John MacMillian, Deputy Secretary for Information Technology and Chief Information Officer, Commonwealth of Pennsylvania

John Dolmetsch,  Chief Information Officer,  Business Information Group 

Biography:  John has spent the last 20 years leading a nationwide wireless specialized practice and has become a recognized leader in the industry. Starting with municipal wireless in the early 2000s, he has led his team as the Executive Architect on leading-edge wireless initiatives including Comcast/Xfinity nationwide Wi-Fi deployment and strategy, Exelon ConEdison and PPL Smartgrid Wireless Initiatives, State of Maryland Microwave and Edge Device Deployment, Siemens, Nokia, IBM and Johnson Controls Wireless SME Advisor, Comcast Stadium, Venue, Transit, and Multi-Tenant Wi-Fi Strategy.

John has extensive experience in converged technology solutions and leads a team of SMEs in all functions of technology solutions including advanced routing, cybersecurity, IoT, wireless, application development, building automation, and mobility. In addition to Executive Architect and business leader, he provides guidance to the Economic Development Department for the State of Pennsylvania, York County and York City, on the implementation of technology for business development. John also sits on the York College Advisory Council for Technology Curriculum Development.

Presentation Abstract: The move towards a virtual workforce, up until 2020, was a slow and contentious one. While businesses and society were well aware of the economic, environmental, and social benefits of a virtual workforce, few adopted or embraced the concept due to long-standing beliefs that a workforce needed to be contained in a central office building or campus. The COVID-19 pandemic forced the world to adapt to a remote work world and embrace the technologies that had already been developed, years ago, to enable organizations to function and thrive in a non-centralized environment. Adapting to a virtual workforce requires the implementation of technology at many entry and exit points for remote workers, a movement to more cloud-based solutions, and the implementation of collaboration tools. However, there is a psychology and social component of security that must be considered that overshadows the technical component. During this presentation, we will explore the mix of technology and psychology required to make the virtual workforce safe, productive, and effective.

Break for 15 minutes before starting Session #1. 

Tony Hubbard, Principal – Government Cybersecurity Services, KPMG

Biography:  Tony Hubbard is a Principal in KPMG’s McLean office.  He has 28 years of experience in providing advisory services to United States Government entities, notably in the realm of cybersecurity.  He has also supported commercial clients that have programs linked to Federal Government cybersecurity initiatives (e.g., FedRAMP, FISMA, and NIST).

Tony’s experiences have entailed improvement in business processes and internal controls, with a focus on assisting clients in complying with laws, standards, and guidelines such as ITIL, COBIT, FISCAM, FISMA, FFMIA, CFO Act, NIST, and OMB.

Presentation Abstract: In the face of a global pandemic, workers have moved from the office to the home, taking their corporate assets and sensitive data with them. Companies now rely heavily on remote work capabilities, some of which are new or untested. Malicious cyber actors have taken note and are working harder than ever to take advantage of this new environment. While their tactics might look familiar, they’ve shifted focus to the new weak points of work-from-home. Technology and security leaders need to do the same. This session will explain the emerging threats that companies face in the new work-from-home world and the steps your organization can take to stay secure.

Break for lunch before starting session #2 

Speaker #1:Scott Major, CISSP, CISA , ITIL v3,Chief Information Officer, Berks County IU

Speaker #1 Biography: Scott Major is the Chief Information Officer for the Berks County Intermediate Unit (BCIU), where he is responsible for planning, administering, and supervising all areas including cybersecurity and compliance, infrastructure and operations, software services, grant and funding development, and the development and delivery of technology services for BCIU programs, constituent school districts and the community at large. Scott has served as a technology leader in education for 21 years. During that time, he served as the Director of Technology at the Boyertown Area School District, Director of Technology at the Lancaster County Career & Technology Center, Director of Network Services at Elizabethtown College, and Network Manager at Dickinson College. Scott is currently finishing his Doctoral research in IoT Security Practices in K12 at Walden University.

Speaker #2: Richard Svesnik, Deputy Director of Information Systems, Westmoreland County IU

Speaker #2 Biography: In a county just outside of Pittsburgh, Pennsylvania, Richard Svesnik, has been building his career for the past 14 years within the Information Systems Department of Westmoreland County.  His journey began in 2006 as a Technical Support Specialist, but quickly moved into an administration position with the county’s IBM Power System in 2008, and again in 2012, transitioned to Director of Information Technology.  In 2018, with a departmental reorganization, Rick moved into the Deputy Director of Information Systems role, combining his prior oversight of the physical infrastructure of Westmoreland County’s IS department with that of the Applications division as well.  Rick has been with the county through various large scale deployments such as the migration to a robust VDI environment, implementing a Cisco VOIP phone solution, and the 2013 construction of an all new on premise Data Center.  To unwind from the daily stresses of IT, Rick can be found with his wife, Kelly, two sons, Jackson and Tyler, and dog, Lilly, somewhere deep in Forbes State Forrest, as an avid rock climber, hiker, and mountain biker. 

Moderator: Michael Sage, CGCIO, ITLv3, Chief Information Officer, County Commissioners Association of Pennsylvania

Moderator  Biography: Michael Sage is the Chief Information Officer for the County Commissioners Association of Pennsylvania (CCAP), where he provides services to county government and serves as a voice for Pennsylvania counties. Prior to joining CCAP in 2019, Michael was with the Commonwealth of PA for over 15 years. During that time, he served in various roles including Chief Security Officer and Deputy Chief Information Officer for the Department of Labor & Industry. He also served as Chief Technology Officer for the Employment, Banking, and Revenue Delivery Center. Michael is passionate about collaborating, strategizing and fostering relationships across all levels of government. He has lead reorganizations, budget analysis, shared service implementations, security initiatives, strategic planning, technology and application modernizations, service optimization, and many other strategic and operational initiatives.

Presentation Abstract: Join panelists from the Berks County IU, Westmoreland County IU, Commonwealth Commissioners Association of Pennsylvania, and the Commonwealth of Pennsylvania as they discuss threat intelligence, cybersecurity, new threats, and changes due to COVID-19 on their positions and the field as a whole

Break before the endnote address.

Erik Avakian, CISSP, CRISC, CISA, CISM, CGCIO™, ITILv3s, Chief Information Security Officer, Commonwealth of Pennsylvania 

Matthew Newfield,  Corporate Chief Security Officer, Unisys

Biography:  Mathew Newfield joined the Unisys leadership team as the Corporate Chief Information Security Officer in March 2018. He leads the Unisys Corporate Information Security team with responsibility for the design, development, and implementation of the company’s corporate information security and risk programs across all regions and functions. Newfield has over 19 years of experience in Information Technology with a focus on Security, Software as a Service Operations, Risk Auditing and Management, and International Mergers and Acquisitions. Prior to joining Unisys, he was the Director of Global Managed Security Services for IBM where he had responsibility for delivery services in 133 countries and managed a staff of nearly 1,500 security professionals. Newfield led the Managed Security Practice that performed Device Management, Threat Intelligence, Managed Security Information and Event Management, Account Governance, Project Management, Deployment Services, New Service Integration Business Operations, Compliance/Governance, and Architecture Services. Newfield was also the Business Unit Information Security Officer and Global Process Officer for IBM’s Security Services Organization.

During his time at IBM, Newfield streamlined operational processes and developed cost reduction methodologies that improved cost control, profitability, and client delivery. Prior to IBM, Newfield held senior security leadership roles at Cybertrust, RSA, and DCC Advocacy. Newfield is on the Board for National Technology Security Coalition (NTSC), a published author on topics related to security, a speaker on cybersecurity, and an instructor at the SANS Institute. In addition, he holds a Bachelor of Science degree in Industrial and Organizational Psychology from George Mason University.

Presentation Abstract: People all around the world will forever remember the COVID-19 pandemic, its rapid spread, and the devastating impact on the health of our society and the global economy. Many of the 7.5 billion people across the globe have experienced the loss of lives, jobs, and businesses. In times like these, people are struck with strong emotions caused by fear, uncertainty, and doubt. That is when we are driven most by the Human Effect. As leaders of our organization and as cyber professionals, the challenges are many.

In addition to supporting and securing our virtual workforce, we also see a growing number of cyber-attacks against our digital marketplace of products and critical services. Too often we focus on technology and less about the human factor. In the new normal, IT Leaders and others need to lean in and embrace the human factor when connecting and communicating with their internal and external stakeholders. So, in times of crisis let us explore the hidden lessons that can serve as a catalyst for change and allow us to reboot and create the new normal.

Explore Lessons Learned During COVID-19:

• What did your team do to effectively manage and respond to the crisis?

• What actions did your team take to best engage and support your stakeholders internally and externally?

• What changes will you make across your people, process, and technology to help accelerate a rebound?

• How will you manage and evaluate the impact of the implemented changes?

• What enhancements have been made to your business continuity strategy and execution plan to minimize business disruption in the future?

Break for 15 minutes before starting Track #1. 

Brant Kenny, Manager of IT Services, Lincoln Intermediate Unit 12

Biography:  Brant Kenny is the Manager of IT Systems for the Lincoln Intermediate Unit and has over 14 years of experience in the field of educational technology. Brant holds a Bachelor of Science in Music Education from Messiah College and a Master of Science in Learning Technologies with Instructional Technology Specialist Certification from the Harrisburg University of Science and Technology. After teaching music for 5 years, he transitioned into the role of Technology Coordinator for a local charter school. From there, he moved to the Lincoln Intermediate Unit 12 where he currently serves as the Lincoln Intermediate Unit 12’s Manager of IT Systems. He is responsible for managing LIU’s server and network infrastructure, asset inventory/replacement cycle, Enterprise IT Services consulting arm, the Lincoln IU 12 Educational Technology Services Help Desk, and providing technical leadership for LIU’s Lincoln Learning Network RWAN Consortium. Brant has also provided professional development to multiple school districts focusing on Microsoft Endpoint Configuration Manager (MECM) and presented at Tech Talk Live on “Inexpensive Network for Schools featuring Ubiquiti Networks”.

Presentation Abstract: The need to secure our devices, regardless of their physical location, has always been a priority item in many organizations. The COVID-19 pandemic and the ensuing closures have created a need for every organization to review their security posture with regards to devices in the field. Join us to learn how Microsoft’s Endpoint Configuration Manager, in concert with Intune, can be easily deployed to your workstations in a short period of time!

Break for lunch before starting Session #2.

David Beidelman, Senior Security Solutions Architect, SHI

Biography: David Beidelman brings more than 20 years of technology and security expertise to his role as Senior Security Solutions Architect for SHI. He helps organizations develop and maintain proactive security programs by working to understand their assets, identify vulnerabilities, and define the processes and technologies that will enable them to reduce risk. He has extensive vulnerability assessment and incident response experience and has worked with clients across a variety of industries.

Presentation Abstract: 27 billion data records were exposed during the first half of 2020; more than four times higher than any previously reported time period. This session will highlight tools that can help you keep up with threats across all aspects of your security program:

• Identity & Access Management
• Application Security
• Data-Centric Security
• Data Center & Cloud Security
• Threat & Vulnerability Management
• Program Strategy & Operations

You’ll learn about privileged access management, DevSecOps, data classification, secure access service edge (SASE), defensive deception, and security automation solutions you can leverage to safeguard critical data and reduce risk during COVID-19 and beyond.

15 minute break before the Endnote