For federal, state and local government cybersecurity executives, the mission to detect and eliminate hackers on their expanding digital networks has always been a fluid exercise. In the last year, their work has become even more challenging.
As the pandemic pushed agencies to remote work, they leaned even more on cloud computing, mobile and remote access capabilities, and the attack surface has become more diffuse and vulnerable.
Sly, determined nation-state and criminal adversaries, armed with increasingly sophisticated techniques, have dramatically increased the cybersecurity stakes for government.
A government-wide breach in 2020 thrust supply chain threats to the forefront, starkly illustrating perimeter defenses are no longer adequate, as adversaries exploit less-visible security gaps. Tying down protections for government acquisition processes and infrastructure, and rethinking security tools, services and processes are crucial to blunt the effort of ever-more cunning adversaries.
This FCW Workshop featured government and industry cyber experts who shared the lessons they've learned and the results they've been able to drive at key federal agencies.
At this practical, solutions-oriented virtual event, attendees came away with an improved ability to:
- Identify the risks in the supply chain and how to manage them
- Leverage security operations-as-a-service
- Understand the challenges of mobile device and cross-domain security
- Manage Advanced Persistent Threat evolution
- Deploy a zero trust framework successfully
Speakers
Ryan Chapman
Principal Incident Response Consultant
BlackBerry Security Services
Ryan Chapman works as a Principal Incident Response Consultant for BlackBerry Security Services. He also runs a hacker/security conference, CactusCon, and is an author/instructor for the SANS Institute. In his role as a consultant with BlackBerry's IR team, Ryan is responsible for the execution and analysis of incident response engagements and forensic work. Ryan's team provides consulting services to clients including digital forensics; incident response investigation and containment; malware reverse engineering; host and email compromise assessments; tabletop exercises; and other security services. When not working a client engagement, helping to organize CactusCon, or teaching for SANS, Ryan enjoys watching anime and discussing horses with his daughter and simply spending time with his wife.
Chris Cleary
Principal Cyber Advisor
Department of the Navy
Christopher Cleary was named the Department of the Navy Chief Principal Cyber Advisor (PCA) in November 2020. In this role, he is responsible for advising the Secretary of the Navy, Chief of Naval Operations, and Commandant of the Marine Corps and implementing the Department of Defense Cyber Strategy within the Department of the Navy (DON). Prior to being appointed as the PCA he was the DON Chief Information Security Officer (CISO) and Director of the DON CIO Cybersecurity Directorate.
Before returning to his roots in the Navy, Chris worked in the commercial sector as Vice President of Business Development and Strategy for Leidos’ Cyber & SIGINT Solutions Operation, based in Columbia, Maryland. Chris’s other commercial experience includes Director of Business Development, Tenable; Client Partner, Verizon Enterprise Solutions; Director of Cyber Intelligence, L3 Communications; President, Vir-Sec Government Services; and Senior Manager of Intelligence Programs, Sparta.
Chris is a retired Naval Reserve Officer who served 16 of 24 years on active duty in a variety of leadership roles supporting several commands including, US CYBER COMMAND, National Security Agency (NSA), Office of Naval Intelligence (ONI), National Reconnaissance Office (NRO), Joint Special Operations Command (JSOC), Assault Craft Unit TWO, and USS Simpson (FFG-56). Prior to receiving his commission, Chris spent four years as an F/A-18 Hornet avionics technician serving with The Desert Gladiators (VFA-106). Chris has deployed four times, twice supporting combat operations in Iraq.
He is a Certified Information Systems Security Professional (CISSP) and Program Management Professional (PMP). He has been a lecturer at the United States Naval Academy, Federal Aviation Administration, Naval Postgraduate School, The New School of Design, Montreat College, DEFCON Security Conference, and the National Defense University.
Chris graduated from the United States Naval Academy in 1996 and he obtained a Master of Arts in National Security and Strategic Studies from the Naval War College in 2012.
Royce Allen
Director, Enterprise Security Architecture, Office of Information Security
Department of Veterans Affairs
Read MoreRoyce Allen
Director, Enterprise Security Architecture, Office of Information Security
Department of Veterans Affairs
As Director, Enterprise Cybersecurity Architecture (ESA), Ms. Allen has delivered an ESA Framework for the Department of Veteran Affairs. ESA is responsible for delivering reference security architectures and security patterns; help integrate and align VA security standards and requirements with system, mission, and business requirements throughout the development and product lifecycle. ESA is intended to become an actionable, iterative, automated, enterprise security process model that encompasses security attributes from architecture domains.VA ESA will define, develop, integrate, and implement security principles, strategies, standards, and guidelines, applying Federal Laws, Directives, Standards, Policies, and Processes.
Prior to joining VA, Ms. Allen served as Chief, Office of Oversight and Compliance for the National Security Agency’s Information Assurance (IA) Directorate (IAD) and Cybersecurity (CS) programs. During her tenure she developed a compreshive IA compliance program; revitalized/modernized efforts to identify and deliver state-of-the-art automated compliance internal controls and policies. Her achievements resulted in an agency-wide IA/CS compliance wellness program. Within a year, IA/CS compliance wellness program served as an exemplar to measure compliance readiness and global health by demonstrating significant improvements. Increased IA/CS program compliance to 100%, compared with a previous rating of 3% compliance. Ms. Allen previousely served in extremely challenging roles, namely, Chief, Scalable Analytics Division (a start-up organization) where she led the development of the first IA/CS analytic machine learning algorithms, deploying over 150+ analytics capabilities and tools using cloud and traditional technologies. These tools enabled cyber missions and countered threats throughout the IC, DoD, and federal agencies. Several of her projects supported the development of continuous monitoring, insider threat, and data reduction analytic capabilities. She also worked in the capacity as the Acting, Chief and Deputy Chief, of the Information System Security Engineering (ISSE) Division, and Theater mission liaison to execute the deployment of the first operational ISSE team; she managed and provided security engineering guidance to large-scale DoD weapon system programs. Emphasizing the need to develop junior technical professionals in mathematics, computer science, engineering, and project management, she was a mentor and initiated internal development programs to influence innovation and teambuilding. Ms. Allen served as Chairperson of several technical bodies, including the IA/CS Analytic Vetting Working Group, Co-Chair of the Enterprise Analytic Vetting Working Group, and Co-chair of for the Women Enterprise Resource Working Group.
Chris DeRusha
Federal Chief Information Security Officer
OMB
Chris DeRusha is the Federal Chief Information Security Officer in the Office of Management and Budget (OMB), Office of the Federal Chief Information Officer (OFCIO). He previously was the Chief Information Security Officer for the Biden for President campaign. Prior to joining the campaign in June 2020, he served as the Chief Security Officer for the State of Michigan. Mr. DeRusha has extensive experience managing cybersecurity and critical infrastructure programs and operations both in the public and private sectors. Mr. DeRusha led Ford Motor Company's Enterprise Vulnerability Management program and has over eight years of Federal Government experience working both at the Office of Management and Budget and the U.S. Department of Homeland Security. He holds a Master’s in Security Studies from Columbia University and a Bachelor’s in Business Administration from James Madison University.
Chris Usserman
Director of Security Architecture
Infoblox
Chris Usserman is a Director of Security Architecture and subject matter expert with Infoblox. Chris brings over 30 years’ experience in the U.S. intelligence community, and applies that experience by helping clients understand and incorporate cyber business intelligence to mature client cyber security programs. Chris’ focus is on the U.S. Government, and extends that public/private partnership to enhance the security posture of multiple sectors and communities of interest. Chris has been invited to speak on the subject of DNS and cyber security at global conferences. Prior to Infoblox, Chris was Senior Director, Applied Intelligence as well as Director, Government Programs at iSIGHT Partners (FireEye) for over three years. Chris was also a Lead Research Scientist at Lockheed Martin’s Advanced Technology Laboratories and served 14 years in the U.S. Air Force.
Morgan Adamski
Chief, Cybersecurity Collaboration Center
NSA
Morgan Adamski is the Chief of NSA’s Cybersecurity Collaboration Center and is responsible for leading complex and groundbreaking initiatives for NSA Cybersecurity, specifically focused on co-creating cybersecurity tradecraft through collaborations with industry to change the way we secure the nation. Most recently, as the Deputy Strategic Mission Manager, she led NSA Cybersecurity efforts to build bi-directional analytical relationships with private sector partners providing cybersecurity services to the Defense Industrial Base. Ms. Adamski has been at the forefront of NSA’s Computer Network Defense, Computer Network Exploitation, and Cyber analysis missions for more than a decade. She holds a Master’s of Science in Strategic Intelligence from Mercyhurst University and a Bachelor’s of Art in Peace, War, and Defense with a specialization in National Security from the University of North Carolina-Chapel Hill.
Brandon Shopp*
VP of Product, Network Management
SolarWinds
*Providing Session Opening Remarks
Brandon Shopp*
VP of Product, Network Management
SolarWinds
*Providing Session Opening Remarks
Brandon Shopp has been our Vice President of Product for Network Management since February 2018. He served as our Director of Product Management since November 2011, assuming the title and responsibilities of Senior Director of Product Management in July 2013. Previously, Shopp was the Vice President of Product Management at AlienVault, from August 2016 until February 2018 and the Senior Director of Products at Embarcadero Technologies, from July 2015 until August 2016. Shopp has a proven success record in product delivery and revenue growth, with a wide variety of software product, business model, M&A, and go-to-market strategies experience. Shopp holds a B.B.A. from Texas A&M University.
Matt Jochim
Senior Sales Engineer
Thales Trusted Cyber Technologies
Matt Jochim is a Senior Sales Engineer for Thales Trusted Cyber Technologies (TCT), a trusted, U.S. based source for cyber security solutions for the U.S. Federal Government. Matt has held multiple roles within Thales helping both Commercial and Federal Government customers address their cyber security and certification requirements.
Matt has helped deploy and implement cyber security tools including key management, data encryption and access controls to more than 100 customers across the globe. Through his experiences, he enjoys sharing battle scars and data protection expertise with the cyber security community.
Carolyn Duby
Principal Solutions Engineer, and Cyber Security SME Lead
Cloudera
Carolyn Duby is Principal Solutions Engineer and Lead Cybersecurity SME at Cloudera, where she helps customers worldwide turn their log event haystack into analytic gold. Previously, she was the architect for cybersecurity event correlation at Secureworks. A subject-matter expert in cybersecurity and data science, Carolyn hosts the Future of Data Meetup and enables other developers by speaking at conferences such as Strata Data Conference, Dataworks Summit, Open Data Science Conference, and Day of Security. Carolyn holds an ScB (magna cum laude) and ScM from Brown University, both in computer science. She’s a lifelong learner who completed the Johns Hopkins University Coursera data science specialization. Twitter: @CarolynDuby Linkedin: https://www.linkedin.com/in/carolynduby
Danny Connelly
Chief Information Security Officer
Zscaler
Danny has 20 years of cybersecurity experience split between offensive computing as an ethical hacker and defending some of our most important networks. As a highly regarded thought leader and trusted cybersecurity advisor, Danny has provided guidance and formulated strategies to combat emerging threats for various agencies across the federal government.
Prior to joining Zscaler, Danny was the Associate CISO, Operations Branch Chief for the Centers for Disease Control and Prevention (CDC). During his 11 year tenure at CDC, Danny was responsible for implementing operational capabilities to support incident response, forensics, cyber threat intel and insider threat functions. He has designed, implemented, and optimized enterprise cyber security capabilities to effectively detect, prevent and respond to emerging cybersecurity threats.
Paul Blahusch
Chief Information Security Officer
U.S. Department of Labor
Paul Blahusch has over 20 years of cyber and IT security experience with the U.S. Department of Labor (DOL). He serves as the Director of Cybersecurity and the Chief Information Security Officer (CISO) for DOL in the Office of the Chief Information Officer. In this role, Mr. Blahusch supports the Department’s overall mission by promoting and bolstering enterprise-wide cybersecurity efforts.
He previously served as the Information Technology Security Officer for the Bureau of Labor Statistics.
As CISO, he is responsible for security initiatives within the Department of Labor, including but not limited to regulatory compliance and oversight, Federal Information Security Modernization Act (FISMA) implementation and planning, computer awareness and training, and computer security incident response. His role in the Department also involves collaborating with senior leadership to integrate information security with capital planning, enterprise architecture, and information collection initiatives.
Paul Blahusch holds a Bachelor of Science in Petroleum and Natural Gas Engineering from the Pennsylvania State University. He is also a Certified Information Systems Security Professional (CISSP).
Kamran Khaliq
Chief Information Security Officer
Department of Health and Human Services
Kamran Khaliq is the Office of the Secretary Chief Information Security Officer at the U.S. Department of Health & Human Services (HHS). In his current role, he is responsible for managing risk as it relates to IT security and compliance of all Systems under the HHS Office of the Secretary. In his previous role, Kamran was the Senior Cyber Advisor at HHS Office of the Chief Information Officer (OCIO), he was responsible for providing guidance, expert advice, and technical direction to secure Departmental information systems and processes. During this time, Kamran has led OCIO with developing, architecting, and securing critical HHS systems supporting the White House Coronavirus Task Force and the Federal response to the COVID-19 public health emergency. This includes leading and supporting the HHS Protect data analytics program, the COVID-19 Prevention and Clinical Trial Network, the healthcare sector-wide reporting and monitoring system for COVID-19, and the HHS public information and messaging platforms for COVID-19 data and response coordination.
Before coming to HHS OCIO, Kamran worked 11 years at the HHS Office of Inspector General. He supported the Department’s oversight and law enforcement organization as acting Chief Information Security Officer (CISO) and acting Director of the Information Assurance Division. In these positions, he led efforts that ensured service providers met information security, auditing, and investigative requirements. This included supporting secure adoption of federal shared services at the U.S. Department of Agriculture National Information Technology Center, and FedRAMP providers such as Microsoft Office 365 and Amazon Web Services.
In total, Kamran has over 21 years of information technology leadership experience across the Federal Government and private industry. He holds a Bachelor of Science in Computer Information Systems, and is an avid bicyclist.
Agenda
8:30 AM
Wednesday, August 4, 2021
Welcome & Opening Remarks
8:35 AM
Wednesday, August 4, 2021
Opening Keynote: Building Coalitions to Share Cyber Information
Morgan Adamski, Chief, Cybersecurity Collaboration Center, NSA
Brandon Shopp*, VP of Product, Network Management, SolarWinds
*Providing Session Opening Remarks
Effective cybersecurity across public and private sectors requires bi-lateral sharing of threat intelligence and co-developed cybersecurity tradecraft to secure our nation against our most sophisticated adversaries. Beyond information sharing, we must develop coalitions between government, industry, and academia to foster a continuous dialog to prevent threats to our most critical systems.
Opening Remarks By:
9:05 AM
Wednesday, August 4, 2021
Shifting the Mindset from “Breach Prevention” to “Acceptance”
Matt Jochim, Senior Sales Engineer, Thales Trusted Cyber Technologies
The numbers don’t lie – whether internal or external, breaches are inevitable. Supply chain attacks, insider threats, ransomware, malware, phishing, identity/credential theft—attack vectors are targeting agencies from all angles. In today’s environment, the core of any security strategy needs to shift from “breach prevention” to “breach acceptance”. And, the best way to prevent your agency from becoming victimized is by adopting a zero trust approach to security while establishing strong supply chain risk management plans.
This webinar will discuss what agencies need to do before their networks are compromised. Discussion topics will include:
- Tips for adopting a zero trust architecture
- Key principles for protecting data from the data center to the cloud
- Supply chain risk management requirements
Sponsored By:
9:25 AM
Wednesday, August 4, 2021
Creating a Plan for Zero Trust Architecture
Paul Blahusch, Chief Information Security Officer, U.S. Department of Labor
Learn about the Department of Labor’s plan for developing and implementing a Zero Trust Architecture (ZTA), which supports President Biden’s Executive Order on Cybersecurity. Chief Information Security Officer Paul Blahusch will detail the process the Department of Labor (DOL) used to develop a plan, including: 1) Determining the overall target framework of ZTA for the Department; 2) Evaluating the current state of applicable controls and architectures; 3) Conducting a gap analysis between the current and target states; and 4) Identifying actions to address those gaps.
9:50 AM
Wednesday, August 4, 2021
Federal Cybersecurity: Refresh Your Approach to Detection and Response
Carolyn Duby, Principal Solutions Engineer, and Cyber Security SME Lead, Cloudera
Sponsored By:
10:10 AM
Wednesday, August 4, 2021
Coffee Break
10:15 AM
Wednesday, August 4, 2021
Cyber Risk Reduction in a Changing Mobile World
Kamran Khaliq, Chief Information Security Officer, Department of Health and Human Services
An in-depth look at how to identify and manage risk, not only in the supply chain, but all across the computing environment, protecting the devices and the applications.
10:40 AM
Wednesday, August 4, 2021
Attacks to Zero Trust: How Cyber Hygiene Impacts Network and Security Teams
Chris Usserman, Director of Security Architecture , Infoblox
Sponsored By:
11:00 AM
Wednesday, August 4, 2021
The Convergence of Cybersecurity and Warfighting
Chris Cleary, Principal Cyber Advisor , Department of the Navy
11:25 AM
Wednesday, August 4, 2021
Keys to Successfully Deploying a True Zero Trust Posture or Framework
Danny Connelly, Chief Information Security Officer, Zscaler
Sponsored By:
11:45 AM
Wednesday, August 4, 2021
Veterans Affairs Journey to Zero Trust
Royce Allen, Director, Enterprise Security Architecture, Office of Information Security, Department of Veterans Affairs
This session will highlight the approach that VA is using to advance Zero Trust Architecture and address the growing and evolving cybersecurity challenges. VA, a large and geographically dispersed agency, shares lessons from its IT modernization and digital transformation efforts, as well as its increased security initiatives.
12:10 PM
Wednesday, August 4, 2021
Ransomware Prevention 101
Ryan Chapman, Principal Incident Response Consultant, BlackBerry Security Services
Sponsored By:
12:30 PM
Wednesday, August 4, 2021
Cybersecurity Evolution and Revolution
Chris DeRusha, Federal Chief Information Security Officer, OMB
The Federal Chief Information Security Officer will review the Executive Order on Improving the Nation’s Cybersecurity. The White House is pushing ahead with a cybersecurity order for agencies to protect not only federal networks, but also help defend critical infrastructure. Along with those latest requirements, federal agencies have to navigate emerging technologies such as Zero Trust, as well as modernize their IT and enhance the security of the software supply chain. The Federal Information Security Modernization Act (FISMA) also needs to be updated to help drive cybersecurity modernization. Coordination across the federal government will be crucial in effectively improving the government’s cybersecurity posture.
12:55 PM
Wednesday, August 4, 2021