Nonprofit Cyber Members Take the Stage at Black Hat and DEFCON 2025

Nonprofit Cyber Members Take the Stage at Black Hat and DEFCON 2025

This month, Las Vegas becomes the center of the cybersecurity world as Black Hat USA 2025 and DEF CON 33 kick off. We’re excited to share that members of Nonprofit Cyber will once again be at the forefront, leading conversations, sharing expertise, and shaping the dialogue on some of the most pressing cybersecurity challenges. Stay tuned for our full list of sessions so you can connect with and support fellow members in Las Vegas.

Here’s a look at the sessions featuring Nonprofit Cyber members:

Monday, August 4, 2025

1. From Me to We
Time: 9:30 AM PDT 
Location: BSidesLV, Breaking Ground

You break into a cybersecurity career by trying to be the best you, but it is your team, users, and the community that will make you truly great: why security works the way it does (or doesn’t), technical and organizational approaches that do work, and how to take care of yourself through it all. Institute for Security & Technology (IST) Senior Adjunct Technical Advisor Bryson Bort hosts an interactive keynote – come with your questions! 

2. Setting the Table – WarGames 2027 & Maslow’s Hierarchy of Needs as Hybrid Warfare Nears
Time: 10:00 AM PDT
Location: BSidesLV, I Am The Cavalry

Shall we play a game? This “choose your own adventure” session with IST Executive in Residence for Public Safety and Resilience Joshua Corman tackles the fast approaching reality of destructive cyberattacks on Lifeline Critical Functions like water, power, and emergency care.

3. C-Sides 2025
Time: 7:00 PM PDT

Put on by Gadi Evron, Knostic, Cloud Security Alliance, The CISO Society, Professional Association of CISOs, Team8 CISO Village, NightDragon CISO Network, and Wiz CISO Community.

Tuesday, August 5, 2025

4. Power Play: AI Dominance Depends on Energy Resilience
Time: 11:00 AM PDT 
Location: BSidesLV, I Am The Cavalry

IST Adjunct Senior Advisor for Cyber and Supply Chain Risk Munish Walther-Puri and Idaho National Lab Chief Scientist Dr. Emma Stewart explore how energy infrastructure forms the backbone of resilient and robust AI ecosystems and challenges like transformer shortages and foreign dependencies threaten AI ecosystems and national security. We’ll examine how disruptions in the energy sector can cascade across AI development, national security, and global competitiveness. By focusing on the often-overlooked role of power infrastructure, including the critical shortage of domestic sourced electrical equipment such as transformers, they’ll reveal how energy resilience is the true key to AI dominance beyond algorithms and computing power.

5. What should CVE be when it grows up?
Time: 1:00 PM PDT
Location: BSidesLV, Breaking Ground

The CVE Program is a pillar of the cybersecurity ecosystem. For more than a quarter century, it has provided an authoritative source of data about vulnerabilities for software users. It is also critical for continuing to drive security into the design and development process. However, over the last 18 months, both the CVE Program and the U.S. National Vulnerability Database have faced funding challenges. And despite its criticality and the large community both active in and reliant on the program, it has been subject to persistent criticisms over a lack of accountability and communication. At the same time, developments in the European Union have led to the creation of the EU Vulnerability Database. Congress has taken note, and in June, members requested a formal audit of the program. In a keynote panel IST Senior Vice President for Digital Security Strategy Bob Lord moderates a conversation with Github Senior Security Manager at Github Madison Oliver, CISA Senior Technical Director Chris Butera, Cisco Security Principal Engineer in the Threat Detection & Response Business Group Jerry Gamblin, and runZero Vice President of Security Research Tod Beardsley. What are the challenges facing the CVE Program and how can they be overcome? What should policymakers and auditors consider as they evaluate paths forward? How do we avoid international balkanization of the CVE Program? What are new governance models that should be considered?

6. #ShareTheMicInCyber Workshop: Project 2030
Time: 3:15 – 4:15 PM PDT
Location: Sahara Las Vegas

With Camille Stewart Gloster, CEO & Principal, CAS Strategies and Lauren Zabierek, Executive Director, Cyber Project, and members of #ShareTheMicInCyber.

7. End of Life (EOL) Equipment should not mean End of Life (Your Life)
Time: 6:00 PM PDT
Location: BSidesLV, I Am The Cavalry

As digital infrastructure ages, a growing number of critical systems across sectors—from healthcare and manufacturing to energy and transportation—continue to rely on end-of-life (EOL) equipment that no longer receives security updates or vendor support. These legacy systems often harbor “forever-day” vulnerabilities: known flaws for which no patches exist and none are forthcoming. The persistence of these unfixable weaknesses poses a significant and growing threat to national security, public safety, and economic stability. IST Adjunct Senior Threat Advisor Silas CutlerPaul Roberts, and Consumer Reports Policy Fellow Stacey Higginbotham discuss.

Wednesday, August 6, 2025

8. Coffee & Cloud Security Leaders Meet-Up!
Time: 8:00 – 10:00 AM PDT
Location: Mandalay Bay Convention Center

Cloud Security Alliance, Viola Ventures, and Blumberg Capital are teaming up to bring together Security leaders and CISOs for candid conversations on where cloud security is headed, over fresh coffee and breakfast bites.

9. Keynote: The Defender’s Edge: Strategic Truths Every Practitioner Must Know Now
Time: 9:05 – 9:35 AM PDT
Location: Sahara Las Vegas

With Camille Stewart Gloster, CEO & Principal, CAS Strategies and member of #ShareTheMicInCyber

10. Time is Running Out – Tying it All Together – What Will You Do in the Near Term?
Time: 11:00 AM PDT
Location: BSidesLV, I Am The Cavalry

Hosted by Joshua Corman from IST, this portion of the I Am The Cavalry track at BSidesLV is focused on no-kidding short-term measures to take to reduce risk. We have discussed water, urgent and emergency care, energy, public safety, household resilience and more. What actions can you take this month to protect your community, your family, yourself? What about next month? What about October? Ongoing, incremental steps can materially reduce risk.

11. Manufacturing Breakthroughs: How Conflict Leads to Innovation
Time: 11:30 AM PDT
Location: BSides LV, Ground Truth

What if cybersecurity’s biggest challenges—supply chain vulnerabilities, dark web economies, critical infrastructure risks—already have solutions? The problem isn’t finding new answers; it’s identifying existing ones systematically. This talk by Munish Walther-Puri from IST introduces TRIZ (Theory of Inventive Problem Solving), an engineering-based methodology that resolves contradictions and forecasts innovation patterns to tackle complex problems effectively. Think of the contradiction matrix as a “decision tree for conflicts,” helping you navigate dilemmas like “secure but open” or “privacy vs functionality.” Patterns of evolution act as “forecasting the weather in technology,” enabling professionals to anticipate emerging risks and opportunities.

Thursday, August 7, 2025

12. Industrial Control Summit (ICS) Micro Summit
Time: 1:30 PM to 3:35 PM PDT

The ICS Micro Summit explores the business view of digital transformation, assessing and providing insights into how cybersecurity can be incorporated and carefully balanced Industrial organizations are rapidly digitalizing their environments to meet business goals, enhancing the productivity and efficiency of operations.

Institute for Security & Technology Adjunct Senior Technical Advisor Bryson Bort will present “Lessons from the Trenches” at 2:05 PM PDT.

13. Fireside Conversation: “Threat Modeling in the Age of Autonomous Systems: Rethinking Risk When the System Evolves”
Time: 1:30 – 2:00 PM PDT
Location: Palms Casino Resort

With Camille Stewart Gloster, CEO & Principal, CAS Strategies & member of #ShareTheMicInCyber, and Robert G. (Rob) Duhart, Jr, SVP and Chief Information Security Officer, Oracle Cloud Infrastructure.

Friday, August 8, 2025

14. Adversary Village Kick-Off Keynote Panel: Let’s Hack the Planet! 
Time: 10:00 AM PDT
Location: Adversary Village @ DEF CON

Institute for Security & Technology Adjunct Senior Technical Advisor Bryson Bort joins Marcus J. Carey, Sanne Maasakkers, and Abhijith “Abx” B R for a keynote kick-off panel to the Adversary Village @ DEF CON.

15. Back to Basics: Building Resilient Cyber Defenses
Time: 12:30-1:00 PM PDT
Location: Stage 2 for DEFCON’s Crypto & Privacy Village

Led by Yael Grauer, Program Manager of Cybersecurity Research, Consumer Reports. In spite of novel cybersecurity threats, digital security advice has remained largely unchanged in recent years. In fact, much of the viral advice in response to high-profile attacks or threats doesn’t actually address the risks people are most likely to face. In this talk, we’ll analyze high-profile digital privacy and security concerns, whether the viral advice to address said concerns is effective and practical, and what steps *could* be taken—both before and after an issue arises.

Saturday, August 9, 2025

16. Hacking Back to School: How states, hackers, and civil society can support K-12 cybersecurity when federal support wavers
Time: 4:30 PM PDT
Location: Policy @ DEF CON

What happens to K-12 cybersecurity when federal leadership steps back? Led by Institute for Security & Technology Senior Director for Preparedness and Response Michael Klein with North Carolina Department of Public Instruction Chief Information Officer Vanessa Wrenn, South Dakota Bureau of Information and Telecommunications Chief Information Security Officer Johnathan Hampe, and Censys Principal Security Researcher and Institute for Security & Technology adjunct Silas Cutler, this session explores the emerging patchwork of state-led cyber defense models for schools and how the hacker community can play a vital role in this ecosystem. This discussion will be accessible to policy-focused attendees while providing technical participants with concrete examples of state-level cyber defense efforts.

17. ICS Village Meet & Greet
Time: 1:37 PM PDT 
Location: ICS Village @ DEF CON 

Hang out with Institute for Security & Technology Adjunct Senior Technical Advisor Bryson Bort, Darknet Diaries, Ray Redacted & special guests in the ICS Village.

Co-founded by Bryson BortICS Village is a non-profit organization with the purpose of providing education and awareness of Industrial Control System security. This DEF CON Village hosts talks, hands-on demonstrations, hacking sessions, and escape rooms to connect the public, industry, media, and policymakers directly with ICS systems and experts.

Sunday, August 10, 2025

18. Cyber Volunteering and Community Defense – DEF CON Franklin and the Cyber Resilience Corps 1 Year In
Time: 10:00 AM PDT
Location: Track 5 @ DEF CON

One year after launch, the DEF CON Franklin returns to the Mainstage with partners from the Cyber Resilience Corps with updates on their mission to empower local communities through cyber volunteering and grassroots defense. CLTC Program Director of Public Interest Cybersecurity Sarah Powazek, University of Chicago Cyber Policy Initiative Jake Braun, and Cyber Peace Institute Chief Operations Operator Adrien Ogee will share key lessons learned from running on-the-ground volunteering programs and future plans for scaling civic cyber defense by joining forces. From helping small towns respond to ransomware to building rapid-response volunteer teams, this talk will highlight how hackers and technologists are stepping up to protect the public good—one community at a time.

Nonprofit Cyber is proud to have our members leading critical conversations in Las Vegas this year. These sessions reflect our commitment to advancing cybersecurity resilience, fostering collaboration, and driving innovative solutions for a safer digital world.

Join us to engage with these thought leaders and stay at the forefront of cybersecurity discourse!

About Nonprofit Cyber

Nonprofit Cyber is a coalition of global nonprofit organizations formed to enhance joint action to improve cybersecurity. All coalition members are nonprofits that serve the public interest by developing, sharing, deploying, and increasing the awareness of cybersecurity best practices, tools, standards, and services.

Learn more at https://nonprofitcyber.org/

Media Contact

Ms. Kayle Giroud,  Global Cyber Alliance and Nonprofit Cyber Secretariat, kgiroud@globalcyberalliance.org