SINET Showcase and Workshops 2013

SINET will once again host One-on-One meetings with Government Officials from the Department of Homeland Security, the Defense Information Systems Agency and the Communications Security Establishment Canada as well as representatives from Private Industry to include Lockheed Martin and Andreessen Horowitz. These meetings are on a first-come, first-served basis and are open to registered attendees. For further information, please contact bconnolly@security-innovation.org


Agenda

Wednesday, December 4 – Workshops

12:00 PM Registration
Foyer outside Holeman Lounge, 13th Floor
1:00 PM – 1:55 PM Track A - Holeman Lounge, 13th Floor

WORKSHOP: Department of Defense (DoD) Science and Technology (S&T) Priorities
Abstract: The Department of Defense has identified seven priority areas of cross-cutting Science and Technology (S&T) investment. This workshop will discuss these S&T priorities and strategies for innovation communities' roles within the S&T ecosystem (laboratories, industry and academia).
Presenter:
  • Dr. Reginald Brothers, Deputy Assistant Secretary of Defense for Research, Department of Defense
1:00 PM – 1:55 PM Track B - First Amendment, 13th Floor

WORKSHOP: Bringing Silicon Valley Innovation to Washington DC
Abstract:

This presentation will focus on the changing relationship between innovation in Silicon Valley and Washington DC, and the associated impact on both. We will discuss recent innovation trends in both industries, the role of established as well as new players, effects on traditional systems and providers, and possible new approaches to the future. We will also address changing political dynamics, incentive alignment, and risks. We expect participants will walk away with new insights to help build more effective technology strategies for the future of their organizations.

  • Daniel Prieto, Director, Cybersecurity & Technology, Director, Defense Industrial Base Cybersecurity - Information Assurance, Department of Defense (DoD CIO)

  • Yanev Suissa, Partner, New Enterprise Associates (NEA)
2:00 PM – 3:00 PM Track A - Holeman Lounge, 13th Floor

WORKSHOP: Cybersecurity Risk Insurance – The Way Ahead
Abstract: On August 6, 2013, the White House identified Cybersecurity insurance as a potential incentive to encourage critical infrastructure owners and operators to use the Cybersecurity Framework and participate in the Voluntary Program called for in EO 13636, “Improving Critical Infrastructure Cybersecurity.” While a growing market for data breach and other third party Cybersecurity insurance exists, questions remain about the ability of the first-party Cybersecurity insurance market to provide coverage for a company’s own cyber-related critical infrastructure losses. What role Cybersecurity insurance should play as part of a wider corporate risk management strategy likewise presents an unresolved question for many organizations. This panel will include a cross-section of insurance, risk management, and industry experts who will offer their perspectives on the current Cybersecurity insurance market, its obstacles, and its opportunities to assist with cyber risk management strategies going forward.
Moderator:
  • Oliver Brew, Vice President, Professional Liability, Liberty International Underwriters
Panelists:
  • Stephen Cardot, President & Chief Executive Officer, CloudCover

  • Laurie Champion, Managing Director and Chief Administrative Officer, Aon Risk Solutions/Atlanta

  • Peter C. Foster, Senior Vice President, Network Security & Privacy, Media, Tech Professional and Intellectual Property Resource, Willis North America

  • Charles Kallenbach, Chief Legal Officer, General Counsel & Secretary, Heartland Payment Systems, Inc.

  • Terry Rice, Associate Vice President & Chief Information Security Officer, Merck & Co., Inc.

2:00 PM – 3:00 PM Track B - First Amendment, 13th Floor

WORKSHOP: Cyber Global Security Business Opportunities, Post Disclosures
Abstract: How to still be effective in promoting a viable business model after the recent USG surveillance disclosures. What do innovative Cybersecurity business models need to do to survive the potential "taint" of being a US company? Listen to industry's concerns as they discuss what we as a nation should do to keep our vibrant cyber innovation accelerating in a global market place post "Snowden."
Moderator:
  • Michael Coomes, Director, International Cyber Security and Internet Governance, Department of Defense Chief Information Officer
Panelists:
  • Tony Cole, Vice President, Global Government Chief Technology Officer, FireEye

  • Haden Land, Vice President of Engineering and Chief Technology Officer, Lockheed Martin, IS&GS Civil Product Line

  • Steven Murphy, Chief Executive Officer, Metalogix

  • Dr. Parag Pruthi, Chief Executive Officer, NIKSUN
3:00 PM -3:30 PM Break
3:30 PM- 4:25PM Track A - Holeman Lounge, 13th Floor

WORKSHOP: Department of Homeland Security, Science & Technology Directorate

  • Douglas Maughan, Division Director, Cyber Security Division, Department of Homeland Security, Science & Technology Directorate
3:30 PM- 4:25PM Track B - First Amendment, 13th Floor

WORKSHOP: Conducting Business with the Federal Government and the System Integration Community: What Works - What Doesn't
Abstract: Innovation deployment in Federal Government is still extraordinarily difficult and takes longer than conducting business with private industry. A discussion among CEOs who have had success in working with the government and the executives who own evaluation and implementation departments will lead to a lively discussion. These panelists will touch on the ease and difficulty of doing business with young and emerging companies and their recommendations on what barriers need to be removed to accelerate innovation and foster more productive and efficient partnerships with both system integrators and the Federal Government.
Moderator:
  • Tim Dombrowski, Operating Partner, Andreesen Horowitz
Panelists:
  • Bob Brese, Chief Information Officer, Department of Energy

  • Peder Jungck, Vice President, Chief Technologist, Intelligence & Security, BAE Systems

  • John De Santis, Chief Executive Officer & Chairman, HyTrust, Inc.

  • Nadia D. Short, Vice President and General Manager, Cyber and Intelligence Solutions Division, General Dynamics Advanced Information Systems

  • Christy Wyatt, President and Chief Executive Officer, Good
4:30 PM – 5:30 PM Track A - Holeman Lounge, 13th Floor

WORKSHOP: Software Testing Tools: Where We Are Today and Where are Going
Abstract:

Unintentional and intentionally inserted vulnerabilities in software can provide adversaries with various avenues to reduce system effectiveness, render systems useless, or even use our systems against us. Unfortunately, it can be difficult to determine what types of tools and techniques exist for evaluating software, and where their use is appropriate. This workshop is for Government and Industry representatives and will help understand "types" of software testing tools & techniques available today & where we see areas of potential demand/growth.

What You Will Learn:

What kind of "technical objectives" are you trying to achieve with SW testing, for your program/activity?

How might existing SW testing tools be "grouped, by type of tool" & assessed as a group, vice individual company tools?

What types of tools fit best in what phase(s) of the life-cycle?

Where do we have gaps today in SW test & where is there future need?
Moderator:
  • Don Davidson, Chief, Outreach, Science & Standards (TMSN) Trusted Mission Systems & Networks, DoD CIO
Panelists:
  • Kris Britton, Director, Center for Assured Software, National Security Agency and Co-Chair, SwA Measurement Working Group, Department of Defense

  • Ken Hong Fong, Research Staff Member, Information Technology and Systems Division, Institute for Defense Analyses

  • Joe Jarzombek, PMP, CSSLP, Director, Software & Supply Chain Assurance Stakeholder Engagement & Cyber Infrastructure Resilience Cyber Security and Communications, Department of Homeland Security

  • David Wheeler, Research Staff Member, Computer and Software Engineering Division Institute for Defense Analyses
4:30 PM – 5:30 PM Track B - First Amendment, 13th Floor

WORKSHOP: How to Receive Third Party Accreditation in Accordance with FedRAMP and Whats in Store for 2014
Abstract:

This panel for Government and Industry representatives will help in preparing for & selecting from among the Accredited Third Party Assessment Organizations (3PAOs). The event will focus on what Cloud Service Providers and Government Agencies need to know to Receive Third Party Accreditation in Accordance With FedRAMP.

Approximately 80 Cloud Service Providers (CSPs) have applied for accreditation through FedRAMP, working with one or more of the 22 accredited Third-Party Assessment Organization (3PAOs) to prepare. It is estimated that approximately 50% of the CSPs have been rejected by the 3PAOs – many for lack of preparation or rigor in their submission. This has cost the rejected CSPs significant funds and put them behind schedule. There has not been any formal discussion as to lessons learned or best practices in applying for or participating in the accreditation process.

What You Will Learn:

  • How to prepare for the 3PAO Accreditation Process

  • Lessons learned from Cloud Service Providers in completing the 3PAO process

  • Current Administration thoughts on FedRAMP

  • What Government agencies have learned from the 3PAO process (both those Agencies who have contracted with 3PAO Certified CSP and Agencies who wish to go through the 3PAO process to receive certification as a Government ClouService Provider).
Moderator:
  • Art Chantker, President, Potomac Forum
Opening Remarks:
  • Dave McClure, Associate Administrator, Office of Citizen Services & Innovative Technologies, General Services Administration
Panelists:
  • Emery Csulak, Deputy Chief Information Security Officer, Department of Homeland Security

  • Samantha Dizor Carter, Senior Accreditation Officer, American Association for Laboratory Accreditation

  • Melvin Greer, Senior Fellow, Chief Strategist for Cloud Computing, Lockheed Martin

  • Tom McAndrew, Executive Vice President, Coalfire Federal

  • Dave McClure, Associate Administrator, Office of Citizen Services & Innovative Technologies, General Services Administration
5:30 PM Workshops Conclude

Thursday, December 5 Showcase

7:30 AM – 8:30 AM Registration and Continental Breakfast
Holeman Lounge, 13th Floor
8:30 AM – 5:30 PM General Session
Ballroom, 13th Floor
8:30 AM– 8:35 AM Welcome by Showcase Host
  • Rick Geritz, President & Founder, LifeJourney, Chairman, CyberMaryland
8:35 AM– 8:50 AM Introductory Remarks
  • Robert D. Rodriguez, Chairman & Founder, Security Innovation Network (SINET)
8:50 AM – 8:55 AM Introduction to SINET 16 Innovators
  • Douglas Maughan, Division Director, Cyber Security Division, Department of Homeland Security, Science & Technology Directorate
8:55 AM – 9:20 AM SINET 16 Innovators Present
  • Agari
  • Appthority
  • Cylance, Inc.
  • Nok Nok Labs, Inc.
9:20 AM – 9:50 PM From the Server Room to the Board Room: Innovating in the Age of Cyber Threats
Abstract:

Cybersecurity is impacting every aspect private industry, from internal enterprise apps to how effectively you can competitively innovate in the marketplace. There is an emerging struggle between the Chief Marketing & Innovation Officers -and- the Chief Information Officers, with one pushing the envelope of open innovation and collaboration networks, while the other fights to protect your organization’s internal and external constituents. With the escalating security issues surrounding the Convergence of Big Data, Social, Cloud Computing, Mobility and BYOD in large public and private organizations, how do you stay ahead of the innovation curve? These two innovation leaders, one representing the public sector and the other private, will discuss the interdependent risks and opportunities they are dealing with, as they continue to increase in importance—from the server-room to the boardroom.

  • Sunil Garg, Senior Vice President & Chief Information & Innovation Officer, Exelon Corp.

  • John Roa, Chief Executive Officer,, AKTA
9:50 AM– 10:15 AM Break and Company Exhibits Open
Holeman Lounge and First Amendment, 13th Floor
10:15 AM– 10:55 AM Fireside Chat - How to Achieve Success in Selling to the Government Market
Abstract:

In this Fireside Chat, Alberto Yépez - Managing Director at Trident Capital will discuss with David DeWalt - CEO & Chairman of FireEye the key success factors in achieving success in selling to the US Government Market. Privately held companies often struggle with how to approach government customers and with what level of investment is required to achieve success. Several successful programs bridging the gap between entrepreneurs and government customers will be discussed, as well as how to leverage that success to selling in the commercial market.

  • Dave Dewalt, Chairman & Chief Executive Officer, FireEye

  • Alberto Yepez, Managing Director, Trident Capital
10:55 AM – 11:50 AM Cybersecurity Framework: Executive Order 13636 – “Improving Critical Infrastructure Cybersecurity”
Abstract:

By December, government, in partnership with the private sector, will be near completion of a Cybersecurity framework of best practices and voluntary standards for securing critical infrastructure systems, as defined under Executive Order 13636 – “Improving Critical Infrastructure Cybersecurity”.

In August, 2013, the National Institute of Standards and Technology released a draft framework, which provides a uniform guide of industry-driven standards, best practices and implementation measures to manage Cybersecurity risks to information technology and operational technology.

The framework advises critical infrastructure companies to:

  • Inventory and track physical devices, systems and software applications and platforms within the organization.

  • Protect remote access to organizational networks to include telework guidance, mobile devices access restrictions and cloud computing policies and procedures.

  • Reduce potential for abuse of authorized privileges by eliminating unnecessary assets, separation of duties procedures and least privilege requirements.

  • Integrate Cybersecurity practices and procedures with human resources management, such as personnel screenings, departures and transfers.

  • Perform personnel and system monitoring activities over external service providers.

The Framework complements and does not replace an organization’s existing business or cybersecurity risk management processes or programs. The goal is to ensure the framework can be adapted to meet the unique threats facing a company; is cost-effective to implement; focuses on outcomes; and complements rather than conflicts with current regulatory authorities. We expect implementation of the framework will vary by company because each uses information technology and operational technology differently. The goal is to publish the final version of the framework by February 2014.

Complementing the framework is an incentives study, to identify ways to encourage adoption of the framework. Some of the recommended incentives could be adopted fairly quickly, whereas others may require legislation and/or adoption by industry through boards and other enabling mechanisms.
Moderator:
  • Mary Ellen Seale, Deputy Director, National Cyber Security Center, Department of Homeland Security
Panelists:
  • Peter Allor, Cyber Security Strategist - Federal, IBM

  • J.Michael Daniel, Special Assistant to the President, Cybersecurity Coordinator, The White House

  • Dr.Phyllis Schneck, Deputy Under Secretary for Cybersecurity, National Protection and Programs Directorate, Department of Homeland Security

  • David Velazquez, Executive Vice President, Pepco Holdings, Inc.

11:50 AM – 12:15 PM SINET 16 Innovators Present
  • Damballa
  • Endgame, Inc.
  • Lookingglass Cyber Solutions
  • Mobile System 7
12:15 PM – 1:35 PM

Lunch and Hosted Information Sharing Hour Luncheon Tables

The SINET Showcase luncheon hour is designed to facilitate discussion between attendees, private industry security leaders, Federal Government agencies and venture capital firms. This optional informational sharing hour helps solution providers shape their vision and assess their current path towards meeting market needs. The discussions will be held in two locations indicated below.

First Amendment Room – 13th Floor

  • TABLE #1 Cyber Security Collaboration and Information Sharing
    Hosted by Chris Camacho, Senior Vice President, Global Information Security, Bank of America
  • TABLE #2 Cyber Incident Response: Critical Success Factors
    Hosted by Gregory Crabb, Inspector in Charge of Revenue, Product, and Global Security, US Postal Inspection Service
  • TABLE #3 Managing Risk in a Global Supply Chain
    Hosted by Don Davidson, Chief, Outreach, Science & Standards (TMSN) Trusted Mission Systems & Networks, DoD CIO
  • TABLE #4 Accelerating the Intake of Innovation
    Hosted by John R. Mills, Special Assistant for Cybersecurity, DCIO CS, Department of Defense (DoD) CIO, Office of the Secretary of Defense
  • TABLE #5 Using Big Data Analytics to Thwart Cyber Threats
    Hosted by Dr. Parag Pruthi, Chief Executive Officer, NIKSUN
  • TABLE #6 Institutional Barriers to Protecting Organizational Missions and Business Operations in Cyber Space
    Hosted by Dr. Ronald Ross, Fellow, National Institute of Standards and Technology
  • TABLE #7 Cyber Security and Education
    Hosted by Kurt Steege, Chief Information Officer, MacAndrews and Forbes, Former Chief Enterprise Architect, United States Department of Justice – Federal Bureau of Investigation
  • TABLE #8 The Three Golden Rules of Successful Government Client Engagement
    Hosted by Darren Van Booven, Chief Information Security Officer & Assistant Chief Administrative Officer, US House of Representatives


  • Murrow Room – 13th Floor

  • TABLE #1 Mobility Challenges
    Hosted by Scott P. Cragg, Chief Information Officer, United States Secret Service
  • TABLE #2 Attack Indicator Information Sharing: Effective Practices and Constraints
    Hosted by Paul Grabow, Manager, IT Security, US Senate Sergeant at Arms
  • TABLE #3 Cybersecurity Practices for State and Local & Big City Governments
    Hosted by Rob Mancini, Chief Technology Officer, Government of the District of Columbia
  • TABLE #4 Cyber as the "Fifth Domain":How We Need to Protect Our Key Assets
    Hosted by Michael Nance, Chief Information Security Officer & Cyber Chief Technology Officer, Lockheed Martin Information Systems & Global Services
  • TABLE #5 Implementing Cyber Security Resource Models
    Hosted by George Rettas, Managing Director, Global Security and Investigations Department, JPMorgan Chase Bank
1:35 PM – 2:20 PM What Cybersecurity Trends and Opportunities are Taking Place in the Federal Government
Abstract: Please join these Federal Government Executives as they discuss the Department of Homeland Security (DHS) Continuous Diagnostic and Mitigation six billion dollar program, why next generation Federal Information Security Management Act (FISMA) remains of high interest to both the Federal Government and private sectors, in particular with the Office of Management and Budget (OMB) Memo on Information Security Continuous Monitoring (ISCM) coming out
Moderator:
  • John Streufert, Director, National Cybersecurity Division, Department of Homeland Security
Panelists:
  • Jeffrey Eisensmith, Chief Information Security Officer, Department of Homeland Security

  • Melinda Rogers, Deputy Chief Information Security Officer, Department of Justice

2:20 PM– 2:45 PM SINET 16 Innovators Present
  • Bromium, Inc.
  • PerspecSys Inc.
  • PhishMe, Inc.
  • Pindrop Security
2:45 PM – 3:10 PM Break and Company Exhibits Open
Holeman Lounge and First Amendment, 13th Floor
3:10 – 4:00 PM Private Sector Best Practices and the Federal Government:
“The NSTAC Report to the President on Secure Communications”

Abstract:

Effective innovation extends to organization and process as much as hardware and software. At the request of the President, the National Security Telecommunications Advisory Committee (NSTAC) investigated and recommended private sector "best in class" approaches addressing the government's needs for technologies, processes or services that would achieve the highest possible degree of "integrity, confidentiality, and availability" on its networks; the Report builds on a foundation of the private sector's "innovative, novel security approaches" designed to keep pace with the "revolutionary technological changes" that are "exploding across the electronic communications landscape".

NSTAC interviewed over three-dozen private sector leaders on how "industry best practices, commercial off-the-shelf tools, and/or managed security services" could better secure government communications. Their "Report to the President on Secure Communications" was submitted to the President in September. It urged the government to "direct an appropriate organization" to implement a "unified strategy" with a simultaneous embrace of the "three essential elements that are needed to enhance communications security: technology, behavior and organization". Further recommendations called for the establishment of a senior federal official for risk management, increased emphasis on consequence management and a continued close working relationship with the private sector in all areas.

Moderator:
  • Jim Longley, Manager, DIRITECH, LLC, Executive Director, Advanced Technical Intelligence Association, Former Member, US House of Representatives, First District of Maine
Panelists:
  • Jamie Dos Santos, Chair NSTAC report to the President: Securing Government Communications, Chief Executive Officer , Isis Defense Corp., Chief Executive Officer and President, Terremark Federal Group

  • Kevin O’Connell, President and Chief Executive Officer, Innovative Analytics and Training, Former Director, Intelligence Policy Center and Senior International Policy Analyst, RAND Corporation, Former Senior Staff Officer, Office of the Director of Central Intelligence

  • Suzanne Spaulding, Deputy Under Secretary, National Protection and Programs Directorate, Department of Homeland Security

  • Rob Zitz, Senior Vice President & Chief Systems Architect, National Security Sector, Leidos, Former Deputy Under Secretary of Preparedness, Department of Homeland Security and 32 Year Veteran of the Intelligence Community
4:00 PM – 4:25 PM SINET 16 Innovators Present
  • Sonatype
  • ThreatMetrix
  • Triumfant
  • ZanttZ, Inc.
4:25 PM - 5:10 PM Bringing Order Out of Chaos
Abstract: The market for cyber security solutions is fluid and often chaotic – reflecting the dynamic game of cat and mouse that defines the daily give and take between hackers and those charged with protecting our critical infrastructure, financial resources and intellectual property. This panel of leading CISOs will talk about what has changed in the market over the past year, where they see new threats arising and how they are responding. For Entrepreneurs building cyber security solutions, the panel will address the “how” of doing business with their organizations.
Moderator:
  • Robert R. Ackerman, Jr., Founder and Managing Director, Allegis Capital
Panelists:
  • Bill Dieringer, Assistant Vice President, Chief Information Security Officer, Ardent Health

  • Jay Leek, Chief Information Security Officer, Blackstone

  • Jim Nelms, Chief Information Security Officer, Mayo Clinic and Former Chief Information Security Officer, World Bank

  • Others to be announced
5:10 PM - 5:30 PM Closing Remarks and honoring SINET 16 class of 2013

  • Robert D. Rodriguez, Chairman & Founder, Security Innovation Network (SINET)
5:30 PM – 7:30 PM Networking Cocktail Reception & SINET 16 Company Exhibits
Holeman Lounge and First Amendment, 13th Floor