During COVID-19, many small businesses /nonprofits /local governmnets get to keep operational thanks to TechCARES, an initiative by a coalition of 19 nonprofits. As the driving force behind TechCARES, Ms. Lan Jenson is proud of the volunteers and interns and the many small businesses /nonprofits /local governments that have pivoted and learned to catch the "digital fish."
As the CEO of Adaptable Security Corp (ADA for short), Ms. Lan Jenson aims to change the landscape of cybersecurity and privacy by energizing the underserved majority of the society with innovative easy-to-adopt methodologies and professional volunteers. She has been a strong voice and leader in NIST and DHS-sponsored Smart Secure Cities and Communities Challenge (SC3), which serves 200+ participating cities worldwide. Ms. Jenson serves as the Co-Chair of SC3 Cybersecurity and Privacy Advisory Committee, which published a guidebook in July 2019 for all aspiring smart cities to build in cybersecurity and privacy by design.
ADA has served successfully governments, school districts, smaller businesses, and nonprofits with cyber risk assessments, multi-year risk-based planning, seminars and symposiums. ADA’s partners include cities/counties, state departments, federal agencies, professional and civic organizations such as ISC2/ ISACA/ ISSA chapters, InfraGard, OWASP, People Centered Internet, Global Cyber Alliance, NCSA, SCORE and Small Business Development Centers. Lan Jenson received her Master’s in Management of Information Systems from Boston University.
Rob Lloyd is Chief Information Officer for the City of San José, California, directing the diverse technology portfolio of the nation’s tenth largest municipality. The City’s 6,600 employees and $3.7B+ budget serve one million residents and 80,000+ businesses in heart of Silicon Valley. The City’s quest: To be as innovative as the community we serve.
Over the past two decades, Rob has led organizations in the technology, government, and utilities sectors in California, Arizona, Oregon, and Colorado. His teams have earned over 20 national awards for engagement, operational excellence, and innovation through advanced uses of technology. He has earned recognition as a Government Technology Magazine Top-25 Doers, Dreamers and Drivers; National Diversity Council Distinguished CIO; eGov Pioneer; Arizona Top Tech Exec; and Phoenix Business Journal Forty Under 40.
David Witkowski is a wireless and telecommunications industry veteran and the author of Bridging the Gap : 21st Century Wireless Telecommunications. After serving in the U.S. Coast Guard and earning his B.Sc. in Electrical Engineering from University of California @ Davis, he held managerial and leadership roles for companies ranging from Fortune 500 multi-nationals to early-stage startups. David is the Founder & CEO of Oku Solutions LLC and serves as the Executive Director of Civic Technology Initiatives at Joint Venture Silicon Valley. He serves as Co-Chair of the GCTC Wireless SuperCluster at NIST, on the Board of Expert Advisors for the California Emerging Technology Fund, as a Member of the Connected City Advisory Board, and is a Senior Member in both the IEEE and the Radio Club of America.
Sokwoo Rhee is Associate Director for Cyber-Physical Systems (CPS) Innovation at the National Institute of Standards and Technology, U.S. Department of Commerce, covering innovation programs for Internet of Things (IoT) and Smart Cities. He manages Global City Teams Challenge (GCTC), a U.S. federal government program to develop a global ecosystem of major business and technology stakeholders to create replicable and scalable IoT/smart city projects.
Since its launch in 2014, GCTC has facilitated and incubated over 250 innovation projects in collaboration with more than 200 cities and 400 corporations, universities, non-profits and foreign governments in over 25 countries. He previously served as a Presidential Innovation Fellow (PIF) on CPS, a program by the White House. During his tenure as a PIF, he co-led the SmartAmerica Challenge, which brought together IoT technologies and organizations across the nation to demonstrate how they can collaborate to develop and deploy solutions with the focus on socio-economic benefits. Prior to joining the US government, he was a co-founder and CTO of Millennial Net, Inc., one of the first to successfully commercialize low-power wireless sensor network and IoT technologies from academia. He also worked on wireless medical sensors as a research associate at Massachusetts Institute of Technology (MIT). His work and achievements have been recognized through multiple awards including MIT Technology Review’s Top Innovators under 35. He received his M.S. and Ph.D. in Mechanical Engineering from MIT.
Scott Tousley is a Splunk Senior Executive for Cyber Programs, focusing on emerging Splunk capabilities around Public Safety, Critical Infrastructure, Smart Cities, the Internet of Things, and Machine Learning/Artificial Intelligence applications and capabilities. Scott was most recently Deputy Director, Cyber Security Division, DHS Science & Technology where he helped lead the cyber security research division for DHS, DHS’s involvement in Smart Cities and Incident Response Teams (CSIRT) research. Scott worked on developing and implementing R&D strategies for DHS’ role in strengthening national critical infrastructure and cyber security capabilities, engaging the cyber security research community and academic, corporate and operating research organizations. He was also the lead DHS representative/contributor to the 2016 National AI and AI research strategies. Prior to this role Scott was Deputy Assistant Director in the DHS Domestic Nuclear Detection Office where he collaborated across the U.S. government driving the Global Nuclear Detection Architecture and Mission.
Previous roles have included: ● Cybersecurity PM/Senior Scientist at MITRE ● VP at a technical startup (Logos Technologies) ● Network Ops Security at Genuity ● Chief, Watch/Warning Unit, FBI/National Infrastructure Protection Center ● Operations Directorate, Joint Chiefs of Staff ● Deputy Director, U.S. Threat Reduction Office (Moscow)
Scott is a retired Army Corps of Engineers officer, both graduate and faculty from West Point, and holds an M.S. in Nuclear Engineering from Texas A&M and a Master of Arts (Strategy) from the US Army’s War College.
James Reno is responsible for HID Global’s Americas sales organization and works closely with Enterprise, Government, and Financial organizations to deliver secure identities for people, places, and things. James began his career in the security industry while earning a bachelor’s degree in Business Marketing from Arizona State University. Since then, he has worked with companies such as AMAG Technology, a leading global access control manufacturer. As the Director of Technical Services, Mr. Reno was responsible for the delivery of North American pre and post sales product support, product management and professional services.
Mayor Lily Mei grew up in the suburbs of Philadelphia, Pennsylvania where she earned a Bachelor of Science degree in Business from the Drexel University. Her diverse professional experience includes over 20 years in competitive analysis, product and channel management, supply chain practices and serving as a worldwide sales operations controller. Most recently she led a global high-technology trade association representing industry leaders to develop best practices to advance intellectual property protection.
Mayor Mei is proud to be a contributor to the growing success of Fremont’s public education where she was elected twice as a School Board Trustee to the Fremont Unified School District serving from January 2008 to December 2014.
In addition to education, Mayor Mei embraces diverse recreational and cultural programs serving as a volunteer and leader supporting local scouting and sports programs. She is a board member/advisor of Citizens for Better Community, Music for Minors II and South Bay Chinese Service Club. Mayor Mei also has been a dedicated supporter involved with community focused groups encouraging civic engagement such as the Silicon Valley Leadership Group – Minority Women Leadership Day/Education Summit and American Association of University Women.
Frank J. Grimmelmann is President & CEO/Intelligence Liaison Officer for the non-profit Arizona CyberThreatResponseAlliance ("ACTRA"),independent of, but closely affiliated with the FBI's AZ InfraGard Program. In this capacity, Mr. Grimmelmann represents the private sector in the Arizona Counterterrorism Information Center ("ACTIC") and is the first private sector representative on its Executive Board. ACTRA’s Members include both public and private sector organizations. He also serves as the private sector cyber intelligence liaison to the FBI, the ACTIC, and the FBI's Arizona InfraGard Program.
Mr. Grimmelmann serves as the Co-Chair (together with Arizona’s Chief Information Security Officer) for the Arizona Cybersecurity Team (‘ACT’). He also serves as a Member of the National Leadership Group for the Information Sharing & Analysis Organization Standards Organization’s (‘ISAO SO’) at the University of Texas San Antonio (UTSA), created under the President’s Executive Order 13691. Mr. Grimmelmann is also a Phoenix Rotary 100 Member.
Jimmy Sanders is President of SFBay ISSA. He is a security advocate and practitioner with experience providing dynamic security solutions and managing teams. In addition to securing various enterprise environments, he works with executive management and the various audit bodies to ensure compliance and understanding of ISO 27001, PCI, SSAE 16, SOX, and the other regulations. In essence, he architects, implements, and operationalizes security infrastructures.
Within the security community, he works to inform, educate, and facilitate growth and networking skills for new and experienced professionals alike.
Bil has been in Information Technology for 30 years. He has been at the forefront of the Internet since 1995 and his work in security began in 1998. He has led security for Startups, Government and well established Financial Institutions. In 2007 he pioneered the use of the SAS70 coupled with ISO to create a trusted security audit methodology used by the SaaS industry until the introduction of the SOC2. He has presented on Security and Privacy in Canada, Europe and the US at conferences such as RSA, ISSA, GrrCon and the Cloud Security Alliance. He has been interviewed by and has written for various publications such as Dark Reading, Data Informed, SecureWorld and Security Intelligence. His vision and technical abilities have been used on advisory boards for Adallom, Trust Science, ShieldX, Resolve, Trustroot and Integris. He has served as Chief Security Office for GoodData, VP Security & Global Privacy Officer for the Cloud Division of SAP and now serves as Americas CISO for Zscaler.
Change is Simply an Act of Survival: How to move to the cloud safely.
This presentation will review the history and development of the corporate network and its interaction with the Internet. How the adoption of SaaS and PaaS base solutions have rendered the network irrelevant from a security perspective. We will explore the developments in malware, how threat actors have taken on a business approach to creation, distribution, and management of their attack campaigns. We will then take a few steps into the future and explore some possibilities that have the potential to greatly affect corporations and how they protect themselves. Finally, we will explore some of the potential strategies that can be started now to lay time groundwork to ensure a more secure architecture in the future.
Dr. Peredo has over 28 years of experience as a C level executive as well as in the areas of information security, software engineering, and IT program management. Currently support the City of San Jose as the Chief Information Security Officer (CISO). Prior roles include supporting the County of San Diego 1.2 billion dollar account as the Chief Information Security Officer (CISO). Worked at the Federal Bureau of Investigation (FBI) as a Program Manager. Also worked at the United States Secret Service (USSS) as the Project Manager for the Information Systems Security Officer (ISSO) team under the CISO where won the ISSO of the year award. Served as DHS FISMA Inventory Management System team lead at the Department of Homeland Security (DHS) under the Office of the Chief Information Officer (OCIO). Other organizations include TSA, HUD, and the DC Government.
In 2018, Trend Micro CEO appointed Mitchel to head CSR and education programs, where he engages nonprofit and government organizations to help promote our cybersecurity education outreach efforts. He has been with Trend Micro since 2003, serving 11 of these years as Senior Vice President of Global Technical Support. As part of the executive team, he was responsible for all customer support functions—developing an internationally recognized award winning support team. He also successfully transformed both commercial and consumer support teams for the era of cloud and IoT technologies. Before Trend Micro, Mitchel was Vice President of worldwide technical support at Resilience Corporation and held senior management positions at RSA Security, Cadence, and Texas Instruments. He has a BSEE from Texas A&M University and MBA from the University of Dallas
A Quote from Mitchel “With malware and threats constantly evolving, we need to do more than provide great products and support services to ensure a safe digital world. We must give back and empower our communities with the knowledge to use technology safely, and help train our future cyber security workforce with the skills needed for a healthy digital economy.”
Ricki Mayer is in charge of Partner Sales within HID Global’s Identity Assurance Business Unit. She develops and maintains relationships with Distribution, Strategic, and OEM Partners to sell Multi-Factor Authentication solutions.
As HID’s Partner Sales Manager, she is responsible for implementing strategies to increase brand awareness, generate new leads, and acquire new business across public and private sectors. Throughout her career, she has empowered Partners to promote customer adoption of the Identity Assurance portfolio by building value propositions of the company’s solutions.
Ricki holds a B.A in Business Administration from Cal State University, East Bay.
Michael Hamilton, CISSP, is the CISO, President, and Founder of CI Security, formerly called Critical Informatics, Inc., a leading provider of Managed Detection and Response (MDR) and information security consulting services.
With 25 years of experience in information security as a practitioner, consultant, executive and entrepreneur, Michael has worked with Fortune 100 companies to small private colleges, and in nearly every sector.
Michael has served as a Cybersecurity Policy Advisor for Washington State, is the former Chief Information Security Officer for the City of Seattle, and former Managing Consultant for VeriSign Global Security Consulting. In a previous life, he developed algorithms for hyperspectral remote sensing of the ocean at the NASA Jet Propulsion Laboratory.
For the latest in cybersecurity news, follow Mike on Twitter at @seattlemkh, and CI Security at @critinformatics.
Addressing Cybersecurity in Regional Health and Local Government
Regional health organizations and local governments provide infrastructure which, if disrupted, would have an outsized impact on localized geographies. Each is enabled by and dependent on information technology, and each have similar challenges in providing adequate cybersecurity given the threats that are increasing in frequency and virulence.
The speaker will discuss how a managed detection and response service has worked to minimize the impact from these foreseeable threats, by providing an economy of scale for both a regional hospital and a large county in Washington State.
Lastly, Mr. Hamilton will describe a partnership between the company, a non-profit corporation, and state universities and colleges to provide free cybersecurity monitoring for local governments, to provide infrastructure protection, work force development, and research opportunities.
Mahesh Popudesi is a Senior Product Manager at Aruba Security Group. He holds an MBA from the Haas School of Business at UC Berkeley. He is an engineer and product guy who designed and built Networking and Security products across several domains such as VOIP, Network Intrusion detection, Network Access Control, UEBA over the last 17 years.
2017-2018: Rapidly evolving threat landscape and how can small businesses leverage AI to meet these threats head on !
Threats to the network are constantly evolving. Various forms of ransomware have evolved to behave like crypto worms and spread through your networks silently until they are poised to attack. Legitimate cloud services are increasingly being used to launch C2 activities. IoT devices in your network now provide a larder landscape for advanced persistent threats. At the same time we also have a challenge with information overload that obfuscate these attacks while they are in progress.
How can we leverage security products that use AI to clear the noise up and help detect these behavioral changes of entities in the network before it’s too late!
John MacInnis is an experienced marketing professional with a background in cybersecurity and software development. He has a Bachelors in Computer Engineering from University of Michigan, an MBA from the University of Phoenix and holds CISSP certification from (ISC)2. In his spare time, John enjoys hanging out with technology and white hat hacker groups in and around San Jose, CA
Kip's purpose is to awaken talented people to the spark of their full potential, and enable them to change themselves and the world, by creating:
- spaces for people to gain insight and make wise decisions,
- experiences that challenge people to achieve real success, and
- practices which guide people to enduring happiness.
His career journey has taken him from Timbuktu to Silicon Valley. Along the way Kip has advised farmers on the edge of the Sahara, created the national award winning Strong Neighborhoods Initiative, managed complex real-estate deals, and led a network of top technology leaders.
Kip is a(n) - Accomplished change agent transforming communities and organizations by creating opportunities for people to have autonomy over their work and lives in connection with a greater purpose.
- Master facilitator with proven ability to connect diverse leaders in crafting wise agreements on complex, politically charged, issues.
- Proven implementer with over $300M+ portfolio of successful projects ranging from pocket parks to residential high-rise.
- Inspiring leader and exceptional communicator with the ability to retain and attract talent needed to build capacity and sustain complex initiatives.
Ann Dunkin is the Chief Information Officer for the County of Santa Clara. Located in the heart of Silicon Valley, Santa Clara is the 15th largest county in the United States. Prior to joining Santa Clara County, Ms. Dunkin served in the Obama Administration as the Chief Information Officer of the United States Environmental Protection Agency. Prior her time in Washington D.C., she was the Chief Technology Officer for the Palo Alto Unified School District. Ms. Dunkin joined the School District after a long career at Hewlett Packard in a variety of leadership roles focused on Engineering, Research & Development, IT, Manufacturing Engineering, Software Quality and Operations.
Ms. Dunkin is a sought after speaker on the topics of technology modernization, digital services and organizational transformation. Throughout her career she has served on a wide range of professional boards and committees. Most recently she served as an editor of the International Journal of Advances in Software. In 2009, she served as the General Chair of the Winter Simulation Conference (WSC). She currently serves on the WSC Board of Directors and the Georgia Tech President’s Advisory Board.
Ms. Dunkin was named one of ComputerWorld’s Premier 100 Technology Leaders for 2016. She was also a recipient of a FedScoop 50 Federal Leadership Award in 2015 and the FedScoop Golden Gov Award in 2016. She was named one of DC’s Top 50 Women in Technology for 2015 and 2016 and to StateScoop's Top 50 Women in Technology list for 2017. She was recently inducted into Georgia Tech’s Academy of Distinguished Engineering Alumni.
Ms. Dunkin holds a Master of Science and a Bachelor of Industrial Engineering, both from The Georgia Institute of Technology. She is a licensed professional engineer in the states of California and Washington.
Mr. Sean Thakkar is an Information Technology Executive with years of service experience. He has worked for Gartner, Unisys, US Marshals and is currently working for County of San Mateo as Deputy CIO. He has successfully navigated through key areas like:
CIO for multiple counties and CTO Federal Justice agency
IT Strategic Planning (Counties, Cities and Public Safety
IT Enterprise Solutions Management Infrastructure Managed Services
Program Management Team Mentoring and Coaching
Governance and Change management Server Consolidation and Virtualization
Deep Public Safety IT Experience; Large Procurement Experience
Zero Trust Security with Micro Segmentation
Cloud technologies covering Private, Public and Hybrid cloud structures
Mr. Margolis the CISO for the Metropolitan Water District of Southern California (MWD). As such, he is responsible to oversee the Water District’s cybersecurity program; which entails protecting enterprise systems and critical infrastructure. Prior to joining the MWD, he was the CISO for the County of Orange, CA where he oversaw the development and implementation of multiple countywide cybersecurity initiatives. These included establishment of a County Cybersecurity Framework; interactive online Cybersecurity Awareness Training; a robust and tested Cyber Incident Response Process and Plan; adoption of next-generation AI technologies, and the execution of a robust governance Risk & Compliance (GRC) platform. Mr. Margolis was the Information Assurance Manager for the California National Guard and California Military Department, where he oversaw the development and management of the California National Guard’s Cybersecurity program. Mr. Margolis has been a Commissioned Officer in the United States Army Reserve.
Carmen Marsh is the CEO and Managing Partner of Inteligenca Inc., a management consulting company in California, focusing on Enterprise Agile Transformations and Cyber Risk Managed programs.
Carmen is also a thought leader and co-founder of Include Cybersecurity initiative with the goal of bringing more women and other underrepresented groups into cybersecurity careers. Include Cybersecurity team organizes and sponsors national cybersecurity events that help educate, empower and transform the cybersecurity workforce to become a new generation of cyber defenders.
Carmen is a frequent presenter at PMI/ PMO, ISSA & COO Forums, and enjoys writing about ways we can become more self-aware, focused and compassionate leaders, and embrace our differences as strengths to make the true impact.
As a nonprofit executive, Marsali Hancock has twenty years of experience working with leading national and international policy leaders, top-ranked Fortune 100 companies like Google, AT&T, Verizon, Comcast, Target, Intel, Microsoft, Facebook, and Dell, along with highly respected organizations, maximizing technology to improve the quality of life, education, and economic opportunities. She is recognized for her efforts to create safe and healthy digital learning environments. In 2017 Ms. Hancock was awarded IEEE Communication Quality and Reliability 2017 Chairman’s Award for her “lifelong service protecting children around the world in cyberspace; for defining and implementing her vision ensuring technology is properly used; and for her global leadership to bring technology solutions to a human problem.” She serves as a commissioner for the Global Information Infrastructure Commission, the oldest internet policy organization where she works with nation state leaders to build robust communication networks companioned with proactive online safety and security initiatives. While president and CEO of iKeepSafe, Marsali developed the first Federal Trade Commission (FTC) approved COPPA safe harbor providing state and federal education law certifications.
Ms. Hancock is deeply involved nationally and internationally in measuring and defining positive digital cultures, responsible regulatory frameworks, data privacy, data compliance, and effective education initiatives that both empower and protect consumers. She has conducted media events and participated in initiatives with the White House, the Office of the First Lady of the United States, the Executive Office of the President of the United States, Attorneys General, the Federal Trade Commission (FTC), the United Nations Educational, Scientific, and Cultural Organization (UNESCO) to name a few. She has extensive experience developing multi-stakeholder initiatives and serves on consumer advisory boards with industry leaders such as Symantec, Comcast, Verizon, and AT&T.
Matt Stamper is CISO and Executive Advisor at EVOTEK. Prior to joining EVOTEK, Stamper was a Research Director in Gartner's Security and Risk Management practice where he covered security program design, security incident response, security governance, privacy, breach and attack simulation, and security standards and frameworks; such as the NIST Cybersecurity Framework and ISO 27001. As part of his role at Gartner, Stamper has met with over a thousand security leaders around the world, advising on their security programs and practices. Prior to Gartner, Stamper was the CISO for U.S. Operations and Vice President of Services at KIO Networks (formerly redIT), an international managed services provider. Prior to KIO Networks, Stamper held a number of executive leadership roles at companies like CFO Strategies, VeriCenter (now Sungard Availability Services), Front Porch, and AT&T.
Stamper is co-author of the CISO Desk Reference Guide (Volumes 1 and 2) and serves on the board of a number of high-profile organizations including: the San Diego chapter of ISACA, the communications sector for the San Diego chapter of InfraGard, the San Diego Cyber Center of Excellence (CCOE), and a member of the San Diego CISO Round Table. Stamper received a Bachelor of Arts from the University of California at San Diego, where he graduated Cum Laude and with Honors and Distinction in Political Science. His graduate studies included a Master of Arts in Pacific International Affairs and a Master of Science in Telecommunications.
Tim Polk joined NIST in 1982, and joined the computer security division in 1989. Polk contributed to the development of numerous IETF PKI standards as an Author, Reviewer and Working Group Co-Chair. Polk also served four years as a Security Area Director on the IETF’s IESG. He became the NIST Cryptographic Technology Group Leader in 2011. Polk joined the Office of Science and Technology Policy in 2012, acting as Assistant Director for Cybersecurity until 2017. Since returning to NIST, Polk has split his time between the National Cybersecurity Center of Excellence and Commerce Department’s work on resiliency against botnets and related threats. Polk is also Co-Author of the book Planning for PKI. He has degrees in computer science and electrical engineering from the University of Maryland.
Russell Gyurek currently a Director, IoT-CTO and Industries at Cisco. He has over 25 years of networking related technology experience, the majority in leadership positions. Russ’ range of expertise includes; IoT/connectivity of things, analytics and big data, cloud, optical networking technologies, broadband architectures and related technical policy, and emerging market development. He has held various leadership roles in creating strategy and direction in these areas. In Russ’ current role he is responsible for technology leadership, market development and partner due diligence & enablement related to IoT. The CTO group evaluates future trends, emerging standards, technologies, and architectures that drive and influence Cisco’s market portfolio relating to IoT. He also works closely with the vertical solutions organization- turning strategy into real world IoT deployments, including Smart Cities. For the past year he has been leading an industry wide effort focused on the security and scale-ability of “things”. This effort is now in productization and development with the various players in the IoT eco-system. In addition, Russ is a value-of-the-infrastructure advisor to customers, helping to create new business models and use cases to leverage network data for cloud and real time event processing.
Russ engaged in numerous sponsored research work at various universities during his 20 year career at Cisco. In industry related work, he holds a board seats on University of Washington IoT Board, and the NCSU ECE strategic advisory board. In these board roles he has collaborated with multi-stakeholders to create new programs for IoT and data science/analysis. Russ has held board roles in the past on the FTTH Council and the OCF (Open Connectivity Foundation). He has given numerous keynotes at conferences and research workshops on IoT and related topics. Russ has played key roles in IEEE standards development and ratification including 802.3. Russ holds an appointed position on the FCC-TAC (Technical Advisory Council) where he has chaired Working Groups on the “sunset of the PSTN”, “network resiliency”, “IoT”, Next Generation Internet and “Next Generation Policy and Regulations”. He is currently the working group Chairman for the 5G/IoT FCC working group team. Russ has led and participated on numerous technical policy teams in the past 10 years. These include the state of California, West Virginia, and the country of Lebanon. Prior to Cisco, Russ held senior technical and leadership roles at BellSouth (AT&T), in the networking part of the business.
Russ has a BSEE from Trine University and an MBA from UNC’s Cameron School of Business.
Session Title: Preventing Data Leaks: Mitigating Cyber Risk Posed by Vendors
2018 has been a year of record-setting data breaches, yet security professionals still struggle to gain the resources they need to adequately mitigate such cyber risk. VP of Product, BreachSight Greg Pollock will discuss some of the biggest data exposures discovered by UpGuard this year, including entities such as Aggregate IQ, LocalBlox, Octoly, and Alteryx, outlining the major threats these breaches posed to each organization and how they can be avoided. Security professionals and enterprise risk managers alike are all too aware of the pervasiveness of this threat, yet still struggle to obtain better cybersecurity resources. This inattention, which helps to keep antiquated systems and poor processes in place, fosters a potent level of cyber risk. Beyond these internal struggles, the specter of third-party vendors leaking enterprise data is another often-overlooked risk surface. Having oversight over and accountability for such data is absolutely necessary, but how?
Security professionals must be able to demand oversight of these systems with scrutiny from the highest levels downward; processes and systems must be made resilient and up-to-date. Key decision makers must advocate for better risk mitigation whenever they enter into a new contract with a third-party vendor. If vendors store proprietary data, it is only logical that they should utilize a medium or server that can be monitored by the security professionals responsible for maintaining the integrity of that sensitive data. Businesses and governments alike may not be able to eliminate all risk, but key leadership can begin to change the current status of insecurity by increasing visibility not only in their own systems, but with the vendors that handle their sensitive information.
Joshua is a recovering Trekkie, full time entrepreneur, lifelong investor, part-time writer, and a once upon a time combat medic. Joshua led a national pilot for a Presidential Major Initiative as a senior government official under President Obama, served as a Senior Consultant at Booz Allen Hamilton focusing on managing high-risk, high-reward research and development efforts to include commercializing game changing technologies, and most recently as the Director of Project Management at Global Cyber Alliance managed a team that built, according to CTO Vision, one of the Top 4 managed DNS services in the world. He is the recipient of the Wells Fargo 2016 Clean Technology award for developing an innovative and green product line and the Top 10 Smart Healthcare Companies 2017 award by the Smart Health Conference, and is a board member of the Outdoor Advertising Association of America’s Innovation Committee,
Joshua holds a MBA from Johns Hopkins University and a Masters in Technology Commercialization from McCombs School of Business.
Title: "Bah, Humbug!: How to spend like Ebenezer Scrooge and still get world class cybersecurity protection"
Cybersecurity is more than just protecting your data, it's also about protecting your business and customer relationships. But cybersecurity can be very expensive...that is if you aren't familiar. You don't need to spend money like Gatsby to protect your business operations from cybersecurity threats.
Daniel Crowley is the head of research and a penetration tester for X-Force Red. Daniel denies all allegations regarding unicorn smuggling and questions your character for even suggesting it. Daniel is the primary author of both the Magical Code Injection Rainbow, a configurable vulnerability testbed, and FeatherDuster, an automated cryptanalysis tool. Daniel enjoys climbing large rocks and is TIME magazine's 2006 person of the year. Daniel has been working in the information security industry since 2004 and is a frequent speaker at conferences including Black Hat, DEF CON, Shmoocon, and SOURCE. Daniel does his own charcuterie and brews his own beer. Daniel's work has been included in books and college courses. Daniel also holds the noble title of Baron in the micronation of Sealand.
Outsmarting the Smart City
The term "smart city" evokes imagery of flying cars, shop windows that double as informational touchscreens, and other retro-futuristic fantasies of what the future may hold. Stepping away from the smart city fantasy, the reality is actually much more mundane. Many of these technologies have already quietly been deployed in cities across the world. In this talk, we examine the security of a cross-section of smart city devices currently in use today to reveal how deeply flawed they are and how the implications of these vulnerabilities could have serious consequences.
In addition to discussing newly discovered pre-auth attacks against multiple smart city devices from different categories of smart city technology, this presentation will discuss methods for how to figure out what smart city tech a given city is using, the privacy implications of smart cities, the implications of successful attacks on smart city tech, and what the future of smart city tech may hold.
Forrest Foster is a seasoned global technology executive with a long history of establishing, maturing, and driving transformational cybersecurity and cyber-risk management programs to maximize shareholder value by aligning people, processes and technologies to the corporate defense strategy.
Mr. Foster is the Sr. Principal Security Program Manager of GRC for the Product Security Group at Veritas. Previously Mr. Foster served in a variety of roles during his 20-year tenure at Cisco Systems, including Chief Security Architect of Infrastructure in Engineering IT at Cisco Systems, Inc., and IT Audit Engagement Manager for Cisco’s internal audit function.
Mr. Foster co-founded the (ISC)² Austin Chapter and Silicon Valley Cybersecurity Alliance, and currently serves as the president of the (ISC)² Silicon Valley chapter.
Mr. Foster has contributed to CISSP, CCSP certifications, and chapter development programs for (ISC)², and developed the Global Technology Audit Guide for Cybersecurity with the IIA.
Mr. Foster holds Bachelor of Science Information Technology in Information Security and Assurance at Capella University, and is actively pursuing his MBA.
Mr. Pugh has over 25 years of experience in wired/wireless strategy of platform development and deployment of networking technologies for several private and public companies. Most recently over the past 4 years, working with cities on strategies for executing Smart City initiatives around Street lights, Smart Parking, Intelligent Traffic and Security.
Mr. Pugh is currently the Managing Director at Smart Connections Connecting LLC, responsible for delivering to clients thought leading products, solutions and partnerships for all networking technologies and business objectives. Working heavily in the IoT, Smart City, Smart Grid and M2M markets.
- Advising businesses and municipalities on platform, solution and product requirements for networks that results in new revenue streams
- Strategic consulting on solution development and implementation
- Technology evaluations and RFP development
Mr. Pugh holds multiple patents and publications in the networking technologies.
Tom Mitchell is a seasoned silicon valley executive with over 30 years of experience in the wireless networking business. Tom serves on the Board of Directors as Corporate Secretary for the Wireless Communications Alliance and leads TMPartners, a management consulting firm.
A savvy business leader with a diverse skill set, Tom has a keen understanding how complex technologies deliver business value. His expertise is in building and managing the key relationships that unlock that value in order to capture and scale a technology firm. He is well connected to VCs, entrepreneurs, and business talent in the valley.
Tom co-founded and/or served as the Chief Executive of Domondi Technologies, RadioLAN, ThalesESD, and BridgeLINK Wireless, and has held senior Sales, Marketing, and Business Development roles at companies such as Alloy Computer Products, Apple, Brocade, and Proxim. He has a CS background and has authored commercial software.
Mr. Drummond is a Wartime CEO. From his humble beginnings in Pleasanton, California, he boot-strapped his start-up company, 802 Secure Inc. from his garage. Mr. Drummond has conceptualized, designed and delivered cybersecurity products for both Critical Infrastructures, Enterprise and Government clients around the world. Mr. Drummond along with his few but loyal engineering team landed venture capital in November 2016 to expand the team and fulfill orders. 802 Secure is developing technology for Securing the Internet of Things (IoT), combining Software Defined Radios with Big Data Analytics. Mr. Drummond is a Certified Information System Security Professional (CISSP) and is passionate about wireless cybersecurity. With the recent explosion of Internet of Things, (IoT) device enablement as well as mobile adoption – wireless has now become the easiest way to back-door the wired-side of the network. Wireless technologies do not follow the traditional guidelines of security and new methodologies required to secure digital assets. Only through new thought leadership and innovation using software-defined- radios with big data analytics can these new broader spectrum attack vectors be identified.
802 Secure was awarded Silicon Valley Start-up of the Year in April 2015 and Silicon Valley Company of the Year May 2016. Most recently, in 2017, Mr. Drummond was awarded Most Innovative CEO of the Year. 802 Secure products are sold through 5 of the most influential technology resellers in the US.
Richard Ku has over 28+ years of hands-on experience working in the hi-tech and cyber security industry in a number of leading roles, as an individual engineer/threat researcher and management of a security product group across End-point, Server, Email Messaging, Email Gateway and Cloud/SaaS.
Currently, Richard serve as Sr. Vice President of Trend Micro IoT Security Business and responsible for the sales and market development of Trend Micro Industrial IoT (OT) Security business in the Americas. Richard also had extensive experience and knowledge working and developing security product and services for multiple segments of the market; from consumer to small business and to some of the world largest enterprise customer.
Business and Cyber Security challenges in the new convergence between IT and OT with discussion surrounding best practices and recommendations
Recently appointed Senior Policy Fellow at the UC Riverside School of Public Policy, and formerly a member of the California State Legislature, Hon. Lloyd Levine (ret.) is President of Filament Strategies, LLC., a Sacramento-based consulting firm with extensive experience in politics, public policy, public affairs and communications. Filament Strategies provides services to clients in a variety of industries, with an emphasis on technology and "green" issues.
Prior to founding Filament Strategies, Mr. Levine served in the State Assembly in 2002. As a Member of the Legislature he represented the approximately 450,000 people living in the West San Fernando Valley. Mr. Levine was engaged in decision-making at the highest level of state government, collaborating with legislators, the Governor, and other interested parties to shape California policy.
While in the Legislature, Mr. Levine served as the Chair of the Committee on Utilities and Commerce and he has continued to work on issues related to energy, telecommunications, technology issues and environmental issues.
Both in the Legislature and now with Filament Strategies, Mr. Levine utilizes his significant experience in media relations and outreach. Mr. Levine is skilled at crafting messages and using public affairs to shape perceptions and impact public policy. Mr. Levine is frequently a subject matter expert for state, national, and international governments, business, and news outlets. Mr. Levine is adept a legislative and regulatory policy as well as political and communications strategy.
Specialties: Public Affairs, Public Policy, Strategic Communications, Strategic Planning, Legislation, California Government, regulatory and statutory issues surrounding energy, electricity, natural gas, telecommunications, video service, plug-in electric vehicles, Internet gambling.