| Time |
2010 Symantec Government Symposium: No Compromise – Open, Secure, Everywhere
Tuesday, June 22, 2010 – Ronald Reagan Building, Washington, D.C.
|
| 7:15 a.m. - 8:10 a.m. |
Registration and Breakfast |
| 8:10 a.m. - 8:15 a.m. |
Welcome
GiGi Schumm, Vice President and General Manager, Symantec Public Sector
GiGi Schumm is Vice President and General Manager of Symantec’s Public Sector organization. In this role, Ms. Schumm leads all sales, strategic, and operational functions associated with Symantec’s Public Sector business – working with U.S. Federal, State, and Local governments as well as education institutions to improve their ability to protect and manage critical information. Specifically, she oversees sales, business development, alliances, program management, services, marketing, government relations, and contracts.
Immediately prior to her present position, Ms. Schumm led Symantec’s Government Security Group to bring comprehensive and long-term security solutions to the U.S. public sector in cooperation with government organizations, integrators and other leading security vendors. In her 11-year tenure at Symantec, Ms. Schumm has served in a variety of leadership roles including Southeast Areas Sales, Emerging/Acquired Technology Sales, and Americas’ Services. She first joined Symantec in 1999 via the acquisition of Axent Technologies.
Prior to her time with Symantec, Ms. Schumm held management and sales leadership positions with notable IT hardware and software companies, including Sun, Oracle, and Tektronix. She maintains active memberships with the Armed Forces Communications and Electronics Association (AFCEA), the public sector Industry Advisory Council (IAC), and the Executive Women’s Forum (EWF). Ms. Schumm holds a bachelor’s degree from Fairfield University in Fairfield, Conn.
|
| 8:15 a.m. - 8:35 a.m. |
"Security Infrastructure: Public and Private"
Enrique Salem, Chief Executive Officer, Symantec Corporation
Enrique Salem is president and chief executive officer of Symantec, a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Salem is also a member of Symantec’s board of directors.
Throughout his 16-year tenure at Symantec Salem held a variety of senior management roles, giving him broad experience across Symantec’s products and operations. Most recently he served as chief operating officer, with responsibility for the day-to-day operations of the company. Prior to that, he served as group president, Worldwide Sales and Marketing where he managed global sales and partner programs, marketing, communications and branding.
Before joining Symantec, Salem was president and CEO of Brightmail, the leading anti-spam software company that was successfully acquired by Symantec in 2004. From 2001 to 2002, he served as senior vice president of products and technology at Oblix Inc., where he spearheaded corporate strategy and development by leading the company's engineering, product management, and technology groups. Prior to Oblix Inc., Salem was vice president of technology and operations at Ask Jeeves Inc. responsible for the engineering group and the company's entire IT operation. Salem joined Symantec in 1990 through the Peter Norton Computing acquisition and held a number of leadership positions, including vice president of security products and the company’s first chief technology officer.
Earlier in his career, Salem was a vice president at Security Pacific Merchant Bank, where he led projects for the development of real-time trading systems.
In 2010, Salem received the Estrella Award by the Hispanic IT Executive Council (HITEC) which recognizes individuals for their vast achievements in the IT industry and in the community. He was also named 2007 Corporate Executive of the Year by Hispanic Net as well as 2004 Entrepreneur of the Year by Ernst and Young. Salem currently serves on the board of directors of Automatic Data Processing Inc (ADP)
Salem received a bachelor’s degree in computer science from Dartmouth College.
|
| 8:35 a.m. - 9:15 a.m. |
Morning Keynote
Howard A. Schmidt, Special Assistant to the President and Cybersecurity Coordinator, Executive Office of the President
Howard A. Schmidt has had a long distinguished career in defense, law enforcement, and corporate security spanning more than 40 years. He brings together talents in business, defense, intelligence, law enforcement, privacy, academia and international relations through his distinguished career. He currently is Special Assistant to the President and the Cybersecurity Coordinator for the federal government. In this role Mr. Schmidt is responsible for coordinating interagency cybersecurity policy development and implementation and for coordinating engagement with federal, state, local, international, and private sector cybersecurity partners.
Previously, Mr. Schmidt was the President and CEO of the Information Security Forum (ISF). Before ISF, he served as Vice President and Chief Information Security Officer and Chief Security Strategist for eBay Inc. He also served as Chief Security Strategist for the US-CERT Partners Program for the Department of Homeland Security.
Before eBay, he served as the Vice Chair of the President's Critical Infrastructure Protection Board and as the Special Adviser for Cyberspace Security for the White House. Prior to the White House, Howard was Chief Security Officer for Microsoft Corp., where his duties included Chief Information Security Officer, Chief Security Officer, and forming and directing the Trustworthy Computing Security Strategies Group.
Before Microsoft, Mr. Schmidt was a supervisory special agent and director of the Air Force Office of Special Investigations (AFOSI) Computer Forensics Lab and Computer Crime and Information Warfare Division. While there, he established the first dedicated computer forensics lab in the government and was responsible for Criminal and Counter Intelligence investigations against Department of Defense systems.
Before AFOSI, Mr. Schmidt was with the FBI at the National Drug Intelligence Center, where he headed the Computer Exploitation Team. He is recognized as one of the pioneers in the field of computer forensics and computer evidence collection. Before working at the FBI, Mr. Schmidt was a city police officer from 1983 to 1994 for the Chandler Police Department in Arizona.
Mr. Schmidt served with the U.S. Air Force in various roles from 1967 to 1983, both in active duty and in the civil service. He had served in the Arizona Air National Guard as computer communications specialist from 1989 until 1998, when he transferred to the U.S. Army Reserves as a Special Agent, Criminal Investigation Division. where he served until 2010 with the computer crime investigations unit at CID HQ.
Mr. Schmidt also served as the international president of the nonprofit Information Systems Security Association (ISSA) and was the co-founder and first president of the Information Technology Information Sharing and Analysis Center (IT-ISAC). He was the Vice-Chair of the Board of Directors for (ISC)2 and Security Strategist for the Board. He is a former executive board member of the International Organization of Computer Evidence, and served as the co-chairman of the Federal Computer Investigations Committee. He is a member of the American Academy of Forensic Scientists. He had served as a board member for the Cyber Crime Advisory Board of the National White Collar Crime Center.
He served as an augmented member to the President Clinton's Committee of Advisors on Science and Technology (PCAST) in the formation of an Institute for Information Infrastructure Protection (I3P). He has testified before congressional committees, written books on cybersecurity, and received numerous awards, including the CSO Magazine "Compass Award," Baseline Magazine's "The 50 Most Influential People in Business IT," and the Federal 100 Award, to name just a few.
Mr. Schmidt has been a member of the Information Security Privacy Advisory Board (ISPAB). He has also been a member of the Permanent Stakeholders Group (PSG) for the European Network Information Security Agency (ENISA). He was a member of the High Level Experts Group (HLEG) for the ITU and the Global Cyber-security Agenda (GCA).
Mr. Schmidt holds a bachelor's degree in business administration (BSBA) and a master's degree in organizational management (MAOM) from the University of Phoenix. He also holds an Honorary Doctorate degree in Humane Letters. Howard was an Adjunct Professor at GA Tech, GTISC, Professor of Research at Idaho State University and Adjunct Distinguished Fellow with Carnegie Mellon's CyLab and a Distinguished Fellow of the Ponemon Privacy Institute.
Howard is a Ham Radio operator (W7HAS), a private pilot, outdoorsman and an avid Harley-Davidson rider. He is married to Raemarie J. Schmidt, a forensic scientist and researcher and instructor in the field of computer forensics.
|
| 9:15 a.m. - 9:30 a.m. |
Break and Networking |
| 9:30 a.m. - 10:45 a.m. |
Track A:
Standards and Directives |
Track B:
Government Services Modernization |
Track C:
Critical Infrastructure |
Track D:
Horizon |
Track E:
Threat Landscape |
Session A-1 Security Information Protocols: Navigating the Landscape and Winning the Paperwork Game
Session A-1: Security Information Protocols: Navigating the Landscape and Winning the Paperwork Game
From the Federal Information Security Management Act (FISMA) to Federal Desktop Core Configuration (FDCC) to IPv6, IT security officials spend a significant amount of their time managing Federal security mandates and compliance issues. Protocols, such as the National Institute of Standards and Technology’s (NIST’s) Security Content Automation Protocol (SCAP), provide IT officials with standardized ways to manage security and verify compliance. This session will share information on latest metrics, provide examples of current use cases, and provide updates on current NIST publications. Plan to attend this lively discussion and join the dialogue about compliance versus security and how enterprises benefit from meeting new standards.
Ned Miller, Director, Public Sector Strategy, Symantec [Moderator]
Ned Miller, a 25 year technology industry veteran is currently the director of strategy for Symantec's Public Sector Business Unit. Mr. Miller is responsible for working with government customers to identify, architect, and solve complex business and technical challenges by creatively leveraging emerging technologies and standards. Mr. Miller is also the internal champion at Symantec for driving innovative solution approaches in support of standards initiatives and programs such as next generation FISMA, Security Content Automation Protocol (SCAP), Cyber Scope, and Cloud Based Security.
Prior to joining Symantec, Mr. Miller served as the chief executive officer of a security company that was an early pioneer in the development of the SCAP standards and brought the first SCAP-validated product to the marketplace. In addition, Mr. Miller has authored numerous white papers on enterprise security management and is the co-inventor of a series of next generation network security patents.
Ron Ross, Senior Computer Scientist and Information Security Researcher, National Institute of Standards and Technology
Dr. Ron Ross is a senior computer scientist and information security researcher at the National Institute of Standards and Technology (NIST). His areas of specialization include security requirements definition, testing and evaluation, risk management, and information assurance. Dr. Ross leads the Federal Information Security Management Act (FISMA) Implementation Project for NIST. He is also the principal architect of the NIST Risk Management Framework that provides a disciplined and structured methodology for integrating the suite of FISMA security standards and guidelines into a comprehensive enterprise-wide information security program. In addition to his responsibilities at NIST, Dr. Ross supports the U.S. State Department in the international outreach program for information security and critical infrastructure protection.
Dr. Ross previously served as the Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency and had a 20-year career in the U.S. Army. While assigned to the National Security Agency, he received the Scientific Achievement Award and was awarded the Defense Superior Service Medal upon his departure from the agency. Dr. Ross is a two-time recipient of the Federal 100 award for his leadership and technical contributions to critical information security projects affecting the Federal government.
Tony Sager, Information Assurance Directorate, National Security Agency
Tony Sager is the chief of the Vulnerability Analysis and Operations (VAO) Group within the Information Assurance Directorate at the National Security Agency (NSA). VAO’s mission is to identify and analyze the vulnerability of information, technology, and operations for NSA customers, primarily within the Defense Department and the Intelligence Community. VAO is also very active in helping the broader national security community deal with these same problems through guidance and standards. During the last year, VAO has received recognition from several private sector sources (including SC Magazine Editor’s Choice for 2007; and The National Information Security Leadership Award from Government Executive Magazine and the SANS Institute).
During his 30 year career at the NSA, Mr. Sager has held a number of technical and managerial positions in computer/network security and software analysis. He holds a BA in Mathematics from Western Maryland College and an MS in Computer Science from the Johns Hopkins University. Mr. Sager is also a graduate of the U.S. Army Signal Officer Basic Course (as a civilian) and the National Security Leadership Course. He is in constant demand to be the keynote speaker at national and international security events.
|
Session B-1 IT Consolidation: Do Good Things Always Come in Small(er) Packages?
Session B-1: IT Consolidation: Do Good Things Always Come in Small(er) Packages?
IT consolidation results in fewer systems to manage, a reduction in the number of points of vulnerability, the elimination of redundancies, and system standardization. But, it can also present challenges such as how to consolidate infrastructure without compromising performance and end-user data access. Security across virtual platforms and the management of the virtual environment remain top of mind for many agencies moving toward this convergence of IT. Expert panelists will provide updates on OMB's data center reduction directives, discuss the drivers for IT consolidation, and share practical best practices for mapping the associated challenges and benefits based on current government and industry experience.
Robert Otto, Executive Vice President, Agilex and Former Chief Technology Officer, U.S. Postal Service [Moderator]
Robert Otto leads the IT Advisory Services practice at Agilex Technologies. He is one of the most distinguished and highly recognized CIO leaders in government and industry.
Mr. Otto comes to Agilex Technologies after 38 years of Federal service, including 27 years at the United States Postal Service (USPS), where he retired as chief information officer and chief technology officer for the $75B organization. In this capacity, he worked tirelessly to consolidate, modernize, standardize, and automate systems throughout USPS, which allowed the agency to reduce spending by over $750M. He was also an innovator in empowering users with new capabilities (e.g., mobile devices, advanced analytics, and centralized ERP) and he grew USPS’s award-winning e-commerce site to serve over one million users per day. He also established shared service centers for key functions – finance, human resource, and customer service – to improve service levels and reduce costs. During his tenure, USPS was recognized for five consecutive years as one of the best places to work in IT by ComputerWorld with annual turnover averaging just 3%.
Mr. Otto has won numerous industry and postal awards including the Vice President’s Award in 1996 and 2000, the Inspector General Award in 2001, the Board of Governors Award in 2003, and the most prestigious John Wannamaker award in 2007. Externally, he is a recipient of the prestigious Federal 100 Award and he was also recognized as a CTO of the Year by InfoWorld. He received his education and training from the University of Virginia, Duke University, and the University of Maryland, with a Master’s degree in Public Administration from American University.
Keith Blodgett, Vice President, Regional Delivery and Enterprise Accounts, HP Enterprise Services
Keith Blodgett is vice president, regional service delivery and enterprise accounts, for HP Enterprise Services U.S. Public Sector. He currently leads leveraged and service delivery with focus on ITO and BPO operations for U.S. public sector and leads enterprise accounts such as HSPD-12 and E-Travel. In this role he is also responsible for developing and maintaining the Enterprise Business Office that sponsors and controls the centralized quality systems for Capability Maturity Model Integration (CMMi) Level 5, ISO 9000, 20000 and 27000 registrations.
Previously, he was a delivery executive from 2003 to 2007 for EDS, now HP, responsible for the functional operations and leadership with Federal healthcare clients – U.S. Department of Veteran Affairs and Department of Defense – with focus on both payer, eligibility, and medical provider systems.
In 2001, Blodgett was appointed client delivery executive for Government Transportation and Management Systems. He led a region of EDS civilian accounts, including U.S. Department of Transportation, Department of Housing and Urban Development, Federal Aviation Administration, and National Aeronautics & Space Administration (NASA).
After 9/11, Blodgett was charged with building business and relationships with the newly forming elements of the Department of Homeland Security. He managed activities such as development of the integrated Transportation Security Administration (TSA) startup plan and program, working with A.T. Kearney, PricewaterhouseCoopers, and EDS consultants to lead the integration and development of the standup of the TSA as an agency. During this period, he successfully led the TSA Transportation Worker Identification Card (TWIC II) Program, TSA Registered Traveler pilot, and NASA Smart Card programs. Blodgett also led three separate software and engineering teams to CMMi Level 5-assessed software development citations.
Blodgett joined EDS in 1985 during the General Motors transition, with the GM Rochester
Products division where he provided technical operations support. In 1987, he transitioned from the EDS GM operations to the Washington, D.C. Information Processing Center, initially as a resource management leader and eventually as facility operations manager.
Before joining General Motors and EDS, Blodgett was a programmer for a small business. He graduated from State University New York in 1985.
Anil Chakravarthy, Senior Vice President, Symantec
Anil Chakravarthy is senior vice president of the Storage and Availability Management Group at Symantec Corporation and oversees product management, engineering, and delivery. Chakravarthy is active with customers in ensuring the world’s mission critical IT infrastructure and largest data centers are successfully managed using storage and availability solutions from Symantec.
Key products in the Storage and Availability Management Group include Veritas Storage Foundation, Veritas CommandCentral, Veritas Cluster Server, and Symantec FileStore product lines. Each of these solutions is available across all major UNIX, Linux, and Windows operating systems, enabling IT organizations to reduce cost and complexity through standardization on storage and availability management solutions from Symantec.
Chakravarthy previously served as the senior vice president of Symantec’s Enterprise Product Operations where he was responsible for driving common technology strategy and vision, business development, engineering processes and quality, and strategic operations across Symantec’s enterprise product lines. Prior to that role he served as the senior vice president of Symantec’s Global Consulting and Managed Services businesses. He also held the roles of vice president of India Technical Operations (based in Pune, India) and vice president of Business Critical Services. Chakravarthy joined Symantec in May 2004 as senior director of business operations.
Prior to Symantec, Chakravarthy worked at VeriSign where he was director of product management, responsible for managing the entire product lifecycle for the company’s application and network security services. He also served as vice president of marketing at Logictier, a managed services provider. He started his career as a consultant at McKinsey & Company, where he specialized in developing e-business and IT transformation strategies.
Chakravarthy holds a doctorate from the Massachusetts Institute of Technology (MIT), where he received the MIT-Japan Science and Technology Prize for his research. He earned his Bachelor’s degree in computer science from the Institute of Technology in Varanasi, India, where he was a chancellor’s Gold Medalist. He is also a Certified Information Systems Security Professional (CISSP).
Rick Holgate, Assistant Director for Science & Technology, Bureau of Alcohol, Tobacco, Firearms & Explosives
H. Richard Holgate was appointed as assistant director for science & technology and chief information officer at the Bureau of Alcohol, Tobacco, Firearms & Explosives (ATF) on August 3, 2009. In this role, he is responsible for strategy, planning, management, and delivery of information technology and information services; financial investigative services; and laboratory services, in support of ATF's mission.
In 2004, Dr. Holgate was appointed to be the assistant director for information technology and command information officer at the Naval Criminal Investigative Service (NCIS). In 2007, he was promoted to executive assistant director, a new position established under an agreement with the Director of Naval Intelligence. In that capacity, he was responsible for: delivery of IT services to more than 2,400 NCIS employees worldwide; transition of NCIS to the Navy Marine Corps Intranet (NMCI); management of NCIS' application portfolio; IT strategy and planning; and integration of NCIS's information management needs with those of its collaborative counterparts across the Department of the Navy and Department of Defense, as well as other Federal, state, and local organizations.
Prior to joining NCIS, Dr. Holgate was employed as a senior manager with BearingPoint, Inc. During his eight years at BearingPoint, he fulfilled a variety of responsibilities including all aspects of project management, team management, and business development. His clients included many organizations across the Department of Defense; and specifically within the Department of the Navy he worked with information technology, Navy Staff, logistics, and financial management organizations. Dr. Holgate also led a Zero-Based Review of NCIS's mission and activities in 2002, and worked closely with the NCIS modernization and leadership teams, first as a contractor and then as command information officer.
Prior to his work at BearingPoint, Dr. Holgate worked at the MITRE Corporation, where he supported the Air Force, Army, and intelligence community on issues related to, respectively: base realignment and closure and environmental restoration; chemical weapons demilitarization; and arms control verification.
Dr. Holgate has been a certified project management professional and is a member of the Project Management Institute, the Armed Forces Communications and Electronics Association, the National Defense Industrial Association, the Navy League, the Naval Institute, the International Association of Chiefs of Police, the American Chemical Society, and the American Institute of Chemical Engineers.
Dr. Holgate's educational background includes degrees in chemical engineering from Princeton University (BSE) and the Massachusetts Institute of Technology (MS and PhD).
Karen Petraska, Acting Program Executive for Data Centers, National Aeronautics and Space Administration
Karen Petraska is presently serving as the acting program executive for data centers in the National Aeronautics and Space Administration (NASA) Office of the Chief Information Officer. Karen has a Masters Degree in computer science and nearly 25 years of experience between academia, industry, and government. She has worked in several areas of enterprise IT infrastructure services including messaging, directories, authentication/authorization, networks, and IT security, and has a significant interest in the challenges of technology and policy integration in large organizations. Karen most recently served as the NASA program executive for Authentication and Authorization where she led NASA's HSPD-12 implementation and delivered several key capabilities to ensure NASA's compliance. Previously, she served as the chief information officer at NASA's Ames Research Center and before that, as the chief of the Information Services and Technology Division at NASA's Goddard Space Flight Center.
|
Session C-1 Smart Grid: Can Government and Industry Make the Security Grade?
Session C-1: Smart Grid: Can Government and Industry Make the Security Grade?
The "smart grid" promises to improve energy delivery while empowering consumers and businesses to make smarter usage decisions and minimize their impact on the environment. The Obama administration places a high priority on accelerating smart grid implementation. But will open communication between the meter and the utility – as well as the resulting exponential growth in data volume – open the power grid to even more sophisticated hacker threats and other attacks? Join this session to hear experts discuss what must be done to ensure grid security and how the government and industry can work together to define the necessary cyber security criteria and standards.
Jose Iglesias, Vice President, Global Solutions, Symantec [Moderator]
Jose Iglesias is vice president of global solutions at Symantec Corporation. In his role, Iglesias leads the efforts for integrating availability and security into solutions of value for customers worldwide. One of these solutions is Green IT, having significant value in delivering software that saves energy without compromising effectiveness. This includes the next generation, Green IT 2.0, which encompasses protecting the Smart Grid, an approach to significantly increase energy efficiency and reliability of the delivery process while reducing consumption. Recently, Iglesias led the Symantec initiative to promote significant growth in China and Japan by heading up the local engineering laboratories in the region and identifying solutions in those local markets.
Iglesias joined Symantec at the time of its merger with VERITAS Software Corporation. Prior to that, Iglesias headed the storage foundation business at VERITAS by managing its core components such as: VERITAS Storage Foundation, VERITAS File System, VERITAS Volume Manager, and advanced features including off-host virtualization, quality of storage service, and application aware infrastructure. Furthermore, Iglesias oversaw the development of joint storage foundation technology capabilities with the company’s strategic partners. During his tenure at VERITAS, Iglesias was responsible for all of the company’s product management, including defining and expanding the company’s product portfolio into new markets.
Before joining VERITAS, Iglesias spent 23 years at IBM where he was responsible for IBM’s Tivoli Storage business, architecture, development, and advance technology research. In addition, Iglesias managed the delivery of high-performance UNIX File Server software, as well as the development of disk drive technology and micro code programming.
Iglesias holds a bachelor’s degree in Mathematics and a master’s degree in Computer Science, both from Stanford University. He is a member of the Board of Directors for the Sustainable Silicon Valley (SSV) organization, as well as a member of the Society of Hispanic Professional Engineers, IEEE, and Stanford Alumni.
Bill Hunteman, Senior Advisor for Cyber Security, Department of Energy
William (Bill) Hunteman is currently a senior advisor for cyber security in the Department of Energy (DOE) Office of Electricity Delivery and Energy Reliability. Bill has degrees in Mathematics and Electrical Engineering/Computer Science. He has more than 40 years of experience in the computer field, mostly in high performance computing, networks, and all aspects of cyber security. Bill has served as the DOE chief information security officer, and the DOE National Nuclear Security Administration cyber security program manager. Bill has participated in national efforts to develop cyber security standards and the development of the Comprehensive National Cyber Security Initiative.
Annabelle Lee, Senior Cyber Security Strategist, National Institute of Standards and Technology
Annabelle Lee's experience comprises more than 30 years of technical experience in IT system design and implementation as well as 20 years of IT security specification development and testing. Throughout her career, she has authored or co-authored many documents on IT security, cryptography, and testing. She began her career in private industry concentrating on software testing and quality assurance.
Currently, Annabelle is the lead for the Smart Grid cyber security task at the National Institute of Standards and Technology. The objective of the task is to develop a suite of cyber security requirements for the Smart Grid using a high level risk assessment methodology. She leads the Smart Grid Interoperability Panel-Cyber Security Working Group which consists of close to 400 representatives from the public and private sectors, academia, regulatory bodies, and other Federal agencies.
|
Session D-1 Cutting through the Cloud Hype: Do You Need It and How Do You Know?
Session D-1: Cutting through the Cloud Hype: Do You Need It and How Do You Know?
Hype vs. reality – which applications and functions lend themselves to the benefits of the cloud vs. which should be retained in a traditional hosting environment? When is it appropriate, and when does the cloud environment not make sense? Cloud computing has become the hot new technology in government IT. But, is cloud always the best option and what are the alternatives? Government IT professionals are challenged with how to secure an environment that is available everywhere and owned by a service provider – not the government agency. How can you manage your risk in this environment? This session will analyze the cloud environment that exists now, discuss the benefits of moving or not moving certain apps and functions to the cloud securely, and provide case study examples of security lessons learned from successful cloud deployments.
Howard Clifford, Distinguished Technologist and Chief Technologist for Homeland Security and Intelligence, HP [Moderator]
Howard Clifford is an HP Distinguished Technologist and the chief technologist for homeland security and intelligence. Mr. Clifford has over 30 years of experience in systems engineering and technical consulting, and has broad knowledge of HP’s expansive portfolio of products and services. He has been a technical leader within HP’s Federal Services business for over 25 years, with five of those years in the role of CTO. During this time, the business grew from $3M a year to over $1B a year.
His technical experience includes extensive work with operating system internals, several computer architectures, device drivers on numerous platforms, file system and storage system design and development, and network programming at both the application level and at several of the lower enabling layers, and he is fluent in numerous high level programming languages and several assembly languages. He has for many years designed complex software algorithms and systems involving single and multiple processors on stand-alone, clustered, and networked systems and has designed and developed many large complex systems. He has designed and developed applications that span multiple sub-disciplines of computer science, including networking, databases, operating systems, file systems, real-time automated signal processing, and multi-processor communications. Some of his work has been the foundation upon which more than 100 successful, large applications have been designed and deployed by a large community of developers. Many of his systems have been forward deployed and have produced important operational intelligence.
Mr. Clifford graduated from SUNY Binghamton with a degree in Mathematical Physics. While at SUNY he received a grant from the National Science Foundation to develop a mathematical model of a commonly used clinical linear accelerator. After graduation he worked for Computer Sciences Corporation in Silver Spring, Maryland on a contract to NASA Goddard in the Satellite Attitude Determination and Control office and on the Landsat-4 project. Mr. Clifford joined Digital Equipment Corporation in 1984 and stayed with the company during the mergers with Compaq in 1998 and with Hewlett-Packard in 2002.
John Bordwine, Chief Technology Officer, Public Sector, Symantec
With over a decade of experience in the security industry, John Bordwine is widely recognized as an expert in his field. John is currently the public sector chief technology officer at Symantec where he is focusing on the specific requirements and certifications to ensure security solution compliance to the U.S. Federal and state/ local agencies. As the Symantec Public Sector chief technology officer (CTO), John currently serves as a trusted advisor, providing guidance on the development of products and solutions that meet government requirements and certifications specifically focused on the Public Sector markets. John’s responsibilities also include all technical activities related to Public Sector customers, which includes Federal, state, and local government agencies, and education industries. In addition to these responsibilities, John also provides guidance to other Symantec business units around specific requirements to the Public Sector industry.
Previously, John spent over five years with McAfee as the public sector CTO and senior director of security engineering. John served as McAfee’s senior director of security engineering and was responsible for developing and managing a team of security engineers across North America. This team was created for the purpose of transforming McAfee’s then-current business model based solely upon security solutions.
Prior to joining McAfee, John was the director of Federal systems engineering at Enterasys Networks where he provided guidance for U.S. Government product certification and compliance.
John has spoken at numerous highly-acclaimed security events, including SANS Institute events, FOSE, AFITC, and U.S. Government agency-specific functions. John holds a Top Secret clearance and served in the U.S. Army Signal Corps where his last assignment was with the White House Communications Agency.
Robert Carey, Chief Information Officer, Department of the Navy
Mr. Robert J. Carey serves as the fifth chief information officer (CIO) for the Department of the Navy (DON). As the DON CIO, Mr. Carey is the senior Information Management/Information Technology (IM/IT) official in the Department. As such, he determines policy and provides top-level advocacy for the secretary of the navy for the development and use of IM/IT and creation of a unified IM/IT vision for the Navy–Marine Corps team. He develops strategies, policies, plans, architectures, standards, and guidance, and provides process transformation support for the entire Department of the Navy. Additionally, he ensures that the development and acquisition of IT systems are interoperable and consistent with the Department’s objectives and vision. Mr. Carey is the Department’s cyber/IT workforce community leader and also serves as the critical infrastructure assurance officer and the senior military component official for privacy.
Mr. Carey entered the Senior Executive Service in June 2003 as the DON deputy CIO (policy and integration) and was responsible for leading the DON CIO staff in developing strategies for achieving IM/IT enterprise integration across the Department.
Mr. Carey's Federal service began with the U.S. Army at Aberdeen Proving Ground in October 1982 where he worked as a test director for small arms and automatic weapons. He began his service with the Department of the Navy in February 1985 with the Naval Sea Systems Command. He worked in the Anti-Submarine/Undersea Warfare domain where he served in a variety of engineering and program management leadership positions within the Acquisition Community, culminating in his assignment as the deputy program manager for the Undersea Weapons Program Office, PMS 404. Mr. Carey joined the staff of the DON CIO in February 2000, serving as the DON CIO eBusiness team leader through June 2003. During this period he also served as the director of the DON Smart Card Office from February through September 2001.
Mr. Carey attended the University of South Carolina where he received a Bachelor of Science degree in engineering in 1982. He earned a Master of Engineering Management degree from the George Washington University in 1995. He has been a member of the Acquisition Professional Community and has been awarded the Department of the Navy Meritorious, Superior, and Distinguished Civilian Service Awards, as well as numerous other performance awards. He received the prestigious Federal 100 Award in 2006, 2008, and 2009 recognizing his significant contributions to Federal information technology. Mr. Carey was also named Department of Defense Executive of the Year for 2009 by Government Computer News.
Mr. Carey is an active member of the U. S. Navy Reserve and currently holds the rank of Commander in the Civil Engineer Corps and has been selected for Captain. He was recalled to active duty for Operation Desert Shield/Storm and most recently Operation Iraqi Freedom, where he served in the Al Anbar province with I Marine Expeditionary Force.
Timothy Johnson, Enterprise Architect, Office of The Under Secretary of Defense for Acquisition, Technology and Logistics, Department of Defense
Mr. Timothy Johnson is U.S. Federal civilian assigned to the Office of the Under Secretary of Defense for Acquisition, Technology and Logistics (OUSD, AT&L) staff. Timothy is an enterprise architect mapped to the Acquisition, Resource, and Analysis Division supporting Department of Defense (DoD) Acquisition Visibility. Timothy has over 20 years of information management & information technology experience supporting the U.S. Federal government. Throughout his career, he has provided the U.S. Federal government with thought leadership, in all aspects of the Warfighter and Business model, and has moved the DoD forward through advancements in technology, emerging business concepts, and collaborative forums. All the major initiatives which Timothy led, implemented or supported, have spanned the Defense Enterprise; most have been cross-services/cross domain and facilitated the DoD goal of Net-Centricity.
|
Session E-1 Cyber Warfare, Cyber Espionage, or Cyber Crime: What is the Difference? Join the Debate
Session E-1: Cyber Warfare, Cyber Espionage, or Cyber Crime: What is the Difference? Join the Debate
Once a cyber threat gains access to a system, it can quickly gain control over the system – and once this occurs, the motivation and intent of the threat actor determines the system’s use. With the creation and proliferation of malicious code for sale, cyber "burglary" or espionage tools can become cyber "weapons" upon command. This session will examine what steps the government can take to deter cyber burglary, including when cyber burglary moves from crime to espionage and warfare.
Matt Stern, Director, Cyber Accounts, General Dynamics Advanced Information Systems [Moderator]
Matt Stern is the director of cyber accounts for General Dynamics Advanced Information Systems, providing subject matter expertise in cyber space operations to the company and its customers.
Stern joined General Dynamics Advanced Information Systems in August 2008. He previously served as the senior cyberspace operations advisor to the General Dynamics Advanced Information Systems team supporting the U.S. Computer Emergency Readiness Team (US CERT) branch of the Department of Homeland Security.
Before joining the company, Stern spent 22 years in the U.S. Army culminating with command of 2nd Battalion, 1st Information Operations Command and the Army Computer Emergency Response Team (ACERT). This is the first unit in U.S. Army history dedicated to cyberspace operations.
Stern is an established expert on information technology, network security, information operations, and special information operations. He has focused his career on the military conduct of cyberspace operations including network defense, exploitation, and tactical use of cyber in theater. He has developed his knowledge and expertise through practical experience leading his command, the U.S. military data communication services in Iraq, support to the technical architecture of the U.S. Army’s digitized Armored Corps, and the systems integration for the Land Information Warfare Activity Information Dominance Center. Stern is also a decorated combat veteran of Operations Desert Shield/Storm and Iraqi Freedom.
Stern holds a master’s degree in Information Systems and Computer Resource Management from Webster University and a bachelor’s degree in Political Science from Northern Illinois University.
Trent Teyema, Deputy Director, National Cyber Investigative Task Force, Federal Bureau of Investigation
Arthur Wachdorf, Senior Advisor for Intelligence and Cyber Operations, U.S. Air Force
Arthur L. Wachdorf is the senior adviser for Intelligence and Cyber Operations, 24th Air Force, Air Force Space Command, Lackland Air Force Base, Texas. He advises the commander on cyber and intelligence related issues. He develops and refines processes, operational concepts, and organizational constructs for cyber operations in support of Air Force and jointrequirements. Mr. Wachdorf serves as a functional expert, coordinating cyberspace related issues with Headquarters U.S. Air Force, Air Force Space Command, and other joint and national agencies. He establishes and maintains essential relationships within the Department of Defense and civil industry, ensuring the crossflow of information relating to Air Force cyber capabilities and processes. Mr. Wachdorf is a Highly Qualified Expert who will serve in this assignment for three years.
Mr. Wachdorf received his commission in 1977 from the U.S. Air Force Academy. He completed undergraduate pilot training and was subsequently assigned as a T-38 instructor pilot before transitioning to F-15s in 1982. He served in a variety of positions, including flight commander, wing flight safety officer, and assistant operations officer. He was qualified as an F-15 flight lead, mission commander, and instructor pilot. Mr. Wachdorf also served as the fighter liaison officer for the 3rd Infantry Division, Wurzburg, Germany. In 1994, he was selected as the first commander for the Air Education and Training Command Air Operations Squadron, Randolph AFB, Texas. In this capacity, he also served as the AETC senior intelligence officer and was responsible for a variety of operational programs. Mr. Wachdorf transitioned to the Air Intelligence Agency staff, developing the information warfare flight concept and fielding the initial flights. He then moved to the Air Force Information Warfare Center where he stood up and commanded the 318th Information Operations Group. In 2001, he assumed command of the Air Force Information Warfare Center, retiring in 2003.
As a civilian, Mr. Wachdorf continued his involvement in cyber working in industry. He has worked on a variety of cyber and information operations projects including the Joint Information Operations Range, information operations training, and operational concept development.
Robert Whitkop, Executive Director, Assistant Chief of Naval Operations for the Next Generation Enterprise Network (ACNO NGEN)
|
|
| 10:45 a.m. - 11:15 a.m. |
Break and Networking |
| 11:15 a.m. - 12:30 p.m. |
Session A-2 Protecting Sensitive Data
Session A-2: Protecting Sensitive Data
Health data, Social Security numbers, personnel information – Federal agencies deal with massive amounts of confidential information. This session will focus on how to protect sensitive and Personally Identifiable Information (PII) from loss, destruction, or disclosure. Specifically, the session will examine privacy and data loss prevention regulations, the CIO Council Privacy Subcommittee's Publication 853, and status updates including proposed legislation that would create rules for notifying potential victims of identity theft. The session will also discuss the challenges that state and local governments face with real rubber-meets-the-road citizen transactions.
Tiffany Jones, Director, Public Sector Programs and Strategy, Symantec [Moderator]
Tiffany Jones heads Symantec’s Public Sector Strategy and Programs team. In that capacity, she and her team are responsible for developing and managing Symantec’s partnerships and programs strategy, working closely with senior government customers and systems integrators to address their needs and requirements.
Ms. Jones represents Symantec and U.S. industry in many senior capacities, including as the company press spokesperson, conference keynote speaker and panelist, designated representative for the company chief executive officer and vice presidents during high profile events and initiatives, and delegate at several government-industry bilateral events with foreign governments. She is a member of the CSIS Commission, is on the board of the IT-Sector Coordinating Council (IT-SCC) and the National Cyber Security Alliance, Executive Committee of the IT-ISAC, and immediate past chair of the Information Security Committee at TechAmerica.
Prior to assuming her current role, Ms. Jones led Symantec’s North and Latin American Government Affairs team from March 2003 to October 2009. In that capacity, she and her team developed public policy concerning technology, information security, privacy, and other issues to assist legislators and agencies on the development of technology and business related policy.
Before working for Symantec, Ms. Jones was deputy chief of staff of the President’s Critical Infrastructure Protection Board at the White House. In addition to her deputy chief of staff responsibilities, she was responsible for Government and Public Affairs, Cybersecurity Education and Awareness programs, and Industry Outreach. Ms. Jones coordinated all 11 White House town hall events for the National Strategy to Secure Cyberspace dialogue, and assisted in the drafting of the document.
Ms. Jones graduated from the Coast Guard Academy and received her commission as a coast guard officer. Operational duties included deck watch officer, assistant operations officer and law enforcement officer aboard the cutter JUNIPER in Newport, RI, executive officer and lead law enforcement officer aboard the cutter GRAND ISLE in Gloucester, MA, and coast guard congressional affairs liaison for the Coast Guard and Department of Transportation.
Ms. Jones’ military awards include Coast Guard Officer of the Year Award (2002), a Coast Guard Commendation Medal, two Coast Guard Achievement Medals, numerous Commandant’s Letter of Commendation Ribbons, the Coast Guard Meritorious Unit Commendation award, Coast Guard Meritorious Team Commendation award, six Special Operations Ribbons, the Sea Service Ribbon and other unit citations.
Ms. Jones is married with two children, enjoys singing, cooking and spending time with family and friends.
Jerry Hanley, Chief Privacy Officer, Department of Energy
Chuck McGann, Corporate Information Security Officer, U.S. Postal Service
Charles L. (Chuck) McGann, Jr. is the Corporate Information Security Officer for the United States Postal Service (USPS). In this capacity, he has the responsibility of securing an intranet that is the largest maintained by any organization in the world with over 185,000 workstations and more than 20,000 servers. In August of 2000, McGann was selected to create the Postal Service's Computer Incident Response Team. He is also responsible for all security vulnerability assessments, intrusion prevention, and detection functions.
In his 22 years with the Postal Service, McGann has held numerous positions, entering as Manager, Information Systems for the Springfield, Massachusetts district, and later served as acting postmaster, business systems analyst, business project leader, distributed systems security specialist and CIRT manager.
McGann came to the Postal Service from the private sector with a varied background, including local politics, IT experience in healthcare and manufacturing, and law enforcement.
McGann holds an MBA from Strayer University, a bachelor’s degree from the University of Massachusetts, and two associate's degrees from Springfield Technical Community College. He is a certified information systems security professional (CISSP), a certified information security manager (CISM) and holds a certification for information assurance methodology (IAM) from the National Security Agency (NSA).
Timothy Ruland, Chief Information Technology Security Officer, Census Bureau
Tim Ruland began his career in the military where he served 13 years in the U.S. Army. He served in many assignments, including Thailand, Germany, Fort Ord, California., and Ft. Meade, Maryland, as a military intelligence analyst and linguist (in Vietnamese, Russian, and Korean), and a military policeman. Upon his honorable discharge from the Army, he served as a software configuration manager with a defense contractor for four years.
Mr. Ruland joined the Census Bureau in 1991 when he was hired to establish a configuration management process for the 1992 Economic Census, after which he earned the position of division security officer. After spending 18 months as the division security officer, configuration manager, and system administrator, Mr. Ruland moved to the ADP Security Branch. In 1998, Mr. Ruland was promoted to branch chief where his first action was to change the name of the organization to better reflect the more diverse role of the organization, the IT Security Branch. Mr. Ruland has been instrumental in the development of the Census Bureau IT Security Program and the office has grown to four staffs consisting of 23 employees and approximately 20 contractors in support of the enterprise IT Security Program.
The growth of the security staffs resulted in a reorganization establishing Mr. Ruland as the senior agency information security officer reporting directly to the CIO and providing regular briefings and support to the Census senior executives, as well as providing briefings to the Department of Commerce. Mr. Ruland is a Certified Information Systems Security Professional, Certified Information Security Manager, Certified Functional Continuity Professional, and holds a master’s certificate in Project Management from George Washington University. He has completed the Framework for FISMA Seminar Series hosted by the Potomac Forum and is a FISMA Fellow. He is currently pursuing certification as a Certified Information Privacy Professional in the Government from the IAPP and is working on a degree as a paralegal. Mr. Ruland holds a Sociology degree from the University of Maryland.
|
Session B-2 E-Discovery Policy & Automation: Up in the Cloud and Back Down to Earth
Session B-2: E-Discovery Policy & Automation: Up in the Cloud and Back Down to Earth
Compared to the manual scrutiny required to review paper-based documents, it is possible to search digital data using automation tools to ease investigation requirements. However, numerous privacy concerns, as well as the growing volume of digital data, paint a very complex picture for E-Discovery moving forward. Explore the positive and negative influences of technology on the records and information management discipline today and understand where automation is helping to manage exponentially increasing information stores, and which new technologies are actually complicating agency mandates for increased transparency. This session will address how agencies are preparing for growing E-Discovery requirements from various types of media and storage methods, and how these initiatives are creating a plethora of security and legal hurdles for agency records and executive managers.
James Soliday, Engineering Manager, DLT Solutions [Moderator]
James Soliday joined DLT in September 2006, and now serves as the engineering manager for the Enterprise Data Management Division of DLT Solutions. In addition to spearheading the Strategic Accounts Program, a program focusing on customer care and additional levels of support, Soliday is responsible for post-sales implementation and pre-sales engineering. Additionally, he oversees The DLT Service Center, a U.S. citizen, U.S. soil-based 24×7 call center and technical support for Symantec, NetApp, and Quantum data management technology.
Soliday’s expertise includes extensive knowledge of Symantec Netbackup, Enterprise Vault, and storage solutions such as NetApp and Quantum.
Soliday has over 10 years within the information technology arena, five of which were served in the U. S. Air Force as a systems engineer. Previously, he worked as a systems engineer for WebMD and was a part of Remote Technical Services team for Cardinal Health Inc.
Soliday earned an MBA in Computer Management Information Systems from Park University in 2007.
Annie Goranson, Discovery Attorney, Symantec
Annie Goranson is discovery attorney with Symantec Corporation. As discovery attorney, Ms. Goranson works with both customers and Symantec’s internal teams on various e-Discovery and information management issues. Ms. Goranson recently participated on a committee of experts organized by the Organization of American States to draft a Model Law on Access to Information and a corresponding Implementation Guide. Previously, Ms. Goranson was corporate counsel for Symantec where she was responsible for managing the company’s litigation matters and counseling internal clients on a broad range of dispute resolution issues.
Prior to joining Symantec, Ms. Goranson was in private practice where she assisted international and domestic clients in conducting internal investigations and responding to investigations by various government and regulatory authorities.
John Moses, Director, Collection Strategies Division, Office of Environmental Information, Environmental Protection Agency
John Moses is the director of the Collection Strategies Division at the U. S. Environmental Protection Agency (EPA). He has more than 20 years of experience in the private and public sector, ranging from analyzing environmental programs to evaluating and devising environmental and information management policies to developing and operating information technology solutions. Mr. Moses' division oversees and sets agency-wide policy and procedures, ensures compliance, and provides training for Privacy, Freedom of Information, Records Management Program, and the Paperwork Reduction Act Program. Most recently, he led a cross-EPA team that produced EPA's Open Government Plan. His staff operates two internal, multi-million dollar fee-based services (EPA's Headquarters docket processing center and EPA's email records management system) and one federal-wide, multi-million dollar fee-based and public-facing effort (the eRulemaking Program, which is publicly accessible at www.regulations.gov).
As a leading expert in using the Internet to improve rulemaking and government transparency, he has briefed Congressional committees, given numerous interviews for print and radio journalists, presented hundreds of speeches at governmental, academic, and general interest conferences and meetings, and given dozens of presentations to foreign government delegations (e.g., Ireland, China, Japan, United Kingdom). Over the last several years, Mr. Moses and his team have received many accolades for their efforts including: 2010 Intergovernmental Solutions Award - for "adopting innovative solutions in creative and beneficial ways to meet mission goals" for the eRulemaking Program (American Council for Technology), 2009 Excellence in Open and Transparent Government Award for the Regulations.gov/Exchange (Armed Forces Communication and Electronics Association); 2009 Archivist Achievement Award for "EPA's successful deployment of the Enterprise Content Management System" (National Archives and Records Administration); 2008 Federal 100 "Agent of Change" award (Federal Computer Week); 2008 CIO Council "Leadership" award (Federal Chief Information Officers Council); and two EPA Gold Medals for Exceptional Service in 2008 and 2005.
Before joining EPA in 1992, Mr. Moses conducted research on innovative environmental programs at the Aspen Institute and worked as a management consultant in the private sector. Mr. Moses received both his Master's and Bachelor's degrees from Cornell University.
Catherine Teti, Managing Director for Knowledge Services, Chief Agency Privacy Officer, Government Accountability Office
Catherine Teti is the managing director for knowledge services, chief agency privacy officer, U.S. Government Accountability Office (GAO). Catherine has 30+ years of experience developing and directing information management programs and systems – bringing together and building upon the disciplines of public information, reference and library services, records and information management, and traditional and electronic content management. At GAO, Catherine has provided leadership for agency-wide initiatives to leverage organizational knowledge retention and sharing by maximizing the way GAO collects, uses, disseminates, protects, and preserves its institutional information assets. Prior to her tenure at GAO, Catherine directed information management and public disclosure programs at three Federal agencies and a government corporation. In addition, she managed major systems design and analysis projects for two private sector consulting firms.
Catherine has served on Federal working groups charged with reviewing policies and practices for the effective capture and retention of electronic information assets; co-chaired the Electronic Records Management Working Group, an inter-agency working group for practitioners in the disciplines of records management, telecommunications, and information systems and technology; and served as an advisory member of the Federal Information and Records Managers Council. She is a member of the Association for Information and Image Management (AIIM), serving as a member of AIIM's Emerging Technology Advisory Group, and is a member of ARMA, the Association for Information Management Professionals.
|
Session C-2 Secure Health Information Exchanges: Taking a Security Temperature Check
Session C-2: Secure Health Information Exchanges: Taking a Security Temperature Check
From the Military Health System to the Department of Veterans Affairs to privately managed regional health information organizations, Health Information Exchanges (HIEs) represent models for the future of patient care delivery. But with great promise comes great challenges, not the least of which are concerns regarding the transmission, storage, and security of sensitive patient data. This session will address the key challenges facing HIEs as they transition from planning into operation, and the role of government in fostering their development. Participants will leave with a greater appreciation of how to address privacy, security, and patient identification and what is needed to encourage collaboration between government organizations to enable secure sharing of health records across organizational boundaries.
Allan Holmes, Executive Editor, Government Executive [Moderator]
Allan Holmes joined Government Executive as executive editor in March 2007 to expand its information technology coverage and develop Nextgov.com, an interactive Web site for the Federal information technology community. He oversees content for Nextgov, which offers IT managers and executives in the Federal IT community breaking news, research, and interaction. Allan also directs the technology coverage for Government Executive magazine.
Allan has covered government management and public policy for 17 years in Washington. Prior to joining Government Executive, he was the Washington bureau chief at CIO magazine, and prior to that he was editor in chief of Federal Computer Week magazine. In 1997, he developed and launched the daily news site fcw.com, which won numerous national awards.
During his career, Allan has covered business, focusing on finance and transportation; state government; and health care, including President Bill Clinton's health reform initiative in 1993 and 1994. He has written for The New York Times, Time magazine, and U.S. News and World Report. He has a journalism and history degree from the University of North Carolina at Chapel Hill and a masters degree in public policy from Duke University.
Lydia Duckworth, Healthcare and Public Health Security Specialist, MITRE/Department of Health and Human Services
Ms. Duckworth is a security professional in the healthcare industry with experience in mission assurance, information systems security, and risk analysis. She has worked with and assessed a variety of security technologies for private sector hospitals, health plans, and pharmaceuticals. During her career, Ms. Duckworth spent 12 years in the United States Air Force as a cryptologic language specialist, and with the Department of Veterans Affairs, Veterans Health Administration as an information security specialist.
Ms. Duckworth currently supports the Healthcare and Public Health Critical Infrastructure Protection Program in the Office of the Secretary for Preparedness and Response at the Department of Health and Human Services (HHS) as a risk analyst. In her role, Ms. Duckworth leads the Sectors' efforts for Risk Analysis, Cyber Security, Research & Development, and the Sector's Network/Functional Analysis. She has also supported the Department of Homeland Security's efforts for assessing Sector Risk Analysis tools and co-authored articles for George Mason's Center for Critical Infrastructure Protection and the Health Information Management and Systems Society.
Her current project within critical infrastructure protection for the Healthcare and Public Health Sector is the Network Analysis of the Healthcare System in order to identify vulnerabilities and develop strategies to improve resiliency across such capabilities as emergency response, bio-surveillance, surge capacity, and more.
David Finn, Health Information Technology Officer, Symantec
David Finn, CISA, CISM, is the health information technology officer for Symantec. Mr. Finn has 29 years of experience in the planning, management, and control of information technology and business processes, focusing on healthcare for the past 18 years. Prior to joining Symantec, he was the chief information officer and vice president of information services for Texas Children’s Hospital (TCH), the largest pediatric integrated delivery system in the United States. He also served as the privacy and security officer for TCH. Mr. Finn’s experience includes seven years as a healthcare consultant with PwC and Healthlink, serving last as the executive vice president of operations for Healthlink.
Mr. Finn’s strength is in helping businesses optimize and control technology in order to improve operating efficiency and enhance business value. Mr. Finn’s key skills include IT governance and control, project management, systems selection and implementation, business and IT partnering, and IT audit, control, and security.
During Mr. Finn’s tenure at TCH, the hospital won the ECRI Institute 2007 Health Devices Achievement Award, and because of Mr. Finn’s departmental support, TCH also was awarded recognition for Employer Support of the Guard and Reserve. Mr. Finn has presented nationally and internationally on such topics as project management, professional leadership and staff development, and privacy and security. He has contributed to or written articles on IT management, disaster recovery, and security for such journals as CIO Digest and Baseline.
Mr. Finn holds a bachelor’s degree from the University of North Dakota and an master’s degree from Angelo State University. In addition to serving on the national board of the Health Information and Management Systems Society, Mr. Finn serves on the board of Houston Healthcare for the Homeless and is a member of Information Systems Audit & Control Association.
Deborah Lafky, Security Program Officer, Office of the Chief Privacy Officer, Office of the National Coordinator for Health Information Technology, Department of Health and Human Services
Deborah Lafky, MSIS, Ph.D., CISSP is the program officer for security and cybersecurity in the Office of the National Coordinator for Health IT (ONC) at the Department of Health and Human Services. The HITECH Act, a part of the Recovery Act, set out $2 billion for the purpose of nationwide adoption of electronic health records and ONC is the lead office for that effort. Dr. Lafky has been with ONC since 2007, leading security efforts first for the Nationwide Health Information Network and now overseeing security efforts within all ONC programs. Previously, Dr. Lafky was a researcher working with healthcare data protection at the University of California (Irvine) and at Claremont Graduate University. She earned her doctorate in Management Information Systems at Claremont, a Masters in Information Science at the University of Pittsburgh, and a Bachelor of Science from Carnegie-Mellon University.
|
Session D-2 Policy & Legislative Horizon: State of the Cyber Security Union
Session D-2: Policy & Legislative Horizon: State of the Cyber Security Union
Six months in to the appointment of a new cyber coordinator and one year after the White House released the 60 Day Cyber Security Review report, what policies are driving the administration's cyber focus and what are the implications for government cyber security operations? Capitol Hill is pushing for comprehensive cyber security legislation. Who is leading the charge and what components will have the greatest effect on agency operations? What is the scorecard on cyber action in the last year? And, critically, are new laws really necessary to combat cyber crime, cyber attacks, and other advanced, persistent threats?
Kevin Richards, Director of Government Relations, Symantec [Moderator]
Kevin Richards has dedicated much of his public and private sector career to critical infrastructure protection and cyber security policy. He currently serves as senior manager of U.S. Federal Government Relations for Symantec Corporation, the world's largest information security company, which is responsible for protecting more people from more online threats than anyone in the world. In this capacity, Kevin is responsible for the strategic development and implementation of Symantec's U.S. Federal legislative agenda, which includes innovation, intellectual property, and cyber security policy. He also leads Symantec's Federal efforts to promote cyber security awareness among policy stakeholders.
Prior to joining Symantec in 2005, Kevin served as a senior advisor in the U.S. Senate to Senator Edward M. Kennedy (D-MA) for fourteen years. As his legislative assistant and economic policy advisor, Kevin was responsible for devising Senator Kennedy's economic legislative agenda as well as advising him on all economic, high-technology, and cyber security related public policy matters before Congress. Kevin acted as senior staff for Senator Kennedy's participation on the U.S. Congressional Joint Economic Committee.
In 2009, Kevin was elected by his industry peers to be the legislative co-chairman of TechAmerica's InfoSec Legislative Subcommittee and chairman of the Business Software Alliance's U.S. Policy Council.
Erik Hopkins, Professional Staff, Federal Financial Management Subcommittee, Senate Committee on Homeland Security and Government Affairs
Erik Hopkins received his Master of Public Administration degree with a focus in Economic Development and Financial Management in 2007. While attending the University of Delaware and serving as a research assistant for the Institute for Public Administration, Mr. Hopkins focused his academic research on developing strategic economic development policies for the state of Delaware that enhanced workforce development and invested in emerging biotechnology industries.
In his current capacity, Mr. Hopkins serves as a professional staff member on the U.S. Senate Homeland Security and Governmental Affairs Committee, Federal Financial Management Subcommittee with responsibility for overseeing the effective implementation of information technology throughout the Federal government. Mr. Hopkins has been the lead staff member for numerous Subcommittee hearings that exposed wasteful IT investments and inadequate cyber security policies and practices within agencies. He is also the author of both S.921, the United States Information and Communications Enhancement Act of 2009 and the Information Technology Oversight and Waste Prevention Act of 2009.
Jacob Olcott, Counsel, Senate Committee on Commerce, Science, and Transportation
Mr. Jacob Olcott is counsel for the Senate Committee on Commerce, Science, and Transportation. His portfolio includes information technology, cyber security, science, and space issues. He previously served as staff director and counsel for the Subcommittee on Emerging Threats, Cyber Security, Science, and Technology at the U.S. House of Representatives Homeland Security Committee, where he was responsible for developing and executing the legislative and oversight agenda of the Subcommittee. He has been honored with several national awards for his work on cyber security issues.
Before coming to Capitol Hill, Jake worked on numerous political campaigns around the country. He attended the University of Texas at Austin, graduating Phi Beta Kappa with special honors in History, and the University of Virginia School of Law.
Christopher Turner, Manager, Federal Government Affairs, Dell
Mr. Cris Turner joined Dell in 2008 as manager for government affairs. In that role, Cris leads Dell’s global cyber security policy efforts. He is also responsible for managing Dell’s cloud computing, telecommunications, education, and environment agendas before U.S. elected officials. He also coordinates Dell’s corporate social responsibility activities in D.C. Prior to joining Dell, Mr. Turner served as both the Federal and state public policy manager for the Computing Technology Industry Association (CompTIA), where he advocated on cyber security, telecommunications, trade, and internet issues before Federal and state elected and appointed officials. In this capacity, he served as CompTIA’s representative to numerous organizations including the Information Technology Sector Coordinating Council and the Whitespaces Coalition.
Mr. Turner has also worked with the government affairs firms of Alcalde & Fay and The Ferguson Group, managing local government and transportation clients. He specialized in security, infrastructure, transportation, and telecommunications issues. Cris started his career in Washington at the law firm of Steptoe & Johnson, where he worked on policy issues related to international air transportation. He graduated with a Bachelor’s degree from Georgetown University and attended the University of Colorado School of Law.
Mr. Turner currently serves on the Executive Board of the Congressional Hispanic Leadership Institute, and is active with the Congressional Black Caucus Foundation and the Congressional Hispanic Caucus Institute.
|
Session E-2 Attribution: Is it the Cyber Holy Grail?
Session E-2: Attribution: Is it the Cyber Holy Grail?
After a threat actor penetrates a system for malicious intent, it becomes a time consuming and difficult process to locate and identify that actor. More often than not, cases go unsolved. Even in high profile cases of obvious cyber warfare, undisputed attribution is difficult. As the cyber security community moves toward real-time incident response, the government's ability to react in real-time and keep pace with incidents will be tested. The right to privacy and protection from illegal search and seizure are also considerable aspects of this dilemma. Compounding this, threats operate across international borders and jurisdictions adding more complexity to resolving them and bringing perpetrators to justice. This session will explore the complex legal, political, and technical issues for gaining attribution or "Who done it?" and its importance to deterring the threat landscape and bringing threat actors to justice.
Nadia Short, Vice President and General Manager, Cyber Systems Division, General Dynamics Advanced Information Systems [Moderator]
Nadia D. Short is vice president and general manager of the cyber systems division for General Dynamics Advanced Information Systems. The division is a market leader in delivering comprehensive cyber security mission solutions to defend large enterprise and national networks and critical infrastructure for the defense, intelligence, and homeland security communities. The division’s core capabilities include: situational awareness and command & control; cyber security operations and services; intelligence and analysis support; information operations; computer network exploitation; digital forensics; and cyber incident response. Ms. Short is also the lead for the General Dynamics overarching cyber initiative, with responsibilities for the strategy and business development efforts.
Ms. Short has worked for General Dynamics since 1996. She served as vice president of strategic planning and business development where she led the company’s strategic planning, business development, marketing and public relations, customer and corporate relations, mergers and acquisitions, as well as its philanthropy program. Prior to this, Ms. Short was director of strategy and business development for the information assurance division of General Dynamics C4 Systems (GDC4S). Ms. Short also served as director of emerging business for the communications networks division where she led the successful business capture initiatives for the Automated Digital Networks System Inc III with the Navy, the Warfighter Information Network – Tactical with the Army, and the Key and Identity Management Inc II for NSA. During her tenure with GDC4S, she was responsible for developing the communications, networking, and cryptologic systems for ground-based, airborne, and spaceborne platforms. She provided program and technical management for command, control, communications, and computing intelligence (C4I) systems, battle management system development, and operational intelligence support programs.
Before joining General Dynamics, Ms. Short served in the U.S. Army for 14 years. She was a Chief Warrant Officer in the U.S. Army Signal Corps where she was in charge of the planning and operation of tactically deployed secure voice and data networks. She was awarded the Bronze Star Medal for her service in Desert Shield/Desert Storm.
Ms. Short’s degrees include a Master of Business Administration and a Bachelor of Science degree in Computer Information Systems.
Mark Bregman, Executive Vice President, Chief Technology Officer, Symantec
Mark Bregman is executive vice president and chief technology officer at Symantec, responsible for the Symantec Research Labs, Symantec Security Response, and shared technologies, emerging technologies, architecture and standards, localization and secure coding, and developing the technology strategy for the company. Bregman guides Symantec’s investments in advanced research and is responsible for the company’s development centers in India and China.
Additionally, Bregman leads the field technical enablement team, which works closely with the technical sales team to ensure they are prepared to assist customers in managing the impact of changing and emerging technical requirements.
Bregman joined Symantec through the company’s merger with Veritas Software, where he served as chief technology officer, responsible for cross-product integration, advanced product development, merger and acquisition strategy, and the company’s engineering development centers in India and China.
Prior to joining Veritas, Bregman was CEO of Airmedia, a wireless Internet firm.
Previously, Bregman spent 16 years at IBM where he led the RS/6000 and Pervasive Computing divisions and held senior management positions in IBM Research and IBM Japan. He was also technical assistant to IBM CEO Lou Gerstner.
Bregman holds a bachelor’s degree in physics from Harvard College and a master’s degree and doctorate in physics from Columbia University. He is a member of the Visiting Committee to the Harvard University Libraries, a member of the American Physical Society, and a senior member of IEEE. He also serves on the Board of Directors of ShoreTel, Bay Area Science and Innovation Consortium, TechAmerica, and the Anita Borg Institute.
Jamie Gorelick, Partner, WilmerHale and Former U.S. Deputy Attorney General
Jamie Gorelick's career spans the legal, corporate, and public policy landscape. A litigator by training, she is a partner at WilmerHale in Washington, where she is a member of the Litigation Department and Chairs both the Public Policy and Strategy Practice and the National Security Practice. She was one of the longest serving Deputy Attorneys General of the United States, and was general counsel of the Defense Department. She was also a member of the bi-partisan National Commission on Terrorist Threats Upon the United States, the "9/11 Commission." She was vice chair of Fannie Mae from 1997 to 2003 and serves on the Board of United Technologies Corp., MacArthur Foundation, the Carnegie Endowment for International Peace, the Urban Institute, and the Washington Legal Clinic for the Homeless. She is a member of the Council on Foreign Relations. Jamie was President of the District of Columbia Bar and is the author of a legal treatise on document maintenance and many articles on legal and policy issues. A graduate of Harvard College ('72) and Harvard Law School ('75), she has also been a member of Harvard's Board of Overseers and its Law School's Visiting Committee.
Bruce McConnell, Counselor to the National Protection and Programs Directorate Deputy Under Secretary, Department of Homeland Security
On June 1, 2009, Bruce McConnell was appointed by Secretary Janet Napolitano to serve as senior counselor in the National Protection and Programs Directorate (NPPD), U.S. Department of Homeland Security. McConnell serves as senior advisor on a host of strategic and policy matters related to NPPD and its components, with a particular focus on cybersecurity.
In May 2010, McConnell was tasked with leading the NPPD Cyber + Strategy Team. Under his leadership, McConnell's Cyber + Strategy Team is responsible for developing the overall cybersecurity strategy for DHS, aligned with the national strategy developed by the White House National Security Staff.
McConnell's Cyber + Strategy Team is leading implementation of select high-priority, Administration initiatives, such as the National Strategy for Secure Online Transactions, the National Cybersecurity Public Awareness Campaign, the development of new cyber security authorities for DHS, and the coordination of cyber-related activities across DHS.
Prior to DHS, McConnell served on the Obama-Biden Presidential Transition Team, working on a variety of open government and technology issues. From 2000-2008 he created, built, and sold McConnell International and Government Futures, boutique consultancies that provided strategic and tactical advice in technology, business and government markets. Previously, McConnell was director of the International Y2K Cooperation Center, where he coordinated regional and global critical information technology infrastructure organizations to promote information sharing and joint action, from 1999-2000.
McConnell was chief of information policy and technology in the U.S. Office of Management and Budget from 1993-1999, where he led the government-industry team that reformed U.S. encryption export policy, created an information security strategy for government agencies, redirected government technology procurement and management along commercial lines, and extended the presumption of open government information onto the Internet.
McConnell received an M.P.A. from the University of Washington and a B.S. from Stanford University.
|
|
| 12:30 p.m. - 2:15 p.m |
Luncheon and Keynote
Major General Suzanne M. Vautrinot, Director of Plans and Policy, U.S. Cyber Command, U.S. Strategic Command
Maj. Gen. Suzanne M. "Zan" Vautrinot is Director of Plans and Policy, U.S. Cyber Command, Fort George G. Meade, Md. She is directly responsible to the USCYBERCOM Commander for the development and coordination of existing and emerging issues as related to cyberspace operations policy, doctrine, organization, capabilities, and requirements. She also maintains USSTRATCOM cyberspace contingency and operational plans and the Cyber Capabilities Registry.
General Vautrinot entered the Air Force after graduating from the U.S. Air Force Academy in 1982. Her experience in space systems acquisition and operation includes national reconnaissance satellites, the Satellite Control Network, advanced space surveillance, satellite command and control, and theater missile warning. She has served as Chief of Operations for 14th Air Force and Director of the Aerospace Operations Center at Vandenberg AFB, Calif. Her commands include a space warning squadron, space operations group, space wing and the Air Force Recruiting Service. The general held staff assignments at Headquarters U.S. Air Force, U.S. Air Forces in Europe, Headquarters Air Force Space Command and the Office of the Chairman of the Joint Chiefs of Staff.
Education
- 1982 Bachelor of Science degree, U.S. Air Force Academy, Colorado Springs, Colo.
- 1986 Distinguished graduate, Squadron Officer School, Maxwell AFB, Ala.
- 1989 Master of Science degree, University of Southern California, Los Angeles
- 1992 Air Command and Staff College, with honors, Maxwell AFB, Ala.
- 1996 Joint and Combined Staff Officer School, Armed Forces Staff College, Norfolk, Va.
- 1998 Air War College, by correspondence
- 2000 National Security Fellow, John F. Kennedy School of Government, Harvard University, Cambridge, Mass.
Assignments
- 1. June 1982 – October 1986, Chief, Operations and Requirement Analysis Branches, Secretary of the Air Force Office of Special Projects, Los Angeles, Calif.
- 2. January 1987 – July 1989, Program Manager, Command, Control and Communications Systems, Headquarters U.S. Air Forces in Europe, Ramstein Air Base, West Germany
- 3. July 1989 – July 1990, space systems requirements officer, Headquarters Air Force Space Command, Peterson AFB, Colo.
- 4. July 1990 – May 1992, Manager, Advanced Space Systems Surveillance Command, Peterson AFB, Colo.
- 5. May 1992 – June 1993, student, Air Command and Staff College, Maxwell AFB, Ala.
- 6. June 1993 – May 1995, operations officer, 4th Space Operations Squadron, Falcon AFB, Colo.
- 7. May 1995 – March 1996, joint requirements planner, Joint Staff, the Pentagon, Washington, D.C.
- 8. March 1996 – June 1996, student, Joint and Combined Staff Officer School, Armed Forces Staff College, Norfolk, Va.
- 9. June 1996 – December 1996, joint warfighting capabilities analyst, Joint Staff, the Pentagon, Washington, D.C.
- 10. December 1996 – November 1997, deputy executive assistant to the Chairman of the Joint Chiefs of Staff, the Pentagon, Washington, D.C.
- 11. December 1997 – July 1999, Commander, 11th Space Warning Squadron, Schriever AFB, Colo.
- 12. August 1999 – June 2000, National Security Fellow, Harvard University, Cambridge, Mass.
- 13. June 2000 – July 2002, Chief of Operations, 14th Air Force; Commander, 614th Space Operations Group; and Director of Aerospace Operations Center, Vandenberg AFB, Calif.
- 14. July 2002 – June 2003, Deputy Director of Air and Space Operations, Headquarters Air Force Space Command, Peterson AFB, Colo.
- 15. June 2003 – April 2005, Commander, 50th Space Wing, Schriever AFB, Colo.
- 16. April 2005 - July 2006, Deputy Director of Strategic Security, Office of the Deputy Chief of Staff for Air, Space and Information Operations, Plans and Requirements, Headquarters U.S. Air Force, Washington, D.C.
- 17. July 2006 – June 2008, Commander, Air Force Recruiting Service, Headquarters Air Education and Training Command, Randolph AFB, Texas
- 18. June 2008 – May 2010, Deputy Commander, Joint Functional Component Command - Network Warfare, U.S. Strategic Command, Fort George G. Meade, Md.
- 20. May 2010 – Present, Director, Plans and Policy, U.S. Cyber Command, Fort George G. Meade, Md.
Summary of Joint Assignments
- 1. May 1995 – March 1996, joint requirements planner, Joint Staff, the Pentagon, Washington, D.C., as a major
- 2. June 1996 – December 1996, joint warfighting capabilities analyst, Joint Staff, the Pentagon, Washington, D.C., as a major
- 3. December 1996 – November 1997, deputy executive assistant to the Chairman of the Joint Chiefs of Staff, the Pentagon, Washington, D.C., as a major and lieutenant colonel
- 4. June 2008 – present, Deputy Commander, Joint Functional Component Command – Network Warfare, U.S. Strategic Command, Fort George G. Meade, Md., as a brigadier general
- 5. May 2010 – Present, Director, Plans and Policy, U.S. Cyber Command, Fort George G. Meade, Md., as a major general
Major Awards and Decorations
- Defense Superior Service Medal
- Legion of Merit with two oak leaf clusters
- Defense Meritorious Service Medal with oak leaf cluster
- Meritorious Service Medal with three oak leaf clusters
- Air Force Commendation Medal
- Joint Service Achievement Medal
- National Defense Service Medal with bronze star
Other Achievements
- 2000 Women in Aerospace Leadership Award
- 2007 Aerospace Citation of Honor, Air Force Association
- 2007 'Women Worth Watching' Issue, Profiles in Diversity Journal
Professional Memberships and Associations
- Board of Directors, United Services Benefits Association
- 2006 - 2008 Board of Directors, Museum of the U.S. Air Force
- Advisory Board, The Warrior Tours
Effective Dates of Promotion
- Second Lieutenant June 2, 1982
- First Lieutenant June 2, 1984
- Captain June 2, 1986
- Major May 1, 1993
- Lieutenant Colonel Jan. 1, 1997
- Colonel April 1, 2000
- Brigadier General Sept. 2, 2006
- Major General Nov. 2, 2009
|
| 2:15 p.m. - 2:30 p.m |
Break and Networking |
| 2:30 p.m. - 3:45 p.m. |
Session A-3 Information Sharing: Need to Know vs. Need to Share
Session A-3: Information Sharing: Need to Know vs. Need to Share
Information sharing continues to be a critical piece of the cyber security debate. Agencies continue to struggle across all levels of government to share critical information that may have national and global consequences if it is accidently released or stolen through targeted attack. With numerous mandates and directives emerging from the Federal government – how can agencies reconcile the need for transparency with concurrent mandates to secure information assets? How can government organizations improve the context, timeliness, and value of public-private information exchanges? How will HSPD-5, the NEIM framework, the High Assurance Platform program, and other initiatives affect the sharing of critical data across and among government users?
Jim Flyzik, President, The Flyzik Group [Moderator]
Jim Flyzik served over 27 years in Federal Government. He worked 18 years at US Secret Service where he rose to become chief of communications and information systems. He then served as the chief information officer at the U.S. Treasury Department for 7 years and finished his government career as the senior technology advisor to Tom Ridge in the White House Office of Homeland Security following the terrorist attacks on 9/11. During his career, he headed up the Reinventing Government Information Technology Team and served several years as vice chair of the Federal CIO Council. He received dozens of prestigious awards including being named Government Information Technology Executive of the Year three separate times and two Presidential Rank Awards. He now is President of The Flyzik Group. The company assists small, medium, and large companies in providing world-class government services. Jim also serves as the chairman of the Armed Forces Communications and Electronics Association Committee on Homeland Security. Jim currently hosts the monthly radio program, The Federal Executive Forum, on WFED 1050 AM and http://www.federalnewsradio.com/index.php?nid=49&sid=1554821.
Jim was inducted into the CIO Magazine Hall of Fame on October 29, 2007. He joins 31 other CIOs inducted over the past 20 years and is the first career government CIO to be selected
Jim also developed, and teaches part-time, a graduate level course on information systems security and risk assessment at the University of Maryland. Jim was given the Stanley J. Drazek Excellence in Teaching Award in 1998 by the University of Maryland.
Jim has an undergraduate degree in business administration and a Masters of Business Administration (MBA) from the University of Maryland with an area of concentration in information systems management.
Lynn Hadden, Interoperability Architect, Fairfax County Government
Ms. Hadden has been working with Internet initiatives since 1995. She has been a programmer, an application consultant, a senior software engineer, a project manager, and an information architect. Prior to pursuing a career in the field of Information Technology, Ms. Hadden worked as a commercial lending credit officer for three years and taught elementary school mathematics and science for six years. She received her MBA in 1985.
In 1995, Ms. Hadden began work in Information Technology as an applications consultant in the Office of Computing Services at Louisiana State University (LSU). In that position she designed, developed and managed the LSU Digital Library Project and the LSU Electronic Reserve System. Several other universities in Louisiana used the Electronic Reserve System she developed to deliver reserve items to their students through the Web. In 1998, the Lotus Domino Corporation documented the benefits of those projects in a Notes Take publication.
In 1998, Ms. Hadden moved to Virginia to accept a position as senior software engineer for Signal Corporation. She participated in the design and development of the General Services Administration’s Tracking and Ordering System.
Ms. Hadden was employed by Fairfax County’s Public Library System in 1999 as an Internet architect. In that capacity she maintained the Library’s Internet site including implementation of its online catalog.
In the year 2000, she accepted her current position as information architect with Fairfax County’s Department of Information Technology. Ms. Hadden was an integral part of the team that moved the County’s Web site from a traditional stovepipe agency-centric focus to a site focused around common subjects of interest identified by Fairfax County citizens. An article entitled “Fairfax County, Virginia: County Implements Constituent-centric e-Government Design” compiled by Public Sector CXO rated this project extremely transferable to other government jurisdictions. Her focus in that project on identifying and meeting the needs of citizens as they search for government information led to her involvement in the Government without Boundaries project which was a proto-type for integrating information across all levels of government. As Chair of the Parks and Recreation Sub-committee on that project, she led the team in successfully integrating park related information from the State of Virginia, State of New Jersey, Fairfax County, and the Department of Interior. During the course of that project she worked with new technologies like XML, ebXML, and Web services. Her focus then moved to designing a blue print for how information, both structured and unstructured, can be integrated across the County Enterprise. She led teams in deploying a County Wide Web Content Management System, a County Wide IT System Inventory, and a Project Dashboard. Most recently, she designed and implemented a National Capital Region (NCR) Data Exchange Hub (DEH) – a real-time interactive Service Oriented Architecture designed to strengthen the flow of information between Emergency Support Functions within National Capital Region. Most recently she deployed a data exchange between The Computer Aided Dispatch Systems (CAD) of the Fire Departments of Arlington County, Alexandria City, and Fairfax County to facilitate real time unit status updates and automated requests for resources between systems using the DEH.
Donna Roy, Executive Director, National Information Exchange Model
Donna Roy joined the Department of Homeland Security (DHS) Office of the Chief Information Officer in December of 2006 as the director of the Enterprise Data Management Office (EDMO). As the EDMO director, she is responsible for the development of a DHS strategy for the management of all data collected, created, used, managed, maintained, shared, and stored by DHS, and sponsors the implementation of initiatives set forth in this strategy. She is engaged in helping DHS lay the foundation and building blocks for an information sharing environment. She serves as the executive director for the National Information Exchange Model (NIEM), a Department of Justice, DHS and Global Justice information sharing initiative. In 2008, Donna received the DHS Secretary’s Award for Leadership Excellence for exemplary dedication and leadership in advancing the data management practices in order to institutionalize information sharing. She has been selected for the 2009 Federal Computer Week’s Federal 100 Award for advancing data management and information sharing. The NIEM program, under her leadership, has been the recipient of the ACT-IAC Intergovernmental Solutions Award for 2009. Most recently, Ms. Roy was the recipient of the Federal CIO Council’s Leadership Excellence Award for 2010.
Prior to joining DHS, she worked with several Federal agencies, such as the U. S. Geological Survey, Department of Defense, Environmental Protection Agency, Food and Drug Administration, U.S. Department of Agriculture, DHS, National Institutes of Health, Department of State, and several non-governmental and international organizations in developing the Knowledge Management, Portals, Geospatial Segment Architectures, and SOA frameworks for interoperability.
Ms. Roy served as the vice president of Product Development for a Fortune 200 company as well as serving as the vice president for a major data operations division. She has over 27 years of IT experience, culminating her data-oriented, enterprise-wide view for the implementation of standards to increase operational efficiency.
She has represented the U.S. Government on national and international technical forums, presented numerous papers, published in scientific journals and periodicals, and continues to act as a keynote speaker on these and other topics.
Clark Smith, Executive for Programs and Technology, Office of the Program Manager for the Information Sharing Environment, Office of the Director of National Intelligence
Dr. G. Clark Smith has served as the executive for programs and technology in the Office of the Program Manager, Information Sharing Environment (PM-ISE) at the Office of the Director of National Intelligence (DNI) since December of 2005. As lead manager for the ISE Programs and Technology, Dr. Smith's responsibilities include spearheading assessment of information sharing enterprise architectures across and technology investments; piloting the development of ISE Services-Oriented Architecture framework and mapping to the Federal Enterprise Architecture (FEA); and leading the development of common standards for the ISE.
Prior to his work at DNI, Dr. Smith has held a number of positions on public and private organizations, including the U.S. Department of Justice, National Association of Child Care Resource and Referral Agencies, Duke University, National Aeronautics and Space Administration's Langley Research Center, and Barron Associates. Dr. Smith completed his undergraduate work at Rensselaer Polytechnic Institute, gained his master's degree at Virginia Tech, and earned his doctorate in adaptive systems from Duke University. He has won various awards for his academic and professional work and regularly publishes articles on a variety of topics in professional journals and other publications. Dr. Smith and his family currently live in Washington, D.C.
|
Session B-3 Transparency in Constituent Services: At Your Service
Session B-3: Transparency in Constituent Services: At Your Service
Government agencies at the local, state, and Federal level provide myriad services to different constituents – citizens, other agencies, private-sector partners, and staff – and each group has unique and growing requirements for real-time data access. At the same time, regulations such as the Freedom of Information Act (FOIA), the Open Government Directive, and the American Recovery and Reinvestment Act of 2009, set forth significant new accountability and transparency requirements. Plus, transparency is expensive. How can governments afford to continue to make data and information available yet secure when the price tag is high and budgets are stagnant at best. This session will focus on self-service government programs and how government agencies are striking the balance between ensuring transparency into funding flow and roles/responsibilities and respecting privacy and security concerns.
John McCumber, Chief Strategist, Public Sector Group, Symantec [Moderator]
John McCumber is chief strategist, Public Sector Group of Symantec Corporation. He is currently involved in research and development activities in support of leading-edge government cyber security initiatives, and provides consultative guidance for state and local Chief Information Officers/Chief Information Security Officers in the areas of cyber security, data management, privacy, and data availability. John is a retired U.S. Air Force officer and former cryptologic fellow of the National Security Agency. During his military career, John also served in the Defense Information Systems Agency and on the Joint Staff at the Pentagon as Information Warfare Officer during the Persian Gulf War.
In addition to his professional responsibilities at Symantec Corporation, John is currently a professorial lecturer in information security at The George Washington University in Washington, D.C., and is technical editor and a monthly columnist for Security Technology and Design magazine. John is the author of Assessing and Managing Security Risk in IT Systems: a Structured Methodology from Auerbach Publications. He lives in Falls Church, Va., and Cary, N.C.
Jack Holt, Senior Strategist for Emerging Media, Department of Defense
Jack Holt is the senior strategist for emerging media for the Department of Defense (DoD), developing communication strategies and tactics incorporating new media tools with traditional public affairs channels to maximize the effect of DoD communication efforts. Holt has briefed senior leaders on new and social media and conducted strategy sessions to address corporate level strategic objectives.
Holt is a member of the Social Media for Government Transparency and Openness Program Advisory Board, the DoDTechipedia Governance Board, the University of Oklahoma Risk and Crisis Management Community Advisory Board, and the 2009 Chair for the PRSA National Capital Region Public Affairs and Government Committee. He has taught sessions on new media strategies and tactics at the Defense Information School, the Naval Postgraduate School, and the NATO School.
Mike Wood, Director of Recovery.gov, Recovery, Accountability, and Transparency Board
Michael Wood is the director of Recovery.gov for the Recovery Accountability and Transparency Board. He provides executive leadership for the Board's transparency efforts through management of the FederalReporting.gov and Recovery.gov systems. To promote transparency and accountability, he works closely with numerous Federal, state, and local partners, as well as with the public.
Mr. Wood is a senior executive with more than 30 years of experience with the Federal government. He holds master's degrees in Technology Management and in Environmental Biology. He worked as an environmental manager for 25 years with the Environmental Protection Agency, where he led a number of enforcement and compliance programs as well as managed databases for the pesticides and toxics programs. He also worked in the Inspector General (IG) community for seven years, serving as the chief of staff to the IG for the Department of the Interior (DOI). At DOI, he helped the IG's Office integrate innovative proactive critical point evaluations into their approach to evaluating development of large programs. He also concentrated on information assurance and established new technically oriented approaches for evaluating the Department's computer security efforts.
Mr. Wood has experience with Web 2.0 technologies and launched the IG community's first Wiki. He managed the Recovery Board's use of online technology for the recent NAPA forum regarding technological solutions for Recovery.gov and has led an effort for use of social networking capabilities to promote government transparency. Mr. Wood's professional affiliations include ISACA and ASAS.
|
Session C-3 Supply Chain Assurance: How to Secure Your Critical Infrastructure
Session C-3: Supply Chain Assurance: How to Secure Your Critical Infrastructure
There are many moving parts in the chain of processes that put a new computer on each desk at each government agency, and security is only as strong as the integrity of the entire supply chain for technology products and services. As agencies modernize and open source becomes increasingly the norm for new IT platforms, how can they be assured the components of IT software and hardware products are secure? Supply chain management and assurance are critical components of the government's cyber security focus. This session will discuss supply chain vulnerabilities, pro-active steps for intrusion detection and prevention, and how IT security professionals can reduce the potential for adversaries to penetrate secure systems and manipulate IT and communications products before they are imported into the United States. In addition, expert panelists will address common criteria certification and how the public and private sectors must partner to ensure they collectively develop and deploy unified responses to cyber attacks on national information systems.
Max R. Peterson, Area Vice President, Civilian Agency and Intelligence Sales, Dell Federal [Moderator]
Max Peterson is area vice president for Federal civilian agencies and intelligence sales for Dell Federal. Mr. Peterson is responsible for serving the information technology needs of Federal clients and Federal systems integrators using Dell's full suite of products and services.
Mr. Peterson is a government industry veteran with over two decades of experience. He joined Dell in May of 2007. Prior to joining Dell, he was vice president, Federal sales, for CDW-G. Before that he was vice president of public sector for Commerce One. Mr. Peterson led Commerce One’s efforts to assist government customers with design, implementation, and operation of electronic commerce solutions.
Prior to this position, Mr. Peterson was vice president of technology solutions for GTSI where his organization was responsible for sales and delivery of hardware, software, and service solutions to meet government’s need for high-performance computing and secure networking.
In September 1993, Mr. Peterson co-founded Semaphore, Inc. and was vice president of business development through December 1996. He also held a number of management, sales, and technical positions with IBM Corporation from June 1986 through August 1993.
Mr. Peterson earned both a bachelor's degree in finance and master's of business administration in management information systems from the University of Maryland. He is a member of the Industry Advisory Council and the Armed Forces Communications and Electronics Association.
Tiffany Jones, Director, Public Sector Programs and Strategy, Symantec
Tiffany Jones heads Symantec’s Public Sector Strategy and Programs team. In that capacity, she and her team are responsible for developing and managing Symantec’s partnerships and programs strategy, working closely with senior government customers and systems integrators to address their needs and requirements.
Ms. Jones represents Symantec and U.S. industry in many senior capacities, including as the company press spokesperson, conference keynote speaker and panelist, designated representative for the company chief executive officer and vice presidents during high profile events and initiatives, and delegate at several government-industry bilateral events with foreign governments. She is a member of the CSIS Commission, is on the board of the IT-Sector Coordinating Council (IT-SCC) and the National Cyber Security Alliance, Executive Committee of the IT-ISAC, and immediate past chair of the Information Security Committee at TechAmerica.
Prior to assuming her current role, Ms. Jones led Symantec’s North and Latin American Government Affairs team from March 2003 to October 2009. In that capacity, she and her team developed public policy concerning technology, information security, privacy, and other issues to assist legislators and agencies on the development of technology and business related policy.
Before working for Symantec, Ms. Jones was deputy chief of staff of the President’s Critical Infrastructure Protection Board at the White House. In addition to her deputy chief of staff responsibilities, she was responsible for Government and Public Affairs, Cybersecurity Education and Awareness programs, and Industry Outreach. Ms. Jones coordinated all 11 White House town hall events for the National Strategy to Secure Cyberspace dialogue, and assisted in the drafting of the document.
Ms. Jones graduated from the Coast Guard Academy and received her commission as a coast guard officer. Operational duties included deck watch officer, assistant operations officer and law enforcement officer aboard the cutter JUNIPER in Newport, RI, executive officer and lead law enforcement officer aboard the cutter GRAND ISLE in Gloucester, MA, and coast guard congressional affairs liaison for the Coast Guard and Department of Transportation.
Ms. Jones’ military awards include Coast Guard Officer of the Year Award (2002), a Coast Guard Commendation Medal, two Coast Guard Achievement Medals, numerous Commandant’s Letter of Commendation Ribbons, the Coast Guard Meritorious Unit Commendation award, Coast Guard Meritorious Team Commendation award, six Special Operations Ribbons, the Sea Service Ribbon and other unit citations.
Ms. Jones is married with two children, enjoys singing, cooking and spending time with family and friends.
Mitchell Komaroff, Director, Globalization Task Force for the Assistant Secretary of Defense for Networks and Information Integration; Chief Information Officer, Department of Defense
Mitchell Komaroff serves as the director, Globalization Task Force (GTF), for the Assistant Secretary of Defense for Networks and Information Integration/DoD chief information officer (ASD(NII)/DoD CIO). He is primarily responsible for developing and implementing a strategy for mitigating national security risks to DoD arising from the increasing globalization of the information and communications technology sector. The GTF is the ASD(NII)/DoD CIO focal point for: transactional risk management in Committee on Foreign Investment in the U.S. and Federal Communications Commission licensing matters; developing strategies for preserving and improving Internet security and stability in support of DoD and USG communications; and, policy development addressing global supply chain risk. Since coming to the Office of the ASD(NII)/DoD CIO, Mitchell Komaroff has worked to implement software and systems assurance across the Department of Defense.
Before coming to the Office of the ASD(NII)/DoD CIO, Mitchell Komaroff was a computer scientist with the Defense Information Systems Agency as well as with industry, where he worked on network quality of service, IA Architecture, and Information Management issues. Mitchell Komaroff holds a Master of Science degree in Mathematics from George Mason University and a Juris Doctor degree from the University of Maryland, School of Law.
Nitin Natarajan, Coordinating Director, Office of the Assistant Secretary for Preparedness and Response, Department of Health and Human Services
Nitin Natarajan serves as a coordinating director within the Office of Preparedness and Emergency Operations in the Office of the Assistant Secretary for Preparedness and Response, Department of Health and Human Services (HHS). He is primarily responsible for the oversight and management of the department’s Critical Infrastructure Protection (CIP) Program, Continuity of Operations (COOP) Program, and the Emergency Support Function (ESF) 8 Logistics Program. His programs involve extensive outreach with the private sector, State, local, tribal and territorial partners, and across the U.S. government. He has been involved in a number of responses to a wide variety of natural and man-made disasters in both field and policy positions.
Prior to his role at HHS, Nitin held a variety of clinical and non-clinical positions at the State and local levels in New York and the District of Columbia. Some of his prior roles include serving as a neonatal flight paramedic, hospital administrator at a large metropolitan trauma center, and as the bioterrorism coordinator for District of Columbia. In addition, he has spent over a decade serving on a Federal medical response team in a variety of roles including serving as the team commander.
He holds a Bachelor of Science degree from the State University of New York and a Master of Arts degree from the Naval Postgraduate School in Security Studies.
Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group
Jon Oltsik is a principal analyst at Enterprise Strategy Group (ESG) as well as the founder of its Information Security and Networking services.
Oltsik is widely recognized as an expert in security management and technology as well as identity and access management. Most recently, Oltsik has focused on Information Technology and Cybersecurity in the U.S. Federal government.
Jon has been in the technology industry for more than 20 years. Prior to joining ESG, Oltsik was the founder and principal of Hype-Free Consulting. Mr. Oltsik has also held senior positions at GiantLoop Network, Forrester Research, EMC Corporation, and Epoch Systems. Mr. Oltsik has an MBA and a BA degree from the University of Massachusetts, Amherst.
|
Session D-3 Mobile Convergence: Maintaining Security in an Always-Available World
Session D-3: Mobile Convergence: Maintaining Security in an Always-Available World
Mobile data is no longer a nice to have – it's a need to have. But, there are bound to be security challenges where the mobile workforce meets sensitive government information. How do you stay connected and remain secure? For local governments, emergency responders, and other critical services, mobility is key to basic core functions. For many, the question is – if it can't be done on a mobile device, should it be a function at all? This session will explore how to deploy secure remote environments, review new technologies to help managers lock down their mobile devices, and map best practices from successful programs across the United States.
Tom Temin, Federal News Radio [Moderator]
Keith Barber, NSG Expeditionary Architecture Integrated Program Office, National Geospatial Intelligence Agency, Department of Defense
Mr. Barber currently serves as the director, National System for Geospatial-Intelligence
(NSG) Expeditionary Architecture Integrated Program Office at the National Geospatial-Intelligence Agency (NGA). In this role he coordinates the efforts of Acquisition, Enterprise Services, InnoVision, and Source Operations and Management in support of deployed forces and first responders.
Mr. Barber previously served as the technical executive, Source Operations and Management Directorate at NGA. Mr. Barber was responsible for the articulation of requirements and the development of tools, architectures, and data sources required to meet current and evolving operational needs of the Source Directorate and the associated Community-level requirements of the NSG.
During his tenure he successfully led a study effort that on a national capability resulted in a decision by the Secretary of Defense and Director National Intelligence. Mr. Barber has also served as the technical executive, Source Operations Group, Source Operations, and Management Directorate, NGA, responsible for developing strategies to acquire and deliver GEOINT sources for the NSG in a 24x7x365 operation.
Prior to working at NGA, Mr. Barber served as the imagery functional manager for the United States Navy in Director of Naval Intelligence (N2) on the Navy Staff in the Pentagon. He was responsible for shaping the Navy's capability requirements and aligning resources for execution of warfighting capabilities critical to executing the Navy's mission.
Mr. Barber has served as the imagery expert for the Navy's TOMAHAWK Land Attack Cruise development activities, testing and evaluations, and assisted in requirements development and resourcing for the TLAM Program. He resides in Leesburg, Virginia with his wife Felicia, son Kilian (15) and daughter Erin (5).
Sergeant Jim Craige, Tactical Computer Section, Police Department, Alexandria, Virginia
Jim Craige is a sergeant with the Alexandria, Virginia Police Department. He earned his BAS from George Mason University and began his law enforcement career in 1990. He has held a variety of assignments including patrol, field training officer, and investigator in the Street Crimes Unit – a tactical drug enforcement unit. He has worked on several technology initiatives, including the National Institute of Justice/Department of Transportation ALERT Project and the National Institute of Justice AGILE Project. Since 1999, he has been in charge of the Alexandria Police Department's award winning mobile computer section. In addition to his regular duties, Sergeant Craige is a team leader of the Alexandria Police Department Special Operations Team Technical Services Unit. He has given training and presentations on the use of technology to law enforcement agencies from across the United States.
Michael Dent, Chief Information Security Officer, Fairfax County Government
Michael Dent is currently the acting chief information security officer for Fairfax County Government. A veteran to public service, Mr. Dent joined the county in 2002 after managing the security program for the Virginia Department of Corrections information technology department.
Since joining the County, Mr. Dent has been the catalyst for the establishment of an Enterprise IT security vision. To this end, he has worked extensively on the development of a county-wide policy set and a comprehensive IT security and privacy program. In support of this effort, he has directed the enforcement of county-wide information security policies, standards, procedures, and guidelines, has advised senior management on matters related to IT security, has conducted incident investigations and IT forensics, and has proactively conducted audits and established monitoring and reporting standards on the system-wide security infrastructure in order to conduct threat analysis to identify new vulnerabilities. His community outreach efforts include the development of regular county-wide communication and awareness programs. He has addressed system and personnel compliance issues through a structured enforcement process. Finally, he is one of the founding members of the county's Architecture Review Board.
Michael currently serves as the chairman of the Council of Governments (COG) Chief Information Security Officers group within the National Capitol Region. Under Mr. Dent's strategic leadership and guidance, the NCRNet has been able to deliver one of the very first National Capitol Region Data Exchange Hubs, whose purpose is to enable participating jurisdictions to securely share and exchange CAD (Computed Aided Dispatch) information for expedited 9-1-1 mutual aid response.
Michael's diligent efforts and leadership have led to Fairfax County's attainment of the highly sought-after Security Management Program (SMP) Enterprise Certification from the Verizon Business Cybertrust Division. In addition, the county's IT Security Awareness Day program has been nationally recognized by the National Association of Counties (NACO). This program has been shared with and emulated by other governmental organizations.
In his spare time Michael enjoys spending time with family, umpiring, and coaching his son's baseball teams.
|
Session E-3 Gray Market Economy: Fueling the Threat
Session E-3: Gray Market Economy: Fueling the Threat
A "Gray Market" has fueled an underground industry of vulnerability discovery and exploit code development. It has become wide-spread and prolific. Botnets, Trojan horse programs, passwords ,and account information are all for sale on the Internet, as well as personal, financial information. This session will highlight the size and scope of this underground industry and discuss ways to discover vulnerabilities and suppress the growth and exploitation of this "underground economy."
Dean Turner, Director, Global Intelligence Network, Symantec [Moderator]
Dean Turner is the director of the Global Intelligence Network where he manages Symantec's Deepsight Analyst teams and security intelligence and defines Symantec's go-to-market strategy for sensor and intelligence coverage in key regional and vertical markets. Turner also manages and co-authors the Symantec Internet Security Threat Report. In this role, he coordinates the research and analysis of attack data gathered from Symantec's DeepSight Threat Management System, Managed Security Services, Business Intelligence Services, and Symantec Antivirus Research Automation for use in the publication of the ISTR. Dean is also Symantec's Canadian spokesperson for matters relating to the ISTR having done numerous print, radio, and television interviews.
Turner was one of the co-founders of SecurityFocus in 1999 and served as its director of operations and content until the company's acquisition by Symantec in 2002. Prior to forming SecurityFocus, Turner worked for Network Associates as their competitive analysis manager for their security product line.
Turner has a broad range of expertise from operations and network security to incident analysis. He has spoken at various defense and security Conferences and maintains a research interest with the academic community on such issues as information warfare and infrastructure protection.
Turner has a bachelor's degree in political science and strategic studies from the University of Calgary, Canada and a master's degree in security studies from the University of Hull, U.K.
Andrew Bonillo, Special Agent, U.S. Secret Service, Cyber Intelligence Section
Andy Bonillo has been a U.S. Secret Service Agent for 10 years, and is currently assigned to the Cyber Intelligence Section in Washington, D.C., where he investigates and coordinates large scale data breaches. Agent Bonillo was co-case agent for the Heartland Payment Systems investigation, and has consulted from the law enforcement perspective on over 60 PCI data breaches. Agent Bonillo is a frequent speaker on cyber crime trends, the underground economy, and data breaches.
Tom Murphy, Chief Strategy Officer, Bit9
Tom Murphy has served as Bit9’s chief strategy officer since 2006 and was named CxO of the Year in 2007 by the Massachusetts Technology Leadership Council. Murphy brings world-class marketing and information technology expertise to Bit9, leading the company’s marketing strategy. Murphy comes to Bit9 from Symantec via the acquisition of Relicore where he was Vice President of Marketing. Prior to Symantec, Murphy was at Veritas Software via the acquisition of Precise Software Solutions where he helped deliver a successful IPO. He has also worked for BMC Software via the acquisition of BGS Systems. Murphy built the foundation for his career at GTE Government Systems where he was responsible for architecting and securing a world-class IT infrastructure. Mr. Murphy holds a Master of Science degree in Computer Information Systems from Northeastern University. He also holds a Bachelor of Science degree with a double major in Computer Science and Mathematics from Westfield State College.
Ronald E. Plesco, Jr., Esq., President and CEO, National Cyber Forensics & Training Alliance
A nationally renowned information security & privacy attorney with 14 years experience in information assurance/privacy, identity management, and computer crime law, Ron is the chief executive officer of the private sector and federally funded National Cyber Forensic Training Alliance Foundation (NCFTA). The mission of the NCFTA is to facilitate collaboration and information sharing between private industry, law enforcement/intelligence community, and academia in order to efficiently identify, mitigate and neutralize cyber threats. The only partnership of its kind in the world, the NCFTA develops joint operational initiatives that bring focus to the unique collaborative model and contributes to a more timely understanding of the most significant cyber threats, as well as other noteworthy trends. The NCFTA's 35 member onsite combined staff includes analysts, managers, FBI and U.S. Postal Inspection Service agents/analysts, state/local law enforcement, members of academia, and industry representatives. The NCFTA regularly hosts temporary duty assignments from national and international law enforcement agencies and private sector companies. The NCFTA is also partnered with and has staff co-located at the Internet Crime Complaint Center (IC3).
A co-founder of the NCFTA in 1997, Ron is now managing several initiatives to develop INTEL on the hacking and criminal methodologies involved with credential theft, bullet proof hosting, and ACH, retail, and pharmaceutical frauds.
Previously, Ron founded and served as the director of the Privacy/Information Assurance Division at SRA, Inc. He served as the privacy lead for the US-VISIT Border Security, TSA Secure Flight Program, and Department of Homeland Security (DHS) Privacy office contracts in addition to being the Program Manager for the development of the SRA team at the DHS National Cyber Security Division/ USCERT. For seven years, Ron served at the pleasure of Governor Tom Ridge as the director of Public Safety Policy assigned to the Pennsylvania State Police. Immediately following Sept 11th, he was selected to chair the Cyber Attacks Committee for the PA Homeland Security Council.
A former prosecutor, Ron's unique experience and non-traditional speaking style have made him a prolific presenter for private and public organizations. Recent audiences have included the NSTAC, Overseas Security and Advisors Council, the National Defense University, International Association of Financial Crimes Investigators, and private keynotes for Fortune 100 companies.
John Watters, Chairman and CEO, iSight Partners
John P. Watters is currently chairman and chief executive officer of iSIGHT Partners, a global risk mitigation company based in Dallas, Texas. Prior to iSIGHT Partners, Mr. Watters was chairman and chief executive officer of iDEFENSE. After a successful turnaround effort was completed in 2005, VeriSign acquired iDEFENSE in July 2005. In the 15 years before entering the risk management business, Mr. Watters was chairman and chief executive officer of several large diversified investment companies managing principal investments totaling more than $300M. He has served on more than 20 corporate and non-profit Boards of Directors and is currently active on the Investment Committee of the Jesuit Foundation in Dallas. Mr. Watters graduated from Santa Clara University, attended the London School of Economics, and is married with five children.
|
|
| 4:00 p.m. - 6:30 p.m |
Thank You
After-Symposium Reception: W Hotel (4:00 p.m. - 6:30 p.m.) |
|
