IT SUMMIT 2025
Cybersecurity for a Complex, Unpredictable World
September 10th and 11th, 2025
Hosted by SynerComm at Potawatomi Hotel and Casino
FEATURED TOPICS:
ARTIFICIAL INTELLIGENCE
CYBERSECURITY
DIGITAL AND BUSINESS TRANSFORMATION
EMERGING TECHNOLOGIES
STRATEGIC PLANNING AND EXECUTION
IT Summit 2025 is the event you don’t want to miss! Join our industry experts and your peers as we discuss these topics and many more:
- Expanding Attack Surfaces, Aged Infrastructure, and Technical Debt
- Identity-First Security & Zero-Trust Strategies
- Enabling the AI-powered Enterprise
| Traditional Approach | Modern Approach |
| Annual Assessment | Continuous Validation |
| Vulnerability Management | Attack Path Management |
| Compliance-Driven | Risk-Driven |
| Technical Focus | Business Impact Focus |
| Tool-Centric | Adversary-Centric |
Earn CPE credits while having fun and networking with industry visionaries. Register now and invite your colleagues to join us!
When: Wednesday September 10th 1 PM CST – 7.30 PM CST & Thursday September 11th 8.45 AM CST – 5.00 PM CST, 2025
Where: Potawatomi Hotel & Casino
1721 W Canal St, 3rd Floor, Milwaukee, WI 53233
Audience: Leadership, Architectural, and Operational professionals in medium to large enterprises and service providers. Attendance is free of charge and limited to qualified attendees only.
Don’t forget to register for IT Summit today
Topics
Infrastructure & Operations
🟦 Blue Track – Infrastructure & Operations
The following sessions are featured at IT Summit for this topic. Click each to learn more.
Announcing Soon
Assessing & Validating Controls
Monitor and validate exposures in your attack surface withSynerComm’s Continuous Pentest (CPT) powered by CASM®– the best of machines and humans
🟧 Orange Track – Assessing & Validating Controls
The following sessions are featured at IT Summit for this topic. Click each to learn more.
Announcing Soon
Keynote Speakers
Eric Olson
Cybersecurity Leader | Author & Speaker | Investor & Advisor
Tom Wilburn
Global VP Campus & Branch Networking @ Juniper Networks
Patricia Titus
Field CISO – Abnormal AI
Schedule
Sept 10th, 12:15pm-7:30pm
12:15pm
Doors Open
Solution Fair
12:15pm-7:30pm
Visit SELECT and GOLD business partners who are on-site and available to share the latest in IT solutions.
1:00pm
⭐ Keynote Session
1:00pm-2:55pm in Serenity Room
3:30pm
3:30pm-5:30pm in Harmony Room
4:10pm
4:50pm
5:30pm
Food & Refreshments
5:30pm-7:30pm
¹ Space and materials are limited. Must register in advance to attend.
Sept 11th, 8:00am-4:45pm
8:00am
Doors Open
Solution Fair
8:00am-3:00pm
Visit SELECT and GOLD business partners who are on-site and available to share the latest in IT solutions.
8:45am
⭐ Keynote Session
8:45am-10:20am in Serenity Room
10:50am
11:25am
11:55am
Lunch
11:55am-1:00pm
1:00pm
1:30pm
2:10pm
2:50pm
3:30pm
4:10pm
Closing Remarks
4:10pm-4:45pm in Serenity Room
🎟️ Business Partner Raffle
Must be present to win!
¹ Space and materials are limited. Must register in advance to attend.
Don’t forget to register for IT Summit today
Select Partners
Gold partners
Lodging
SynerComm has partnered with the Potawatomi Hotel, located in the same building as the event venue, to offer attendees a discounted room block.
To book your room:
Online:
- Visit https://reservations.potawatomi.com
- Select desired dates (event occurs Sept 10-11)
- Discount is automatic if using the above link
By Phone:
- Call 1-800-729-7244
- Mention offer code SYN2025GRP
Session Details
Keynote Speakers – Day 1
Time
Wednesday, September 10, 2025
1:10pm
Through a Lens Darkly: Seeing yourself as the adversaries see you is the best way to understand your risk
Today’s attackers enjoy infinite infrastructure, leverage AI-assisted coding and have no concern for consequences. They can scan the entire internet in a day and can exploit a new flaw simultaneously worldwide. Meanwhile, defenders are constrained by the needs and priorities of running their business. In this candid keynote, Eric Olson, one of the original pioneers of cyber threat intelligence, presents a clear-eyed view of the structural asymmetry in modern cyber conflict—and why looking at yourself through the eyes of your attackers is actually the best way to understand your exposure and prioritize defensive actions.
AI is transforming NetOps and SecOps
Description coming soon
Speakers
Eric Olson – Cybersecurity Leader | Author & Speaker | Investor & Advisor
Eric Olson has been at the forefront of cyber intelligence and threat detection for over two decades. One of the earliest team members at Cyveillance in the early 2000s, Eric helped pioneer some of the world’s first large-scale OSINT and cyber intelligence capabilities—tools that laid the groundwork for today’s cyber defense operations.
Today, he leads cyber threat detection and response for a US airline where he applies whole-system thinking to protect millions of passengers and one of the world’s most recognized travel brands. A business leader by training and a security expert by evolution, Eric brings a rare blend of strategic insight, technical depth, and human-centered leadership to every stage he takes.
Eric’s passion is helping others navigate the complex, high-stakes world of security and technology with clarity, humor, and actionable wisdom. His talks draw on real-world lessons from startups, boardrooms, SOC floors, and high-impact incident response teams—and are infused with the same sharp insight and storytelling found in his new book, The Toilet Paper Principle: A funny little book about the overlooked human side of incident response.
Keynote Speakers – Day 2
Time
September 11, 8:50am
The AI Imperative: A CISO’s Guide to Leading with Boldness, Security, and Purpose
Artificial intelligence is no longer on the horizon — it’s here, and CISOs are uniquely positioned to shape how it’s adopted, governed, and secured. In this provocative keynote, Patricia Titus challenges security leaders to see AI not as a threat, but as a strategic opportunity to influence enterprise innovation and resilience. We’ll explore the critical role of behavioral AI in modern defense strategies, offering new layers of protection through contextual intelligence and anomaly detection that surpass traditional models. From building governance frameworks with “human in the loop” to preparing for emerging roles like AI Security Architect and Engineer, this session will equip you to guide AI adoption with confidence, clarity, and purpose. The message is clear: Think big. Be bold. And ensure your organization moves forward securely — and ethically — in the age of AI.
Speakers
Patricia Titus, Field CISO at Abnormal AI, has over 25 years of CISO experience in both the public and private sector. Known for her expertise in risk management, AI, cybersecurity operations, and crisis management, she has optimized security, enhanced resilience, and integrated AI into security programs. Titus also serves on the board of directors of Black Kite and The Girl Scouts of the Commonwealth of Virginia.
Cyber Resilience: Shifting from Risk to Readiness
by
Time
September 10, 3:30pm
Abstract
In today’s dynamic threat environment, traditional risk management approaches are no longer enough to keep organizations secure. Tia Hopkins, Chief Cyber Resilience Officer & Field CTO at eSentire, will share how adopting a cyber resilience mindset enables organizations to anticipate, withstand, and recover from cyber disruptions while ensuring business continuity. She will highlight the role of Continuous Threat Exposure Management (CTEM) as a key driver in transforming security strategies from reactive to proactive. Attendees will gain insights into the core pillars of cyber resilience and leave with a clear understanding of how to navigate modern threats with confidence and agility.
Speaker
Tia is a Cybersecurity Executive who has spent the past 20+ years of her career in various IT and IT Security roles with over a decade of experience in the managed services space. Her work focuses on helping organizations achieve cyber resilience through effective and efficient combinations of people, process, and technology; as well as influencing the rapid transformation and market value of high-growth, disruptive cybersecurity start-ups through market research and education, thought leadership and evangelism, product messaging, competitive differentiation, and roadmap guidance.
Automating Data Security: Cutting Through Complexity with AI-Driven Governance
by
Time
TBD
Abstract
Details coming soon
Speaker
Securing the Core: Modernizing Data Protection with Intelligent DNS and Network Visibility
by
Time
TBD
Abstract
Details coming soon
Speaker
AI-Driven Defense: Transforming Cybersecurity with Next-Gen Platforms
by
Time
TBD
Abstract
The cybersecurity arms race is accelerating – attackers adapt, cloud adoption surges, talent remains scarce. This evaluator’s guide highlights where the network and cloud security platform market stands today and where it’s headed. Learn how AI-powered automation, unified platforms, and integrated threat intelligence solve today’s security complexity and talent shortages. Discover must-have features for CISOs, leading-edge functionality, and how to future-proof your defenses as security operations shift from human-led to machine-augmented and cloud-native.
Speaker
Runtime Resilience: Elevating Cloud Security with Next-Gen CNAPP Solutions
by
Time
TBD
Abstract
As cloud-native architectures accelerate, runtime security is a critical blind spot for enterprises. This session unpacks the evolving CNAPP market—solving complex cloud risks across workload protection, posture management, API and container security. Discover must-have features like unified detection and response, identity and vulnerability management, and automated remediation. Explore emerging capabilities shaping the future of cloud security, ensuring your teams stay ahead in the dynamic, high-risk environment of multi-cloud runtime defense.
Speaker
Autonomous Endpoint Management: Real-Time Control and Risk Reduction for Modern IT Environments
by
Time
TBD
Abstract
Enterprises face rising complexity and risk with diverse endpoints and evolving threats. This session explores how autonomous endpoint management platforms deliver real-time visibility, control, and AI-driven automation across endpoints, cloud workloads, and on-premises assets. Gain an evaluator’s guide to solving critical IT and security challenges today—accelerating patching, threat hunting, compliance, and incident response—with insights into must-have and nice-to-have features shaping the future of agile and confident security operations.
Speaker
AI-Powered Network Automation: Elevating Observability and Security for Complex Hybrid Environments
by
Time
TBD
Abstract
As enterprise networks grow in scale and complexity, AI-driven network automation and observability platforms address critical challenges in real-time visibility, security, and operational efficiency. This evaluator’s guide explores how these solutions solve core issues like manual troubleshooting, change risks, and security gaps. Discover must-have features such as dynamic network mapping, intent-based automation, and AI-assisted diagnostics, plus nice-to-have capabilities shaping the future of resilient, secure, and autonomous network management in hybrid and multi-cloud ecosystems.
Speaker
Risk INSIGHTS: Securing Funding for Security Investments
by
Time
September 11, 2:50pm
Abstract
Do you encounter difficulties in justifying cybersecurity investments in projects and personnel to your organization? If you are seeking strategies to enhance communication and demonstrate the value of cybersecurity initiatives, this session will be of interest. Join us to explore and discuss case studies showcasing how security teams have effectively improved understanding and alignment with business objectives regarding past, current, and future cybersecurity investments.
Speaker
Marc Spindt has 30 years of Carrier, Large Enterprise, and Service Provider technical, operational, and organizational experience. Marc has worked with SynerComm for 12 years delighting customers with IT organizational improvement and actionable strategic planning. Marc has a BS in Computer Science, an MBA, and he served in the U.S. Air Force. Marc has a long history of building and maturing technology and security services and organizations in industries including Financial Services, Defense Contracting, and Healthcare.
Network INSIGHTS: Ready for the Impending Network Engineer Shortage?
by
Time
September 11th, 2:50pm
Abstract
Recent surveys of Chief Information Officers indicate a projected 25% decrease in network engineering staff over the next three to five years, largely due to retirements and a limited pool of qualified replacements. Reliable, high-performing networks are essential to business operations. Is your organization prepared for this shift? We invite you to join a discussion on how proactive organizations are responding, leveraging rapid assessments to better understand technical debt, and evaluating network architecture, resilience, and maintainability to ensure future readiness.
Speaker
Aaron has over 15 years of information technology (IT) experience, operating in the complete lifecycle of Information Technology. He works on projects, designing and implementing multiple solutions across various platforms, supports and improves operations, and drives effective transitions to new infrastructure and technology. Aaron is a “Full Stack” consultant experienced with Scripting & Development, Cloud (AWS and Azure) & Systems, and Network & Security.
Converged Infrastructure INSIGHTS – Security and Network Teams Coming Together
by
Time
September 10th, 4:10pm
Abstract
Security and Network infrastructure is converging to address modern business needs: business services in multi-cloud environments, users working from anywhere, and zero trust security require new network and security approaches. Software-defined networking (e.g., SD-WAN) and Secure Access Service Edge (SASE) solutions are growing in popularity to address these needs and are also challenging traditional network and security team roles. Join us to explore the benefits of these technologies, some common challenges, and how organizations are working through them.
Speaker
Aaron has over 15 years of information technology (IT) experience, operating in the complete lifecycle of Information Technology. He works on projects, designing and implementing multiple solutions across various platforms, supports and improves operations, and drives effective transitions to new infrastructure and technology. Aaron is a “Full Stack” consultant experienced with Scripting & Development, Cloud (AWS and Azure) & Systems, and Network & Security.
Firewall INSIGHTS: Are You Maximizing the Value of Your Current Security Investments?
by
Time
September 11, 11:25am
Abstract
As business needs evolve, threat landscapes shift, and security controls advance at a rapid pace, firewalls remain essential components in safeguarding organizational assets. Despite their critical role, some organizations may overlook the full potential of firewalls within their security frameworks. This session will address how organizations are systematically identifying and addressing gaps in their firewall systems by continuously aligning them with best practices and specific business requirements.
Speaker
Andy Piché has over 20 years of hands-on experience working on security, networking, data center, and cloud-based solutions. Andrew is experienced working with Palo Alto, Juniper, and Cisco equipment in enterprise, service provider, and data center environments. He has delivered solutions and supported customers in Enterprise, Carrier, Commercial and Government organizations.
Andrew has developed, operated, and supported security, networking, and application delivery solutions using a variety of products from multiple vendors. He is a Palo Alto Certified Network Security Consultant (PCNSC) since 2018 and is the lead in firewall migrations, Best Practice Assessments, and training. He has developed and supported solutions ranging from implementing network security and segmentation to server/system virtualization solutions, support for application load balancing and network segmentations via the F5 solution extend Andrew’s experience beyond traditional firewall skill sets. As a Senior Information Solutions Consultant for SynerComm, Andrew has the background, experience, and customer-focus to treat each customer as though they are SynerComm’s only customer.
Production Deployment INSIGHTS: Making your next network configuration production change a non-event
by
Time
September 11, 2:50pm
Abstract
Development, Test, Non-Production, UAT, and Production environments are standard in DevOps and application workflows. However, replicating these multiple environments within network infrastructures is seldom practical due to the significant costs and complexities involved. As a result, organizations often rely on extended maintenance windows and may face repeated rollbacks of network changes when issues arise. Advances in technology now enable the testing and validation of production network changes prior to implementation, significantly increasing the likelihood of successful updates. Many organizations have adopted such practices with notable results. We invite you to join our discussion on effective strategies for optimizing network change management.
Speaker
Andy Piché has over 20 years of hands-on experience working on security, networking, data center, and cloud-based solutions. Andrew is experienced working with Palo Alto, Juniper, and Cisco equipment in enterprise, service provider, and data center environments. He has delivered solutions and supported customers in Enterprise, Carrier, Commercial and Government organizations.
Andrew has developed, operated, and supported security, networking, and application delivery solutions using a variety of products from multiple vendors. He is a Palo Alto Certified Network Security Consultant (PCNSC) since 2018 and is the lead in firewall migrations, Best Practice Assessments, and training. He has developed and supported solutions ranging from implementing network security and segmentation to server/system virtualization solutions, support for application load balancing and network segmentations via the F5 solution extend Andrew’s experience beyond traditional firewall skill sets. As a Senior Information Solutions Consultant for SynerComm, Andrew has the background, experience, and customer-focus to treat each customer as though they are SynerComm’s only customer.
DNS Security INSIGHTS: Everything Relies on DNS, Every Bad Actor Seeks to Exploit It
by
Time
September 10, 4:10pm
Abstract
Tunneling, spoofing, cache poisoning, DGA domains, fast flux, and distributed denial-of-service (DDOS) attacks are just some of the threats facing the Domain Name System (DNS), which is a critical component of modern infrastructure and a frequent target for cyberattacks. Despite its importance, DNS-related risks are often not fully understood and remain only partially mitigated by current security measures. In this session, we will examine the specific risks that DNS vulnerabilities pose to your business and provide examples of how other organizations have effectively addressed these challenges.
Speaker
Lisa Niles has over 30 years of experience working in security and networking. Lisa’s specialization is understanding the customers business needs and mapping to the correct security controls.
Lisa experience provides for vast knowledge in many different network environments. The ability to understand business and technical needs and map to various different vendor solutions to achieve desired results. Lisa helps customers understand and improve their network security and implement Industry Best Practice Security Controls Frameworks such as CIS, NIST, PCI DSS, ISO. The ability to help customers integrate and navigate to Frameworks help customers mature, measure and validate their security environment.
Operational INSIGHTS – Optimize Your Infrastructure to Support Your Organization, Not Constrain It
by
Time
September 11, 3:30pm
Abstract
Network and security infrastructure evolve over time and across different management teams as organizations respond to changing business requirements. This evolution can lead to substantial and operationally complex network and security debt. Can legacy infrastructure solutions effectively address future challenges and resolve this accumulated debt? Here, we will examine specific cases and explore how certain organizations have strategically addressed both technical and security debt by updating their infrastructure to enhance manageability and better align with organizational objectives.
Speaker
Off the Grid and On the Mesh: Hands On with Meshtastic and Decentralized Communications
by
Time
September 11, 1:00pm
Abstract
In this workshop, participants will build, flash, and configure their own Meshtastic devices using ESP32 and LoRa hardware. Meshtastic is an open-source project that enables long range, off grid communication through encrypted mesh networks, making it ideal for field operations, emergencies, or tactical scenarios where cellular and Wi Fi are unavailable or untrusted. We will explore how the technology works, including Bluetooth and Wi Fi pairing, GPS tracking, message routing, and device configuration. Participants will leave with a working device and the knowledge to build and extend their own decentralized mesh networks. Along the way, we will also discuss the real-world use cases and security considerations for this type of low power communication infrastructure.
Space is limited: contact [email protected] to reserve your spot today!
Speaker
Ryan brings over eighteen years of red and blue team experience. Ryan started his career in 2007 as a System Administrator for a large health insurance corporation. Ryan earned his CISSP in 2011 and has been working in offensive security ever since. Prior to starting at SynerComm, Ryan spent three years on an internal red team for a Fortune 1000. Ryan also spent several years working in offensive and defensive security roles for the U.S. Department of Defense and Department of Education contractors.
Ryan has a broad and diverse security background with a specialization in web application testing. His multiple security roles have allowed him to pick up Network, Development, and Systems Administration capabilities. Ryan has worked with Development teams to deploy security solutions that integrate with their CICD pipelines.
Ryan also has experience deploying, customizing, and maintaining enterprise-level security tools such as Splunk, PaloAlto, CrowdStrike, FireEye, Snort, and Nessus. Ryan also has a strong background in intrusion detection and development of custom IDS rules.
The AI Attack Surface – What Every Security Team Should Be Testing
by
Time
September 11, 11:25am
Abstract
AI-powered apps bring new risks that traditional security testing often misses. This session reveals how glue code, APIs, plugins, and wrappers around LLMs create attack surfaces for prompt injection and over-permissive actions. Learn how penetration testers—and attackers—use AI to speed exploit development and reconnaissance, and why point-in-time reviews fall short. Whether building or defending AI, you’ll leave knowing what to test, where to start, and how to stay ahead.
Speaker
Ryan brings over eighteen years of red and blue team experience. Ryan started his career in 2007 as a System Administrator for a large health insurance corporation. Ryan earned his CISSP in 2011 and has been working in offensive security ever since. Prior to starting at SynerComm, Ryan spent three years on an internal red team for a Fortune 1000. Ryan also spent several years working in offensive and defensive security roles for the U.S. Department of Defense and Department of Education contractors.
Ryan has a broad and diverse security background with a specialization in web application testing. His multiple security roles have allowed him to pick up Network, Development, and Systems Administration capabilities. Ryan has worked with Development teams to deploy security solutions that integrate with their CICD pipelines.
Ryan also has experience deploying, customizing, and maintaining enterprise-level security tools such as Splunk, PaloAlto, CrowdStrike, FireEye, Snort, and Nessus. Ryan also has a strong background in intrusion detection and development of custom IDS rules.
Blending AI, Automation and Human Expertise for Superior Protection
by
Time
September 10, 4:10pm
Abstract
As cyber threats evolve, so must our defenses. This session will explore how modern paradigms—like continuous protection, validation of vulnerabilities, and realistic readiness drills—are reshaping information assurance. Drawing on real-world examples will demonstrate how organizations can shift from intermittent checks to proactive, resilient strategies. Learn how to elevate your security program to stay ahead in an ever-changing threat landscape.
Speaker
With three decades of immersion in the cybersecurity realm, Brian’s journey has been marked by a steadfast commitment to enhancing information security. Leading the AssureIT division at SynerComm, Inc, his team excels in delivering top-tier security audits, risk assessments, and penetration testing services.
Setting the Table
by
Time
September 11, 3:30pm
Abstract
In this interactive session, we will explore how the efforts of incident response, disaster recovery, and business continuity are all merging to provide what the business is really after: resilience. Utilizing tabletop exercises to unite these areas is similar to a conductor bringing together the musical families that comprise a symphony. Participants will be involved in a discussion of how tabletops should be designed for all phases of an organization’s maturity; from those that have never performed a tabletop, to those that have been doing them for years, and will go through the building and execution of a sample tabletop exercise together.
Speaker
Policy vs. Practice: How Strong Password Policies Lead to Weak Passwords
by
Time
September 11, 2:50pm
Abstract
Password policies often focus on technical requirements; a minimum length, complexity, and aging. However, organizations continue to experience credential based breaches. SynerComm’s Information Assurance Consultant examines the gaps between policy implementation and real user behavior. Through real-world examples and SynerComm’s own research we’ll uncover how users meet the organization policy with weak passwords, how attackers find them, and how organizations can better defend themselves.
Speaker
Alex brings 5 years of consulting experience and just shy of three years of penetration testing experience. Alex started his career working in business consulting in 2019 shortly before receiving his bachelors from Loyola University Chicago. While working, Alex began pursuing offensive and information security as a passion on the side.
After leaving the business consulting world to further pursue offensive security, Alex earned his OSCP in early 2022, followed by his OSWP and OSWA in quick succession.
In his early career, Alex has built a broad and diverse set of security skills with a focus on external penetration testing. His certifications and education have provided him with a strong background in networking and web application assessments.
The Annual Physical
by
Time
September 11, 3:30pm
Abstract
This presentation will provide insight into how physical penetration tests are scoped, planned, and executed by SynerComm and why they should be a regular part of your security assessments.
Speaker
Chad Finkenbiner has over 15 years of experience in information technology and security. Before joining the team at SynerComm, Chad worked in the healthcare industry supporting medical imaging and voice dictation systems across the country. He also served as a Data Network Specialist in the United States Marine Corps. Chad is skilled in both audit and penetration testing from his home near Louisville, Kentucky. When he isn’t consulting, Chad serves as a professional development mentor, guest speaker, as well as an elected official on his local city council.
As an Information Assurance Consultant with SynerComm, Chad performs network penetration tests, wireless penetration tests, physical penetration tests, risk and vulnerability assessments, information security policy development, and security awareness training. Chad leverages his background to discover security flaws and effectively report and consult on their mitigation.
Building Secure Software With AI Agents
by
Time
September 10, 4:50pm
Abstract
In this session we will explore the latest capabilities of AI coding agents and their impacts on software security. Learn how the latest tooling can assist your teams, what its strengths and weaknesses are, and how it fares with security maturity. This session is suited for anyone that works in or oversees software development.
Speaker
Bill has been designing and developing web applications for over 10 years. He leads the software team at SynerComm in building the Continous Penetration Testing app and consults on software security. With a deep interest in data modeling, Bill enjoys solving problems with automation and building secure-by-design applications.