8:45- 9:00 | Welcome
Eric Darr, President, Harrisburg University of Science and Technology
Kelly Logan, VP Of Strategic Workforce Development and Continuing Education, Harrisburg University of Science and Technology
9:00- 9:10 | Opening Remarks
John MacMillan, Deputy Secretary for Information Technology and Chief Information Officer, Commonwealth of PA
9:10- 9:15 | Encouraging Caring and Sharing Video
Governor Tom Wolf, Commonwealth of Pennsylvania
9:15-10:00 | Security Challenges Confronting Government and Schools and Benefits to Collaboration & NASCIO’s Cybersecurity State of the States Report
Erick Avakian, CISSP, CISA, CISM, Chief Information Security Officer, Commonwealth of Pennsylvania
Erik Avakian was named Chief Information Security Officer for the commonwealth in 2010. Erik joined the commonwealth in 2005 and became Deputy CISO in 2007. He has over 17 years experience in securing enterprise-level environments and is an expert in reducing risk and mapping security to the business. He has extensive experience in security governance, risk management, compliance and incident response and remediation. As CISO. Erik is responsible for establishing enterprise security strategy, standards, controls, and security policies and lead the Enterprise Information Security Office, which defends against cyber attacks, reduces the commonwealth’s vulnerability to cyber attacks, and minimize the damage and recovery time from attacks if and when they occur. Erik holds numerous industry certifications including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), Certified Government Chief Information Officer (CGCIO) and ITIL v3. He is an active member of the National Association of State Chief Information Officers (NASCIO) Security and Privacy Committee, the International Information Systems Security Certification Consortium (ISC2), the Information Systems Audit and Control Association (ISACA), Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Pennsylvania Criminal Intelligence Center PaCIC).
Srini Subramanian, Risk and Financial Advisory Lead, Deloitte
Srini is a principal in Deloitte & Touche LLP’s Cyber Risk Services practice and leads the Risk and Financial Advisory practice for the SLHE Sector. He has more than 30 years of technology experience, and more than 20 years of cyber risk services experience in the areas of information security strategy, innovation, governance, identity, access management, and shared services.
10:00- 10:45 |CISA: Cybersecurity Resources for State and Local Governments
Benjamin Gilbert, Cybersecurity Advisor, Cybersecurity and Infrastructure Security Agency
Mr. Gilbert serves as a Cybersecurity Advisor in the Cybersecurity and Infrastructure Security Agency (CISA). He supports the Cybersecurity Advisor (CSA) program and CISA’s mission through the goal of strengthening the security, reliability and resilience of the Nation’s critical cyber infrastructure and serves in this role across the states of Virginia and West Virginia, as well as the District of Columbia. As a CSA, Mr. Gilbert conducts various cyber preparedness, risk mitigation and incident response coordination activities though public and private partnerships and outreach efforts in support of CISA’s mission. Prior to this appointment, Mr. Gilbert had served as a senior analyst with the CSA program’s headquarters where he led the development of various tools used by the CSA program to measure and strengthen the cybersecurity management capabilities of critical infrastructure organizations. Mr. Gilbert has been with CISA, and the Department of Homeland Security for over 9 years and has over 14 years of experience in cybersecurity spanning the commercial, federal civilian, and DoD communities. He currently holds the Certified Information Systems Security Professional (CISSP) certification, the Certified in Risk and Information Systems Control (CRISC) certification, the Certified Ethical Hacker (CEH) certification and a B.S. in Information Technology. Prior to joining DHS, Mr. Gilbert had served as an IT Specialist with the Virginia Army National Guard, and as an Airborne Infantryman in the U.S. Army’s 82nd Airborne Division.
11:15- Noon | Role of MS-ISAC and Resources to Help Governments and Schools Mitigate Cyber Security Risks
Andrew Dolan, Director, Stakeholder Engagement, Multi-State Information Sharing and Analysis Center
Andrew Dolan is the Director of Stakeholder Engagement for the Multi-State Information Sharing and Analysis Center (MS-ISAC) and the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC). The MS and EI ISAC have been designated by the U.S. Department of Homeland Security as the focal point for cyber threat prevention, protection, response and recovery for the nation’s state, local, territorial and tribal (SLTT) governments and election focused organizations. He is responsible for managing all aspects of member relations, working with government associations, and conducting outreach on behalf of the MS-ISAC. Under Dolan’s direction, the MS-ISAC has greatly expanded its membership since 2012, including representatives from all 50 States, D.C., all 50 state capitals, and over 7,000 local and tribal governments
Track 1: Sharing and Caring- Opportunities to Collaborate
1:00- 1:45 | The Risk and Protection of Cities and Municipalities
Mike D’Arezzo, Director of Security Services, ePlus
Michael is responsible for assisting clients in developing transparent and secure programs for Information Technology and developing Governance, Risk, and Compliance programs. Michael joined SLAIT as the Director of Security Services in 2015 and is known for his strong track record of operational excellence, innovative problem solving, and regulatory compliance expertise. He brings with him over 20 years of experience from GE, AMF and MICROS/Oracle where he had a strong focus on driving standards, consistency, performance, compliance and regulatory affairs. Today, Michael leads the team of security consultants and supports clients by developing secure operations, policies, and identifying vulnerabilities in configuration in the network and processes, review of daily operations and existing controls to identify potential risk and resolve, mitigate, or create compensating controls. Other responsibilities include executing penetration testing, vulnerability scans, perform audits against industry developed or internal controls, and review business processes and create security improvements for clients and SLAIT.
2:15- 3:00 | Considerations When Developing a Security Program
Brian Paulhamus, Technical Support, Central Susquehanna Intermediate Unit
Brian Paulhamus has worked in the Computer Services department at the Central Susquehanna Intermediate Unit for approximately 10 years and has been helping to manage the computer services infrastructure and implementations/maintenance of Student and Financial information systems for approximately 300 school districts across the state of Pennsylvania. He has worked mainly in technology support and has been transitioning into a key player in data center modernization and cyber security advancement within the organization. This has opened the doors for further education for Brian and in 2018 he received a certificate from Harrisburg University’s Chief Information Security Officer (CISO) program and is now working towards obtaining his CISSP. Brian and the CSIU got connected with the MS-ISAC in 2017 and that resource has provided many open doors for him to present or co-present locally, statewide and recently even nationally on the subject of getting started with building a security program in your organization.
3:15-4:00 | Panel Discussion: Cyber Challenges for Local Governments & Schools
1:00- 1:45 | Panel Discussion: The Role of Office of General Counsel, Attorney General, and State Police in the Orchestration of a Breach Response.
2:15- 3:00 | Red + Blue = Purple Teaming: The New Standard
Ron Plesco, Principal, KPMG
Ron, a former prosecutor, is an internationally known information security and privacy attorney with over 18 years’ experience in cyber investigations, information assurance, privacy, identity management, computer crime, and emerging cyber threats and technology solutions. Ron is a Principal in KPMG’s Cyber Security Services practice. Ron joined KPMG in 2012 after a distinguished career in the private and public sectors and is a frequent speaker nationally. Before joining KPMG, Ron was the CEO of the National Cyber-Forensics and Training Alliance (NCFTA), where he managed the development of intelligence that led to over 400 worldwide cyber-crime arrests in four years and prevented over $2 billion in fraud. Notable NCFTA intelligence-led arrests include Ghost Click, Anonymous, Core flood and multiple online frauds.
3:15- 4:00 | Identifying Breaches and Your Legal Obligations
Devin Chwasytk, JD, CIPP/US, Chair of Privacy & Data Security Group, McNees Wallace & Nurrick, LLC
Devin Chwastyk is the chair of the Privacy & Data Security Group at McNees Wallace & Nurick, a law firm based in Harrisburg, Pennsylvania. He has focused his practice on cybersecurity issues since 2005, when he began representing merchants and banks in data breach litigation. Devin has represented dozens of entities victimized by cyberattacks, helping those clients limit their liability and meet their notification obligations under state, federal, and international laws. Devin holds the Certified Information Privacy Professional (U.S.) designation from the International Association of Privacy Professionals.
1:00-1:45 | Transforming Security: The Role of Context in Realizing Simpler, More Effective and More Efficient Workload Production.
Dennis Moreau, PhD, Cybersecurity Architect, VMware
Prior to joining VMware he was a Senior Technology Strategist at RSA specializing in utility computing security, advanced threat technologies and trust modeling. He was a co-founder and the CTO of Configuresoft and the CTO for Baylor College of Medicine. He holds a doctorate in Computer Science and has held research and faculty positions in Computer and Computational Sciences. His work has been sponsored by the National Aeronautics and Space Administration, Caltech/Jet Propulsion Laboratories, the US Department of Commerce, the National Institutes of Health, the National Library of Medicine, AT&T Bell Laboratories and IBM. He is a frequent presenter at security conferences globally.
2:15- 3:00 |There is No Silver Bullet for Security
Unisys is one of the most attacked companies, given they are a global IT service provider with extensive Federal Agency involvement in protecting our borders, clients in the financial sector, and their CEO sits on the White House National Telecom Security Advisory Board. This is an overview of cybersecurity approach and tools that have contributed to their success.
•Strategy & how to justify funding
•Core/key tools (avoiding “”I didn’t know incidents”” like Equifax)
•Hardening the perimeter and protecting your public reputation (the right protocols like TLS 1.2, MFA, BitSight perspectives, etc)
Chris Odom, CCISO, CISSP, Deputy Chief Information Security Officer, Unisys
Chris Odom is the Deputy Chief Information Security Officer responsible for ensuring that “security is in everything we do”. He is responsible for leading a single integrated global cybersecurity organization across the company’s businesses and geographies. This includes threat intelligence, vulnerability management, incident response, identity and access management, end-user training and communication programs, and regulatory compliance across heterogeneous operational environments.
3:15- 4:00 | Why Compliance Won't Save You, Focusing on What Matters
Brandon Keath, MS, Cyber Security Practice Lead, Appalachia Technologies
Brandon joined Appalachia in 2018 as a Cyber Security Practice Lead. With prior experience in both private and public-sector IT consulting, Brandon has served in various roles in cybersecurity over the past 11 years specializing in ethical hacking, cybersecurity strategy, regulatory compliance, and cyber defense. Brandon has taught cybersecurity classes for a world-leading Cyber Security Bootcamp based out of Chicago and is active in the local Cyber Security community currently chairing the PAHackers Cyber Security group that meets monthly to discuss various issues facing the industry and holding various cybersecurity-related workshops and events. Brandon has most recently presented at the Harrisburg University of Science and Technology 2018 Cybersecurity Summit, and the Security BSides Delaware and BSides Long island conferences. Brandon has a Master’s degree in Cyber Security and Information Assurance from Western Governor’s University and a Bachelor’s of science from Central Penn College in Information Technology along with numerous security-related certifications such as EC-Council’s Certified Ethical Hacker (CEH) and Certified Hacking Forensics Investigator (CHFI) certifications.
Track 4: Tips For Creating An Effective Cyber Program For Your Organization
1:00- 1:45 | Understanding Your Adversary: Focusing a Security Program for Maximum Defense.
Defending an environment is a difficult journey, leaving security teams defaulting in to using many of the tools and processes they have become comfortable with over time. We need to change that. This talk will cover methodologies, theories and data analysis methods that can be used to defend in a more scalable and multi-faceted manner. Using those methods against the right actor at the right time can further the effectiveness of network defense, and we will compare actor behaviors throughout the talk, to ensure the most relevant application in defense of your environment.
Michael Benjamin, Senior Director of Threat Research, CenturyLink
Michael Benjamin is a 22-year veteran of the security and service provider markets. Since the team’s inception in 2014, Michael has led CenturyLink’s Black Lotus Labs, working to track and understand threats facing the internet. His team’s responsibility is to create the technology underpinning all security products at CenturyLink and to track internet threats to help protect CenturyLink and its customers. Michael comes from a strong technology and leadership background, having led all security technology direction at Level 3 Communications, as well as long-term planning for all technologies in his prior role at Global Crossing. His focus has been across network, computing and security technologies throughout his career.
2:15-3:00 | Zero Trust: CARTA, CSF, RMF, CJIS - OMG, How Can I Address All of These?
Peter Romness, Cybersecurity Solutions Lead, US Public Sector Cisco
Peter Romness is the Cybersecurity Solutions Lead in the US Public Sector CTO Office at Cisco Systems. For over 30 years, he has devoted his deep knowledge and diverse experience to help government agencies securely accomplish their missions. He is laser-focused on mitigating cybersecurity threats, maintaining individuals’ privacy, protecting sensitive information, and securing government intellectual property. Peter brings Cisco’s advanced cybersecurity solutions to departments and agencies at Federal, State, and Local Governments, and Educational Institutions.
He works with NIST and the National Cybersecurity Center of Excellence (NCCoE) and has contributed their 1800-Series Special Publications. Peter helps the broader IT community understand the very latest cyber capabilities and risk mitigation methods to effectively address cyber threats. His unique combination of a technical background and a passion for clearly conveying high-tech topics to audiences of all levels of understanding makes him invaluable to Cisco and our customers. Prior to Cisco Systems, Peter held leadership positions at Hewlett-Packard, AT&T and Panasonic. He holds a degree in Mechanical Engineering from Duke University.
3:15- 4:00 | Targeted Attacks: How to Recognize from a Defender’s POV
John Davies, Sr Presales Systems Engineer, Arctic Wolf Networks
John Davies is a Senior Presales Systems Engineer for Arctic Wolf Networks and today he will share best practices to understand how organizations can improve their information security posture through monitoring, meet client compliance and security requirements, and control the time and budget to get the job done with MDR solutions.