection strategies. Sessions explore lateral movement detection and prevention, indicators of compromise, kill chain analysis, penetration testing methodologies, threat hunting, threat intelligence, secure software development practices, data loss prevention, advanced persistent threats, mitigating zero-day and critical vulnerabilities, examining breaches for lessons learned, and architectural design patterns that balance open collaboration with robust protection.