Tuesday, Sept. 27, 2022
Nebraska Innovative CampusConference Center
2021 Transformation Drive
8 a.m.-4 p.m.
Doors open at 7:30 a.m. for check-in
Registration is closed.
In today’s world, we rely on technology and the Internet for a variety of transactions, communication and
– at home, in school and at the workplace. While we are familiar with the myriad of conveniences provided
Internet use, it is difficult to stay abreast of all the changes and the potential risks presented by the
We are all “virtual neighbors” in cyberspace, and what we do, or don’t do, can affect many others.
The Nebraska Cyber Security Conference will assist in raising our awareness of cyber security and help in
all of us in cyberspace. If we do our part individually, we can have a tremendous positive impact collectively
our state’s cyber security.
This will be valuable time learning from skilled industry experts. The day will be filled with a variety of
sessions that will encompass different areas of information security and technology.
Sign me up for notifications and updates!
Nebraska Innovation Campus (NIC) Conference Center
2021 Transformation Drive, Lincoln NE
First Floor Map (PDF)
Second Floor Map (PDF)
Please review the Parking Information for all of the parking options around the Conference Center.
Managing Director, Global Government Services & Insider Threat Risk Solutions, MandiantJon is a seasoned security leader with more than 25 years of experience helping organizations become more resilient to attacks orchestrated by foreign governments, organized criminal groups, and insider threats. Jon serves as the Global Government Senior Executive to Mandiant’s multi-lateral partnerships and Pinnacle clients. Jon leads operations, strategy and solutions for our global partners. Jon leads the Insider Threat risk offerings for Mandiant, globally. He is regarded as a trusted advisor who coaches boards and executives on how to measure and manage enterprise risk. He regularly speaks at industry conferences and advises journalists on cybersecurity matters. Jon is a member of the Geneva Dialogue on Responsible Behaviour in Cyberspace and the Global Forum on Cyber Expertise. He is the founder of Mandiant's Elevate program to advance women in IT security into senior leadership and Board positions.
Are You Prepared for a Cyberattack?
Presenters: Kyle Wacker & Ben Bowman, Heartland Business SystemsThere will be a brief description of Cyber Security issues and Top 10 areas for concern.
Experience Level: Beginning, Intermediate, Advanced
CMMC 2.0 - Understanding the Cybersecurity Maturity Model Certification
Presenter: Jon O'Keefe, Logical OperationsThe Cybersecurity Maturity Model Certification should already be on your radar, whether you are currently a
member of the Defense Industrial Base as a business, or you are evaluating your career options in cybersecurity as
you enter the workforce. This wide sweeping cybersecurity ecosystem will be impacting almost all businesses starting
in 2023, and it has the potential to unlock millions of careers! In this presentation, we will cover the basics of
CMMC, how the transition from CMMC 1.0 to 2.0 has broadened the scope and career potential of the CMMC ecosystem,
and how you can unlock your potential by getting involved in CMMC. For business owners, you’re going to see exactly
how you can start getting ready for CMMC, and who inside your organization is going to be responsible for making
sure you can continue to bid on Federal Contracts. Anyone can benefit from learning about the Cybersecurity Maturity
Model Certification, from C suite down to the graduating cybersecurity student.
Experience Level: Beginner, Intermediate
Cyber Incident Response Planning: Developing a Plan that Works
Presenter: AmyLynn Creaney, State of NebraskaHave you been tasked with developing a cyber incident response plan, or have you inherited the responsibility
of updating an existing plan after a cybersecurity incident or audit? Developing an effective cyber incident
response plan can be challenging and seem overwhelming. When people reach out to me for planning support, I’m often
asked the same three questions; “where do I start,” “what needs to be included" and “do you have a template?”
Developing a response plan using a template seems like an easy professional life hack. Unfortunately, templates
alone do not make effective plans. I’ll break down the planning process and highlight techniques for developing a
cyber incident response plan that works and conforms with federal guidelines (i.e., NIST). I’ll cover key planning
decisions-points that impact the effectiveness of the plan and how to avoid planning pitfalls like scope creep. And
yes, I’ll provide an outline to assist with organizing your cyber incident response plan.
Experience Level: Beginning, Intermediate
Cyber Tatanka Panel Discussion
Panel: Jim Anderson, City of Lincoln, Ryan Carlson, National Guard, Mathew Field, National Guard,
Dustin Thorne, LES, Dana Turner, Union Bank and Trust, Patrick Wright, State of NebraskaFor the first time in Nebraska different levels of government, the military and critical private sector
verticals came together for a cyber red team/blue team exercise in order to validate proficiency of cyber response
though interactive training in a controlled environment, establish coordination and strengthen the defensive
postures for government, businesses and infrastructure in Nebraska. This panel is an after action review to discuss
lessons learned and to start the conversation for the next event.
Cyber Threats and FBI Cyber Investigations
Presenter: Alex Herman, FBICyber Security updates and investigations from the Federal Bureau of Investigation.
Ethical Compliance: A Topic of Titanic Proportions
Presenter: Karla Carter, Bellevue UniversityCompliance is part of the cybersecurity environment. It's ethical to be in compliance, but mere compliance may
not be ethical. Come, sit with us and learn why mere compliance is not enough. (A large proportion of cybersecurity
roles are in the GRC space and until we have "Jason Bourne: The Auditor Supremacy" or Jack Rhysider devotes an
entire Darknet Diaries episode to a thrilling compliance audit this talk will have to do its part to bring wit and
entertainment to the topic of compliance.)
Experience Level: Beginner, Intermediate, Advanced
Exercise Your Plans: Using Tabletops to Manage Risk
Presenter: Dana Turner, Union Bank and TrustTabletop exercises are an effective and inexpensive way to test how your organization will respond to crises
ranging from natural disasters and pandemics to cyber-attacks. These exercises should not only be used to improve
your company's response procedures, but they should be a part of your overall risk management strategy. In this
session, you will be provided with the steps and guidelines for planning and executing an effective tabletop
exercise as well as given information on different national level exercises that are available for your company
Experience Level: Beginner
Implementing Role-Based Network Access Control
Presenters: Matthew Long, Phil Redfern & Neil Brown, University of NebraskaThe University of Nebraska had a unique opportunity to re-invent its network from the ground up. Hear how the
team implemented a new role-based network solution for three campus locations, including improving security and
installing new network infrastructure in eight months.
Experience Level: Intermediate, Advanced
National Cyber Security Awareness Month and DHS Cyber Security Services
Presenter: Geoff Jenista, Department of Homeland Security/Cybersecurity and Infrastructure
SecurityNCSAM topics and DHS Security programs which coordinate cyber preparedness, risk mitigation and incident
Out of Sight, Out of Control: Asset Intelligence
Presenter: Mike Bimonte, ArmisThis presentation will take you through managing IT asset tracking. Uncover risks and learn tools to control
your IT inventory.
“We’ve Been Hit”: Cyber-Attacks Targeting Manufacturing and Utility Infrastructures and Priorities
Presenter: Keith Mandachit, Huffman Engineering Inc.Cyber attacks are on the increase and infrastructure systems are a hot target. This Nebraska case study will highlight a ransomware cyber-attack Huffman Engineering helped get back online and discuss opportunities to mitigate risk through prioritization.
Experience Level: Intermediate
Zero Trust Internet - The Silver Bullet
Presenter: Michael Rider, Menlo SecurityGovernment guidance on Zero Trust Security Architecture is gaining momentum, but changes in how we work
(remote teleworking) and evolving cyber threats HEATing up will continue to impact Zero Trust guidance. Today’s
threat landscape means that private and public sector organizations can no longer rely on their users or on
detection-based security tools to protect their users, critical data and systems from attacks. Rather than trying to
identify threats as malware after they’ve breached the perimeter, Zero Trust Internet works by routing all web
traffic through a cloud-based remote browser before delivering only safe content to the endpoint. It doesn’t matter
if the web content is good or bad, categorized or uncategorized—Web Isolation Platforms should adopt Zero Trust
principles by assuming that all content is malicious and treating it accordingly. This guarantees that no web-borne
threat ever reaches the end user.
Experience Level: Beginner, Intermediate, Advanced
ZTNA with ClearPass
Presenter: Travis Thompson, Aruba NetworksZero Trust Network Access is the new frontier of edge security. Join Aruba Network for a discussion on the
dual facets of network identity management and network access control.
Experience Level: Beginner, Intermediate
Jim Anderson, City of Lincoln
- Cyber Tatanka Panel
ArmisMike Bimonte brings a diverse perspective to Armis as the CTO for SLED, with more than 30 years of IT
experience in both Public and Private sector roles. Most recently Mike came to Armis from his role as Deputy
Commissioner with the New Yor City Dept. of Information Technology and Telecommunications (DoITT). He spent close to
20 years modernizing, consolidating and transforming DoITT into a world class service provider for both City
agencies and the 8+ million residents of New Yor City. His ability to relate with public sector clientele based on
real life experiences and provide his own unique perspective has proven invaluable to State and Local governments
across the globe. Prior to his role with the City of New York, Mike spent time in the Financial Services industry
and with the Federal Bureau of Investigation. Mike is a native New Yorker, born and raised in New York City and now
resides in New Jersey with his family.
- Out of Sight, Out of Control: Asset Intelligence
Ben Bowman, Heartland Business Systems
- Are You Prepared for a Cyberattack?
Neil Brown, University of Nebraska
- Implementing Role-Based Network Access Control
Karla Carter, Bellevue
UniversityKarla Carter is an Associate Professor of Cybersecurity in the College of Science and Technology at Bellevue
University, in Bellevue, NE. Armed with an MS in Cybersecurity, Security+ and SANS Security Awareness Professional
certifications, and drawing on more years than she should admit to of information technology experience, she teaches
undergraduate and graduate courses in cybersecurity operations, social engineering and human factors, security
awareness, web security, technology ethics, and—in a plot twist you didn't see coming—occasionally history and
civics. She is curious, intense and irreverent, and has never met a dad joke she didn't laugh at.
- Ethical Compliance: A Topic of Titanic Proportions
Ryan Carlson, National Guard
AmyLynn Creaney, State of
NebraskaAmyLynn Creaney is the Enterprise Continuity Manager for the State of Nebraska, serving since 2016. She is a
certified Master Business Continuity Professional through the Disaster Recovery Institute International and the
recipient of an honorary “Admiralship” from Governor Ricketts for her excellence in leadership in response to the
AmyLynn’s consultation and planning support led the Nebraska Office of the Chief Information Officer to be recognized
by the Digital States Survey for the team's outstanding work in the category of Disaster Recovery and Continuity of
Operations in 2020.
AmyLynn brings extensive professional experience in all aspects of emergency management and is recognized for her
effective management of planning projects to develop all-hazard operations plans, continuity of operations plans and
disaster recovery plans.
She previously served as a government contractor providing EM/HS capabilities analysis, operational planning and
incident response support to Commander, Navy Region Midwest and FEMA Region 5 (Chicago, IL).
- Cyber Incident Planning: Developing a Plan that Works
Mathew Field, National Guard
Alex Herman, FBI
- Cyber Threats and FBI Cyber Investigations
Geoff Jenista, Department of Homeland
Security/Cybersecurity and Infrastructure SecurityMr. Jenista serves as the Regional Cyber Security Advisor for Region VII (IA, KS, MO, and NE) for the
Cybersecurity & Infrastructure Security Agency (CISA), Integrated Operations Division. Based in Kansas
he supports the Department of Homeland Security's (DHS) mission of strengthening the security and resilience
nation's critical infrastructure. His programs coordinate cyber preparedness, risk mitigation and incident
He provides Cyber Security resource briefings, Cyber Security assessments and Incident Response planning to
nation's 16 critical infrastructure sectors and state, local, tribal, and territorial government entities.
- National Cyber Security Awareness Month and DHS Cyber Security Services
Matthew Long, University of
NebraskaMatthew is the ISO & Senior Security Architect for the University of Nebraska System. The system
campus locations in Kearney, Lincoln and Omaha as well as numerous Research Centers and Extension sites
the state. The user population consists of 51,000+ students and 16,000+ staff while the environment consists
10,000+ access points and 2,300+ switches located in 325+ buildings across 41 different locations. Matthew
presented on a range of security related topics over the last few years.
Keith Mandachit, Huffman Engineering Inc.Keith Mandachit serves on Huffman Engineering’s Leadership Team in the role of Engineering Manager. He has worked on projects for customers ranging from pharmaceutical production and packaging to food handling, upgrade on both industrial and utility production facilities. He has extensive training in Rockwell, Schneider and Siemens products and their application integrating full industrial and utility production facilities and synchronizing plant intelligence and data analytics. His expertise is in designing and creating operator interface screens for several different platforms, designing and programming PLCs, and his ability to train customer personnel on complicated systems is second to none.
As the Engineering Manager at Huffman Engineering, Inc. Mandachit leads the entire engineering team, managing project oversight, training and development, internal IT oversight and coordination of technical resources. He has developed and implemented intranet tools allowing enhanced sharing opportunities for project management, human resources, and engineering information. His exceptional mind for Making Ideas Work, the more challenging the better, make him a sought-after resource to some of the biggest global names in the pharmaceutical and life science world.
Mandachit lead the development of a state-of-the-art training and testing room at Huffman Engineering’s facility, which supports customer demonstrations, new engineer and student co-op training, and project team testing and checkout capabilities.
- “We’ve Been Hit”: Cyber-Attacks Targeting Manufacturing and Utility Infrastructures and Priorities
Jon O'Keefe, Logical OperationsAs the Technology Education Jedi at Logical Operations, Jon is responsible for the design, development
delivery of LO’s emerging technology and cybersecurity courseware portfolios and certifications. He is
overseeing LO’s CMMC program, where Logical Operations is a Licensed Partner Publisher in the CMMC ecosystem
has authored CMMC Authorized Training Materials. He routinely speaks on cybersecurity and data science at
conferences across the globe. He has more than 20 years of experience in IT and Education. He holds a
Education Theory and Policy with an emphasis on Curriculum design. He also is a Master Modern Classroom
Trainer (MCCT) and Master Certified Virtual Educator (CVE) and has helped more than 6,000 trainers and K-12
educators in virtual instruction techniques. He has a passion for storytelling and film and is always
the latest and greatest technologies. If you want to win at bar trivia, he is your go to guy.
- CMMC 2.0 - Understanding the Cybersecurity Maturity Model Certification
Phil Redfern, University of Nebraska
Michael Rider, Menlo SecurityMike Rider is a Senior Federal Systems Engineer with Menlo Security. Mike has been working in the
Defense IT / Cyber Security space for more than 21 years, with most of that time spent serving as an
Systems Technician and a Cryptologic Warfare Officer in the US Navy and US Navy Reserve for nearly 21 years.
his noteworthy military assignments include tours at the National Security Agency, U.S. Strategic Command,
House Communications Agency, and Joint Special Operations Command. Prior to joining Menlo Security in
Mike worked at Tanium for two years and Forcepoint/Websense for seven years. At both companies, he held
Sales Engineering and Technical Account Management supporting Federal customers (DoD, IC, FedCiv).
- Zero Trust Internet - The Silver Bullet
Travis Thompson, Aruba NetworksTravis Thompson is a Consulting System Engineer for Aruba Networks covering the Great Plains area. A
Chief Security Officer at LightEdge Solutions, Travis has been actively involved in security/networking
implementation for more than 25 years working both in the partner community and at the service provider
has extensive experience building and deploying comprehensive wired, content delivery and wireless network
environments. Following his partner career Travis turned his sights to data center design and management
the lead designer for two data center build outs with LightEdge Solutions. Travis is uniquely poised to have
and participated in numerous network transitions over the span of his career. Building and designing end to
secure networks for some of the largest customers in the Midwest, Travis is pleased to be able to present on
latest trends both in networking and the intelligent network edge and core.
- ZTNA with ClearPass
Dustin Thorne, LES
Dana Turner, Union Bank and TrustDana Turner, CISSP, is addicted to everything Infosec and has been since before it was cool. He has
35 years’ experience in IT and Information/Network Security and is the Network Security Officer for Lincoln,
NE-based Union Bank and Trust Company. Dana is passionate about helping to align IT with business
effectively managing risk and meeting compliance requirements. He also leads the Cyber Security incident
team at UBT guided by his past experiences and training in incident and crisis management as a first
an information security practitioner and IT geek, Dana enjoys giving back to the community by volunteering
technical and/or information security advisory capacity for various non-profit organizations. Most recently
currently he serves alongside his wife Candie with Wheels 4 Warriors USA, an organization dedicated to
tide of veteran suicides by helping to facilitate motorcycle therapy for our at risk vets.
- Exercise Your Plans: Using Tabletops to Manage Risk
- Cyber Tatanka Panel
Kyle Wacker, Heartland Business SystemsKyle Wacker has more than 20 years of IT experience. He is currently the Director of Enterprise
Risk Management at Heartland Business Systems in Dallas County, Iowa. A graduate of St. Ambrose University
Davenport, Iowa, he has a bachelor’s degree in Computer Networking & Communications. His experience
Cisco/Aruba Networking, wireless, security, designing/deploying secure network/data center architectures.
a 10+ year CCIE veteran in lead security practice in governance, risk and compliance/incident response, pen
vulnerability testing and more.
Patrick Wright, State of Nebraska
Sponsors will each have a table and two chairs. Electrical is available, but you must bring your own
Presenters are already given complimentary access, so your ticket allotment does not need to include any
presenters that are coming with you.
A list of attendees who opt-in to have their information shared with sponsors will be sent after the event.
Premier table location just outside the banquet hall and auditorium
Two complimentary tickets to the conference
Platinum sponsors will be placed in the main entrance breakout room hallway
Two complimentary tickets to the conference
Gold sponsors tables will be in the south breakout room hallway
Two complimentary tickets to the conference
"The speakers were able to relate the topics to things I work on daily and provided some great resources I wasn't already using."
"The breakouts this year were fantastic!"
"The value of the conference is great - local, affordable, and full of relevant content."
"Excellent conference, this is the second time I have attended."
"I liked the push and pull between the morning speaker and the lunch speaker. It was a nice experience to see info presented from both sides of the fence so to speak."
"Great to see so many in the state finally concerned with security."
"I greatly appreciated the ability to keep up on the latest trends in Cyber Security as well as the networking with peers."
"The variety of topics covered by presenters was astounding. You could get as technical or non-technical as you liked, and still received relevant security content."
"There were many new things to learn about."
"Another great conference."
Patrick WrightState of Nebraska Office of the CIO
Lora IvesSoutheast Community College
800-828-0072, ext. 2714
July-December 2022 Workforce
Your Path to Personal & Professional Development