Cyber Security Symposium 2015

Please select the optional registration items below for the
Education Breakout Sessions
depending on your area of interest, &/or job function.



>>> Choose one session for each block of time <<<

Choose from the following tracks for:

 Government to Government Sessions OR SCADA Sessions

 >>> Choose one session for each block of time <<<

Choose from the following tracks for:
Track 1: Security and Privacy Leadership: (sessions 1, 9, 17, 25) 
Track 2: Risk Management (sessions 2, 10, 18, 26, 29) 
Track 3: Building Security In  (sessions 3, 11, 19, 22, 27, 30)
 Track4: Information Sharing and Collaboration (sessions 4, 7, 12, 20, 28, 31) 
 Track 5: Business Continuity and Technology Recovery Planning (sessions 5, 13, 21) 
Track 6: Convergence of Incident Mgmt & Emergency Mgmt (sessions 6, 14, 22) 
Track 7: Privacy: Protecting Privacy in the Internet of Everything  (sessions 15, 23)


  • Tuesday, September 29, 2015
    8:30 AM  -  9:00 AM
    Check In for Morning Session Attendees - 3rd Floor  (East Lobby)
    Check In and Registration for attendees enrolled in the morning sessions. (Gov't to Gov't & SCADA Sessions)
    9:00 AM  -  9:45 AM
    Gov't to Gov't - GIS - Uses for Business Continuity/Technology Rec  (Room 302/303)

    GIS - Strategic & Tactical uses to leverage for Business Continuity/Technology Recovery Planning

    Speaker:  Scott Gregory, State Geographic Information Officer, CA Dept of Technology

    Carla Zuehlke, Statewide Technology Recovery Program Manager, CA Dept of Technology, CISO

    Description: This session will focus and demonstrate the strategic and tactical use of leveraging Geographic Information System (GIS) technology for business continuity/technology recovery. We will explore the benefits of implementing a GIS - centric focus on site selection and assessment.  The session will also focus on the tactical aspects of response and recovery.  Demonstrations will depict integration of live feeds and disparate datasets to provide a relevant operational view.  Live feeds will include traffic, weather, and various other disaster related incidents in relationship to critical infrastructure and assets.

    Expected Outcome: Increase awareness and exposure of GIS technologies and leveraging the technology to strategically plan, respond and recover from disasters. 

    Intended Audience:  Business Stakeholders, Information Security Officers, Technology Recovery Coordinators, Business Continuity Planners, Chief Information Officers, Chief Technology Officers, Geographic Information Systems Subject Matter Experts

     Optional  Closed 
    9:00 AM  -  9:45 AM
    Gov't to Gov't - ISO - CalCloud Security - What Is It and What Have We Learned?  (Room - 301)

    Speaker: David Langston, Manager - Security Management Branch, CA Dept of Technology


    Description: The CalCloud portfolio of services will be described with a focus on the security goals and accomplishments to date in that program. Particular focus will be given to the implementation of security for the CalCloud Infrastructure as a Service from the Department of Technology particularly focusing on the FedRAMP compliance efforts as well as other key security related learnings.


    Expected Outcome: Understand the CalCloud portfolio of services and how security is a cornerstone to those services. Also understand key learnings from the FedRAMP compliance process and how that may affect decision processes regarding the utilization of this service or Cloud services in general.


    Intended Audience: AIOs, CIOs, ISOs, Information Security Managers, Information Security staff, IT Managers, IT developers, IT infrastructure technologists, and anyone with an interest in Cloud security and/or CalCloud.

     Optional  Closed 
    9:00 AM  -  9:45 AM
    Gov't to Gov't - Privacy on the Go: Building Privacy Into Your Mobile App  (Room - 304/305)

    Speaker: Joanne McNabb, Director of Privacy Education and Policy, California Attorney General’s Office


    Description:  As the world has gone mobile, state agencies are moving to provide their information and services through mobile apps. Sometimes agencies build their own apps and sometimes they contract out for them. But are you building your privacy standards into your apps? Do you know what data your apps are collecting and where it is going? In this session, you will get insights and tips from the Attorney General’s Privacy Enforcement and Protection Unit from their work on mobile apps and their best practice guidance in Privacy on the Go: Recommendations for the Mobile Ecosystem.

    Expected Outcome: Attendees will get a suggested process for building privacy into mobile apps, questions to ask in-house or outside app developers, top privacy issues to address, and various ways to configure and display an app’s privacy policy. Attendees

    Intended Audience: Privacy Coordinators, web and app developers

     Optional  Closed 
    9:00 AM  -  9:45 AM
    SCADA Track - Session 1 - Industrial Control Systems Security: An Introduction  (Room - 306)

    Speaker: Seth Bromberger, Applied Researcher, Global Security, Lawrence Livermore National Laboratory


    Description: While the security of traditional IT systems has been a focus of attention for many years, it is only relatively recently that this focus has extended to industrial control systems (ICS) – those systems responsible for managing physical processes such as manufacturing, the delivery of energy, and industrial automation. This presentation will provide a high-level overview of ICS security and will provide attendees with an understanding of current and anticipated risks to this cornerstone of critical infrastructure.

     Optional  Closed 
    10:00 AM  -  10:45 AM
    Gov't to Gov't - ISO - Proper use of the Plan of Action and Milestones (POAM) in State Gov't  (Room - 301)

    Speaker: Patrick McGuire, Special Advisor, CA Information Security Office


    Description: The Department of Technology, California Information Security Office is providing training related to the purpose, function, and proper use of the standardized Plan of Action and Milestones (POAM) reporting process and tool.

    This training hopes to achieve POAM process improvement, including but not limited to:
    • Improvement in the quality of POAM reporting
    • Reduction in reporting errors
    • Increase the likelihood of reporting


    Expected Outcome: An informed, knowledgeable, and enthusiastic attendee.


    Intended Audience: State of California Information Security Officers (ISO), Chief Information Officers (CIO), Technology Recovery Coordinators, Privacy Coordinators, and other interested personnel.

     Optional  Closed 
    10:00 AM  -  10:45 AM
    Gov't to Gov't - Privacy: Open Data: The Right Balance  (Room - 304/305)

    Speaker: Joy Bonaguro, Chief Data Officer, City of San Francisco


    Description: At times open data and privacy can seem at odds. So how do you balance transparency and openness with privacy and security? Learn how DataSF is developing a privacy framework and toolkit for Open Data in San Francisco.



    Expected Outcome: At the end of this session the attendee will understand privacy and security considerations surrounding open data and how to responsibly provide openness and transparency for government data.


    Intended Audience: This session is intended for data managers and analysts, business leaders, privacy officers, information security officers, CIOs, and anyone working on open data initiatives.

     Optional  Closed 
    10:00 AM  -  10:45 AM
    Gov't to Gov't - Privacy: From Laws to Practices  (Room - 302/303)

    Speaker: David Nelson (CIPP/US/G, CHRC, CHPC, CISSP) – former Privacy Officer and Deputy Compliance Officer for the County of San Diego, and former HIPAA Privacy and Security Officer for Yolo County


    Description:  Using HIPAA as a case study, this presentation shows one way to meet the letter of the law. The approach looks at high level policy, drilling down with specific procedures where necessary, so that the average workforce member can actually find and understand what is expected of him/her when handling personal health information. In the progression of HIPAA, mandates were released at different times and spanned years. Some Covered Entities responded by developing drill down polices by the dozens and some created separate policies for each and every legal mandate. While this meets the letter of the law, in some cases it has made for hundreds of pages of policies spread throughout the organization; some ending up in HR Administrative Manuals or in Information Technology. This dispersion of requirements means that only a few individuals (probably counsel or the Privacy Officer) know where all the policy bodies are buried, making it difficult to train and hold workforce accountable.

    Expected Outcome: Attendees will learn how to interpret high level privacy laws and policies in order to create compliant actionable privacy practices and procedures. The secondary goal is to increase accountability while raising privacy education and awareness within the organization.

    Intended Audience: Privacy Coordinators, privacy analysts, and compliance specialists

     Optional  Closed 
    10:00 AM  -  10:45 AM
    SCADA Track - Session 2 - Understand the difference: IT & Operating Technologies in Security  (Room - 306)

    Speaker: Ed Fok, ‎Transportation Technologies Specialist, Federal Highway Administration


    Converging Technologies of ICS

     Optional  Closed 
    11:00 AM  -  11:45 AM
    SCADA Track - Session 3 - IT/OT Convergence for "The Digital Age Company"  (Room - 306)

    Speaker: Steve Zalewski, Security Architect, ‎PG&E


    Description: This session will give you perspective and insights into the evolving Internet of Things (IOT) and how it is influencing the security landscape between cybersecurity and operational security within utilities and other industries. If you have heard of SCADA and Smartgrid and want to know more, then this is the talk for you.


    Expected Outcome: The attendee will be exposed to the differences between IT and OT environments and be given guidelines on how to approach this new convergence based on one utilities experience.


    Intended Audience: Anyone that is interested in learning about this fascinating area of cybersecurity.

     Optional  Closed 
    12:00 PM  -  1:15 PM
    SCADA Track - Lunch Session - SCADA Security, Current Threats & Approaches  (Room - 306)

    Speaker: Rich Daugherty , Senior Cyber Security Consultant, U.S. Public Sector Enterprise Security Solutions HP


    Description: Supervisory Control and Data Acquisition (SCADA) systems are an integral part of every energy and water management operation. This session will discuss how to protect against targeted attacks, advanced threats, and advanced persistent threats that continue to penetrate traditional network security solutions with evasive techniques like slow detonating malware, compromised mobile devices, and hidden payloads. You need to allow business customers access to these systems and the data but it has to be done safely. How do you do it? IT versus OT, and security versus access. Come and find out!


    Expected Outcome: Understand the risks and attacks associated with control systems and how to structure and protect against them. Learn techniques to enable secure business access to critical OT processes and information. Have direct access to a cyber security expert and have a chance to ask questions 1:1.


    Intended Audience: OT engineers, ISOs, CIOs, business leaders, anyone concerned or responsible for OT security

     Optional  Closed 
    12:00 PM  -  1:00 PM
    Event Registration & Check In - 3rd Floor
    Check In for Afternoon and Next Day Sessions. (for those that are not attending in the morning)
    12:00 PM  -  5:00 PM
    Cyber Security Solution Center - 3rd Floor Lobby  (East Lobby)
    Visit the Cyber Security Solution Center on the 3rd Floor to see the latest in Security Technology and talk with many industry leaders!
    1:00 PM  -  1:30 PM
    Day One: Introduction and Opening Remarks - General Session, 3rd Floor  (Room 307/308)

    Introduction of the 15th Annual Cyber Security Symposium


    Executive Sponsors:

    Michele Robinson, State of California Chief Information Security Officer, CA Dept of Technology, Office of Information Security

    Joanne McNabb, Director of Privacy Education and Policy, Office of the Attorney General, California Department of Justice

    1:30 PM  -  2:45 PM
    Day One - Keynote Protecting Critical State Networks and Assets: A New Paradigm of National Defense  (Room 307/308)

    Former Director of Homeland Security and Public Safety for the National Governor’s Association to deliver the Keynote Presentation!

    Thomas MacLellan

    Director of National Homeland Security Policy and Government Affairs, FireEye

    Description: This presentation examines the changing role of states in defending against ongoing cyber-attacks by nation-states and transnational criminal organizations. It provides a high-level overview of the challenges currently facing states and explores ways that state policymakers and practitioners should consider their efforts in a larger national and strategic context.
    1:30 PM  -  2:45 PM
    SCADA Track - Session 4 - Threats to SCADA & Developing Effective Protection Strategies  (Room - 306)
    Speaker: Joe Weiss, Managing Partner, Applied Control Solutions, LLC
     Optional  Closed 
    3:00 PM  -  4:15 PM
    Keynote Panel - In the Trenches: Chief Info Security Officers & Chief Privacy Officers Perspectives  (Room 307/308 General Session)
    Michele Robinson, State Chief Information Security Officer, State of California


    Speaker Panel:
    Edward Block, State Chief Information Security Officer, State of Texas
    Kent Wada, Chief Privacy Officer and Director, Strategic IT policy, UCLA
    Raj Patel, Chief Information Security Officer, City of Palo Alto


    Description: Today, all industries and sectors are dealing with an unprecedented increase in cyberattacks. Chief Information Security Officers (CISOs) and Chief Privacy Officers (CPOs) in the trenches and the board room today are faced with an equal number of challenges. This panel comprised of CISOs and CPOs from a variety of government sectors will share their top challenges, opportunities and lessons learned. The panel will touch on their roles and responsibilities for security and privacy strategy, investment, governance, program management, and advancing awareness and action.


    Expected Outcome: Attendees will hear and learn, first-hand, from seasoned information security and privacy protection professionals in the government sector and better understand how CISOs and CPOs from various government sectors are tackling today's top cybersecurity challenges.


    Intended Audience: Program Directors, AIOs, CIOs, ISOs, Information Security Managers, Information Security staff, IT Managers, and others interested in learning how CISOs and CPOs support organizational/business missions, goals and objectives.

    3:00 PM  -  4:15 PM
    SCADA Track - Session 5 - Executive Panel to discuss Lessons Learned and Strategic Planning  (Room - 306)
    Speaker: Joe Weiss, Managing Partner, Applied Control Solutions, LLC
     Optional  Closed 
    4:30 PM  -  5:30 PM
    ALL ATTENDEES: Day One - Meet and Greet Reception - Solution Center 3rd Floor  (East Lobby)
    Join us for a reception following the Closing Remarks from Day One.
  • Wednesday, September 30, 2015
    8:00 AM  -  8:30 AM
    Day Two Registration and Check In - 3rd Floor  (East Lobby)
    8:00 AM  -  3:00 PM
    Cyber Security Solution Center - 3rd Floor Lobby  (East Lobby)
    Visit the Cyber Security Solution Center on the 3rd Floor to see the latest in Security Technology and talk with many industry leaders!
    8:30 AM  -  9:15 AM
    Day Two - Introduction and Opening Remarks - General Session, 3rd Floor  (Room 307/308)

    15th Annual Cyber Security Symposium


    Michele Robinson, Chief Information Security Officer, CA Dept of Technology, Office of Information Security
    Robert Morgester, Senior Assistant Attorney General, eCrime Unit, California Attorney General’s Office

    9:15 AM  -  10:00 AM
    Day Two - Keynote - Cybersecurity in action: Lessons from the front lines of the fight  (Room 307/308)

    Speaker: Mary Galligan, Director, Advisory’s Cyber Risk Services, Deloitte

    Description: Over the course of the last 12 months, we have seen an evolution in cyber-attacks going from breaches related to identity theft and theft of credit card information to more nefarious objectives such as political or ideological battles, theft of U.S.-based corporate intellectual property or trade secrets, and profiling of U.S. citizens for the purposes of blackmail and other criminal purposes.


    Cybersecurity is not just a technology risk but a business risk which requires cross-functional collaboration within organizations in order to adequately prepare, manage and respond. Come spend an hour with Mary Galligan, former Special Agent in Charge of Cyber and Special Operations for the FBI’s New York City office who led the largest technical and physical surveillance operation in the FBI, to hear about the latest trends in cybersecurity attacks, what is happening on the front lines of State Governments and Fortune 200 companies that are trying to manage these attacks, and practical strategies that are being implemented by executives and State Government leaders.


    Hear stories from the front line detailing lessons learned on managing cybersecurity events and steps for helping to improve the cybersecurity, vigilance and resiliency of your Department and Agency.

    10:15 AM  -  11:00 AM
    Education Session 1 - Funding Secrets for ISOs from the Expert  (Room - 309)
    Anthony Souza, Founder, Government Policy & Strategies, Inc. (GPS)
    Jamie Mangrum, CIO and Deputy Director, CA State Hospitals
    Joe Munso, expert in finance and administration of California’s publicly funded health and human services programs

    Description: This session will provide attendees with the tools to successfully implement their security activities by gaining the support from the department's business divisions.

    The session will discuss the following main topics:

    - influence your organization's project planning process

    - receive funding for your security projects

    - how to ensure that security is a consideration in all departmental policy analysis and development

    - how to ensure that security is a consideration in all programmatic implementations


    Expected Outcome: ISO's will learn how to get their security initiatives funded by better understanding how to communicate with the business.


    Intended Audience: ISO, CIO, AIO, Security staff and Business Leaders wanting a better understanding of how to implement security programs.

    10:15 AM  -  11:00 AM
    Education Session 2 - Risk Assessment and Management - Tips & Tricks  (Room - 304/305)


    Srinivas Alturi, VP. Cyber Security Services, Anvaya Solutions, Inc.

    Panel Member: Denise Mellor, CISO and Director Privacy, Security and Disclosure, CA FTB

    Description: Organizations today face a constant threat of cyberattacks where adversaries try to lay siege on an organization’s information assets impacting their Confidentiality, Integrity, Availability, and Security. Organizations have the daunting task of managing the risks posed by these cyberattacks.

    This presentation will provide guidance on risk management process through detailed risk assessment, development of Key Risk Indicators (KRI) and prioritization of the risks. It will also cover tips on presentation of the risks to executive management to enable informed decisions.

    Some of the topics that will be covered are:

    - Why conduct a risk assessment?

    - What are the benefits of a good risk assessment?

    - How to conduct a risk assessment?

    - How to identify threats and risks to your computing assets?

    - What is day-to-day operational risk monitoring?

    - Risk management Plan

    - Presentation of risks to Executive Management to enable data-based informed decisions.

    Expected Outcome: Attendees will gain a high level of understanding of Risk Assessment and Risk Management methodologies and how to present the results to senior management to facilitate an effective and informed decision making aimed towards mitigation of the risks.

    Intended Audience: All levels of business executives, management and information security professionals.

     Optional  Closed 
    10:15 AM  -  11:00 AM
    Education Session 3 - Building Privacy & Security In: Intelligent Security Design, Development, & Ac  (Room - 310)

    Speaker: Stephen Caimi, Industry Specialist, US Public Sector, Cisco

    Description: Today’s dynamic cyber threat landscape raises the stakes for defenders to ensure the confidentiality, availability, and integrity of today’s sensitive information and mission-critical data. We hear about sophisticated attacks and massive data breaches nearly every day. How can agencies and organizations approach security differently?

    The most effective security programs use an inside-out approach: One that begins with effective cybersecurity from the start, rather than bolting it on later. Aligned with State Administrative Manual policies and procedures, this session explores cybersecurity lifecycle best practices from the National Institute of Standards and Technology (NIST) including intelligent security design, development, and acquisition from the NIST SP 800-series, the Risk Management Framework, and the Cybersecurity Framework. It shows how agencies and organizations can apply a new security model that covers the entire attack continuum – before, during, and after an attack.

    Expected Outcome: Attendees will leave this session with essential knowledge and resources to design advanced cyber security and privacy directly into their IT programs.

    Intended Audience: The intended audience includes Department Directors, Program Administrators and Managers, Agency Information Officers, Chief Information Officers (CIO), Chief Technology Officers, Chief Information Security Officers (CISO), Privacy Officers and Privacy Program Coordinators.

    10:15 AM  -  11:00 AM
    Education Session 4 - Get the most out of Public Sector Cyber Security Associations & Collaboration  (Room - 312)


    Stacey Wright, SOC Manager/Intel Program Center for Internet Security (CIS), MS-ISAC

    Gary Coverdale ,Chief Information Security Officer, County of Napa

    Description: Attendees will learn how they can make the most of becoming part of Cyber Security Associations and Collaboration Groups like; MS-ISAC, CCISDA’s ISF and the FBI public/private partnership of InfraGard. They’ll learn the types of resources these groups make available to them as well as the Security Policies, Procedures and Governance models these groups are developing. Attendees will also learn how they can build their own Cyber Security collaboration group.

    Expected Outcome: Learn how you can get the most out of Public Sector Cyber Security Associations & Collaboration Groups like MS-ISAC, CCISDA's ISF and the FBI's public/private partnership of InfraGard.

    Intended Audience: CISO’s, Information Security Managers and Security Policy makers

    10:15 AM  -  11:00 AM
    Education Session 5 - Cyber Crisis Management Plans: Lessons from Disaster Recoveries  (Room - 311)
    Speaker Panel:
    Mike Wyatt, Director, Deloitte
    Linus Akanoh, Senior Manager, Deloitte
    Stacey Larsen, Senior Manager, Deloitte
    Russell Jones, Partner, Deloitte

    Description: How do we return to normal operations as soon as possible? How do we manage the fall-out? This session will present how to proactively build a Cyber Incident Response Plan leveraging lessons from Disaster Recoveries for organizational structure, identifying responsive enablers, and a comprehensive communications plan. Key topics to be covered include leveraging an information management framework, and decision making processes based on optimal action plans for potential scenarios. The objective is to ensure all of the right regulations and standards are addressed and developed in accordance to a realistic budget based on security and legal requirements.


    Expected Outcome: We will explore a lessons from disaster recovery incidents and models that provide a cyber crisis response cycle that coordinates the public and private sectors to respond to events that may involve critical infrastructure and key resources.

    Intended Audience: CIOs, ISOs, SOC personnel, CERT Teams, Communications Teams, California Office of Emergency Services (COES), California Emergency Management Agency, Cal Fire, California Geological Survey, California Natural Resources Agency, CDPH, OTECH

     Optional  Closed 
    10:15 AM  -  11:00 AM
    Education Session 6 - Don't Get DDoS and Confused  (Room - 301)

    Speaker: Patrick Sullivan ,Security Manager, Akamai Technologies

    Description: DDoS attacks are not a new problem but the profile of the attacks have increased in size, frequency, duration, and complexity. Virtually any news can trigger an attack making every organization's critical systems and resources a potential target. This session will discuss: 1) the current attack landscape 2) symptoms to look for; and 3) how organizations can prepare ahead of time to properly respond to and recover from an attack.

    Expected Outcome: Attendees will leave this session with a better understanding of the changing DDoS attack landscape, how to prepare before an attack, how to detect an attack, and how to effectively respond during and after an attack.

    Intended Audience: CIO's, ISO's, SOC Personnel, Network Security, Incident Response, Crisis Management, OTECH

    10:15 AM  -  11:00 AM
    Education Session 7 - Moats and Walls Aren't Enough: Identity is the New Perimeter  (Room - 302/303)

    Speaker: Tony Goulding, Director, Technical Product Management, Centrify


    Description: Investments in advanced threat protection devices and next generation firewalls have paid off- and our adversaries have shifted their tactics as a result. The 2015 Verizon Data Breach Report demonstrates that nearly 75% of all successful breaches were tied to compromised credentials. Most recently, the Office of Personnel Management data breach root cause was attributed to a privileged user's credentials being compromised. In addition, the explosion of mobile and the increased adoption of cloud applications by government agencies means that a growing percentage of data traffic never traverses an organization's gateway. This means that the traditional infrastructure perimeter has simply melted away. At the intersection of these two trends is Identity-based Access Control and Audit. Join us for a discussion on how a comprehensive identity management and audit approach- especially for privileged users- is a must have in today's- and tomorrow's- amorphous data network landscape.


    Expected Outcome: An understanding of how APTs and malicious insiders are taking advantage of poorly-managed privileged identities; i.e., too many individual accounts with too much access, and sharing of too many privileged accounts and their credentials. Audience will learn how a comprehensive PIM strategy can mitigate these risks, reduce administrative overhead, provide more robust auditing, and meet PCI and other compliance requirements.


    Intended Audience: CIO, CISO, CTO, IT Director, Security Architects and Specialists

    10:15 AM  -  11:00 AM
    Education Session 8 - Hacking the Paradigm  (Room - 319)


    Chris Nyhuis, CEO, Vigilant Technology Solutions

    Stephanie Cervantes, Security & Privacy Strategist, LinkSource Technologies, LLC


    Description: In the midst of the chaotic stream of hacking attacks the trend for a 'one-size-fits-all' appliance approach is causing a stir. From nextgen firewalls, signature detection, vulnerability tests and signature-based detection, IT departments are grasping to answer their executive team’s question, “Are we 100% Secure?” This session will inform leadership on the new paradigm that must be adopted to protect against attacks and the damage that follows. We will show why off the shelf solutions, or 'one-size-fits-all' are not the best tactics in detection and why the trend in removing people from the equation is causing a rise in successful cyber attacks. Topics: • Why the paradigm of what 100% security means is causing the question to be answered wrong • The old equation of operational need + control doesn’t meet the standards needed to protect against attackers • How adding a third value to the equation will give you an edge over the adversary • Why you should expect advanced attacks


    Expected Outcome: Attendees will come away with a better understanding of why the best architected network, the best security staff and the best security products and practices may not prevent a breach, stop malicious activity or have bad things happen to good companies. However, they will learn the critical strategy needed to prevent these things and dramatically mitigate the risk of doing business in an internet connected world.


    Intended Audience: All - Executives, Managers, Supervisors, Architects and Technical Staff

    11:15 AM  -  12:00 PM
    Education Session 9 - Being an Efficient Security Leader in a Changing Landscape  (Room - 311)
    Being an Efficient Security Leader in a Changing Landscape

    Developing the skill set and leveraging some best practices for an effective Security and Privacy officer.

    Speaker: Xochitl Monteon,Sr Director, Security Governance Risk & Compliance, Intel Security

    Description: This session is designed to share some of the critical skillset's necessary to be an effective Security or Privacy Officer. In this session, leaders from Intel and Intel Security and the State of CA will share some insight and best practices to leverage throughout the organization.


    Expected Outcome: Attendee will leave the session with best practices to incorporate into your own environment including: Communication, acceptable levels of risk, negotiation, risk management and security throughout the organization.


    Intended Audience: CSO's, CPO's, individuals from the ISO office, compliance and privacy people

     Optional  Closed 
    11:15 AM  -  12:00 PM
    Education Session 10 - Managing the Unmanageable: A Risk Model for the Internet of Things  (Room - 310)

    Speaker: Gib Sorebo, Chief Cyber Security Technologist, Leidos


    Description: While much has been written about the future risks posed by the Internet of Things, little has been done to put their risks in the proper context. This talk will propose a model for evaluating cyber security risks for IoT within the relevant domains such as transportation, healthcare, agriculture, and other areas to prioritize the approach to security. The speaker will draw on his experience working in industrial environments that offer lessons learned evaluated security in these fit-for-purpose domains and the challenges presented when operators sought to integrate these devices with general purpose computing devices. Such scenarios like managing one’s insulin pump from an iPhone or summoning a self-driving car from the same smart phone are likely to represent future challenges to security. We will discuss a layered risk model that draws on the strength of fit-for-purpose devices while still presenting the human interfaces available for general computing devices.


    Expected Outcome: Audience members will be better able to explain to management the risks their organizations face from Internet of Things technology both now and in the future. They will walk away with some concrete actions they can take to better address those risks.


    Intended Audience: The session is appropriate for a wide variety from executives and technical managers to those responsible for securing and planning for new IoT technology as well as security architects and network engineers. It would also be useful for policy developers and agency heads.

    11:15 AM  -  12:00 PM
    Education Session 11 - Security Jeopardy!  (Room - 304/305)

    Speaker: Vaishali Patel ,Regional Sales Manager, Imperva

    Panel Contestants:

    Denise Mellor, Agency Information Security Officer/Chief Security Officer, GovOps Agency/BCSH/FTB

    Tim Garza, CIO, CA Dept of Water Resources

    Lloyd Indig, Information Security & Privacy Officer, CA Dept of Social Services


    Description: "Defense in Depth" is an often used term when it comes to Security. In this session, we will focus on your mission critical and sensitive layer- your Data. Come, hear, and watch your peers discuss how they are working to build security in by protecting and securing their data whether the data is sitting within your walls in the data center or in the cloud via SAAS/Cloud Apps. Data Classification is only the beginning. What happens after you know and understand where your data is? Meeting compliance (be it Nist 800-53, PII, PHI/HIPAA, FTI, CJIS, etc) is the next step. But as we can see from the media attention from a different cyber attack almost every day, simply meeting compliance is not enough anymore. Protection is also key. This session will have a fun, interactive and creative focus on understanding how to do all of this in the form of a little competitive Security Jeopardy amongst your peers!


    Expected Outcome:

    Understand how to:  1. Classify Data, 2. Meet Compliance, and 3. Protect your Data whether it's within your Data Centers or Cloud/SAAS Applications.


    Intended Audience: CIOs, CISO/AISO, Security, Line of Business Managers, Owners of Data

    11:15 AM  -  12:00 PM
    Education Session 12 - Cyber Threat Alliance - Cyber Threat Alliance: State of the Alliance Update  (Room - 312)

    Speaker: Vishaal Hariprasad, Threat Intelligence Architect in Unit 42, Palo Alto Networks


    Description: The volume of new cyber threats continues to increase rapidly on a daily basis. Defenders are often inundated with the amount of new samples, infrastructure, and threat actor groups that appear or morph nearly every second of every day. Attempting to cope with the massive amount of new cyber threat data alone is an insurmountable task.

    The Cyber Threat Alliance was formed by a core group of security vendors: Fortinet, McAfee, Palo Alto Networks, and Symantec. The alliance consists of practitioners from these organizations that have chosen to work together in good faith to share threat information for the purpose of improving defenses against advanced cyber adversaries across member organizations and/or their customers. Together the alliance seeks to share cyber threat information in order to collectively enhance our defensive intelligence capabilities and posture.

    The alliance is currently building out an internal STIX compliant framework based on the FS-ISAC model with a goal to directly share and provide significant contributions to the FS-ISAC in the near future.

    Join one of the alliance founding members’, Palo Alto Networks, for this session where we will present the current status of the alliance, review the fundamentals of cyber threat intelligence information sharing and technologies, information sharing best practices, and the future innovations and alliance roadmap.

    This presentation will include a review of information sharing topics to include a detailed look at how the alliance approaches and utilizes:

    • STIX – Structured Threat Information

    • TAXII - Threat Information Exchange

    • CybOX – Cyber Observable Expression

    • Norman Sample Sharing Framework

    Expected Outcome:  Attendees will have an opportuntiy to learn about new inforation sharing standards and methodologies for making sense of all of the information being shared in the security community today.

    Intended Audience:  CISO, ISO, Inteligence Directors, SOC Operators, Security Researcher, Law Enforcement

    11:15 AM  -  12:00 PM
    Education Session 13 - Build a proper DR/BCP strategy  (Room - 309)

    Speaker: Gary Lamb, Solutions Architect, ENS-Inc.


    Description: This session will discuss topics for planning, creating and implementing a Disaster Recovery and Business Continuity Plan. Presentation will include the following:

    1. Traditional DR/BCP overview

    - Key Terms and Definitions.

    - Impact of the plan on Physical vs. Virtualized Environments.

    - Technology components of the DR/BCP plan.

    - Security Profile Considerations.

    2. Build the RTO/RPO objectives

    - Key management stakeholder’s objectives?

    - Do these objectives trump security?

    - Current impact of a laps of service?

    - Map Management stakeholder objectives to current technology

    3. Build the BC/DR plan on a strategic timeline (2 to 5 years)

    - Working with technology already deployed.

     - When to refresh of hardware and software.

    - Building a living document.

    4. Technology shifts that effect how we facilitate a BC/DR plan.

    - Should security landscapes match on both sides?

    - Where do we put replication technology?

    - When and why do we backup?

    Expected Outcome: Attendees wil have a stronger understanding of Disaster Recovery and Business Continuty Planning.

    Intended Audience: Key Business Stakeholders, solution architects, engineers

    11:15 AM  -  12:00 PM
    Education Session 14 - Minimize cyber-security exposure before, during and after an emergency  (Room - 302/303)


    Kevin Flynn, Director of Product Marketing, Blue Coat Systems

    Pam Greeley, Information Security Officer, California Highway Patrol

    Doug Leone, Information Security Officer and Privacy Officer – California Environmental Protection Agency


    Description: The controlled chaos of an emergency response is rife with opportunity for accidental exposure of sensitive data and/or SCADA controlled resources. Out of necessity, our emergency responders may not place the highest priority on communications security; however, these are precisely the moments our electronic adversaries choose to further test our cyber security defenses. It is critical for us to ensure that all stakeholders in this process are prepared with the proper tools and knowledge.

    To this end, Blue Coat will describe a tiered strategy for implementation of a cyber-security reference architecture to address (1) emergency responders as they arrive onsite for the first time, (2) broader security needs as the emergency response matures, and (3) deployment of proactive capabilities to help prevent future incidents, in order to help ensure protection of sensitive government assets, resources, and information.


    Expected Outcome: Attendees will learn how to minimize cyber-security risks while planning for and responding to emergency situations. Attendees will be able to position security technologies (cloud, proxy, analytics, etc.) within the appropriate phases of the incident response process.


    Intended Audience: CIOs, ISOs, SOC personnel, CERT Teams, Communications Teams, California Office of Emergency Services (CalOES), Cal Fire, California Geological Survey, California Natural Resources Agency, California Department of Public Health, California Department of Technology

    11:15 AM  -  12:00 PM
    Education Session 15 - PIA: New State Guidance, Private Sector Tips & Tricks  (Room - 301)


    Rich Daugherty,Senior Cyber Security Consultant, U.S. Public Sector Enterprise Security Solutions, HP

    Mary Morshed, Statewide Risk Management and Privacy Program Manager, CA Information Security Office



    This session is an introduction to new state guidelines on performing privacy impact assessments and learn how they do it in the private sector. The focus is to provide practical experience for improving privacy risk management processes across your organization by using PIAs. In addition, the PIA lifecycle plays an important role in overall program management.


    Expected Outcome:

    At the end of this session you will understand the privacy impact assessment process as it applies to state and private sector companies. You will also learn tips and tricks for successful privacy risk management.


    Intended Audience:

    This session is intended for privacy officers, privacy analysts, ISOs, CIOs, business leaders and anyone concerned or responsible for data protection.

    11:15 AM  -  12:00 PM
    Education Session 16 - How To Plug Data Leaks In a Post-PC World  (Room - 319)

    Speaker: Adi Ruppin, Senior Corporate Strategy Director, BlackBerry


    Description: As state and commercial business adopt cloud and mobile technologies, the need to secure, track, and properly assign privileges to important and sensitive data has increased. With 76% of organizations sending traffic via Dropbox, consumer services clearly offer a better experience than legacy enterprise systems, yet put sensitive data at risk. Many solutions have emerged recently purporting to facilitate secure access and sharing of data, but few live up to that promise. In this session we will review different approaches to sharing and protecting enterprise data, such as mobile device management (MDM), virtual desktop and enterprise file sharing and sync (EFSS).


    Expected Outcome: Learn the pros and cons of the different approaches to protecting and sharing data.


    Intended Audience: Executive, Managers, Supervisors, Architects, Technical staff. CSOs, Security, Compliance, Privacy.

    12:30 PM  -  1:30 PM
    Lunch Keynote -Option # 1 - No lunch provided - Industry Panel Discussion  (Room 307/308)
    Luncheon Registration Option #1 - No Lunch Provided
    *Note: A lunch purchase is not required in order to attend this session.


    Panel Moderator:Michele Robinson, State of CA Chief Information Security Officer, CA Office of Information Security

    Gib Sorebo, Chief Cybersecurity Technologist, Leidos
    Grady Summers, Senior Vice President and Chief Technology Officer, FireEye
    Sherry Ryan, IT Vice President & Chief Information Security Officer, Juniper Networks
    Tim O’Neil, Chief Information Security Officer, Blue Shield
    Andre McGregor, Director of Security, Tanium



    Description:  Coming Soon!

    12:30 PM  -  1:30 PM
    Lunch Keynote - Option # 2 - Pre-Purchased Lunch.- Industry Panel Discussion  (Room 307/308)
    Luncheon Registration Option #2 - Lunch Available for purchase, $15.
    *Note: A lunch purchase is not required in order to attend this session.


    Panel Moderator:Michele Robinson, State of CA Chief Information Security Officer, CA Office of Information Security

    Gib Sorebo, Chief Cybersecurity Technologist, Leidos
    Grady Summers, Senior Vice President and Chief Technology Officer, FireEye
    Sherry Ryan, IT Vice President & Chief Information Security Officer, Juniper Networks
    Tim O’Neil, Chief Information Security Officer, Blue Shield
    Andre McGregor, Director of Security, Tanium



    Description:  Coming Soon!

    Fee  Optional 
    12:30 PM  -  1:30 PM
    Lunch Keynote - Lunch Included (Private Sector) - Industry Panel Discussion  (Room 307/308)

    Panel Moderator:  Michele Robinson, State of CA Chief Information Security Officer, CA Office of Information Security


    Gib Sorebo, Chief Cybersecurity Technologist, Leidos
    Grady Summers, Senior Vice President and Chief Technology Officer, FireEye
    Sherry Ryan, IT Vice President & Chief Information Security Officer, Juniper Networks
    Tim O’Neil, Chief Information Security Officer, Blue Shield
    Andre McGregor, Director of Security, Tanium



    Description:  Coming Soon!

    2:00 PM  -  2:45 PM
    Education Session 17 - The 2015 Verizon Data Breach Investigations Report (DBIR)  (Room - 310)

    Speaker: Bhavesh Chauhan, Security Evangelist, Verizon Security Solutions


    Description: The Verizon Data Breach Investigations Report (DBIR) is one of the industry's most comprehensive reports of its kind. In this year's DBIR, we studied more than 2,100 data breaches and nearly 80,000 security incidents, reported by 70 organizations including leading law enforcement agencies.Prepare your enterprise to conduct individualized self-assessments of risk, so you can make realistic decisions on how to avoid cyber threats. The 2015 DBIR expands its investigation into nine common threat patterns and sizes up the effects of all types of data breaches, from small data disclosures to events that hit the headlines.

    Expected Outcome: In addition to participating in an insightful overview of the report’s key findings, agencies have the opportunity to join the conversation on pressing security topics with Verizon

    Intended Audience: CIO,CISO, CTO, Dir of IT, VP IT, etc.

     Optional  Closed 
    2:00 PM  -  2:45 PM
    Education Session 18 - Understanding the Cyber Enemy and creating an offensive countermeasure.  (Room - 311)

    Speaker: Hai Nguyen, Technical Advisor, Trend Micro


    Description: Cyber-attack analysts have publicly warned of what has now become a common theme: “It is not a matter of if, but when, as it relates to a successful cyber-attack against a US organization”. When you closely explore the ease of collecting internet-based intelligence on a target, and then launching an existing cyber-weapon on that specific target, it is a very low cost of entry for cyber criminals. Their goal is profitability by stealing your data.

    We will conduct a deep dive discussion on the cyber-attacks to identify:

    • Who are the current threat actors

    • What methodologies and tactics are we up against

    • Where are the attacks being launched from

    Additionally we will showcase targeted attack case studies and share best practice security policies to help your organization strengthen its defenses.

    Expected Outcome: Attendees will acquire a detailed knowledge of the current threat environment with specific examples. Also, attendees will learn the specific technologies that can be used to thwart sophisticated, targeted attacks.

    Intended Audience: Network and infrastructure engineers, IT and security managers. The presentation is technical in nature.

    2:00 PM  -  2:45 PM
    Education Session 19 - Hacking Web Applications, a Primer for the OWASP Top 5  (Room - 304/305)


    Ronald Hamilton, VP, Security Solutions Division, PTP (Performance Technology Partners)

    Nic Borton, Director, Security Research, PTP (Performance Technology Partners)


    Description: This session will present methods and strategies for developing and maintaining secure applications. The discussion will include the OWASP (Open Web Application Security Project) TOP 5 and current actor (attacker/hacker) methods and how to identify these vulnerabilities in applications. We will demonstrate the most effective testing strategies to check your applications for common security vulnerabilities.

    The OWASP TOP 5 we will review are:

    1. Injection

    2. Broken Authentication and Session Management

    3. Cross Site Scripting (XSS)

    4. Insecure Direct Object Reference

    5. Missing Function Level Access Control

    Expected Outcome: Familiarity with the OWASP Top 5 through real word examples as seen here in the State of California.

    Intended Audience: CISO's, ISO's, Technical Staff, Developers, Application Development Managers, Aspiring Hackers

     Optional  Closed 
    2:00 PM  -  2:45 PM
    Education Session 20 - Accelerating Security Decisions With Cloud-Based Threat Intelligence  (Room - 301)

    Speaker: Chris Simmons, Program Director, X-Force Strategy & Product Management, IBM


    Description: Many enterprise firms use external threat intelligence to enhance their security decision making—but lack the critical support that's required to make the most of the resources. Security teams use multiple sources of intelligence to identify threats, which is time-consuming and not always from trusted sources. Too often, information cannot be processed quickly enough to make a significant impact, offering little protection. During this session, we will present a point of view on how organizations, leveraging cloud based platforms, crowdsourcing and a network of peers can centralize threat intelligence and respond to threats much faster than before. The added value of context, gathered through a mix of human and machine generated insights can further aid in validating findings and research threat indicators as well as aiding in forensic investigations when a breach has occurred.


    Expected Outcome: During this session, security leaders, analysts and senior technology leaders will gain significant insight into how they can change the way they are researching and sharing threat intelligence.


    Intended Audience: Security Leaders (CSO), Security Analysts, Director and “C” level technology leaders.

    2:00 PM  -  2:45 PM
    Education Session 21 - Building a Network Architecture for Business Continuity  (Room - 302/303)

    Speaker: Benjamin Griffin, Juniper Networks


    Description: This session will provide an understanding of the Business Impact of building a network architecture that will enable your infrastructure to better handle incidents and downtime through automation. Business continuity is critical to every IT organization. In this session, we will discuss open, standards based technologies and methodologies that build automation into your business continuity processes, up front, and will outline the business benefits to IT Operations teams.


    Expected Outcome: Attendees will learn impact and criticality of having a network design that allows for organizations to plan and prepare for ability to automate network capabilities


    Intended Audience: CIOs, ISOs, Communications Teams, Business Continuity Planning teams, Directors of IT Operations, Manager of IT Operations, Deputy and Assistant Deputy Directors

    2:00 PM  -  2:45 PM
    Education Session 22 - Intelligent Security Design, Development, and Acquisition  (Room - 312)

    Speaker: Kashif Dhatwani, Security Practice Director, BIAS Corporation

    Description: The session will discuss current trends in information security landscape, information security threats, as well as the challenges organizations face as they expand their business in the new technology arena with mobile and social capabilities. In addition, we will discuss the different families of Information Security in context of NIST, such as access control, Identification and Authentication, Risk Assessment, Systems and Information Integrity. We will also address the requirements in these areas by discussing technical solutions and trends today, and how different Public and Private sector organizations are implementing these technologies to meet their security requirements around their business applications, which are a combination of on premise and cloud based. Lastly, the session will discuss the latest implementations around access and identity with real customer experience.


    Expected Outcome: Attendees will take away from this session the current trends taking place in information security, an understanding of the different families of information security, as well as technical solutions to implement within their organization to meet security requirements.


    Intended Audience: Executives, Managers, Architects, Technical Staff

    2:00 PM  -  2:45 PM
    Education Session 23 - Understanding IoT Security and Personal Privacy  (Room - 309)

    Speaker: Terry McCorkle, Pricipal Security Strategist, Splunk, Inc.


    Description: Embedded systems that make up the fabric of the Internet of Things are continually changing and providing new ways of interacting with the world. Things that, when initially built, were not intended to be connected to the Internet now are.

    What kinds of risks are introduced when connecting “All the Things” to the Internet and how does this impact privacy?

    Please join us as we discuss how devices are connected, what kinds of data they are creating and what can be done with this data. We will cover some of the incredible things people are doing with IoT to become more efficient and what kinds of risks this introduces to agencies and personal privacy.

    Expected Outcome: Learn several use cases on how people are using IoT data to become more efficient Become aware of the kinds of risks this introduces to agencies and personal privacyLearn how privacy staff can audit and provide separation of duties by overseeing the work that cyber security staff perform, and what types of logging or other technical mechanisms provide the visibility to support this work

    Intended Audience: Security and compliance professionals

    2:00 PM  -  2:45 PM
    Education Session 24 - Experimental Defense: Lessons from the Pentagon and OPM  (Room - 319)
    Sameer Bhalotra: CEO of StackRox; Former US Senate and White House cybersecurity official
    Chris Finan: CEO of Manifold Technology; Former US Dept of Defense and White House cybersecurity official
    Michael McNerney: Cybersecurity Strategist; Former US Dept of State diplomat and Dept of Defense cybersecurity official
    Chris Petersen: CTO of LogRhythm


    Description:  The US Dept of Defense (DoD), Office of Personnel Management (OPM), and other federal agencies have spent billions of dollars trying a wide range of cybersecurity solutions. While many of the complex solutions these agencies employed have failed, other smart improvements in risk management and security implementation have succeeded elsewhere. This group of experts will present lessons learned in maturity modeling, threat information sharing, novel analytics, user authentication, data protection, and incident response -- and explain how you can take advantage.


    Expected Outcome: Learn from federal government experiences in maturity modeling, threat information sharing, novel analytics, user authentication, data protection, and incident response.


    Intended Audience: Executives, Managers, Architects

    3:00 PM  -  3:45 PM
    Education Session 25 - The NEED for SPEED - Why time matters with Threat Detection and Incident Resp  (Room - 310)


    Brennen Reynolds, Sr. Director Technical, Tanium

    Panel Members:

    Mike South, CISO, Employment Training Panel

    Todd Ibbotson, CISO, CA Dept of Justice


    Description: There are two types of organizations: Those that have been hacked and know it and those that have benn hacked and don't know it. The sophistication and speed of attacks require new approaches to solve this increasingly challenging problem. Tackling this continually evolving threat landscape with methodologies and tools from a decade ago is no longer sufficient. The industry needs a securty wake-up call and they have a NEED for SPEED.

    Expected Outcome: A better understanding of how Cyber attacks work, and how to better equip yourself to be prepared to catch an attack quicker and how to limit the scope and severity of an attack.

    Intended Audience: CIO's, CISO's, ISO's, Incident Response managers, security teams

    3:00 PM  -  3:45 PM
    Education Session 26 - Intersections in Compliance: Security Policy in 2015  (Room - 309)

    Speaker: Jason Gould, Practice Manager - Security, NWN


    Description:  Security Policy is a comes in many forms acceptable use, clean desk, disaster recovery and many other fields. We will discuss how to use compliance as a tool for guiding policy. Network Security, Server Security Application Security are all important but they are secondary to the nature of end users. The session will focus on how to teach end users to be vigilant in terms of remaining compliant; that compliance will shape the policy and limit risk. The end users will work with their peers to discuss approaches and formulate best practices around security policy. The workshop will included lightening rounds with jeopardy questions and think tank boards about approaches to compliance.


    Expected Outcome: A solid understanding of the benefits fo compliance and best practices in security policy.


    Intended Audience: Compliance and Risk officers CISO's

    3:00 PM  -  3:45 PM
    Education Session 27 - What's In Your Software  (Room - 312)

    Speaker: Michael F. Angelo, CRISC, CISSP | Chief Security Architect, MicroFocus / Net IQ


    Description: Security breaches involving open source software are occurring with increasing frequency. With more of this open source software being deployed and used by a growing number of business users * sometimes without ITs knowledge * we must face the reality that we simply do not know what software is present in our IT environment. When we don*t know what components in these applications are deploying at any given time or location, we leave ourselves vulnerable to exploitation by cyber criminals. This session will provide insight into the logic and technology you need to create in order to examine your environment (with your current resources) and determine "what's in your software".

    Expected Outcome: Raise awareness of the issue of software supply chain and provide insight into methods to assist in the implementation.

    Intended Audience: Technical Managers and/or staff wanting to obtain a better understanding of the issues involved with software supply chain analysis.

    3:00 PM  -  3:45 PM
    Education Session 28 - Responding to Advanced Threats with Shared Actionable Threat Intelligence  (Room - 301)


    Chad Holmes, Chief Technology and Intelligence Officer, SLED, FireEye, Inc.

    Eli Owen, Deputy Commander CA State Threat Assessment Center, Governor’s Office of Emergency Services


    Description: The key to addressing a potential breach quickly is having the best threat intelligence and knowing how to use it. This session will discuss the current threats on government organizations and the importance of threat intelligence and collaboration. We will also discuss how to drive action and awareness with threat intelligence and why strategic analysis is crucial.


    Expected Outcome: Attendees will learn the steps used by security professionals to addressing security breaches in their organization.


    Intended Audience: This session will apply to anyone concerned with their cybersecurity posture, from Executive Management/Elected Officials/Policy Makers to Technical cyber security staff.

    3:00 PM  -  3:45 PM
    Education Session 29 - Five Critical Capabilities for Managing Risk.  (Room - 304/305)

    Speakers: Robert Myles, National Practice Manager, State & Local Government, Symantec


    Description: Managing and reducing risk to organizationally-acceptable levels is critically important in today's ever evolving threat landscape. CISO's have a multitude of Risk Management Frameworks (RMF) from which to choose as well as a plethora of controls to choose from for purchase and deployment. Thus maintaining a successful risk management capability is a complex undertaking. How do you protect the Confidentiality, Integrity & Availability (CIA) of your IT Systems and data while deploying and maturing your RMF? In this session you'll learn about 5 fundamental capabilities you should deploy no matter where you are in the maturity of your Risk Management capability.

    Expected Outcome: An understanding of how deploying five basic capabilities; HW/SW Mgmt, Config Mgmt, Vuln Mgmt & DLP will offer immediate cyber protection and Risk Management. Attendees will receive both a List of Best Practices for implementing the capabilities, and a Matrix of Frameworks that map the capabilities to multiple frameworks.

    Intended Audience: CISO, CIO, OIG, IT Admin, etc. Anyone involved in the Risk Management chain. Whether you manage sensors/tools or set policy for Risk Management, this session applies to your area of responsibility.

    3:00 PM  -  3:45 PM
    Education Session 30 - Protecting Against Insider Threats  (Room - 302-303)

    Speaker: Mike McCabe, Systems Engineering Manager, Entisys Solutions, Inc.


    Description: Target lost 40,000,000 records in 2014 due to a breach that cost them $148 million dollars. Despite having tools watching the perimeter, they failed to secure insider access. Recently, the personal information of aproximately 1.1 million active-duty military personnel, 430,000 members of the National Guard and 645,000 members of the Reserves was stolen in the theft of computer data from the Department of Veterans Affairs. The data included Social Security numbers and disability ratings.

    Protecting against insider threats, whether malicious or accidental, is extremely difficult, especially when 71% of employees say that they have access to information they aren’t supposed to see. Don't let your organization become another data breach headline.


    Expected Outcome: This presentation will focus on 6 tactics for protecting against insider threats.


    Intended Audience: Chief Information Officers, Information Security Officers, Data Security Specialists and Engineers

    3:00 PM  -  3:45 PM
    Education Session 31 - Cyber Threat Landscape & Intelligence Sharing for State and Local Governments  (Room - 311)

    Speaker: Stacey A. Wright, SOC Manager - Intelligence Program, MS-ISAC


    Description: As the U.S. Department of Homeland Security’s (DHS) key cyber security resource for all state, local, tribal, and territorial (SLTT) governments, the Multi-State Information Sharing and Analysis Center (MS-SIAC) has a unique insight into the SLTT cyber domain, aided by sensors deployed in 33 state government and multiple local and territorial government networks. This session will discuss the cyber threats, trends, and issues currently effecting SLTT governments, through case studies and operational intelligence derived from the sensors, and member, federal, and open source reporting. Throughout the presentation California-specific intelligence will be highlighted, as well as best practices in sharing actionable intelligence.


    Expected Outcome: Attendees will gain actionable intelligence on the cyber threats, trends, and issues SLTT government's are currently navigating, along with best practices for intelligence sharing that will increase cyber security efforts.


    Intended Audience: CISOs, security leaders, technical staff, and analysts.

     Optional  Closed 
    4:00 PM  -  4:30 PM
    Cyber Security Awards Ceremony & Closing Remarks - Ballroom 3rd Floor  (Room 307/308)

    Awards will be presented to those individuals that have had the greatest impact on the security and privacy in government and education sectors.

    A total of five awards will be presented in the following categories:

    Security Leadership (3)

    Security Leadership State Government
    Security Leadership Local Government (City or County)
    Security Leadership in Education

    Privacy Leadership (1)

    Security Operations Leadership (1)

    4:30 PM  -  5:30 PM
    Cyber Security Awards Reception - Ballroom, 3rd Floor  (Room 307/308)
    Join us for a reception following the Awards Ceremony and Closing Remarks from Day Two.