Full-day seminars - 8:30 - 4:30

T-17. Auditing: Penetration Testing Basics
T-18. Rapid Web Development Using Grails
T-19. Exploring for Innovation: The X-Treme Brain Seminar

Morning Half Day Seminars
T-1 Keeping Your Project Healthy: Handling the Plans, Processes and People that Will Keep
it out of the ER
Dr. Michael A. Sheppeck, Associate Professor, Department of Management, University of St. Thomas
Don Jones, Director, Administrative Services, Ramsey County Community Human Services

Limited to 50 participants – first come, first served!

More than ever, government projects must run efficiently and deliver on promised results. The seminar begins with proven fundamentals involving the planning, processes and people that make for healthy projects. You’ll learn how to assess your project in each of these areas. Then you’ll get the tools you need to diagnose root causes of project troubles, and techniques for recovering your project's health -- and avoid the ER.

The presentation takes a focused and balanced approach to project management, and to dealing with troubled projects in particular. The tips, tools & techniques presented here will help all project managers keep their projects healthy. It also provides recommendations on how to diagnose and recover those projects that are really struggling. Recent literature on recovering or rescuing troubled projects was reviewed as background for the session.

By attending this session, you will obtain:

1. A review of the fundamentals for successful project management -- the essentials for project planning, processes and leadership & teamwork.
2. A list of the top 10 sources of project risks (and potential troubles) as identified by the experts.
3. Ways to recognize the signs and symptoms of a troubled project early on; and why we don’t admit to problems in our projects.
4. Checklists for identifying key project planning documents and processes which may be missing.
5. Interview/survey tools to help diagnose leadership and team issues.
6. A strategy for implementing the project recovery plan.
7. A list of resources for continued learning.

Participants will participate in a team exercise which will help them identify risks, diagnose root causes behind symptoms of trouble, and plan an effective project recovery. 

Speaker Bio(s): Dr. Sheppeck is an Associate Professor of Management at the University of St. Thomas, practicing in the areas of human resources, organization development, and training. He has an M.A. in General Psychology from Western Washington University and a Ph.D. in Industrial/Organizational Psychology from the University of South Florida. Previous employers include Honeywell, Assessment Designs, and National Bank of Detroit.

Don Jones, Director of Administrative Services for Ramsey County Human Services, has over 40 years management experience in health, education and human services in public & private sectors, including: Stanford University, Hazelden, and Ramsey County. He has led large-scale projects in IT, healthcare, educational research, organizational development, and construction. Don has an M.A. from St. Mary's University, and is a member of PMI.

------------

T-2  What Is So Hard about IT Communication?
Mary Knudsen, Application Development and Business Analysis Supervisor, Minnesota Department of Health

Limited to 50 participants – first come, first served!

One of the biggest obstacles in getting Information Technology projects implemented is the communication chasm between the business and the IT interests. This is especially true in the public sector, where issues of security and accountability seem to both inform and get in the way of all of the parties’ judgments. This course addresses some of the inherent reasons for this chasm and how to address it.  We will provide tools to address some of the most common areas of confusion and dissatisfaction with the IT-Business connection.

By attending this session, you will: 

1. Learn how to turn "Us vs. Them" into "We". Take time to establish the right relationship with the right people.
2. Learn about good conflict vs. bad conflict. Diversity and perspectives are positive - learn how to use them.
3. Master clarity, transparency and legitimacy.
4. Getting to agreement, consensus or consent.

Participants will benefit from a presentation of background information, introduction of tools and processes, and group activities with case studies.  The case studies will address different IT specialty areas, including application development, desktop support, infrastructure support, and change management.  Case studies will be selected based on class participants’ interests.

Speaker Bio(s):
Mary Knudsen has more than 25 years experience in regulatory affairs, information management and emergency preparedness in the public, private, non-profit and tribal sectors. She currently supervises application development and business analysis at the MN Department of Health. She has worked extensively on implementing controversial projects, coaching teams along the way.

------------

T-3 SharePoint 2010 – Making a Good Thing Better
Don Donais, IT Educator/Trainer/SharePoint Specialist, Benchmark Learning

Limited to 50 participants – first come, first served!

SharePoint 2007 was widely adopted by many different organizations.  This product gave organizations the ability to manage documents, collaborate, and build Line of Business applications that integrated into this platform.  So what could Microsoft of done to improve upon this?  Quite a lot!  This session will look at how Microsoft built off of SharePoint 2007 to allow organizations to take full advantage of collaboration online and offline, social networking, document management, compliance, and integration of business applications more comprehensive platform. 

Prerequisites: Familiarity with the SharePoint product or other document manage and collaboration applications.

Topics to be covered:

• Foundation information about SharePoint 2010 Products
• Introduction to SharePoint 2010 Wheel
• In SharePoint 2010 Wheel, features covered include: Sites, Communities, Content, Search, Insights, Composites
• SharePoint Designer

Speaker Bio: Don Donais is an Educator at Benchmark Learning with previous experience in the public education world. He teaches core Microsoft Server 2003, Exchange 2007, SharePoint 2007 and 2010, Windows XP, Vista and Windows 7, as well as ITIL v3 Foundations. Don is also a member of the Springboard Technical Series Expert Program (STEP) team associated with Microsoft. This group evangelizes about Windows 7 and Windows Server 2008 R

------------

T-4  Software Security Remediation: How to Fix Application Vulnerabilities
Dan Cornell, OWASP Trainer, Principal, Denim Group, San Antonio, Texas

Limited to 50 participants – first come, first served!

This seminar teaches attendees how to fix security vulnerabilities in existing software. It provides a mix of discussion of project concerns for planning and managing remediation efforts with hands-on coding examples. The focus is on the practical: how to use limited resources to make significant improvements to the security of target applications. Code examples use the OWASP ESAPI Java and Microsoft Web Protection Library.

By attending this session, you will learn:

1. How developers and security analysts can deal with their existing portfolios of insecure applications.
2. Practical ways to use limited resources to make significant improvements to the security of target applications.
3. How to risk-rank vulnerabilities, estimate remediation tasks, perform coding fixes for vulnerabilities and demonstrate the effectiveness of fixes.

Speaker Bio(s):
Dan Cornell has been developing and securing web-based software for over twelve years. He is the San Antonio chapter leaders for the Open Web Application Security Project (OWASP), a member of the OWASP Global Membership Committee, co-lead of the OWASP Open Review Project and has spoken internationally at conferences such as OWASP EU Summit and ROOTs in Norway.

------------

T-5  Assessing and Managing IT Risk in the Cloud
John McCumber, Chief Strategist, Symantec, Herndon, VA
Renault Ross, National Principal Architect, Symantec Corporation

Security has always been a major concern for state and local governments. Cloud computing promises major cost savings for resources-strapped agencies and jurisdictions. How can you be sure you can still effectively manage security in this outsourced environment? This seminar will help you define the key issues and policy imperatives that make cost-effective cloud computing possible for state and local entities.  We will also be covering the specific strategies you need to be able to transition from standardization, consolidation and into a cloud-based architecture.

By attending this session, you will:

1. Learn the key principles of security and risk management in IT systems
2. Determine how state and local entities establish and enforce the appropriate policies
3. Define how to translate those policies to a cloud environment through the use of emerging technology, SLAs, and vendor audits
4. Look for ways to leverage this approach to reduce costs and improve efficiencies
5. Perform exercises to sharpen your ability to identify cost-cutting opportunities

Speaker Bio(s):
John McCumber is Chief Strategist of the Public Sector Group for Symantec Corporation. He is currently involved in research and development activities in support of leading edge government cyber security initiatives. John is a retired US Air Force officer and former Cryptologic Fellow of the National Security Agency. He is the author of the best -selling textbook for graduate information security students.

Renault Ross, National Principle Architect, has been with Symantec  for 3.5 years.  He collaborates closely with Government IT leaders to frame the Security & Privacy risk associated with programs such as an MMIS, HIE, UI to ensure external governance drivers are addressed and recommending the appropriate preventive, detective and recovery technical controls to reduce risk.

------------

T-6 Effective Approaches to Requirements Gathering in Government Organizations
Devan Shepherd, CEO/CTO, Author/Trainer, XMaLpha Technologies

Limited to 50 participants – first come, first served!

In the quickly evolving realm of business analysis there is no shortage of theory, and then there is real-world practice. As it turns out, some of the theory is best left to textbooks. This seminar will focus on tried and proven methods, tricks, and techniques, that lead to better requirements gathering and ultimately more successful results, in the unique world of government organizations.

By attending this session, you will:

1. Learn some elicitation tricks and approaches that work
2. Discover how to reduce scope creep by as much as 50%
3. Discuss why it is that some of the "traditional" rules don't apply to government agencies
4. Explore concepts, techniques, and methodologies that have been proven on real world projects
5. Examine effective approaches to requirements-based problem solving
6. Take-away nearly 50 "best practices" that come from an exhaustive study of requirements lessons learned.

Speaker Bio(s):
Devan Shepherd is the author of Teach Yourself XML in 21 Days, 2/e, ISBN: 0-672-32093-2. He has more than 30 years of progressive experience in the IT industry as a developer, executive, solutions provider, public speaker, business analyst, and instructor, with a focus on consulting to government. In his spare time, he is a commercial pilot and the Chief Flight Instructor at Exclusive Aviation in Saint Paul.

------------

T-7 Proactively Manage Risk on Every Project? Yes, We Can!
Karen Rainford, PMP, MBA, M.S. in PM, Professor, St. Mary's University

Limited to 50 participants – first come, first served!

Proactively dealing with threats and leveraging opportunities is key to project success, so why is managing risk one of the least understood and most frequently ignored areas of project management? This hands-on seminar lets you apply risk management best practices to a project case study, and provides checklists and tools to help you transfer and apply risk techniques to your organization’s project practices.

By attending this session, you will:

1. Learn how to approach risky, complex, high-visibility projects with proactive assessment techniques to reduce uncertainty
2. Turn the phrase “I told you so” into “We were prepared for that” on small and large projects.
3. Interact in teams using a case study to approach, list, assess, respond to and track risks.
4. Tailor risk management processes to IT infrastructure and software development challenges.
5. Learn techniques that speed up the process of agreeing on which risks merit response planning.

Speaker Bio(s): Karen Rainford, PMP, MBA, applies 20 years of practical technology project and portfolio management experience to her role as an educator. As an Assistant Professor at St. Mary’s University of Minnesota, she teaches risk and quality management in the Master’s in Project Management program (M.S. PM), and creates custom project courses for organizations.

------------

T-8 Gender, Generations, and Global Communications: Succeeding in a Diverse Workplace
Kit R. Welchlin, Professional Speaker, Welchlin Communication Strategies

Limited to 50 participants – first come, first served!

National differences aren’t the only dimensions of culture.  Within a society, co-cultures have different communication practices.  Some scholars have characterized men and women as belonging to different co-cultures, claiming that each gender’s style of communication is distinct.  They also suggest that competent communicators are able to adapt their style to suit the individual and cultural preferences of others.

Given the diversity of the workplace, IT Professionals need to be competent and feel confident to make adjustments in their communication style to increase the odds of career success. This workshop provides a variety of ways to respectfully explore differences to consider and strengths to appreciate when considering diversity.  Through short lectures, lively discussions, individual exercises and small group activities, you’ll learn proven techniques to help you develop intercultural communication competence.

By attending this session, you will:

1. Learn the seven characteristics of competent communicators
2. Learn your communication style and how to modify your approach for career success
3. Recognize true differences in the way men and women communicate
4. Learn the strategies to communicate across the generations at work
5. Learn guidelines for communicating across cultures

Speaker Bio: Clients appreciate that Kit Welchlin takes the initiative to tailor presentations to meet their specific needs. Participants enjoy Kit’s sense of humor, speaking competence, and the powerful and positive message he delivers. He began his public speaking at the age of 9 in 4-H. By time he was 16 he was organizing and facilitating presentations on leadership, citizenship, community service and motivation for the 4-H and the Future Farmers of America.

He has been an instructor with the Minnesota State Colleges and Universities where he has been repeatedly nominated Outstanding Faculty. He is a Professional Member of the National Speakers Association.

Kit has a B.S. Degree in Speech Communication, Business Administration and Political Science. He earned a M.A. Degree in Speech Communication and Business Administration. Kit purchased his first manufacturing company at age 21, and by age 26 was C.E.O. and Chairman of the Board of 3 manufacturing companies in 3 states.

(return to top)

---

Afternoon Half Day Seminars

T-9  Inventing Innovative Insights: Your Ultimate Competitive Advantage
Dennis Stauffer, Chief Insight Officer, Insight Fusion, LLC

Limited to 50 participants – first come, first served!

Great leaders and organizations are those who generate timely insights as needed, over and over (Think Apple or Google) insights that prompt innovative new ideas and strategies. It’s a skill anyone can master. In this interactive seminar, you will explore the art and science of gaining practical professional (and personal) insights, using a proven systematic approach that taps into some natural strengths that you already have but that few of us fully leverage.

By attending this session, you will: 

1. Cut through the clutter to discern the most relevant information and patterns, and generate innovative ideas.
2. Develop insight as a personal discipline that you can apply to any professional or personal challenge.
3. Overcome mental inertia to solve novel and difficult problems, and adapt strategies to changing circumstances.
4. Enhance your ability to draw insights from others - a crucial leadership skill.
5. Increase your mental agility.
6. Have fun gaining your own fresh insights.

The day will be an interactive combination of individual and group exercises, lecture and discussion

Speaker Bio: Dennis Stauffer, founder of Insight Fusion, LLC, is an internationally acclaimed thought leader on the behaviors that drive innovation and personal effectiveness. His research led to the creation of the Stauffer Iterative Thinking Assessment, a unique evaluation instrument that measures the personal and organizational mental models that drive innovation. He’s an Emmy award-winning journalist and former Business Editor.

------------

T-10 How to Deliver Your Brand and Web Presence Successfully
Steve Mueller, IT Application Manager, MN Department of Public Safety
Allan Neoh, Team Lead and Architect, MN Department of Public Safety

Limited to 50 participants – first come, first served!

Gain insight into the Minnesota DPS’s deployment of SharePoint 2010 for its public websites from RFP to production release. Learn from their experiences with lectures and demos that share the challenges and lessons learned, project and management strategies, effective processes, and best practices for web governance and accessibility compliance.

This interactive seminar will provide you with a set of best practices, strategies and project approach to implement a highly useful and compliant web site that enables you and your team to be successful.

Topics

1. Project Overview - implementing Content Management Systems for a large, diverse organization.
2. Building the Right Foundation – approach the project holistically, setting the expectations, building the project teams, creating the support teams and managing risks through communication, change and management strategies.
3. Understanding Identity - creative analysis approach for a user centric portal.
4. Making Sense of it All – using information architecture to design a user centric portal for desktop and mobile.
5. Looking Awesome and Working Beautifully – a user centric approach to create highly usable and public friendly designs.
6. Compliance for Today, Tomorrow and Beyond - best practices for Standards Compliance (Section 508 and WCAG 2.0).
7. Peppering Quality from Beginning to End – strategies to building a quality solution.

Speaker Bio(s): Steve Mueller serves as Application Developer Manager for the MN Department of Public Safety (DPS) Office of Technology and Support Services. He is responsible for the managing application development for 15 DPS divisions, including external and internal websites. More than 45 DPS sub-sites are currently being redesigned to provide a better user experience.

Allan Neoh serves as a Technical Project Lead for the DPS website redesign project to migrate and implement a new CMS on SharePoint 2010. He is in charge of content publishing procedures, branding, architecture design, standard operating procedures and governance.

------------

T-11  Windows 7 – Finally Microsoft was thinking!
Don Donais, IT Educator/Trainer/Windows 7 Specialist, Benchmark Learning

Limited to 50 participants – first come, first served!

What lead to the release of one of Microsoft’s most successful operating systems launches?  Why were Beta testers of Windows 7 saying this was a keeper even before it was available for market?  This takes a look at why organizations should adopt Windows 7 and put their energy into making this the OS that will replace Windows XP.  Topics will include: User Account Control, Reliability Monitor, Networking and Wireless capabilities and much more.

Prerequisites: Working knowledge of Windows client products including Windows 2000, XP and Vista

Topics to be covered:

• Advances in the User Interface
• Advances in Supporting Windows Client
• Networking Considerations
• Security Considerations
• Applications Compatibility Considerations

Speaker Bio: Don Donais is an Educator at Benchmark Learning with previous experience in the public education world. He teaches core Microsoft Server 2003, Exchange 2007, SharePoint 2007 and 2010, Windows XP, Vista and Windows 7, as well as ITIL v3 Foundations. Don is also a member of the Springboard Technical Series Expert Program (STEP) team associated with Microsoft. This group evangelizes about Windows 7 and Windows Server 08 R2.

------------

T-12   Leveraging the .NET Development Platform
Rockford Lhotka, Technology Evangelist, Magenic

Limited to 50 participants – first come, first served!

The Microsoft .NET framework provides a broad and flexible development platform. It can be challenging to keep up with all the options. This session will provide a thought model for understanding all the parts of .NET, and how you can leverage its capabilities effectively in your application development efforts.

By attending this session, you will:

1. Understand the breadth of the current .NET development platform.
2. Learn how .NET enables web development through HTML5/AJAX and Silverlight.
3. Learn how Silverlight and WPF will enhance smart client development.

Speaker Bio: Rockford Lhotka is the creator of the popular CSLA .NET development framework, and is the author of numerous books. He is a Microsoft Regional Director and MVP, and a regular presenter at major conferences around the world. Rockford is the Principal Technology Evangelist for Magenic, a company focused on delivering business value through applied technology. Visit www.lhotka.net for more information.

------------

T-13   The Accessible Web Developer: What It Takes to Make Your Web Site Accessible
Michael Tangen, Web/UI Designer and Developer, MN Office of Enterprise Technologies

Limited to 50 participants – first come, first served!

Are you mystified about what it takes to ensure that your website is accessible? Are you looking for clarity surrounding the State of Minnesota’s accessibility guidelines? Are you a web developer or advanced content creator and need some tips and resources for improving your accessibility skills and know-how? 

We’ll address these questions and more in this seminar, where we’ll cover:

• The web accessibility standards that Minnesota has adopted and why compliance is important (Web Content Accessibility Guidelines – WCAG 2.0)
• A review of proper web site/document structure
• The do’s and don’ts of building accessible web layouts and content
• Creating accessible Javascript/AJAX
• Resources that are available for testing your websites for compliance

Each subject area will include live code samples you can download, opportunities for Q&A, and exercises to improve our understanding of what makes a website accessible.  The fundamental goal is for you to walk away with the knowledge, code samples, tools and resources to make your website more accessible for all audiences, and to take out the guess work and mystery surrounding web content accessibility.

Speaker Bio: With over 15 years in the web design and development industry, Michael Tangen has served in a variety of environments – including smaller web shops and larger environments like UnitedHealth Group. Now serving at the Office of Enterprise Technology, Michael is helping lead the charge to make Minnesota’s websites more accessible.

------------

T-14   UPDATE: Future Technologies You Should Know NOW
Dr. David Bouchard, Professor and Coordinator, Metropolitan State University

Limited to 50 participants – first come, first served!

Major update of a very popular presentation: Even in a tough economy, technological innovation is a major driver of change.  With the profitability of technology companies, driven by technological innovation (consider Apple and “iEverything”), many believe that the triggers for restoring economic health will be found in new technologies. 

This presentation will show how to evaluate new technologies, predict successes and develop strategies for keeping up and, perhaps, even staying ahead to technological change.  As always, there will be many “gee whiz” examples presented, but they will be placed in a context that prepares you for the future.  New models of analyzing and predicting the transformative and disruptive aspects of technology are presented with MANY exciting examples. Amazing!

By attending this session, you will:

1. Learn key models, concepts and examples of technological change
2. Review a survey of emerging technologies with implications for agencies to apply
3. Learn how to better manage technological change and innovation, both personally and professionally

Speaker Bio: Dr. David Bouchard is a nationally known authority in Information Technology. He is Coordinator of Metropolitan State University’s Masters in MIS program (MMIS) and Graduate MIS Certificates, Professor of Management Information Systems (MIS) in the MBA program at Metropolitan, Project Leader for the Minnesota Center of Excellence in Strategic IT, and President, Age of Information, Inc., a national IT consulting firm.

------------

T-15  Agile Estimation and Planning for a Traditional Project Manager
Manoj Vadakkan, Agile Coach / Release Manager, CGI Federal, Reston, VA

Limited to 50 participants – first come, first served!

One of the challenges in introducing Agile to a phase gate oriented organization is introducing the concepts of Agile estimation and planning. This seminar will equip you with the knowledge necessary to introduce the concepts of Agile Estimation and Planning. During the presentation, attendees will go thru an example to estimate the effort needed for a project.

By attending this session, you will learn:

1. The fundamentals of Agile Estimation and Planning using User Stories and relative estimation.
2. How to create a Release Plan, Cost Estimate, and staffing plan in Agile
3. How to develop templates and institutionalize the knowledge of Agile estimation.

The seminar will combine mini-lectures with hands-on and group activities to enhance the learning experience.

Speaker Bio: Manoj Vadakkan has close to two decades of experience in Software development. He is passionate about transitioning the world of work using Agile principles and practices. He has a Masters Degree in Computer Applications, Project Management Professional Certification, and is a Certified Scrum Professional.

Manoj Vadakkan has excellent experience as a speaker and coach and has presented various aspects of Agile Software Development in the past. As part of his current assignment, he works very closely with government agencies and will be able to provide good insight to session attendees.

------------

T-16  Change and Stress and Doing More with Less: 2010 Mental Stimulus Package
Kit R. Welchlin, Professional Speaker, Welchlin Communication Strategies

Limited to 50 participants – first come, first served!

Researchers claim that well over 80% of the world’s technological advances have occurred since 1900.  More information has been produced in the last 30 years than in the previous 5,000 years.  Either you take personal responsibility for continuing your education, or you will end up without the knowledge you need to protect your career.

It is important to practice strategies for stress management in changing times. If we can't manage the stress, we won't be able to make the change. Change is the norm and to resist it can ruin your career. Learn the strategies to develop the courage to invest energy in finding and seizing the opportunities brought by change.  Emphasize action.  Develop the reputation as one who pushes change along.

This interactive workshop includes lecture, individual work and small group exercises.

By attending this session, you will:

1. Recognize the three key drivers of change
2. Recognize the thirteen mistakes we make when facing transition
3. Learn thirteen new work behaviors to become a quick-change artist
4. Learn fifteen physical remedies and fifteen psychological strategies to manage the stress
5. Learn twenty time management tips to get more done with less

Speaker Bio: Clients appreciate that Kit Welchlin takes the initiative to tailor presentations to meet their specific needs. Participants enjoy Kit’s sense of humor, speaking competence, and the powerful and positive message he delivers. He began his public speaking at the age of 9 in 4-H. By time he was 16 he was organizing and facilitating presentations on leadership, citizenship, community service and motivation for the 4-H and the Future Farmers of America.

He has been an instructor with the Minnesota State Colleges and Universities where he has been repeatedly nominated Outstanding Faculty. He is a Professional Member of the National Speakers Association.

Kit has a B.S. Degree in Speech Communication, Business Administration and Political Science. He earned a M.A. Degree in Speech Communication and Business Administration. Kit purchased his first manufacturing company at age 21, and by age 26 was C.E.O. and Chairman of the Board of 3 manufacturing companies in 3 states.

(return to top)

---

Full Day Seminars

T-17 IT AUDITING – Penetration Testing Basics
Randy Romes, CISSP, MCP, Principal, Information Security Services, LarsonAllan
Brian Johnson, CISSP, CISA, Manager, Information Security Services, Larson Allan
Chris Knight, GCIH, MCSA, MCTS, Manager, Information Security Services, Larson Allan

Limited to 50 participants – first come, first served!

Organizations spend a tremendous amount of effort and resources to secure their perimeter connections to the Internet. In spite of this effort, hackers still find ways to compromise sensitive data. The TippingPoint 2010 Top Cyber Security Risks report identifies "client side" software vulnerabilities and "Internet facing web application" vulnerabilities as the top two issues organizations face. In addition, the Trustwave 2010 Global Security Report indicates most breaches result from remote access with default vendor credentials and “trusted” 3rd party connectivity.

This session will look at some common ways that hackers take advantage of these situations to breach organization defenses, whether it is the systems that are Internet accessible (Outside → In attacks), or via systems that reach out to access the Internet (Inside → Out attacks). The session has been updated from previous years with new trends and tools.

This is a hands-on session. Participants will be provided with a "hacker" laptop and software tools. We will demonstrate tools and techniques to identify risks and vulnerabilities and the participants will practice with the tools against live systems.

Learning Objectives:
By the end of this session you will:

1. Recognize and understand common hacker attack methods and privilege escalation scenarios.
2. How to effectively use the tools demonstrated during the course to identify vulnerable systems on your.
3. How to develop audit and hardening procedures to perform on a periodic basis as part of their normal implementation and administration processes.

Key Concepts:

• Defense in depth
• Web application vulnerabilities
• Inside-out attack methods
• Default open systems
• Administrative completeness
• Auditing as a continuous improvement mechanism

Speaker Bio(s): Randy Romes is a Principal at LarsonAllen. For ten years he has lead a team of technology and industry specialists providing risk assessments, IT audits, penetration testing, incident response and computer forensics. He has conducted or managed over 1500 penetration tests in the last 10 years. He is a Certified Information Systems Security Professional (CISSP) and has a Masters in Educational Technology from St. Thomas.

Brian Johnson is a Manager at LarsonAllen. For six years he has performed network penetration tests, internal vulnerability assessments, general controls reviews, system and application audits, and PCI assessments. Brian leads the incident response and computer forensics practice for the firm. He is a Certified Information Systems Security Professional (CISSP), a Certified Information System Auditor (CISA).

Chris Knight is a Manager and has been with LarsonAllen for 10 years. He leads the penetration testing practice, performs system and application specific audits, and SAS70 assessments. He is a Microsoft Certified Systems Administrator (MCSA), and a GIAC Certified Incident Handler (GCIH).

------------

T-18   Rapid Web Development Using Grails
Scott Hickey, Senior Consultant, Object Partners, Inc.

Limited to 30 participants – first come, first served!

Utilizing the convention over configuration paradigm for building database backed web applications, Grails brings together the best best-of-breed Java technologies such as Hibernate, Spring, Sitemesh and Groovy to enable an amazing level of productivity for Java based programming teams. In this hands-on session, we'll cover the major areas of Grails while building a fully functional web application.

This hands-on session will include a mixture of lectures and labs. The material will assume you have some experience with Java and web development. You will be provided with a VMWare image that will contain a completely configured Grails development environment that can be used for the labs as well as continuing your Grails work after you leave. You should bring a laptop with the free VMWare player already installed or you may use a laptop provided by the conference.

At the end of this session, you will able to:

1. Create a new Grails project from scratch and understand the default conventions provided by the Grails framework
2. Implement a complete database backed web-application that implements transactional database create, read, update and delete functionality.
3. Use the built-in Grails scripts for automated unit tests, integration tests and deployment.

Key Concepts:

• Groovy programming language essentials
• Modeling a domain using GORM - Grails Object-Relational Mapping
• Implementing application flow using Grails controllers
• Implementing the user interface with Grails' views, forms and layouts
• Installing and use common third-party plugins
• Installing and using the Spring Security Framework plugin

Speaker Bio: A Senior Consultant with Object Partners, Inc., Scott Hickey has been developing software for over 20 years and working with Java since 1998. He was the lead developer for the Groovy Eclipse Plugin and has authored several Groovy related articles. He has presented at No Fluff Just Stuff Conferences as well as the international Grails and Groovy Exchange.

------------

T-19  Exploring for Innovation: TheX-Treme Brain Seminar
Patrick F Johns, President and CEO, PFJ Communications, Dallas,Texas
Kathy Ridley, Founder, Right Brain Release, Dallas, Texas
Beth Neu, Director, MN Council for Quality
Brian Jensen, Fire Chief, Big Spring, Texas

Limited to 50 participants – first come, first served!

This engaging and interactive seminar will take you on a journey to better understand the role of the brain and the mind. You will look at new ways of learning, thinking and the basic nature of motivation and change. All materials are designed to teach you a new perspective on leadership and personal productivity. This multimedia event will incorporate PowerPoint, video and audio presentations, graphics display, and a range of hands-on interactive exercises.

Topics addressed:

• Understanding the core principles of Innovation, Creativity, Imagination, Logic, Focus, Quantum Thinking and Intelligence
• The physiology, psychology and challenges of change
• The Field of Dreams and the O.M.R. leadership model: “Build it and they will come”
• Basic brain fundamentals in review
• “The Motivational Hierarchy” - Ladder to Excellence in the workplace

Interactive activities include:

• Brain balancing techniques
• Firefighter Circle of Trust
• Emotional Hierarchy Interactive, utilizing “Cognitive Behavioral Therapy” technique for emotional control
• Exercise from “Drawings from the Right Side of the Brain”
• Right Brain Release Drawing and Painting Art Exercise
• “Personality Style Analysis” review and mini course

Participants will take away techniques, information and easy-to-use exercises guaranteed to support better mental management, productivity and balance, including:

• 70 basic Brain Building Tips
• Personality Style Analysis Kit
• A signed copy of Pat’s frame ready print “Cloud Nine”
• Various other handouts and creative right brained project art

Speaker Bios:
Pat Johns is an international speaker, trainer, author and behaviorist. As a member of the Society for Neurosciences and as an excellent motivator, his clients include: The CIA, General Dynamics, Sprint, US Marshals Service and The US Marine Corps. He is a regular presenter with the Project Managers Institute and his work carries an endorsement from the Director of the Smithsonian Institution. Pat also shares lessons learned from having been the only one in the world to complete the grueling Himalayan 100 mile running race 4 times.

Kathy Ridley is the founder of Right Brain Release, whose mission is to inspire creativity in the workplace. She is a certified project manager and President of the Project Management Institute of Houston with over 20 years of worldwide project leadership and experience. As an artist, she has spent many years learning various creative techniques. Combining both her passion of creativity and project management, she is now conducting workshops that teach others how to improve their project work and personal life.

Beth Neu is the Director of the Minnesota Council for Quality and has worked in both non-profit and volunteer management for 20 years.  Beth has a Master's degree in Human Resources Management and is also certified in the Myers-Briggs Type Indicator. Beth's passion is studying and understanding the new frontier of neuro-psychology and brain plasticity.  Beth will discuss brain anatomy/brain map and will be describing the primary functions of the key brain areas.  Beth will also review 70 brain building tips to strengthen the brain.

Fire Chief Brian Jensen has over 34 years of fire service, starting his career as a volunteer and the last 22 years as a paid firefighter, including 10 years as Fire Chief. He holds a firefighter master certificate and a fire service instructor certification with the Commission on Fire Protection and has been certified as a paramedic with the Department of State Health Services for the past 15 years. During his decade as the leader of his fire department, he not only has worked as a change agent for the department, he also instructs other city departments in the areas of supervisory training, motivation and focus. For the X-Treme Brain program Chief Jensen will take on the topics of: "The Motivational Hierarchy" and "The Firefighters Circle of Trust"

(return to top)