Massachusetts Public Sector Cybersecurity Summit 2024 Banner

Overview

Cyber-attacks have increased dramatically over the last few years. The Massachusetts Public Sector Cybersecurity Summit provides an opportunity for government technology professionals to learn about the latest efforts to defend, respond and recover from cyber criminals who wish to do harm. The Summit will include cybersecurity leaders from state and local government throughout Massachusetts.

A message from our Keynote Speaker

After years of successful partnership with Government Technology, I’m excited to join our state partners to offer the first Cyber Summit for both Commonwealth agencies and our municipalities to convene and advance our shared goals of cyber resiliency and secure digital experiences for our residents. The panels and networking opportunities will allow us to share and expand our base of knowledge while connecting with like-minded public sector professionals facing the same challenges. We all have much to learn from each other and I hope to see you there!

– Jason Snyder, Secretary, Executive Office of Technology Services and Security, and Chief Information Officer of the Commonwealth of Massachusetts

Speakers

Jason Snyder

Jason Snyder

Secretary of Technology, Executive Office of Technology and Security Services, Commonwealth of Massachusetts

Jason Snyder is the Secretary of the Executive Office of Technology Services and Security. He was previously the Chief Technology Officer at Harvard University. He has more than 30 years of information technology experience in government, higher education and the private sector. He has worked at Harvard for almost ten years, as a Program Director for Identity & Access Management, as Managing Director of Architecture and Engineering, and as Chief Technology Officer since 2015. He served as Chief Technology Officer of the Commonwealth of Massachusetts for the duration of Governor Patrick’s tenure, and prior to that spent 13 years in the private sector at CSC Consulting Group. He's a graduate of Rensselaer Polytechnic Institute and lives in Reading.

More
Mishaal Khan

Mishaal Khan

Hacker, Author and Speaker

Mishaal is a highly respected figure in cybersecurity, with expertise in ethical hacking, Open Source Intelligence (OSINT), social engineering, and privacy. Mishaal's engaging approach involves live demos, making cybersecurity accessible and enjoyable, while his strength lies in rapidly enhancing organizations' security posture, saving time and budget.
As a virtual Chief Information Security Officer (vCISO), Mishaal secures organizations and provides executive-level consultancy to manage cyber risk and prevent breaches. His extensive experience and insights, detailed in his book "The Phantom CISO," showcase his journey from an entry-level position to a leadership role in cybersecurity. Mishaal, with certifications including CCIE, Certified Ethical Hacker, Certified Social Engineer, and Certified OSINT Professional, remains at the forefront of technology, contributing his time to shape the industry's future. With over two decades of experience, he is a sought-after speaker at premier conferences like DEF CON, Wild West Hacking Fest, and SANS.

More
Phil Bertolini

Phil Bertolini

Senior Vice President, Government Technology

Phil Bertolini is a senior vice president for Government Technology, the premiere event and thought leadership content provider for state and local government technology professionals. Previously, he served as deputy county executive and CIO for Oakland County, Michigan. During his 31-year tenure, Phil built a world-class IT organization in the second-largest county in Michigan, just north of Detroit. As Oakland County CIO, he oversaw more than 150 employees serving over 1.2 million residents. In 2005, he was also promoted to deputy county executive, holding dual positions until his retirement. Phil’s efforts earned the county national attention, winning numerous awards for technology innovation and excellence. He was named Governing Magazine’s Public Official of the Year and Government Technology Magazine’s Top 25 Doers, Dreamers & Drivers. He was also honored by the President Obama White House as a Champion of Change.

More
Elijah Cedeno

Elijah Cedeno

Regional Engagement Manager, Multi-State Information Sharing and Analysis Center (MS-ISAC)

Elijah Cedeno is a Regional Engagement Manager for the Multi-State Information Sharing and Analysis Center™ (MS-ISAC®), a division of the Center for Internet Security, Inc.®. He is a member of the Stakeholder Engagement team, which works with our nation’s State, Local, Territorial, and Tribal (SLTT) governments and public education institutions to provide free cybersecurity resources and services. Elijah manages the MS-ISAC® members in the East Coast/West Coast regions, supporting their overall cybersecurity posture.

More
Joseph Flores

Joseph Flores

Massachusetts Cyber Security Advisor, Cybersecurity and Infrastructure Security Agency, U.S. Department of Homeland Security

Joseph “Joe” Flores serves as the Massachusetts Cybersecurity Advisor (CSA) for the Cybersecurity and Infrastructure Security Agency (CISA).
CISA is an Agency within the U.S. Department of Homeland Security (DHS) that maintains 10 regional offices around the country. CISA CSAs champion cyber resilience through partnership engagement, consultation and cybersecurity assessments with the public sector and private companies that support the 16 critical infrastructure (CI) sectors. Currently, and for the past ten years, Joe has also been a member of the Air National Guard serving in both the National Capital Region and in New England. Joe has held previous positions as a Cyber Surety Technician and is currently a Cyber Warfare Operator (threat hunter) with the 102nd Cyberwarfare Squadron in Rhode Island.
Before moving over to the cyber advisor program, Joe served as the CISA New England Regional Protective Security Advisor. In this role, Joe worked across New England and in collaboration with the various Sector Risk Management Agencies to deliver support and assistance to CI sector partners through training, assessments, and security subject matter expertise.
Before joining CISA, Joe worked at the DHS Transportation Security Administration for twelve years in various roles both in the field and at headquarters. Most recently, Joe served as the Operations Section Chief of a national program of Transportation Security Specialists focused on aviation and surface security. During this time Joe was also selected for the Presidential Management Rotational Program and was able to support leadership in U.S. Department of Transportation with strategic planning and advisory services.
Before joining DHS, Joe started his path into a federal career by working as an analyst with the Department of the Navy and as a Security Specialist with the Department of State’s Diplomatic Security Service. In this role Joe was able to train Diplomatic Security Special Agents and contractors and supported the United Nation’s General Assembly in New York for three years as a coordinator for military special operations teams.
Joe started his career as an active-duty Airforce bomb technician and was stationed around the world in places like South Korea, Germany, and the Middle East.
As an academic, Joe received a Professional Leadership Certificate from American University, a Master’s in Business Administration (MBA) in Organizational Leadership from Johnson & Wales University and a Professional Science Master’s Degree in Cybersecurity from the University of Rhode Island. Joe holds ISC2 Certified Information Systems Security Professional (CISSP) and CompTIA Cybersecurity Analyst + (CySA+) certifications.

More
John Petrozzelli

John Petrozzelli

Director, MassCyberCenter

John began his career as an intelligence officer in the U.S. Air Force in 1998 and served in the Republic of Korea in 1999. In September 2001, while supporting C-17 missions, he deployed to Sicily to support forward operating bases during the initial phases of the US war in Afghanistan. He then deployed to Germany to provide intelligence for C-17 missions delivering humanitarian airdrops to starving Afghans.  John entered duty with the FBI as an Intelligence Analyst in 2004, where he assisted in the creation of the Connecticut Intelligence Center Fusion Center and with the FBI InfraGard public outreach program. While in New Haven, he also led the analytic review of computer hard drives related to the Babar Ahmad/Tooting Group international terrorism investigation. In 2007, John transferred to the FBI Boston Field Office. As an Intelligence Analyst, he supported Civil Rights and Public corruption investigations until becoming a Supervisory Intelligence Analyst supporting analysis over all criminal programs in 2010.
In 2013 John was a day shift intelligence supervisor during the Boston Marathon Bombing manhunt and led the computer forensic review of all subjects’ digital media. During the Marathon Bombing investigation and subsequent trial, John led the post processing analytical review of the Tsarnaev family’s digital media.  He wrote the initial digital analysis used in support of the Tsarnaev trial. He led the review of more than 33,000 emails, 120,000 photos, and 12,000 videos for the purposes of criminal discovery and trial preparation. He wrote over 50 reports, which were used in testimony to support Dzhokhar Tsarnaev’s eventual conviction.  In 2016 he earned a Master of Science in Information Security from Boston University and became FBI Boston’s Chief Security Officer.
Before joining the MassCyberCenter, John was the Director of Cybersecurity for Magna5's Boston Metro Area. He managed day-to-day operations of the company’s Security Operations Center. He managed endpoint and network protection, cybersecurity awareness training, and Security Information Event Management software. He developed cybersecurity plans and vulnerability assessments and ensured clients’ cybersecurity governance models followed best practices with frameworks like NIST/SOC2/PCI/CMMC. He delivered presentations to local companies and professional organizations.
John has been a featured speaker at the Massachusetts National Cyber Crime Conference and at the Microsoft Digital Crimes Community Conference in Vienna, Austria in 2016. He was a featured speaker at ThreatLocker Zero Trust World and the International Crisis Management Conference in 2023. He has delivered remarks locally at many universities and professional organizations.
He completed the 2017 Boston Marathon Tough Ruck, which was a 26.2-mile hike carrying 15-50 pounds in tribute to fallen military comrades and in memory of those victims of the Marathon Bombing. He is a proud father of three children.

More
Meg Speranza

Meg Speranza

Resiliency Program Manager, MassCyberCenter

Meg Speranza is the Resiliency Program Manager at the MassCyberCenter at the Massachusetts Technology Collaborative. She is responsible for improving the collaboration, transparency, and effectiveness of the Massachusetts cybersecurity ecosystem to foster ‘cyber resiliency’ across the Commonwealth’s key institutions and systems, including municipalities, businesses, critical infrastructure, and non-profit organizations.
Prior to joining the MassCyberCenter, Meg had a successful 25-year business career, managing product development for several global high-tech companies, owning and operating a small retail business in Hopkinton, MA, and overseeing educational fundraising before pursuing a career in cybersecurity. 
She holds a B.S. in Business Management from Babson College and a Master’s in Cybersecurity Policy and Governance from Boston College.

More
Don Chamberlain

Don Chamberlain

Chief Operating Officer & Assistant Secretary for Security and Operations, Executive Office of Technology Services and Security, Commonwealth of Massachusetts

Don Chamberlain is currently serving as the COO and Assistant Secretary for Security and Operations at the Commonwealth of Massachusetts Executive Office of Technology Services and Security. In that role, Don oversees IT operations and security, leading efforts to modernize, unify, and enhance end-user, network, telecom, and cybersecurity services and service delivery.
With nearly two decades of experience within the Commonwealth of Massachusetts, Don has held various leadership roles, demonstrating his expertise in service management, operations, and cybersecurity. He spearheaded initiatives to modernize IT service delivery models, defining clear goals, strategies, and measurements related to IT service management, championing a customer-first and service-oriented culture, developing enterprise-wide network, cybersecurity operations center, and end-user computing strategies, and implementing platforms for device discovery and configuration management. Don has led large teams focused on high-quality service delivery and world-class operations support. His strategic approach involves maintaining a deep understanding of customer business needs, fostering collaboration between internal teams, customers, and vendors, and driving systemic improvements into services.

More
Tony O’Neill

Tony O’Neill

Chief Information Security Officer and Chief Risk Officer, Executive Office of Technology Services and Security, Commonwealth of Massachusetts

Tony O’Neill is CISO and chief risk officer for the Commonwealth of Massachusetts. As the state’s lead IT agency, the executive team is responsible for planning, development, communications and implementation of the Commonwealth’s digital transformation, including enhancing data security, safeguarding privacy and improving service delivery to the end user. On an ongoing basis, he provides operational risk management for value creation and protection and serves as an advisor for organizational governance and leadership.

More
Colby Cousens

Colby Cousens

Chief Information Officer, Town of Danvers

Colby Cousens is a strategic IT leader responsible for the functionality and security of various municipal information technology and operational technology environments. A Co-Founder of the North Shore IT Collaborative, cybersecurity representative on the Northeast Homeland Security Regional Advisory Council, and an active member of the Cyber Resilient Massachusetts Working Group, Colby is committed to advancing the security posture of resource-challenged organizations in the Commonwealth.

More
Chris Daggett

Chris Daggett

Director of Managed Services and Security, HUB Tech

Chris is a highly skilled technology professional bringing 20+ years of IT experience to HUB Tech. He leads a successful Managed Services and Security program which has grown to be one of the top programs in the country. HUB’s Managed Services and Security program is focused on keeping our customers Connected, Managed, and Secured. Prior to HUB Chris has spent most of his career in the enterprise space working mostly in the financial vertical where he held various roles from solution architect to technology risk manager.

More

Gretchen Grozier

Director of Identity & Access Management, City of Boston

Gretchen Grozier is the Director of Identity & Access Management in the Department of Innovation & Technology at the City of Boston. Gretchen has worked in Identity & Access Management since the then CTO at the Commonwealth of MA "voluntold" her into an IAM project way back in 2010.  She has worked on the enterprise IAM team at Harvard University assisting with the rollout of both HarvardKey and HarvardKey Lite.  At the City of Boston, she led the award winning Access Boston program - an enterprise IAM implementation that has created a single user name and password for all of the City's workforce along with enforcing multi-factor authentication on all accounts.  The Boston IAM team is currently working on deploying a solution for City residents and vendors.  Gretchen believes that IAM is a cornerstone of any enterprise and that it can both help strengthen cybersecurity and provide better user journeys for end users when done well.

More
Jenny Hedderman

Jenny Hedderman

Risk Counsel, Office of the Comptroller, Commonwealth of Massachusetts

Jenny W. Hedderman Esq. is Risk Counsel in the Statewide Risk Management Team in the Massachusetts Office of the Comptroller.  Attorney Hedderman specializes in compliance, internal controls, and risk management in the areas of statewide accounting, payroll, financial reporting, and statewide financial audits for 154 state agencies. Her current focus is developing the Comptroller’s Statewide Risk Management program, including cybersecurity internal controls and cybersecurity awareness to reduce fraud and cyber incidents. Recent projects include the CTR Cyber Center website (macomptroller.org/ctr-cyber/) providing cybersecurity content, Cybersecurity Tips of the Week, CTR Cyber 5 Videos and other internal controls to improve financial responsibility and protection of data, assets and resources across the Commonwealth. Attorney Hedderman is Chair of the State Records Conservation Board, Secretary of the Essex Co-Operative Farming Association Board, as well as Adjunct Professor in Business Law at Endicott College and Cybersecurity and Privacy at Boston University Law School.

More
Greg McCarthy

Greg McCarthy

Chief Information Security Officer, City of Boston 

Greg McCarthy is the first Chief Information Security Officer for the City of Boston and career public servant. Since joining the City of Boston’s Cybersecurity Team in 2010, Greg has managed the implementation of numerous information security solutions, developed the City's first cybersecurity awareness program for employees and successfully enforced the use of multi-factor authentication for all employees. In his role, Greg continues to lead efforts to strengthen the cybersecurity capabilities across the City and further the team’s mission through modernizing technology, partnerships, and regular training. Greg is a cybersecurity leader and change agent who is focused on strengthening cybersecurity for the City of Boston and all municipal governments through partnership and collaboration. Greg is also the Co-founder and Co-Chair of the Coalition of City CISOs. Prior to joining the City of Boston, Greg spent seven years working at the Rhode Island Department of Corrections. Greg holds an undergraduate degree in Criminal Justice and a graduate degree in Information Assurance, both from Northeastern University. He has also earned a Certified Information Security Manager (CISM) certification from ISACA, graduate certification in Project Management from Boston University, and a Project Management Professional certification from the Project Management Institute.

More
Susan Noyes

Susan Noyes

Director, Office of Municipal & School Technology, Commonwealth of Massachusetts

Susan Noyes is the Director at the Office of Municipal and School Technology (OMST) at the Executive Office of Technology Services and Security (EOTSS) for the Commonwealth. She is responsible for overseeing the OMST staff, which administers the municipal cybersecurity awareness training grant (MCAGP) to public government organizations and the Cybersecurity Health Check services, provide guidance on technology needs and best practices and consults on common municipal challenges. Susan and her team advise municipalities and schools on the availability of the Community Compact Cabinet Grants and other partner resources, while also serving as the OMST liaison with the MA Tech Collaborative/CRMWG.
Susan joined EOTSS in January 2020 serving in the Office of Municipal and School Technology (OMST) as a Municipal and School IT Manager until October 2022. Prior to joining EOTSS, she served in municipal government for 15+ years, most recently as a municipal IT Director and prior to that in multiple municipal roles. Previous to joining the public sector, she had a successful career in the corporate high-technology field serving in Technical Support, Service Marketing and Professional Services Management capacities, both domestically and overseas. She holds an A.B.A. in Management from Newbury College.

More
Dan Radke

Dan Radke

Specialist Master, Deloitte Dynamic Adversary Intelligence (DAI)

Dan Radke is a cybersecurity researcher and developer with over 20 years of experience focused on threat intelligence, adversary hunting, and technology development. His career began as a military intelligence analyst, followed by roles in civilian and government agencies specializing in counterintelligence and offensive cyber operations. This foundation helped Dan master navigating complex adversarial landscapes and how intelligence can be effectively leveraged in offensive and defensive cyber strategies.
At Deloitte, Dan leverages this background to develop cutting-edge tools for adversarial pursuit, focusing on analytical capabilities, AI-driven penetration testing, threat analysis, and evaluating the effectiveness of threat intelligence solutions. His research into the evolving risks posed by generative AI technologies is helping to shape the future of intelligence capabilities and incident handling while empowering analysts with the tools they need. Dan’s work is driven by a strong sense of curiosity and the belief that effort and innovation openly conspire toward practical progress, continually bridging the gap between theory and real-world application.
Recognized for his thoughtful approach, Dan gets invited to speak at industry panels, sharing insights on the role of curiosity, effects of proper tools, hunt methodologies, and collaboration in cybersecurity. His work reflects a balance between academic rigor and the real-world need for practical, adaptable solutions to emerging threats.

More
Tina Smith

Tina Smith

Chief Information Security Officer, Executive Office of Public Safety & Security, Commonwealth of Massachusetts

Tina I. Smith is a seasoned Chief Information Security Officer based in Greater Boston, MA, with extensive experience in cybersecurity, risk management, and information security across both the public and private sectors.
Currently serving as the Chief Information Security Officer for the Commonwealth of Massachusetts Executive Office of Public Safety and Security (EOPSS), Tina leads strategic initiatives to enforce and strengthen cybersecurity policies to safeguard sensitive data across 12 public safety and security agencies.
She has successfully developed a comprehensive Information Security Program, within Public Safety and Security organization to align with frameworks such as NIST SP 800-53r5 and CIS / MS-ISAC, ensuring best practices in the space of governance, risk, and compliance (GRC) protocols.
Tina's leadership has been pivotal in designing and launching the EOPSS Cybersecurity Awareness Training Program, supporting over 38,000 agency business users. Additionally, she spearheads the monthly 'Cyber News You Can Use' bulletin, aimed at raising awareness and promoting cybersecurity best practices within the organization.
Prior to her role at EOPSS, Tina served as the Information Systems Security Officer for the Department of Veterans Affairs, where she oversaw the security of critical data, ensuring compliance with the Federal Information Security Management Act (FISMA). She has also held key roles at Manulife/John Hancock, where she managed third-party vendor risk assessments and provided expert guidance on regulatory compliance for systems security.
Tina holds an MBA from Kaplan University and is certified in several areas of cybersecurity, including Certified Ethical Hacker (CEH) and Certified in Risk and Information Systems Control (CRISC). Her technical expertise spans cloud computing, vulnerability management, incident response, and secure architecture, with proficiency in tools such as Tenable, Splunk, AWS Cloud, and Google Cloud. \
Throughout her career, Tina has been recognized for her ability to enhance security postures while reducing operational costs and risks to her business customers. Her forward-thinking approach continues to drive her success as a leader in cybersecurity.

More
Tracy Sullivan

Tracy Sullivan

Director of Municipal Information Systems, Town of Weston

[LinkedIn:https://www.linkedin.com/in/tracy-sullivan-6036ab13/

Tracy Sullivan is the Director of Municipal Information Systems for the Town of Weston, where she has served for 12 years. In her role, she oversees the development, implementation, and management of the town's technological infrastructure, ensuring seamless access to critical information systems and services for both municipal staff and the community. Tracy is committed to leveraging technology to enhance efficiency and service delivery in local government operations.

More
Jenna Tombolesi

Jenna Tombolesi

Director of Systems Engineering, SLED, Fortinet

Jenna joined the Upstate NY Fortinet team as a Systems Engineer, helping hundreds of K-12, higher-education, and government organizations achieve their cybersecurity goals. She currently leads the Upstate New York and New England public sector territory in doing the same. Prior to joining the Fortinet SLED team, Jenna supported over 2000 of Fortinet’s partners across the country.
Jenna also actively participates in the WiCyS (Women in Cybersecurity) program and Fortinet’s Women of Fortinet program as a mentor, with a firm belief that anyone interested in cybersecurity should be able to pursue it successfully.

More
Naomi Ward

Naomi Ward LinkedIn

Manager Vendor Risk Management, Executive Office of Technology Services & Security, Commonwealth of Massachusetts

Naomi Ward is the Commonwealth of Massachusetts expert in Third Party Risk Management. In her current role with the EOTSS-Enterprise Risk Management Office, she works closely with senior leadership to incorporate risk awareness into the process of decision-making. Her current responsibilities include conducting assessments, expanding third-party continuous monitoring programs, collaborating with Commonwealth Secretariate CISO’s, building relationships with key partners including StateRAMP, developing tools for enterprise risk management communication, and creating internal risk awareness.
Her background in executive level leadership and auditing combined with a high level of organizational communication skills drives her role in Enterprise Risk Management. She has 10 years of internal audit experience in both the public and private sectors.
Early in her career, she picked up the book by James P. Owen, The Code of the West. She attributes the 10 principles outlined in this book to her success as an ethical leader.
Naomi holds a comprehensive degree in Communications from Evangel University and a Master of Business Administration from Jones International University. She sits on the NASPO/StateRAMP taskforce committee. She is a member of the Third-Party Risk Association, ISACA, and the Advanced Cyber Security Center (ACSC).

More
Roy Wattanasin

Roy Wattanasin

Information Security Officer, Massachusetts Institute of Technology

Roy Wattanasin is a healthcare information security professional now working in academia. He is an avid speaker providing thought leadership at conferences/webinars including: DEFCON, Defcon Groups, HOPE, RSA, Infosec World, SecureWorld, ISMG, Security BSides etc. Roy enjoys building information security programs. He is involved with the Boston Application Security Conference (BASC), OWASP Boston, ISSA and other groups and is a member of multiple advisory groups. He was previously an adjunct faculty member at Brandeis University as part of the Health and Medical Informatics program & its co-founder. Roy has experience in many industries and has worked internationally too. “Think differently, do your homework and preparation is key.”  

More
Jeffrey Wheat

Jeffrey Wheat LinkedIn

Chief Technology Officer, Lumu technologies

Jeffrey Wheat is a seasoned cybersecurity expert with extensive experience in protecting organizations from sophisticated threats. As CTO at Lumu Technologies, Jeff specializes in strategically implementing continuous compromise assessment, providing deep insights into network vulnerabilities, and enhancing incident response. He is dedicated to educating businesses on the latest cyber threat trends and effective defense mechanisms

More
Matt Whitten

Matt Whitten

Chief Information Security Officer, Executive Office of Environmental Affairs, Commonwealth of Massachusetts

Matt Whitten is the Chief Information Security Officer at the Executive Office of Energy and Environment Affairs overseeing Cybersecurity, Information Security, and Microsoft 365 Administration. Prior to joining the Massachusetts Executive branch in 2016, Matt spent 12 years in the private sector in various roles at three different early-stage information security companies, all of which were acquired. Matt is the chairman of the Massachusetts Executive branch’s Cybersecurity & Vulnerability Management Subcommittee. Matt grew up in the Boston area and holds a Bachelor of Science degree from Suffolk University.

More
Jarret Wright

Jarret Wright

Deputy Director and Chief Information Security Officer, Information Technology Department, Massachusetts Port Authority

Jarret Wright has over 20 years of experience in security, intelligence, and risk in the public sector. As the IT Deputy Director and Chief Information Security Officer (CISO) at the Massachusetts Port Authority (Massport), Jarret oversees the IT Department’s mission to provide innovative, robust and secure information and telecommunication systems for employees, business partners and the traveling public. He previously served as Massport’s Deputy Director of Corporate Security and Emergency Preparedness, maintaining a safe and secure environment for employees and passengers.
Prior to joining Massport, Jarret worked at DHS’s Cybersecurity and Infrastructure Security Agency, advising senior public and private security leaders on crisis management, physical security, and business continuity. As a Senior Analyst at the National Counterterrorism Center (NCTC), Jarret authored intelligence assessments for both policymakers and tactical operators on terrorism matters, as well as serving as the NCTC Domestic Representative in the New England region. Jarret proudly served as a US Navy officer, deploying in support of combat operations in the Middle East and the Horn of Africa. Jarret has also worked as a Legislative Aide in the US Senate, covering foreign policy, military policy and veterans’ affairs.
Jarret holds a MS in Cybersecurity Policy and Governance, and a BA in History, both from Boston College.

More
Jason Wright

Jason Wright LinkedIn

Practice Lead, Mandiant, Google Public Sector

Jason Wright is a seasoned cybersecurity professional with 20+ years of frontline experience helping government organizations respond to and defend against cybersecurity incidents. Mr. Wright leads the Mandiant, Google Public Sector teams responsible for Incident Response and Red team services, as well as program development for clients across State, Local, and Education clients. Prior to Mandiant, Mr. Wright began his career working for the National Security Agency and then held lead roles in forensics and incident response at Parsons Corporations and Chiron Technology Services.

More
Lisa Wymer

Lisa Wymer LinkedIn

Deputy Director, Information Technology Risk & Compliance, Massachusetts Bay Transportation Authority

Lisa Wymer is the Deputy Director, IT Risk & Compliance at the MBTA where she has worked for the last 4 ½ years.  In her role, Lisa works with procurement to improve the vendor risk assessment review and monitoring process.  Lisa has expanded into AI Vendor Risk Assessment with her volunteer work as a voting member of the IEEE 3119 Subcommittee Standard for the Procurement of Artificial Intelligence and Automated Decision Systems. Lisa also is a Principal Investigator for the NIST AI Safety Institute Consortium working to develop additional vendor analysis and security controls for vendors with AI tools or components. Lisa holds a Masters in Cybersecurity Policy & Governance from Boston College.

More
View Speakers

Agenda

Wednesday, October 30

8:00 am Eastern

Registration and Morning Refreshments in the Exhibit Area

Cabot Jr. Ballroom

9:00 am Eastern

Opening Remarks and Cybersecurity Update

Grand Ballroom

Don Chamberlain, Chief Operating Officer & Assistant Secretary for Security and Operations, Executive Office of Technology Services and Security, Commonwealth of Massachusetts

Tony O'Neill, Chief Information Security Officer and Chief Risk Officer, Executive Office of Technology Services and Security, Commonwealth of Massachusetts

Jason Snyder, Secretary of Technology, Executive Office of Technology Services and Security, Commonwealth of Massachusetts

9:30 am Eastern

Keynote – Inside the Hacker's Playbook: Learning from Attackers to Optimize Defenses

Grand Ballroom

Hackers and bad actors have become more sophisticated than ever. Understanding how they operate and approach the attack vector is crucial to understanding the complexities of a potential cyber-attack. In this session, ethical Hacker Mishaal Khan will walk us through a cyber battle - exploring each layer of an attack from the perspective of both the attacker and defender. Join us as we discuss best practices to enhance our security posture while providing actionable insights to fortify your defenses.

Mishaal Khan, Ethical Hacker, Author and Speaker

10:30 am Eastern

Networking Break in the Exhibit Area

Cabot Jr. Ballroom

11:00 am Eastern

Concurrent Sessions

Smart Threats, Smarter Defenses

Grand Ballroom

Effective threat detection is crucial for safeguarding public sector organizations. But to enhance threat detection capabilities, we must improve incident response strategies and stay ahead in the ever-changing cybersecurity landscape. This session examines the latest advancements in threat detection, emphasizing the importance of intelligence sharing and incident reporting for creating a unified defense. We'll also consider the two dimensions of AI: how it is reshaping the threat landscape by enabling more complex attacks and simultaneously empowering defenders with advanced detection capabilities.

Moderator: Tracy Sullivan, Director of Municipal Information Systems, Town of Weston

Steve Mirarchi, Assistant Director, Security Operations Center, Executive Office of Technology Services and Security, Commonwealth of Massachusetts

Dan Radke, Specialist Master, Deloitte Dynamic Adversary Intelligence (DAI)

Jeffrey Wheat, Chief Technology Officer, Lumu Technologies

Stronger Together: The Power of Collaboration and Communication in Cybersecurity

Conference Room AB, Executive Floor

Effective cybersecurity requires collaboration across all levels of government. This isn't the old way of handling cyber threats with isolated teams working behind closed doors. Instead, it demands a whole-of-government approach where state and local governments work together proactively, using shared models to combat the ever-increasing and evolving cyber-attacks. This session explores the vital resources and partnerships that can help keep everyone safe, emphasizing the importance of teamwork and communication in building a resilient cybersecurity strategy.

Moderator: Tony O’Neill, Chief Information Security Officer and Chief Risk Officer, Executive Office of Technology Services and Security, Commonwealth of Massachusetts

Colby Cousens, Chief Information Officer, Town of Danvers

Susan Noyes, Director, Office of Municipal and School Technology, Executive Office of Technology Services and Security, Commonwealth of Massachusetts

Jason Wright, Senior Practice Lead, GPS Mandiant Consulting, Mandiant, Google Public Sector

External Allies, Internal Security: Managing Third-Party Risks

Suffolk, 2nd Floor

In today’s interconnected environment, public sector organizations increasingly rely on third-party vendors for various services and solutions. However, with these partnerships come risks that must be carefully managed to protect sensitive data and maintain operational integrity. How do you safeguard your organization while leveraging the benefits of third-party collaborations? This session covers strategies for effective consequence management and mitigation.

Moderator: Don Chamberlain, Chief Operating Officer & Assistant Secretary for Security and Operations, Executive Office of Technology Services and Security, Commonwealth of Massachusetts

Tina Smith, Chief Information Security Officer, Executive Office of Public Safety & Security, Commonwealth of Massachusetts

Naomi Ward, Manager Vendor Risk Management, Executive Office of Technology Services & Security, Commonwealth of Massachusetts

Lisa Wymer, Deputy Director, Information Technology Risk & Compliance, Massachusetts Bay Transportation Authority

12:00 pm Eastern

Lunch

Grand Ballroom Foyer

12:45 pm Eastern

Spotlight Conversations - Resources at the Ready!

Grand Ballroom

Join us for a fast-paced, resource-packed session that will equip your agency with the tools and strategies needed to enhance your cybersecurity posture. We'll spotlight key resources available to organizations of all sizes and discuss simple steps to elevate your cyber maturity. Learn how to effectively leverage organizations like MS-ISAC and CISA to prepare and defend against cyber threats. This conversation is designed to provide actionable insights and practical advice to help your agency stay secure.

Moderator: Phil Bertolini, Senior Vice President of Events, Government Technology

Elijah Cedeno, Regional Engagement Manager, MS-ISAC

Joseph Flores, Massachusetts Cyber Security Advisor, Cybersecurity and Infrastructure Security Agency, U.S. Department of Homeland Security

1:05 pm Eastern

Short Break

Please proceed to the concurrent sessions.

1:25 pm Eastern

Concurrent Sessions

Identity Under Siege

Grand Ballroom

Identity is often the first line of defense against cyber threats. However, as attacks targeting identity become increasingly sophisticated, we must continuously upgrade our defensive strategies to stay ahead. This session delves into the evolving tactics used by cyber adversaries to exploit identities and the critical importance of Multi-Factor Authentication (MFA) and advanced authentication methods. We will explore various forms of authentication, discuss real-world examples of identity attacks, and provide actionable strategies to fortify your organization's defenses.

Moderator: Lucia Acobo, Deputy Chief Information Security Officer, Office of Enterprise Risk Management, Executive Office of Technology Services & Security, Commonwealth of Massachusetts

Adam E. Badik, Esq., Deputy Chief Privacy Officer & Special Counsel, Executive Office of Technology Services and Security, Commonwealth of Massachusetts

Gretchen Grozier, Director of Identity & Access Management, City of Boston

Roy Wattanasin, Information Security Officer, Massachusetts Institute of Technology

The Human Side of Cyber: Strengthening Security in the Age of Evolving Threats

Conference Room AB, Executive Floor

Traditional cyber training is becoming increasingly irrelevant, and we need a new approach that emphasizes psychology and anticipates the current tactics of cyber adversaries. How do you train users effectively in this new landscape? What specific skills are required to combat modern threats like spoofed websites, phishing emails, and deepfake technology? This session considers the intersection of human behavior, cybersecurity, and training, and will help you build a resilient defense strategy that evolves to emerging threats.

Moderator: Matthew Whitten, Chief Information Security Officer, Executive Office of Energy and Environmental Affairs, Commonwealth of Massachusetts

Christopher Byrne, Director of Security Operations Services, Security Operations Center, Executive Office of Technology Services and Security, Commonwealth of Massachusetts

Jenna Tombolesi, Director of Systems Engineering, SLED, Fortinet

Jarret Wright, Deputy Director and Chief Information Security Officer, Information Technology Department, Massachusetts Port Authority

From Chaos to Control: Building Your Plan for Recovery

Suffolk, 2nd Floor

In the face of potential disruptions, it's vital for government organizations to shift their business continuity plan from a reactive mindset to a proactive approach. You must consider strategies for managing internal risk, maintaining operational resilience, and securing the continuity of essential services. This session investigates the importance of identifying and prioritizing critical tasks that must continue, regardless of which systems may fail. After this session, you’ll know how to think differently about conducting risk assessments.

Moderator: Tony O’Neill, Chief Information Security Officer and Chief Risk Officer, Executive Office of Technology Services and Security, Commonwealth of Massachusetts

Chris Daggett, Director of Managed Services and Security, HubTech

Jenny Hedderman, Risk Counsel, Office of the Comptroller, Commonwealth of Massachusetts

Greg McCarthy, Chief Information Security Officer, City of Boston

Carla McKnight, Assistant Director Resiliency, Information Technology, Commonwealth of Massachusetts

2:25 pm Eastern

Networking Break in the Exhibit Area

Cabot Jr. Ballroom

2:45 pm Eastern

Interactive Session – Real-World Cyber Attack Simulation: Preparing Defenders for the Frontline

Grand Ballroom

There’s no substitute for real-world experience when it comes to preparing for cyber incidents. In an ideal world, analysts would be able to gain experience long before ever stepping foot into a Security Operations Center (SOC), but that simply hasn’t been the reality. This session offers a realistic cyber-attack tabletop exercise, immersing attendees in the intensity and dynamics of an actual attack. By engaging in this scenario, participants will develop the skills and confidence needed to respond effectively when real cyber threats occur. Join us to gain the critical experience that can make all the difference in a high-stakes environment.

Phil Bertolini, Senior Vice President of Events, Government Technology

John Petrozzelli, Director, MassCyberCenter

Meg Speranza, Resiliency Program Manager, MassCyberCenter

3:45 pm Eastern

Networking Reception in the Exhibit Area

Cabot Jr. Ballroom

Network with your colleagues and discuss technology solutions with the event exhibitors.

4:15 pm Eastern

End of Conference

Conference times, agenda, and speakers are subject to change.

Sheraton Boston Needham Hotel

100 Cabot Street
Needham, MA 02494
(781) 444-1110

Get Directions To
Sheraton Boston Needham Hotel

Planning Committee

Representatives

Nicholas Butts
Outreach Manager
MassCyberCenter

Donald Chamberlain
Assistant Secretary & Chief Operating Officer
Executive Office of Technology Services and Security
Commonwealth of Massachusetts

Brian Gavioli
Detective Lieutenant, Commonwealth Fusion Center
State Police
Commonwealth of Massachusetts

Jenny Hedderman
Risk Counsel
Office of the Comptroller
Commonwealth of Massachusetts

Greg McCarthy
Chief Information Security Officer
City of Boston

Matt Moran
Assistant Secretary & Chief Engagement Officer
Executive Office of Technology Services and Security
Commonwealth of Massachusetts

Thomas Myers
General Counsel & Chief Privacy Officer
Executive Office of Technology Services and Security
Commonwealth of Massachusetts

Anthony O'Neill
CISO & Chief Risk Officer
Executive Office of Technology Services and Security
Commonwealth of Massachusetts

Luigi Ottaviani
Chief Information Officer
City of Northampton

John Petrozzelli
Director
MassCyberCenter

Jessica Powers
Director of Internal Communications
Executive Office of Technology Services & Security
Commonwealth of Massachusetts

Carly Premo Melo
Director
Technology Services
City of Framingham

Scott Range
Law Enforcement Advisor
Executive Office of Public Safety and Security
Commonwealth of Massachusetts

Cheri Rolfes
Chief of Staff
Executive Office of Technology Services and Security
Commonwealth of Massachusetts

Jason Snyder
Secretary/Commonwealth CIO
Executive Office of Technology Services and Security
Commonwealth of Massachusetts

Tracy Sullivan
Director of Municipal Information Systems
Town of Weston

Susan Terrey
Deputy Secretary
Executive Office of Public Safety and Security
Commonwealth of Massachusetts

Dara Valcour
Multimedia Producer
Office of the Comptroller
Commonwealth of Massachusetts

Matt Whitten
Chief Information Security Officer
Executive Office of Energy and Environmental Affairs
Commonwealth of Massachusetts

Jarrett Wright
Chief Information Security Officer
Port Authority
Commonwealth of Massachusetts

Registration Information / Contact Us

Contact Information

2025 Sponsorship opportunities are available. For more information, contact:

Heather Earney
Government Technology
Phone: (916) 932-1339
E-mail: heather.earney@erepublic.com

Venue

Sheraton Boston Needham Hotel

100 Cabot Street
Needham, MA 02494
(781) 444-1110