Hacktober presentations

Hacktober events!

Cybersecurity awareness presentations

 

Cybersecurity Awareness Month Kickoff: State CIO Bill Kehoe

 

"Bill Kehoe"

Please join state Chief Information Officer Bill Kehoe for his kickoff presentation. Bill joined Washington Technology Solutions (WaTech) as the Director and State CIO for Washington on August 1, 2021. Prior to WaTech, he was the Chief Information Officer for Los Angeles County in California from 2017-2021, where he managed enterprise security, information management, enterprise architecture and technology consulting services for 37 county departments. Bill has a long history of managing information technology departments in local and state governments, including more than 15 years in Washington state agencies and counties. He holds a Bachelor of Science degree in electrical engineering from Gonzaga University and a project management certificate from the University of Washington. He has also completed Lean Six Sigma training.

Automated Decision-Making: State Privacy Officer Katy Ruckle

 

Katy Ruckle. WaTech's State Privacy Officer, will provide an overview of automated decision-making systems (ADS) and algorithm risks. Her presentation discusses the state's current efforts to examine the use of ADS and some of the concerns raised by the technology. Katy, a licensed attorney admitted to the Washington State Bar Association in 2005, was appointed as the Chief Privacy Officer on Jan. 1, 2020 by the state Chief Information Officer. Since her appointment, Katy has published foundational privacy principles for Washington state agencies to incorporate into their data governance practices and increased training on privacy and data protection through monthly webinars. In 2021, she lead the Automated Decision-Making Systems workgroup which culminated in a report to the Legislature. Katy previously served as the Privacy Officer and Information Governance Administrator at the Department of Social and Health Services (DSHS) where she created and implemented the agency's privacy program. She holds certifications from the International Association of Privacy Professionals (IAPP) in US privacy law (CIPP/US) and privacy program management (CIPM). In addition she is recognized as a Fellow of Information Privacy from the IAPP.

Why we should use Multi-Factor Authentication (MFA) everywhere we can: John Fox, Department of Licensing

 

John Fox discusses what Multi-Factor Authentication (MFA) is, what it's not, and why we should use it everywhere possible. John has worked for the state for nearly five years and currently supervises the information security office at the Department of Licensing. Prior to joining DOL, John held networking and security jobs in both the federal and private sectors for organizations ranging from large defense contractors down to a small television station. John has collected an alphabet of certifications over the years but is most thankful for all his experiences. In his off time, John enjoys the beautiful PNW with his family, woodworking, and football. Go Ducks!

Internet of Things & Industrial Internet of Things: Penny McKenzie, Cybersecurity Engineer at PNNL

 

Please join state Penny McKenzie for her presentation on the Internet of Things & Industrial Internet of Things. The Internet/Industrial of things (IoT/IIoT) is a technology that is changing the threat landscape for organizations, businesses, critical infrastructure, and people that can be used to exploit inherent or unknown vulnerabilities in multiple critical systems. What are some things that you can do to better protect yourself and your organization? Penny is a cybersecurity engineer at the Pacific Northwest National Laboratory, where she is the founder and lead developer of the PNNL IoT Common Operating Environment. Her specialty is Industrial Control Systems, embedded systems, and IoT cybersecurity.

Steve's presentation title goes here: Stevens Fox, Deputy CISO for Policy & Program Management

 

SStevens Fox will give a technical presentation covering WaTech's strategy and tactics for helping state agencies evolve to a risk-informed approach to building responsive security programs. Stevens is the Deputy CISO for Policy & Program Management for WaTech's Office of Cybersecurity. He has more than 15 years of international, government and private sector experience and has worked with organizations including WorkForce Software and the Internal Revenue Service. Stevens leads the cybersecurity governance, risk, and compliance initiatives for OCS, focusing on enabling the missions of our agency customers and the state of Washington overall.

Remote work and the threat of social engineering: Danton Thompson, state Department of Health

 

Danton Thompson with the Office of Innovation & Technology at the Washington State Department of Health will provide helpful tips for remote workers against two of the biggest threats facing the mobile workforce today: Social Engineering and Proper Password Hygiene. Danton, the PCI DSS (Payment Card Industry Data Security Standards) program administrator for DOH, uses his background in education and news writing to present technical information to a broad audience through the bi-weekly Washington State Department of Health Daily Dose column, Security@Health. He is a veteran of the United States Army where he served as an Information Technology Specialist supporting tactical operations centers throughout South Korea and Alaska.

How I Can Easily Attack You Through Email and Completely Compromise Your Organization: Roger Grimes, KnowBe4

 

Roger Grimes, with KnowBe4, discusses attacks including password hash theft, password spray attacks, multi-factor authentication by-pass, rogue URL attacks, and much more in a fast-paced presentation. Roger is the author of 13 books and over 1200 articles, specializing in host security and preventing hacker and malware attacks. He is a frequent speaker at national computer security conferences and was the weekly security columnist at InfoWorld and CSO magazines between 2005 - 2019. He has worked at some of the world's largest computer security companies, including, Foundstone, McAfee, and Microsoft. Roger is frequently interviewed and quoted in the media including Newsweek, CNN, NPR, and WSJ.

Scammers and scams, just part of our modern lives: Erich Kron, KnowBe4

 

Erich Kron, Security Awareness Advocate at KnowBe4, discusses the security problems we all face, the different types of scams and how we can defend ourselves and our organizations. Erich is a veteran information security professional with over 25 years' experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the US Army's 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, SACP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in Information Security.

  • Date: Oct. 26
  • Time: Noon to 1 p.m. (Pacific)
  • Place: Join presentation here
  • Slide presentation (Link will be posted here after presentation)

 

Questions? Please contact the Office of Cybersecurity.