We have all read the papers. Public entities across the country, both large and small, continue to be the target of cyber-attacks.

In response, the insurance market is reducing limits and imposing restrictions for cyber coverage. Regardless of coverage, a cyber attack will have operational and financial consequences and will likely inflict reputational damage.


The GEM Cyber Session will focus on how to assist your members in planning for and mitigating against these types of attacks.


Our first session will dive into how and why ransomware continues to dominate as the tool of choice for organized cyber-crime, show how phishing and breach data support ransomware campaigns, and answer the question of whether or not to pay the ransom. We will consider the risks associated with our most basic data collection and storage processes, as well as the implications of entrusting data with vendors and other third parties.


Our second session will look at personal security and privacy from the perspective of threat models and show how the data breach epidemic affects our personal privacy — for ourselves and our families. It’s not about having something to hide, it’s about having much to protect. We will learn the steps to avoid being an easy target.

Jon Engstrom, IntelTechniques

Jon Engstrom is a 24-year veteran with a major U.S. metropolitan police department where he serves as the technical lead for the agency’s Criminal Intelligence and Cyber-Crime Sections. He founded and continues to support the organization’s Technical Investigations and Open-Source Intelligence Units and is the operations lead in charge of threat assessment and incident response for the region’s Real-Time Crime Center. Jon instructs internal department teams as well as outside organizations in the areas of Operational Security for Covert Operations, Countering Electronic Surveillance, Cyber-Crime Investigations, and Open-Source Intelligence. Prior to his current assignments, Jon worked as a Federal Task-Force Officer, running under-cover and electronic surveillance operations for long-term organized crime investigations. With a certification in ethical hacking, he focuses on incorporating an attacker’s perspective into investigations and operational security.