Skip to content

Resource Sharing

NASCIO Report (Keynote)

Keynote: Security Challenges Confronting Government and Schools and Benefits to Collaboration & NASCIO’s Cybersecurity State of the States Report
Erik Avakian, CISSP, CISA, CISM, Chief Information Security Officer, Commonwealth of Pennsylvania
Srini Subramanian, Risk and Financial Advisory Lead, Deloitte

The 2018 Deloitte-NASCIO Cyber Study, the 5th biennial study, has been referred to as the most “comprehensive study of state-level cybersecurity spending” (White House FY19 Budget Request). The 2018 study, in which all 50 state CISOs participated, highlights perspectives and insights surrounding cybersecurity from state CISOs. This joint keynote session with Erik Avakian, Commonwealth of Pennsylvania, CISO and Srini Subramanian, co-author of the study and Deloitte Risk and Financial Advisory Leader will discuss the study’s three bold plays, which are recommendations to disrupt the status quo.



Role of MS-ISAC and Resources to Help Governments and Schools Mitigate Cyber Security Risks
Andrew Dolan, Director, Stakeholder Engagement, Multi-State Information Sharing and Analysis Center

Cybersecurity has emerged as one of the most important issues facing public and private organizations today. The worldwide reach of the Internet means that cyber threats can come from criminals both in the United States and from foreign countries. In this session, Andrew Dolan will speak about emerging cyber threats to the government sector and the steps we can take to minimize and mitigate these threats.

Cities & Municipalities: Risk

The Risk and Protection of Cities and Municipalities
Mike D’Arezzo, Director of Security Services, ePlus

Following along keynote I would like to walk the audience through how some of my clients have shored up their defenses to support some of the actual attacks experienced. Using real world examples that did not make it to the press I will state ideas on how to protect against the attacks initially and, barring that, how to respond if an attack occurs.

Developing a Security Program

Considerations When Developing a Security Program
Brian Paulhamus, Technical Support, Central Susquehanna Intermediate Unit

What do you do when you don’t have any security staff and little to no budget, but you want to build a more formalized security program in your organization? This presentation will describe how organizations can start from square one utilizing available resources to help prioritize and implement security controls. There is a plethora of free resources available to state and local organizations that will be discussed and resources will be provided to help you keep track of them easier.

Local Government & Schools

Panel Discussion: Cyber Challenges for Local Governments & Schools
Ron Jones, Lecturer in Cybersecurity, Harrisburg University of Science and Technology
Dave Martin, Director of Technology, Capital Area Intermediate Unit 15
Michael Sage, Chief Information Officer, County Commissioners Association of Pennsylvania
Moderator: John Wargo, Manager of Computer Services, Central Susquehanna Intermediate Unit Technology Group

Tools & Techniques

No Silver Bullet

There is No Silver Bullet for Security
Chris Odom, CCISO, CISSP, Deputy Chief Information Security Officer, Unisys

With the increasing sophistication of online exploits, cybersecurity risks will never go to zero. No matter what any vendor says, there is no silver bullet for security.

Unisys is one of the most attacked companies, given they are a global IT service provider with extensive Federal Agency involvement in protecting our borders, clients in the financial sector, and their CEO sits on the White House National Security Telecom Advisory Committee. This is an overview of cybersecurity operations that is intended to drive critical thinking.

Discussion Outline:

  • Learning from others
  • How complicated is a robust cybersecurity program
  • Continual improvement
  • Do you do these things / Did you know
  • Automation
  • Q&A

New Tools

Why Compliance Won’t Save You, Focusing on What Matters
Brandon Keath, MS, Cyber Security Practice Lead, Appalachia Technologies

With the world moving at such a rapid clip it is only a matter of time before disaster strikes again. While lightning might not strike in the same place twice, cyber-attacks certainly do.In this presentation, we will explore what organizations can truly focus on to reduce their risk and where compliance frameworks often get it wrong. We will discuss new tools such as Bloodhound which can be used to quickly determine issues within your active directory environment, and other techniques to detecting if your system may be compromised.

Red Teaming (Offensive Security)

Malware Analysis Lab

Building Your First Malware Analysis Lab
Joel Prentice
, Security Engineer, Appalachia Technologies

This talk will cover the basics of setting up a malware analysis lab using physical and virtual targets. Participants will learn how to configure their target machines in a way that will allow them to quickly return them to a clean and uninfected state. Participants will also learn why it is important to use both physical and virtual targets. Various honeypots and their functions will be covered. I will also discuss how through the use of honeypots you can find the directive of malicious software. I will conclude by discussing the importance of staying anonymous when researching malware. I will cover what services and protocols will keep you anonymous so that malicious authors are not able to track and focus attacks on you or your business. The goal of this talk will be to give individuals enough knowledge to begin building a beginner’s level malware analysis laboratory.

Home-Hacking Lab

Building a Home-Hacking Lab for Testing & Fun
James Lloyd
, CISSP, CEH, GPEN, GWAPT, Principal Information Security Analyst, BNYMellon

I have built and rebuilt many hacking lab setups throughout my career.  This talk will describe the best way to set up vulnerable systems and any caveats in certain builds.  I will discuss the benefits and negatives of using true Virtual Machines or Docker images.  The discussion will have a strong focus on web applications testing.  I will also share my experience in building injects for cyber exercise and how to build/test those injects in a home lab while being mindful of the legal ramifications.

Open Source Intelligence

Open Source Intelligence 101: Finding Information on Anyone
Rae Baker
, SRA Student, Penn State Cyber Security Analyst Intern, IACI

Rae will introduce Open Source Intelligence (OSINT) and discuss who uses it and why.  Then she will demo some basic OSINT situations to illustrate how to find information. Finally, she will discuss how to protect your own information from being found.

Going Red

Is Your Security Team Going Red?
Stephen Schneiter
, Program Manager, CompTIA

Just because you secure your network, it does not mean the network is secure. It is increasing more important that security teams test the security of the network. Join us as we look at the true power of the Red side!  In this session we will discuss the various issues today’s security teams face protecting data. We will discuss how cyber threats are changing and the different tactics that are used to access a network. Security teams have an abundance of frameworks to use in order to implement sound security practices and help counter the hacker lifecycle. The problem is that while checking off our security check boxes it is possible to overlook a viable security threat. Providing examples of security and breach practices we will show the importance of implement Red team tactics in pen testing the security on our network once the security practices are in place. We will highlight several tools security practitioners may choose to implement for Red and Blue team strategies and show how some may interchangeable. We will discuss how the security team is able to analyze the data from the pen test report and adjust the security implementation. It is possible to meet all of our security check boxes and actually have a secure network.

Digital Footprint

From the Outside In: What the Internet Knows About Your Digital Footprint
Sean Smith
, Senior Software Engineer

For large organizations, it can be hard to understand, let alone minimize your digital footprint. Whether it be mergers and acquisitions, spun up cloud environments, or any other assets forgotten/not properly decommissioned over the years, it can be a challenge to put together a comprehensive and accurate inventory. This talk will go over a number of publicly available datasets that one can use to view what everyone else on the internet can find out about your digital footprint and passively monitor for changes.

How Hackers Hack

How Hackers Hack
Brandon Keath
, Cyber Security Practice Lead, Appalachia Technologies 

In this high-level technical presentation, Brandon explored common tools hackers use to break into systems exploring the Social Engineering Toolkit(SET), Metasploit, Armitage, and more. This eye-opening presentation explores the “how” in Cyber Security and ends with a critical discussion on why current cyber security defenses are not enough to ensure the current threat landscape.

Blue Teaming (Defensive Security)


Tune-up Your Security Operations Center (SOC)
Stanley Hanke
, Manager, Cyber Risk, Deloitte

Organizations are investing a significant amount of financial resources to strengthen their security posture to prevent cyber-attacks. Continuous monitoring and security operations is a proactive approach to enhance the capabilities of organizations to detect cyber threats. An efficient SOC leverages;

  • Processes that help standardize investigation methods, communications and collaboration;
  • Technology that fosters collaboration while maintaining operational security; and
  • People who require specialized skills and training that will be front line in dealing with a barrage of security data.

In this session, Deloitte’s cyber security specialist will discuss the people, process and technology ‘lessons learnt’ while operating a security operations center.

Machine Learning & Cyber Security Tools

The Effect and Future of Machine Learning Technologies on Cyber Security Tools
Nathalie Baker
, SOC Engineer, Appalachia Techonologies, LLC

In this presentation Nathalie will be deliberating the effect of machine learning technologies on cyber defense tools. She will begin the presentation comparing traditional cyber defense tools to machine learning tools, discussing how cyber security professionals can evaluate these tools and evaluating the role that machine learning tools will play in the future of cyber defense. Nathalie will present the good, the bad and the ugly about incorporating machine learning tools into an environment and will provide some insight about tuning various machine learning security tools. The presentation will conclude with a discussion about whether switching to a machine learning toolset is in the best interest of the cyber security field and how to best combat the ever-evolving cyber criminals utilizing machine learning tools.

Information Security Language

WANTED – People Committed to Solving Our Information Security Language Problem
Evan Francen
, CISM, CISSP, Founder & CEO, SecurityStudio

Our industry has plenty of problems to solve. The language we use shouldn’t be one of them, and now it’s not. Evan Francen is committed to solving information security problems for our industry has developed a common, easily-understood information security risk assessment that’s comprehensive, foundational, and completely free for all to use. Today, more than 1,500 organizations are speaking the language.  We invite you to do the same.


  • The common information security language used by 1,500 organizations (and growing fast).
  • The definition and difference of “information security” and “risk”.
  • How to translate information security into business language, resulting in common understanding, clear objectives, and well-defined budgets.
  • How you can use the common language at no cost.
  • How you can participate in the future and have an impact industry-wide.
  • Apply what you learn now.

Practical Defense

Practical Defense in Depth
Danny Mardis
, Owner, The Ironbear Group

Join us while we take an in-depth look at several real life case studies of penetration tests done against companies and dissect them to determine what could have been done at each stage to prevent the attacks from being successful.


Ransomware Response
Justin Klein Keane
, MCIT, Senior Manager, SOC, Security Risk Advisors

Ransomware is a particularly pernicious form of attack that’s becoming increasingly common. Ransomware affects organizations of all size and security maturity. Successfully weathering a ransomware attack is daunting, but not impossible. Preparing for ransomware is a vital exercise for any organization. Developing and exercising a response plan for outbreaks is also a critical component of recovering from attacks. This talk will briefly examine ransomware, cover preparation activities, and outline an action plan for response. The presentation will guide participants through a number of effective strategies for dealing with a ransomware outbreak that have been developed from practical experience. Justin Klein Keane leads the Cyber Security Operations Center for Security Risk Advisors and has participated in a number of ransomware response efforts for several clients across different verticals.

Social Engineering

Remediate Your Company’s Greatest Vulnerability: Social Engineering
Matt Mahoney
, CySA+, Information Security Analyst, Penn National Insurance

Social Engineering is a weapon capable of delivering any number of payloads. We must learn how to wield it to change the culture of our organizations. We know how to patch computers, but patching users requires an educational approach. At this session, a new curricular paradigm will be presented modeled on the work of Carol Dweck and her work on “Growth Mindset.” This session is meant to be a conversation and conversation-starter. Participants will walk away with plenty of practical next-steps to educate and empower their coworkers.

326 Market St, Harrisburg, PA 17101
P: (717) 901-5100 Contact Us