Cyber-attacks have increased dramatically over the last few years. The Massachusetts Public Sector Cybersecurity Summit provides an opportunity for government technology professionals to learn about the latest efforts to defend, respond and recover from cyber criminals who wish to do harm. The Summit will include cybersecurity leaders from state and local government throughout Massachusetts.
After years of successful partnership with Government Technology, I’m excited to join our state partners to offer the first Cyber Summit for both Commonwealth agencies and our municipalities to convene and advance our shared goals of cyber resiliency and secure digital experiences for our residents. The panels and networking opportunities will allow us to share and expand our base of knowledge while connecting with like-minded public sector professionals facing the same challenges. We all have much to learn from each other and I hope to see you there!
– Jason Snyder, Secretary, Executive Office of Technology Services and Security, and Chief Information Officer of the Commonwealth of Massachusetts
Wednesday, October 30 |
|
8:00 am Eastern |
Registration and Morning Refreshments in the Exhibit AreaCabot Jr. Ballroom |
9:00 am Eastern |
Opening Remarks and Cybersecurity UpdateGrand BallroomDon Chamberlain, Chief Operating Officer & Assistant Secretary for Security and Operations, Executive Office of Technology Services and Security, Commonwealth of Massachusetts Tony O'Neill, Chief Information Security Officer and Chief Risk Officer, Executive Office of Technology Services and Security, Commonwealth of Massachusetts Jason Snyder, Secretary of Technology, Executive Office of Technology Services and Security, Commonwealth of Massachusetts |
9:30 am Eastern |
Keynote – Inside the Hacker's Playbook: Learning from Attackers to Optimize DefensesGrand BallroomHackers and bad actors have become more sophisticated than ever. Understanding how they operate and approach the attack vector is crucial to understanding the complexities of a potential cyber-attack. In this session, ethical Hacker Mishaal Khan will walk us through a cyber battle - exploring each layer of an attack from the perspective of both the attacker and defender. Join us as we discuss best practices to enhance our security posture while providing actionable insights to fortify your defenses. Mishaal Khan, Ethical Hacker, Author and Speaker |
10:30 am Eastern |
Networking Break in the Exhibit AreaCabot Jr. Ballroom |
11:00 am Eastern |
Concurrent SessionsSmart Threats, Smarter DefensesGrand BallroomEffective threat detection is crucial for safeguarding public sector organizations. But to enhance threat detection capabilities, we must improve incident response strategies and stay ahead in the ever-changing cybersecurity landscape. This session examines the latest advancements in threat detection, emphasizing the importance of intelligence sharing and incident reporting for creating a unified defense. We'll also consider the two dimensions of AI: how it is reshaping the threat landscape by enabling more complex attacks and simultaneously empowering defenders with advanced detection capabilities. Moderator: Tracy Sullivan, Director of Municipal Information Systems, Town of Weston Steve Mirarchi, Assistant Director, Security Operations Center, Executive Office of Technology Services and Security, Commonwealth of Massachusetts Dan Radke, Specialist Master, Deloitte Dynamic Adversary Intelligence (DAI) Jeffrey Wheat, Chief Technology Officer, Lumu Technologies Stronger Together: The Power of Collaboration and Communication in CybersecurityConference Room AB, Executive FloorEffective cybersecurity requires collaboration across all levels of government. This isn't the old way of handling cyber threats with isolated teams working behind closed doors. Instead, it demands a whole-of-government approach where state and local governments work together proactively, using shared models to combat the ever-increasing and evolving cyber-attacks. This session explores the vital resources and partnerships that can help keep everyone safe, emphasizing the importance of teamwork and communication in building a resilient cybersecurity strategy. Moderator: Tony O’Neill, Chief Information Security Officer and Chief Risk Officer, Executive Office of Technology Services and Security, Commonwealth of Massachusetts Colby Cousens, Chief Information Officer, Town of Danvers Susan Noyes, Director, Office of Municipal and School Technology, Executive Office of Technology Services and Security, Commonwealth of Massachusetts Jason Wright, Senior Practice Lead, GPS Mandiant Consulting, Mandiant, Google Public Sector External Allies, Internal Security: Managing Third-Party RisksSuffolk, 2nd FloorIn today’s interconnected environment, public sector organizations increasingly rely on third-party vendors for various services and solutions. However, with these partnerships come risks that must be carefully managed to protect sensitive data and maintain operational integrity. How do you safeguard your organization while leveraging the benefits of third-party collaborations? This session covers strategies for effective consequence management and mitigation. Moderator: Don Chamberlain, Chief Operating Officer & Assistant Secretary for Security and Operations, Executive Office of Technology Services and Security, Commonwealth of Massachusetts Tina Smith, Chief Information Security Officer, Executive Office of Public Safety & Security, Commonwealth of Massachusetts Naomi Ward, Manager Vendor Risk Management, Executive Office of Technology Services & Security, Commonwealth of Massachusetts Lisa Wymer, Deputy Director, Information Technology Risk & Compliance, Massachusetts Bay Transportation Authority |
12:00 pm Eastern |
LunchGrand Ballroom Foyer |
12:45 pm Eastern |
Spotlight Conversations - Resources at the Ready!Grand BallroomJoin us for a fast-paced, resource-packed session that will equip your agency with the tools and strategies needed to enhance your cybersecurity posture. We'll spotlight key resources available to organizations of all sizes and discuss simple steps to elevate your cyber maturity. Learn how to effectively leverage organizations like MS-ISAC and CISA to prepare and defend against cyber threats. This conversation is designed to provide actionable insights and practical advice to help your agency stay secure. Moderator: Phil Bertolini, Senior Vice President of Events, Government Technology Elijah Cedeno, Regional Engagement Manager, MS-ISAC Joseph Flores, Massachusetts Cyber Security Advisor, Cybersecurity and Infrastructure Security Agency, U.S. Department of Homeland Security |
1:05 pm Eastern |
Short BreakPlease proceed to the concurrent sessions. |
1:25 pm Eastern |
Concurrent SessionsIdentity Under SiegeGrand BallroomIdentity is often the first line of defense against cyber threats. However, as attacks targeting identity become increasingly sophisticated, we must continuously upgrade our defensive strategies to stay ahead. This session delves into the evolving tactics used by cyber adversaries to exploit identities and the critical importance of Multi-Factor Authentication (MFA) and advanced authentication methods. We will explore various forms of authentication, discuss real-world examples of identity attacks, and provide actionable strategies to fortify your organization's defenses. Moderator: Lucia Acobo, Deputy Chief Information Security Officer, Office of Enterprise Risk Management, Executive Office of Technology Services & Security, Commonwealth of Massachusetts Adam E. Badik, Esq., Deputy Chief Privacy Officer & Special Counsel, Executive Office of Technology Services and Security, Commonwealth of Massachusetts Gretchen Grozier, Director of Identity & Access Management, City of Boston Roy Wattanasin, Information Security Officer, Massachusetts Institute of Technology The Human Side of Cyber: Strengthening Security in the Age of Evolving ThreatsConference Room AB, Executive FloorTraditional cyber training is becoming increasingly irrelevant, and we need a new approach that emphasizes psychology and anticipates the current tactics of cyber adversaries. How do you train users effectively in this new landscape? What specific skills are required to combat modern threats like spoofed websites, phishing emails, and deepfake technology? This session considers the intersection of human behavior, cybersecurity, and training, and will help you build a resilient defense strategy that evolves to emerging threats. Moderator: Matthew Whitten, Chief Information Security Officer, Executive Office of Energy and Environmental Affairs, Commonwealth of Massachusetts Christopher Byrne, Director of Security Operations Services, Security Operations Center, Executive Office of Technology Services and Security, Commonwealth of Massachusetts Jenna Tombolesi, Director of Systems Engineering, SLED, Fortinet Jarret Wright, Deputy Director and Chief Information Security Officer, Information Technology Department, Massachusetts Port Authority From Chaos to Control: Building Your Plan for RecoverySuffolk, 2nd FloorIn the face of potential disruptions, it's vital for government organizations to shift their business continuity plan from a reactive mindset to a proactive approach. You must consider strategies for managing internal risk, maintaining operational resilience, and securing the continuity of essential services. This session investigates the importance of identifying and prioritizing critical tasks that must continue, regardless of which systems may fail. After this session, you’ll know how to think differently about conducting risk assessments. Moderator: Tony O’Neill, Chief Information Security Officer and Chief Risk Officer, Executive Office of Technology Services and Security, Commonwealth of Massachusetts Chris Daggett, Director of Managed Services and Security, HubTech Jenny Hedderman, Risk Counsel, Office of the Comptroller, Commonwealth of Massachusetts Greg McCarthy, Chief Information Security Officer, City of Boston Carla McKnight, Assistant Director Resiliency, Information Technology, Commonwealth of Massachusetts |
2:25 pm Eastern |
Networking Break in the Exhibit AreaCabot Jr. Ballroom |
2:45 pm Eastern |
Interactive Session – Real-World Cyber Attack Simulation: Preparing Defenders for the FrontlineGrand BallroomThere’s no substitute for real-world experience when it comes to preparing for cyber incidents. In an ideal world, analysts would be able to gain experience long before ever stepping foot into a Security Operations Center (SOC), but that simply hasn’t been the reality. This session offers a realistic cyber-attack tabletop exercise, immersing attendees in the intensity and dynamics of an actual attack. By engaging in this scenario, participants will develop the skills and confidence needed to respond effectively when real cyber threats occur. Join us to gain the critical experience that can make all the difference in a high-stakes environment. Phil Bertolini, Senior Vice President of Events, Government Technology John Petrozzelli, Director, MassCyberCenter Meg Speranza, Resiliency Program Manager, MassCyberCenter |
3:45 pm Eastern |
Networking Reception in the Exhibit AreaCabot Jr. BallroomNetwork with your colleagues and discuss technology solutions with the event exhibitors. |
4:15 pm Eastern |
End of ConferenceConference times, agenda, and speakers are subject to change. |
100 Cabot Street
Needham, MA 02494
(781) 444-1110
Nicholas Butts
Outreach Manager
MassCyberCenter
Donald Chamberlain
Assistant Secretary & Chief Operating Officer
Executive Office of Technology Services and Security
Commonwealth of Massachusetts
Brian Gavioli
Detective Lieutenant, Commonwealth Fusion Center
State Police
Commonwealth of Massachusetts
Jenny Hedderman
Risk Counsel
Office of the Comptroller
Commonwealth of Massachusetts
Greg McCarthy
Chief Information Security Officer
City of Boston
Matt Moran
Assistant Secretary & Chief Engagement Officer
Executive Office of Technology Services and Security
Commonwealth of Massachusetts
Thomas Myers
General Counsel & Chief Privacy Officer
Executive Office of Technology Services and Security
Commonwealth of Massachusetts
Anthony O'Neill
CISO & Chief Risk Officer
Executive Office of Technology Services and Security
Commonwealth of Massachusetts
Luigi Ottaviani
Chief Information Officer
City of Northampton
John Petrozzelli
Director
MassCyberCenter
Jessica Powers
Director of Internal Communications
Executive Office of Technology Services & Security
Commonwealth of Massachusetts
Carly Premo Melo
Director
Technology Services
City of Framingham
Scott Range
Law Enforcement Advisor
Executive Office of Public Safety and Security
Commonwealth of Massachusetts
Cheri Rolfes
Chief of Staff
Executive Office of Technology Services and Security
Commonwealth of Massachusetts
Jason Snyder
Secretary/Commonwealth CIO
Executive Office of Technology Services and Security
Commonwealth of Massachusetts
Tracy Sullivan
Director of Municipal Information Systems
Town of Weston
Susan Terrey
Deputy Secretary
Executive Office of Public Safety and Security
Commonwealth of Massachusetts
Dara Valcour
Multimedia Producer
Office of the Comptroller
Commonwealth of Massachusetts
Matt Whitten
Chief Information Security Officer
Executive Office of Energy and Environmental Affairs
Commonwealth of Massachusetts
Jarrett Wright
Chief Information Security Officer
Port Authority
Commonwealth of Massachusetts
2025 Sponsorship opportunities are available. For more information, contact:
Heather Earney
Government Technology
Phone: (916) 932-1339
E-mail: heather.earney@erepublic.com