Registration & Networking

Welcome/Introductions

The Forum is a collaboration point for the many member-driven professional associations across the region. Hear a brief introduction from Board Members of each of those InfoSec & Fraud Associations as we open the agenda

The State of Cybersecurity 2025: Mapping the Industry, Measuring AI’s Real Impact, and Making Sense of 4,550 Vendors [Discussion Pod #1]

Richard Stiennon, veteran analyst and industry provocateur will kick off the Forum, taking us on a data-rich tour of the entire cybersecurity industry—all 4,550 vendors, 660 subcategories, and $12 billion in recent funding. Drawing from his forthcoming book Security Yearbook 2025, Stiennon will share insights derived from two decades of studying cyber trends at Gartner and now IT-Harvest—the only firm systematically cataloging the global cyber vendor ecosystem.

This talk is not just about the numbers. Richard will break down the practical implications for executives:

• How to navigate a vendor landscape bloated with similar claims and vague value props
• Where AI is truly being built in cybersecurity—what’s real, what’s noise, and what agentic AI might change
• What vendor origin says about product capability, reliability, and alignment with enterprise needs
• Why vendor consolidation isn't the answer—and what to do instead

He’ll also spotlight key global dynamics, such as Israel’s IDF-fueled innovation engine, Germany’s vendor loyalty culture, and the emergence of AI Security as a distinct and fast-growing segment.

If you’ve ever asked “What should I actually be paying attention to in cybersecurity right now?”—this is your answer. This session will set the tone and context for the day, offering a strategic foundation for every discussion that follows.

#BuyTheBreach: How Cyber Failures Can Fund Your Future [Discussion Pod #2]

Chase Cunningham, Ph.D. the Author of “Buy the Breach: Hacking Failure for Market Success,” is also known to cyber leaders as  “Dr. Zero Trust.” He will lead a fun, informative, and thought-provoking talk which will lead into what should be an eye-opening discussion! 

In this talk, he shines a spotlight on one of cybersecurity’s most under-explored truths: the market *rewards* failure. Drawing from his groundbreaking book, Chase walks through how cybersecurity professionals—yes, you—can outperform hedge funds without ever learning complex finance. Just by applying the same analytical skills you use to track vulnerabilities and threat actors, you can spot profitable market patterns tied to breaches, outages, and incidents.

This isn’t theoretical: Chase will share real-world portfolio results, case studies from Marriott, Equifax, CrowdStrike, and others, and the exact strategy he uses to buy low during breach-triggered panic and ride the inevitable recovery wave.

Participants will learn:

• How to decode SEC 8-K filings like a forensic investor
• Why public outrage rarely translates to long-term losses
• What timing data shows about the “bounce” after a breach
• How to ethically profit from chaos—while still fighting the good fight

Then stay for the live *Buy the Breach* discussion with Chase, where he’ll answer tough questions, unpack recent breach-related trades, and offer practical guidance on turning your cybersecurity expertise into a market edge.

Bottom line: If you're already protecting companies from failure, why not learn to profit when others don’t? The game is rigged—this session shows you how to beat it.

Leading the Fight: Leading the Fight: Cybersecurity & Government Agencies [Discussion Pod #3]

In this talk, government agency leaders will share how they approach coordinated threat disruption, interagency collaboration, and executive-level response to cyber-enabled crimes.

When cybercrime intersects with national security, terrorism, cross-boarder issues, or financial stability, the US Secret Service, Department of Homeland Security, FBI and state fusion center (NJCCIC) step in—not just with investigations, but with leadership. Drawing from real-world cases—ranging from cryptocurrency scams to insider threats—RAIC Cerra will outline lessons learned for private-sector leaders.

What does it take to lead under pressure, across jurisdictions, and in defense of critical assets? In this fast-moving session, participants will get practical takeaways on how to elevate their cyber leadership posture—and why the most effective defenders think like protectors, not just responders.

Healthcare as the Proving Ground: AI, Cybersecurity, and the Future of Regulated Innovation [Panel]

Executive Panel - In this candid, discussion-driven session, three leading CISOs from major healthcare systems will share how their teams are balancing governance, compliance, data integrity, data governance and security while embracing AI.

Healthcare is one of the most highly regulated, risk-sensitive industries—and yet it’s also at the forefront of adopting AI and advanced cybersecurity practices. Hospital CISOs don’t have the luxury of waiting; they are already governing and securing generative AI platforms that enable improved outcomes and enable innovation.

Topics will include:

• The role of governance in helping control the sprawl of AI platforms
• The role of synthetic data in and data governance enabling secure AI training and clinical research
• Managing fragmentation from health tech startups and from AI migrating in from existing vendors
• Real-world lessons on safeguarding sensitive data, defending non-human identities, and avoiding the “compliance cliff” in fast-moving deployments

You’ll hear what’s working in practice, how healthcare CISOs prioritize risk when stakes include both lives and liabilities, and why enterprise leaders across finance, manufacturing, retail, and government should be watching this space closely.

If you want to understand where AI and cybersecurity are really converging, this is the session to attend. Healthcare may be the proving ground—but the implications are universal.

Panelists

• Douglas Copley, CISO - AtlantiCare
• Hugo Lai, CISO - Temple Health

Inside the Mind of the Adversary: Espionage, Negotiation, and the Battle for Digital Control [Discussion Pod #4]

Kurtis Minder has spent the last decade doing what most cybersecurity professionals only read about—negotiating directly with cybercriminals, including ransomware gangs, nation-state affiliates, and digital extortionists. As the founder and CEO of GroupSense, Minder built a world-class cyber espionage team, managing over 4,000 personas in multiple languages. He helped victims navigate headline-making ransomware attacks, and briefed everyone-from Congress to the Intelligence Community.

In this gripping, TED-style keynote, Kurtis draws from his new book, Cyber Recon, and his real-world experience leading some of the largest ransomware response efforts globally. He’ll walk attendees through the tradecraft of cyber reconnaissance, the nuances of engaging threat actors using mindful negotiation, and what it really takes to protect your organization in today’s hostile digital landscape.

Blending operational insights with personal stories—from fake identities like “Vinny,” to briefing Congressional subcommittees—Kurtis offers a rare, behind-the-scenes look at the human element of cyber conflict. Whether you lead security for a Fortune 500 or a regional bank, you’ll leave with concrete lessons on digital risk, negotiation, and resilience in the age of cybercrime.

Lunch & Solution Showcase Networking Discussions

Participants will enjoy a lovely full hot lunch while connecting with the thoughtful Solution Providers who are supporting the community at the Atlantic City CyberSecurity & Fraud Forum

Cyber-Conscious Leadership: Boardroom Issue vs. IT Problem [Discussion Pod #5]

Mark Sangster goes beyond the headlines and surface-level frameworks to expose the invisible forces that shape today’s most devastating breaches. Drawing from his books “Cyber-Conscious Leadership” and “No Safe Harbor,” Mark unpacks real-world case studies—ransomware attacks that began as innocent supplier emails, regulatory landmines triggered by seemingly minor missteps, and grey zone attacks that blur the lines between criminal and nation-state actors.

As cybersecurity is recognized as a board-level issue, what is less clear is how to lead effectively in a world where the threat landscape is shaped by geopolitics, systemic business vulnerabilities, and adversaries who don’t play by rules.

Leaders at the Forum will walk away with:

• A framework for identifying root-cause failures in security strategy—before they become front-page crises.
• Techniques to translate cyber risk into the language of business outcomes and executive accountability.
• Insights into the psychology of breach response—how leadership behavior can either reduce risk or deepen liability.
• Practical approaches to shift from reactive defense to proactive cyber resilience, with clear roles for boards, legal, and operations.

Not just about protecting your company—it’s about sharpening your strategic edge as an executive.

Government Cyber Agencies & the Public-Private Partnership [Discussion Pod #6]

Supervisory Special Agent Michelle Liu will share 2024 threat intelligence from the FBI’s national cyber program, including updates on ransomware recovery efforts, business email compromise, AI-enabled criminal tools, and the FBI’s role in supporting victims across industries. She’ll highlight real-world examples and underscore how early reporting and collaboration can lead to faster response and even cryptocurrency recovery.

As cyber threats evolve—from AI-powered voice cloning to digital currency-based ransomware—so too must the partnerships built to defend against them. In this joint session, attendees will hear directly from the FBI Newark Field Office’s Cyber Division and leaders from the New Jersey InfraGard Members Alliance, a critical public-private partnership for protecting U.S. infrastructure.

Joining the session are representatives from InfraGard NJ, who will explain how their organization connects cybersecurity professionals with government experts to strengthen community resilience and critical infrastructure protection. Attendees will learn how to get involved, what data can be safely shared, and why InfraGard’s model of trusted collaboration is more relevant than ever.

Whether you're in finance, healthcare, energy, or education, this session offers practical insights and concrete steps to deepen your engagement with law enforcement, reduce response times, and build a safer digital ecosystem.

It’s Not Just Bad Hygiene—It’s Criminal Negligence [Discussion Pod #7]

What the Largest Bank Fine in U.S. History Means for Cybersecurity Leaders

IRS-Criminal Investigations will talk us through what started as a routine money laundering investigation and then became the largest criminal BSA case in U.S. history: TD Bank pled guilty and paid a record-breaking $3 billion fine for failing to detect and report financial crimes between 2018 and 2024. But this wasn’t just a banking compliance failure—it was a breakdown of fundamental controls that cybersecurity teams should recognize as eerily familiar: weak identity verification, outdated monitoring tools, no internal escalation, and massive blind spots in onboarding.

With the passage of the AI Clarity Act and GENIUS Act, any company involved in digital asset transactions—especially fintechs and crypto-related entities—will now fall under the Bank Secrecy Act (BSA). That means cybersecurity functions may be criminally liable if they fail to detect malicious or illicit behavior.

This session reframes cybersecurity risk from “fear of breach” to fear of prosecution. If your organization touches crypto, stablecoins, or manages digital financial flows, this talk is your wake-up call. Learn what went wrong at TD, how BSA violations can stem from cyber failings, and what proactive cyber leaders should do now to protect not just their companies—but themselves.

Cyber-Fraud Fusion: Why the Future of Fraud Prevention Is a Security Strategy [Discussion Pod #8]

Fraud is no longer just a cost of doing business—it’s a security issue. More organizations are merging fraud prevention and cybersecurity into unified teams and frameworks to confront shared threats more effectively. This session explores the rise of Cyber-Fraud Fusion, where cyber threat intel, identity protection, and fraud operations are integrated to create a layered defense.

We’ll highlight how enterprises across industries are shifting from reactive fraud tools to proactive, intelligence-driven strategies—using concepts like the Cyber-Fraud Kill Chain to identify and disrupt attacks earlier. Attendees will gain a practical understanding of how convergence improves detection, response, and cross-functional coordination.

Degrees, Certs & Entry-Level Grit: What Cyber Grads Can (& Can’t) Do For You
[Panel]

This panel discussion features a real-world exchange between cyber educators and industry leaders. Professors will share how they’re designing programs with hands-on labs, industry-funded projects, and even high school hackathons. CISOs and CTOs will weigh in on the “last-mile” problem: grads with zero experience, mismatched expectations, and a professionalism gap that’s hard to ignore.

With over 700,000 unfilled cybersecurity jobs in the U.S., you’d think the hiring problem would solve itself. But here’s the rub: cybersecurity programs are churning out grads, and CISOs still ask, “What can they actually do on day one?” Are they SOC-ready? Do they understand fraud prevention, governance, compliance—or even what cybersecurity is?

We’ll dig into big questions:

• Are four-year degrees still the gold standard—or are certs and bootcamps the smarter play for mid-career upskilling?
• How do you hire interns and set expectations when “everyone is busy”?
• What can companies do (without breaking budgets) to actually shape the talent pipeline?
• And how can we close the generation gap without lowering the bar?

Come for the honest dialogue, stay for the practical takeaways—and leave with a few ideas for fixing a system that isn’t working for educators, employers, or students.

Trust, Verify, and Authenticate: Securing the Edge in a New Era of Operational Threats [Discussion Pod #9]

Dr. Robert Riegle—former DHS Director and national intelligence expert—will challenge participants to rethink how authenticity, attribution, and assurance must be redefined at the device and data layer.  In today’s environment of AI-driven disinformation, autonomous systems, and rising threats to critical infrastructure, the old model of “trust but verify” no longer cuts it. We must now verify before we trust—especially when it comes to operational technology, hardware identity, and machine-level decision-making.

In this provocative talk, he will be drawing on his national security background and work with emerging identity technologies, Dr. Riegle will explore how edge devices, autonomous systems, and even supply chains must be provably trustworthy to support U.S. counter-terrorism, counter-intelligence, and cybersecurity goals.

Following the talk, a moderated discussion will open the floor for participants to explore practical implications—how to support policy shifts, certify device lineage, and adopt technologies that “burn in” authenticity at the point of creation.

The Next Mission: Turning Insight Into Impact

In Closing - We’ve heard from the spies and the scientists. The agents and the analysts. The CEOs, strategists, and storytellers. Now, as we close the 2nd Annual Atlantic City CyberSecurity & Fraud Forum, we return to the reason we came together in the first place: to make a difference.

In this final session, we’ll recap the boldest ideas, sharpest warnings, and most actionable takeaways shared throughout the day—from ransomware negotiation tradecraft to the market forces behind cyber failures, from AI-fueled attacks to law enforcement collaboration models that actually work.

But more than a summary, this is a call to action. Whether you’re protecting a regional bank, a global enterprise, or your local community college’s network, the mission is the same: build trust, verify identity, out-think the adversary—and never go it alone.

Join us to reflect, reconnect, and recharge for what comes next. Because the future of cybersecurity and fraud prevention isn’t just about staying ahead of threats—it’s about leading with purpose, and leaving with a plan.

Closing Discussion & Networking

Stay & Connect: Informal Networking + Solution Showcase
Before hitting the road, grab a coffee and take time to connect. Trade insights with peers, chat with Solution Providers, and follow up on the ideas sparked throughout the day.

No panels, no pitches—just real conversations to wrap things up right.