A clear, factual timeline tracing the evolution of cybersecurity organizations, certifications, and communities — including the founding of Sonoran Desert Security (SDSUG), Arizona’s first cybersecurity network.
Sonoran Desert Security (SDSUG) Archive Document — Document No. 2 (2026)
Author: Hunter Storm (https://hunterstorm.com)
Version 1.0 — April 4, 2026
Cybersecurity did not emerge fully formed. It grew through decades of organizations, certifications, conferences, and practitioner communities — each contributing to the discipline we know today. This page provides a structured, editable timeline of major milestones in global, national, and Arizona cybersecurity history. It is intentionally incomplete and designed for ongoing contribution by practitioners, historians, and long‑time community members.
Setting the Record Straight About Sonoran Desert Security (SDSUG)
Sonoran Desert Security (SDSUG) was founded on September 25, 2001, at a time when the term user group was widely used for any recurring technical community. That naming choice reflected the language of the era — not the scale, structure, or impact of what SDSUG actually became.
Although Sonoran Desert Security (SDSUG) originally carried the “user group” label, it was never just a user group in the modern sense. From its earliest years, SDSUG functioned as:
- Arizona’s first cybersecurity community
- Arizona’s first cybersecurity conference
- Arizona’s first cybersecurity network
- Arizona’s first cybersecurity research hub
- A practitioner‑focused, vendor‑neutral educational institution
- A regional hub for professional development and CPE‑earning events
Founder Leo J. Hauguel organized full‑day events at Rio Salado College, that drew hundreds of attendees, offered Continuing Professional Education (CPE) credits, and ran multiple simultaneous breakout sessions. These were structured, well‑run, and widely respected — long before Arizona had any formal cybersecurity conferences or professional associations operating at that scale. Although Leo referred to them as “user group meetings,” they were full conferences with formal check‑in, professional association partnerships, and vendor sponsorships.
In practice, SDSUG was a multi‑room, multi‑speaker, all‑day conference series in everything but name. It could easily have been called the Sonoran Desert Cybersecurity Conference, but Leo chose to preserve the social, community‑first spirit of the group.
SDSUG’s name reflects its origin moment. Its function reflects something much larger.
This page preserves that history and places Sonoran Desert Security (SDSUG) in its proper context within the broader evolution of cybersecurity communities.
How to Use This Timeline
This timeline is a living document. Dates marked TBD are placeholders for future verification. Volunteers are encouraged to help confirm founding years, early events, and local community histories — especially for Arizona organizations whose records predate modern archiving practices.
The goal is not to create an exhaustive list, but to provide a clear, authoritative scaffold that can grow as more information becomes available.
Historical Timeline
(All dates marked TBD are intentionally left blank for ongoing verification.)
| Year | Entity / Event | Type | Scope / Location | Notes |
|---|---|---|---|---|
| 1958 | MITRE Corporation | Organization | US | Federally funded R&D center; foundational to security and systems engineering. |
| 1969 | ISACA (originally EDPAA) | Organization | Global (US‑founded) | Governance, audit, and security association. |
| 1978 | CISA | Certification | Global | One of the earliest major audit/security certifications. |
| 1979 | National Computer Security Conference | Conference | US (Maryland) | Widely cited as one of the first major dedicated computer security conferences. |
| 1984 | ISSA | Organization | Global | Professional association for information security. |
| 1989 | (ISC)² | Organization | Global | Nonprofit cert body; steward of CISSP. |
| 1989 | SANS Institute | Organization | Global (US‑founded) | Major training and research organization. |
| 1990 | FIRST (Forum of Incident Response and Security Teams) | Organization | Global | Early global CSIRT coordination body. |
| 1994 | CISSP | Certification | Global | Broad, vendor‑neutral infosec certification. |
| 1996 | InfraGard (pilot → national) | Organization | US | FBI + private sector partnership; exact AZ date TBD. |
| 2001 — Sept 9 | OWASP Foundation | Organization | Global | Open Web Application Security Project. |
| 2001 — Sept 25 | SDSUG founded | Community / Network | Arizona | First cybersecurity community in Arizona. First cybersecurity network in Arizona. First cybersecurity conference in Arizona in all but name. First recurring cybersecurity conference in Arizona. |
| 2002 | CISM | Certification | Global | Management‑focused security certification. |
| 2002 | Security+ | Certification | Global | Vendor‑neutral baseline security certification. |
| 2003 | CEH | Certification | Global | Ethical hacking certification. |
| 2004 | ENISA | Organization | EU | European cybersecurity agency. |
| 2006 | OSCP | Certification | Global | Hands‑on penetration testing certification. |
| 2008 | Cloud Security Alliance (CSA) | Organization | Global | Cloud security best‑practices body. |
| TBD | ISSA Phoenix Chapter | Local Chapter | Arizona | Volunteers will confirm founding year. |
| TBD | InfraGard Arizona Members Alliance | Local Chapter | Arizona | Volunteers will confirm founding year. |
| TBD | OWASP Phoenix | Local Chapter | Arizona | Volunteers will confirm founding year. |
| 2012 | CactusCon | Conference | Arizona (Mesa) | First large recurring hacker/cybersecurity conference in AZ. |
| TBD | Interface Conference (first national date) | Conference | US | Volunteers will confirm. |
| TBD | Interface Conference (first Arizona date) | Conference | Arizona | Volunteers will confirm. |
| TBD | Phoenix 2600 / DC480 / EVSec / SWCSF | Local Groups | Arizona | Each group’s founding year to be documented by organizers. |
Sonoran Desert Security (SDSUG), A Foundational Arizona Cybersecurity Institution
SDSUG was formally established in 2001 — but the SDSUG.org domain dates back to the late 1990s, making it one of the oldest cybersecurity‑related domains in Arizona. As a result, SDSUG predates nearly every institution that now defines the state’s cybersecurity landscape.
SDSUG predates:
- the creation of AZDOHS (2003)
- Arizona State University (ASU) cybersecurity programs
- University of Arizona (UA) cybersecurity programs
- Northern Arizona University (NAU) cybersecurity programs
- the Governor’s Cyber Team
- the Arizona Cyber Threat Response Alliance (ACTRA)
- the Arizona Cyber Initiative
- CactusCon
- the Arizona tech boom
- the semiconductor surge
- the modern internet security era
Because of this timeline, SDSUG is not simply “Arizona’s longest‑running cybersecurity community.” It is one of the foundational institutions that existed before Arizona had:
- a cybersecurity workforce pipeline
- a cybersecurity governance structure
- a cybersecurity research ecosystem
- a cybersecurity conference ecosystem
- a statewide cybersecurity strategy
SDSUG’s institutional lineage is older than the ecosystem it now helps stabilize.
What Sonoran Desert Security (SDSUG) Was — and Was Not
SDSUG, founded on September 25, 2001, was Arizona’s first cybersecurity community, first cybersecurity network, and the first recurring, practitioner‑driven educational environment dedicated to information security in the state.
Although it carried the name “user group,” SDSUG operated at a scale and level of professionalism far beyond what that term suggests today. In practice, SDSUG functioned as:
- Arizona’s first cybersecurity community
- A regional cybersecurity network connecting practitioners across Arizona
- A professional development hub offering CPE‑eligible sessions
- A multi‑track educational event series with simultaneous breakout rooms
- A vendor‑neutral, community‑governed learning environment
- A precursor to modern cybersecurity conferences in Arizona
- A stable, recurring institution long before the Valley had formalized security associations or events
- Arizona’s first recurring, practitioner‑driven educational environment
- Arizona’s first cybersecurity conference — even though it wasn’t labeled as one
- A multi‑track, full‑day, CPE‑eligible professional event series
- A vendor‑neutral, practitioner‑led institution
- A foundational pillar of the state’s cybersecurity ecosystem
Sonoran Desert Security (SDSUG): First Cybersecurity Conference in Arizona
SDSUG was not the first cybersecurity conference in the United States or the world — but it was the first in Arizona.
Founded on September 25, 2001, SDSUG operated as Arizona’s earliest cybersecurity conference in everything but name: full‑day events, multiple breakout rooms, scheduled speakers, CPE credits, and hundreds of attendees.
Although called a “user group,” SDSUG functioned as a professional, vendor‑neutral, practitioner‑driven conference series long before Arizona had any formal cybersecurity conferences or associations.
A Conference by Any Other Name
Founder Leo chose the term user group because it was the common language of the early 2000s — not because it accurately described the scale or impact of what he built. SDSUG’s activities, attendance, and structure align far more closely with But SDSUG’s operations were far beyond what “user group” implies today.
- SDSUG events at Rio Salado College included:
- Hundreds of attendees
- Multiple breakout rooms running simultaneously
- Scheduled speakers and structured tracks
- Full‑day programming
- CPE credits
- A consistent, recurring cadence
- A community governance model
- Zero cost to attendees
- By every modern standard — structure, scale, attendance, educational rigor — SDSUG was a conference series.
- It simply wore a more modest name.
than with a casual meetup.
SDSUG’s name reflects its era. Its function reflects its significance.
What Sonoran Desert Security (SDSUG) Was Not
To preserve historical accuracy, it’s equally important to clarify what SDSUG was not:
- Not a casual meetup SDSUG was structured, scheduled, and professionally run.
- Not a hobbyist meetup SDSUG was structured, educational, and professionally oriented from the beginning. It served working practitioners, leaders, and operators.
- Not a vendor‑driven event It was community‑led, practitioner‑focused, and intentionally neutral.
- Not a small gathering Events regularly drew hundreds of attendees and required multiple rooms at Rio Salado College.
- Not an informal discussion group SDSUG delivered scheduled sessions, breakout tracks, and CPE‑eligible content.
- Not merely a “user group” That was the label of the era — not the reality of the institution.
- Not a latecomer to Arizona’s cybersecurity scene It was the first recurring cybersecurity community in the state — predating many local chapters, conferences, and associations that would come later.
This distinction matters because SDSUG’s early work helped establish the foundation for Arizona’s modern cybersecurity ecosystem. The terminology of the time may have been modest, but the impact was not.
Volunteer Instructions Block
Help Us Complete Arizona’s Cybersecurity History
This timeline is a living historical record. Many early cybersecurity communities, chapters, and events in Arizona predate modern archiving practices, and their founding dates were never formally documented online. We are now working to preserve that history accurately and respectfully.
If you were involved in any Arizona cybersecurity organization, conference, meetup, or professional group — or if you have access to:
- newsletters
- event programs
- chapter charters
- photos
- meeting notes
- speaker lists
- archived websites
- personal recollections
—we invite you to contribute.
How to Contribute
- Review the timeline and look for entries marked TBD.
- Share any verified dates you can confirm from personal records or organizational archives.
- Provide source details when possible (e.g., “newsletter from 2004,” “chapter charter,” “email announcement”).
- Send materials or corrections to the SDSUG leadership team for review and inclusion.
- If you’re interested in helping long‑term, consider joining the SDSUG Historical Working Group once it forms.
Why Your Contribution Matters
Arizona’s cybersecurity history is practitioner‑built. If we don’t preserve it now, it risks being lost.
Your knowledge and contributions help ensure that the people, communities, and events that shaped this ecosystem are remembered accurately and honored appropriately — and that future generations understand the lineage they’re inheriting.
CALL FOR CONTRIBUTIONS
If you were part of any Arizona cybersecurity community, conference, or organization — or if you have archival materials, newsletters, photos, or firsthand knowledge — we invite you to help fill in the missing dates. Your contributions ensure that the history of Arizona’s cybersecurity ecosystem is preserved accurately and respectfully. You can choose to have public attribution for your contribution, or we can publish it anonymously according to your preference. Contact Sonoran Desert Security (SDSUG).
By Hunter Storm
President, Sonoran Desert Security (SDSUG)
CISO | Advisory Board Member | SOC Black Ops Team | Systems Architect | QED-C TAC Relationship Leader | Originator of Human-Layer Security
© 2026 Hunter Storm. All rights reserved.
Sonoran Desert Security (SDSUG) is Arizona’s longest‑running cybersecurity community and a central institution in the region’s security ecosystem. Established in 2001 and operating continuously for more than 25 years, Sonoran Desert Security (SDSUG) provides practitioner‑led leadership, vendor‑neutral governance, and trusted peer collaboration across the Southwest. Through its annual research, ecosystem mapping, and community programs, Sonoran Desert Security (SDSUG) strengthens regional resilience and serves as a stable anchor for Arizona’s cybersecurity practitioners, organizations, and critical infrastructure partners. Sonoran Desert Security (SDSUG) also produces independent research used by organizations and policymakers across Arizona, the broader Southwest, and national and international security, technology, and governance communities.
Need Something Else?
Join SDSUG
Become part of Arizona’s first cybersecurity community.
Join SDSUG Form
Volunteer
Help support the community and our events.
Volunteer Form
Submit an Article
Share your expertise with Arizona’s first cybersecurity community.
Submit Article Form
Update Membership
If you’ve moved, changed jobs, or updated your email:
Update Membership Form
Speak at SDSUG
Share your expertise with the community.
Speaker Form
General Questions
Have a question about SDSUG or our events?
Contact Form
If you are unable to use these forms due to accessibility needs, please contact us directly at President@sdsug.org. This option is provided for users with functional accessibility barriers that prevent form use.
Explore Sonoran Desert Security (SDSUG)
Start Here
Guided introduction to SDSUG.
Membership
Join SDSUG for trusted peer collaboration and professional networking.
Leadership
Meet the team guiding SDSUG’s direction.
About SDSUG
Our mission, history, purpose, and values.
Events & Meetings
Upcoming topics, speakers, certification prep, and educational sessions.
Sponsors
Organizations supporting SDSUG’s.
SDSUG at a Glance
Overview and orientation FAQ.
Safety & Incident Response
Standards, trained officers, and incident‑response protocols.
Site Index
A full directory of SDSUG web pages.
Last Updated: April 2026