Nebraska Cyber Security Conference

Dan Lohrmann

Presidio®

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.

During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership roles. He has received numerous national awards, including CSO of the Year from SC Magazine, Public Official of the Year from Governing Magazine and Computerworld Premier 100 IT Leader.

Lohrmann is the Field CISO for the Public Sector at Presidio, a global digital services and solutions provider accelerating business transformation through secured technology modernization. He leads cybersecurity advisory services for public-sector clients, working with global CxOs and partners to provide best practices and solutions.

He previously served as CSO and Chief Strategist for Security Mentor, Inc., a security awareness and training company, and led Michigan government’s cybersecurity and technology infrastructure teams from 2002 to 2014 in enterprise-wide CSO, CTO and CISO roles.

Lohrmann has advised senior leaders at the White House, the National Governors Association, the National Association of State CIOs, the U.S. Department of Homeland Security, federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.

He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and as a technical director for ManTech International at a U.S./U.K. military facility.

Lohrmann is the co-author of Cyber Mayday and the Day After: A Leader’s Guide to Preparing, Managing, and Recovering from Inevitable Business Disruptions (Wiley, 2021) with Australian cybersecurity expert Shamane Tan. He is also the author of Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD For You: The Guide to Bring Your Own Device to Work.

He has delivered keynote addresses at security and technology conferences worldwide, from South Africa to Dubai and from Washington, D.C., to Moscow.

Lohrmann holds a master’s degree in computer science from Johns Hopkins University in Baltimore and a bachelor’s degree in computer science from Valparaiso University in Indiana. He is also a senior fellow at the Center for Digital Government.

• Why Security Pros and Team Fail: How to Succeed
  

Raul Barreras

University of Nebraska

Raul Barreras is an information security professional with more than 20 years of experience in systems administration, development, teaching, information security leadership and hands-on penetration testing. In recent years, as cloud and application security manager at the University of Nebraska, he has focused on helping teams build secure and resilient software by promoting secure development practices and leveraging his broad technical and leadership background. Passionate about building communities of security-aware professionals, Barreras mentors developers and works to turn secure development from a checkbox into a habit.

• Leveling UP Vulnerability Disclosure: A Gamified Approach at the University of Nebraska

---

Matt Bednarski

Tanium

Matthew Bednarski is a client service leader at CDM Smith with more than 20 years of experience in civil engineering and infrastructure development. Throughout his career, he has led complex public works and environmental projects, bringing a strategic, client-focused approach to solving today’s most pressing infrastructure challenges. Bednarski is a trusted advisor to municipalities and agencies, known for his ability to align technical innovation with community needs. He holds a Bachelor of Science in civil engineering from the University of Wisconsin-Milwaukee and is an active member of the American Public Works Association.

• Command, Control, Automate: The Future of Endpoint Management
  

---

Karla Carter

Bellevue University

Karla Carter is an Associate Professor of Cybersecurity in the College of Science and Technology at Bellevue University, in Bellevue, NE. Drawing on degrees in psychology, history and cybersecurity, and more years than she should admit to of information technology experience, she teaches undergraduate and graduate courses in cybersecurity operations, social engineering, human factors, security awareness, white-collar crime, information warfare, and technology ethics. Additionally, she serves on the IEEE Nebraska Section Executive Committee and ACM Committee on Professional Ethics. Curious, intense and irreverent, Carter lives by the question, "what if...?" and has a low tolerance for the phrase "because that’s the way we’ve always done it." Ask her about her growing (and glowing!) uranium glass collection!

• Shani the Zebra Knows More About Cybersecurity Than You
  

---

Phil Redfern

University of Nebraska

Phil Redfern is the director of security engineering at the University of Nebraska. Throughout his career, Redfern has led various enterprise IT initiatives and projects, successfully integrating risk-based cybersecurity across the university system. Highlights include a unified security model for edge networks, security baselines for endpoints, and the implementation of updated IT security policies and standards. He received his Bachelor of Fine Arts from the University of Nebraska-Lincoln and his Master of Science from the University of Nebraska at Omaha.

• Leveling UP Vulnerability Disclosure: A Gamified Approach at the University of Nebraska
  

---

Ryan Regnier

Nelnet

Ryan Regnier is the director of cybersecurity at Nelnet, where he leads the Protective Operations division. He oversees both defensive and offensive cybersecurity strategies, ensuring rapid threat detection and response across the organization’s diverse technology landscape.

• Nelnet Cybersecurity: An Overview of Our Security Journey and What's Next
  

---

Mike Rider

DTEX

Mike Rider is a senior counter-insider threat engineer at DTEX Systems with 24 years of experience in cybersecurity, 12 of which have been dedicated to U.S. government insider threat programs. He also completed a 20-year U.S. Navy career as a cryptologic warfare officer. Some of his noteworthy Department of Defense roles include positions at the White House Communications Agency, the National Security Agency, U.S. Strategic Command and Joint Special Operations Command, as well as technical roles at leading security vendors such as Forcepoint, Tanium and Menlo Security.

• Insider Threats Aren't New.  But Our Defenses Should Be.
  

---

Bruce Wray

Wray Law TCP

Bruce thrives where the Law intersects with Technology, Cybersecurity and Privacy. He leverages a Master’s in Computer Science focused on Information Assurance, a CISSP, more than a decade working in IT, and now more than a decade providing legal guidance to global corporations, in order to enable organizations to manage their TCP risks. 

Bruce operates a boutique legal practice, Wray Law TCP, and is the Director of the Innovation and Entrepreneurship Legal Clinic at Creighton School of Law. He serves on the boards of both NebraskaCERT and ISC2 Omaha/Lincoln Local Chapter, the latter as President. 

Bruce is a frequent presenter with local information security organizations, including ISACA , NECERT and ISC2 Omaha/Lincoln Local Chapter, and will be speaking this October at the ISC2 Security Congress 2025 in Nashville.

• TTX: How Not To Crisis Your Crisis

Command, Control, Automate: The Future of Endpoint Management

Matt Bednarski, Tanium

In an era when cyber threats evolve faster than traditional tools can respond, organizations need real-time visibility and control across every endpoint. This session explores how Tanium’s autonomous endpoint management platform unifies IT operations and security to deliver instant insights, rapid response and operational resilience.

---

Insider Threats Aren't New.  But Our Defenses Should Be.

Mike Rider, DTEX

In today’s dynamic digital environment, the perimeter is gone — but the insider risk remains. As organizations accelerate adoption of AI tools and hybrid work continues to redefine where and how people operate, traditional methods of monitoring and mitigating insider threats are proving inadequate. Legacy user activity monitoring tools, while well-intentioned, are reactive, intrusive and often blind to the early indicators of risky behavior.

This session explores a modern approach to insider risk — one that prioritizes context, intent and proactive mitigation over surveillance. Drawing on lessons learned from engagements across federal and commercial sectors, we’ll examine the behavioral patterns and digital exhaust that precede insider incidents — and how organizations can use this intelligence to shift left: detecting risk before it escalates to a threat.

---

Leveling UP Vulnerability Disclosure: A Gamified Approach at the University of Nebraska

Phil Redfern & Raul Barreras, University of Nebraska

Discover how the University of Nebraska has leveled up its Vulnerability Disclosure Program through gamification. This presentation will highlight the collaborative efforts between the university and independent security researchers to strengthen its security posture and recognize the contributions of experienced researchers. Attendees will gain insights into NU’s innovative program model, built on the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency template, and learn effective strategies for engaging in remediation.

---

Nelnet Cybersecurity: An Overview of Our Security Journey and What's Next

Ryan Regnier, Nelnet

We’ll begin with an overview of Nelnet’s cybersecurity team structure and how we partner with each business unit. Using specific examples and commentary, we’ll explain how the teams perform their work. We’ll also cover how AI is transforming our daily operations and where the field is heading in the coming years.

---

Shani the Zebra Knows More About Cybersecurity Than You

Karla Carter, Bellevue University

What can a foal, a crocodile and a dusty river crossing teach us about digital risk management? More than most security frameworks, it turns out. This session leverages one of nature’s most compelling cybersecurity metaphors — the African migration — to reframe enterprise risk management through the lens of survival. Following Shani the zebra and her vulnerable newborn through a perilous journey, we’ll examine how predators exploit every transition point, mirroring the attack vectors that compromise digital ecosystems. Drawing from behavioral ecology and threat intelligence, this presentation maps the NIST Risk Management Framework to migration survival patterns: asset management as herd dynamics, vulnerability assessment as environmental scanning, incident response as predator evasion, and legacy system integration through the lens of warthogs — ugly but resilient. Through this unconventional framework, attendees will develop practical strategies for risk visualization, stakeholder communication and security program optimization. The session includes actionable deliverables: a field guide for mapping organizational “predator patterns,” threat classification cards and assessment templates designed for immediate implementation. Participants will learn to apply biological risk models to cybersecurity program design, develop enhanced risk communication strategies using natural metaphors, and create visual frameworks for executive reporting that actually resonate. Come for the metaphor. Stay for the methodology. Leave with tools that work in both the Serengeti and the SOC.

---

TTX: How Not To Crisis Your Crisis

Bruce Wray, Wray Law TCP

The truism “When Not If” has these corollary: crises will happen, crises are unavoidable, and crises are part of business. An organization’s preparation and response are all that you can control. 

This interactive discussion will focus on Practicing Your Crisis before you Crisis Your Crisis. We will explore how other crisis training approaches preparation and how your organization can adopt and implement Table Top Exercises to avoid common pitfalls that businesses face when the unthinkable, but inevitable, occurs.

Sponsor Levels

 Sponsor Information (PDF)

---

Platinum Sponsor $3,000 (Limit 7)

• Premier table placement in Main Hallway
• Table and two chairs
• Complimentary Tickets: 3 (additional tickets may be purchased at attendee rates)

Sign Up as a Platinum Sponsor Today!

---

Gold Sponsors

---

Diamond Lunch Sponsor $10,000 (Limit 1)

• Logo placards placed on banquet tables
• Table placement next to banquet hall in a high-traffic area next to auditorium
• Two table and four chairs
• Complimentary Tickets: 5 (additional tickets may be purchased at attendee rates)

Sign Up As A Diamond Lunch Sponsor Today!

---

Emerald Breakfast Sponsor $5,000 (Limit 1)

• Logo placards placed on banquet tables
• Table placement next to banquet hall in a high-traffic area next to auditorium
• Two table and four chairs
• Complimentary Tickets: 4 (additional tickets may be purchased at attendee rates)

Sign Up As A Emerald Lunch Sponsor Today!

---

Each sponsor will receive the following:

• Logo published on our conference website
• Logo printed in conference guide
• Room for one standup banner (not to exceed 3’ wide x 6’tall) by your table
• Access to Electrical - sponsors must bring their own extension cord.  The conference center does not have any available to lend.
• WIFI access