Agenda

Agenda as of September 11, 2017.  Subject to Change.

Today | Tomorrow | The Future

Ensuring Cybersecurity In Unprecedented Times

7:00 – 8:00 am  Registration, Continental Breakfast, and Networking

Sponsored by

7:55 – 8:00 am  Opening Remarks

  • Thomas K. Billington, Chair, 8th Annual Billington CyberSecurity Summit

8:00 – 8:20 am  Opening Keynote

  • The Honorable Daniel Coats, Director of National Intelligence

8:20 – 8:50 am  The Cybersecurity Threat Landscape—From Ransomware to Russia

From Petya to WannaCry to alleged nation state interference into the U.S. elections, cybersecurity is front and center in the mindset of government, industry, the military, and policymakers.  This cross-section of distinguished experts, including the recently retired Deputy Director of the National Security Agency, will address from an insider’s viewpoint the state of cybersecurity.  Key critical infrastructure in the private sector, the security of critical data, and sensitive military and intelligence information, as well as financial and healthcare information, are all at stake.  

  • What are the motives in the attacks by key nation states, in particular China and Russia?
  • What is fact and what is fiction?

Moderator:

  • John McClurg, Vice President and Ambassador at Large, Cylance

Speakers:

  • Richard “Rick” Ledgett, Former Deputy Director, National Security Agency
  • VADM (Ret.) Michael McConnell, Senior Executive Advisor, Booz Allen Hamilton (Former Director, NSA and Former DNI)
  • Christopher Krebs, Senior Official Performing the Duties of the Under Secretary, NPPD, DHS
  • Ambassador Sorin Ducaru, Assistant Secretary General for Emerging Security Challenges, NATO

8:50 – 9:30 am  Top Cybersecurity Priorities for CISOs in FY18–Implementing the Executive Order

Attend this highly timely panel, featuring top CISOs, coming just weeks after many new cybersecurity reporting requirements mandated by the White House Executive Order are due and weeks before the new 2018 fiscal government year begins.  Fresh off these assessments and looking at the beginning of the government fiscal year, what are the top lessons CISOs have learned in 2017 and the top priorities for 2018?  Benefits of attending this session include:

  • Hear the upcoming priorities of top CISOs going into FY 2018
  • Discover what solutions industry or government may need to craft to meet those priorities
  • Find out how industry can provide products and solutions to best meet CISOs’ priorities

Moderator:

  • Brigadier General (Ret) Gregory Touhill, Former US CISO; President, Cyxtera Federal Group, Cyxtera Technologies

Speakers:

  • Essye Miller, Deputy Chief Information Officer for Cybersecurity, CIO, U.S. Department of Defense
  • John “Jack” Donnelly, Associate CIO for Cyber Security and CISO, U.S. Department of the Treasury
  • Christopher Wlaschin, CISO and Exec. Director, Information Security, U.S. Department of Health & Human Services
  • Jeffrey Eisensmith, CISO, Office of the CIO, U.S. Department of Homeland Security
  • Dr. Michael Papay, Vice President and CISO, Northrop Grumman

9:30 – 10:00 am  Break

Sponsored by

10:00 – 10:20 am  Keynote: A Look Inside Threats To Our Critical Infrastructures: Preparing For The Next Attack

Electricity, internet, gas, and water are of paramount importance in our everyday lives. Our dependence on these resources is particularly evident during even brief outages. To date, cyber attacks against critical infrastructures have been extremely sophisticated and unique to the nation-state actors often behind these incidents. In this presentation we will challenge this perception, showing that there is a common evolutionary path amongst the U.S., Russia, Iran, and North Korea that applies to any other nation-state targeting critical infrastructure. We will also examine the types of vulnerabilities and attacks used to target critical systems, the complexities of securing these systems, and how organizations need to approach their security moving forward.

  • Charles Carmakal, Vice President, FireEye’s Mandiant Consulting

10:20 – 10:50 am  Inside the Latest Emerging Cyber Threats–Tackling Spear Phishing, SCADA Vulnerabilities, Ransomware, and IOT

Cybersecurity is evolving so rapidly that today’s major cyber breach or attack quickly becomes yesterday’s news. By September 13, the date of the conference, CISOs will undoubtedly be facing a new set of cybersecurity challenges.  Hear this panel offer their insider perspectives on the cyber challenges and what looms on the horizon. With the explosion of IOT and mobile, the attack surface is growing; the attackers are growing in number and sophistication; and the threats are evolving.  Hear leading experts in government and industry as they give you the most up-to-date information and analysis so you will come away better educated to respond.

  • What threats are facing you in your organization on September 13?
  • What are the evolving and emerging dangers?  
  • What prevention techniques are needed?

Moderator:

  • Brad Medairy, Senior Vice President, Booz Allen Hamilton

Speakers:

  • David Hogue, Technical Director, Cybersecurity Threat Operations Center, National Security Agency
  • Tonya Ugoretz, Director, Cyber Threat Intelligence Integration Center, Office of the Director of National Intelligence
  • Ryan Gillis, VP, Cybersecurity Strategy and Global Policy, Palo Alto Networks
  • John Felker, Director of Operations, National Cybersecurity and Communications Integration Center, DHS

10:50-11:10 am  Keynote – Understanding the cloud threat surface; Users are the new perimeter!

With government cloud adoption accelerating at an exponential pace, the traditional concept of a self-contained network with a defined perimeter is no longer valid. Users are now the perimeter, taking advantage of self-provisioning capabilities enabled by BYOx and cloud phenomena. This transformation is compounded by users augmenting core SaaS applications by self-selecting third-party apps, as well as the applications organizations build for themselves in the cloud. With the concept of a perimeter dissolving away, understanding what the cloud threat surface looks like and what it takes to detect a cloud breach is imperative.
  • Ron Zalkind, Head of Innovation, Cloud Security, Cisco

11:10 – 11:25 am  Transition to Breakouts

11:25 am – 12:10 pm

Breakout 1:  [CDM] CDM:  How Government Can Leap Ahead and Industry Can Benefit in FY 2018

Ballroom A, Level 3

A convergence will take place in 2017 & 2018 that has been long awaited:

  • US government funding and contract mechanisms will be available for Departments and Agencies to procure cybersecurity solutions under CDM,
  • Innovative private sector solutions could greatly increase the cybersecurity sophistication, while reducing the management complexity, of government systems.

CDM, now in its 4th year, is aimed at safeguarding cyberspace and protecting the cyber infrastructure of the civilian .gov network environment. The CDM Program moves away from historical compliance reporting toward combating threats on a real-time basis with state-of-the-art tools. This panel will examine the future of the CDM program and how industry can play a vital role.  

Moderator:

  • Susan Wilson, Director, Cyber Solutions, Cyber and Intelligence Mission Solutions Division, Northrop Grumman Mission Systems

Speakers:

  • Kevin Cox, CDM Program Manager, Network Security Deployment, U.S. Department of Homeland Security
  • Jim Piché, Homeland Sector Director, FEDSIM, Dept. of Homeland Security
  • Robert Allegar, Vice President, Cyber Futures Group, Booz Allen Hamilton
  • Steve Schmalz, Field CTO for the Public Sector, RSA
  • Dr. Steven Gottwals, Technical Director, Security Solutions, Adobe

Breakout 2:  [NIST] Your Deep Dive in the NIST Framework: Best Practices and Lessons Learned 

Room 143 A-C, Level 1

As the government moves from a compliance to a risk management-based cybersecurity system, the NIST Framework is central.  With the deadline for the agencies’ reports for the NIST Cybersecurity Framework due in August, September will be an important time to assess various agencies’ progress as they look to FY 2018.

  • What best practices and lessons learned will Federal and state government CISOs have to share in measurement and customizing the Framework for their organizations?
  • What challenges lie ahead?

Moderator:  

  • Steven Grossman, VP of Strategy, Bay Dynamics

Speakers:

  • Chris Lowe, Chief Information Security Officer, U.S. Department of Agriculture
  • Peter Liebert, CISO and Director of the Office of Information Security, California Department of Technology
  • Matthew Barrett, Program Manager, Cybersecurity Framework, National Institute of Standards & Technology
  • Matthew Snyder, VP and Chief Information Security Officer, Penn State Health & College of Medicine
  • Sanjeev “Sonny” Bhagowalia, Senior Advisor to Deputy Commissioner (Detailee), Bureau of Fiscal Services, U.S. Department of the Treasury

Breakout 3:  [Threat Intel] Beyond Information Sharing to Shared Threat Intelligence: Best Practices and New Models from Government

Room 144 A-C, Level 1

Cyber threat analysis is coming into increasing prominence as a recognized component of a comprehensive cybersecurity posture.  However, ‘cyber intelligence’ continues to have multiple definitions and support multiple missions.  This panel will present perspectives on this emerging field from government officials who support cyber threat analysis within the homeland security, law enforcement, military, and intelligence community mission areas.  These thought leaders will talk about the supporting strategic and tactical requirements and their respective communities’ relationship with the private sector on threat intelligence, providing actionable ideas for improvement.

Moderator:

  • Brad Stone, Vice President, Booz Allen Hamilton

Speakers:

  • James Richberg, National Intelligence Manager for Cyber, Office of the Director of National Intelligence
  • Peter Mitchener, Senior National Intelligence Officer for Cyber, Federal Bureau of Investigation
  • Justin Fier, Director for Cyber Intelligence & Analytics, Darktrace
  • Gary Katz, Chief Cyber Architect, DoD Cyber Programs, Lockheed Martin

Breakout 4:  [Endpoints] Endpoints Don’t Have To Be The End Of Network Security 

Room 140A, Level 1

Endpoints are unquestionably the most vulnerable areas of most networks: A. because attackers now have a vast array to choose from and B. their security often relies on easily avoidable upgrades by an overwhelmed user.  As such, endpoint security and threat detection are more critical than ever, as the perimeter becomes obsolete and ‘all things connected’ escalate attack vectors.  How do you mitigate endpoint vulnerabilities that seem to grow like wildfire? Hear industry security experts share suggestions, successes and failures we can all learn from.

Questions to be addressed:

  • How are industry leaders addressing the cybersecurity challenges posed by the Internet of Things?
  • How best can the endpoints be secured as more is moved to the cloud and as mobile advances?
  • What are the industry trends and the threat vectors across all segments?
  • What recent endpoint attacks should you be aware of?

Moderator:

  • Eric Green, Security Strategist, Cyber adAPT

Speakers:

  • Dr. Tim Junio, CEO, President, and Co-Founder, Qadium, Inc.
  • A. Spencer Wilcox, Director of Operational Technology Cybersecurity, Exelon Corporation
  • Philip Quade, CISO, Fortinet
  • Randal Vickers, Director, Information Security, Office of Cybersecurity, U.S. House of Representatives
  • Matthew Mandrgoc, Vice President, US Federal, Check Point Software Technologies
Breakout 5:  [Crowdsourcing] Fireside Chat: Crowdsourcing Security Risk Assessment
Room 140B, Level 1
Cybercriminals have never been so notorious. As technology innovation seems to outpace security defenses, organizations, including the U.S. Department of Defense, are turning to ethical-hackers to assess risk and see where they are most vulnerable. Can these external hackers be trusted? Hear from leading experts about the misconceptions of working with hackers, what vulnerabilities are most common and how these programs can be used to manage and assess risk.

Questions to be answered:

  • What do you need to know before inviting hackers?
  • Can these external hackers be trusted?
  • Can hackers help fill the cybersecurity skills gap?

Speakers:

  • Alex Rice, CTO and Co-Founder, HackerOne
  • Alexander Romero, CISO / Director, Defense Media Activity, Dept. of Defense
  • Michael Chung, Defense Digital Service, Dept. of Defense

12:10 – 1:15 pm  Lunch

Sponsored by

1:15 – 1:45  pm  Lunch Keynote:  White House Cybersecurity Priorities

  • Robert Joyce, Special Assistant to the President and Cybersecurity Coordinator, The White House

1:45 – 2:05 pm  Keynote: The UK National Cyber Security Strategy and the National Cyber Security Centre: One Year On

  • Conrad Prince, UK Cyber Security Ambassador

2:05 – 2:25 pm  Keynote:  Australian Cyber Affairs Priorities

  • Dr. Tobias Feakin, Australian Ambassador for Cyber Affairs

2:25 – 2:55 pm  Emerging Technologies in Cybersecurity

What are the latest cutting edge technologies in cybersecurity and the greatest needs?

Moderator:

  • Maj. General (Ret.) Earl Matthews, VP, Enterprise Security Solutions, Enterprise Services, U.S. Public Sector, DXC Technology

Speakers:

  • Andy Zembower, Vice President, Cyber Security Products, Cyber and Electronic Warfare Systems, General Dynamics Mission Systems
  • Teresa Shea, Executive VP and Director of Technology, In-Q-Tel
  • John Landwehr, Public Sector CTO, Adobe
  • Casey Ellis, Founder, Chairman and CTO, Bugcrowd

2:55 – 3:20 pm  Dessert Break

Sponsored by

3:20 – 3:40 pm Keynote

  • Representative William Hurd, R-Texas

3:40 – 3:55 pm Keynote

  • Grant Schneider, Acting CISO, Office of Management and Budget (invited)

3:55 – 4:30 pm  Top DOD Cyber Priorities for FY 2018 and Beyond

Hear some of the top military and civilian CIOs and their deputies who will be at the forefront as the government works to implement the requirements of the President’s Cybersecurity Executive Order.  What are their chief priorities for FY 18 and beyond?

Moderator:

  • Ralph Kahn, VP, Federal, Tanium

Speakers:

  • Capt. Edward Devinney, Director, Corporate Partnerships and Technology Outreach, US Cyber Command
  • William Marion, Deputy Chief, Information Dominance and Deputy Chief Information Officer, US Air Force
  • Gary Wang, Acting Chief Information Officer/G6, U.S. Army
  • Brigadier General JP McGee, Deputy Commanding General (Operations), U.S. Army Cyber Command

4:30 – 5:00 pm  Closing Keynote

  • General Joseph Votel, Commander, United States Central Command

5:00 – 5:05 pm  Closing Remarks

  • Thomas K. Billington

REGISTER TODAY