Talk Schedule - November 15th 2025
NOTICE: All Talks and Events are at The University of North Florida, University Center, located at: 12000 Alumni Drive, Jacksonville, FL 32224
Please check the posted schedule for updates. The schedule is subject to change.
Talks
| How to build an effective phishing program |
|
Phishing attacks remain one of the most pervasive and successful tactics used by cybercriminals to get into organizations. But how do you create a phishing awareness program that goes beyond checking boxes and truly changes behavior? In this presentation, we’ll dive into the art and science of building an engaging, effective phishing program that empowers your workforce to recognize and respond to threats. Speaker: Timothy De Block |
| Unlocking the Secrets of then Mystery-Word Game: A Journey Through NLP and Genetic Algorithms |
|
This session introduces the basics of Natural Language Processing and word embeddings, highlighting their application in popular online games like Semantle. Discover how genetic algorithms can enhance game performance by creating an intelligent player that guesses the mystery word based on semantic similarity. We will explore the game's mechanics, learn the principles of genetic algorithms, and present a live demonstration of our AI player in action. Gain insights into the broader implications and future potential of integrating these advanced technologies. Join us to explore the innovative intersection of NLP, AI, and game design.
Speaker: Eyal Wirsansky |
| AI at Altitude: How American Airlines AURA System is Rebooking Passengers with Predictive Automation |
|
In 2023, American Airlines quietly deployed an AI-powered system called AURA (Automated ReAccommodation) to preemptively rebook passengers it predicted would miss connecting flights. Built on machine learning models that analyze real-time operational data, AURA acts autonomously rerouting travelers mid-flight, reallocating seats, and triggering downstream logistics, all before the passenger ever arrives at the gate.
Attendees will leave with a high-level understanding of how AURA works, the implications of real-time automation, and what this could mean for future human-AI coordination. Speaker: Dr. Arsh Arora, Ph.D. and Heather Papoulis |
| Shifting Left and Right: A TMACApproach to Architects and Devs |
|
Traditional threat modeling is confined to either high-level design documents using tools with reports, providing friction between development lifecycle and security assessment. This talk presents a novel, integrated Threat Modeling as Code (TMAC) approach that combines the OWASP pytm and Threatspec to achieve Secure by Design. Proposed method establishes a single, version-controlled source of truth by analyzing a system's architectural design via pytm and capturing feature-specific threats directly in source code annotations via Threatspec. This dual-layered strategy automates threat identification across design and implementation, generating detailed threat reports and contextual misuse cases that serve as actionable security requirements for developers. The demo will show an integrated framework that not only shifts security left but also provides a full-stack threat model that scales with modern development, enabling integrated communications between architects and developers to build more resilient software. Attendees will learn how to implement this hybrid TMAC model, moving beyond theoretical exercises to create continuous, contextual, and impactful security practices. Speaker: Souryadip Sengupta |
| You won't belive what the client said! |
|
Secure Ideas consultants Jennifer, Kathy, and Kelly will share real-world experiences that highlight both the serious lessons and the lighter side of working in security consulting. Attendees will gain practical insights into best practice and learn how to navigate unexpected situations. Speaker: Jennifer, Kathy, and Kelly |
| AI: Making Us Efficient, Lazy... or Just Efficiently Lazy? |
|
AI is everywhere—writing our texts, planning our days, even thinking ahead for us. But is it making us productivity pros or just really good at doing nothing? This session takes a fun, insightful look at how AI is changing our habits, helping us work smarter… and maybe slack smarter too. Let’s find out if we’re winning with AI—or just letting it win for us. Speaker: Dr. Arsh Arora, Ph.D. |
| Women In Technology (WIT) Pannel |
|
Paranoia. Just saying those words gives me chills and probably you as well. It is something we deal with every day in the IT industry, but like all of the other elephants in the room, we do not discuss it. Let’s explore healthy levels, pros and cons of paranoia with a panel of IT Security Ladies! Paranoia is both good and bad. However it is not something we like to discuss. The word paranoia has such a negative stigma attached to it. Yet day after day we deal with it. The idea is scary, but it does not have to be. The word paranoia gives most people chills and possibly for good reason. Let’s hash out paranoia with an expert panel of women and get their take on the good, the bad and the ugly of paranoia in the IT industry and more specifically IT security as a whole. Because we need to face and in some ways it can be healthy. We will start by introducing the panel and then explore paranoia from the following perspectives: Paranoia with clients and vendors (* may add subtopics) Paranoia, what's a healthy level Databasing, Data analytics, and security of Data Our social media accounts Questions you have been asked by your clients, vendors, coworkers, etc. Cybersecurity training, vigilance, and the importance of the role paranoia plays in them Let our expert panel of 5 women help you understand the advantages and disadvantages of paranoia as well as determining a healthy level for all of the people in our daily lives like our vendors, customers, co-workers, clients, family, etc. And let’s build better relationships both because and with it. Panelists:
Moderator: Brandi Kiehl |
| Building Better Security Tooling: Using Human Centered Design to Build and Deploy Effective Security Tools |
|
This topic is about improving the effectiveness of security tools by putting the end users at the center of the design process. Too often, security tooling is built around technology capabilities or compliance requirements, which can result in tools that are technically powerful but difficult to adopt, disruptive to workflows, or ignored by teams. Key Ideas: Using human centered design to reduce risks Speaker: Spencer Hawkins |
| Prompt Engineering 101: Practical AI Skills for the Security Professional |
|
As generative AI continues to reshape workflows across the tech landscape, information security professionals are uniquely positioned to benefit from, and defend against, its capabilities. This talk demystifies the fundamentals of prompt engineering, offering attendees a practical understanding of how large language models interpret input, why prompt phrasing matters, and how different models (GPT, Claude, LLaMA, etc.) behave under varied conditions. Speaker: George Raileanu |
| CISO Panel |
|
Topic to be announced closr to the conference. Panelists:
Moderator: Taryn Swietek, Executive Cybersecurity & Risk Leader, Google |
| Making Your Analytics Make Sense |
|
Helping small business owners understand their social analytics in a way that let's them tell and story and attract customers that are looking for businesses like them. Speaker: Trishatrying |
| Guardians of Tomorrow: AI, Risk, and The Human Element |
|
The world is fueled by vibes, filled with unknowns and uncertainties, putting everyone on edge. Everywhere you turn, people predict that we are six months away from major disruption and a year away from massive job losses, and yet, developers are churning out vulnerable applications at an alarming rate. Software is becoming increasingly manipulable with significantly reduced visibility, and developers may not know what code will execute at runtime. This is the environment in which modern security professionals find themselves. Speaker: Nathan Hamiel |
| The Puzzle with missing pieces: Fundamentals of Threat Intelligence |
|
Using the investigative process, this talk will offer an overview of threat intelligence analysis fundamentals and tradecraft. I will emphasize the need for both technical and strategic thinking, checking bias, analysis considerations using an example investigation that takes listeners from an IOC to complete intelligence picture. Speaker: Madeline Sedgwick |
| People, Process, and Technology. What is Missing in Cybersecurity? |
|
In a world led by Information Technology setting the standard around People, Process, and Technology, where do organizations miss the mark when it comes to building their cybersecurity programs. We all think we know what we need but what are some areas that we didn't realize we needed. In this presentation we will explore the 3 main areas and identify some areas that could help enhance a cybersecurity program. This is a discussion that creates interaction from all levels of experience to create a collaborative session on how we can build a stronger cybersecurity program. The key is: there is no wrong answer. The audience will learn the core pillars that go into building a cybersecurity program. These are People, Process, & Technology. We will then delve into the areas that could strengthen programs through interaction with the audience from all experience levels. This will allow for a sense of community, learning, and enlightenment on what needs to be considered. The key topics are People, Process, & Technology. People - What does it take to build a team based on the organization and how budget plays into that. Process - a quick look into the important pieces of what a Policy, Standard, & Guideline are and why they are important. Technology - A cursory look into the most known technologies being used today for cybersecurity programs. Speaker: TJ Zimmer |
| Build it, Break it, Harden it, Repeat! Learning DevSecOps Skills at Home to Boost Your Resume! |
|
Hackers hack, defenders defend—but what is the role of InfoSec in a developer's world?
Whether you're a developer, sysadmin, SOC analyst, or infosec newcomer looking to break out of the “red team vs. blue team” mindset—this talk will show you how to build, break, and secure modern infrastructure *from your home lab*. Speaker: Christian McLaughlin |
| 3D Shader Programing on Shadertoy |
|
Learn how to raymarch SDF (signed distance field) primitives to create sophisticated 3D visuals with very little code Speaker: Kyle Pena |
| The Algorithmic Self: Reclaiming Identity in an AI-Driven World |
|
When I first started speaking on social networking, I focused on the curated, often-unrealistic lives we project online. But something has changed. It's no longer just us doing the curating; it's the algorithm. And with the rise of AI, this has created a new, deeper kind of imposter syndrome—what I call the "Algorithmic Self." . Speaker: Carmen Estela |