Abstracts

 

SecureIT Abstracts
CISOA Abstracts

IT Management & Operations Trac

 

Operations/Security Tech Trac

Research / Curriculum Trac

Pannel Discussion

 

Nuts and Bolts Trac: What Every CISO Should Know Trac

Leadership Trac

Applications Trac

 

 

SecureIT Conference Presentations


To BYOD or Not to BYOD, Is that Really a Question?

Presenter: Andrea Hoy, CISSP, CISM, MBA, Vice President, ISSA, International Board of Directors

Description: Over 1.6 billion smartphones were sold over a one year period, as these phones provide more and more access (i.e. EMail, Facebook, web browsing, financials, data downloads, PowerPoint presentations, pictures) to what was traditionally only available over a PC or Mac. Ms. Hoy has designed this presentation to help the audience understand the risks created by BYOD (bring your own device) a.k.a employee-owned (student-owned) devices into the company network and telecommuting from everywhere. Also, the changes that must be considered in recreating company policies and procedures, as well as the technologies and architecture changes which might assist in securing this growing perimeter. Companies must decide to” BYOD, or Not to BYOD,” and many may find that it is not a question but a reality that must be faced.

Bio:

Vice President, ISSA International Board of Directors received her initiation into the information security community when her hard work and dedication earned her the role of Assistant Venue Manager/Supervisor at the 1984 Summer Olympics in Los Angeles, California. This position exposed her to the information security field and ignited a passion that has made Andrea, arguably, one of the leading women in her profession. She has not only served as an advisor to the Pentagon, but in 1991 Andrea received the Security Education Manager’s Award, presented to her by a representative from the Pentagon, acknowledging her work in applying Continuous Process Improvements to the implementation of information security resulting in cost savings for both industry and Government.

She has been involved in numerous committees in Washington, D.C., to establish national and international information security policies. She has assisted companies in establishing policies and procedures that comply with international privacy laws such as the European Union Privacy Directive, the Data Protection Act of 1998, and the Wet Bescherming Persoonsgegevens (WBP) Dutch Personal Data Protection Act of 2000, as well as U.S. privacy regulations such as the Gramm Leach Bliley Act 1999(GLBA), a.k.a. the Financial Modernization Act, the Health Insurance Portability and Accountability Act 1996 (HIPAA), PCI, as well as internationally accepted standards such as ISO17799/27001 & 27002. Andrea is CEO of A. Hoy & Associates, and has recently founded Sense1 Security, Inc., a thriving information security consulting firm that was established to provide essential information security expertise on immediate and specific information security and business continuity planning.

Andrea has served as the Chief Technical Officer of iQwest Technologies, focusing on security and compliance initiatives with CISOs from various Siemens operating companies and other leading global businesses. Andrea received a Masters of Business Administration from Pepperdine University in Malibu, California. Prior to that, she graduated Magna Cum Laude and was entered into the honor society of Golden Key and Beta Gamma Sigma (the Phi Beta Kappa of the School of Business).


 

Virtualization as an Educational Tool

Presenter: Jonathan C. Eugenio, Sr. Systems Engineer, West Region SoCal Virtualization Team

Description: Virtualization as an Educational Tool is a presentation on the use of application, desktop and server virtualization technologies in classroom. These technologies can be used either on campus in labs, from the student’s home or anywhere at any time.

Bio:

Jonathan is an IT technologist that has been in the industry since 1994, and has been working with Citrix technology since that time. An avid technologist, Jon has enjoyed those years since as an Information Technology professional focusing on Enterprise applications. Geographically bound to Southern California, Jon provides Pre-Sales support to SLED and Enterprise customers in the United States. Jon brings to his customers a background in large scale application deployments, disaster recovery and business continuity as well as a storage background. Educating others on the use of technology in and out of the classroom context is one of Jon’s passions. He has been with Citrix Systems for 7 years.

 


Help! The Mobile Device Invasion Is Here!

Presenter: Jim Resch, Solutions Architect, IBM Software Group

Description: Mobile device adoption for both work and school has taken off at an astonishing rate—with the trend skyrocketing month over month. In fact, industry averages forecast that
10 Conference Sessions 40 percent of endpoints will be mobile devices by 2015. Organizations around the world feel the explosive impact of this technology every day as they strive to balance productivity at work against respect for personal privacy. Given the growing trend of executives and administrators accessing e-mail and documents with their smartphones, teachers and students choosing tablets in and out of the classroom, managers viewing critical application dashboards as they walk the halls and front-line staff conducting transactions using credit card reader attachments, IT needs to take control of the situation quickly. But what exactly does it mean to “gain control”? What policies need to change? What automation options are available today for managing and securing these devices? How do you manage and secure devices that support a blend of OS platforms and functional requirements when many of the devices are personally owned and not issued by the organization?

Bio:

IBM Solutions Architect, with over 20 years of industry experience working with both US and Global organizations on strategic IT initiatives, Jim has been instrumental in assisting clients and customers select appropriate tools and technology to implement an effective IT security and management infrastructure to dramatically cut the complexity of keeping up with security challenges and configuration changes across hundreds of thousands of enterprise servers, desktops, laptops, and mobile devices. As a Solutions Architect for BigFix, Inc. and now IBM, Jim is responsible for working with other industry experts and analysts to understand the convergence of existing security and configuration management tools to develop, implement, and support a complete security and configuration management solution leveraging best-of-breed products and technologies.

 


 

 

Cloudy With A Chance Of Hack

Presenter:  John Weinschenk, President and CEO, Cenzic Inc.

Description: Cloud computing is a cost effective and efficient way for organizations to automate their processes. However, organizations need to be aware of the pitfalls of the many cloud-computing solutions out there – one of the main ones being security. Companies should ask the solution provider the security measures used in developing the application and get an independent verification to make sure there are no gaping holes. With over 75 percent of attacks occurring through the Web, any attack through these applications can lead to leakage of confidential information and embarrassment. This session will highlight the security considerations an organization needs to take into account when adopting cloud computing capabilities. The goal of this session is to help the audience understand security issues behind cloud computing – specifically those related to web applications. Attendees will learn about the most common types of hacker attacks effecting cloud environments and mistakes organizations make when securing applications. Finally, we will cover approaches to solve the problem and important security questions to ask your cloud provider.

 


Tablets & Cyber-Risk - Issues for Consideration

Presenter: Geoff Glave, Senior Product Manager, Absolute Software

Description: With the explosion of iPads and Android devices, industry analysts consider 2012 to be "The Year of the Tablet." As these devices continue to permeate the enterprise, a new series of challenges are presenting themselves to IT professionals. How is an asset tracked & managed when it is rarely fixed in place? How is data living in 'the cloud' best managed? What is 'consumerization’? What are the regulatory considerations?

This session will discuss the changing mobile landscape as relates to these emerging devices and review the forecasted platform growth & market trends. Key organizational challenges, risks to the enterprise, employer and employee will be reviewed as well as the best options available to IT management to help navigate the 'perfect storm' that heralds these devices. Additionally, the session will review the management tools made available by Apple in their "Mobile Device Management" API for iPhones and iPads and explain how the asset inventory made available to IT provides solid "actionable intelligence."

Learning Objectives:

• To increase participants' understanding of the issues relevant to tablets in the enterprise.

• To learn about the features supplied with Apple's "Mobile Device Management" API.

Bio:
Geoff Glave is a leading Product Manager and resident subject matter expert on endpoint security with Absolute Software. He plays a key role in steering business requirements into products and feature sets that define Absolute’s application while working with Absolute’s customer-facing and development teams. Geoff has worked in software product management for 15 years..

 


 

Managing the Risk of Information Access

Presenter: Dave Fowler, Courion

Description: This session explores use cases and practical frameworks that will help IT organizations identify, prioritize and more effectively manage user access risk to company information and resources. We'll discuss information-sharing environments including cloud computing, mobile computing, and collaborative solutions like SharePoint and file shares. We will also examine risks and vulnerabilities inherently embedded in these solutions. What information is being shared? Who is accessing it? What do users have access to that you are not aware of? We will then delve into what increases access risk including group privileges, vague entitlements, orphan accounts, and sensitive data sitting on public sites, etc., as well as how to quantify and prioritize these risks. Lastly, we will review access intelligence analytics, access certification and automated access allowing organizations to manage risks and ensure tighter regulatory compliance. After this session, attendees will be able to: *apply a process to identify, quantify and prioritize access risk; * outline a process and use of automation to provide ongoing monitoring and preventative controls to ensure access is within policy on an ongoing basis; and demonstrate through case studies how leading organizations were effective in managing access risk.

Bio:

Dave is a veteran of the software industry with over 35 years of industry and senior management experience in product management and development, marketing, business development and sales. As Chief Operating Officer, Dave is responsible for engineering, marketing, product management and strategic alliances. He is also chairman of the Physical Security Interoperability Alliance (PSIA), a global consortium formed to bring standards to the Physical Security industry.


Prior to Courion, Dave was the Senior Vice President of Marketing and Product Development for VidSys. He has held numerous senior executive roles at leading technology companies including Pragmatech Software, Groove Networks, Kana Software, Sun Microsystems, FTP Software, Chipcom, Wang Labs and Gradient Technologies. While at these organizations, he was instrumental in acquisition, merger and IPO activities.


Dave is a frequent speaker at industry conferences on a variety of technology topics (PSIM, physical and logical security convergence, CRM, networking and collaboration), as well as sales and marketing effectiveness, and has recently spoken at well-known industry tradeshows including GovSec, ISC West, RSA and TechSec. Dave is recognized as a leading authority on enterprise security and access risk management, and has been published and often quoted in respected business and technology publications. An advisor and board member to a number of early stage companies, Dave currently serves on the board of Azorus, a leading provider of creative CRM solutions for higher education. Dave holds a Bachelor of Science degree in Computer Science from Worcester Polytechnic Institute and an MBA from New York University.


 

Dealing with Data Mobility - What To Do When Your Data Decides to "Leave"

Presenter: Dan Reis, Director of US Product Marketing, Trend Micro

Description: n this presentation, the speaker will introduce the concept of data motility - the idea that data in the cloud is not just mobile, but can move on its own without administrators' knowledge or consent. For example, HR data that a company might have thought was located in somewhere in New England on Wednesday evening may be spread across the continental United States or Europe by Thursday morning. Enterprise agreements with cloud vendors specify that information placed in the cloud will be available when a company wants it - but not where it is living from one moment to the next. The speaker will address the concerns that this "always available from somewhere" data presents to security administrators, and how they can comply with new data privacy and processing laws when data is not location specific. Attendees will learn to:*Conduct a de-duplication program, destroying all data when it is no longer useful, ultimately decreasing storage costs; *Gain a thorough understanding from cloud service provider of the level of influence you have over how data is handled - the SLA should clearly define the controls a CSP places around a company's assets; *Consider asking your cloud provider for geographical constraints on where your data will be located.

Bio:

Dan Reis has been in the high-tech arena with companies in Silicon Valley for over 20 years. He started in operating and networking systems and moved into security over 10 years ago. Mr. Reis helped define the appliance model for security products within Nokia’s security division and CheckPoint Software as the leaders in security appliance solutions. Mr. Reis also helped define new products for other companies in areas such as URL filtering, anti-spam and content security technologies. Today, as Director of Product Marketing at Trend Micro, he is part of a team of security technologists enabling the use of cloud and virtualization technologies by providing modern security solutions that effectively monitor and capture threats on a global basis. Mr. Reis presents at industry and other trade shows, forums and customer venues as a thought leader on a variety of security topics including cloud, virtualization, and endpoint utilization with an overall focus of helping companies to control and protect their valuable digital content. Additionally, Mr. Reis is currently working on an MS in Information Systems with a focus on Security at the University of San Francisco in order to continually improve his knowledge in the constant changing world of information technology.

 


 

VDI - The Road To The Future Of Desktop Management

Presenter:  Tom Holmes, Solutions Specialist, Enterprise Division, Tangent, Inc.

Description: What are the top five features to look for in a VDI solution? How do you measure a successful VDI implementation? These topics and more will be discussed in detail by our Tangent expert on cost-effective, enterprise solutions. Tangent's presentation on VDI describes the technology behind desktop virtualization and the driving force behind the move to virtualization. Find out what is at the core of VDI technology and why innovative technologies that help meet cost-cutting and energy-saving targets now warrant closer study. Learn the benefits of VDI with respect to cost, security and management. Get the full feature-set of the Tangent Vertex VDI appliance. Vertex meets and exceeds other industry leading solutions by providing a scalable, affordable and easy to implement VDI solution. with a low start-up cost, Vertex allows for a smoother transition to a VDI environment. Take advantage of the comprehensive and FREE Pilot Program to fully engage in the VDI environment. Test drive the solution to ensure it fully meets your network security and management needs.

Bio:

Tom Holmes is a Solutions Specialist in the Enterprise Division at Tangent. He is a VMWare certified sales professional with many years of experience working directly with customers to help identify & meet their network security needs and technology management requirements. Tom is an experienced speaker with accolades from education and state/local government institutions to whom he has presented on a variety of topics, including Email Archival, Regulatory Compliancy Requirements, and Desktop Virtualization.

 


 

Virtualization as an Educational Tool

Presenter: Jonathan C. Eugenio, Sr. Systems Engineer, West Region SoCal Virtualization Team, Citrix

Description: Virtualization as an Educational Tool is a presentation on the use of application, desktop and server virtualization technologies in classroom. These technologies can be used either on campus in labs, from the student's home or anywhere at any time.

Bio:

Jon Eugenio is an IT technologist that has been in the industry since 1994, and has been working with Citrix technology since that time. An avid technologist, Jon has enjoyed those years since as an Information Technology professional focusing on Enterprise applications. Geographically bound to Southern California, Jon provides Pre-Sales support to SLED and Enterprise customers in the United States. Jon brings to his customers a background in large scale application deployments, disaster recovery and business continuity as well as a storage background. Educating others on the use of technology in and out of the classroom context is one of Jon's passions. He has been with Citrix Systems for 7 years.

 


 

What to Expect After an Incident Notification?  How to Handle Angry Callers and Threats of Law Suite!

Presenter: Felecia Vlahos, CISSP, Information Security Officer, San Diego State University

Description: You have had an incident, sent a notice to the affected users and now the real fun begins? In this presentation, Felecia will share what to expect from affected users who call, send email or mail, after receiving an incident notification. Understand the types of conversations to expect: threats, concern, confusion, curiosity, reports of ID theft, media vendors and learn how to communicate with the users confidently in a professional and educational manner. 

Felecia brings 30 years of customer service experience to this presentation, including over 1500 discussions with affected users, along with handouts of materials successfully used in incident notification.

Bio:

Felecia Vlahos is the Information Security Officer at San Diego State University (SDSU), one of the largest campuses in the California State University (CSU) system, and also serves as the SDSU’s Privacy Officer. She oversees the SDSU’s information security plan, security awareness and training, compliance with regulations and is a member of the SDSU Security Incident Response Team. Felecia has worked on several CSU initiatives including policies, standards, PCI & HIPAA compliance, contract templates, data classification, patch management, and security awareness training. In addition to working over 14 years in Information Security, Felecia earned her Bachelor and Master’s of Science degrees in Computer Science at SDSU, and is a Certified Information Systems Security Professional (CISSP).

 


 

Cyber Governance and Cybersecurity

Presenter: Jim Chen, Professor of Systems Management/Cybersecurity in the Department of Cyber Integration and Information Operation ,U.S. National Defense University

Description: Cyber technologies have made it possible for people in different parts of the world to be connected digitally and virtually. In this shared cyber space, rules and constraints at different levels are definitely needed to ensure safe and secure environments, in which secure and reliable resources and services are provided to authorized and trusted users. Cyber governance addresses the questions such as who is governing, what is being governed, how governance should be performed, and what the expected results of governance should be. It focuses on people, culture, process, and technology. It is concerned about both policies and policy enforcement. This paper intends to bring the unique perspective of cyber governance into the discussion of cybersecurity. It explores a revised framework of cyber governance built based on law, ethics, social norms, commonwealth, marketing, and architecture. Using this new framework, the paper attempts to show how cyber governance can provide strategic guidance to cybersecurity operations by utilizing cyber leadership, cyber law, and cyber ethics, how it can connect the dots among different phases in cyber security, how it can perform risk management, and how it can affect behavior. The benefits and limitations of this revised framework of cyber governance are discussed. So are the possible topics for future studies in this area.

Bio:

Dr. Jim Q. Chen, Professor of Systems Management / Cybersecurity, iCollege at the U.S. National Defense University (NDU). Before joining the NDU faculty, he was Professor and Program Director of Information Assurance in the Graduate School of Management & Technology at the University of Maryland University College. Dr. Chen received his Ph.D. degree from the University of Maryland at College Park. He received the Graduate Certificate of Information Assurance and Security, Information Assurance Education from Purdue University. Dr. Chen’s research interest is in intelligent intrusion detection and intrusion prevention, network security, ontological semantics, web intelligence for information security, natural language processing, neural networks, software assurance, and ethics. Based on his research, he has authored and presented numerous papers in the relevant fields. In the past few years, he has served in the Program Committee of the Annual SecureIT Information Technology & Network Security Conference.

 


 

IT Security Governance: The SBCCD Planning Approach

Presenter:  Roger Powell, Assistant Professor and Department Head, Computer Information Technology and Computer Science, San Bernardino Valley College

Description: San Bernardino Community College District (SBCCD) began the creation of an IT Security Governance (ITSG) Plan in October 2011.  The plan, a work in progress, is based upon published practitioner and scholarly research.  The SBCCD ITSG plan is consistent with the workload constraints of a busy Community College IT department.  The presentation will provide a comprehensive review of the process that SBCCD used to develop its ITSG plan.  Key factors that will be discussed include (1) team selection; (2) published research and standards; (3) plan creation methodology; (4) buy-in from key constituencies; and (5) lessons learned.

 


 

Compliance and Self-Encrypting Drives

Presenter: Dr. Michael Willett, Storage Security Strategist, Samsung

Description: As a global regulations for data security increase in number and the consequences of non-compliance increase, the ability to secure data has improved and become easier.  Self-encrypting drives (SEDs) designed using an open industry standard developed by the Trusted Computing Group (TCG) provide protection for data at rest and in transit and meet criteria established by government agencies around the world.  However, even with the latest regulations, loopholes exist that may allow users to comply with the regulations, but not meet the intent of the laws resulting in inadequate data protection.  This talk reviews key compliance issues and the role of SEDs in enabling compliance.

Bio:

Dr. Michael Willett received a Bachelor of Science degree from the US Air Force Academy (Top Secret clearance) and a Masters and PhD in mathematics from NC State University. After a career as a university professor of mathematics and computer science, Dr. Willett joined IBM as a design architect, moving into IBM's Cryptography Competency Center. Later, Dr. Willett joined Fiderus, a security and privacy consulting practice, subsequently accepting a position with Wave Systems. Recently, Dr. Willett was a Senior Director at Seagate Research, focusing on security functionality on hard drives, including self-encryption, related standardization, product rollout, patent development, and partner liaison. Currently, Dr. Willett serves as a consultant on the marketing of storage-based security. Dr. Willett also chairs the Privacy Management Reference Model Project of the ISTPA, which has developed an operational reference model for implementing privacy requirements. Presently, Dr. Willett is working with Samsung as a storage security strategist, helping to define their self-encryption strategy across Samsung’s portfolio of storage products.

 


IMB X-Force 2011 Threat Landscape Overview

Presenter: Michael Montecillo, Senior Threat Researcher, IBM

Description: Join the IBM X-Force Research and Development team as we review highlights from the recently published IBM X-Force 2011 Trend and Risk Report which paints a picture of state of internet security threats in 2012. To produce this biannual report, X-Force culls facts from their database of over 65,000 computer security vulnerabilities, millions of intrusion events on tens of thousands of managed network sensors, their web crawler, spam collectors and numerous intelligence sources. X-Force Threat Intelligence uses these data sources to paint a comprehensive picture of the online attack activity that is going on and the approaches we can take in the effort to fight it.

Bio:

Michael is the IBM Security Services Threat Research and Intelligence Principal. He has more than eight years of experience in information security, during which he has served as a Senior Threat and Intelligence Researcher on the Managed Security Services Intelligence Team, as a Vulnerability Management Coordinator and Forensic Investigator for state governments as well as the Principal Security Analyst for an industry analysis firm. Testament to Michael’s efforts he has won two State Police awards for Professional Excellence and has published more than 30 research articles. In addition Michael has functioned as a speaker at industry events including the Department of Homeland Security Government 26 Biographies Forum for Incident Response and Security Teams, IBM Innovate, and VA Scan. As the Threat Research and Intelligence Principal within IBM Security Services conducts research on emerging threat trends and works to ensure that client security needs are met with standard offerings.

 


 

Sherpa: Increasing Student Success with a Recommendation Engine

Presenter: Jim Gaston, Associate Director of Technology, South Orange County Community College District/Bob Bramucci, Vice-Chancellor, Technology and Learning Services, South Orange County Community College District

Description: An unprecedented alignment of forces- from President Obama to state governors to private foundations – is calling for America to regain lost educational ground by once again having the highest proportion of students graduating from college by 2020.  Concurrently, however, educational funding is shrinking.  How can we possibly make large gains in student success while spending less money?  By leveraging the sort of intelligent, automated computer “recommendation engines” proven successful by companies like eBay, Netflix, Pandora, and Apple.  The South Orange County Community College District has created Sherpa, an academic recommendation engine that combines human expertise and predictive analytics to provide students with the right information at the right time, enabling them to make better academic decisions.  Sherpa uses time, event or location-based “triggers” to deliver multimodal (email, SMS, voice, text-to-speech, or Facebook announcements) personalized communications, such as: (1) Helping students find acceptable alternatives when their preferred courses are full; (2) targeted at-risk students for academic interventions; (3) tailoring information about campus events to individual interests.  At this session, we will discuss the compelling nature of personalized online services, outline our development process and provide a live demonstration of the Sherpa system.

Bio:

Jim Gaston is an Associate Director of Information Technology for the South Orange County Community College District where he has been privileged to work with a great team that has been awarded several state and national awards for technology innovation. He has a passion for the intelligent use of technology to further the goals of higher education and enjoys using his sense of humor to convey this message. He presents regularly at local, regional and national conferences and has also been an Adjunct Professor at Irvine Valley College where he taught HTML and Internet courses.

Bio:

Dr. Robert Bramucci, Vice Chancellor of Technology and Learning Services, oversees the Technology & Learning Services functions for the South Orange County CCD. Formerly with Riverside Community College District, he was District Dean of the Open Campus, which served over 50,000 enrollees in online classes per year. He is a nationally-known speaker and author, and has served as a faculty member at various universities, including California State University, Fullerton. Dr. Bramucci holds a Ph.D. in experimental psychology from Washington State University, a M.A.P. in industrial/organizational psychology from the University of Arkansas, and a B.S. in psychology from Arkansas State University.

 


 

CyberWatch West

Presenter: Tony Coulson, Professor, Information and Decision Sciences, California State University, San Bernardino

Description: CyberWatch West is an Advanced Technological Education (ATE) center, funded by the National Science Foundation and headquartered at Mount San Antonio College. The CyberWatch West mission is to improve the quality and the quantity of the cybersecurity workforce. CyberWatch West achieves its mission through a coordinated series of programs and services for its members and partners; for educational institutions, faculty, and students at all levels; and for the public.
CyberWatch West shares resources among its members. Curriculum materials are “open source”, allowing unfettered access to all. These materials have been developed and contributed by faculty and by member institutions. Ultimately, the continued success of CyberWatch West depends on the willingness of members to continue to contribute – to create and revise model programs, model courses, student labs, course modules, web resources, and other course supplements; to participate and host and grow our student competitions; to speak out on behalf of CyberWatch West and Information Assurance careers; and to build relationships with K-12 systems, state and local governments, other higher education institutions, and the public.

Bio:

Tony Coulson, pProfessor in the College of Business and Public Administration, Department of Information & Decision Sciences at California State University, San Bernardino (CSUSB). He came to San Bernardino in 2001 after a professional career as an IT executive and graduating with a PhD in Information Systems from Claremont Graduate University. Tony’s research interests include: Enterprise Systems implementation, virtual communities and systems security. Tony is the Executive Director of the Information Assurance and Security Management Center at CSUSB and recently led the effort to have the University designated as a Center of Academic Excellence in Information Assurance Education by the U.S. National Security Agency. Tony is also the co-PI for faculty development for Cyberwatch West.

 


Participation of Higher Education Institutions in National Cybersecurity Initiatives: Challenges and Opportunities

 

Description: Higher education institutions play a key role in the expansion and advancement of cybersecurity professionals needed to meet the national demands in securing critical infrastructure and systems . Opportunities for funding are been made available through federal agencies, such as National Science Foundation (NSF), to support cybersecurity initiatives that increase the number of qualified graduates in information security and assurance professions. The panelist will include Principal Investigators for the NSF Scholarship for Service program, and the CyberWatch West which is the only NSF-ATE Center in the western region of the United States. Successful initiatives require strong collaborations between higher education institutions, including collaboration among faculty, IT staff ,administrators, students and professional organizations. This panel will provide valuable information on opportunities for your institution to participate on some of these collaborative initiatives and a perspective on the challenges that institutions may encounter in implementing successful cybersecurity programs.

Bios:

Jaishri Mehta Bio:

Jaishri Mehta, is a Professor at Mount San Antonio College. Jaishri Mehta teaches Programming in Java, Network Vulnerabilities and Countermeasures in Computer Information Systems department in the Business Division. From October 2003 to September 2007 served as Senior Personnel for the RISSC (Regional Systems Security Center) project funded by the NSF (National Science Foundation). From October 2007 to 2011, she served as the PI (Principal Investigator) or the lead to the RISSC project to support workforce, curriculum and professional development in cyber security. Jaishri Mehta just received a $3 million grant from NSF to create a Center for Cybersecurity for the western United States called CyberWatch West. She serves as the PI and Executive Director of CyberWatch West Center to bring cybersecurity vision and education in terms of student development, faculty development and professional development to increase the cybersecurity workforce for the western United States. Jaishri Mehta, PI, Director CyberWatch Center, CIS Professor, Business Division, Mount San Antonio College

 

Dr. Dan Manson Bio:

Dr. Dan Manson, CISSP, is a Professor at California State Polytechnic University, Pomona (Cal Poly Pomona). Dr. Manson teaches Information Systems Auditing, Internet Security and Computer Forensics in the College of Business Administration Computer Information Systems undergraduate and Master of Science in Information Systems Auditing programs. From September 2003 to March 2004 and January to December 2006, Dr. Manson served as the campus Information Security Officer for Cal Poly Pomona.

Dr. Manson led the effort for Cal Poly Pomona to be designated a National Center of Academic Excellence in Information Assurance Education in 2005 and again in 2008. Dr. Manson is in charge of the Western Regional Collegiate Cyber Defense Competition and California Cyber Challenge as part of the United States Cyber Challenge.

Dan has been co-Principal Investigator on three National Science Foundation grants to support workforce, curriculum and professional development in cyber security, including the current CyberWatch West NSF ATE Regional Center grant. Dan serves on the Academic Relations Committee for the Los Angeles Chapter of the Information Systems Audit and Control Association and as President of the Southern California High Technology Crime Investigation Association.

 

Lorraine Frost Bio:

Ms. Lorraine Frost began her career in information technology 32 years ago at California State University, San Bernardino. She has been instrumental in development of technology strategic directions, disaster recovery planning, campus technology infrastructure, and project management oversight.

As an executive sponsor for accessible technology, she oversees the campus initiatives that increase access for individuals with disabilities to the teaching and learning environment. She is fully engaged in professional organizations as the secretary to the Information Systems Security Association, Inland Empire Chapter, as a member of the California Inland Empire Chapter of Project Management Institute and member of the Arrowhead United Way Women’s Leadership Council.

Ms. Frost holds bachelor degrees in psychology and computer science from California State University, San Bernardino, and a Master degree in Psychology from California State University, San Bernardino. She holds a Community College instructor credential and project management professional (PMP) credential.

 

Javier Torner Bio:

Dr. Javier Torner, Interim Associate Vice President for Information Resources and Technology and Information Security Officer at California State University San Bernardino. He provides leadership and manages the office of Telcommunication and Network Services, the Information Security Office and the Information Technology Services group. Dr. Torner coordinates and oversees the implementation of enterprise information technology and network projects, including security initiatives for the univerity’s telecommunications network and computer and information systems, and the development and adoption of information security policies and standards. Dr. Torner periodically conduct workshops and presentations on information security topics to different groups inside and outside the university, including upper management, IT directors, and technical staff groups . Dr. Torner is a CISM, CGEIT, CRISC from the Information Systems Audit and Control Association and is currently the President for the Information System Security Association Inland Empire Chapter. Dr. Torner is a Professor of Physics with over twenty five years of teaching and working experience with data communication networks and computer systems.

Jeff Holden Bio:

Jeff Holden has been working in IT for 14 years. He is currently the Manager of Network & Data Security at Mt. san Antonio college the largest single campus community college in California with over 60,000 students.


 


 

CISOA Conference Presentation / Nuts and Bolts Track: What EveryCISO Should Know

 

CENIC Update: From the Network to the Cloud

Presenters: John Charles, COO CENIC; Edward Smith, CENIC; Bonnie Edwards, Interim Director of the California Community Colleges Chancellor's Office Telecommunications and Technology Unit

Description: This session will provide you with an update on recent changes affecting CENIC’s CalREN network and will provide an overview of the connectivity changes that have affected the community colleges due to the state-wide budget cuts we have all experienced. We will also cover the various CENIC Board initiatives as related to “above-the-network” cloud-based services including VoIP and other initiatives.  Bonnie Edwards will be available to answer any TTIP related funding questions you may have.

John Charles Bio:

John Charles joined CENIC in June 2011 as the corporation’s Chief Operating Officer, and is passionately committed to CENIC’s advanced network and “above-network” services mission in support of California’s K-20 education and research community.

John came to CENIC from Cal State East Bay where he served as the university's first Cabinet-level CIO. As CIO, John led the university's strategic shift to the delivery of information technology as a service. He brought a laser-like focus to the institution’s efforts to strategically align and streamline its university-wide IT services – an ambitious goal that required leveraging progressively larger levels of aggregation to achieve the desired economies-of-scale. Within this shift, John pioneered new models for aggregating "above-college" (university-wide shared-services) and "above-campus" (CSU-wide cloud-based) IT services. These "above-college" and "above-campus" efficiencies were realized by sharing personnel, expertise, licensing, infrastructure, resources and work efforts to create and sustain achievements beyond the reach of any one college or institution -- giving birth to the "centrally-coordinated and locally-directed" shared IT services model at Cal State East Bay, and to the CSU system-wide "Synergy" initiatives.

John has been active in advancing broadband network access for K-20 within the State of California, nationally, and internationally -- having served on CENIC’s Board of Directors for thirteen years, and on the Internet Educational Equal Access Foundation (IEEAF) Board of Directors for eleven years.

Prior to coming to California, John served as Harvard University’s Director of IT Services Development. His career as a user, manager and student of information technology also included nine years planning and implementing shared technology infrastructures for the Department of Defense, and three years of full-time teaching experience as a member of the engineering faculty at the U.S. Military Academy, West Point.

He received his B.S. in Engineering Science and Mechanics, in 1972, and his M.S. in Engineering Science, Computer Science and Applied Mathematics, in 1973 from the University of Florida.

Ed Smith Bio:

Ed Smith does most of CENIC’s project management and functions as liaison to the K12, Community Colleges and the CSU educational segments as well as independent colleges on CalREN connectivity issues. He also works with many R&E networks and research labs across the country through his involvement in SCinet’s annual Supercomputing conferences. He is a graduate of CSU Hayward.

Ed’s involvement with the community colleges dates back to late 1996 and the transition from CSUnet to 4CNet which brought the community colleges throughout the state onto the network.  He also project managed the videoconferencing pilot program with Butte College and the subsequent deployment of both H.320 and H.323 videoconferencing services across CalREN. Ed has been a regular presenter at past CISOA conferences and is probably familiar with the networking needs and issues of the community colleges as well as anyone. 

Bonnie Edwards Bio:

Bonnie Edwards is the Interim Director of the California Community Colleges Chancellor's Office Telecommunications and Technology Unit, which is responsible for the oversight and funding of system wide technology projects and initiatives. Bonnie began her state service as a member of the Chancellor's Office Management Information Systems Unit supporting the state's data collection systems.  Prior to this, Bonnie accrued more than 8 years’ experience as a Lead Systems Analyst and Project Manager for the Intel Corporation in Folsom, California implementing global finance and logistics projects for SAP, Intel's ERP system.


 

Statewide Initiatives Status Update

Presenters: Tim Calhoun, Director of the California Community College Technology Center; Bonnie Edwards, Interim Director of the California Community Colleges Chancellor's Office Telecommunications and Technology Unit

Description: What emerging CCC technology services can help better serve your students? How can IT leaders integrate them effectively on their campus? In this presentation, we’ll discuss new technologies being created for student services and instruction by the California Community College Chancellor’s Office. To serve the diverse needs of the 112 campuses in this system, services must meet common student needs, yet be customized to reflect local campuses cultures. We’ll discuss strategies being used to create and deploy these services from the Telecommunications and Technology Infrastructure Program. This session will help you to prepare for and use new technologies for increased efficiency and effectiveness on your campus.

 

Tim Calhoun Bio:

Tim Calhoun is the Director of the California Community Colleges Technology Center at Butte College, which helps facilitate and coordinate the work of California Community Colleges (CCC) system-wide technology projects in coordination with the CCC Chancellor's Office Telecommunications & Technology Unit. Prior to this, Tim accrued more than 10 years’ experience in managing educational technology organizations for PLATO Learning  and CyberEd, Inc. This work, in conjunction with a talented development team, lead to more than 17 educational technology awards and a Software & Information Industry Association (SIIA) CODIE nomination.

 

Bonnie Edwards Bio:

Bonnie Edwards is the Interim Director of the California Community Colleges Chancellor's Office Telecommunications and Technology Unit, which is responsible for the oversight and funding of system- wide technology projects and initiatives. Bonnie began her state service as a member of the Chancellor's Office Management Information Systems Unit supporting the state's data collection systems.  Prior to this, Bonnie accrued more than eight years’ experience as a Lead Systems Analyst and Project Manager for the Intel Corporation in Folsom, California implementing global finance and logistics projects for SAP, Intel's ERP system.

  


Legal/Regulatory Update: Know Your Responsibilities

Presenters:  Warren S. Kinsler, Partner, and Sharon Ormond, Senior Associate, Atkinson, Andelson, Loya Ruud & Romo

Description: This session will provide an overview of various legal issues that impact technology use in districts, including search and seizure, privacy rights, free speech, defamation, social media, and technology use policies.

 

Warren S. Kinsler Bio:

Warren Kinsler represents California school districts, community college districts, and county offices of education in all aspects of education and public sector law.  Clients rely upon Mr. Kinsler to provide specific advice and counseling with respect to issues confronting educational institutions.  Mr. Kinsler also litigates cases involving issues affecting how schools, colleges, and county offices conduct their business.  He is skilled at handling all matters, from personnel and civil rights issues to real property and public finance transactions.  He is a leading authority on the Brown Act, conflict of interest laws, and governmental liability and immunity.

Sharon J. Ormond Bio:

Sharon Ormond represents California public sector employers in all aspects of labor relations and personnel matters, including certificated and classified discipline, reductions in force, unfair practice charges, contract grievances, and the investigation and defense of discrimination, harassment, whistleblower, and retaliation claims.  She regularly represents employers before the Office of Administrative Hearings, the Department of Fair Employment and Housing, the Equal Employment Opportunity Commission, and the Public Employment Relations Board.  Her practice also includes advice and counsel in general areas of education law, such as First Amendment rights, leaves of absence, disability accommodations, student rights and discipline, and Brown Act compliance.

  


Accreditation:  How Should IT Participate and Prepare?

Panel Presenters: Deborah Ludford, District Director, Information Services, NOCCCD; Frank Smith, Executive Dean of Technology and Information Resources, Victor Valley College; Bina Susan Isaac, CTO/Dean IT and Institutional Research, College of the Desert

 

Description: Preparing for Accreditation is an intensive activity for any college.  Come learn about how to participate in the self-study effectively and prepare for the visit.  A panel will identify the best ways to address the standards with practical advice and tips for success.  Standard II.C is the main focus for participation of technology units in the accreditation process; however, many sections require the help from the IT units to meet the standards.  Come meet several experienced CISO’s and hear their thoughts on this important topic. 

Deborah Ludford Bio:

Deborah Ludford has over 15 years’ experience as a CISO in the California Community College System.  She has served as an Accreditation Liaison Officer and participated in several self-study efforts at two colleges.  In addition, Deborah has served on three recent accreditation teams and has been a member of a follow-up visiting team.  At North Orange, a recent accreditation visit re-affirmed accreditation for one institution and put the other two colleges on warning.

Bina Susan Isaac Bio:

Bina Isaac has 24 years of professional management experience in providing leadership in Information Systems and Educational Technology.  Currently, Bina is the Dean of Information Technology and Institutional Research at College of the Desert.  This last June, ACCJC granted College of the Desert “Reaffirmed Accreditation on the Basis of a Comprehensive Evaluation”. 

Frank Smith Bio:

Frank Smith is currently the Executive Dean of Technology and Information Resources at Victor Valley College where he has served for three years.  Prior to that Frank was the Director of Academic Computing at Cypress College for nine years.   Frank also was an instructor for Community College of the Air Force for six years.  Frank’s undergraduate degree is in Computer Science and he holds graduate degrees in Project Management and Business Administration.

 


MIS: What’s New and What’s Not So New!

Presenter: Myrna Huffman, Chancellor’s Office MIS Unit

Description: This session will brief CISO’s on State MIS Reporting Requirements, Gainful Employment, Net Price Calculator, Student Services Automated Reporting System, Data Mart Version 2 and the Curriculum Inventory.  This session will also allow time to answer any of your MIS reporting questions.

Myrna Huffman Bio:

Myrna Huffman has been with the State Chancellor's Office Management Information Systems Unit since February 1999.  Myrna was in the MIS unit at Sierra College for nine years.  Myrna has been involved with MIS since its beginnings.


 

eDiscovery & Records Retention: What You Should Know

Presenters:  Aaron V. O’Donnell, Partner, and Scott J. Sachs, Senior Associate, Atkinson, Andelson, Loya Ruud & Romo

Description: This session will review various issues with data management and storage, including document retention policies, electronic data discovery, and preservation of evidence and litigation holds.

 

Aaron V. O’Donnell Bio:

Aaron O'Donnell represents California community college districts, universities, and school districts in education and employment-related matters.  He provides experienced advice and counsel to clients in all aspects of education and employment law, including employee evaluation and discipline, employment discrimination and wrongful termination, labor relations, reductions in force, student discipline, disability accommodation, Brown Act compliance, conflicts of interest, First Amendment and other constitutional rights of students and employees, whistleblower protection, and investigations of employee misconduct. He represents education clients in grievance arbitrations, administrative hearings, and civil litigation in state and federal court.

Scott Sachs Bio:

Scott Sachs practice focuses on representing private and governmental entities in complex litigation in the area of construction law with a concentration in environmental law and electronic discovery.  He has negotiated with governmental and regulatory agencies regarding land use, underground storage tanks, and review of applications and permits.


 

CISOA Conference Presentations / Applications Track: On the Ground and In the Cloud

 

OpenCCC & OpenCCCApply, New System-wide Services for the Colleges

 

Presenters: Tim Calhoun, Director of the California Community College Technology Center

 

Description: OpenCCC is the California Community Colleges federated identity initiative. OpenCCC uses standards-based, open source specifications to insure privacy and security while allowing access to applications within the CCC. OpenCCCApply is the new Web 2.0 application to college and will be the first system wide web service offered within the OpenCCC Federation.  The goal of OpenCCCApply is to increase service for colleges and students while significantly lowering the cost. Find out how your college can get connected to these new, cost effective services being released in 2012.

 

Tim Calhoun Bio:

Tim Calhoun is the Director of the California Community Colleges Technology Center at Butte College, which helps facilitate and coordinate the work of California Community Colleges (CCC) system wide technology projects in coordination with the CCC Chancellor's Office Telecommunications & Technology Unit. Prior to this, Tim accrued more than 10 years’ experience in managing educational technology organizations for PLATO Learning and CyberEd, Inc. This work in conjunction with a talented development team, lead to more than 17 educational technology awards and a Software & Information Industry Association (SIIA) CODIE nomination.

 


 

End-To-End Virtualization: Where Are We, What Do We Know, and Where Are We Headed?

 

Presenters: John Wagstaff, CTO and Director Information Systems El Camino CCD; Paul Bishop, Vice President, Technology, Santa Barbara CCSD

Description: It’s been four years since virtualization technology made its appearance at the CISOA Monterey conference.  Since then El Camino CCD, Santa Barbara CCD, College of the Sequoias, have all been working with desktop and server virtualization.  Learn about their experiences along with the latest developments in the end-to-end virtualization stream. 

John Wagstaff Bio:

John Wagstaff has worked in higher education for over 35 years, serving in Universities, Colleges and Community Colleges throughout the country. He moved to California in 1992 to be the Director of Media, Learning and Information Resources at Peralta Community College District. In 1996 he was appointed to be the District's Director of Information Technology, Management Information Systems. Since then, Mr. Wagstaff has served as the lead administrator on all matters related to Information Technology including Enterprise Resource Planning systems, technology planning, library automation and operations, telecourse and online distance learning, and state and local data/telephony network planning and implementation. He is the Chief Technology Officer and Director of Information Systems at El Camino College in Torrance, California. He is also an elected board member of the California Community Colleges Chief Information Systems Officers Association.  In addition, to chairing the Etudes Board of Directors, Mr. Wagstaff serves on the California Community Colleges Chancellor's Office System-wide Architecture Committee and is a past member of the Telecommunication Technology Advisory Committee.

Paul Bishop Bio:

Paul Bishop is currently the Vice President of Information Technology at Santa Barbara City College and has worked in higher education for over 30 years. Prior to joining SBCC, Paul spent a decade as a consultant working with higher education clients across the country. He also served as the Director of Computing and Telecommunications at Washington College (MD), and as the Executive Director of Information Technology at the University of the Virgin Islands. He received his B.A. in Psychology from Youngstown State University, and an M.A. and Ph.D. in Psychology from Bowling Green State University. He is currently serving on the CISOA Board, is a current member of both TTAC and SAC, and is active in the local Santa Barbara CIO’s group.

 


 

Mobile Applications: Meeting Students and Staff Where They Are

 

Presenters:  Robert  Hughes, Director, Enterprise Application Systems, Mt. San Antonio College; Brad Rippe, IT Project Leader, North Orange County Community College District

Description: The North Orange County Community College District has developed mobile applications for all three of the districts institutions. The applications (available for Android, iPhone/iPad and BlackBerry) have been developed and are now in full production. Included in the offering are campus maps, news feed, grade lookup, student schedule, faculty and staff directory and class schedule. The applications will be demonstrated and the presenters will talk about the development environment, lessons learned, best practices, marketing strategies, future plans and the tools used to make this a collaborative development effort across the District.

 

Robert Hughes Bio:

Robert Hughes is the new Director of Enterprise Application Systems at Mt. San Antonio College.  For the past 7 years he served as the Applications Support Manager for the North Orange County Community College District, and led them in several innovative projects including an on-line BOG waiver application, a district-wide portal, and mobile apps.  NOCCCD was a pilot for the award-winning eTranscript California (formerly CCCTran) project under his leadership, and he served as the founding chair of the project's steering committee from 2007-2011.   He also serves as the chair of the state-wide committee tasked with prioritizing changes to the CCC version of the Banner ERP system.  His 20 years in Information Technology includes leadership at both the community college and university level.

Bob has presented at CISOA in 2006, 2008 and 2009, and holds an MBA from CSU Fullerton.

 

 

Brad Rippe Bio:

Brad Rippe works at the North Orange County Community College District as an IT Project Leader where he oversees web services and mobile applications. Brad earned a master’s in computer science from California State University, Fullerton.  Brad has taught college computer programming courses, published articles on Java technologies and works as a consultant for PHP, .NET, and Java technologies.  

 


  

Contracting in a Technology World: How to Protect Your District

Presenters:  Lisa R. Allred, Partner, and Lindsay A.Thorson, Senior Associate, Atkinson, Andelson, Loya Ruud & Romo

Description: This session will review terms and language in hardware, software and cloud contracts that are needed to protect districts and ensure compliance with FERPA, HIPAA, red flag rules, and data security standards.

Lisa R. Allred Bio:

Lisa R. Allred represents school districts, colleges and universities in education law, including business, real estate, personnel, public works, technology and intellectual property. Prior to joining the firm, Ms. Allred was an Assistant Attorney General for the State of Washington at the Washington State University Division where she practiced all aspects of higher education law.  Ms. Allred has lectured extensively at school and college associations on various education law topics.  Prior to attending law school, Ms. Allred pursued a career in business serving as a business manager for a private school run by Lehigh University, procurement officer for New Mexico Highlands University, contracts representative for Sandia National Laboratories, and a market research manager for ABQ Bank.

Lindsay A. Thorson Bio:

Lindsay Thorson represents school districts, community colleges, county offices of education, and other public entities on transactional matters.  She specializes in school site and property acquisition, disposition of surplus property, joint-use agreements, licenses, easements, lease-leaseback construction, Proposition 39 charter school facilities requests, technology procurement and licensing, software and hardware agreements, cell tower agreements and assessment of developer fees.  Ms. Thorson represents private entities in real estate matters, including real property acquisitions and sales, leases, ground leases, licenses, and easements.

 


 

Integrating Google Apps into an ERP/Portal Environment

 

Presenters:  Daniel Watkins, Director of Information Technology, Santa Barbara City College and Michael Ghens, Network Specialist/Systems Administrator, Santa Barbara City College

Description: This presentation will focus on Santa Barbara City College’s transition from a traditional student e-mail system to Google Apps for Education.  We will discuss the physical implementation and the campus roll-out.

Daniel Watkins Bio:

Daniel Watkins is the Director of Information Technology at Santa Barbara City College, where he provides leadership for research, acquisition, development, design, operation, and implementation of SBCC’s data center, network services, and enterprise software applications.

 

Over the last 10 years Daniel has implemented campus-wide applications for SBCC including the Campus Pipeline student portal and the WebCT learning management system in 2001. From 2004 - 2007, he led the Banner ERP implementation project and still serves as the lead in maintaining and upgrading this core system. Throughout his career Daniel has also developed and taught technology related courses at UCSB, Antioch University, and Santa Barbara City College. He continues to teach several courses at SBCC each year.

 

In 1999, Daniel earned his Master of Arts degree in Organization Management at Antioch University, Santa Barbara.

 

Michael Ghens Bio:

Michael Ghens is a Network Specialist/Systems Administrator at Santa Barbara City College.  Michael’s involvement in the Community College system began as a Laboratory Teaching Assistant for the Computer Science department. His current responsibilities include working with the College’s ERP/Portal systems, Middle Tier and integration of third party systems.



 

Secure Single Sign On and Attribute sharing with CAS and Shibboleth in Portal/ERP Systems

 

Presenters:  Michael Ghens, Network Specialist/Systems Administrator, Santa Barbara City College and Daniel Watkins, Director of Information Technology, Santa Barbara City College

 

Description: Colleges need to be able to offer single sign-on services that include portals, ERP, LMS, financial aid. Santa Barbara City College has implemented shibboleth and CAS (Central Authentication Services) to provide secure authentication and pass attributes to college and non-college owned systems. Discussion will include a review of the authentication design and architecture supporting multiple campus applications (STARS/DARS/Moodle/DreamSpark/Google Apps etc.).

 

Michael Ghens Bio:

Michael Ghens is a Network Specialist/Systems Administrator at Santa Barbara City College.  Michael’s involvement in the Community College system began as a Laboratory Teaching Assistant for the Computer Science department. His current responsibilities include working with the College’s ERP/Portal systems, Middle Tier and integration of third party systems.

 

Daniel Watkins Bio:

Daniel Watkins is the Director of Information Technology at Santa Barbara City College, where he provides leadership for research, acquisition, development, design, operation, and implementation of SBCC’s data center, network services, and enterprise software applications.

Over the last 10 years Daniel has implemented campus wide applications for SBCC including the Campus Pipeline student portal and the WebCT learning management system in 2001. From 2004 - 2007, he led the Banner ERP implementation project and still serves as the lead in maintaining and upgrading this core system. Throughout his career Daniel has also developed and taught technology related courses at UCSB, Antioch University, and Santa Barbara City College. He continues to teach several courses at SBCC each year.

In 1999, Daniel earned his Master of Arts degree in Organization Management at Antioch University, Santa Barbara.

 

 


 

CISOA Conference Presentations / Leadership Track: Being an Effective CISO

 

CISOA Sponsored Training Opportunities

 

Presenters: Gary Moser, Chief Technology Officer, Sierra College, President, CISOA; Fred Sherman, Vice Chancellor, Educational Technology Services, Foothill-De Anza Community College District

 

Description: This session will be an open discussion of how to prepare and build new skills in IT professionals who are serving or will serve in the role of CISO/CTO. The discussion will address training needs of new CISO’s, experienced CISO’s, as well as emerging IT professionals who would like to become CISO’s. Other professional organizations provide structured professional training for leadership positions in their specialty areas. Should CISOA do the same? What steps can the association take to facilitate professional training?

 

Gary Moser Bio:

Gary Moser has more than 12 years of diverse experience in higher education.  He has been in the IT field for the past 29 years throughout the United States and Japan. Gary has taught at many educational institutions including UCSD, Chico State, and National University for the past 12 years. His areas of concentration include business management, project management, information systems, and systems security.

Gary’s current position is the Chief Technology Officer of Sierra Community College District. He received his BS in Business Administration and Management from the University of Maryland and his Masters in Educational Leadership from Northern Arizona University.  He also holds several certifications for Project Management, Windows, Novell, and security.

Fred Sherman Bio:

Dr. Sherman is currently serving as the Vice Chancellor of Educational Technology Services at the Foothill-De Anza Community College District located in Los Altos Hills, California. He has served in executive roles for three community college districts in the past 18 years including Director of the Technology Center for the California Community College System. He has taught part-time at three universities, managed counseling activities for a 20-city region in southern California (serving individuals applying to the US Military Academy at West Point), and served on US Congressional nomination committees to recommend the selection of candidates to attend the US military academies. He was also appointed to the Board of Examiners for the National Institute of Standards and Technology’s Malcolm Baldrige National Quality Program and served three years evaluating educational organizations.

 

Prior to entering academia, Dr. Sherman served as an Engineering Manager at General Dynamics Corporation for 13 years managing several industrial technology programs involving the development of engineering designs with advance technologies, the establishment of collaborative joint ventures with international companies, and the marketing of products to governmental organizations. Dr. Sherman also served in the US Army as an armored and aviation unit commander obtaining the rank of Lieutenant Colonel upon retirement. Dr. Sherman has a Ph.D. in Management Information Systems and an MBA, both from Claremont Graduate University, a MS degree in Systems Management from the University of Southern California, and a BS degree in Military Science from the US Military Academy at West Point.



 

Making It Happen: TIPS and TRICKS from the Field

 

Presenters: Mick Holsclaw, Associate Vice Chancellor, Information Technology, Los Rios Community College District; Michelle Kozlowski,  Director, Information Technology Services, West Hills Community College District; Deborah Ludford, District Director, Information Services, North Orange County Community College District;   Fred Sherman, Vice Chancellor, Educational Technology Services, Foothill-De Anza Community College District

 

Description: This session will be a panel discussion from a few seasoned CISO’s to discuss methods they have found useful in navigating the cultural, regulatory, economic and political environmental peculiarities of provisioning IT in community colleges. Issues affecting small and large districts will be discussed as they apply to managing governance, difficult bosses, performance issues, frustrated users, poor funding, and insufficient staff resources.

 

Mick Holsclaw Bio:

Mick Holsclaw is in his 11th year serving Los Rios CCD as Associate Vice Chancellor for Information Technology.  Prior to that Mick worked at Yuba College for five years.  Mick worked for 10 years at the Community College Chancellor’s Office, including five years as the Vice Chancellor of Information Technology Services.

Michelle Kozlowski Bio:

Michelle Kozlowski has spent nearly 27 years working in educational technology.  This includes 22 years at California Community Colleges, 2 years at the University level,  and 3 years in K-12.  Michelle was the recipient of the 2007 Technology Leadership Award and was a member of the team receiving a 2007 Technology Focus award from the California Community College Chancellors Office.

 

Deborah Ludford Bio:

Deborah Ludford is the District Director, Information Services for the North Orange County Community College District.  Deborah is currently a member of the Board at CENIC, Vice President of the California Community College Banner Users Group and President Elect of CISOA.  Deborah has served the system since 1989 as a teacher, dean and CISO at Glendale College, Fullerton College and now at the NOCCCD.  Deborah holds a Bachelor’s in Business and a Master’s in Management Science from the University of Southern California.  Deborah has served on several Accreditation visiting teams and has chaired a self-study effort.  

 

Fred Sherman Bio:

Dr. Sherman is currently serving as the Vice Chancellor of Educational Technology Services at the Foothill–De Anza Community College District located in Los Altos Hills, California. He has served in executive roles for three community college districts in the past 18 years including Director of the Technology Center for the California Community College System. He has taught part-time at three universities, managed counseling activities for a 20-city region in southern California (serving individuals applying to the US Military Academy at West Point), and served on US Congressional nomination committees to recommend the selection of candidates to attend the US military academies. He was also appointed to the Board of Examiners for the National Institute of Standards and Technology’s Malcolm Baldrige National Quality Program and served three years evaluating educational organizations.

Prior to entering academia, Dr. Sherman served as an engineering manager at General Dynamics Corporation for 13 years managing several industrial technology programs involving the development of engineering designs with advance technologies, the establishment of collaborative joint ventures with international companies, and the marketing of products to governmental organizations. Dr. Sherman also served in the US Army as an armored and aviation unit commander obtaining the rank of Lieutenant Colonel upon retirement. Dr. Sherman has a Ph.D. in Management Information systems and an MBA, both from Claremont Graduate University, a MS degree in systems management from the University of Southern California, and a BS degree in military science from the US Military Academy at West Point. 


 

Obtaining Payment Card Industry Certification (PCI-DSS)

 

Presenters:  Chien Shih, Director, Information Systems and Operations, Foothill-De Anza Community College District; John Clark, Chief Operating Officer, ExoIS; Kevin McElroy, Vice Chancellor, Business Services, Foothil-De Anza Community College District

 

Description: Providing security for payment card processing on our campuses is not only a prudent necessity for protecting individuals' identity and financial information, it is also required by the PCI Security Standards Council if you use payment cards for financial transactions. Foothill-De Anza CCD together with ExoIS will discuss the 15 month process they undertook to gain PCI-DSS certification

 

Chien Shih Bio:

Chien Shih is serving as the Director of Information Technology and Operations for the Foothill De Anza Community College District (FHDA). He has held this position for the past five years among his accomplishments he has recently successfully completed the full implementation of the SunGard Banner ERP system, which includes the successful implementation of the PCI-DSS compliance payment gateway system.

 

Prior to his service with FHDA, Chien’s other public sector service includes the Information Technology Operations Manager with the Bay Area Rapid Transit District for two years. He spent 13 years in the private sector in the Silicon Valley working for different high tech companies. He has worked in different areas of information technology including technical operations, and customer services, rising to the rank of Vice President of Technical Operations of Elitegroup Computer Systems USA, a company located in Fremont, CA. Chien received his M.B.A. degree from University of Washington in 1983.

 

John Clark Bio:

John has over 30 years of experience in the technology business and has held executive management positions in both sales and marketing in the Information Technology industry. His experiences cover all aspects of hardware and software and consulting services. Prior to joining ExoIS he had been a Management and Marketing Consultant for over 10 years working primarily as part of the management teams of hi-tech start-up businesses in the software and services market places. John became a consultant after long careers with both IBM and then Hitachi Data Systems. In his 22 years with IBM he worked in a variety of management positions in systems engineering, sales and marketing in both the UK and in IBM's European headquarters in Paris. John then spent 11 years with Hitachi Data Systems, the last five of which were as an Executive Vice President based in California having been promoted to that position after six years with HDS as European Vice President of Marketing based in London. John holds a Bachelor’s Degree in Mathematics from Hull University in England.

Kevin McElroy Bio:

Kevin McElroy is currently the Vice Chancellor of Business Services at Foothill-De Anza Community College District. Prior to that, Kevin served 21 years as Vice President for Administrative Services at Coastline Community College, part of the large multi-college Coast Community College District. As Vice Chancellor of Business Services, McElroy is responsible for overseeing all business policies and procedures for Foothill-De Anza, providing leadership in strategic planning and advising the Chancellor and Board on fiscal matters.

 

 


 

Web Based, Self Service College Information Portal

Presenters:  Denise Swett, Acting Vice President, Student Development, Foothill College / Andrew Brode, IntelliResponse

 

Description: Augmenting a Help Desk with a Web-based, self-service information portal that staff and students can use to obtain information 24/7 can greatly enhance technical assistance to users and lower staff involvement. Foothill College in partnership with IntelliResponse will discuss the implementation of "Ask Foothill", a web informational portal.

 

Denise Swett Bio:

Denise Swett, Ed.D.,is the Acting Vice President of Student Development & Instruction and Associate Vice President, Middlefield Campus &  Community Programs at Foothill College. She has been very involved at the college working to provide student support services online not only to support distance learning students, but to increase access and information availability to 24 hours per day, 7 days per week.

 

Foothill College was one of the first California community colleges to offer online learning. Using commercially available solutions as well as home-grown programs, Foothill continues their commitment to add services for students in many formats and methods of delivery.

 


 

Risk Factors to ERP implementations

Presenters:  Mario Valente, Dean, Academic Information Services, Mira Costa College

Description: California's community colleges invest millions of dollars in the complex integrated software systems known as enterprise resource planning systems, or ERPs.  Campus leaders need to minimize risks that the chosen system will introduce errors, frustrate users, or in other ways fall short of expectations.  In order to understand what can go wrong in the selection and use of ERP systems, Dr. Valente surveyed academic and administrative leaders of California Community Colleges.  He asked them to assess and rank a list of risk factors based on their field experience in selecting, implementing, and using ERP systems. The resulting data advanced our understanding of how successful ERP implementations can be facilitated and poor implementations avoided by identifying, reducing, or eliminating risk factors and threats to ERP projects.

 

Mario Valente Bio:

Dr. Mario Valente has over 30 years of experience in information technology acquired in the private, public and educational sectors. His experience is varied and wide including planning, selecting, implementing and maintaining enterprise wide information technology systems and initiatives. Mario started his computer career at an early age in Brazil as a Burroughs mainframe computer programmer working for a large banking institution and the stock market of Sao Paulo. His fascination with computers led him to immigrate to the United States to study Computer Science at UCLA. After graduating from UCLA, Mario worked for the Los Angeles County as a systems programmer supporting law enforcement applications on IBM mainframes. Leaving LA County for the City of Long Beach, he oversaw the IBM and 911 data center operations, systems programming and the city wide voice and data network. From the City of Long Beach he moved on to become the Executive Director for Academic Computing and Information Technology at the Long Beach City College.  In January of 2009, Dr. Valente accepted the position at MiraCosta College as their chief technologist overseeing the Academic Information Services department which includes the Library, Online Education, Media Services and Information Technology.  Mario holds a Bachelor’s degree from UCLA, a Master’s degree from Cal State Fullerton and his doctorate from UC Irvine.

 


 

Chancellor’s Office Technology Award Winners

Winners/Presenters:  Chelley Maple, Matriculation Director, College of the Canyons; John Koetzner, Vice President, Council of Chief Librarians and Academic Senate President, Mendocino College; Belinda Heiden Scott, Associate Professor Business Education and Distance Education Coordinator, MSJC Academy

Description: Every year the California Community College Chancellor’s Office gives awards for exemplary technology practices, in which the winners present on their projects/accomplishments. This year awardees are:


Virtual Learning Lab

Presenter: Chelley Maple, Matriculation Director at the College of the Canyons
The Virtual Learning Lab (VLL) is an interactive, online resource, grounded in educational psychology and evidence-based approaches to human learning. Its mission is to promote effective, self-regulated learning strategies by providing a library of workshops, activities, lessons, and case studies on how to become an expert learner. By centralizing learning resources for under-prepared students into a single digital repository, individuals will have free access to the content 24 hours a day and at no additional cost. Eight Essential Lessons scaffold the main web page, each addressing a classic learning strategy that is interwoven with key components of self-regulated learning. It carries a low demand on on-ground resources, is adaptable, and has the ability to expand in content and delivery.

Mendocino College Library Automation with Koha

Presenter: John Koetzner, Vice President of the Council of Chief Librarians and the Academic Senate President at Mendocino College

Mendocino College Library sought a library database solution that would allow them to be more self-sufficient, agile, and cost-efficient. Library automation software has been in the hands of large vendors for quite a while and the costs for the software, training, support and maintenance are often prohibitive for smaller libraries, but are also a huge ongoing expense for larger libraries. By moving to an open source solution, Mendocino has shown that it is possible to have an automated, robust and flexible library database for $7,000 (ongoing maintenance $1,800). The project successfully migrated historical data and set up user authentication with their ERP.

MSJC Academy

Presenter, Belinda Heiden Scott, Associate Professor Business Education and Distance Education Coordinator, MSJC
Twelve years ago, MSJC embarked on a path to fully maximize the use of emerging technologies across the college, both in instruction of courses and in administrative processes. Today there are over 150 faculty teaching approximately 400 online and hybrid course sections per semester, 300 participants in the Academy, every course section (face-to-face, hybrid, and online)has a Blackboard course shell available, and all of the classrooms either have installed “smart” capability or access to mobile units. The MSJC model has been commended in recent accreditation reports and, over the years adopted by other colleges. The key to its success is low cost, peer presenters, collaborative funding efforts, and consistency. The outcome of implementing the Academy has increased the technical knowledge of its college’s faculty, staff, and administration and has produced a return on investment with the efficiency of college purchased software.

 


Pre-Conference Speaker's Bio's

Bio

Tin Zaw is an Application Security Architect at AT&T Interactive, publisher of YELLOWPAGES.COM <http://YELLOWPAGES.COM>, where he leads company wide application security program. He is the president of the Los Angeles chapter of OWASP, Open Web Application Security Project. A veteran software developer, Tin holds CISSP and CSSLP certifications, and MS in CS and MBA from University of Southern California.

Bio:

Adnan Masood is a Software Engineer and Architect with zeal for solving interesting business and technology problems. With special interest in scalable architectures, application security, algorithm design and development, Adnan has over a decade of hands-on experience in financial services and application service providers. He currently works as a system architect for a financial institution where he develops robust, scalable and secure SOA based middle-tier architectures, distributed systems, and web-applications. He is a Microsoft Certified Trainer holding several technical certifications, including MCPD (Enterprise Developer), MCSD .NET, and SCJP-II. Adnan is attributed and published in print media and on the Web; he is technical editor for upcoming "Microsoft Windows Server AppFabric Cookbook" and also taught Windows Communication Foundation (WCF) courses at the University of California at San Diego. Adnan regularly presents at local code camps and user groups. He is actively involved in the .NET community as co-founder and president of the of San Gabriel Valley .NET Developers group and recipient of INETA Community Champion Award for contributions to the developer community in Southern California.

Adnan holds a Masters degree in Computer Science and currently pursuing a doctorate in Machine Learning; specifically interestingness measures in outliers using belief networks. He also holds systems architecture certification from MIT and SOA Migration, Adoption, and Reuse Technique certificate from SEI, Carnegie Melon University. Adnan can be reached at adnanmasood@acm.org <mailto:adnanmasood@acm.org>

Bio:

Christopher W. Urban, Data Center Technical Specialist, Microsoft, started his computer endeavors during high school, programming in COBOL, RPG and Basic. After serving in the US Marines, Christopher started out his professional computer career in public education doing technology integration. In 1994, Christopher received his first Microsoft Certified Professional designation under Windows 3.51. Through the years, Christopher has attained various certifications and achievements such as MCSE, MCTS, MCT, MVP and ITIL Foundation v3. In 2007, he was awarded the Management Insider Top Gun Award. Christopher recently coauthored Mastering System Center Configuration Manager 2007 R2 by Sybex.

 

 

 

Past Conferences: 2003   2004   2005   2006   2007  2008  2009  2010  2011  2012  2013