Innovate.cadinc.com/wp-content/uploads/ITHotTopicsBooklet_2015-_v...3:00 - 3:45 Afternoon Break 4:00...

Innovate.

Welcome!

TAB

LE

OF

CON

TEN

TS

About the Event Host .....................................................................................................................................................................................................................................5Agenda .............................................................................................................................................................................................................................................................................................................................................................................9Keynote.............................................................................................................................................................................................................................................................................................................................................................12Wednesday Sessions.................................................................................................................................................................................................................................13Cyber Security Student Track.................................................................................................................................................18Keynote Fireside Chat ......................................................................................................................................................................................................................19Thursday Sessions .........................................................................................................................................................................................................................................................20Prizes ......................................................................................................................................................................................................................................................................................................................................................................................24Golf Tournament ......................................................................................................................................................................................................................................................................25Meet the Team ...........................................................................................................................................................................................................................................................................................26Sponsors ...................................................................................................................................................................................................................................................................................................................................................29

Welcome!

13th Annual IT Hot Topics Conference 13h Annual IT Hot Topics Conference

54

WELCOME ABOUT THE HOST

13th Annual IT Hot Topics Conference

On behalf of the entire Carolina Advanced Digital family, welcome to our 13th annual IT Hot Topics Conference. This year also marks the 30th Anniversary of our company. It started, officially, in 1985 when the company consisted of me, an old typewriter table, a brown pushbutton desk phone and a box of business cards that proclaimed me as a Computer Systems Consultant. Within four or five years I was able to coax my wife Susan away from her employer to join me in our small enterprise; to date that is still the best business decision I ever made. We incorporated as Carolina Advanced Digital, Inc. in February 1989, and grew slowly but steadily over the years. Our business model has changed many times over the last 30 years which is something that we always anticipated would be a part of our evolution. This year our model is changing again to include a stronger focus on security. Other changes include an intensified integration of customer feedback in to our processes and continuous improvement initiatives. Our efforts in customer service satisfaction have been noticed and rewarded greatly over time. In April of this year we were awarded a NASA SEWP V prime contract, a testament to our team’s abilities and solid past performance. These considerations will of course affect the nature of our operations but our fundamental values have never changed: We demand practical efficacy from any of our designs, products and projects. Our first loyalty is to our customer’s mission. That is the primary consideration in our movement toward Strategic IT Design. We invite you to participate in our efforts to move Information Technology in that direction. First work with us to

define the mission in detail, knowing that, we can then select the technologies that best support the design required to accomplish the missions. Welcome to the conference, and to our 30th anniversary celebration!

— John Jabbusch

President & Chief Engineer Carolina Advanced Digital, Inc.

WEL

COM

E ABO

UT U

S

The IT Hot Topics Conference is hosted by technology integrator Carolina Advanced Digital, Inc. Carolina Advanced Digital is a nationally-recognized leader in technology infrastructure and security solutions. Family owned and operated since 1984, the company has been providing exceptional engineering services and products to government, education, healthcare and commercial clients across the United States, including Fortune 100 and 500 companies, DoD and civilian agencies. Headquartered in Cary, NC, Carolina Advanced Digital has offices and resources in North Carolina, Florida and Texas.

OUR SERVICES

Wired Networks

Wireless Security

SOLUTION DELIVERYFor special projects and planning, infrastructure design, certified security consulting or just to supplement their IT staff, customers enlist our expertise to ensure projects are properly planned and completed while meeting budgets and deadlines.

SIGNATURE SERVICES• Network discovery• Wireless evaluation• Full network surveys with

documentation

• Network configuration reviews• Customized security solutions• Enterprise wireless projects

StrategicConsulting

TurnkeySolutions

+Everythingin between


76

OUR PARTNERS

• Wireless intrusion prevention• Spectrum management• Troubleshooting and analysis• Security and policy enforcement• Compliance reporting

• Network access control• Network visibility• Guest management• BYOD security and onboarding• 802.1X management

• Switching and routing• Wireless• Software Defined Networking (SDN)• Servers and storage• Network management

ABO

UT

US A

BOU

T US

• Packeting shaping• Proxies• Web filters• SSL inspection• WAN optimization

OUR PARTNERS

• Wireless security• Zero-touch deployment• Cloud services• Network management and software• Wireless arays and access points

• Next-gen firewalls• Email security and archiving• Web filters• Backup appliances and cloud• Link and load balancers

• 802.11ac solutions• Multi-vendor management• Instant controller-less access points• Scalable controller solutions• Spectrum analysis and WIPS

• Switching and routing• Network security• Enterprise wireless• Meraki wireless• Firewalls and UTMs

• Chromebooks• Management services• Applications• Google for Education• Google business solutions

• Wireless, SCA and MCA• 802.11ac solutions• Guest and BYOD management• Wireless security• Spectrum management

• Next-gen firewalls• Remote access and SSL-VPN• Network access control• Switching and routing• Virtual environment security

• SonicWALL Security• Next-gen firewalls and UTMs• Remote access• Security reporting• Severs, storage


• Wireless intrustion prevention• Spectrum management• Troubleshooting and analysis• Security and policy enforcement• Compliance reporting

• Switching and routing• Servers and Storage• Network management• PCs, laptops and tablets• Wireless



• Network management• Device configuration• Traffic, flow, QoS monitoring• Network mapping• Log and event management



• Strategic consulting• Turnkey projects• Pre-audit security review• Assessments and documentation• Wired, wireless, security

• Encryption• Key management• Windows and Mac• Pre-boot authentication• Port and media control

OUR PARTNERS

133 Triangle Trade Drive, Cary, NC 27513919-460-1313 www.cadinc.com

@cadincCADincorporated

















OUR PARTNERS



















OUR PARTNERS










98

CONFERENCE AGENDA

Super Easy Purchasing

Buy online with federal diversity status and over 20 state and federal contracts.

Pre-Sales Design& Support

Qualified engineers design and review bills of materials to reduce costs as much as 60% on products and

support.

Best Pricing $Our certifications and

partner relationships can save you up to 48% on

products and services.

+ • Certified engineering• Promos and special offers• Access to top level support• Post-sales support

• Complete infrastructure solutions• Family-owned and operated• Woman-owned, Veteran-owned,

Small Business Federal status

Strategic Engineering

Our mission-centric solutions work the first time and give you zero hours of unplanned downtime.

Lifelong

RelationshipsMany clients have been with us for 15+ years because of our support and Customer Loyalty Program.

ABOUT US

ABO

UT

US A

GEN

DA

FEDERAL CERTIFICATIONS

Wednesday, May 6th TIME EVENT LOCATION8:00 - 9:00 Breakfast & Registration Grandville Ballroom

9:00 - 10:15 Intro & Keynote Grandville Ballroom

10:30 - 4:50 LockPick Village Wentworth

10:30 - 11:20 Breakout A Upstairs

11:30 - 1:00 Lunch Grandville Ballroom

1:00 - 1:50 Breakout B Upstairs

2:00 - 2:50 Breakout C Upstairs

3:00 - 3:45 Afternoon Break

4:00 - 4:50 Breakout D Upstairs

5:00 - 6:00 Cyber Security Student Reception Café East

6:00 - 9:00 30 Year Anniversary Bash Grandville Ballroom

Thursday, May 7th TIME EVENT LOCATION8:00 - 9:00 Breakfast & Registration Grandville Ballroom

9:00 - 10:15 Intro & Keynote Grandville Ballroom

10:30 - 4:50 LockPick Village Wentworth

10:30 - 11:20 Breakout A Upstairs

11:30 - 1:00 Lunch Grandville Ballroom

1:00 - 1:50 Breakout B Upstairs

2:00 - 2:50 Breakout C Upstairs

3:00 - 3:30 Afternoon Break Grandville Ballroom

3:30 - 4:30 Tech Challenges Grandville Ballroom

4:40 - 5:00 Prizes & Wrap-up Grandville Ballroom

Friday, May 8th TIME EVENT LOCATION7:30 - 8:00 Golfer Registration & Breakfast Griffin B

8:00 - 8:30 Practice Range Time Driving Range

8:30 - 1:30 IT Hot Topics Golf Tournament East Course

1:30 - 3:00 Tournament Award Luncheon Griffin B


1110

WEDNESDAY SESSION PLANNER

THURSDAY SESSION PLANNER

AG

END

AAG

END

A

WINDSORShowcase

TRINIT Y NOT TINGHAM SAVOY WENT WORTH BEAUMONTCyber Security Student Track

INTRO & KEYNOTE: Dr. Uma Gupta

Session A10:30-11:20

Open Stack Cloud and Hyper-

Converged SystemsDennis Tolliver

HP Servers & Storage

Getting the Most Out of SonicWALL’s CGSS

Rob Baxley

The Shape of Things to Come: Unexpected

Attack Vectors, Today and Tomorrow

Rob Pingor

The Shoulders of InfoSecJack Daniel

LockPick Village Social Media (In)SecurityRob Martin

LUNCH: Grandville Ballroom

Session B 1:00-1:50

Total Threat Protection with

Barracuda NetworksPaul Troy

Barracuda Networks

Healthcare IT Security: Why Is It So Hard?

Chuck Kesler

Wireless Planning and 802.11acTom Carpenter

Back to the Network Security Future:

Detection Comes BackMike Rothman

LockPick Village

Sniper Forensics: Targeting Data to Get Answers Fast

Ryan Linn

Session C 2:00-2:50

Network Access Control 101: Securing

the Critical Edge of Your Network

Tom MurphyBradford Networks

The Breaches Won’t Stop Until We Get

Serious About AppSecPhilip Casesa

Identity Management: Securing Your Data in the Digital Economy

Lance Peterman

Living and Leading with Power and Authenticity

Dr. Uma Gupta

CyberPatriot Challenge RoundtablesChris Gaw and

Jennifer Minella

BREAK

Session D 4:00-4:50

Next Generation Campus Architecture

Adam PerregoHP Networking

Best Practices for Security Best Pricing

Julie Allen & Susan Jabbusch

Google 2015, What’s New and

Important to YouFleetwood, Felts, Fogleman

Pen Testing Your Incident Response

ProgramRyan Linn

LockPick VillageSurvival Wi-FiTom Carpenter

WINDSORShowcase

TRINIT Y NOT TINGHAM SAVOY WENT WORTH

INTRO & KEYNOTE: Howard Schmidt

Session A10:30-11:20

Why I “Sold Out” and Why You Should Too: Making the Leap from

Operations to Sales EngineeringKarlo Arozqueta

HP Security

Holistic OpSec: Bringing Application, Server and

Network Security Together aka “When a security architect

writes an application”David Zendzian

Panel Discussion: SaaS Cloud Security

and ComplianceManny Landron,

Mike Rains and Holli Harrison

Actionable Threat Intelligence, ISIS,

and the SuperBallIan Amit

LockPick Village

LUNCH: Grandville Ballroom

Session B 1:00-1:50

Examining the Cyber Security Landscape and Discussing How

Next Generation Firewalls Bolster Your Security Posture

Chris Vazquez and Brittany RobertsonDell SonicWall

Software Defined Networking (SDN) Workshop (2 hour)

Dale Smith

Are Branded- Vulnerabilities

Helping Make the Internet a Better Place?

Omar Santos

Integrating Web Application Security Best Practices Within

the SDLCFrank Catucci LockPick

Village

Session C 2:00-2:50

Mobile EngagementJuan Tardio

Aruba

Cyber Threats and Trends 2015

Peter Ahearn

Cracking the Code: How IT Experts

Become IT LeadersMichael Santarcangelo

1312

13th Annual IT Hot Topics Conference 13th Annual IT Hot Topics Conference

WEDNESDAY SESSIONS

WED

NESD

AYWED

NES

DAY

Getting the most out of SonicWALL’s CGSSRob Baxley, Network Engineer, Carolina Advanced Digital, Inc.

SonicWALL’s Comprehensive Gateway Security Suite provides a host of services to enhance security and increase control of your network making it an excellent value for any SonicWALL UTM. Perfect for network administrators who want to learn how to enable and configure security services like Gateway Anti-virus and Intrusion Prevention. During this breakout you will hear how you can create content filtering and application control polices to prevent users from accessing inappropriate content or to stop those who are hogging your network’s bandwidth. Discover how to integrate Active Directory with Single Sign On to authenticates users and allows access based on user groups.

Open Stack Cloud and Hyper-Converged SystemsDennis Tolliver, Enterprise Server Specialist, HP

Many providers are jumping on two band wagons; Open Stack Cloud, and Hyper-Converged Systems. We will discuss what Open Stack Cloud is, how it is applied by some of the major vendors such as HP, VMware, and Red Hat. We will then talk about Hyper-Converged systems and their implementations of Operating Systems, Virtual Storage and their connection to the Cloud if so desired. As a sub topic we will look at Storage Virtualization.

The Shape of Things to Come: Unexpected Attack Vectors, Today and TomorrowRobert Pingor, Chief of Law Enforcement Division, The CORE Group

There is an intimate relationship between physical security and information security. Gone are the days were one discipline can operate in ignorance of the other. Criminals are often the early adopters of new technology and are the first to turn it on an unwitting public. Blended attacks are the new norm. Join us for an expose of attacks(some diabolically simple) being used today and talk about the possibilities for exploitation the future will bring.

The Shoulders of InfoSecJack Daniel, Strategist, Tenable Network Security & Founder, Security Bsides

We all know our information security history, right? Or at least we pretend we do. Many people in the security community really know the history of InfoSec from the perspective of the history of the business of InfoSec. Many of us aren’t aware of the foundations of information assurance laid down in government, military, and education- this talk is an introduction to some of the people and ideas at the foundation of what we do today. The early days of information assurance and security predate the Internet, so many stories are only available to the diminishing few who remember them; the Shoulders of InfoSec project is my attempt to recognize many foundational figures in our industry.

10:30am-11:20am

KEYNOTE

Dr. Uma Gupta

STEM ADVOCATE

Dr. Gupta is a highly sought after

speaker. She is a popular keynote

speaker who consistently delivers

outstanding leadership talks, lunch-

and-learn initiatives, workshops,

and corporate training. Her depth

and breadth of expertise covers a

wide range of current and cutting-

edge topics, including leadership, decision-making, technology

management, STEM, and entrepreneurship.

She holds a Ph.D in Industrial Engineering and an M.B.A. from the

University of Central Florida and has published four textbooks in

Information Systems and Technology and more than 65 journal papers.

She was recognized for her technology contributions with the Women

in Technology Award in Houston and was nominated a second time for

this award in Rochester, New York. She is the Founder and Executive

Director of STEM-SMART.org, a non-profit dedicated to giving college

and high school students work experiences through internships with

local and national corporate, non-profit, and government entities.

1514

13th Annual IT Hot Topics Conference 13th Annual IT Hot Topics ConferenceW

EDN

ESD

AYW

EDN

ESDAY

Back to the Network Security Future: Detection Comes BackMike Rothman, President, Securosis

“If you’re old enough to remember when intrusion detection became intrusion prevention, you’ll laugh as the pendulum swings back to detecting compromised devices. We’re going back to the future because prevention has largely failed as adversaries increasing evade IPS and network-based sandboxes, and employees continue to click on stuff they shouldn’t. In this session, Securosis analyst Mike Rothman will talk a number of approaches to supplement network-based prevention and sandboxing. And he’ll sprinkle in a whole mess of buzzwords like big data, cyber, and threat intelligence just to make sure you’re paying attention.”

Healthcare IT Security: Why Is It So Hard?Chuck Kesler, CISO, Duke Medicine

Healthcare is one of the most highly regulated industries, with IT security in particular being one area that is addressed extensively through industry regulations such as HIPAA, HITECH, and The Joint Commission. With all of these regulations, it would seem that healthcare organizations would be at the top of the game with respect to protecting information assets. However, as demonstrated by recent data breaches, healthcare struggles with these issues as much, if not more, than any other industry. In this talk, we will examine the challenges that healthcare organizations face in building an information security program, and some resources and approaches that can help them get started.

Total Threat Protection with Barracuda NetworksPaul Troy, Engineer, Barracuda Networks

Barracuda Total Threat Protection integrates security components to provide real-time protection against advanced threats. Each component provides comprehensive protection on its own respective vector—network, user, email, Web application, remote access, and mobile. This solution scales with your organizations and evolves with a constantly changing threat landscape, while simplifying management and providing you with flexible deployment options.

Wireless Planning and 802.11acTom Carpenter, Chief Technology Officer, CWNP

This presentation will focus on the important steps involved in wireless LAN planning and design. It will address issues introduced by 802.11ac and also ensure that security planning is part of the wireless LAN design process.

1:0

0-1:

50pm

2:00pm-2:50pm

Identity Management: Securing Your Data in the Digital EconomyLance Peterman, Sr. Information Security Professional, a global healthcare organization

With more and more data moving beyond conventional enterprise boundaries, identity has been established as the new perimeter for securing critical assets and intellectual property. In this session we will review some recent data breaches, focusing specifically on where identities have been compromised to both gain access to a network and to elevate privileges for more damaging activities. From there we will review various strategies for leveraging an identity management program to reduce risk for companies and better secure their data, whether inside their enterprise or in the cloud.

Living and Leading with Power and AuthenticityUma Gupta, STEM Advocate and Leader, STEM-SMART

“Clarity of purpose and resilience to life’s challenges are the foundations for personal and professional success in the speed-driven digital world in which we live today. Understanding who we are, why we do what we do, and how to live and lead from a place of authenticity can be an immensely rewarding experience that firmly establishes our place in the world.

In her keynote address, Dr. Gupta will offer the following insights:

• How our fast-thinking and slow-thinking brain influences our decisions and perceptions

• The impact and power of our habits on our life: how to keep the good ones and drop the not-so-good ones

• Motivation, rewards, and dreams: how to embark on a powerful journey of authentic living.

• The surprising relationship between happiness and success”

Network Access Control 101: Securing the Critical Edge of Your NetworkTom Murphy, SVP of Sales and Marketing, Bradford Networks

“As the volume and diversity of mobile devices on your network continue to rise, so does the need to ensure that every device is safe. Cyber criminals leverage vulnerable endpoints as backdoors to the network and Gartner predicts the source of breaches will have shifted from workstations to tablets and smartphones by 2017. As the attack surface of your network continues to multiply with each new device, network access control is essential to securing your data, assets and critical infrastructure. Attend this webinar to get a complete understanding of NAC functionality and how you can leverage visibility, policies, and automation to secure the critical edge of your network, including: Safe Onboarding, Device Profiling, Endpoint Compliance, Network Automation, Security Automation, and Rapid Threat Response.

WEDNESDAY SESSIONS WEDNESDAY SESSIONS

1716


The Breaches Won’t Stop Until We Get Serious About AppSecPhilip Casesa, Director of Information Technology, (ISC)2

With security breaches on a massive scale flooding the headlines, it seems that the answer is more security people to help stop the madness. What if we spent our time and energy fixing the root cause of most breaches – vulnerable software? Would we be able to stem the tide of these massive security breaches and win back our sanity? A compelling case that software security (AppSec) is the next great frontier in information security and the key to exiting this vicious cycle of incidents we find ourselves in and why the solution is harder than it seems. We will cover stories from the field, internet of things, application security programs, software supply chain and the perception gap between security executives and the developers. Wrapping up we will discuss opportunities to turn our fortunes around.

Best Practices for Securing Best PricingJulie Allen, Inside Sales Manager, Carolina Advanced DigitalSusan Jabbusch, VP, Carolina Advanced Digital

Best practices aren’t just for configuring your equipment anymore! Go behind the scenes with Carolina Advanced Digital for an in-depth look at what goes into each quote & order request from a VAR & integrator viewpoint. Learn how & when to engage Carolina Advanced Digital for the best possible pricing, how to plan for engineering projects & technical bills of materials, why Carolina Advanced Digital is rated highly by customers in value-add and customer satisfaction, and much more from an insider’s point of view on pricing, fulfillment, and the VAR-manufacturer relationship.

Google 2015, What’s New and Important to YouJordan Felts, Mike Fleetwood, Google Solutions, Synnex Corporation Scott Fogleman, Google Solutions, Synnex Corporation

During this session we will discuss where Google for Education and Google for Work have come over the last year and talk about why that is important to you. We will discuss the ever evolving classroom of the future and how Google has just the right solutions to fit your school’s needs. What is new with Chrome and how does Google Play for Education change the use of content in the classroom. We will also discuss the evolution of Google for Work and what types of solutions Google has for the commercial markets today. Where does Chrome and Android fit in the enterprise and what solutions could be using these technologies for the better. Through Google Apps, Chrome and Android Google can help solve daily problems in the both the classroom commercial space and we look forward to discussing these with you.

WED

NES

DAY

2:00

-2:5

0pm

4:00

pm-4

:50p

m

WEDNESDAY SESSIONS WEDNESDAY SESSIONS4:00pm

-4:50pm6pm

-9:00pmW

EDN

ESDAY

Next Generation Campus ArchitectureAdam Perrego, Solutions Architect, HP Networking

During this session we will cover the emerging technologies and architecture that is evolving in the industry as it relates to campus networks. We will be speaking to the enablement of mobility, SDN, multi rate Ethernet, High Speed Backbones, and Unified Policy for campus access.

Pen Testing your Incident Response ProgramRyan Linn, Director of Penetration Testing, Nuix

“Whether for compliance or for security, penetration testing is now being incorporated into most organization’s security programs. Penetration testing is an active attack simulation which serves to expose vulnerabilities, configuration oversights, and strategic and architectural weaknesses. However, many organizations treat this test as an independent and isolated tool. This viewpoint significantly reduces the value of the exercise by only realizing a portion of the value that pen tests provide. This talk will look beyond the report results and discuss how to maximize the value of a penetration test both during and after the exercise. The additional benefits can include greater ability to identify and respond to attacks as well as identifying monitoring blind spots.

This talk will play out a sample scenario and discuss different ways that penetration testing and incident response can work together to make an organization stronger.”

30TH ANNIVERSARY BASH Cheers to 30 Years! Join us for a fun and intimate evening party to celebrate 30 years in business. Network with peers, colleagues, and speakers. Enjoy nostalgia, music, interactive games, caricaturist, technology challenges, and our own Family Feud Twisted Tech Edition with your host Matt Helmer.

Cheers to 30 Years!

19


18


Fireside Chat with Howard Schmidt Partner at Ridge Schmidt, Former Cyber Advisor to Presidents Barack Obama and George W. Bush; former CISO and CSO at Microsoft; former CISO at eBay

Howard Schmidt serves as a partner in the strategic advisory firm, Ridge-Schmidt Cyber, an executive services firm that helps leaders in business and government navigate the increasing demands of cybersecurity. He serves in this position with Tom Ridge, the first secretary of the Department of Homeland Security. He also serves as executive director of The Software Assurance Forum for Excellence in Code (SAFECode).

Howard A. Schmidt brings together talents in business, defense, intelligence, law enforcement, privacy, academia and international relations, gained from a distinguished career spanning 40 years.

He served as Special Assistant to the President and the Cybersecurity Coordinator for the federal government. In this role Mr. Schmidt was responsible for coordinating interagency cybersecurity policy development and implementation and for coordinating engagement with federal, state, local, international, and private sector cybersecurity partners.

Previously, Mr. Schmidt was the President and CEO of the Information Security Forum (ISF). Before ISF, he served as Vice President and Chief Information Security Officer and Chief Security Strategist for eBay Inc., and formerly operated as the Chief Security Officer for Microsoft Corp. He also served as Chief Security Strategist for the US-CERT Partners Program for the Department of Homeland Security.

Mr. Schmidt also brings to bear over 26 years of military service. Beginning active duty with the Air Force, he later joined the Arizona Air National Guard. With the AF he served in a number of military and civilian roles culminating as Supervisory Special Agent with the Office of Special Investigations (AFOSI). He finished his last 12 years as an Army Reserve Special Agent with Criminal Investigation Division’s (CID) Computer Crime Unit, all while serving over a decade as police officer with the Chandler Police Department.

Mr. Schmidt holds a bachelor’s degree in business administration (BSBA) and a master’s degree in organizational management (MAOM) from the University of Phoenix. He also holds an Honorary Doctorate degree in Humane Letters. Howard was an Adjunct Professor at GA Tech, GTISC, Professor of Research at Idaho State University and Adjunct Distinguished Fellow with Carnegie Mellon’s CyLab and a Distinguished Fellow of the Ponemon Privacy Institute.

Howard is a Ham Radio operator (W7HAS), a private pilot, outdoorsman and an avid Harley-Davidson rider. He is married to Raemarie J. Schmidt, a forensic scientist and researcher and instructor in the field of computer forensics. Together, they are proud parents, and happy grandparents.

WED

NES

DAY

10:00am-11:20am Social Media (In)SecurityRob Martin, President, Raleigh ISSAStatistics say less than 1/3 of users properly secure their social media accounts. Find out how sites like Facebook, Twitter, and Instagram are becoming threats to students, military, and every day users. Learn about meta data, geotagging and more. When it comes to cyber security, sometimes we’re our own worst enemy.

1:00pm-1:50pm Sniper Forensics: Targeting Data to Get Answers FastRyan Linn, Director of Penetration Testing, Nuix

Forensics has historically been a lengthy process: start imaging systems, wait, load the data for analysis, wait, then finally review. If more imaging is necessary the cycle repeats. If you are in the middle of a critical event, that process takes longer than upper management is willing to wait. Sniper Forensics is a different methodology which speeds up the classic forensics process and helps uncover answers sooner. The theory is “start with what you know to get to the data you need faster”. This presentation will discuss what data to focus on first and walk through some sample scenarios of how Sniper Forensics plays out in typical incident response exercises.

2:00pm-2:50pm CyberPatriot Challenge RoundtablesChris Gaw Coach & Mentor, CyberPatriotJennifer Minella

Join your peers for collaborative roundtable discussions of past CyberPatriot Challenges. Roundtable topics by table for Windows Admin, Ubuntu, and Networking challenges.

4:00pm-4:50pm Survival Wi-FiTom Carpenter, Chief Technology Officer, CWNP

An introduction to Wi-Fi topics you need to survive in today’s connected world. Covers the basics of RF (radio frequency) technologies, security concepts, and the wacky world of endpoints - knowledge to help troubleshoot, secure, or wow your friends.

KEYNOTECYBER SECURITY STUDENT TRACK THU

RSDAY

2120

13th Annual IT Hot Topics Conference 13th Annual IT Hot Topics ConferenceTH

URSD

AY10:30am

-11:20am1:00pm

-1:50pm

Actionable Threat Intelligence, ISIS, and the SuperBallIan Amit, Vice President, ZeroFox

“When adding a new threat intelligence feed into your threat model and security practice, one always has to ask: “what is the value?” Unfortunately, over the past couple of years, organizations have struggled with showing true value from standard threat intelligence feeds for several reasons, most of which coincide with the fact that the feeds are too generic, and do not directly relate to the operating environment of the organization.

In this talk, we will discuss how to create a customized, organization-specific threat intelligence feed, that in turn will be used to actively increase the security posture of the organization in a measurable way. Some of the examples we will address include dealing with DDoS attacks & social media account takeovers and adjusting to finding threats and threat actors in order to proactively tune defenses before an attack.”

Holistic OpSec: Bringing application, server and network security together aka “When a security architect writes an application”David Zendzian, Founder & Managing Partner, ZZ Servers

“This case-study will present a story of Operational Security as it is today and dig into an examination of a modern enterprise rails application. It will review application security best practices going through specific controls within the application, best practices in deploying and how to integrate application controls, local host and network firewall controls into a self monitoring, alerting and automated security system.

All techniques and tools reviewed are open source and not only freely available but strongly encouraged to use. A short list of technologies that will be reviewed include: rails, nginx, naxsi, rack-attack, brakeman, syslog, fail2ban, ossec and more.”

Panel Discussion - SaaS Cloud Security and ComplianceManny Landron, Security and Compliance team, Citrix ShareFile Mike Rains, Security and Compliance team, Citrix ShareFile Holli Harrison, Security and Compliance team, Citrix ShareFile

Q&A around securing and ensuring compliance for Software-as-a-Service(SaaS) application hosted in a hybrid cloud environment comprised on collocation data centers and Infrastructure-as-a-Service (IaaS) cloud providers leveraging traditional network and software defined security.

THURSDAY SESSIONS

THU

RSD

AY10

:30a

m-1

1:20

am

Why I “Sold Out” and Why You Should Too: Making the Leap from Operations to Sales EngineeringKarlo Arozqueta, Systems Engineer, HP Security Solutions, Federal

“Mr. Arozqueta left a 7 year career conducting incident response in a 24/7 environment for a simple sales engineering position. He applied for the job on nothing but the trust he had in a long time friend who said it was the best move she ever made and he wouldn’t regret it. His Operations peers were quick to point out that he had “sold out” and that they would leave the proverbial porch light on for him because there was no way he would enjoy it and he would definitely be back.

However, Mr. Arozqueta’s entire life’s journey had prepared him for and led him to succeed in the sales engineering role: a role devoid of late night phone calls, haphazard sleep schedules and chasing down subordinates to sign their timesheets. He had found the perfect job that would allow him to remain technical, specialize in a few technologies and never worry about being “promoted” to management. Delivered in an informal story-telling style, Mr. Arozqueta will talk about how he’s been doing 1.5 years into his role and why it may be a viable career change for you too.”

Are Branded-Vulnerabilities Helping Make the Internet a Better Place?Omar Santos, Senior Incident Manager, Cisco PSIRTIf the vulnerability is sexy enough, it gets a name. If the vulnerability can make the researcher or the company that found it rich, it gets a name. From Heartbleed to ShellShock, Poodle and GHOST, vulnerability branding is the new normal. Is this new trend in vulnerability disclosure helping make the Internet a better place? This session is an active discussion on how bad actors are benefitting more from these branded-vulnerabilities than the good guys. We will discuss the trends in vulnerability disclosure and the evolution of network security.

Examining the Cyber Security Landscape and Discussing How Next Generation Firewalls Bolster Your Security PostureChris Vazquez, Field Security Specialist, Dell SonicWALL Brittany Robertson, Field Security Specialist, Dell SonicWALL

Join us in discussing how security threats continue to grow and evolve with networks being overburdened with increased usage, bandwidth and devices. An examination of the current threat landscape, and what is predicted in 2015. A discussion about how Next Generation Firewalls continue to revolutionize network security.

THURSDAY SESSIONS

2322


Integrating Web Application Security Best Practices Within the SDLCFrank Catucci, Director of Web Application Security, Qualys

This discussion will focus on how to utilize and integrate web application security and scanning best practices within the software development life-cycle (SDLC). Frank will address how to build security into the software development lifecycle, discuss security requirements, governance, planning, goals, challenges, implementations and plans for growth. This talk will focus on high level practices but also give insight into the technical aspects of what will be required for success.

Software Defined Networking (SDN) Workshop (2 hour)Dale Smith, SDN Specialist, HP Networking

“Overview of Current Software Defined Networking (SDN) Technologies. Survey session to provide an overview of Software Defined Networking (SDN)current trends, frameworks and technologies. This session will provide an overview of various SDN architectures with a focus on the requirements for designing and deploying the SDN enabled campus and branch site.

The session will briefly touch on automation and programming technologies, but a programming or software development background is not required.”

Cracking the Code: How IT Experts Become IT LeadersMichael Santarcangelo, Security Catalyst

“The challenge isn’t technology. The opportunity is IT leadership. The pathway from IT expert to IT leader includes understanding 5 foundational elements and demonstrating the 9 competencies of remarkable IT leadership. In this session, Michael reveals the benefits of a competency based approach, explains how to assess where you are currently, and shares insights on how to demonstrate your value, earn your place in the executive suite, and have your voice heard by the board and other leaders.

This session is for IT experts and IT leaders with an appetite for personal development, and the desire and ability to be remarkable.”

Cyber Threats and Trends 2015Peter Ahearn, Special Agent, Cyber Crimes, FBI

How do you ensure the security of your data is preserved in a way that stays one step ahead of the bad guys? Unfortunately, criminals - domestic and abroad - are relentless in searching for creative new ways to obtain money and/or intellectual property from companies and their clients. Today’s cybercriminals are innovative and organized. This is your opportunity to hear the FBI share current case studies and offer tangible suggestions for what you can do to mitigate your cybersecurity risks to keep your company and clients from being victimized.

1:00

pm-1

:50p

m2:

00pm

-2:5

0pm

THU

RSDAYTH

URS

DAY

Mobile EngagementJuan Tardio, Senior Systems Engineer, Aruba Networks

The new mobile engagement solution offering media-rich apps and indoor location services over the fastest Wi-Fi on the planet. It is a contextually aware of connected users, devices and apps as well as location and time of day.

THURSDAY SESSIONS THURSDAY SESSIONS

TECH CHALLENGES

This year’s Tech Challenge features Tech Jeopardy – a new twist on trivia! Test your skills across several areas of technology and security with our custom engineering-approved Jeopardy answers. Make your mark with Double Jeopardy to really shine. Who will win the Jeopardy challenge?

Take a trip through technology memory lane with a visit to the Vintage Tech Museum onsite Wednesday. Ooh and aah at this nostalgic collection of Apple IIs, Commodores, Ataris, and other vintage computers and classic gaming systems. This ain’t your grandkids’ gaming console!

http://vintagetechmuseum.org | Twitter: @VinTechMuseum

25


24

13th Annual IT Hot Topics ConferenceFRID

AYTH

URS

DAY CONFERENCE PRIZES:

ATTEND TO WIN

Don’t miss the Thursday afternoon wrap-up with prizes for your opportunity to win gift cards, prize baskets, geeky gadgets, drones, tablets and more!

Participate for more tickets and MORE CHANCES TO WIN! Attend breakout sessions and fill out evaluation forms to earn prize raffle tickets.

Carolina Advanced Digital, Inc. is a USAC E-Rate Service Provider. If you participate in the E-Rate program you may be ineligible to receive certain event prizes or giveaways. CAD assumes all attendees are self-monitoring since many event attendees are not part of this program.

IT HOT TOPICS DEMO NETWORK Each year, the Carolina Advanced Digital Engineering Team puts together an enterprise-class conference network that provides both attendee wireless access as well as a demo environment for attendees and partner engineers to view and evaluate.

This year the IT Hot Topics Demo Network includes equipment from HP, Meru, Barracuda, Bradford, SonicWALL and Exinda. Visit http://demo.hottopicsconference.com for information and links to management interfaces and credentials. Also look for printed network drawings in the conference areas and upstairs, where our conference “MDF” is located.

Visit http://demo.hottopicsconference.com

Friday, May 8th • Grandover East Course

Come play with the pros! Well, the IT pros that is. Join our team of industry experts and test your skills on the green. Our annual Hot Topics Golf Tourney is a fun, casual way to meet and mingle with peers and our IT experts while enjoying a little bit of the outdoors.

Hot Topics Golf Tourney is captain’s choice with a shotgun start. Prizes are awarded for First and Second Place teams as well as for eight specialty marked contest holes.

The Golf Tourney is open to any conference attendees who wish to play.

Tournament PackThe tournament fee includes a Tournament Play Pack, breakfast, and entry to the awards luncheon immediately after the tournament.

Your Tournament Play Pack includes:• Golfers Kickoff Breakfast• CAD Golf Play Pack• Golf Cart• GPS• Range Balls• Beverages (no snacks)• Golfers Awards Luncheon

Proper attire is required:• Shirts with collar• No jeans or short shorts• No metal spikes

Course DetailsAll 2015 tournament participants will play the East Course at Grandover. Grandover received four and a half stars, noted as one of “America’s Best Places to Play” by Golf Digest and “Best Conditioned Courses in North America” by Golf Digest (4th place).

GOLF TOURNAMENT

IMPORTANT INFOPlaying Grandover East CourseBreakfast at 7:30amShotgun Start at 8:30amCaptain’s Choice / Best BallMen play from White teesLadies play from Red tees

CONTEST HOLESHole 3: Closest to the PinHole 6: Longest PuttHole 10: Longest Drive Hole 14: Straightest Drive

HOLE-IN-ONE PRIZESHole 3: $5,000 cashHole 7: Premium electronics

package Hole 12: Golf Package with

Driver & Woods Hole 16: Golf Package with Irons

2726


LOCKPICK VILLAGE Want to tinker with locks and tools the likes of which you’ve only seen in movies featuring police, spies, and secret agents? Then come on by the Lockpick Village, run by The CORE Group, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised. No experience is needed, instruction is provided. Try your hand at challenges with progressive tumbler locks, padlock shims, and more.

enterthecore.net/lockpicking-manipulation

EMCEEEnjoy the antics of long-time friend John McCumber as he serves as master of ceremonies. John is an Air Force veteran, Cryptographic Fellow of the NSA, Professorial Lecturer at George Washington University, speaker, author, motorcycle-lover, and voted “Best Entertainer” by the Carolina Advanced Digital staff four years in a row.

@johnmccumber

MEE

T TH

E TE

AM

MEET THE TEAM

Julie AllenInside Sales [email protected]

Rob BaxleyNetwork [email protected]

Bre ColemanSales [email protected]

Heather MooreSales [email protected]

Michelle DziengelBusiness [email protected]

Morgan DziengelGovernment Sales [email protected]

Brenda KingSales [email protected]

Jennifer MinellaVP of [email protected]

Geraldine [email protected]

Kory ThornbergTechnical Team Lead & Network [email protected]

Matt HelmerPro Services [email protected]

John JabbuschPresident & Chief Engineer

[email protected]

Susan JabbuschExecutive Vice President

[email protected]

Carolina Advanced Digital, Inc. is proud to have a dedicated team of engineers and account specialists to make sure your every need is covered. Meet the 2015 team!

TIDBITS

Who’s Your

Daddy?

American college professor and scientist Robert Goddard built and flew the world’s first liquid propellant rocket on March 16, 1926. Its flight, though unimpressive (it climbed only 12.5 meters), was the forerunner of the Saturn V Moon rocket 43 years later. He is often referred to as the “father of modern rocketry.”

Did You Know?

Did you know? John and Susan met in the 70s while serving in Naval Intelligence in Key West, FL.

2928


THANK YOU TO OUR CONFERENCE SPONSORS

TIDBITSTI

DB

ITS

GOLD SPONSORS

Carolina Advanced Digital, Inc. would like to take the time to thank all of our generous sponsors who support this year’s IT Hot Topics Conference.

SILVER SPONSORS

INDUSTRY PARTNERS

BRONZE SPONSORS

THANK YOU TO OUR ADVISORY COMMITTEE

David Bankole Chief Security Architect Novant Health Gray CassellChief Information OfficerTown of Kernersville Jason ClaytonTechnology CoordinatorPerson County Schools Ryan DraughnChief Information OfficerNC League of Municipalities Maurice FerrellAssistant Director, Center for Public TechnologyUNC School of Government

Joel HartleyChief Information OfficerDavidson County Government Chuck KeslerChief Information Security OfficerDuke Medicine Dominic MesserNetwork AdministratorHarnett Health System Wes RinehartDirector of Technical SupportCarteret County Schools Michael SeymourVice President of Information TechnologyPike Enterprises

Gary SteeleyInformation Technology ManagerPiedmont Triad Regional Council Scott Van MoppesAirport Systems ManagerHorry County Dept. Airports Chris WheelerDirector, Network ServicesWake Tech Community College Jason WhitakerChief Information OfficerVillage of Pinehurst

STEM MATTERS MAGAZINE Featured keynote speaker Dr. Uma Gupta is a founder of STEM-SMART, an organization that offers educational programs, consulting, conferences, resources and partnerships to build, strengthen and diversify STEM talent. This includes a print magazine, STEMatters, that provides step-by-step guidance on STEM degree programs and careers, an internship hub that links local employers with high school and college students, evening and weekend STEM educational and career programs for high school students, an online mentoring forum that brings together employers and students, and

other resources necessary for individuals to succeed in STEM.

http://www.stem-smart.org | Twitter: @STEM-SMART

3130

13th Annual IT Hot Topics Conference 13th Annual IT Hot Topics ConferenceTI

DB

ITS

We’re tweeting updates throughout the event @hottopics. Use the hashtag #hottopics15 when tweeting about IT Hot Topics Conference!

Want to follow CAD year round? Find us on Twitter@CADinc.

We are also on Facebook! Like us atfacebook.com/CADincorporated.

Find us on LinkedIn

https://www.linkedin.com/company/carolina-advanced-digital

SUPPORT CYBERPATRIOT Carolina Advanced Digital is committed to the advancement of our community through education on STEM and Cyber Security topics. We’re pleased to support our local students competing in the CyberPatriot Challenges, and we encourage professionals to participate as sponsors, advisors and mentors. Visit www.cyberpatriot.org for more information and to register as a mentor.

http://cyberpatriot.hottopicsconference.com

SOCIAL MEDIA INFO

IT HOT TOPICS CONFERENCE 2016

Join us next year at IT Hot Topics 2016!Carolina Advanced Digital’s 14th annual

IT Hot Topics Conference & Golf TourneyMay 4-6, 2015

Grandover Resort Greensboro, NC

By attending IT Hot Topics Conference 2015, you understand and agree that photographs and video taken at the event may be used

in print media publications, advertisements, online and in any other format Carolina Advanced Digital, Inc. at its sole discretion may choose.

Old School Robots!

The word robot was introduced to the public by the Czech writer Karel Čapek in his play R.U.R. (Rossum’s Universal Robots), published in 1920. But robots existed in legend long before then. Many ancient mythologies, and most modern religions include artificial people, such as the mechanical servants built by the Greek god Hephaestus (Vulcan to the Romans).

Innovate.

Carolina Advanced Digital, Inc.

133 Triangle Trade Drive | Cary, NC | 27513919-460-1313 or 800-435-2212

www.cadinc.com

Innovate.cadinc.com/wp-content/uploads/ITHotTopicsBooklet_2015-_v...3:00 - 3:45 Afternoon Break 4:00...

Documents

Transcript of Innovate.cadinc.com/wp-content/uploads/ITHotTopicsBooklet_2015-_v...3:00 - 3:45 Afternoon Break 4:00...