The process of managing risk in an enterprise is a constantly evolving effort that requires proper feedback and metrics from multiple functional groups, including Operations, Security, and Identity Management. Many organizations fail to factor in evolving threats that include extortion, data and/or reputation loss, as well as other tactics. In this talk, Aaron will outline several of these pitfalls, and provide real-life experiences of complicated incident and risk management decisions.

• Aaron Goldstein, Director, Endpoint Detection and Response Team, Tanium
  Aaron Goldstein is a Director with Tanium’s Endpoint Detection and Response (EDR) Team. He joined Tanium after 9 years of Incident Response consulting and threat intelligence management. During his career, he has lead over 250 security engagements spanning 9 countries, ranging from high profile investigations and incident response to creating and customizing full-scale cyber intrusion training exercises. Aaron leverages his unique Incident Response experience in complex, large-scale breaches to provide strategic solutions to secure environments of all sizes. He is highly skilled in translating difficult topics into easy to understand training sessions and utilizes his knowledge and skills to bring a unique approach to the ever-growing challenge of securing critical systems.

With an increasingly sophisticated threat landscape, innovative security executives across government and industry are rethinking their security strategies. They are looking at approaches to not just prevent but proactively detect and protect against cyber threats. They are turning to risk management strategies and employing frameworks that help monitor and evaluate their posture. With the realization that ‘all data is security relevant’ and that real-time data-driven decision making is critical, organizations are leveraging machine data, a by-product of any and all digital activities that gives them a trace of what is transpiring across the enterprise. In this session you will learn about a C-level view into security challenges and how government and industry can partner to best meet CISO priorities, the fundamental shift in strategies necessary for resilience in today’s new threat landscape, and best practices for risk management and practical tips on implementing these strategies to improve organizational security posture.

• Joel Fulton, CISO, Splunk
  Joel Fulton, Ph.D. is Chief Information Security Officer for Splunk, leading the Splunk Global Security teams, where he also supports product development, customer and partner relationships. Prior to joining Splunk, Joel held security leadership positions at Google, Symantec, Starbucks and Boeing. Joel is a frequent speaker at external conferences and customer events on Insider Threat, AI/Machine Learning & Cyber Security, pragmatic risk management and global security management. He holds a bachelor’s degree in business administration from Excelsior College, a master’s of science in information security from Capella University, and a doctoral degree in information assurance and security from Capella University.
• Peter Liebert, CISO and Director of the Office of Information Security, California Department of Technology
  Governor Jerry Brown appointed Peter Liebert as Chief Information Security Officer (CISO) and Director of the Office of Information Security of the California Department of Technology (CDT) on November 14, 2016. Mr. Liebert is the primary state government authority (as defined by California Law AB 670) charged with ensuring the confidentiality, integrity, and availability of state systems and applications, and ensuring the protection of state information assets. He is involved in a broad range of activities within the state and collaborates with federal, state and local security professionals, higher education, private industry, and others on security related matters. Mr. Liebert is responsible for creating, issuing, and maintaining standards, procedures, and policies relating to all aspects of information security for the state. He is committed to securing the state’s information assets by providing Statewide leadership and collaboration and recently received the “State Cybersecurity Leader 2017” award from StateScoop. Prior to his role as CISO, Mr. Liebert was a Threat Assessment Manager and later a Senior Product Manager at FireEye Inc. from 2015-2016. He has also served in several positions at the United States Cyber Command, including Special Assistant in the Office of the Secretary of Defense for Cyber Policy from 2014 to 2015 and Senior Cyber Policy Analyst from 2013 to 2014. Peter also served as Cybersecurity and Logistics Analyst in the Office of the Chief of Naval Operations from 2011 to 2013 and was lead for the Palestinian Logistics Mentoring and Warehouse Information Technology Program at DynCorp International from 2008 to 2010. He also served as an officer in the U.S. Navy from 2000 to 2008. He has earned a Master of Public Administration degree from the Harvard University, Kennedy School of Government and a Master of Science degree in international security from Canfield University and maintains multiple cybersecurity related industry certifications such as CISSP, GCPM, GISP, GSLC, CEH, and N+.

SSL encryption (port 443) is the de-facto encryption technology for delivering secure Web browsing, and the benefits it provides. SSL encryption is driving the levels of SSL Web traffic to new heights. According to different industry authorities such as Google, Gartner & Forester in 2018 about 70% of all casual Web traffic is now HTTPS encrypted. Some industries such as finance, government, healthcare & legal are even higher. Warning - not all SSL traffic is benign. Without the right security tools, SSL is a blind spot in your network rendering gateway security measures neutered. Next Generation Firewalls (NGFW) using Web filters, Application Awareness, Anti-Virus Gateway and IDS/IPS can only provide limited protection against malicious SSL traffic. Advanced Threat Protection (ATP) sandboxes provided limited protection against HTTPS traffic too. A more advanced approach of intercepting the SSL traffic allowing the NGFW & ATP devices to examine all Web traffic HTTP & HTTPS traffic is fast becoming a critical requirement.

• Jeff Bird, Senior Security Specialist, Juniper Networks
  As a Senior Security Specialist for Juniper Networks Jeff is responsible for educating internal teams, partners, and customers on the Juniper Networks security portfolio. Jeff is passionate about the role Juniper’s solutions can play in combatting the threat cyber-attacks pose to corporations and state entities. Juniper’s continued focus on automation with Software-Defined Secure Networking (SDSN) can streamline security operations, so threats are mitigated faster with less reliance on expensive and increasingly scarce cybersecurity human resources. Jeff is a 20+ year veteran of the Information Security & Networking industry and has held positions with multiple Silicon Valley security-focused companies such as McAfee, Blue Coat, Sophos, and Dell. Over the years, Jeff has worked in technical sales roles assisting service providers, resellers, and end users to secure their networks. Jeff holds a Bachelor of Science in Engineering from Indiana University of Pennsylvania and a Master of Arts in Management from City University of Seattle.

The National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) has served as the basis for a unified cybersecurity framework for government agencies since 2010. Adoption was slow initially as agencies determined how to transition from the legacy point-in-time risk assessment model to the RMF model of continuous monitoring. Compounding the transition challenge was the need to update thousands of system artifacts, migrate numerous authorization packages, and implement continuous monitoring controls and approaches. More recently, agencies have been challenged by the emergence of new and disruptive technologies, the continual increase and evolution of cybersecurity vulnerabilities, and the heavily manual RMF tasks. Join KPMG as we discuss leading practices for implementing the RMF, developing and maintaining security artifacts and authorization packages, and implementing risk management and continuous monitoring approaches consistent with the RMF.

• Tony Hubbard, Principal, Advisory, KPMG
  Tony Hubbard has over 27 years of experience in providing advisory services to United States government entities, notably in the realm of cybersecurity. Mr. Hubbard has also supported commercial clients that have programs linked to government cybersecurity initiatives (e.g., FedRAMP, FISMA, and NIST). Mr. Hubbard’s experiences have also entailed improvement in business processes and internal controls, with a focus on assisting clients in complying with laws, regulations, and guidelines such as ITIL, COBIT, FISCAM, FFMIA, CFO Act, and OMB.
• Ryan Love, Government Cybersecurity Practice, KPMG
  Mr. Love supports several projects for KPMG’s Government cybersecurity practice, notably the Department of Housing and Urban Development and Veterans Affairs. Mr. Love also previously provided threat intelligence support as a member of the Departments of Homeland Security and Defense.
• Eli Owen, Commander, State Threat Assessment Center, Governor's Office of Emergency Services

Many of us managing a network or collection of computing resources use education, awareness, and training to protect users and data. Despite our best efforts, we are often challenged to secure the most tricky of OSI Layers: Layer 8. Learn how digital lions find and stalk cyber gazelle as we review a case study of a cyber profiling activity of a North American public sector entity.

• Luis Carvajal-Kim, Cyber Risk Manager, Deloitte & Touche LLP
  Luis is a Manager in Deloitte’s Cyber Risk practice, specializing Life Sciences/Health Care & the Defense, Security, and Justice industries. Luis is an experienced cybersecurity professional who has worked extensively in the fields of full-spectrum cybersecurity and intelligence operations.
• James Parsons, Lieutenant Colonel, Cyber Network Defense Chief, California Military Department

This is the fifth age of computing. Everywhere you turn, someone wants to move to cloud. Terms like Low Cost, CapEx and OpEx are bandied about when discussing advantages of migrating to cloud. This presentation will help you understand the elements involved in securing the cloud. Who is watching the data? How is the environment being protected? Anvaya Solutions' security experts will provide insights into security parameters for your cloud environment. We will discuss the items you need to consider before, during and after migration to the cloud.

• Srinivas Atluri, Executive Vice President, Anvaya Solutions, Inc.
  Mr. Srinivas Atluri is the Executive Vice President of Cyber Security at Anvaya Solutions, Inc. He is a leading Subject Matter Expert with over 15 years of exclusive experience in cyber security protecting large enterprises. He leads all things cyber security at Anvaya Solutions and is also actively involved in the development effort of designing critical hardware-based security solutions for Internet of Things (IoT) devices. He holds 3 patents in security engineering and has 3 more pending. Mr. Atluri’s practical and holistic approach to Cyber Security combined with his ability to communicate difficult security concepts to C-suite executives, has gained him a reputation for his advisory role to organizations of all sizes. He has been advising the world’s 6th largest economy, the state of California and many of its large agencies with revenues of up to 70 billion dollars, on cyber security and enhancing their security and protecting their reputation.Mr. Atluri has participated in many security incident response events working closely with legal, investigations, IT Operations and Security Operations teams. He has conducted and led countless assessments and is convinced that all software code can eventually be compromised. He has worked on many sensitive and critical security projects during his service at Anvaya Solutions as well as in other Fortune 50 companies.Mr. Atluri has the breadth and depth of knowledge in cyber security that has helped establish him as a highly regarded speaker. Srinivas serves on cyber security panels and is a regular speaker, often to sold-out audience, at California state and national level cyber security conferences and symposiums. He also has participated in pro-bono workshops for small businesses.Prior to joining Anvaya Solutions Inc. in 2014, Srinivas worked in Cyber Security and Risk Management Strategy at Intel Corporation for 15 years with responsibilities involving both internal and external facing enterprise-wide web application security application and platform security, risk mitigation, and incident management. He had participated and led many investigations during breaches, developed security policies and procedures, conducted security assessments and worked with legal counsel on cyber security matters. Prior to moving to Intel, Srinivas designed packaging for powertrain control modules for General Motors for 7 years. He also has developed and designed products for automotive industry at a small business. He has achieved many company-wide prestigious awards for his achievements at Intel and GM.Srinivas has been a Certified Information Systems Security Professional (CISSP) since 2006. He also holds other highly recognized industry certifications in security such as Certified Information Systems Manager (CISM) and GWAPT (GIAC Certified Web Application Penetration Tester). He holds a bachelor’s degree in mechanical engineering from Osmania University and a master’s degree in mechanical engineering from the U.S.Srinivas is a member of High Tech Crime Investigation Association (HTCIA). He serves as an advisory board member of Infragard – an elite organization established with the coalition between the FBI and civilians and is a graduate of FBI Citizen’s Academy. He also is a member of security organizations such as ISACA and ISC2.Srinivas is a very active community leader and is passionate about mentoring youth, especially in STEM fields. He has coached multiple robotics teams for students and led the teams to 3 world championships and over 50 awards at various competitions. He also has mentored students for Cyber Patriot competitions which advanced three levels their first year. He has judged countless science fairs at all levels - local to international. In addition, Srinivas is very involved in Boy Scouts of America as an Assistant Scout Master and served as a Committee Chair for 5 years.
• Steven Grimes, Information Security Leader, Child Welfare Digital Services
  Steve has been working in Information Technology for over 37 years, starting in 1981 supporting high security communications networks for Military Intelligence. Steve worked on Financial systems for 11 years supporting commercial cash settlement systems, Point of Sale systems, bank transactions systems, ATM and Accounting systems for major clients including the California State Controller and the US Treasury. After moving into the Software Development world in 1996, Steve worked with international data privacy, and the European Union data privacy laws while developing the EDS Security Operations Center software (VCC) and the Incidence alerting systems (EON / eNote). Steve spent 7 years at HP supporting the GovCloud and Department of Defense contracts. Since Joining State Service in 2015, Steve worked as the Senior Security Engineer on the migration of the Child Welfare services from a mainframe system to Amazon (AWS) Cloud, in addition to service as the Information Security Officer for the California Student Aid Commission. Steve’s most recent experience was preparing the California Highway Patrol (CHP) to migrate from on premise Solaris to a hybrid environment with RedHat Linux hosted in Azure GovCloud and the CHP high security data centers. During this time Steve has worked with Financial, HR, CJIS, HIPAA, Top Secret, PHI, PII and Sealed and Sensitive among other types of data. Steve has a Master of Science and Bachelor of Science in Information Systems, and is CISSP, ITIL, CNA and MCSE certified.

Two major transformations are occurring in the workplace today: 1. State agencies are embracing a Cloud first policy by adopting an increasing number of SAAS applications from a line of business perspective and 2. Employees are no longer static; they work from home, remote branch locations, coffee shops, home, etc and from various devices including laptops, smart tablets and smart phones. As this shift is occurring the network or perimeter is expanding to the cloud. At the same time traditional hardware based security or networking tools are inefficient and archaic. Gaps in a coverage model from traditional hardware is a major security concern while availability and networks extending to the cloud is a major concern for network teams. To help fill the security and availability gap and bring together two traditionally speaking adversarial groups, a cloud based firewall can be the answer. The Zscaler session will focus on how. We will have real world examples from companies like GE, SIEMENS, Kelly Services and government entities such as the State of NY, WI, AK, MA. State of CA depts such as ETP, DPH, Calpers and DSH and CA Counties such as Santa Clara, San Mateo, Orange have also moved to a cloud based firewall replacing traditional hardware such as Websense/Forcepoint, Mcafee, BlueCoat/Symantec, Cisco, Palo Alto, etc. The goal will be to have this as a panel session with CISOs from state and county agencies who have embraced the technology to speak in regards to their use cases, lessons learned, etc

• Frank Andrade, IT Specialist, California Department of State Hospitals
• Vaishali Patel, Regional Sales Manager, Zscaler
  Vaishali Patel is the Regional Sales Manager covering Public Sector for the Western Region for Zscaler. Her responsibilities include helping Local, State, K12, and Higher Education entities transition into cloud based security platforms as the world continues to change. Prior to that, Miss Patel has 15 years of experience in the IT field at Lexmark, Salesforce and Imperva working with Public Sector entities from NYC to Alaska. With this professional background, her focus and niche expertise in understanding the unique needs of pubic sector has allowed her to help place security at the forefront of both technology and business needs.She has a degree from the University of Texas @ Austin, loves to travel the world and is based in SoCal.
• Ian Sanford, Systems Architect, California Department of Public Health

We've all seen it: a cybersecurity management program that has developed and grown over time, based on evolving requirements, one-off issues, differing expectations, and a legacy of ad-hoc decisions. Cybersecurity-by-design deconstructs those influences, wipes the slate clean, and shifts the basis of cybersecurity into the needs and realities of today. Through an analysis that includes threat analysis, key asset identification, and risk scenarios, it builds a mindset of cybersecurity that is shared across the organization. The analysis determines cybersecurity goals in non-technical terms, identifies common and complimentary approaches, and supports decision making. This talk addresses how to do this, and integrates a number of cybersecurity concepts such as compartmentalization, isolation, defense in depth, and along the way identifies key players in the process, how to establish buy in, how to tie-break individual perspectives (biases), and the language and approaches that have proven successful.

• Chris Brown, Senior Manager, EY
  Chris Brown (Senior Manager, EY) advises on cyber program strategy, planning, and governance, as well as risk assessment and management. He has assisted over 100 public and private sector organizations move to risk-based cybersecurity approaches to better address organizational missions and goals. Chris served six years as the Chief Information Security Officer for a healthcare insurer, and as an executive-for-hire, he led multiple client cyber initiatives and transformations. Chris has developed cyber and risk program frameworks, along with maturity models, KPIs, and KRIs, and has developed self-assessment, internal audit, and diagnostic toolkits for cybersecurity, IT risk, and risk management.

This session will focus on the built in security baseline and best practice feature of Office 365 called Secure Score. We will discuss current security trends in state and local government and how many of these can be addressed with existing features and configuration options in Office 365. We will go in depth on the ability of Office 365 Secure Score to baseline your current configuration and provide detailed guidance on how to configure Office 365 for improved security.

• Scott Howland, Chief, Information Management Division, California Highway Patrol
• Dean Iacovelli, Director - Secure Enterprise, Microsoft State and Local Government
  Dean has worked in Microsoft State and Local Government for 13 years, serving in a number of roles including as the first Chief Security Advisor and also later as the first Director for Cloud Services, building out the team of specialists that incubated what would become Office 365 for Government. He currently serves as the Director for Secure Enterprise for Microsoft State and Local Government, managing a national team of cybersecurity technical specialists focused on security for Office 365, Identity and Information Protection, Threat Protection, and Windows security. LinkedIn bio/profile: https://www.linkedin.com/in/dean-iacovelli-56540a
• Jason Opdycke, Threat Management Specialist, Microsoft State and Local Government
  Over the past 15 years at Microsoft, Jason has been involved in developing and delivering digital transformation & technical strategy for Public Sector customers, centered on Identity, Security, Productivity, Unified Communications, Cloud technologies, and Cyber Security. Jason is currently a Cyber Threat Specialist focused on Threat Protection & Response capabilities for State & Local Government customers. Jason’s in-depth identity and security background and experience comes from numerous roles at Microsoft ranging from in-depth technical debugging of Active Directory, the Microsoft CTO for the U.S. Department of Defense, and various Solutions Architect roles.

Thanks to an increasingly mobile workforce and the widespread adoption of cloud services, it’s no longer safe to assume that your data is secure simply because a credential checks out. With most data breaches involving stolen credentials, authorized and unauthorized access can look identical. The traditional perimeter has moved beyond the network to wherever the user is attempting to access the data. How can you provide a consistent experience for employees who are working from the office, the airport, a coffee shop or home? And how can you provide them access without risking compromise? Secure Your Perimeter and Trust No One.

• Marc Rodgers, VP of Cybersecurity Strategy, Okta
  Marc Rogers is Executive Director, Cybersecurity Strategy at Okta. Marc is a whitehat hacker who has worked in the security industry for almost twenty years, including four years as Head of Infosec for Cloudflare, and almost a decade managing security for the UK operator Vodafone. In addition to his work in the telecoms industry, Marc has been a CISO in South Korea and founded a disruptive Bay Area startup. Marc is a security evangelist, who has a positive outlook on how security should be implemented in today’s global organizations. It's this outlook that Marc used when he helped put together the award winning BBC series "The Real Hustle" and in the work he does building hacks for the USA Network show “Mr. Robot”. Marc is also the Head of Security at DEF CON, the world’s largest Hacker conference.
• Ron Zander, IT Security Team, Placer County

Cloud environments are growing exponentially. Many organizations are blind to how much their users are accessing cloud services. Learn how to gain visibility into your cloud providers, but also unsanctioned cloud applications that could put your organization and its data at risk. Many organizations are blind to how much their users are accessing cloud services. We will discuss governance and policies across multi cloud environments. How to gain visibility and control into what your users are doing in the cloud at any given point in time.

• Tyson Moler, Senior Manager, Security & Systems Management, NA Public Sector, Oracle

Join us for a lively talk on how organizations are balancing end user enablement and organizational security with the power of the cloud. In government, the goal is simple: to provide fast, safe, reliable services to your end users. However, it is becoming more difficult to effectively enforce security in today’s environments with highly distributed networks, increased usage of cloud apps, users who work from anywhere, and continuously evolving threats — all which leave you vulnerable to breaches, and device infections.

• Jordan Gackowski, SE Manager, Cisco Systems
  Jordan has been working in Information Security for over 15 years. Jordan is currently a Cloud Security Engineer Manager with Cisco. He came to Cisco via the OpenDNS acquisition. Jordan has worked in endpoint forensic, network forensics, incident response, investigations, as well as pre-sales roles for several security companies.

The current data protection strategies of firewalls, SSL, and breach detection are ineffective against today’s hackers. These are merely outer layers of security to stall hackers, but they don’t actually protect your data once an attacker gets inside your system. To adequately protect your data today, you must assume an attacker can already get inside your system, and build a security roadmap with that in mind. A holistic approach to security that provides application-level encryption combined with FIDO-based strong authentication and digital signatures is the most effective way to ensure an attacker cannot subvert the system. This session will provide a detailed guide to building a holistic data security roadmap involving the approach defined above so you can make data breaches irrelevant by securing the core.

• Arshad Noor, CTO, StrongKey
  Arshad Noor is the CTO of StrongAuth, Inc. (DBA StrongKey), a 17-year old Silicon Valley and North Carolina company focused on cryptographic key-management. With 32 years of experience in information technology, he has spent the last 20 years focused on solving challenging data-protection and strong-authentication problems for some of the largest and smallest companies in the world in the government, financial, healthcare and e-commerce sectors. An open-source proponent, all the software produced at StrongKey has been based on open-source licensed modules, and is produced with open-source licenses for distribution. As a member of the FIDO Alliance for the last 4 years, he is an ardent advocate of enabling everyone to use FIDO to deliver simpler, stronger authentication to the world; to that end, StrongKey produced the first, enterprise-scale open-source FIDO Certified server and released it to the world in July 2015. He can be found at https://linkedin.com/in/arshadnoor

Having multiple, cascaded gatekeepers fortifies security by rendering additional checkpoints. With the use of multiple unique proofs of identity, required through separate routes, the more difficult it is for a bad actor to steal your identity or impersonate you. To maintain security while minimizing the impact to the user experience, a key precept in newly evolving login systems is multi-factor authentication. Participants will gain an. Understanding of various multi-factor authentication approaches, and how it can be implemented to enhance the user experience and improve the security posture through Risk-Based Authorization (RBA), a dynamic system which grants access depending on the trustworthiness of the user requesting admission and the sensitivity of the information under protection.

• Spiros Angelopolous, Principal Solutions Architect, ForgeRock
  Spiros Angelopolous is a Principal Solutions Architect at ForgeRock with over 20 years of experience in helping clients to improve their security posture, with an emphasis on Identity and Access Management. He specializes in working with State and Local government.
• Debi Mohanty, Cyber Risk Senior Manager, Deloitte and Touche LLP
  Debi Mohanty is a Senior Manager in Deloitte’s Cyber Risk practice with over 16 years of experience solving complex Identity and Access Management problems for clients. Debi has designed and implemented both cloud and on premise identity solutions across various industries including the public sector, technology and media firms, and manufacturing.

Introduction of key Enterprise Governance, Risk and Compliance (EGRC) concepts around risk and security/privacy compliance management. We will cover the EGRC journey and key public sector use cases, followed by an overview of EGRC technology. Participants will gain an understanding of how manual risk and compliance processes and tasks can be automated and streamlined to gain efficiency, allowing key resources to focus on competing priorities.

• Peter Liebert, State Chief Information Security Officer, California Department of Technology
  Governor Jerry Brown appointed Peter Liebert as Chief Information Security Officer (CISO) and Director of the Office of Information Security of the California Department of Technology (CDT) on November 14, 2016. Mr. Liebert is the primary state government authority (as defined by California Law AB 670) charged with ensuring the confidentiality, integrity, and availability of state systems and applications, and ensuring the protection of state information assets. He is involved in a broad range of activities within the state and collaborates with federal, state and local security professionals, higher education, private industry, and others on security related matters. Mr. Liebert is responsible for creating, issuing, and maintaining standards, procedures, and policies relating to all aspects of information security for the state. He is committed to securing the state’s information assets by providing Statewide leadership and collaboration and recently received the “State Cybersecurity Leader 2017” award from StateScoop. Prior to his role as CISO, Mr. Liebert was a Threat Assessment Manager and later a Senior Product Manager at FireEye Inc. from 2015-2016. He has also served in several positions at the United States Cyber Command, including Special Assistant in the Office of the Secretary of Defense for Cyber Policy from 2014 to 2015 and Senior Cyber Policy Analyst from 2013 to 2014. Peter also served as Cybersecurity and Logistics Analyst in the Office of the Chief of Naval Operations from 2011 to 2013 and was lead for the Palestinian Logistics Mentoring and Warehouse Information Technology Program at DynCorp International from 2008 to 2010. He also served as an officer in the U.S. Navy from 2000 to 2008. He has earned a Master of Public Administration degree from the Harvard University, Kennedy School of Government and a Master of Science degree in international security from Canfield University and maintains multiple cybersecurity related industry certifications such as CISSP, GCPM, GISP, GSLC, CEH, and N+.
• Komal Rastogi, Cyber Risk Senior Manager, Deloitte & Touche LLP
  Komal Rastogi is a Senior Manager and bears the responsibility for managing and delivering Security & Compliance Strategy and Automation related services. Komal has more than 14 years of experience with a primary focus on government and public sector. She has led large and small scale information technology/third party risk management and information security programs, tool implementations, platform integrations for complex, regulated and global institutions in the United States and abroad.

The current threat landscape is in a state of evolution that poses a significant risk to organizations’ assets, reputations, and identities. Aaron Goldstein explores new and existing threat vectors such as ransomware and nation state attacks (and why traditional defenses fail to address them) and explains how Endpoint Detection and Response (EDR) functionality can improve the speed and efficiency of incident response tactics, even when combating the toughest threat actors.

• Aaron Goldstein, Director, Endpoint Detection and Response (EDR) Team, Tanium
  Aaron Goldstein is a Director with Tanium’s Endpoint Detection and Response (EDR) Team. He joined Tanium after 9 years of Incident Response consulting and threat intelligence management. During his career, he has lead over 250 security engagements spanning 9 countries, ranging from high profile investigations and incident response to creating and customizing full-scale cyber intrusion training exercises. Aaron leverages his unique Incident Response experience in complex, large-scale breaches to provide strategic solutions to secure environments of all sizes. He is highly skilled in translating difficult topics into easy to understand training sessions and utilizes his knowledge and skills to bring a unique approach to the ever-growing challenge of securing critical systems.

Cybercrime can come in any shape or size, and not always the form you would expect. During this interactive discussion, we will be reviewing data from the 2018 Verizon Data Breach Investigations Report (DBIR). Mr. Bowman will walk you through patterns in the security landscape and our adversary’s operational methods. No system is 100% secure. However, understanding the threats you face will help you improve your security. Cybercriminals are using all the information they can get hold of to up their game — you should too.

• Craig Bowman, Vice President, Advanced Solutions Division, Verizon
  Craig Bowman is Vice President, Verizon’s Advanced Solutions Division; providing strategy and engineering support for secure cloud initiatives in the Public Sector. Craig speaks internationally on the subject of cyber security and has briefed congressional offices, senators, Olympic Committees and international defense leaders. Verizon is currently considered the most knowledgeable source of cyber-security incidents worldwide through the publishing of the internationally recognized DBIR (Data Breach Investigations Report).Prior to Verizon, Craig led the Defense and International Security Division of Adobe Systems, a Fortune 500 software and cloud software provider. In that capacity, Craig helped to engineer secure content delivery systems for the most rugged security environments.In his earlier years, Craig was a software cyber security engineer for the Defense and National Security Industry where he penetrated, tested, built and deployed secure software applications, remotely managed secure IT environments, and deployed and managed secure telecommunication solutions.

Many solutions exist to solve particular security and technical issues in your network. But as solutions are added, complexity is increased as ‘Silos’ are created and visibility suffers. By breaking down these ‘Security Silos,’ you can get a better overall picture of what’s transpiring on your network as well as reducing your overall attack surface. Discussion of Malware propagation, encryption complications, and various security technologies to ensue.

• Marc Glenn, Senior Cybersecurity Intelligence Analyst, California Governor's Office of Emergency Services
• Tony Russi, Solutions Architect, Fortinet
  Tony has been working in Northern California as a security and networking professional for over 20 years. An Air Force Cyber Security veteran, Tony has a proven track record in technical security and network design, planning, and operations for a wide swath of customers including the State of California, California counties, and education customers. A Solution Architect at Fortinet for the last year, Tony consults with Fortinet’s largest enterprise and government customers to develop cost-effective and pragmatic technical security architectures.

Security on Amazon Web Services is robust and feature rich, but how do I know what to do and how to start? This workshop will cover how to start your AWS threat response automation platform using native AWS tools and OSS. We will begin with how to collect and analyze all the different data sources in an AWS account. Next, we will cover how to take that log data and automatically address risks identified from network intrusion, insider threats, or misconfigurations. We’ll also cover preventative controls that can help block risk in the first place and alert when drift occurs, and finally how to scale this all out to multiple accounts.

• Brad Dispensa, AWS Solution Architect, Amazon Web Services
  Brad is a senior solutions architect for Amazon Web Services in worldwide public sector group. Brad works as subject matter expert in the AWS security group and specializes in security and compliance based workloads.

Protecting and recovering from a cyber-incident is heavily dependent upon good information sharing. In this session, topics will surround the importance of why information sharing is critical to the State and its stakeholders and what data we are sharing. We will discuss establishing relationships with information sharing organizations, incorporating those relationships into security plans, and how to exercise the interaction procedures. We will discuss how organizations can manipulate shared data to create and or provide indications and warnings of threat activity as well as how, what and when you should share information with partner organizations and entities.

• Justin Edgar, Solutions Architect, FireEye
  Justin is a 7-year veteran of the FireEye/Mandiant team. He has had the opportunity to provide customer-facing service as a product consultant, customer success engineer, and solutions architect during that time. Outside of work, Justin is a husband, father of four, and veteran of the U.S. Army.
• Mark McCutcheon, California Cyber Security Integration Center, Governor's Office of Emergency Services

When you are boiling the ocean, measurement is everything! Leaders often face challenges strategizing, adopting, and operationalizing new cyber security programs, policies, guidelines, and procedures when merging existing structure and ideas with new ideas. We will discuss the advantages and disadvantages of how utilizing concepts such as Requisite Organization (ref: Elliott Jacques) can help you identify how to best operationalize your security program and written policies with continuous oversight methods and analytical measures that can be extracted by your teams for short and long term planning. We will also review and help you understand the best way to lean on the California Department of Technology’s investments to set your security program, posture, and goals while interpreting best in class alignment with the SIMM 5300-C Cyber Security Metrics tool. Moreover, we will deliver a personal action summary and "easy button" to build your plan based on leadership goals provided by California’s Statewide Technology Strategic Plan -- “Vision 2020”. Finally, we will discuss cyber security and Internet futures due to unavoidable changes forced by mathematical limitations of the current Internet design and what you can do about it today.

• George Usi, CEO, SACTECH
  George is a CSUS graduate and CEO of SACTECH, a cyber security compliance provider. George honed his cyber skills in the 1990s working at NTT America. After founding SACTECH in 2002, he married and started a family. Shortly after, he was thrust into the role of primary caregiver for a loved one where he witnessed first hand how carelessly most organizations handled privacy data. In 2014, he set a mission for SACTECH to improve the security posture of business through NIST so data stewards can best respond to sensitive data incident concerns.

A majority of security awareness programs across the State of California are compliance focused. Training is limited, and employees are unsure of organizational policies as related to the protection of information assets. As such, security officers are recognizing that an awareness curriculum simply does not do much in changing behavior.This presentation will examine how the K12 High Speed Network, in collaboration with the California Department of Education and the California Education Technology Professionals Association has deployed a statewide cybersecurity education program for all K-12 public education employees. The program has been used with some 24k employees across 95 school districts. The overall result has driven down phish triggering from over 30% to 2% over the past 18 months. Via a robust metrics framework for tracking progress and measuring impact, the program has yielded continuous improvement and considerable return on the investment made to provide it. Participants will learn how the program works, WHY the program works, and what it takes to cause behavioral changes in end-users.

• Emil Ahangarzadeh, Program Director, K-12 High Speed Network
  Dr. Emil Ahangarzadeh is an education management executive with 12 years of administration experience and six years of classroom teaching experience. He is a Certified Chief Technology Officer (California Department of Education). His expertise and specializations include organizational effectiveness, technology integration/planning/management, cybersecurity education, English learner and compensatory education, administrative leadership, 21st Century skill development as well as professional development facilitation.His doctoral research centers on the use of enterprise-class technologies to teach critical world languages as identified by the Pentagon. He is the developer and director of the Cybersecurity Education Program, an ambassador-model professional development system used to educate employees of California's public education systems how to be cybersecurity aware, engaged, and vigilant. The program currently serves just under 24k employees across 95 school districts.

How an organization communicates to the public about a breach is an essential part of an Incident Response Plan. With Social Media and the pressure from news outlets to disclose more information quicker, the amount of public scrutiny an organization faces as they go through a breach is at an all-time high and can have a significant long-term impact on reputation. This session will examine how, what, and when organizations need to communicate about a data breach. What are the reporting laws? What are the common pitfalls to avoid? How do I prepare my executives and elected officials? This session will offer an inside look at crisis management around real-world breaches, communications pressures created by today’s threat landscape, and the crisis management planning essentials that public sector organizations need to be aware of.

• Bruce Heard, Senior Manager, Security Consulting Services, Mandiant
  Prior to joining Mandiant, Mr. Heard had multiple roles with IBM and Accenture working as a Global Security Architect, Cyber Security Solutions Services Sales Black Belt, Security Manager, and Senior Managing Security Consultant. The past six years, he has spent developing multi-vendor cyber security solutions for clients in the communications, energy, financial services, government, healthcare, higher education, manufacturing, transportation, and consumer and retail industries involving one or more cyber security domains and multi-vendor products, working with cross-delivery teams to develop comprehensive client cyber security solutions. In addition, he has provided cyber security consulting services to clients including SOC, SIEM system architecture, design, implementation, and system integration and troubleshooting to ensure successful solution delivery. He has supported all phases of building a Security Operations Center (SOC) and Security Information and Event Management (SIEM) strategy, design, implementation, consulting engagements, and governance processes. He has also worked for both Electronic Data Systems (EDS) and Hewlett-Packard (HP), providing network security architectural design, engineering and implementation services for integrated SIEM and SOC security solutions for the enterprise and operational business lines based on strategic business goals for clients in the communications, energy, financial services, government, healthcare, higher education, manufacturing, transportation, and consumer and retail industries.
• Vitaliy Panych, CISO, California Department of Corrections
• Donaldo Wilson, Special Agent, FBI Sacramento Field Office

First, we will challenge the audience to identify and document a persona based on “trash can” material. Once the persona has been identified, the audience will be tasked to create a way to socially engineer that person and an attack vector to exploit their network. Second, we will discuss how the exercise is playing out in actual cyber space and how the industry is moving towards a ONE SECURITY model. Finally, we will share about what the government should know about this shift in cyber direction.

• Darin Bournstein, Senior Cyber Intel Analyst, Governor's Office of Emergency Services
  Mr. Darin Bournstein has been involved with network operations and security since 1988; beginning with his tour in the United States Air Force where he began his career as a programmer and network systems specialist. During this tour he was selected by the Air Force Training Command to join the Air Force implementation team as a network developer. Darin later resigned from military service in 1991 to open his own business in California. In July 1992 he opened and ran a very successful independent Internet Service Provider (ISP) until January 2004. The events of Sept 11, 2001 compelled him to sell his business and enlist in the Air National Guard. There he served in many roles; his latest as the Communications Chief for the 129th Rescue Wing and the Chief of Communications for the California Counterdrug Task Force – where he and his team were honored by the National Drug Czar with commendations for their outstanding work in network operations and security, for both home-station and tactical deployed networks. He later retired from the Air National Guard in 2014. Darin was then assigned to the Defense Information Systems Agency located at Tinker AFB as the lead Information Security Officer responsible for the network and facility type Risk Management Framework accreditations for a Tier III Defense Enterprise Computing Center. He served in that capacity for a little over 1 year before returning to California. He then began his state civil service with the state of California as the Network Operations Manager for the California High Speed Rail Authority. Approximately 1 year later, an exciting opportunity arose within the cybersecurity realm with the California Office of Emergency Services (Cal-OES). His latest position is with Cal-OES, California Cybersecurity Integration Center (Cal-CSIC) as the lead cybersecurity analyst charged with (1) developing a strategic forward thinking approach to cybersecurity, and (2) ensuring relevant and reliable tactical cyber information and intelligence is provided to the State, Local, Tribal, Territorial and Public entities within the state of California.
• Craig Bowman, VP, Advanced Solutions, Verizon
  Craig Bowman is Vice President, Verizon’s Advanced Solutions Division; providing strategy and engineering support for secure cloud initiatives in the Public Sector. Craig speaks internationally on the subject of cyber security and has briefed congressional offices, senators, Olympic Committees and international defense leaders. Verizon is currently considered the most knowledgeable source of cyber-security incidents worldwide through the publishing of the internationally recognized DBIR (Data Breach Investigations Report).Prior to Verizon, Craig led the Defense and International Security Division of Adobe Systems, a Fortune 500 software and cloud software provider. In that capacity, Craig helped to engineer secure content delivery systems for the most rugged security environments.In his earlier years, Craig was a software cyber security engineer for the Defense and National Security Industry where he penetrated, tested, built and deployed secure software applications, remotely managed secure IT environments, and deployed and managed secure telecommunication solutions.

• Martin Minnich, Program Manager, California Cybersecurity Institute
  Martin Minnich is the Program Manager for the California Cybersecurity Institute. He leads the California Cybersecurity Institute’s efforts in cybersecurity training and research for government, law enforcement, military, and education. Prior to joining the CCI, he served our country as a Captain in the United States Marine Corps. In 2012, Mr. Minnich received the prestigious Fed 100 award for the performance of his team and the Emergency Operation Center after the devastating Tomodachi Earthquake in Japan. Where for the first several days, all emergency operational support for Japan was executed from MCAS Iwakuni. Mr. Minnich is a visionary and strategic leader, United States Marine Corps and Special Forces Veteran, warfighter, problem solver, and innovative thinker. Mr. Minnich has a Bachelor of Arts in History from the University of Kansas.
• Wendi Whitmore, Global Lead, X-Force IRIS team, IBM
  Wendi Whitmore has 15 years of experience responding to and preventing critical security breaches, conducting forensics and leading global services teams. As Global Lead, IBM X-Force Security Services, Ms. Whitmore is responsible for leading global response, forensics, and intelligence teams within IBM Security Services. Her strong career background includes experience as a special agent at the U.S. Air Force Office of Special Investigations, Managing Director at Mandiant, and Vice President of Professional Services at CrowdStrike. In these roles Ms. Whitmore conducted computer crime investigations, incident response for government and private organizations including working on some of the largest security breaches in the world. She also developed an interest in helping clients develop and implement proactive security plans to take measures to prevent data breaches. An avid speaker, Ms. Whitmore has presented on topics including incident response and remediation at SANS, BlackHat, DoD Cybercrime Conferences, GFIRST, FIRST, CSI SX, CSI NetSec, and the FBI National Infragard conferences.
• Scott Young, President, synED and California Cyberhub
  Scott Young is the President of synED and California Cyberhub. He has provided results-based technology and operational solutions to higher education and fortune 100 companies for more than 25 years. Additionally, Mr. Young has provided expertise in workplace education and supported corporations with competency-based curriculum design and assessment for 15 years.