With a staff of only two full-time employees, TechBirmingham relies heavily on volunteers and interns to help make the association a success for its members and the tech community. This summer, Wade Cline is serving as an intern with us and we thought you might like to learn a little more about him!

Name: Wade Cline

Age: 21

Always lived in Birmingham?: Yes

Education: Senior Marketing major at Samford University

Why Marketing:
I am a people person and just about every job I have held has dealt with customer service. More than just connecting with people though, I have a passion for learning about how they think, and why they make certain decisions when buying or investing into businesses. Also, no matter what business you can think of, there is always a need for marketing personnel, and I can’t wait to have an impact wherever I end up.

What do you want to get out of this internship?
When I was looking for an internship I wanted to find a company that wasn’t too big, something I could put my fingerprint on and leave a lasting impression. Although you can do that in any company, I wanted to be closer to the action. That is ultimately what I want to do with TechBirmingham, have an impact, and of course have them be excited that they hired me for the internship. This plays a large role in what I want to get out of the non-profit. Things like a deeper understanding of business management, marketing, and personal communication. Being with TechBirmingham, there is a ton of room for learning and network opportunities through the monthly events that are held and the constant contact I have with the 250 member companies they’re associated with.

What’s your favorite part of the internship?
I love everything that TechBirmingham is involved with, but being able to start and run the TechAlabama social media sites, and continually getting the word out about the new non-profit, has been the most exciting aspect, personally. Also, it would be ignorant of me not to mention the involvement I am getting to have with Sloss Tech. I had no idea how big of an event this was going to be, and I am honored to be able to work on something this huge with Jennifer, Greg, and all the sponsor companies involved in the planning process. I can’t wait to see what the second half of the summer has in store for the internship.

What career do you plan to pursue?
I aspire to have a career in the business side of marketing and have some part in branding and advertising. The creative juices do not flow through me as much as they do for graphic design people, but I love being involved with creating new things and the thoughts of how to reach the consumer with those ideas. I do not have any company in mind, at the moment, but wherever I’m place, I plan on making the most out of it and continuing to learn.

Hobbies?
I love to golf, hangout with the family, go to the lake (Logan Martin Lake), listen to music, study about science (astronomy mostly), be with friends, camp, and finding food trucks around Birmingham to try out.

read more

TEALS (Technology Education and Literacy in Schools), a program that supports the expansion of computer science education for high school students is coming to Birmingham. We caught up with Tracey Wilson who is helping spearhead the effort to get TEALS into Birmingham. Here’s a look at what they are doing and how it’ll impact students in Birmingham.

Hi Tracey! Tell us a little more about TEALS.

TEALS pairs computer science professionals from across the industry with classroom educators to team-teach CS in high schools throughout the U.S. Started in 2009 by Microsoft employee Kevin Wang, who developed and ran the program in his spare time, TEALS was embraced by Microsoft in 2011 and has been supported by the company ever since as part of its global YouthSpark initiative, which aims to increase access to CS education for all youth around the world.

 
TEALS helps high schools teach computer science by providing trained volunteers – industry professionals in CS – to partner with a classroom teacher and work as a team to deliver CS education to students who would otherwise not have the opportunity to learn CS in their school. Over two years, the classroom teacher gradually takes over the responsibilities of teaching the course without volunteer support. The team-teaching and volunteer system of TEALS creates a strong ripple effect: it empowers teachers who can multiply the impact by providing computer science education to hundreds more students over the years.

Why is this initiative important?

Science and technology are critical drivers of today’s global innovation economy. More and more companies–across all industry sectors–are seeking people with computer science (CS) and computer engineering skills. In the U.S., there will be 1.4 million CS-related jobs by 2020, yet U.S. college graduates are expected to fill less than a third of those jobs. For American youth, this means an unfortunate mismatch between education and opportunity that we must solve by bringing together professionals from across the CS industry. By increasing access to CS for all youth as early as possible, we will help them prepare for the jobs of today and tomorrow and give them the opportunity to become creators of technology and the world’s future innovators.

How was Birmingham identified as a TEALS city?

A group of industry professional saw the need for Computer Science education in the Birmingham area high schools and invited us to Birmingham to explore the possibilities. This group included Courtney Ready and Jared Weinstein who brought the Venture for America program to Birmingham last year.

How can someone get involved?

Nine out of ten parents want their child to study computer science but only 25% of high schools in America offer computer science courses to their students. That’s where you come in. TEALS builds sustainable CS high school programs by pairing trained computer science professionals – from across the tech industry – with classroom teachers to team-teach CS. Every student deserves a chance to learn these essential skills. By joining the effort to educate teachers and students alike, you will create a ripple effect giving current and future students the opportunity to be innovators and creators of technology.

 
TEALS Quick-Start Guide
1. Attend an info-session in person or view a pre-recorded session online.
2. Learn more about the different volunteer roles in the Volunteer Guide.
3. Read the Frequently Asked Questions.
4. Have additional questions? Contact us.

read more

Appeared in The Birmingham News on April 03, 2016 – updated April 18, 2016.

By Scott McGlaun, Chief Information Officer, BlueCross BlueShield of Alabama

People frequently ask me about ways we can strengthen the local technology community. Birmingham’s technology community is stronger than it has ever been. Innovation Depot, which gives start-ups and entrepreneurs competitive advantage, is almost at capacity. TechBirmingham membership is experiencing explosive growth and seeing record attendance at events.

Access to capital for start-ups is plentiful if you have a solid business plan. Technology executives are working together with TechBridge to bring technology-based efficiencies to non-profit agencies. Birmingham is taking steps to develop local technology talent through Depot/U, a software development boot camp. The city is entering our second year of Venture for America internships and several local companies are working to bring a new workforce development program to the area called Year-Up. So that covers it, right? Well, there is one more thing….Keep IT Local.

“Keep IT Local” makes sense for two reasons.  First and foremost, it is a reflection of the business community’s support of technology-based entrepreneurs.  “Keeping IT Local” tells existing local entrepreneurs, and entrepreneurs considering Birmingham as their start-up location, that the business community wants them to thrive and prosper here. We can play a role in their success by looking first to local companies for business impacting capabilities.

Birmingham has very talented and capable technologists that are driving innovation.  Partnerships among entrepreneurs and the business community will accelerate that innovation.

Secondly, we have a huge opportunity to grow tech-based jobs here in Birmingham. When the business community spends locally on technology, we promote local job growth. Large company spending on technology will result in job growth among vendor partners.

The purpose of the Keep IT Local Pledge initiative is to create an easily accessible platform to showcase commitment from local companies to first look within our city and surrounding areas when procuring IT products and services before spending those IT dollars outside the region. Working collaboratively with industry, TechBirmingham and Innovation Depot led the effort to craft a pledge and create a digital presence where companies on both the demand and supply side can show their support by digitally signing the pledge.

Organizations who sign the pledge will be recognized on the www.keepitlocalpledge.com website.

TechBirmingham will maintain the database of companies who sign the pledge and will be able to provide information on the services and products those companies offer.

The list of Founding Partners includes the following organizations and companies: TechBirmingham and Innovation Depot, as well as Alabama Power, BlueCross and BlueShield of Alabama, Regions, 2B Solutions, Isotope 11, BBVA Compass, University of Alabama Birmingham, Alabama Media Group, Airship, ITAC Solutions, Daxko, Platypi, Teklinks, TEKSystems, Viperline, Warren Averett.

Here’s the website for companies to sign the pledge. Let’s grow those jobs in our community, not somewhere else. Will you join me in taking the pledge to Keep IT Local?

read more

On April 5th the first annual Alabama Cyber Now conference will be held at Regions Field to “Bring Cybersecurity to the Forefront of Business.” The concept for ACN came about over a year ago when three technology/cybersecurity professionals – me, Heather McCalley, and Jennifer Skjellum – brainstormed the idea during a security panel presentation at Alabama Power Headquarters. During the past year or so, we continued to foster this idea with our respective organizations, Central Alabama Information Systems Security Association, Birmingham Infragard Members Alliance, and TechBirmingham, to make ACN a reality and, as of today, we have over 200 attendees registered for the conference.

ACN is patterned after similar event whose origins go back about 10 years ago. The North Alabama ISSA Chapter, where I served as President, sponsored an Information Security Seminar in Huntsville, a half day meeting. That event has continued for 9 consecutive years and has grown in attendance from around 50 at the first one to over 950 last year at the Von Braun Civic Center spanning 2 days. Similarly, the North Alabama ISSA Chapter joined with Cyber Huntsville a few years ago gaining a strong interest from the Defense Industrial Base (private contractors) supporting the US Army and NASA at Redstone Arsenal.

The conference committee has put together 19 sessions in three tracks with two keynote speakers (Brian Krebs and Josh Goldfarb) which we feel will appeal to both cybersecurity practitioners and professionals, C-level executives, and other business leaders. There will also be an exhibit hall showcasing the technologies available from over 30 vendors. An exciting day is awaiting all who attend. As conference chair, I look forward to meeting everyone who attends, attending several track sessions, talking to all the vendors, and hearing the latest in cybersecurity from our keynote speakers. Please plan to attend Alabama Cyber Now as I am convinced that you will learn much throughout the day.

See you on April 5th.

Dr. Joseph W. Popinski

Alabama Cyber Now Conference Chairman

CISSP CPP CFE CISM

ISSA Fellow

Have you registered for the conference? Click HERE to join up on April 5.

read more

Cyber Field Report

As we approach the Alabama Cyber NOW Conference on April 5th, we will highlight some of the companies and individuals making this event possible. We recently caught up with David Forrestall with SecurIT360, a Platinum sponsor of ACN. David provided us with a Cyber Field Report leading up to the conference.

We all need information to make decisions and to build plans to protect ourselves and the people we serve.  This information includes strategies, risks, threats, vulnerabilities, actors, technologies, etc.  Alabama Cyber Now (ACN) is a few weeks away and is a great forum to continue the discussion so that you are informed and can sleep better at night.  We have served clients all over the U.S. for the past seven years performing audits, penetration tests, risk assessments, and security-program development.  During this time, we have seen a persistent theme: people get lost in the details.  We all know that security is not “set-it-and-forget-it.”  So, what is the plan?

Cyber Action Plan

Focus on the basics first, it is a Process not a Product

There is no silver bullet, and advertisers are investing millions of dollars to convince you to buy their widget that will handle all of your security needs.  But guess what?  Even security products have vulnerabilities that hackers take advantage of.  To be clear:  You need quality security products to keep yourself safe.  They are required to add layers of security, but it is the process around these that keeps you secure.  They must be updated and maintained.  If you do not check on their performance, you have no idea of whether they are still functioning properly. 

Basic Blocking and Tackling

Studies show that over 90% of breaches happen because something simple was missed.  So, before you run out and invest in new security solutions, it is important to make sure the basics are covered by solid products and the processes supporting them.  Making sure these basics are covered reduces much of your risk:

Security patching for all hardware/software – This is where many of your vulnerabilities lie.  The desktops are a place to start, but don’t forget the applications.  All applications (office, Adobe, Java, browsers, etc.) need to be up to date.  Switches, routers, firewalls, and infrastructure systems need updates too.  You need to independently check to make sure that this is happening.

Endpoint protection – Antivirus/Malware solutions – Make sure these are working.  Pull a report and do an inventory of systems.  Not the most glamorous thing in the world, but simple and effective.

Review all accounts and passwords regularly – I don’t have to hack if I can just log in.  You should also limit privileged accounts and prevent the use of shared accounts.

Constantly inventory devices on your network – If you don’t know what is on the network, how do you know whether it is allowed or protected?

Encrypt all portable devices – Smartphones, tablets, laptops, USB drives: anything that may carry sensitive data, which can easily “walk off”.

Provide security training for users and IT staff – Your users are the target and need to make well informed decisions.  As for IT, yes they are smart, but typical IT training does not always include security processes (there is that word again…).  And what IT folks hear most is faster, cheaper, and more reliable.  Oh, and by the way, can you make it secure too?

Review firewall, remote access/VPN, and wireless solutions regularly.  Another way to get in…

Implement a proactive monitoring/logging/alerting solution – There are millions of events produced in your network each day.  They need to be collected and analyzed.  There are many options available that will alert you when something bad is happening, so that you can react. 

Check your email gateway (Spam filter).  Make sure it has virus and malware capability.  Email is one of the most common attack vectors.  Most of you should have this, but you need to double-check that this is in place and functioning.

Additional basic perimeter protections.  Make sure that your firewall has IDS/IPS capabilities – not all do.  Internet content filtering software also keeps users from going to dangerous websites.  Some firewalls include both of these features, but they may require additional licensing or products AND you need to make sure they are updated and functioning properly.  You need to ask if you are not sure.

What do leaders need to do?

Leaders do not need to become experts or spend millions on cyber security to protect their organizations and customers.  BUT, you do need to know enough to oversee and carry on the conversation. 

Where to start:

Educate yourself – The buck stops with you.  When something happens, answers will be demanded.  Get in the conversation and ask questions of those that you trust to handle cyber security for you. 

Measure your status – Measure against accepted standards.  This is more than asking your IT guys to check the firewall.  Standards are multi-dimensional, covering all areas.  CIP, NIST, or ISO 27000 are solid standards to compare yourself to – AFTER you have covered the basics.

Develop a plan to close holes – There is no such thing as 100% security which always leaves room for improvement.  The gaps should be ranked by risk and prioritized.  Regular meetings and documented progress against risks will show the level of commitment to security.

Develop a security program – The rapid pace of change does not allow you to set-it-and-forget-it.  Policies need to be written and responsibilities assigned.  The program will require monitoring and regular reporting.

A Note to the CFO:  You may want to remind your finance committee that breaches can cause serious reputational damage and be very expensive.  Cyber Liability insurance is not enough.  In today’s world, the expectation is that there are measureable efforts (and funds) devoted to keeping information safe.

About our perspective – SecurIT360 is a knowledge-based, cyber-only firm that also represents various industries concerned with protecting sensitive information, including Financial, Healthcare, Utilities, Legal, Education, and IT Services.  Our recommendations come from working experience with many solutions.  We are independent; a vendor agnostic and a client advocate.  We do not “sell” or broker hardware, software, or a particular vendor.  Ours is a process, not a product.  Yes, you need products, but it is the process and people around those products that keeps the firm secure.

read more

As we approach the Alabama Cyber NOW Conference on April 5th, we will highlight some of the companies and individuals making this event possible. We recently caught up with Jason Asbury, President of Warren Averett Technology Group, the Diamond sponsor of ACN. Jason will be speaking at ACN and agreed to a Q&A highlighting some of his upcoming talk.

Hi Jason! Let’s jump right in – what can a business do to reduce the likelihood of cyber-attack?

Asbury: The notion of reducing the likelihood of an attack is somewhat futile. Any organization with access to the Internet is subject to attack. The key is to be prepared when the attacks occur. Proper planning, controls, monitoring, alerting and overall management of IT security is absolutely necessary in order to turn attacks into failed attempts.

What are the key ingredients for a cyber-security strategy? 

Asbury: Managing a cyber-security strategy begins with a risk analysis. In order to create and implement the proper strategy, risk must be clearly understood. Not all companies share the same risk. Secondly, all effective systems and strategies are governed by good policies. A thorough IT security policy is essential in managing risk. Security policies should not only create a framework for day-today management of risk, though. They should also identify and designate key roles within an organization. For instance, every business should have a security officer or manager as well as a risk officer or manager, and all organizations must plan for the worst. This means that an incident response plan is necessary and someone must be designated to manage the recovery steps taken after a breach has occurred. In my experience, most companies fail to implement a strong cyber-security plan because they don’t start with an analysis of risk paired with a solid IT security policy.

What type of third-party services and products can be used to help prevent a breach and keep sensitive information secure?

Asbury: There are a number of services that can assist in managing risk. We recommend that organizations consider third-party monitoring, logging and alerting services for critical systems and network entry points. The assurance of proper oversight relative to security is essential to preventing an incident. Another good outsourced service to consider is quarterly vulnerability scanning and annual penetration testing in order to regularly assess and remediate risk.

Should a company be concerned with its vendors relative to cyber security?

Asbury: Absolutely. A security plan is only as strong as its weakest component. As a business owner or risk manager, you must address security safeguards and loss prevention relative to vendors and business partners. The highly publicized Home Depot breach of 2014 was the result of weak controls around vendor access. We suggest the development of business associate agreements that clearly define requirements around access control and minimal acceptable levels of security from within the vendors’ IT systems.

How can I assess my company’s risk for a cyber-attack?

Asbury: The most effective process is to have a qualified IT security firm perform a thorough IT risk assessment. If your organization has identified a risk-management officer, that individual should be qualified to oversee this process. Relying on an IT manager to assess risk for a system he or she is responsible to maintain may not yield an unbiased report. Risk assessments should include a review of IT policies, network architecture, roles and security procedures, and physical and logical access controls.

Thanks for taking the time to chat, Jason! Click HERE to learn more about Warren Averett Technology Group.

read more

Guest post by Robert Schiefer, Software Architect at EBSCO

Planning is underway for a brand new technology meetup group in Birmingham. The Birmingham .NET Meetup is for .NET professionals and hobbyists looking to continuously improve their craft. They hope to cover a broad spectrum of topics, from C# language features to software delivery and everything in between.

Robb Schiefer and Blake Helms are co-organizers for the group which has a tentative first meetup scheduled for May of 2016. Over 35 members have already signed up on their Meetup page with little to no advertising, so the group is poised to be heavily attended. When asked about the new group Robb had the following comment:

“C#/.NET is one the most popular programming language in Birmingham with companies, both large and small, employing a large number of developers on the Microsoft stack. We hope to bring those developers together on a monthly basis to network, learn from each other and improve their skills so they can be more effective in the workplace.”

Being first released in 2002, the .NET framework is a mature platform that many companies rely on for the stability of their business. C# (the programming language most often associated with the .NET framework) is consistently listed in the top five most popular programming languages each year in most surveys. A Mashable article last year stated in Alabama C# was the “most tweeted” and had “the most jobs and least competition” based on data from a common programmer Q&A website. So Birmingham and .NET seem like a great fit.

Each meetup event will allow time for networking, provide an informative talk by a knowledge presenter and best of all free food. The group is still trying to work out the details and asks any interested developers to fill out a quick survey to help in the planning process.

“User groups can be tricky to get right. You have to keep the content interesting and find a convenient time/location for the majority of attendees. We are really hoping the survey helps us meet the needs of our local .NET community,” Schiefer said.

The group is also still looking for corporate funding to help pay for the costs of running the group. The funds will primarily be used for food and giveaways at the events. If your company can help in this area, reach out to the Robb or Blake for more information via their Meetup page.

User groups are a great way to engage in the developer community beyond your immediate work environment. If you manage developers, encourage them to find a user group and attend. If you are a developer, go share your experiences and learn from others at the next applicable user group event.

read more

TechBirmingham is excited to announce and welcome its 2016 Board of Directors!

“We are excited to introduce the 2016 TechBirmingham board members,” TechBirmingham President Jennifer Skjellum said, “This is a strong group of leaders in Birmingham with a focus on the continued growth of the tech ecosystem in this region”.

2016 Board of Directors

Chad Ballard                  BBVA Compass

April Benetollo              Daxko

Cecil Bostany               Warren Averett                     Vice Chair

Jay Brandrup                 Kinetic Communications

JG Carver                        ITAC Solutions

James Childs                  Bradley Arant

Lisa Crymes                  DST Health Solutions         Secretary

Bryan Davis                    Shipt

Judson Englett               Whiteboard IT

Steve Sebastian              UAB Health Systems

Tom Hubert                    Veristor

Denise Jeffries               Regions                                   Chair

Shannon Johnston         Mspark

Leigh Jordan                    IBM

Sri Karra                           City of Birmingham

Lisa Kianoff                      Warren Averett Tech. Group

Glenn Kinstler                 2B Solutions

Matthew Kohler               Protective

Devon Laney                   Innovation Depot            Treasurer

Scott McGlaun                 BCBS of AL

Bobby Middleton            Help Lightening

Phillip Miles                     CTS

Anthony Oni                    Alabama Power Company

Shegun Otulana              TheraNest

Tanveer Patel                   Concert Care

David Powell                    TekLinks

Doug Rigney                    Samford University

Jason Seeby                     Express Oil

Jennifer Skjellum          TechBirmingham             President

Tony Summerville           Fleetio

Stephen Tangerman        EBSCO

Stephen Thompson          McKesson

Veronica Tucker               Southern Research Institute

India Vincent                    Burr Forman

Heather White                  UAB

Gary York                           Emergency CallWorks

Waymond Jackson           BBA

read more