Program

Agenda
...........................................
Track A
Leadership Speaks
Track B
Next Gen Cyber
Track C
Cyber Mitigation
Track D
Employee Cyber Readiness

Symantec Introduction and Welcome Address

Rob Potter
Vice President, Public Sector, Symantec
Greg Clark
Chief Executive Officer, Symantec

Morning Government Keynote

Actionable Intelligence: Stay Smart. Stay Secure.

James B. Comey
Director, Federal Bureau of Investigation

TECH Talks

Nuala O’Connor
President and Chief Executive Officer, Center for Democracy and Technology
Jane Holl Lute
Director, Center for Internet Security
Samir Kapuria
Senior Vice President and General Manager, Cyber Security Group, Symantec (Moderator)

Breakout Session 1

Click on each track below for session descriptions.

Track A
Leadership Speaks
Cyber Intelligence:
And…Action!
Track B
Next Gen Cyber
Pushing The Data
Security Envelope
Track C
Cyber Mitigation
Incident Response:
Teamwork Required
Track D
Employee Cyber Readiness
Get Smart: Scenario
Based Cyber Training

State and Local Government Panel

Mike Echols
Executive Officer/Chief Executive Officer, International Association of Certified Information Sharing and Analysis Organizations
Ken Durbin
Unified Security Strategist, Symantec
Thomas Duffy
Senior Vice President, Operations and Chair, Multi-State Information Sharing and Analysis Center (Moderator)
David Behen
Chief Information Officer, State of Michigan

Breakout Session 2

Click on each track below for session descriptions.

Track A
Leadership Speaks
The Tipping Point:
Cyber Risk Meets Mission
Track B
Next Gen Cyber
Identity Crisis: Strategies For
Ensuring Safe Information Access
Track C
Cyber Mitigation
Inside Job: Understanding
Insider Threats
Track D
Employee Readiness
Phishing for Impact:
Maximizing Security Awareness

The Twenty

Spotlight on the Internet Security Threat Report

Kevin Haley
Director of Product Management, Security Response, Symantec

Afternoon Government Keynote

Beth F. Cobert
Acting Director, Office of Personnel Management

Cyber Intelligence: And…Action!

The old saying, “what you don’t know can’t hurt you,” does not apply to government cyber security. Ignorance most certainly is not bliss when it comes to protecting critical information. Agencies are collecting a huge volume of security data, but how can we sort through it all to pinpoint the real threats and stop our adversaries in their tracks before they can stop us? Cyber threat intelligence can help improve decision making – but first cyber execs must understand what intelligence is actionable – and relevant. What strategies can agencies deploy to gain intelligence from across their enterprise – from the cloud to the network to employee mobile devices? And how are agencies sharing threat intelligence across government and the private sector?

Major General Sarah E. Zabel
Vice Director, Defense Information Systems Agency
Stephen Rice
Assistant Administrator for the Office of Information Technology and Chief Information Officer, Transportation Security Administration
Samir Kapuria
Senior Vice President and General Manager, Cyber Security Group, Symantec (Moderator)
David Blankenhorn
Chief Technology Officer, DLT Solutions

The Tipping Point: Cyber Risk Meets Mission

The results can be devastating when important security information falls between the cracks because mission owners and operators aren’t on the same page. With an increased focus on cyber security within our nation’s policy, social, and legal agendas, new practices for risk management are emerging. It’s becoming clear that cyber decisions cannot begin and end in the IT department and consistent communication is critical as cyber issues gain visibility with department heads. How can mission owners better communicate with mission operators and improve collaboration across other agencies and jurisdictions? And, is this impacting fundamental changes in risk management approaches?

Dan Verton
Executive Editor, MeriTalk (Moderator)
Gregory Touhill
Deputy Assistant Secretary for Cybersecurity and Communications, Department of Homeland Security
Steve Lazerowich
Practice Principal, Enterprise Security Solutions, Enterprise Services U.S. Public Sector, Hewlett Packard Enterprise
Emery Csulak
Chief Information Security Officer/Senior Official for Privacy, Centers for Medicare & Medicaid Services, Department of Health and Human Services
Matt Conner
Deputy Information Security Officer and Director of the Cybersecurity Office, National Geospatial-Intelligence Agency

Pushing the Data Security Envelope

With more information living online and in the cloud than ever before, and new endpoints adding to the amount of data that government protects, agencies have a lot more to lose. How can agencies push the boundaries with next-generation data security practices? What strategies and tools is government putting into place to protect the growing petabytes of data that not only live in networks and local devices, but also in data centers?

Tim Ruland
Chief Information Security Officer, U.S. Census Bureau
Robert Powell
Senior Advisor for Cybersecurity, National Aeronautics and Space Administration
Don Maclean
Chief Cybersecurity Technologist, DLT Solutions (Moderator)
Gregory Crabb
Deputy Chief Information Security Officer and Digital Solutions Vice President, U.S. Postal Service

Identity Crisis: Strategies for Ensuring Safe Information Access

The Office of Management and Budget’s Cybersecurity Strategy and Implementation Plan (CSIP) outlines specific actions agencies must take to improve identity access and authentication – including tightening privileged users’ policies, practices, and procedures. What challenges do agencies face as they work to meet the deadlines for shutting down authentication and access control vulnerabilities? Which CSIP requirements have been the most difficult to meet? What limitations do these security controls create for employees, and how can agencies ensure that productivity is not affected?

Jim Sheire
Division Director, Identity Assurance and Trusted Access, General Services Administration
Nico Popp
Senior Vice President, Information Protection, Symantec (Moderator)
Jason Martin
Services Executive Directorate, Implementation and Sustainment Center, Defense Information Systems Agency
Michael Garcia
Director, National Strategy for Trusted Identities in Cyberspace, National Institute of Standards and Technology

Incident Response: Teamwork Required

Improving incident response has been a top priority for government agencies over the last year. From the Cybersecurity Strategy and Implementation Plan (CSIP) to updated FISMA guidance, these initiatives provide best practice guidelines on timely incident response services and capabilities and improving incident recovery coordination. How do agencies measure incident response success? Are the updated guidelines supporting the needed speed in deploying incident response services? How are the many involved parties improving breach response coordination?

Rod Turk
Chief Information Security Officer, Department of Commerce
John Strider
Associate Director, IT Security Implementation, Internal Revenue Service
George Romas
Chief Engineer, Enterprise Security Solutions, Enterprise Services U.S. Public Sector, Hewlett Packard Enterprise
Aubrey Merchant-Dest
Federal Chief Technology Officer, Symantec-Blue Coat (Moderator)
Tony Sager
Senior Vice President and Chief Evangelist, Center for Internet Security

Inside Job: Understanding Insider Threats

Addressing data breaches and cyber incidents perpetrated by insiders – whether malicious or unintentional – is a mounting challenge for Federal agencies. With many agencies behind in implementing the CAP Goals for establishing insider threat programs – how are they addressing the necessary requirements for compliance? What tactics are agencies deploying to prevent inside jobs from revealing network vulnerabilities? Are employee awareness and education programs helping agencies reduce the risks and consequences of insider threats?

Stephen Smith
Insider Risk Management Program Coordinator, Department of State
Kwasi Mitchell, Ph.D.
Principal, Strategy & Operations, Deloitte
Tim Fitzgerald
Chief Security Officer, Symantec (Moderator)
Neil Carmichael, Jr.
Director, Insider Threat Program, National Archives and Records Administration

Get Smart: Scenario Based Cyber Training

Produced by MeriTalk

Understanding the latest threats and techniques is a must to protect agencies’ information from attackers. From government to the private sector, training resources in a safe, engaging, and effective manner can be a daunting task. In this session Symantec’s Cyber Skills Development team along with Michael Allen, CISO, Morningstar will share unique approaches to identifying new talent, building stronger security teams from within, and successfully using scenario based cyber training to develop the skills of government organizations’ most valuable assets, their people.

Aaron Cohen
Director, Cyber Skills Development, Cyber Security Services Group, Symantec
Michael Allen
Chief Information Security Officer, Morningstar

Phishing for Impact: Maximizing Security Awareness

Produced by MeriTalk

Agencies are increasingly incorporating phishing assessments into their cyber awareness programs. This is significant given that most agencies address security awareness with passive compliance training. As government moves into a new age of security awareness through phishing and other tactical methods, how do we know it’s working? Can agencies demonstrate an ROI or articulate how the data collected from security assessments actually contributes to their overall security strategy? This session will provide actionable ideas for agencies to bring their security awareness and training program to a higher level.

Kelley Bray
Employee Trust Lead, Global Security Office, Symantec