NTCA certificate course code: T110 
Attending this conference earns you one credit toward your NTCA certificate. 
Learn more about NTCA certificate programs.





Sunday, October 21

1:00 p.m. – 5:00 p.m.

Cyber Wise Workshop
Join us for a free half-day workshop focused on what every rural telco should know about cyber risk assessment and mitigation, as well as strategies for threat response and recovery. Gain a deeper understanding of how to utilize the sector-specific guidance in the NTCA Cybersecurity Bundle to improve cybersecurity readiness at your company.

This workshop is free, but requires advance registration. For conference attendees, please add the workshop to your registration. For workshop-only attendees, please contact us to register.


5:00 p.m. – 6:00 p.m.



Monday, October 22

7:45 a.m. – 8:45 a.m.


8:30 a.m. – 11:30 a.m.


Keren Elazari

The Mindset of the Attacker
Keren Elazari, Cyber Security Analyst, Author and Researcher, Tel Aviv University Interdisciplinary Cyber Research Center
There is a fine line between white hat and black hat hackers. Both have the same set of skills and tools, but different motivations lead to different applications. Hear from a friendly hacker on how to better understand cyber criminals and be prepared for inevitable attacks.

9:30 a.m. – Noon

Tabletop Facilitation Workshop
Cyber tabletop exercises are an excellent way to test and train both technical and nontechnical staff for readiness in the event of an attack. This workshop will walk through the basics of creating and running tabletop exercises within your company, including customizable examples, sample materials and small group discussions. You will be ready to take the lead with internal cybersecurity preparedness planning.

Noon – 1:15 p.m.


1:15 p.m. – 2:15 p.m.

The Evolving Threat Environment
This overview of findings, trends and metrics from established breach/threat reports provides an informed view of the current cyber threat landscape.

2:15 p.m. – 3:15 p.m.

Dissecting a DDoS Attack
One of the most common attacks affecting small operator networks is distributed denial of service (DDoS). Follow along as the anatomy of a DDoS attack is explored, including a technical start-to-finish description of an attack, tactics used to create and amplify malicious traffic, specific impacts on a small ISP network, and common strategies to protect your network and customers.

3:30 p.m. – 4:30 p.m..


Level I
Starting from Scratch: Building A Cybersecurity Program
Join us for a broad overview of how to construct a comprehensive, holistic cybersecurity program. Fundamentals include security awareness training, incident response planning, cybersecurity insurance, and knowing when, how, and with whom to outsource certain functions.

Level II
Testing Your Cyber Attack Readiness
There are a variety of ways to assess the effectiveness of your cybersecurity program. Penetration testing, vulnerability scanning, bug bounties and other means can help identify areas of vulnerability and inform strategic improvements. Learn about these testing methods and what it takes to implement them.

5:00 p.m. – 6:00 p.m.



Tuesday, October 23

7:45 a.m. – 8:45 a.m.

Truth and Consequences: The Impact of Cyber on Your Most Valuable Asset—Your Customers
Jennifer Baldridge, Director of Business Development for Emerging Markets, CyberScout
Eric Warbasse, Vice President, Business Development, CyberScout

Cyber attacks are impacting our communities and families at a record a record pace—and there’s no end in sight. Trying to manage personal and family cyber issues on their own costs time and money. In this learning session, you will walk away with a deeper understanding of the top personal cyber trends that are negatively impacting our communities. You will understand how those trends affect your organizations. And we will share best practices for better customer retention and community relation efforts.

Sponsored by
Cyber Scout
9:00 a.m. – 9:50 a.m.


Level I
Essential Cyber Hygiene
“Cyber hygiene” refers to a set of foundational recommended steps to protect the health and security of systems and assets. Learn more about the most important technical controls you should be implementing regularly and the role they play in protecting critical assets and data.

Level II
Moving to a Zero-Trust Architecture
Conventional security models often rely on the premise that everything inside the network perimeter can be trusted. Zero-trust architecture is rooted in the principle of “never trust, always verify.” This session explores the theoretical benefits of a zero-trust architecture, as well as the practical challenges and business impacts for implementation within a small ISP.

10:00 a.m. – 10:50 a.m.


Level I
Cybersecurity as a Competitive Service
As telcos continue to identify new revenue streams, an opportunity is emerging to monetize your cybersecurity expertise through a business-to-business service. With a focus on supporting local health care and banking organizations, this session shares success stories from your peers and introduces the security needs of these specific sectors.

Level II
Supply Chain Security
The telecom supply chain is global, interconnected and interdependent, with rural network providers serving as both consumers and suppliers. Although relative size in the marketplace can present challenges of limited leverage and control, the supply chain remains capable of introducing significant risk into your network. This session offers a robust discussion of the critical questions you should be asking of your suppliers to mitigate supply chain risk.

10:50 a.m. – 11:00 a.m.


11:00 a.m. – Noon


Christopher Hadnagy

The Invisible Threat
Christopher Hadnagy, Founder & Chief Human Hacker, Social Engineer, LLC
Despite a growing understanding that cybersecurity is not just an IT issue, a lack of awareness remains about how vulnerable companies are when it comes to personal interactions with staff. Hear from a social engineering professional about the creative strategies bad actors employ to prey upon staff at all levels and what you can do to evaluate, educate and prepare for various social attack vectors.


Cybersecurity Summit Adjourns