Cloud Security

Most government agencies have made the journey to cloud since the Cloud First and Cloud Smart strategies came from OMB starting in 2010. Many organizations have more than one cloud. The challenge becomes blending the different types of cloud and service models to provide access to needed data, while at the same time protecting a much enlarged attack surface created by the large number of workers who are accessing the data remotely.

If there is one lesson to be learned from 2020, it is the importance of agility and security. We continue to face an unpredictable environment with dramatic increases in security threats and cyber attacks.

Attendees who joined us learned how other agencies are solving the cloud security questions. They heard from other executives how they chose their blended solutions and what has worked for them.

Attendees came away with an improved ability to:

  • Balance security in hybrid clouds
  • Assess the current threats for cloud security
  • Cost effective ways to improve cloud security
  • Use emerging tech to monitor and identify attacks
  • Utilize Zero Trust manage access in a secure cloud

Speakers

/media/images/GIG/People/F/Frazier_SeanBW.jpg

Sean Frazier

Federal CSO

Okta

Read More
/media/images/GIG/People/F/Frazier_SeanBW.jpg

Sean Frazier

Federal CSO

Okta

Sean Frazier is Federal CSO at Okta. In his role, Sean acts as the voice of the CSO for Okta's federal business. Prior to joining Okta, Sean spent more than 25 years working in technology and public sector security for companies such as Duo Security, Netscape, LoudCloud/Opsware, Proofpoint, Cisco & MobileIron. Sean has helped lead numerous projects used by the Department of Defense and Intelligence Community, including the Fortezza Crypto Card, Defense Messaging System (DMS) and many others. He also has extensive experience in identity and public key infrastructure (PKI), network, applications, mobile and IoT. Sean has testified in front of the U.S. Senate Homeland Security and Government Affairs Committee on the importance of public/private partnership in protecting the nation’s digital infrastructure. Sean also advises public/private partnership working groups including ACT-IAC, ATARC and many others.

/media/images/GIG/People/J/Jordan_DebraBW.jpg

Debra Jordan

Deputy Chief, Public Safety & Homeland Security Bureau

Federal Communications Commission

Read More
/media/images/GIG/People/J/Jordan_DebraBW.jpg

Debra Jordan

Deputy Chief, Public Safety & Homeland Security Bureau

Federal Communications Commission

Debra Jordan, Deputy Chief of the FCC’s Public Safety & Homeland Security Bureau, is responsible for matters related to emergency preparedness, disaster response, and national security. Ms. Jordan brings more than 30 years of information technology and communications experience supporting the U.S. Department of Defense (DoD), where she managed a variety of critical information and communications systems.

While at DoD, Ms. Jordan served as the Command Information Officer for the Naval Facilities Engineering Command, where she led the Navy’s development of a cybersecurity roadmap for critical utilities and facilities infrastructure. Her career also includes assignments with responsibility for Navy communications networks and telephony services across the Pacific region. As Executive Agent for the U.S. Pacific Command, she led the establishment of E911 and Public Safety Answering Points for the DoD’s Command and Control communications system in the State of Hawaii, including an integrated fail-over capability with county and state first responders. She also served as DoD’s representative to the Hawaii State Public Utilities Commission for numerous communications issues. As Executive Director for Commander, Navy Region Hawaii, she oversaw the migration of emergency communications systems, including integrating communications with state and local first responders. Ms. Jordan, a native of Hawaii, has received the Navy’s Superior and Meritorious Civilian Service Awards.

/media/images/GIG/GIGEvents/2021Custom/Speakers/MetzD_bio_BW.jpg

Danielle Metz

Acting DCIO for Information Enterprise, Office of the DoD Chief Information Officer

Department of Defense

Read More
/media/images/GIG/GIGEvents/2021Custom/Speakers/MetzD_bio_BW.jpg

Danielle Metz

Acting DCIO for Information Enterprise, Office of the DoD Chief Information Officer

Department of Defense

Ms. Danielle Metz is a member of the Senior Executive Service and serves as the Acting Deputy CIO (DCIO) for the Information Enterprise (IE). In this role, she provides oversight, policy guidance, and digital expertise for DoD enterprise infrastructure initiatives driving toward the objectives of digital modernization. She leads Department-wide execution of strategic guidance aimed at achieving an operationally effective and secure Information Enterprise in a cost-efficient manner. Areas of priority include network optimization, cloud adoption, software modernization, and IT reform.

Prior to this role, Ms. Metz served as a policy advisor to the Office of Science and Technology Policy under the Executive Office of the President leading implementation of IT modernization efforts across the Federal Government. She was the Deputy Director for DoD Information Network Modernization under the Office of the DoD CIO leading implementation of DoD’s enterprise mid-point cybersecurity solution. As a senior manager and IT specialist with the Defense Information Systems Agency, Ms. Metz spearheaded initiatives to improve DoD’s ability to protect and defend the network. Her experience includes budget planning, acquisition, policy development, and program management for large enterprise efforts such as the IT reform initiatives under the National Defense Strategy reform line of effort (i.e., cloud migration, network consolidation, and office productivity and collaboration implementation for Defense Agencies and DoD Field Activities); DoD’s Single Security Architecture and Joint Regional Security Stack; and DoD’s perimeter network defense.

Ms. Metz holds a Masters in Economics from the University of Wales, Aberystwyth, and a Bachelor of Arts in Political Science from the University of Georgia. In addition to her numerous awards, she was recently named an FCW 2020 Federal 100 recipient.

/media/images/GIG/People/H/Huber_RobertBW.jpg

Bob Huber*

Chief Security Officer

Tenable

*Providing Session Opening Remarks

Read More
/media/images/GIG/People/H/Huber_RobertBW.jpg

Bob Huber*

Chief Security Officer

Tenable

*Providing Session Opening Remarks

As Chief Security Officer, Robert focuses on implementing programs and strategies to reduce risk to the organization and clients as well as maximizing business opportunities to grow Tenable’s global customer base. He has more than 20 years of information security experience across financial, defense, and critical infrastructure sectors. Robert is also a member of the Air National Guard serving in a cyber operations squadron supporting both federal and state missions.

Robert joined Tenable from Eastwind Networks where he was the Chief Security and Strategy Officer leading its efforts to secure digital transformation and multi-cloud environments. He was a co-founder and president of Critical Intelligence, the pioneering company that provided cyber threat intelligence for industrial control systems which was acquired by iSIGHT Partners.

Previously Robert has served as a member of the Lockheed Martin CIRT, a researcher at Idaho National Laboratory and the Chief Security Architect for JP Morgan Chase. Robert currently serves as a board member and advisor to several security startups.

/media/images/GIG/GIGEvents/2021Custom/Speakers/JonWallBW.jpg

Jon Wall, CISSP CSSLP ITIL

Enterprise Security Executive

Microsoft Corporation

Read More
/media/images/GIG/GIGEvents/2021Custom/Speakers/JonWallBW.jpg

Jon Wall, CISSP CSSLP ITIL

Enterprise Security Executive

Microsoft Corporation

Jon has over 30 years’ experience in Software industry – and is helping lead US Government Agencies Cybersecurity digital transformation. This entails working with Agency CISO and other C level executives to assess and evolve compliance, operations and SOC tooling to support Agencies transformation to Hybrid Cloud enterprises. Jon’s background includes 5 years working on embedded systems used in military simulation, 7 years with Oracle in a consulting and training role, and over 22 years with Microsoft. While with Microsoft Jon has worked with the Trustworthy Computing group, Digital Crimes Unit, Cyber Defense Operations Center, and as lead Program Manager for 7 Common Criteria evaluations for Windows Phone and System Center Mobile Device Manager.

/media/images/GIG/People/M/Matos_CarlosBW.jpg

Carlos Matos

Specialist Solutions Architect

Red Hat

Read More
/media/images/GIG/People/M/Matos_CarlosBW.jpg

Carlos Matos

Specialist Solutions Architect

Red Hat

Carlos Matos is a Specialist Solutions Architect at Red Hat for the North America Public Sector where he is a catalyst for creating possibilities, solving problems, and establishing working relationships across Red Hat’s North America Public Sector organization, internal product teams, and externally across the United States Government and open source communities. As a member of Red Hat’s Government Readiness team, he brings his past experiences as a Platform and Linux engineer supporting the DoD and Public Sector initiatives, with an emphasis on compliance and security. He is both a key contributor and maintainer to the ComplianceAsCode project as well as the OpenSCAP project.

Carlos is a proud Army veteran who holds a Master of Science in Computer Science from Nova Southeastern University and a Bachelor of Science in Computer and Information Sciences from the University of Maryland.

/media/images/GIG/GIGEvents/2019Custom/Speakers/BrianMerrick2019_0.jpg

Brian Merrick

Director of the Cloud Program Management Office

Department of State

Read More
/media/images/GIG/GIGEvents/2019Custom/Speakers/BrianMerrick2019_0.jpg

Brian Merrick

Director of the Cloud Program Management Office

Department of State

Brian Merrick started his career as a commissioned officer in the US Army in 1996. In 2005, he left the Army and worked with PricewaterhouseCoopers as a financial management consultant and an IT project manager working with private industry and the Federal government.

In 2008, Brian joined the Department of State working for the Bureau of Information Resource Management as the Deputy Manager for the IT Cost Center Working Capital Fund supporting the Department’s desktop computing operations. Brian then became the Deputy Executive Director for the Bureau of Educational and Cultural Affairs in 2010 providing management support, including HR, financial, procurement, IT and general services. In 2012, he became the Director of the Office of Digital in the Bureau of International Information Programs, which provides cloud-based web solutions, and interactive digital programing to 275 embassies.

In 2014, Brian became the Senior Advisor to the Deputy Chief Information Officer for Foreign Operations in the Bureau of Information Resource Management supporting global IT infrastructure operations. He then served as the Director of the Office of Innovative Infrastructure providing wireless and cloud based products and services across the Department. Brian is currently the Director of the Cloud Program Management Office, working to modernize IT across the enterprise.

Brian holds a Bachelor’s degree in Business Management from Wright State University and a Master of Science in Leadership from Olin Business School, Washington University. In addition, he holds certifications as a Project Management Professional, Certified Information Systems Auditor, Certified Information Security Manager, Federal IT Security Institute Manager, Certified Defense Financial Manager and Certified Government Financial Manager.

/media/images/GIG/GIGEvents/2021Custom/Speakers/Tittermary_TomBW.jpg

Tom Tittermary

Manager, Federal Sales Engineering

Zscaler

Read More
/media/images/GIG/GIGEvents/2021Custom/Speakers/Tittermary_TomBW.jpg

Tom Tittermary

Manager, Federal Sales Engineering

Zscaler

Tom Tittermary leads Zscaler’s Federal Sales Engineering team. His team works with clients across civilian and defense agencies to help them leverage cloud-delivered zero trust technology solutions to improve the end user experience and meet mission goals.

Tom has over two decades of experience in the federal cybersecurity and IT infrastructure industry. Prior to coming to Zscaler, Tom led the National Security engineering team at Symantec, and was an engineer at DLT solutions where he had a radio show on Federal News Radio called, "Who's your Data?".

/media/images/GIG/People/K/King_RobertBW.jpg

Col Robert King

Senior Materiel Leader, Enterprise IT and Cyber Infrastructure Division, Hanscom Air Force Base, MA

United States Air Force

Read More
/media/images/GIG/People/K/King_RobertBW.jpg

Col Robert King

Senior Materiel Leader, Enterprise IT and Cyber Infrastructure Division, Hanscom Air Force Base, MA

United States Air Force

Colonel Robert Franklin King, “Bobby,” is the Senior Materiel Leader for the Enterprise IT and Cyber Infrastructure Division, Hanscom Air Force Base, MA. The 800+ person Division is the program management office for the $6B AF Intranet, Information Transport System, Deployable Communications, and commoditized infrastructure programs. The Division delivers AF-wide network management and network defense solutions and fields the wired, wireless, and hosting infrastructure for over 300 AF and ANG installations worldwide.

Colonel King was commissioned in 1995 as a graduate of the Air Force Reserve Officer Training Corps at University of Arkansas. He’s held a variety of assignments in aircraft maintenance/munitions, information technology and space systems acquisitions, space systems programming, and satellite operations. This includes service as a Squadron Operations Officer, Materiel Leader for IT Infrastructure, and Space Operations Support Squadron Commander within the National Reconnaissance Office. He has also served in the Pentagon three times; first as an Air Force Intern, then as a Space Superiority Programmer and Executive Officer to the Deputy Chief of Staff for Strategic Plans and Programs (HAF/A8), and finally as Chief of the Information Technology, Cyber, and Business Systems Division, Information Dominance Programs, Secretary of the Air Force for Acquisition. He deployed to Qatar in 2008 and served in the Combined Air and Space Operations Center on the Director of Space Forces (DIRSPACEFOR) staff where he was responsible for integrating space capabilities into combat operations.

Colonel King has four children; Parker, Kayla, Jonathan, and Naomi.

EDUCATION

1995 Bachelor of Science in Mechanical Engineering, University of Arkansas
1997 Master of Business Administration, Embry Riddle Aeronautical University
2002 Master of Arts in Organizational Management, The George Washington University
2016 Master of Strategic Studies, Air War College, Air University

ASSIGNMENTS

1. Jun 95 – Feb 97:F-16 Logistics Officer, Ogden Air Logistics Center, Hill AFB, UT
2. Mar 97 – Feb 98: Munitions Operations Flight Commander, Ogden Air Logistics Center, Hill AFB, UT3. Mar 98 – May 01: Information Tech Program Manager, Standard Systems Group, Maxwell-Gunter AFB, AL
4. Jun 01 – Jun 02:Air Force Intern, Pentagon, Washington DC
5. Jul 02 – May 04:Chief, Concept Development Branch, Space Radar Joint Program Office, Los Angeles AFB, CA
6. Jun 04 – Jun 05:Executive Officer to Vice Commander, Space & Missile Systems Center, Los Angeles AFB, CA
7. Jul 05 – Jun 06:Flight Commander, Space Operations Squadron, National Reconnaissance Office
8. Jun 06 – Jun 08:Chief, Plans and Programs, Operations Support Squadron, National Reconnaissance Office
9. Jul 08 – Apr 09:Director of Operations, Space Operations Support Squadron, National Reconnaissance Office
10. May 09 – May 10: Space Superiority Programmer, Deputy Chief of Staff for Strategic Plans and Program Pentagon, Washington DC
11. Jun 10 – Jun 11: Executive Officer, Deputy Chief of Staff for Strategic Plans and Programs, Pentagon, Washington DC
12. Jul 11 – Jun 14: Commander, Operations Support Squadron, National Reconnaissance Office, Fort Belvoir, VA
13. Jul 14 – Jun 15: Material Leader, IT Infrastructure, National Reconnaissance Office, Chantilly, VA
14. Jul 15 – May 16: Student, Air War College, Maxwell AFB, AL
15. Jun 16 – Jun 17: Chief, IT, Cyber, & Business Systems Division, Secretary of the Air Force for Acquisitions,Pentagon, Washington DC
16. Jun 17 – Present: Senior Materiel Leader, Enterprise IT & Cyber Infrastructure Division, Hanscom AFB, MA
MAJOR AWARDS AND DECORATIONS

Defense Meritorious Service Medal with one oak leaf cluster
Air Force Meritorious Service Medal with three oak leaf clusters
Joint Service Commendation Medal Air Force Commendation Medal
Air Force Achievement Medal
EFFECTIVE DATES OF PROMOTION

Second Lieutenant 12 May 1995
First Lieutenant 15 June 1997
Captain 15 June 1999
Major 1 October 2005
Lieutenant Colonel 1 August 2010
Colonel 1 November 2016

/media/images/GIG/People/R/Ross_RonBW.jpg

Ron Ross

Fellow

National Institute of Standards and Technology

Read More
/media/images/GIG/People/R/Ross_RonBW.jpg

Ron Ross

Fellow

National Institute of Standards and Technology

Ron Ross is a Fellow at the National Institute of Standards and Technology. His focus areas include computer security, systems security engineering, trustworthy systems, and security risk management. Dr. Ross currently leads the NIST Systems Security Engineering Project which includes the development of standards and guidelines for the federal government, contractors, and United States critical infrastructure. He also supports the U.S. State Department in the international outreach program for cybersecurity and critical infrastructure protection. Dr. Ross previously served as the Task Leader for the Joint Task Force, an interagency group that includes the Department of Defense, Office of the Director National Intelligence, U.S. Intelligence Community, and the Committee on National Security Systems, with responsibility for developing a Unified Information Security Framework for the federal government. He also served as the project leader for the Federal Information Security Modernization Act (FISMA) Implementation Project and is the former Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency. During his twenty-year military career, Dr. Ross served as a White House aide and senior technical advisor to the Department of the Army. He has lectured at Stanford University, Massachusetts Institute of Technology, Dartmouth College, Pepperdine University, Naval Postgraduate School, Ohio State University, Auburn University, Hood College and gave the Commencement address at George Washington University (School of Engineering).

Dr. Ross has authored and coauthored many publications on risk management, cybersecurity, systems security engineering, and cyber resiliency. His publications include FIPS 199 (security categorization), FIPS 200 (security requirements), SP 800-30 (risk assessments), SP 800-37 (Risk Management Framework), SP 800-39 (enterprise risk management), SP 800-53 (security and privacy controls), SP 800-53A (security control assessments), SP 800-53B (security and privacy control baselines), SP 800-128 (security configuration management), SP 800-160, V1 (systems security engineering), SP 800-160, V2 (cyber resiliency), SP 800-171 (protection of controlled unclassified information), SP 800-171A (security assessments for controlled unclassified information), and SP 800-172 (enhanced security requirements for advanced cyber-threats).

Dr. Ross has received numerous public and private sector awards including the Presidential Rank Award, Samuel J. Heyman Service to America Medal for Homeland Security and Law Enforcement, Department of Defense Superior Service Medal, National Security Agency Scientific Achievement Award, Department of Commerce Gold and Silver Medal Awards, Applied Computer Security Associates Distinguished Practitioner Award, GCN Government Executive of the Year Award, Vanguard Chairman’s Award, ICIT Pioneer Award, Government Technology Research Alliance Award, InformationWeek’s Government CIO 50 Award, Billington Cybersecurity Leadership Award, ISACA National Capital Area Conyers Award, ISACA Joseph J. Wasserman Award, AFFIRM President’s Award, Symantec Cyber 7 Award, SC Magazine’s Cyber Security Luminaries Award, (ISC)2 Lynn F. McNulty Tribute Award, CES Government Technology Leadership Award, and 1105 Media Gov30 Award. He has also been recognized three-times as one of the Top 10 Influencers in Government IT Security and is a five-time recipient of the Federal 100 award for leadership and technical contributions to cybersecurity projects affecting the federal government. Dr. Ross has been inducted into the National Cyber Security Hall of Fame, selected as an (ISC)2 Fellow, and inducted into the Information Systems Security Association Hall of Fame receiving its highest honor of Distinguished Fellow.

Dr. Ross holds a Bachelor of Science degree in Engineering from the United States Military Academy at West Point. He also holds both Masters and Ph.D. degrees in Computer Science from the United States Naval Postgraduate School specializing in artificial intelligence and robotics.

Agenda

8:30 AM

Wednesday, January 27, 2021

Welcome & Opening Remarks

8:35 AM

Wednesday, January 27, 2021

Delivering Better Software Faster to the Warfighter

Danielle Metz, Acting DCIO for Information Enterprise, Office of the DoD Chief Information Officer, Department of Defense

Bob Huber*, Chief Security Officer, Tenable

*Providing Session Opening Remarks

Description

Ms. Metz will discuss how the Department’s perspective on cloud is evolving to software modernization as it sharpens its focus to address the challenges of delivering better software faster to the warfighter. To deliver this agility, the Department will have to transform many of its processes, including security.

Sponsored By:

9:05 AM

Wednesday, January 27, 2021

Automating Security Compliance

Carlos Matos, Specialist Solutions Architect , Red Hat

Description

 

The hybrid cloud landscape is moving at a rapid pace. In the ever-evolving world of computer security where new vulnerabilities are being discovered, enforcing security compliance must be a continuous and automated process. We need to be flexible in making adjustments to our security compliance policies, as well as ensuring we are periodically assessing and monitoring risks. Learn how Ansible and OpenSCAP, two open-source projects, help to provide automation, security, and compliance across your digital footprint.

Sponsored by:

9:25 AM

Wednesday, January 27, 2021

A Look at Cloud Sharing Services

Debra Jordan, Deputy Chief, Public Safety & Homeland Security Bureau, Federal Communications Commission

9:50 AM

Wednesday, January 27, 2021

Two Views Into Your Cloud Environments – Compliance and Monitoring Views

Jon Wall, CISSP CSSLP ITIL, Enterprise Security Executive, Microsoft Corporation

Description

Sponsored by:

10:10 AM

Wednesday, January 27, 2021

Coffee Break

10:15 AM

Wednesday, January 27, 2021

Developing Cloud Systems that Consumers Can Trust

Ron Ross, Fellow, National Institute of Standards and Technology

Description

Building more secure cloud applications and a cyber resilient cloud infrastructure is essential to gaining the trust of consumers. NIST has developed important guidance in systems security engineering and cyber resilient systems that can help cloud providers increase the penetration resistance of their cloud-based systems, limit the damage to those systems if they are breached or compromised, and deploy systems that are cyber resilient.

10:40 AM

Wednesday, January 27, 2021

I Want My Zero Trust

Sean Frazier, Federal CSO, Okta

Description

Sponsored By:

11:00 AM

Wednesday, January 27, 2021

The Department of the Air Force’s Journey to the Cloud

Col Robert King, Senior Materiel Leader, Enterprise IT and Cyber Infrastructure Division, Hanscom Air Force Base, MA, United States Air Force

Description


The Department of the Air Force is accelerating its move to the cloud and this session will discuss the two major efforts that currently provide cloud services to the Air Force commands. It will also look ahead at partnerships with the Space Force and the roll out of cloud services with multiple levels of security. 

11:25 AM

Wednesday, January 27, 2021

Zero Trust in 2021: Leveraging Advanced Cloud Protection Technologies

Tom Tittermary, Manager, Federal Sales Engineering, Zscaler

Description

Sponsored by:

11:45 AM

Wednesday, January 27, 2021

Securing the Edge all around the Globe

Brian Merrick, Director of the Cloud Program Management Office, Department of State

Description

Join us as  the director of cloud computing discusses some of the unique business capabilities and security challenges facing the Department of State as it delivers secure multi-cloud services in a global environment that includes edge computing examples, identity management, data security tool approaches and leveraging enterprise  cloud platform strategies.

 

12:10 PM

Wednesday, January 27, 2021

Closing Remarks

Underwriters

Red Hat
Microsoft
Zscaler
Okta
Zscaler