2017 RETR3AT Conference
YouTube Audio from 2017 Plenary Sessions
- 7 Deadly Cybersecurity Sins SMB’s Should Avoid – Bill Hawks
- Growing and Sustaining the Cybersecurity Workforce – Rodney Petersen
- Retr3at 2017 Lightning Rounds
- SCADA Security Systems – Plenary Panel
- Cyber Strategy – A New Reality – Max Everett
PowerPoint Slides from 2017 Plenary Sessions
Thursday, October 26, 2017
11:30 a.m. – 1:00 p.m.
Fall Business Connection Luncheon – “Cybersecurity Threats on Both Sides of the Firewall: Protect your organization from internal and external threats”
Speaker: Ed Skoudis, Founder, CounterHack; SANS Institute Fellow; Adjunct Professor, Montreat College
(Renaissance Hotel – Asheville) | Registration is now closed.
7:00 p.m. – 8:00 p.m.
Community Opening Plenary – “Is your new television a cybersecurity threat?”
Panel Moderator: Paul Maurer, President, Montreat College
Speakers: Max Everett, Chief Information Officer, U.S. Department of Energy; Ed Skoudis, Founder, CounterHack; SANS Institute Fellow; Adjunct Professor, Montreat College; Sulaiman H. Sulaiman, CIO, Chief Consulting Officer at iMethods
8:00 p.m. – 9:00 p.m.
Cybersecurity Lab Tours
Friday, October 27, 2017
7:30 a.m. – 8:15 a.m.
Breakfast, Networking, Registration
8:25 a.m. – 8:35 a.m.
Paul Maurer, President, Montreat College
8:35 a.m. – 9:25 a.m.
Keynote Address – “Cyber strategy – a new reality”
Max Everett, Chief Information Officer, U.S. Department of Energy
9:40 a.m. – 10:35 a.m.
Breakout Session 1 – “Seven deadly cybersecurity sins small businesses should avoid”
Bill Hawks, Director of Marketing, Seedspark
Breakout Session 2 – “Move the needle: rethinking how to recruit, train and retain female cybersecurity professionals”
Panel Moderator: Amy Braswell, Information Security Executive, Senior Vice President, Bank of America
Panel Members: Michele Jordan, Cybersecurity Consultant, Under the Oaks Consulting; Robin Pugh, President, Queen Associates, Inc.
Breakout Session 3 – “Cybersecurity tabletop for executives”
Facilitator: Shawn Dorsey, Lead Investigator, Cyber Readiness & Response Cyber Security Services, Symantec
9:40 a.m. – 12:00 p.m.
Capture the Flag (Students only – *Please indicate interest on your registration form.)
(Cybersecurity Operations Teaching Lab)
FBI Mobile Lab Tours
(Anderson Auditorium Parking Lot)
10:35 a.m. – 11 a.m.
11 a.m. – 11:50 a.m.
Plenary Address – “Growing and Sustaining the Cybersecurity Workforce – partnership between industry, government, and academia”
Rodney J. Petersen, Director, National Initiative for Cybersecurity Education at the National Institute of Standards and Technology
11:50 a.m. – 1:00 p.m.
1:10 p.m. – 2 p.m.
Plenary Panel – “SCADA Security Systems”
Panel Moderator: David Thompson, President and CEO, Edgepoint Ltd.
Panel Members: John Gallagher, Retired, U.S. Army; Daryl Haegley GICSP, OCP Control Systems Cybersecurity OASD Energy, Installation & Environment; Chris Cleary, Director of Business Development, Tenable Network Security.
2:15 p.m. – 3:05 p.m.
Breakout Session 1 – “Lightning Round – Ransomware, IoT”
Tom Tollerton, Manager – IT Advisory Services – Cybersecurity, Dixon Hughes Goodman; Anthony Della Posta, Security Engineer, Check Point Software Technologies
Breakout Session 2 – “Cybersecurity emerging fields – legal, insurance, contract work, recruiting.”
Panel Moderator: Robert Potter, Chief Revenue Officer, Verodin
Panel Members: Allen O’Rourke, Attorney – Cyber & Litigation, Womble Carlyle Sandridge & Rice, LLP;
Robin Pugh, President, Queen Associates, Inc.; Evan Taylor, Risk Consultant, NFP
Breakout Session 3 – “Cyber ethics – a new value proposition for government, organizations, and individuals”
Panel Moderator: Dr. Mark Wells, Professor of Ethics/Philosophy, Montreat College
Panel Members: Brian Cyprian, Supervisory Special Agent, Charlotte Field Office of the FBI; Keith Gordon, Information Security & Risk Management Executive, Ally Financial Services; John Gallagher, Retired, U.S. Army.
3:05 p.m. – 3:30 p.m.
3:30 p.m. – 4:20 p.m.
Plenary Address – “Cybersecurity Analytics”
Casey Marquette, Information Security & Risk Management Executive, Ally Bank
4:20 p.m. – 4:30 p.m.
Paul Maurer, President, Montreat College
Information Security executive, Senior Vice President, Bank of America
Amy Braswell leads the Cybersecurity Threat Intelligence and Customer Protection (CTICP) team, responsible for leveraging threat intelligence to influence and establish industry-wide standards for cybersecurity. Prior to her current role, Amy was a risk executive for the joint Global Information Security (GIS) and Chief Technology Officer (CTO) Risk Task Force, which drives consistent risk culture across both organizations and provides expert-level guidance in the escalation and debate of issues. Since joining Bank of America in 1998, Amy has held several leadership positions. Within GIS Amy led the global operations team for data loss prevention (DLP) and insider threat, and she served as the information security compliance executive responsible for oversight of regulatory interactions and issues management.
Assistant Professor of Cybersecurity, Montreat College
Kelli Burgin began teaching in the Cybersecurity program at Montreat College in January of 2016. Prior to coming to Montreat, she was the IT coordinator at Audubon County Memorial Hospital in Audubon, Iowa. There she wore many hats, including the roles of HIPAA security officer, help desk manager, information security officer, project manager, meaningful use coordinator, and PACS administrator and trainer. Burgin earned her B.A from the University of Northern Iowa. She received CompTIA A+ certification in 2000 and CompTIA Network+ credentials in 2002. In 2004, she completed her M.S. in Computer Information Systems at Bellevue University. In 2015, she was awarded the Certified Information System Security Professional (CISSP) from (ISC)2. Burgin will begin working toward her doctoral degree in the fall of 2016.
Director of Business Development, Tenable Network Security
Chris Clearly is currently the director of business development and federal cyber strategy for Tenable Network Security. Cleary’s commercial experience prior to joining Tenable includes client partner with Verizon Enterprise Solutions, director of cyber intelligence at L3 Communications, president of Vir-Sec Government Services, and senior manager of intelligence programs at Sparta. Cleary is also a commander in the Navy Reserves where he spent 16 of 24 years on active duty supporting a variety of commands including US Cyber Command, National Security Agency, Office of Naval Intelligence, National Reconnaissance Office, and Joint Special Operations Command. Cleary holds a Bachelor of Science degree from the U.S. Naval Academy and a Master of Arts degree in National Security Studies from the Naval War College. He is a Certified Information Systems Security Professional and Program Management Professional.
Brian N. Cyprian
Special Agent, Federal Bureau of Investigation
Brian N. Cyprian has been a special agent since 2005 and supervisor for the Charlotte Cyber Task Force since March 2016. Prior to reporting to Charlotte, Cyprian was assigned to FBI Headquarters, Cyber Division, managing national security cyber intrusion investigations. He has worked in the Chicago and Kansas City Field Offices and was in charge of the online distance education program at a regional university before joining the FBI. Cyprian has a B.S. in Computer Information Systems and an M.B.A. from Texas A&M University–Commerce.
Anthony Della Posta
Security Engineer, Check Point Software Technologies
Anthony Della Posta is a security professional with experience and expertise in accounts from small to strategic enterprise. He has worked as a Security Engineer at Check Point Software Technologies since 2014. He has extensive training in Israel in gateway deployment, DDOS protection, and ransomware. He has a passion for exploration and understanding of the ever-expanding digital world.
Lead Investigator, Cyber Readiness & Response Cyber Security Services, Symantec
Shawn Dorsey currently works as a lead investigator in the Incident Response group for Cyber Security Services at Symantec. In this role, Shawn helps clients identify, contain, and eradicate the threat of increasingly sophisticated attack actors as part of Symantec’s Incident Response Service. Prior to joining Symantec, Shawn worked as a forensic analyst for the Sony Corporation Global Security Incident Response Team. Shawn previously served as a special agent with the United States Naval Criminal Investigative Service (NCIS) for over a decade, as well as an assistant district attorney for the State of Louisiana in New Orleans, and a signals intelligence analyst and Arabic linguist in the U.S. Army.
Max Everett, Chief Information Officer, U.S. Department of Energy
Max Everett is a cyber security advisor with twenty years of experience at the intersection of technology and policy, implementing technology solutions and cyber security protections for public and private sector organizations. Most notably, Max served as Chief Information Officer for the White House in 2008 and has served as CIO for several Republican National Conventions. Max currently serves as the Chief Information Officer at the U.S. Department of Energy. Prior, he was the Managing Director for Fortalice Solutions, leading services and lines of business in risk assessment, digital protection and incident response. He is responsible for managing all private sector engagements, as well as providing strategic support on Federal cyber security work.
U.S. Army, Retired
John Gallagher retired in 2015 after 25 years in the U.S. Army and served as President/CEO of the Institute for Global Engagement until 2016, working in the Middle East and Asia on political reform, religious freedom, and countering violent extremism. Previously, John was a Special Assistant to the Chairman of the Joint Chiefs, Commander of U.S. Central Command, and Commander of the International Security Assistance Force in Afghanistan. From 2007-2009, he was a White House Fellow and Director for Iraq and Afghanistan at the National Security Council. At West Point, John taught American politics and counterterrorism and was the director of the Academy’s Rhodes Scholarship program. A former infantry officer and Army strategist who has deployed to Egypt, Kosovo and Afghanistan, Gallagher is the co-editor of Debating the War of Ideas (2009), a member of the Council on Foreign Relations, and a 2016 Presidential Leadership Scholar.
Information Security & Risk Management Executive, Ally Bank
Keith Gordon is the Information Security and Risk Management Executive for Ally Financial where he is responsible for Strategy, Innovation and Security Architecture, Data and 3rd party Security, Cyber Analytics and User Behavior Analytics for Information Security, as well as Enterprise Disaster Recovery & Business Continuity. Prior, Gordon worked at Bank of America in Global Information Security where he held roles as the Business Information Security Officer as well as leading the Cyber Threat Intelligence and Customer Protection (CTICP) team. Gordon began his career with Bank of America in 2003 supporting Consumer Banking Technologies where his focus was technology risk, security and fraud. His teams led the effort to define and build the enterprise standards for application security, vulnerability management and compliance, resulting in the bank’s Enterprise Cyber Security strategy. Keith graduated from Anderson University with a Bachelor of Arts degree in Marketing and Mathematics. He lives in Charlotte, North Carolina.
GICSP, OCP—Control Systems Cybersecurity OASD Energy, Installation & Environment
Daryl Haegley has 30 years of military, federal civilian and commercial consulting experience, currently overseeing the cybersecurity risk management effort to secure control systems, operational technology, and platform information technology of real property, geospatial, and energy systems for the Department of Defense (DoD). He leads DoD policy, security assessments, cyber range capability developments, scorecard requirements and system authorization via the Risk Management Framework (RMF) process improvements. He is a contributing author to NIST SP 800-82 R2 ‘Guide to Industrial Control Systems Security,’ Unified Facilities Criteria 4-010-06 ‘Cybersecurity of Facility-Related Control Systems’ and Springer publication ‘Security of Industrial Control Systems.’ He maintains four certifications, three Masters’ degrees, two college tuitions & one patent.
Director of Marketing, Seedspark
Hawks is a competitive marketing and sales professional whose primary goal at SeedSpark is to understand what current and potential client’s businesses need most and align tech and development operations to meet those needs. His training includes a Business Administration degree specializing in Entrepreneurship & Business Development and a Master’s in Business Administration (MBA) as well as additional professional certifications in technology and marketing specific to tech and security. His hands on experience includes marketing for higher education, technology consultants, and local businesses.
Cybersecurity Consultant, Under the Oak Consulting
Michele Jordan heads up Vulnerability Research for the SecurityWizardry.com Cyber Threat Intelligence page, affectionately known as the Radar Page. She runs Under the Oak Consulting, whose primary customer is Computer Network Defence, Ltd. (CND) in Bath, England. The contract with CND includes the Radar Page, maintaining servers and websites, and soon Cyber Essentials certifications. Michele worked her way through the IT and Network Security world, holding positions in X.25 Network Security for GTE Telenet, Sun Microsystems as a Pre-Sales Systems Engineer, and the Washington Post website in Network Security and Support, before moving to small businesses and consulting work. She has a Bachelor of Science degree in Computer Information Systems from Strayer College. Currently she resides in Western North Carolina, working from home and raising children.
Senior Director, Information Security, CVS Health
Casey Marquette is the business unit information security officer for Omnicare, recently acquired by CVS Health, as well as the senior director of security operations for CVS Health. At Omnicare, Marquette is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets are protected. Prior to joining CVS Health, Marquette worked for Johnson & Johnson (J&J) as the global process owner for Security Operations, building a Global Security Operations Center capability from the ground up. Previously, he served as the global process owner for J&J’s Critical Response Team. He began his career in the private sector at Medco in 2011. Marquette graduated from Norwich University with a Master of Science in Information Assurance. In addition, he holds the following security certifications: Certified Information Systems Security Professional, Certified in Risk and Information Systems Control, GIAC Certified Incident Handler, and GIAC Certified Forensic Analyst.
Attorney, Litigation and Cyber Law, CIPP-US, Womble Carlyle Sandridge & Rice, LLP
Allen O’Rourke is an attorney at Womble Carlyle Sandridge & Rice, LLP; he helps clients affected by data breaches and cyberattacks. Working with clients’ legal and information security teams, Allen investigates cybersecurity incidents, coordinates the remediation of breaches, interfaces with law enforcement, and ensures compliance with applicable data breach laws and regulations. He also handles government investigations, regulatory enforcement actions, consumer class actions, and other cybersecurity litigation, and provides legal guidance on active network defense, cybersecurity preparedness, and associated regulatory compliance. Prior to joining Womble Carlyle, Allen was a Computer Hacking and Intellectual Property (CHIP) prosecutor at the U.S. Attorney’s Office for the District of Columbia, where he conducted numerous investigations into corporate data breaches, business email compromise schemes, “dark web” criminal forums, money laundering using Bitcoin, cyberstalking, terrorist use of the Internet, and other types of cybercrime. He received two Special Achievement awards for his work to combat cybercrime. Allen clerked for Judge Anita Brody on the U.S. District Court for the Eastern District of Pennsylvania and for Judge Allyson Duncan on the U.S. Court of Appeals for the Fourth Circuit. He graduated from Harvard Law School in 2008.
Rodney J. Petersen
Director, National Initiative for Cybersecurity Education at the National Institute of Standards and Technology
Rodney Petersen is the director of the National Initiative for Cybersecurity Education (NICE) at the National Institute of Standards and Technology (NIST). Recently, he was the president and CEO of Education Policy and Leadership, LLC. He previously served as the senior policy advisor to EDUCAUSE, Internet2, and Indiana University. He also was the managing director of the EDUCAUSE Washington Office and a senior government relations officer. He writes and speaks regularly on topics related to higher education cyber law and policy. He received his law degree from Wake Forest University and a certificate as an Advanced Graduate Specialist in Education Policy, Planning, and Administration from the University of Maryland. He holds bachelor’s degrees in business administration and political science from Alma College.
Chief Revenue Officer, Verodin
Robert Potter is the Chief Revenue Office at Verodin. Rob is responsible for developing and delivering the global strategy, services and solutions that support Verodin’s customer needs. With over 25 years of industry experience, he has a solid track record of partnering with private and public enterprise organizations to improve their security and information management requirements. Prior to joining Verodin in 2017, Rob was the Vice President of the Americas for Symantec, overseeing a $1B security product portfolio. His leadership experience in the information security and technology markets has included senior leadership roles at EMC (RSA), IBM, Attachment (WRQ), Lancope (Acquired by CISCO), co-founder of STS, and as a senior executive with multiple start-up companies. Rob currently serves as an advisor for BroadBranch Advisors, Measured Risk, and Boundless. Rob holds a Bachelor of Science degree, in Computer Science from Quinnipiac University in Hamden, Connecticut.
President, Queen Associates, Inc.
Robin J. Pugh is the president of Queen Associates, Inc., a technology consulting firm with a focus on Cybersecurity and Digital transformation headquartered in Charlotte, NC. With 20 years of experience in technology-focused talent acquisition, Robin has served in recruitment and business development roles, transitioning into executive management at one of the world’s largest financial institutions, leading a large team in support of many talent strategies including mergers, acquisitions, divestitures and corporate initiatives. Robin received her degree in Business Administration from Montreat College and has been recognized as one of the Ten Outstanding Young Charlotteans (2007) and 50 Most Influential Women (2011).
Senior Vice President, External Partner Security Executive, Bank of America
Myra Rowell is the Global Information Security (GIS) External Partner Security executive responsible for collaborating with external partners to increase awareness and encourage adoption of stronger cybersecurity standards by enhancing the public policy environment that governs and controls external entities. Since joining the bank in 2002, Myra has held positions in information security, technology infrastructure, portfolio management, systems & data security, as well as change management. She is active in several diversity and inclusion efforts and a member of the bank’s Women in Technology & Operations (WIT&O) and Leadership, Education, Advocacy, and Development for Women (LEAD) employee networks as well as the National Center for Women in Technology (NCWIT), Waxhaw-Weddington Rotary, and Elevation Church. In addition, she serves on the current Cybersecurity Advisory Council for Montreat College. A Six Sigma certified Green Belt, Myra earned a bachelor’s degree in management and a master’s degree in business administration from Montreat College in North Carolina.
Founder of Counter Hack
Ed Skoudis is a leading professional “ethical hacker.” He is a teaching fellow at the SANS Institute, a private U.S. company that specializes in information security and Cybersecurity training. He is also the CEO of CounterHack and appears as a Cybersecurity expert on the PBS series NOVA. Skoudis got started in computer security while in college, and after graduating found work at Bellcore, a division of the Bell System. Following a stint in operator services, he jumped into computer security with gusto, helping respond to attacks against phone company networks. Skoudis then moved from Bellcore to SAIC, where he branched out to work with large banks, major high-tech firms, and other Fortune 500 companies. Later, he started performing incident response and penetration testing for government agencies and military customers. Skoudis received his master’s in Information Networking from Carnegie-Mellon in 2002 and his bachelor’s in Electrical Engineering from the University of Michigan in 1991.
Sulaiman H. Sulaiman
CIO, Chief Consulting Officer at iMethods
Sulaiman H. Sulaiman is an accomplished Health IT leader with over 16 years of experience in creating and implementing information technology strategies. He is an entrepreneur, innovative and passionate leader focused on optimizing IT investments to enable high quality more efficient care, and a better patient-provider-consumer experience. Sulaiman provides executive leadership and strategic planning for iMethods’ rapidly growing consulting practice. His well-rounded experience in strategy development, project management, cyber security, transformation and analytics brings tremendous value to clients as iMethods continues to reach new markets. Most recently he served as Senior VP and Chief Information Officer at Mission Health System where he led a rebuild of the IT Division and incorporated IT into the highest strategic levels of the organization. He also worked as the Chief Information Officer with Cleveland Clinic International and the Cleveland Clinic in the United States. Sulaiman earned a Bachelor of Science in Mechanical Engineering at Cleveland State University.
Risk Consultant, NFP
Evan is a Risk Consultant at NFP, a leading insurance broker and consultant with offices around the U.S. and abroad that provides employee benefits, property & casualty, retirement and individual private client insurance solutions. Evan works in Charlotte, NC, as a trusted advisor and works to deliver his clients high-quality property & casualty insurance solutions with an expertise in cyber liability. Evan’s subject matter expertise is based in years of experience. He began his career at the FBI, where he assisted in managing both National Security and Criminal Cyber and Counterintelligence investigations across North Carolina. After that, Evan managed several corporate security programs for BB&T and helped create the bank’s national Emergency Management program. Evan earned his BA from Wake Forest University and a MS in leadership and organizational development from Pfeiffer University. Evan is from Charlotte, NC, where he currently resides with his wife, Lindsay, and daughter, Reagan.
Manager of IT Advisory Services – Cybersecurity, Dixon Hughes Goodman
Tom Tollerton is a manager in Dixon Hughes Goodman’s IT Advisory Services Group and has over twelve years of experience in a broad range of cybersecurity services, including risk advisory, technical infrastructure assessments, and compliance audits. Immediately prior to joining Dixon Hughes Goodman, Tom worked for a Fortune 500 federal defense contractor, developing IT risk and compliance solutions. He also has experience working in the retail industry, developing and maintaining compliance programs for a PCI Level 1 merchant. In addition to traditional cybersecurity advisory services, Tom is licensed and certified to perform forensic collection and analysis, and has provided litigation support for various civil cases including, domestic dispute, employment law, and intellectual property theft. He has a Master of Business Administration – MIS and Bachelor of Science from Florida State University.
Dr. Mark Wells
Professor of Ethics/Philosophy, Montreat College
Dr. Mark Wells is a graduate of Friends University (B.A.), Fuller Theological Seminary (Master of Arts in Theology), and Baylor University (Ph.D.). He came to Montreat College in August 2006 with several years of experience teaching philosophy, ethics, theology, and leadership studies, and currently working on a book of essays on Christ-centered servant-leadership. His philosophical and theological interests include classical philosophy, apologetics, ontology, the theology of worship, and theological anthropology. Dr. Wells is keenly interested in the theology of Dietrich Bonheoffer and the Swiss Reformed theologian Karl Barth. He spent the summer of 2007 on a fellowship as a visiting scholar at St. Olaf College studying and writing on the works of Soren Kierkegaard. He has also done a great deal of work on the early Church Fathers and creeds of Christendom.