2023 IT Summit & Tradeshow Speakers

We have a terrific panel of speakers for this year's summit and tradeshow!


Keynote Speaker

Dr. Alice

Teeming with teams: collaborative work in an age of complexity

Dr. Alice "Pips" Veazey, Director, University of Maine Portland Gateway

Around the world, work is being done by distributed teams more than ever. Through this approach, organizations bring together resources to develop better solutions. Technology can enhance, support, or hinder these connections, so the associated design of the technological and human systems in concert with one another is critical for both makers and users of technology. The science of teams and collaborative work can improve how we think about the use of technology, especially in complex, knowledge-driven systems. Building on the keynote from 2022 around agility and resilience, this presentation will examine the latest findings from team science and explore ways to create more effective connections within and across organizations. The result for you? Better solutions to lead your organization to lower costs,and higher profitability!


Summit Workshop Speakers, Topics, Descriptions

View our complete list of confirmed speakers below with topics/descriptions on this page. Check back for updates. This year's Summit will feature 16 Workshops.


Workshop Schedule & with Descriptions

Workshop schedules are subject to change.

Click here, or the grid below, for the full Workshop Schedule with Workshop Descriptions [PDF]. 


Workshops by Primary/First Speaker Name


AI benefits and risks for the individual, business, and technology

Frank Appunn, InfraGard

A sober planning session and interactive discussion with the audience about the hundreds of new uses of AI at the individual, workgroup, and enterprise levels. This general-purpose technology will influence nearly everything.

Discussion will include specific examples of AI as a business tool, what is coming over the horizon in the next 5 years, and the risks of adoption and non-adoption of this technology. Finally, workable deployments, including machine-human collaboration, are considered.


Lessons from LastPass: beyond secure password management

Cheryl Biswas, TD Bank

We hear it all the time - secure your passwords best with an application dedicated to just that. LastPass is a popular password manager used by individuals and corporations. However, in 2022 it suffered two breaches, and only recently was the extent of the damage made known. An unknown attacker was able to take the literal keys to the kingdom, compromising everything stored in the LastPass vaults. This talk will share what has been made known so far as we walk through the details available on the attacks and examine the timeline of events and disclosures. It's important to note what came to light when, and how that changed the narrative. We will also examine the role played by BYOD, logging, and why we need to change with the times to detect behavioral anomalies.


From PCI 3.2.1 to 4.0: protecting your ability to accept payment cards

Jockel Carter

PCI SSC has published new regulations concerning the management of payment cards. There is a new approach and rules to follow. Depending on how important accepting payment cards is to your business you will want to understand the changes that are coming. Planning now for version 4.0 is critical.


End of life technology: security, environmental, regulatory & social impacts

Allen Cornwall, Give IT, Get IT

Attendees will learn about all of the different aspects of end of life technology, from a data security perspective, an environmental perspective, and compliance perspective with the Maine Department of Environmental Protection, that they likely are not aware they are required to do. The workshop will help answer some difficult challenges faced by businesses with their end-of-life technology, while educating them on others. The workshop will offer information on the nature of the recycling processes and what the real challenges in the world are; that “reuse” has an exponentially better impact on the environment; and that by solving their own problems they can help address digital inclusion needs.


Everything you never wanted to know about life science IT but have been forced to find out

Chris Dagdigian, BioTeam Inc.

A practitioner with 20+ years of hands-on experience will provide honest, blunt and practical insights covering key differences between Enterprise IT and Research IT with a content focus aimed at vendors, IT professionals, VARs, consultancies and sole practitioners who may be interested in sales or employment opportunities within research environments.


Bootstrap your Product Security with OWASP SAMM

John Ellingsworth, Security Principal, OWASP SAMM

Join us to discover how to strengthen your product security with the industry-leading maturity model for software assurance - OWASP SAMM 2.1. This presentation will help you understand how to utilize the framework to enhance your software product security with agility and assurance, regardless of your business's size.

With a focus on product security, you'll learn about the new features of SAMM 2.1, user community engagement and feedback, and the tools and resources available to you. You'll gain valuable insights into how to improve your software security through the OWASP SAMM Toolbox, Benchmark project, and mappings.

Don't miss out on this opportunity to take the first step in your software security journey and ensure that your products are secure, reliable, and resilient against evolving cyber threats!


Consoles, serial ports, KVMs, and more: what to do when the network is not enough to reach your systems

Bruce Hall, Network Administrator, Bates College
Karen McArthur, Senior Systems and Infrastructure Administrator, Bates College

Despite the ubiquity of ethernet and wireless, there are times - usually when a device is being initially set up or something has gone wrong - when a network cannot be used to connect your laptop to a server, router, switch, or some other device to fix a problem. This session will show how to connect using the lowly serial port or its more powerful cousin, the KVM.


Lurking in the shadows: common risks overlooked in your active directory

Christopher Haller, Director of Professional Services, Centripetal

This workshop will discuss six common misconfigurations and threats in Active Directory from an attacker’s mindset. This covers why these items are a risk, how to find them, and how to remediate them before an attacker exploits them. The workshop will also have stories about each of these threats in the field and how they were used to leverage access.


Untapped benefits of the Microsoft Power Platform and the complex problems getting solved

Jean Haskell, Sr. Programmer Analyst, Systems Engineering
Travis D. Hersom, Chief Information Officer, Baker Newman Noyes

The Microsoft Power Platform is an ideal development platform for companies with complex business problems but limited resources. Learn how the "low code" integrated Power Platform tools included with M365 and O365 are packaged together to help provide significant cost and time savings across your organization. This presentation will cover the following:

  • The real value proposition of using Microsoft Power Platform.
  • The best use cases for the Power Platform and pitfalls to avoid.
  • The misconception of low code development & what the process really looks like.
  • Premium licensing requirements and future considerations when implementing.


Beyond checklists and audits: mastering CMMC compliance in the real world

Jack Horgan, Security & Compliance Officer, Technology Solutions of Maine

In this comprehensive presentation, attendees will explore the complex world of obtaining CMMC certification for organizations within (or looking to join) the Defense Industrial Base supply chain. Drawing on extensive experience as a Registered Practitioner with Cyber-AB, the session will provide a detailed roadmap for small-to-medium-sized businesses embarking on their CMMC journey.

Participants can expect to gain a thorough understanding of the crucial steps involved in initiating a CMMC assessment and be introduced to the key players within the CMMC ecosystem, including their roles and responsibilities. Essential terms will be highlighted to ensure a smooth certification process.

Furthermore, the presentation will share practical advice and best practices for preparing for a CMMC assessment, encompassing important aspects such as conducting a gap analysis, implementing required security controls, and maintaining continuous monitoring and improvement. Emphasis will be placed on proper documentation, record keeping, and employee training to enhance an organization's cybersecurity posture.

By attending this insightful session, participants will walk away with a deeper understanding of the CMMC certification process and the necessary tools to successfully navigate this journey while supporting SMBs in the Defense Industrial Base supply chain.


Where should you start with the Internet of things (IoT) and Artificial Intelligence (AI)? How can you differentiate your business with IoT/AI?

Nadège Levallet, MBA, PhD, Asst. Professor, Management and Information Systems, Graduate School of Business, Univ. of Maine
C. Matt Graham, Ph.D., Assoc. Professor of Management Information Systems, Maine Business School, Univ. of Maine

This workshop is for organizations that want to explore opportunities that IoT/AI brings but are not sure where to start. IoT/AI can transform businesses by automating processes ranging from inventory management to robotics to full automation, saving time, and money. However, can small businesses benefit from the IoT/AI? This workshop will explore the emerging role of the IoT in small businesses, the impact on their ability to compete in a rapidly changing digital environment, and their awareness, attitudes, perceptions, and willingness to adopt it.


Build Sustainable Extranets & Customer Portals for External Stakeholders

Tony Marchetti​, Principal Consultant CollabPoint
Pete Dierker, IT Director at ClearEdge Partners

Keeping external stakeholders satisfied is important, which includes managing requests, responding to inquiries, maintaining information security, and providing visibility. For any organization, this can be a daily and costly challenge. However, organizations leveraging SharePoint extranets and portals can streamline communication with customers, vendors, and partners with an added layer of security.

Join us for a first-hand end-user experience from Pete Dierker, IT Director at ClearEdge Partners, who will demonstrate how they established a sustainable SharePoint extranet site structure without additional hardware by relying upon CollabPoint’s expert architecture guidance.

Microsoft 365 Architect, Tony Marchetti, will also educate attendees on sustainable third-party tools and tech options like Power Automate to set up efficient customer portals. Valuable tech tips will be shared on how to maintain these platforms for the long run by setting up effective security components, such as document labeling, sharing, and managing user access.


Becoming a data-driven business: an end-to-end strategy

Patrick McQuillan, Subject Matter Expert in Data & Analytics, Jericho Consulting

The key to a successful data-driven enterprise – no matter its objective or resources – is in the ability to create a high-fidelity, end-to-end data strategy that infuses reliable insights into the day-to-day decision making of its business. This workshop draws on my experience as a data strategy consultant, business executive, and analytics professor to provide an in-depth and accessible framework for optimizing data across your organization. Namely, we will address three time-tested areas of data technology enablement that create long-term value and accelerate growth for players in any industry:

  • Data governance and infrastructure design;
  • Business intelligence and self-service reporting tools; and
  • Nurturing partnerships with key stakeholders to contextualize insights and drive decision making

These topics are designed to be implemented on any budget and across any organization, since the outcomes that govern a successful data strategy can be achieved in any size business. The workshop relies on real-world case studies to illustrate the precise steps that need to be taken, and explores how business leaders can leverage their own resources to measure performance accurately for effective decision making, and enhance their competitiveness within their industry.

This workshop is intended to provide Maine’s small businesses with a simple and clear turnkey framework that delivers on these objectives.


Understanding threats in your applications through threat modeling

John Poulin, Staff Security Engineer, GitHub

This workshop will use real-world examples from GitHub and open-source projects to help engage users that may not have a software engineering background. Techniques for understanding the risks and security threats posed by your applications will be presented, applicable for both product stakeholders as well as engineers.


Fast & Furious: a look at what happens the first few seconds and first full week you connect a system or device to the internet

Bob Rudis, GreyNoise Intelligence

At work or at home, we all connect systems and devices to the internet. But, do you know just how safe or unsafe it is to connect that cable, or launch that cloud instance? Most folks do not realize just how quickly sources with good, bad, and unknown intent attempt to reach out and touch something you've deployed.


Including your business' voices in ERP implementations

Ande Smith, President, Deer Brook Consulting
Chris Burbank, Director of Strategic Initiatives and Partnerships, York County Community College

Chris and Ande will discuss strategies and lessons learned from implementing a large-scale Enterprise Resource Planning (ERP) system at the Maine Community College System. They will discuss how business partners are engaged, how decisions are made, and other challenges of bringing seven individual colleges and stakeholders together onto a common software platform.