Day 2 Sessions - Wednesday, 6/16/2021 | Information Security Symposium

10:30 AM

Beginning PowerShell for Windows System Analysis
Session Code: S52
Start: 6/16/2021 10:00 AM
End: 6/16/2021 12:00 PM
Tags: Security Operations, Workshop/Lab
Session Description
Hands on lab that demonstrates the basics of PowerShell and how to obtain critical information about a Windows system

Prerequisites
Familiarity with Windows systems

Speaker Bios
Dean Bunn is an avid PowerShell user with numerous years of experience in an enterprise environment.

Threat Hunt Workshop Overview
Session Code: S80
Start: 6/16/2021 10:00 AM
End: 6/16/2021 02:30 PM
Tags: Security Fundamentals, Workshop/Lab
Session Description
In the heat of a crisis, every keystroke counts and indecision could cost your organization millions. What separates security pros from security liabilities? A plan – and practice. Join us for a virtual hands-on Threat Hunting Workshop to develop your skills and test your abilities. In this workshop, you will uncover best practices for threat hunting, learn how to incorporate threat hunting into your daily workflow, network with your peers to share strategies and techniques, and executive real-world lab scenarios.

This breakthrough interactive experience rejects the typical, boring webinar format. You are immediately hands-on, responding to dynamic attacks, containing incidents that organizations face every day. So, before we start, don't forget to close down your applications and turn off your notifications. You'll need all your attention and skills to climb the leaderboard and (hopefully) capture the flag.

Prerequisites
Workshops are intended for everyone. The goal is not to sell products but to teach the concepts and techniques of threat hunting using a unified, cloud-hosted set of data integrated across endpoint, DNS, threat research, and cloud security tools.

Speaker Bios
Bios to follow.

Identity Management- Secure Access for University Affiliates
Session Code: S63
Start: 6/16/2021 10:15 AM
End: 6/16/2021 11:00 AM
Tags: IAM, Cloud Security
Session Description
This paper will describe the secure processing of PII data as it flows through from external sources into our Identity data store and becomes available through secure web API's and is used for SSO access to essential University computing applications.

Main steps:
•data received from external sources via various platforms.
•Identities matched or created as determined by identity matching engine
•Data cleaned and stored for system access.
•Identities available for access through computing accounts SSO.
•Identities shared with other Security systems such as Card Management (for building access), Emergency Notification systems for public safety, etc.

Prerequisites
Beginners - No prerequisites

Speaker Bios
Ilvana Mesic, Identity and Access Manager at UC Davis

Mary Northup, Identity and Access Architect at UC Davis; Over 20 years experience with identity matching in both public and private sector organizations

Anitha Kumar, Identity and Access Senior Programmer at UC Davis

Managing and leading standards development
Session Code: S59
Start: 6/16/2021 10:15 AM
End: 6/16/2021 11:00 AM
Tags: Managing & Leading Security, Panel discussion
Session Description
I would like to share my experience in starting the Enterprise Architecture program, developing Digital Certificate Management specifications for UCDH IT, and the methods and patterns used to develop standards in information technology.

Prerequisites
None.

Speaker Bios
Education: UCLA graduate - Physics and Electrical Engineering (Minor)
2017-2021 - UCDH Business Resiliency Analyst IV
2014-2017 - Independent Consultant
1999-2014 - City of Glendale / Water and Power - Network Services Supervisor / PC Specialist
1998-1999 - Computer Experts Inc. - Senior Consultant
1997-1998 - Long Beach Community Medical Center - Director of IT
1996-1997 - Hughes Aircraft Company Corporate Headquarters - Senior Network Engineer
1995-1996 - Radiology Management Systems - Network Engineer

I am an IT professional with many decades of experience. I aspire to be at the forefront of information technology for the duration of my IT career . My plans include helping organizations migrate to the cloud, securing digital borders and thriving in a borderless workplace.

Protecting UC Digital Research Data - The Journey Begins
Session Code: S07
Start: 6/16/2021 10:15 AM
End: 6/16/2021 11:00 AM
Tags: Research Security
Session Description
In the wake of the UCSF ransomware attack in 2020, an effort was undertaken to recommend to the UC President steps that UC should take in order improve out protection of research data. A workgroup was formed by the Cyber-Risk Governance Committee, compromised of Vice Chancellors of Research, Faculty, Research IT subject matter experts, CIOs and CISOs, and they developed recommendations which the President has endorsed.

This session will explore the genesis of this effort, the formation of the workgroup, the path to the recommendations, lessons learned, and current status. There will be an interactive question and answer portion with workgroup members as well.

Prerequisites
General understanding of research data.

Speaker Bios
David Rusting is the Chief Information Security Officer (CISO) at University of California, Office of the President, where he develops and implements of the cyber-risk strategies and collaborates system-wide on a variety of initiatives. His 20+ year of experience covers multiple industry sectors, including, financial, healthcare, higher education, energy and related public sectors, and he leverages unique blend of creativity, business acumen and technology expertise to promote a risk-based approach to information security, privacy, and compliance.

Cyber-risk Management and Risk Assessment, A Unit Jump Start
Session Code: S10
Start: 6/16/2021 10:15 AM
End: 6/16/2021 11:45 AM
Tags: Risk & Compliance, Managing & Leading Security
Session Description
Do you or your team members feel like cyber risk management and risk assessments are too complex for your Unit? Do you want help getting started? Do you need support for your efforts? Have you struggled with particular steps, like supplier risk assessments?
In this session, we'll focus on these questions, helping you develop a plan for success. We'll discuss how to get started, how to ensure that you have the best strategies for cyber risk management, and how to implement risk assessments effectively. It's crucial to plan and build support for your cyber risk program. After our discussion, you'll feel confident that you are on the right path.

Unit Information Security Leads, Security leads, architects, developers, project managers, business analysts, compliance officials, and policy ambassadors will all benefit from this presentation.

Prerequisites
Some familiarity with UC's Electronic Information Security Policy, IS-3, specifically, section III.5 - 6 of IS-3 and the related IS-3 Incident Response Standard.

Speaker Bios
Robert Smith serves as the Systemwide IT Policy Director at the University of California, Office of the President Systemwide CISO's office. He has been with the University of California since 2011. Before this role was the senior director of technology for student affairs at UC Riverside, where he was the lead for IT security and compliance, software development, infrastructure, services, and program management. Robert's experience covers multiple industry areas, including; FDA/HIPAA regulated, DoD, corporate environments, and product development. Notably, he ran enterprise endpoint security product development and other projects during his years at Symantec. He participates in UC-wide security initiatives that focus on shared services, PCI, and HIPAA. Robert functions as a threat analyst helping to coordinate incident response and intelligence sharing with and from ISACs and law enforcement. He has written articles and short stories on security, compliance, and IT for the Journal of GxP Compliance. Robert regularly speaks on IT and security topics. Recent events include the EDUCAUSE Security Professionals Conference, H-ISAC events, ITPS monthly meetings, University of California Information Security Symposiums, and University of California Cyber Security Summits, among others.

How Jamf Can Māc Your Life Better
Session Code: S57
Start: 6/16/2021 10:15 AM
End: 6/16/2021 11:45 AM
Tags: Security Fundamentals, Panel discussion, Security Operations
Session Description
Panel Discussion with Aggie Desktop Jamf Admins

We provide an overview of how we use Jamf Pro at UC Davis. We will discuss the challenges we face supporting Apple products across multiple academic and administrative units. We will then open the discussion to the floor for Q&A.

Topics will include:
- Apple Computer and Mobile Device deployment, management, and security
- Apple Device Enrollment workflow
- Configuration Profiles
- Policies
- Software Lifecycle
- Asset Management
- Analytics and Reporting
- End Point Management with Jamf and BigFix
- Zero Touch Deployment
- Adapting to major hardware and OS releases
- Lessons Learned

Remaining time will be used for discussion and Q&A.

Prerequisites
No prerequisites required. It is open to anyone who wants to learn about Apple management with Jamf Pro in an academic environment.

Preferred: Jamf 100 Course, free from Jamf.

Speaker Bios
Kevin Vellanoweth is a Senior Desktop Support analyst at the UC Davis Center for Mind and Brain. He is a Jamf Certified expert and for the last 3 years has been a Jamf Service Manager for the Aggie Desktop initiative.

Anthony Shriver is the IT Team Lead/Desktop Engineer in the UC Davis School of Education. He is a Jamf Certified Expert and for the last 4 years has been a Jamf Service Manager for the Aggie Desktop initiative.

Steven Barkey is a Systems Administrator at the UC Davis College of Agricultural and Environmental Sciences Dean's Office. He is a BigFix SSA Service Manager and Jamf Service Manager for the Aggie Desktop initiative.

The Aggie Desktop initiative currently manages over 1200+ devices across multiple departments at UC Davis.

Shared and Virtual CISO for Healthcare: Good, Bad and Ugly
Session Code: S62
Start: 6/16/2021 10:15 AM
End: 6/16/2021 11:45 AM
Tags: Health, Panel Discussion, Managing & Leading Security
Session Description
2020 will be not only known as the year of COVID but also as the year which brought a cyber-pandemic. Some top cyber security experts feel that there are now 4,000 cyber attacks a day since the COVID-19 pandemic, with a special predilection for healthcare organizations.

The exponential increase in cyberattacks has made the availability of CISO and security experts very scarce. Many healthcare organizations are now struggling to expand their security teams or even hire a CISO. Hence, the concept of shared CISO and virtual CISO is fast gaining traction. While the shared or virtual CISO can handle governance, strategy and direction, the core IT security team still need to execute on that vision in local environments. As human error causes 90% of cyber data breaches, shared and virtual CISO still need to set up best practices for security awareness and certifications to be able to reach out, inform and alert health system employees at large.

In this panel, CIOs of two leading organizations in healthcare (UC San Francisco and UC Davis) along with leading Cybersecurity experts from Gartner will share their perspective on having a shared CISO in 2020 in a panel. The discussion will cover the following topics of widespread interest to healthcare and IT security audience:
• Introductions
• Brief overview presentations by the panelists (5 slides, 5 minutes each)
• Concept of shared CISO and virtual CISO (alternative CISO model)
• The critical role of CIOs in alternative CISO model
• How to establish governance and execution in alternative CISO model
• A special case for healthcare researcher IT security training and certification
• Lessons learned by UCD and UCSH in leveraging alternative CISO model
• When are the alternative CISO model the preferred choice- lessons learned from other sectors than healthcare?
• The Gartner framework to establish roadmap for security programs in healthcare
• Discussion and QA

Prerequisites
None.

Speaker Bios
Ashish Atreja, M.D., M.P.H. is CIO and Chief Digital Health Officer at UC Davis Health and responsible for IT initiatives across UCDH including centers of excellence in Applications, data, telehealth, infrastructure and security. Through Davis CoLab, he bridges the gap between IT, industry, academia and innovation with an aim to have "Digital Davis" becomes a global hub for digital health.

Atreja is credited with coining the term "Evidence-based Digital Medicine (EBDM)," and is often referred to as "the app doctor" for his work in pioneering digital therapeutics and prescribing mobile health apps for patients. He was awarded as Top 40 digital health care transformation agent in 2018. In addition to a medical degree, Atreja holds a master's in public health, and is a fellow of the American College of Physicians.

Joe R. Bengfort is senior vice president, information technology, and chief information officer at UCSF Health as well as an associate vice chancellor at UCSF. His responsibilities span across the university, including UCSF Health, research, education and administration, as well as strategic information technology (IT) initiatives at the University of California (UC) health system. At UCSF, he leads IT information and analytics, financial and human resources core systems, infrastructure, operations, customer support services and security. He has a bachelor of science in electronic engineering technology from Texas A&M University.

Michael Corn is CISO at UCSD. Corn began his security career at the University of Illinois as CISO for the Urbana campus and eventually for the University of Illinois system. After that, he became deputy chief information officer and CISO at Brandeis University before coming to San Diego. At UCSD, his responsibilities include both overseeing the security office and the campus's Identity and Access Management services. As CISO he views his job as being a senior risk advisor and risk manager to the CIO (Vince Kellen) and campus leadership. Corn is thrilled to be a part of UC

Paul Furtado is Senior Director Analyst at Gartner. He has 29 years experience and is responsible for providing insights into cybersecurity as it specifically pertains to the midsize CIO. In his prior role at CIO/CISO for a SaaS provider, Mr. Furtado had responsibility for staffing, budget, IT operations, cybersecurity and strategy. He was awarded among the Top 20 Most Innovative Mid-Market CIO in year 2014

Supporting Diversity in IT Security
Session Code: S66
Start: 6/16/2021 10:15 AM
End: 6/16/2021 11:45 AM
Tags: DEI, Panel discussion
Session Description
Moderator: Jackson Muhirwe
Panel Members: Christine Lovely, Chief HRO UC Davis; Molly Greek, CIO UCOP; Petr Brym, Assistant CISO UC Davis.

Panel members will be asked the following questions:
1. What are you doing at your organization and level to promote diversity equity and inclusion?
2. What practical steps have you taken to change your hiring practices and policies in order to attract diverse candidates?
3. What are you currently doing to promote diversity, equity and inclusion for the members of your team?
4. Do you have any tips for amplifying the voice of under-represented groups in your organization?

Prerequisites
No prerequisites, but interest in helping to promote diversity will be helpful.

Speaker Bios
Christine D. Lovely
Christine D. Lovely is a talented higher-education HR leader with extensive experience in delivering HR services and leading organizations through change initiatives. Since October 2018 she has served as the Associate Vice Chancellor - Chief Human Resources Officer at UC Davis and has responsibility for the central HR teams on both the Davis and Health campuses.

Prior to her tenure with the University, Christine served as University Counsel (2010-2012) and Vice President for Human Resources (2012-2018) for California State University, Sacramento. Christine has worked for the Sacramento County Office of Education as Associate General Counsel, the Public Employment Relations Board as a Legal Advisor, and was in private law practice for over 10 years, representing school districts and community college districts throughout California. She has also served as a board member with the Greater Sacramento Urban League and was board president of the Northern and Central California Chapter of the College and University Professional Association for Human Resources (CUPA-HR).

Christine's personal passion is for mentoring. She has mentored elementary, at-risk high school and university students through both formal and informal programs. Christine was awarded her Juris Doctorate from University of California, Davis in 1996 and obtained her Bachelor of Arts at the University of California, Berkeley in 1991. Christine is a native of San Jose, CA.

Molly Greek
Molly Greek is the CIO for University of California, Office of the President and leads Technology Delivery Services (TDS). TDS is primarily responsible for the 140+ applications and systemwide services which include UCPath (HR and Payroll for the entire UC) and Apply UC (undergraduate admissions for UC). Molly formerly worked at UC Davis Health, Hewlett Packard, EDFUND (student loan guarantor) and Franklin Templeton Mutual Funds. Molly was also a lecturer at CSU, Sacramento for six years and UC Davis extension. Molly has an MBA from Golden Gate University and a Bachelor's of Science from UC Davis. Molly's areas of professional interest are promoting diversity and inclusion, the UC mission and cloud technology.

Petr Brym
Petr Brym serves as the UC Davis Assistant CISO in the UC Davis Information Security Office, overseeing the Vendor Risk Assessment program, the ISO PCI Compliance Support Program, and Industrial Controls Assessment program. Petr also serves as one of the Internal Security Assessors for the UC Davis PCI Compliance Program.

Noami Rosario
Naomi Rosario is an IT and Cybersecurity professional currently working as a contractor for the UC Davis Information Security Office as an Information Security Analyst. In her current role, she supports the ISO and UC directive of enforcing the risk-based UC Security policy and conducts Vendor Risk Assessments for the Office of Finance, Operations, and Administration Unit of UC Davis. Prior to joining the UC Davis Higher Education group, she was a Cybersecurity Analyst responsible for managing and responding to the organization's SIEM tool, leading Cybersecurity Awareness training for 1600+ employees, and enforcing email security for a large manufacturing and construction company. Before Naomi began her career in IT and Cybersecurity, she owned and operated a hair salon in Downtown Sacramento, led instructional training for a prestigious hair product company, and maintained a full clientele for eight years.

Some would say that Naomi's entry into IT and Cybersecurity was unorthodox because she did not follow the traditional path of obtaining an IT degree or a plethora of IT certifications and years of experience. Put very simply, she was hungry, interested, and determined to be successful in a new career. Through self-led education and mentorship from her esteemed IT and Cybersecurity cohort, she has been able to grow in her career at an accelerated pace. The world needs more IT and Cybersecurity professionals. Naomi's story is proof that people of all backgrounds can break into the industry, but it will take hard work and someone to give them a chance. Her hope is to see more people from diverse backgrounds join the Cybersecurity workforce, after all, the world needs it!

Introduction to IT Risk Management Workshop
Session Code: S74
Start: 6/16/2021 10:15 AM
End: 6/16/2021 12:45 PM
Tags: Risk & Compliance, Managing & Leading Security
Session Description
Successful information security programs in higher education rely on consistent, ongoing IT risk management practices, including annual IT risk assessments. This workshop will introduce foundational IT risk management concepts, including how to conduct a simplified IT risk assessment in partnership with your institution's information security or risk management team. This workshop is designed for anyone on campus responsible for managing assets and/or protecting institutional data.

Prerequisites
Basic IT working experience.

Speaker Bios
Valerie Vogel (Strategic Consultant)
Most recently the Senior Manager of the Cybersecurity Program at EDUCAUSE, Valerie has more than 20 years of experience in higher education information security. Her expertise includes program development and management, information security awareness and education programs, and community building activities.

Joanna Grama has more than 20 years of experience with a strong focus in law, higher education, information security, and data privacy. Joanna's passion for designing effective, standards-based, and end-user focused organizational information security policy frameworks helps organizations successfully evolve their information security program risk and compliance functions. Joanna is skilled at helping all technology users understand complicated information security and privacy concepts.

A former member of the U.S. Department of Homeland Security's Data Privacy and Integrity Advisory Committee, Joanna is a frequent author and regular speaker on information security and privacy topics. She is also a board member for the Central Indiana chapter of the Information Systems Audit and Control Association (ISACA); and a member of the International Association for Privacy Professionals (IAPP), the American Bar Association, Section of Science and Technology Law (Information Security Committee), and the Indiana State Bar Association (Written Publications Committee). She has earned the CISSP, CIPT, CDPSE, CRISC, and GSTRT certifications. The third edition of Joanna's textbook, LEGAL ISSUES IN INFORMATION SECURITY, will be published in 2021.

Before joining Vantage, Joanna was Director of Cybersecurity and IT Governance, Risk and Compliance programs at EDUCAUSE where she directed programs designed to help improve higher education information security governance, compliance, data protection, and privacy postures. Before her EDUCAUSE experience, Joanna worked in the IT group at Purdue University as the Information Security Policy & Compliance Director. Joanna graduated from the University of Illinois College of Law with honors and practiced law before joining the Purdue staff. Her undergraduate degree is from the University of Minnesota-Twin Cities.

Matt Morton has more than 20 years of experience in IT focused on information security, IT management, organizational development and strategic technology architecture. Through hands-on management savvy and innovative strategic expertise, Matt has a strong record of delivering value to organizations while balancing security and effectiveness.

Most recently, Matt was the Executive Director and Chief Information Security Officer at the University of Nebraska. While there he facilitated the design and development of a new security organization serving all campuses in the university system. Prior to that, Matt served as the Chief Information Security Officer and Assistant Chief Information Officer at the University of Nebraska at Omaha where he established the Information Security Department by utilizing existing resources and re-purposing staff from other IT support roles.

Before his University of Nebraska experience, Matt worked as an independent consultant, and managed software development functions and served as the Director of Information Services at Buena Vista University. Matt graduated from the University of Nebraska at Omaha with a Bachelor's degree in Management Information Systems and from Upper Iowa University with a Master's degree in Higher Education Administration. He also holds HCISPP, CISSP, CISM and CGEIT certifications through ISC2 and ISACA.

Matt is a board member of the NebraskaCERT, an organization whose mission is based on two pillars of information security excellence: sharing knowledge and applied research. In 2021, Matt was elected as the organization's Chief Financial Officer.

AWS - Intrusion analysis and mitigation with a kill chain framework
Session Code: [EXPO]
Start: 6/15/2021 10:30 AM
End: 6/15/2021 11:30 AM
Session Description
Cyber attackers follow a process leveraging modern technology, data, and other resources to infiltrate their targets. Attackers follow a defined set of phases and actions to execute attacks known as a "kill chain". In this session we'll introduce a modified and modern intrusion analysis framework and process. We'll explore how to leverage that framework to mitigate risk, thwart attackers, and minimize intrusions in today's cloud first or hybrid-cloud world.

Building a World Class Security Program
Session Code: [EXPO]
Start: 6/16/2021 10:30 AM
End: 6/16/2021 11:30 AM
Session Description
There is no "play-book" for today's information security officer to becoming a successful leader. With thousands of security technologies, millions of threat actors, and new attack vectors to defend against, simply working harder won't solve the problem. Information security leaders must transform from reactive, infrastructure-focused, into proactive, business-aligned security leaders.

A world class security program combines people, process, and technology. The best security programs are guided by dynamic leaders who understand the business to provide consistent demonstrable value. Objectives: This interactive session will provide the audience with proven techniques for building a world class security program, starting with core building blocks and tips on how to tie the security program to organization value. Then covering concepts, framework, organization structure, and tools essential for enabling people, process and technology to collaborate on and redefine a business-aligned security program. Linking the security program to the business goals, risk exposures, and real threats.

Speaker Bios
James Christiansen is Netskope's vice president of cloud security transformation and leader of the Global Chief Strategy Office. He is focused on enhancing Netskope's global clients understand the challenges and solutions of cloud deployments by helping drive thought leadership in cloud security transformation.

James brings extensive expertise as a global leader in information security. Prior to joining Netskope, he was vice president CISO at Teradata where he led the global security, physical, and information security teams. Previously, James was vice president of information risk management at Optiv, chief information risk officer for Evantix, and CISO at Experian Americas, General Motors, and Visa International.

As a sought-after expert speaker on security, James has been featured at numerous prestigious events, including the Business Roundtable, Research Board, American Bar Association, American Banker, the RSA Conference, BankInfoSecurity, ISSA, ISACA, HIMSS, and MIS Training Institute. He has also been featured in The New York Times and quoted as an expert in USA Today, The Wall Street Journal, Reuters, United States Cybersecurity Magazine, Bloomberg, and Healthcare IT News.

James is a patent inventor and has received three innovation awards in cyber security, GRC, and cloud computing. He is the author of the Internet Survival Series and contributing author of CISO Essentials, as well as numerous industry papers.

Fortinet - Getting Hybrid Clouds, Security and Networking Right
Session Code: [EXPO]
Start: 6/16/2021 11:00 AM
End: 6/16/2021 11:30 AM
Session Description
Enterprise IT strategies have always been determined by the dynamics of centralized and distributed computing. Indeed, one could say that networking and security always follow the compute.

2021 State of Malware
Session Code: [EXPO]
Start: 6/16/2021 11:00 AM
End: 6/16/2021 11:30 AM
Session Description
Over the past year, the tools and tactics of cybercrime and cybersecurity adapted against a backdrop of enormous changes to our lives and businesses.

Join us to learn how cybercrime evolved in 2020, and identify ways to safeguard your organization against what’s out there.

We'll explore:
*Top threats for businesses and consumers
*Emerging cybercrime trends and tactics
*Solutions you can employ to thwart future attacks

Speaker Bios
Michael Greer has spent the last decade helping businesses of all industries and sizes to find, implement and manage mobility solutions. Michael is currently a Senior Sales Engineer at Malwarebytes providing technical support for strategic account customers in North America. Michael is truly passionate about leveraging technology to make life and work easier and evangelizing the benefits of mobility.

Getting Hybrid Clouds, Security and Networking Right
Start: 6/16/2021 11:00 AM
End: 6/16/2021 11:30 PM
Session Description
Enterprise IT strategies have always been determined by the dynamics of centralized and distributed computing. Indeed, one could say that networking and security always follow the compute. Rapid adoption of hybrid clouds means networks are now more distributed than ever before and business value shifting to agility, innovation and software - leading to the rise of the software defined enterprise.

Hybrid cloud adoption is also driving three strategic technology trends: Zero Trust, SD-WAN, and SASE. Going forward, IT teams will have to grapple with these key trends while managing a combination of in-house and service provider solutions, while balancing risk management with business objectives and customer experiences. How should we think about computing, networking, and security when enterprises own less and less infrastructure, platform and software? In this session, we'll review practical strategies to secure hybrid clouds while delivering better outcomes and experiences.

Speaker Bios
Jonanthan Nguyen-Duy
Recognized as one of the top 75 cybersecurity thought leaders of 2019. Head of global security advisory team and executive lead for strategy and analytics at Fortinet – the only company with security solutions for network, endpoint, application, data center, cloud, and access designed to work together as an integrated and collaborative security fabric. With extensive experience in security and business continuity, Jonathan's work at Fortinet is focused on strategy, data analytics and helping enterprises with digital transformation for security from the IoT edge, across enterprise networks, to hybrid clouds.

Widely published security expert and frequent speaker at industry events with unique global commercial and public sector experience as well as a deep understanding of threats, technology, compliance and business issues. Holds a patent for IoT security, BA in International Economics and an MBA in IT Marketing and International Business from George Washington University.

Dave Zavaston
Dave enjoys a good wine while debating the merits of safe spaces in higher education. His day job is running the UC Davis Data Center and all associated critical campus services. He manages the operations and infrastructure teams and loves finding new technologies and deploying them. Fun projects he has worked on include virtualizing a data center, migrating data centers, deploying hyperconverged infrastructure, and a failed deployment of NSX.

Dave has degrees in German, Computer Science, and an MBA, all from UC Davis.

AWS Control Tower SSO using SAML and Grouper
Session Code: S28
Start: 6/16/2021 11:05 AM
End: 6/16/2021 11:35 AM
Tags: IAM, Cloud Security
Session Description
UC Berkeley's AWS Control Tower implementation is integrated with Shibboleth for SAML SSO. For authorizations we leverage Internet2's Grouper heavily. Our phase 1 deployment makes use of Grouper groups to delegate permissions to individual AWS accounts provisioned by Control Tower. For this to work we wrote an interface to AWS Control Tower's SCIM API.

This session will include an overview of AWS Control Tower, the benefits of SSO integration, examples of command line SSO integration, and how Grouper can be leveraged as a source for SSO users and groups.

Prerequisites
Some knowledge of AWS concepts

Speaker Bios
Jonathan Taylor is a member of UC Berkeley's Information Security Office focusing on Identity Management. His primary focus is on helping to manage Berkeley's web single sign on service, automation, and cloud architecture.

Securing 3rd party research datasets in your environments
Session Code: S18
Start: 6/16/2021 11:05 AM
End: 6/16/2021 11:35 AM
Tags: Research Security, Data Privacy & Integrity
Session Description
Over the years we've gotten better and better at securing our institutions' data. As our collaboration with other entities grows, we increasingly find ourselves hosting other people's data. Do you know how many 3rd party datasets you have? Do you know where they are? Do you know your security obligations as part of the contract/agreement when you receive the datasets?

In this session, we will examine the security requirement trends and risks associated with hosting 3rd party datasets (with emphasis on datasets received through research collaboration and sponsors). We will also share thoughts and existing efforts underway at UCSF School of Medicine to address risks in this area. By no means do we have this solved, and we look forward to generating discussions on best practices that can be shared.

Prerequisites
None.

Speaker Bios
Jamie Lam is a proponent of finding the right balance between cybersecurity and business priorities, and she helps researchers and business leaders gain the knowledge and confidence to manage cybersecurity risk. She loves sharing cybersecurity stories to get people excited about the topic. She believes that if you have the knowledge, you have the power to make the best risk decision for yourself. In Jamie's not so spare time, she is usually wrangling her toddler to navigate real life risks instead.

California's New Privacy Laws: How Will They Impact UC
Session Code: S04
Start: 6/16/2021 11:05 AM
End: 6/16/2021 11:50 AM
Tags: Data Privacy & Integrity, Risk & Compliance
Session Description
The session will discuss the California Consumer Privacy Act and the California Privacy Rights Act of 2020, and how the laws may impact the University.

Prerequisites
None.

Speaker Bios
Hillary Noll Kalay is Senior Counsel for UC Legal's Health and Technology Law group. Hillary joined UC Legal in January 2016 and provides guidance on clinical research matters, data initiatives, U.S. and international privacy laws, and supports UC Health procurement. Hillary led UC Legal's effort in educating and advising stakeholders on the EU General Data Protection Regulation. Prior to joining UC Legal, Hillary served as Research Policy Manager for UC's Research Policy Analysis and Coordination unit, developing University policy on clinical research and negotiating and advising campuses on clinical research agreements. Prior to joining UC, Hillary practiced intellectual property litigation at national law firms. Hillary is a graduate of the University of California, Berkeley (BA,MPP), and NYU School of Law.

Hannah Noll-Wilensky joined UC Legal in October 2020 as a Fellow and supports the Health and Technology Law group in matters relating to cybersecurity, privacy, Title IX policy, and health care compliance. Prior to joining UC, Hannah served as a law clerk for the ACLU Women's Rights Project, the UCSF/UC Hastings Medical Legal Clinic for Seniors, and the Giffords Law Center to Prevent Gun Violence. Hannah is a graduate of Lewis and Clark College (BA), and the University of California, Hastings College of the Law.

Successful Talent Retention
Session Code: S70
Start: 6/16/2021 11:05 AM
End: 6/16/2021 11:50 AM
Tags: Managing & Leading Security
Session Description
The challenge of staff retention in cybersecurity is as perennial and pervasive as the cyber threats themselves. Information security programs can be far more effective with stable, fully staffed teams. Long standing vacancies and revolving doors are demoralizing and counterproductive.

And now a new and powerful variable has been added: remote work. How does this new option affect competition for cybersecurity talent?

In this session, we'll share the dramatic story of building the infosec and privacy teams at Stanford over the past eight years, focusing on the lessons we learned along the way -- what worked, what didn't, and why.

To stimulate a lively discussion, we'll invite participants to share their best practices and lessons learned.

Prerequisites
None.

Speaker Bios
Michael Tran Duff completed his three degrees in computer science and physics at MIT. While there, he founded an electronic medical records company and later served as Chief Technology Officer of the acquiring organization. Michael then devoted a year to teaching undergraduate and graduate computer science courses as a Visiting Instructor at Miami University in Ohio before relocating to the Bay Area, where he led the information security program at SRI International in Menlo Park for the next 11 years. Michael joined Stanford in 2012 and ascended to the Chief Information Security Officer role in 2013. At Stanford, he added the Chief Privacy Officer role in 2019.

12:00 PM - Product Updates

CrowdStrike/Netskope
Session Code: [EXPO]
Start: 6/16/2021 12:00 PM
End: 6/16/2021 12:30 PM
Session Description
The increasing use of cloud services and the ability to access them from any device makes cloud and endpoint critical points for security. Join our session, to find out how Netskope and CrowdStrike together create a defense-in-breadth solution, extending advanced threat detection across endpoints, and into cloud applications. Automated exchange of threat information between Netskope and CrowdStrike reduces the time required for cloud threat detection, forensic analysis and prevention.

Speaker Bios
Matt Clark with Netskope

Brad Weinstein with CrowdStrike

Gaining Network Visibility and Control with Network Access Control
Session Code: [EXPO]
Start: 6/16/2021 12:00 PM
End: 6/16/2021 12:30 PM
Session Description
Join this technical product update to hear how Fortinet's Network Access Control solution, FortiNAC, provides network visibility, control and with automated response. By detecting every device and user on the network, FortiNAC can see and profile everything, even headless devices.

Attendees will learn how FortiNAC can micro-segment the network into narrow slices, using policy to place devices into the appropriate slice when devices are profiled. Additionally, viewers will see how extensive multi-vendor support enables FortiNAC to configure switches, access points, and firewalls in almost any network to restrict devices to the minimal network access necessary. Furthermore, FortiNAC can take automated actions based on pre-set triggers to quarantine or otherwise respond in seconds to identified risks.

Speaker Bios
Peter Newton is a Senior Director of Products and Solutions at Fortinet, where he oversees the Zero-Trust Access (ZTA), LAN Edge, Operational Technology (OT) and IoT solutions. He brings 20 years of experience with computer networking and security, working at both chip-level and system level solutions for companies including AMD, Netgear, Silver Spring Networks, and Fortinet. Prior work experience includes being an officer in the US Navy. Peter holds a Bachelor's of Science in Electrical Engineering from Rice University and a Master's in Business Administration from the University of Texas at Austin.

Azure Sentinel - Standing Watch, by your side
Session Code: [EXPO]
Start: 6/16/2021 12:00 PM
End: 6/16/2021 12:30 PM
Session Description
See and Stop Threats Before They Cause Harm, with SIEM Reinvented for a Modern World

Speaker Bios
Carl Kishel
Tech Strategist
Microsoft Education Team

Tenable
Session Code: [EXPO]
Start: 6/16/2021 12:00 PM
End: 6/16/2021 12:30 PM
Session Description
Product Update

Elastic
Session Code: [EXPO]
Start: 6/16/2021 12:00 PM
End: 6/16/2021 12:30 PM
Session Description
You may have heard how teams at UC Davis are using Elastic for security event management, but did you know that Elastic is building for a new age of threat hunting with cutting-edge security features like out-of-the-box detection rules and dashboards, integrated machine learning jobs, and comprehensive endpoint security tools? Come and see how Elastic can help you bring together security data from every outpost of your university, generate visualizations with drag-and-drop tools, and get to insights within minutes without having to master query language. The Elastic team is excited to connect with you and showcase what they've created to help you protect your university today, tomorrow, and into the future.

Speaker Bios
Ruben Perez

Using Splunk for Security (An overview of Security cloud, SOAR)
Session Code: [EXPO]
Start: 6/16/2021 12:00 PM
End: 6/16/2021 12:30 PM
Session Description

Speaker Bios
Jesse Trucks

12:30 PM

Implementing a Cloud Access Security Broker (CASB)
Session Code: S41
Start: 6/16/2021 12:30 PM
End: 6/16/2021 01:00 PM
Tags: Security Operations, Cloud Security
Session Description
Sacramento State recently implemented Prisma as their Cloud Access Security Broker (CASB). Learn what we did for our planning and initial implementation. We will discuss our technical choices, customer service strategy, and Secure File Storage and Sharing web presence. We started with a narrow scope and spent time building out our customer facing documentation and communications. We set the groundwork by getting the word out to key campus community members and executives. We got early feedback which helped to direct our efforts. Then we "turned on the switch." Find out what happened next with our CASB implementation experience.

Prerequisites
General familiarity with Information Security terms is not required but helpful.

Speaker Bios
Brad Grebitus is a Desktop and Client Security Lead at Sacramento State. Along with other project roll outs, he was responsible for implementing Palo Alto's Prisma CASB product to scan Sacramento State's cloud environment for sensitive data. His day to day responsibilities include oversight of desktop security, security awareness, and security tools management.

Prepare for the Arrival of the 6 GHz Band & Wi-Fi 6E
Session Code: [EXPO]
Start: 6/16/2021 12:30 PM
End: 6/16/2021 01:10 PM
Session Description
The allocation of the 6 GHz band to Wi-Fi represents the largest single allocation of spectrum in history for unlicensed use and is the result of ongoing advocacy by Aruba and other leading organizations. Chuck Lukaszewski, Vice President, Wireless Strategy and Standards, will provide us with a greater understanding of Wi-Fi 6E and all that it entails.

Achieving Accessibility in Information Technology
Session Code: S65
Start: 6/16/2021 12:30 PM
End: 6/16/2021 01:15 PM
Tags: Health, DEI
Session Description
This session will address the legal requirement and cultural expectations of accommodating individuals with disabilities with regards to Information Technology. There will be a brief historical overview. The Americans with Disabilities Act will be reviewed, along with the recent technology Amendments to the Rehabilitation Act of 1973. Current UC Davis Health IT Evaluation processes will be covered, including working examples. It will discuss the different requirements and accommodation for Patients, the General Public, Students and Staff. Sources for additional information will be provided. The intention is to provide all attendees with the initial tools to achieve compliance for these communities.

Prerequisites
None.

Speaker Bios
The Speaker is currently an Information Services Analyst for the Enterprise Application division of Information Technology at UC Davis Health. He was the staff analyst for IT's Accessibility Task Force. He was the lead analyst for the resulting Staff Goal that surveyed all the departments applications for Accessibility compliance. He has served on the IT Evaluation Committee as the Accessibility reviewer for six years, as well as a committee facilitator for four, working with hundreds of potential vendors on this subject.

Prior to working at UC Davis Health, the speaker worked for California's Legislature and Executive branch for eight years. He served as the Assistant Director of Legislation and External Affairs for the Department of Rehabilitation (the state's lead agency for Californians with Disabilities), as an appointee of governors of both parties. In this role, he was the representative of the department to the Legislature, local governments, and local, state and national media. He wrote the California analysis of the Federal 1998 Amendments to the Rehabilitation Act of 1973 and was the state's spokesperson on the Americans with Disabilities Act. He also served as the Assembly Human Services Committee lead consultant on disability issues and as a Legislative Aide to an assemblymember.

Prior to this, he was the Editor in Chief of the Hudson (NJ) Reporter newspaper chain, where he covered mass-transit issues and disability rights. He was the Editorial Editor of the Badger Herald (where he started a series on students with disabilities).

The Speaker graduated from the University of Wisconsin at Madison with a Major in Political Science and a Concentration in Astrophysics. He later studied Information Technology and Project Management at the UC Davis Extension.

Assessing Industrial Controls System Security
Session Code: S67
Start: 6/16/2021 12:30 PM
End: 6/16/2021 01:15 PM
Tags: Risk & Compliance
Session Description
The session will cover the challenges faced when assessing industrial control systems, and methods that can be used to overcome those challenges. The purpose of the session is to generate dialogue between the participants to promote a mutually beneficial information exchange.

Prerequisites
Participants should have a security background, and understand Industrial Controls Systems environments, including controls for water, gas, sewer, and environmental controls.

Speaker Bios
Petr Brym served four years as the Director of Information Technology Security at the University of New Hampshire, where the position also served the University System of New Hampshire. Subsequently Petr served as the Chief Security Officer for UC Berkeley Student Affairs from 2013 to 2017, and currently serves as an Assistant CISO at UC Davis, overseeing the Vendor Risk Assessments, Support for PCI Compliance, and Critical Infrastructure risk assessments. In these capacities, Petr serves both as a manager and as an assessor.

Bio for Julio Cardenas is pending.

Data Security in a Cloud-First World
Session Code: [EXPO]
Start: 6/16/2021 12:30 PM
End: 6/16/2021 01:15 PM
Session Description
Product update from Netskope.

Speaker Bios
Ray Canzanese with Netskope

Hardening systems with DUO/2FA & security best practices
Session Code: S09
Start: 6/16/2021 12:30 PM
End: 6/16/2021 01:15 PM
Tags: IAM, Security Operations
Session Description
UC has extensive policy information on "WHAT" is required, security wise, to harden Windows and Linux systems and servers. This includes patching, security mitigations, two-factor authentication and password policies, logging, and more. What can be a challenge for some departments and smaller IT groups is HOW to implement the necessary changes to adhere to the security policies and guidelines.

This presentation is meant as a guide for departments that are struggling with "HOW" do I implement questions. It contains a collection of solutions and ideas on HOW the UCSF Radiology Department met some of the more challenging requirements such as 2FA, password management, and best practices for admin credential management security scanning. We will share the gotchas and issues we identified along the way and the technical solutions we selected to address them.

Prerequisites
Windows or Linux system administration
Familiarity with DUO or 2FA technology

Speaker Bios
John Emery is the Assistant Director of Clinical IT Operations and a Computer Engineer with over 20+ years of admin experience and specializes in security, automation tools, support and operational process engineering.

Jeff Block is the Director of Infrastructure within Imaging IT at UCSF. Jeff has been working in Information Technology for over 20 years, 16 of which have been at UCSF. Jeff has transformed how imaging infrastructure is supported at UCSF with a focus on high availability, security, robust design, process improvement, and system uptime.

Reece Webb is a Solution Architect within Imaging IT at UCSF with over 20 years of experience in Information Technology. Reece specializes in the design, development, and implementation of technical solutions to meet the ever-evolving needs of the Department and Enterprise, with a focus on scalability and adherence to industry best practices.

Just Right Security that Won't Make You Want to Run Away
Session Code: S11
Start: 6/16/2021 12:30 PM
End: 6/16/2021 01:15 PM
Tags: Managing & Leading Security, Risk & Compliance
Session Description
Security plans, inventories, risk assessments and hundreds of controls. It can all seem overwhelming. How do you determine what cybersecurity plan works for you and your business goals?

In this session, we will discuss common pain points and make suggestions for how to begin to manage cyber risk. We'll talk through concrete strategies and action plans for a successful risk management program. There is no magic solution, only hard work and discipline, but we promise that you won't want to run away into the wilderness after this session. With support and a solid plan, you'll discover what is "just right" for your Unit.
Business leaders, security leads, Unit Information Security Leads, architects, developers, project managers, business analysts, compliance officials, and policy ambassadors will all benefit from this presentation.

Prerequisites
Attendees will get the most out of this session if they have scanned the latest version of IS-3. Scanning the standards will also be useful.

Speaker Bios
Robert Smith serves as the Systemwide IT Policy Director at the University of California, Office of the President Systemwide CISO's office. He has been with the University of California since 2011. Before this role was the senior director of technology for student affairs at UC Riverside, where he was the lead for IT security and compliance, software development, infrastructure, services, and program management. Robert's experience covers multiple industry areas, including; FDA/HIPAA regulated, DoD, corporate environments, and product development. Notably, he ran enterprise endpoint security product development and other projects during his years at Symantec. He participates in UC-wide security initiatives that focus on shared services, PCI, and HIPAA. Robert functions as a threat analyst helping to coordinate incident response and intelligence sharing with and from ISACs and law enforcement. He has written articles and short stories on security, compliance, and IT for the Journal of GxP Compliance. Robert regularly speaks on IT and security topics. Recent events include the EDUCAUSE Security Professionals Conference, H-ISAC events, ITPS monthly meetings, University of California Information Security Symposiums, and University of California Cyber Security Summits, among others.

What do you do all day, privacy officer?
Session Code: S49
Start: 6/16/2021 12:30 PM
End: 6/16/2021 01:15 PM
Tags: Data Privacy & Integrity, Managing & Leading Security
Session Description
The privacy officer role is relatively new to higher education, and most in the community don't know when to engage with their privacy office, if they have one at all. Sometimes, the privacy role is conflated with the security role. But the privacy office provides a unique and valuable service to the university community. In this session, we'll talk about why privacy is increasingly important in today's world, what a privacy officer does, and how privacy can help the university achieve its goals.

Prerequisites
None.

Speaker Bios
Pegah Parsi is the campus privacy officer at UC San Diego where she spearheads the privacy and data protection efforts for the research, educational, and service enterprise. She manages a complex portfolio of privacy initiatives related to employees, students, applicants, alumni, and research participants and provides guidance on privacy laws and regulations, such as the GDPR, FERPA, HIPAA, California privacy laws, and research privacy/Common Rule. She provides thought leadership on privacy values, ethical frameworks, and philosophy. Her day may involve anything from a consult on license plate readers to research involving smart devices to using predictive analytics to support student success.

She is passionate about data ethics and privacy as a civil rights issue.

Prior to San Diego, Pegah was a privacy manager at Stanford University, focusing on medical studies and international collaborations. She is an attorney and holds an MBA. In her spare time, she advises clients on immigration and asylum matters. She is a Veteran, who, among other things, was the Honor Grad of Army Truck Driver school!

Rule the World with BigFix at UC Davis, an Introduction
Session Code: S32
Start: 6/16/2021 12:30 PM
End: 6/16/2021 2:30 PM
Tags: Security Fundamentals, Workshop/Lab
Session Description
This lab will provide a hands-on introduction to using the UC Davis BigFix platform including a tour of the various BigFix components, introduction to Relevance and Action languages, walkthroughs of basic patching and software deployment, and resources to learn even more about BigFix. It is intended primarily for people who are (relatively) new to the BigFix platform at UC Davis, though we welcome intermediate and advanced users (though we might call on you to share your knowledge!)

Prerequisites
Approximately half of the session will be general theory/training accessible to any BigFix user. However, some of the hands-on sections will be specific to UC Davis participants. Participants from other locations are welcome to follow along but may not be able to fully participate.
Participants must have departmental access to the UC Davis BigFix Console, WebUI, and Web Reports
No knowledge of BigFix is assumed: you just need access

Speaker Bios
Jeremy Phillips is the Director of the College of Letters and Science IT Services Unit and the Product Owner for the Aggie Desktop initiative, which uses BigFix to manage and patch ~7,000 systems across UC Davis. He has been using BigFix for more than 10 years.

Dean Bunn is a system admin\developer in the College of Engineering. He has been a member of the UC Davis BigFix administration team for 9 years.

Anthony Shriver is the IT team lead/desktop engineer in the School of Education. He has been a member of the UC Davis BigFix administration team for 3 years.

Creating a Comprehensive Security Fabric
Session Code: [EXPO]
Start: 6/16/2021 1:00 PM
End: 6/16/2021 1:30 PM
Session Description
Organizations are rapidly adopting digital innovation (DI) initiatives to accelerate business, reduce costs, improve efficiency, and provide better customer experiences. Common initiatives involve moving applications and workflows to the cloud, deploying Internet-of-Things (IoT) devices on the corporate network, and expanding the organization's footprint to new branch locations.

With this evolving infrastructure also comes security risks. Organizations must cope with growing attack surfaces, advanced threats, increased infrastructure complexity, and an expanding regulatory landscape. To accomplish their desired DI outcomes while effectively managing risks and minimizing complexities, organizations need to adopt a cybersecurity platform that provides broad visibility across their environment and a means to easily manage both security and network operations.

The Fortinet Security Fabric solves these challenges with broad, integrated, and automated solutions that enable:
Security-driven Networking that secures and accelerates the network and user experience.
Zero-trust Network Access that identifies and secures users and devices both on and off network.
Dynamic Cloud Security that secures and controls cloud infrastructure and applications.
Artificial intelligence (AI)-driven Security Operations that automatically prevents, detects, and responds to cyber threats.

Additionally, the Security Fabric ecosystem helps minimize gaps in enterprise security architectures while maximizing security return on investment (ROI), all under a single management console.

Participants who attend this workshop will learn how to:
- Introduce the Fortinet Security Fabric and the main business drivers
- Detail specific components that make up the Security Fabric
- Build a comprehensive solution to prevent, detect and respond to security incidents using the broad, integrated, and automated approach.

Speaker Bios
Adam Thomas is a seasoned technology professional with 25+ years of experience in the IT vendor space working in technical and management roles, helping customers and partners achieve their goals and objectives while keeping cost and complexity under control. His primary focus is partnering with key players to educate and promote greater awareness of the latest threats and countermeasures, to help improve security posture and automation to minimize negative impacts to business operations. In his current role as Sr. Systems Engineer, he is responsible for the technical relationships with dozens of CA.GOV and NV.GOV agencies as well as multiple UC Campuses.

1:30 PM

Security Strategy for the C-Suite
Session Code: [EXPO]
Start: 6/16/2021 01:30 PM
End: 6/16/2021 02:00 PM
Session Description
The world of business is changing, demanding a significant change in technology adoption. This changes the risks, which also changes the role and expectations of security leaders. How will we respond?

Speaker Bios
Shamla Naidoo, Office of the CSO, Netskope

Tenable
Session Code: [EXPO]
Start: 6/16/2021 01:30 PM
End: 6/16/2021 02:30 PM
Session Description
Nearly every attack on enterprise networks target Active Directory. The main reason is that AD holds the "Keys to the Kingdom" and once AD is compromised, the entire network is compromised. Therefore, securing AD is paramount and negating lateral movement and privilege escalation becomes priority one for all organizations running Active Directory. Let 17X Microsoft MVP Derek Melber walk you through the finer points on how Tenable.ad can help you prepare for an attack by cleaning up your existing AD security, maintaining a hardened security posture, and even detecting attacks on AD in real time. You can't miss this revolutionary approach to securing AD and preparing for an attack.

Speaker Bios
Derek Melber is a 17-time Microsoft MVP with deep knowledge of Group Policy, Active Directory, desktop management and Windows security. As a public speaker and technology evangelist, he has educated AD administrators in over 30 countries about how to efficiently and effectively secure Active Directory and Azure AD. He has published a broad range of educational content, including books, articles and videos, that demystify the most complex and technical subjects in an energetic and understandable style

Security and Compliance vs. Flexible Clinical Analytics
Session Code: S19
Start: 6/16/2021 01:35 PM
End: 6/16/2021 02:05 PM
Tags: Research Security
Session Description
Researchers often want to re-use HIPAA protected EHR databases to create clinical knowledge. Although the secondary use of observational clinical data can offer value, constraints imposed by security protocols or HIPAA regulations can deter or frustrate uses. The purpose of this session is to review various processes and databases created by UC Health and individual campuses to improve the ability for researchers to securely analyze data. Our team will describe some of the following processes and databases:
• Deployment of secure analytical environments for researchers
• Creation of de-identified database to allow researchers to safely explore the data on their own
• Development of processes to help researcher discover measure theoretical concepts in de-identified databases, and then get assistance to deploy the algorithms within identified databases

Our discussion will focus on how we can adapt to the growing need to provide and share data, while continuing to maintain security protocols. We may focus on a few use cases such as the UC Health "CORDS" Covid-19 limited dataset.

Prerequisites
Interest in the secondary use of EHR data for research

Interest in methods in the challenging balance between data security and the need for researchers to explore and learn from data

Speaker Bios
Brian Paciotti received a PhD in Human Ecology from the University of California, Davis. He organizational behavior among Tanzanian ethnic groups. After the Tanzanian government accused him of being a CIA spy, he left the country and analyzed US homicide data. Brian earned a Health Informatics master's degree from UC Davis in 2010 where he used data mining techniques to understand the quality of hospital data. Brian has skills in database and statistical programming, and has extensive experience working with a variety of healthcare datasets (e.g., claims data, electronic health records (EHR)). These skills were developed by working in a variety of healthcare settings—both private and public. In the public sector, Brian worked for the California Office of Statewide Health Planning and Development to measure statewide hospital quality with risk-adjusted "report cards". He later started working for UC Davis to provide informatics and statistical services to research projects related to autism and clinical outcomes. Brian joined the UC Davis Institute for Population Health Improvement in 2012, where he worked as a consultant to the Directors Office at the California Department of Health Care Services (Medi-Cal). Working for Medi-Cal, Brian created analytical reports related to health disparities and Medi-Cal's highest cost members. In the private sector, continuing with Medicaid research and data science, Brian worked for a health analytics company called Optum where he provided analytical consulting services to Medi-Cal. In addition, he worked for an analytics start-up company to create algorithms to identify providers with problems in their billing documentation. The work helped providers participating in Medicare and government health exchanges identify "gaps" in diagnosis coding the result in missed revenue opportunities. Brian currently works in the Research IT department at the UC Davis Health System where he transforms complex raw clinical data into actionable information. In addition, he is a volunteer clinical faculty member for the UC Davis Department of Public Health where he supports MPH students and advises faculty members about how to access and transform clinical data. Overall, Brian is passionate to improve health services using data and science—he believes that that data, information, and knowledge from a variety of sources will offer opportunities to improve quality and lower costs.

The Compound Effect of Security Training
Session Code: S72
Start: 6/16/2021 01:35 PM
End: 6/16/2021 02:05 PM
Tags: Security Fundamentals
Session Description
The benefits of a building a security training program above and beyond just awareness.

Prerequisites
None.

Speaker Bios
Lee Smith is an IT Security Operations Manager at UC Davis Health. Managing a team supporting the University's mission to advance healthcare. He has over 25 years of experience in IT, serving in various roles and leadership capacities. He has been technical advisor during the creation of the telemedicine program and lead the implementation and management of over 800 mobile devices enterprise wide. In his current role Lee and his team are dedicated to reducing cyber-risk by partnering with technical, business and clinical leaders to integrate security practices in the fabric of the organization.

Building a Bug Bounty Program
Session Code: S69
Start: 6/16/2021 01:35 PM
End: 6/16/2021 02:20 PM
Tags: Risk & Compliance
Session Description
In 2019, Stanford commenced an experiment in improving the university's cybersecurity posture through formalized community involvement: a bug bounty program. Under this program, students and employees can responsibly hunt for cybersecurity vulnerabilities and earn rewards up to $1,000 per find.

For the first time ever, our students, faculty, and staff have joined forces in discovering and reporting vulnerabilities, protecting Stanford's critical infrastructure in the process. For students in particular, the objective is to encourage the responsible application of cybersecurity skills outside of the traditional classroom environment, while providing exposure to the operations of an information security office.

In the high-stakes world of cybersecurity, we're engaged in a relentless race: finding and fixing system vulnerabilities before our adversaries discover and exploit them. We continuously scan systems for vulnerabilities, and IT teams fix them as quickly as they can. However, many vulnerabilities elude automated scanning and instead require hacking expertise and focused effort in order to uncover them. By drawing on the university community, we have amplified our ability to prevail against the cyber adversaries.

Prerequisites
None.

Speaker Bios
Michael Tran Duff completed his three degrees in computer science and physics at MIT. While there, he founded an electronic medical records company and later served as Chief Technology Officer of the acquiring organization. Michael then devoted a year to teaching undergraduate and graduate computer science courses as a Visiting Instructor at Miami University in Ohio before relocating to the Bay Area, where he led the information security program at SRI International in Menlo Park for the next 11 years. Michael joined Stanford in 2012 and ascended to the Chief Information Security Officer role in 2013. At Stanford, he added the Chief Privacy Officer role in 2019.

EdTech Ethics
Session Code: S71
Start: 6/16/2021 01:35 PM
End: 6/16/2021 02:20 PM
Tags: Data Privacy & Integrity, Managing & Leading Security
Session Description
Educational technologies were already ubiquitous in higher education before the pandemic, but they are now used even more often and in even more settings to accommodate remote teaching and learning. Universities are also increasingly interested in accessing logs, transactional information, and metadata collected by these platforms in service of student success. In this space, it is even more imperative for campuses to assess the privacy, security, and accessibility of different platforms and their own policies related to data collected and processed. In this session, we will consider some ethical questions as well as the broader impact of use of these platforms on student populations.

Prerequisites
General understanding of educational technologies

Speaker Bios
Pegah Parsi is the campus privacy officer at UC San Diego where she spearheads the privacy and data protection efforts for the research, educational, and service enterprise. She manages a complex portfolio of privacy initiatives related to employees, students, applicants, alumni, and research participants and provides guidance on privacy laws and regulations, such as the GDPR, FERPA, HIPAA, California privacy laws, and research privacy/Common Rule. She provides thought leadership on privacy values, ethical frameworks, and philosophy. Her day may involve anything from a consult on license plate readers to research involving smart devices to using predictive analytics to support student success.

She is passionate about data ethics and privacy as a civil rights issue.

Prior to San Diego, Pegah was a privacy manager at Stanford University, focusing on medical studies and international collaborations. She is an attorney and holds an MBA. In her spare time, she advises clients on immigration and asylum matters. She is a Veteran, who, among other things, was the Honor Grad of Army Truck Driver school!