|
|
|
|
| Conference Logistics | 8:30 - 8:45 |
|
|
|
|
|
| Welcome | 8:45 - 8:50 |
| Kevin Deeley, Deputy CIO and Chief Information Security Officer, DOJ |
|
|
|
|
|
|
| 2010 Cyber Security Direction and Initiatives for DOJ | 8:50 - 9:15 |
| Van Hitch, Deputy Assistant Attorney General for Information Resource Management/Chief Information Officer, DOJ |
|
|
|
|
|
|
| $$Cyber Cash$$ | 9:15 - 10:00 |
| Jeffrey L. Troy, Chief of the Cyber Criminal Program, FBI |
| Jeff Troy discusses how the emerging threats affecting us at work and home are translating to cyber cash for the criminal. |
|
|
|
|
|
|
| Making "IT" Happen (Panel) | 10:00 - 10:30 |
| Jeremy Warren, Chief Technology Officer, DOJ |
|
| Chad Fulgham, Chief Information Officer, FBI |
|
| Mark Fleshman, CIO, EOUSA |
| Learn how two CIO's are leveraging technology to meet mission needs and how they are handling the security challenges associated with new technologies. What security issues are the most difficult to mitigate or accept? |
|
|
|
|
|
|
|
|
|
| Information Security and Identity Management Committee (ISIMC) Update | |
| Brian Burns, Deputy CIO, Department of Education and Deputy CIO for Emerging Technology, U.S. Navy |
|
| Paul D. Fitzgerald, OCIO, DOJ |
|
| Deborah Gallagher, Project Lead, DHS Office of Chief Information Officer, Enterprise Architect PMO |
| The ISIMC is taking steps to deliver on the President's pledge for cybersecurity. It provides a consensus-based forum to support the Federal CIO Council (FCIOC) that enables CIOs and CISOs to collaborate on identifying high priority security and identity management initiatives; and developing recommendations for policies, procedures, and standards to address those initiatives that enhance the security posture and protection afforded to Federal Government networks, information, and information systems. This session will be a discussion of ISIMC subcommittee activities and how their efforts will effect you. |
|
| Mitra Nejad-Guerin, Chief of Planning and Programs, Office of Science and Technology, ATF, Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) |
|
|
|
|
|
|
| Trends in Foreign Network Intrusions | |
| Stephen Windsor, Lead, Digital Forensics & Incident Response Team, Booz Allen Hamilton |
| This presentation will discuss the trends we have identified in foreign network intrusions into government, military, and defense contractor networks. We will start in the year 2000 and work our way through 2009, showing examples of attack techniques and captured malicious code, followed by discussion on effective countermeasure development and non-traditional risk factors that must be remediated to mitigate our risk from these types of attacks. |
|
|
|
|
|
|
| For Your Eyes Only: Encrypting Data at Rest | |
| Kiran Balsa, Program Manager, Data at Rest (DAR), ITSS |
| This conference session will provide an overview of the Data At Rest encryption program, DOJ's initiative including deployment timelines and solution overview. |
|
|
|
|
|
|
| It’s Only Data: FISMA Reporting, Custom Queries & User-Defined Attributes | |
| Ken Gandola, Senior Systems Engineer, ITSS |
|
| Adam Oline, IT Security Specialist and Developer, ITSS |
| This session provides a comprehensive overview of the dynamic capabilities of the Cyber Security Assessment and Management (CSAM) application to generate reports and arrange essential information so IT security practitioners can make credible, risk-based decisions. |
|
|
|
|
|
|
|
|
|
| Trusted Internet Connection 2.0 | |
| Rob Martin, Assistant Director, Infrastructure Development, JMD ESS |
| The first phase of OMB/DHS TIC compliance is now complete. This session will discuss next steps: Dallas Data Center, service expansion and consolidation. |
|
|
|
|
|
|
| Innovative Component Technologies - Mobile Devices | |
| Rick Holgate, CIO, ATF |
| Motivated by a need to improve the flexibility and availability of mobile communications for its agents and investigators, ATF is currently engaged in a pilot deployment of handheld devices that offer a secure platform for access to mission-critical applications and data. A complement to the ubiquitous BlackBerry infrastructure, the pilot platform maintains requisite levels of security on the devices while offering a more robust portfolio of applications - including, in the pilot, the ability to monitor and control surveillance cameras in real time. While the pilot is focused on the Windows Mobile platform and associated devices, the capability is extensible to other mobile operating systems (including Google Android and iPhone). |
|
|
|
|
|
|
| Identify, Modify and Verify - Solving the Network Hygiene Issue | |
| Chad Fulgham, Chief Information Officer, FBI |
|
| David Otto, Program Manager, ELMS BigFix Program Management Office, DOJ |
This session takes a closer look at vulnerability management capabilities provided by the Endpoint Lifecycle Management System (ELMS) platform. It will also include an examination of the full capabilities that DOJ will deploy to achieve real time situational awareness, vulnerability and risk management and automated reporting.
FBI is DOJ's first component to implement and will discuss their implementation. |
|
|
|
|
|
|
| POA&M Management Primer | |
| Ken Gandola, Senior Systems Engineer, ITSS |
|
| Adam Oline, IT Security Specialist and Developer, ITSS |
| This session demonstrates how to lay the solid foundation to manage POA&Ms from cradle to grave. |
|
|
|
|
|
|
|
|
|
| "Lost in the Cloud" | |
| Skip Bailey, Director, Deloitte |
| Learn how agencies can leverage cloud computing without giving their information away. This session discusses the pros and cons of cloud computing. Where it could be leveraged safely to enhance the mission and cut costs from a former ATF CIO's viewpoint. |
|
|
|
|
|
|
| Innovative Component Technologies: USAConnect | |
| Ted Shelkey, Assistant Director, EOUSA |
|
| Stacy Joannes, Senior Information Technology Specialist, EOUSA |
| EOUSA has built a secure thumb drive that totally isolates the host system from the remote desktop solution offering a cost effective, secure alternative to issuing GFE laptops to every mobile worker. |
|
|
|
|
|
|
| The Russians are Coming! | |
| Alex Cox, Senior Consultant, NetWitness Corporation |
| The cyber-criminal underground and nation-sponsored groups are using custom-developed malware, third-party vulnerabilities via exploit kits, and code obfuscation to bypass existing security technologies and perceptions of security at most large organizations. In this session you will learn: How "status quo" thinking has caused a dangerous precedence in the perceived security of an organization. Techniques to analyze malware and malicious code using freely available tools and technologies that don't require a reverse engineering background. How current malicious code technologies and exploitation techniques are bypassing existing security controls. How advanced network monitoring and session reconstruction can assist in identifying exploitation techniques through live demonstrations. |
|
|
|
|
|
|
| Attacking the Assessment Workload | |
| Ken Gandola, Senior Systems Engineer, ITSS |
|
| Adam Oline, IT Security Specialist and Developer, ITSS |
| The monitoring solution enhances the enterprises ability to help ensure FISMA compliance and standardize risk assessments for CSAM continuous enterprise information systems. Learn how CSAM provides the capability to identify, establish and manage policies and implementation procedures. |
|
|
|
|
|
|
|
|
|
| Birds of a Feather - Open Forum - What Technologies Do Your Customers Want? How Can You Get to Yes? | 4:00 - 4:45 |
|
|
|
|
|
|
|
| Conference Logistics | 8:30 - 8:45 |
|
|
|
|
|
| Welcome | 8:45 - 9:00 |
| Van Hitch, Deputy Assistant Attorney General for Information Resource Management/Chief Information Officer, DOJ |
|
|
|
|
|
|
| Keynote Address | 9:00 - 9:30 |
| Thomas Perrelli, Associate Attorney General, DOJ |
| President Obama has identified Cyber Security as a National Security imperative, and DOJ is recognized as a cyber security leader among Civilian agencies. DOJ Senior management is very concerned about the growing advanced persistent threat against DOJ information assets. The Associate Attorney General, Thomas Perrelli will discuss initiatives that will be the important focus for DOJ in 2010. |
|
|
|
|
|
|
| NSA - National Security Agency/Central Security Service (NSA/CSS) Threat Operations Center (NTOC) | 9:30 - 10:15 |
| Phil Bodkin, NTOC, NSA/CSS |
| Provide the DOJ community with a meaningful glimpse and understanding on the coordination, communication, and collaboration challenges that the NTOC faces daily, while protecting national security systems, selected networks of interest and information processing systems from harm. |
|
|
|
|
|
|
| Panel on Web 2.0 | 10:15 - 11:00 |
| Eric Olson, Deputy CIO/Director, DOJ E-Government Services, DOJ (Panel Facilitator) |
|
|
|
| Kristen Moncada, Director, DOJ Office of Privacy and Civil Liberties, OPCL |
|
| Jenny Plante, Director, DOJ Office of Records Management Policy, ORMP |
|
| Pam Jadwin, OGC |
| Join this lively discussion on how to implement Web 2.0 in DOJ. They will share customer requests, best practices, and the issues involving implementation, records management, content management, security, technology limitations, etc. |
|
|
|
|
|
|
|
|
|
| Anatomy of DOJ DDOS Attack - JSOC
| |
| Holly Ridgeway, Deputy CISO, Director, JSOC, DOJ |
|
|
| James Rodgers, JSOC Incident Response Lead |
|
| Matt Ashburn, JSOC IR, JSOC |
| Denial of service (DoS) attacks are a threat faced by any organization with an Internet presence. Botnets are typically used to carry out distributed denial of service (DDoS) attacks and home computers often fall victim to compromise and use in a botnet. This session analyzes an actual DDoS attack experienced by DOJ including attack traffic, impact, and mitigation measures. This session also covers botnet basics and how users can minimize the likelihood of home systems being used in a botnet. |
|
|
|
|
|
|
| Innovative Component Technologies | |
| Joe Galindo, Unit Chief, FBI, FBI |
|
|
|
|
|
|
| Security and New Technology Trends | |
| Jeremy Warren, Chief Technology Officer, DOJ |
| Learn about new trends in information technology and their impact on security in the near future. There will be discussion of cloud computing, federated identity management, and more. How will each of these ease existing security challenges and/or present new ones? |
|
|
|
|
|
|
| It’s Only Data: FISMA Reporting, Custom Queries & User-Defined Attributes | |
| Ken Gandola, Senior Systems Engineer, ITSS |
|
| Adam Oline, IT Security Specialist and Developer, ITSS |
| This session provides a comprehensive overview of the dynamic capabilities of the Cyber Security Assessment and Management (CSAM) application to generate reports and arrange essential information so IT security practitioners can make credible, risk-based decisions. |
|
|
|
|
|
|
|
|
|
| JCONext | |
| Rob Martin, Assistant Director, Infrastructure Development, JMD ESS |
| OCIO has completed the initial instantiation of the consolidated directory and migration effort. This standard environment is currently hosting 2 Component's identities and we are currently migrating JMD and providing office automation services to include Exchange 2007, Server 2008, MOSS 2007 and BES. The entire environment is virtualized and fully redundant at the Dallas Data Center. This environment is also hosting various Enterprise applications such as DAR, ELMS (Big Fix), Blue Coat Reporting Server, MDS and VDS. This discussion will address the advantages of the security protections of this environment and how DOJ plans to use this environment moving forward. |
|
|
|
|
|
|
| Financial Audits in 2010 | |
| Kevin Deeley, Deputy CIO and Chief Information Security Officer, DOJ |
|
| Melinda B. Morgan, Director of Finance Staff, Office of the Controller, DOJ |
| Melinda Morgan and Kevin Deeley have extensive experience in ensuring systems are operating securely, join us as they discuss best practices and techniques for ensuring that your systems are compliant..and what changes or focus to expect in 2010? |
|
|
|
|
|
|
| Innovative Component Technologies -Secure Virtual Desktop | |
| Laks Prabhala, Director, IT Security, OJP, DOJ |
| OJP's unique community and public safety oriented mission requires the use of and access to a diverse type of Internet-based services and resources , many of which currently violate DOJ web surfing acceptable-use policies or fall into categories blocked or not fully supported by DOJ enterprise web gateways. An enterprise solution is required to allow OJP to securely access these resources without compromising or subverting OJP and DOJ enterprise security policies or objectives. This session discusses a proposed solution [Enterprise Secure Virtual Desktop (SVD)] which can potentially meet those business requirements while meeting the policies and security requirements. |
|
|
|
|
|
|
| POA&M Management Primer | |
| Ken Gandola, Senior Systems Engineer, ITSS |
|
| Adam Oline, IT Security Specialist and Developer, ITSS |
| This session demonstrates how to lay the solid foundation to manage POA&Ms from cradle to grave. |
|
|
|
|
|
|
|
|
|
| The Shifting Security Paradigm | |
| Mischel Kwon, Vice President of Public Sector Security Solutions, RSA |
| FISMA, Best Practice, Audit, Policy - just when we thought we had security defined...the other shoe drops. Today's security is yesterday's security plus...learn what, why, and how we add that plus to government networks - and your own personal computing. Discuss why what we are protecting is different, who the adversaries are, and why their tactics, techniques, and protocols are keeping us on our toes. |
|
|
|
|
|
|
| Full Content Inspection:
Enabling the DOJ Mission with Secure and Flexible Web Application Delivery and Hosting Environments
| |
| Matt Darlage, Senior Network Security Engineer, JMD OSS |
| This session is a real-world technical presentation depicting how the DOJ is evolving as an enterprise web application delivery and hosting provider using inline web application firewalls, reverse proxies, SSL termination, and content inspection services (anti-virus, intrusion prevention). Deployment of these services for publically accessible web applications creates a centralized user access path and security enforcement point through DOJ's TICAP gateway and their use enables DOJ to leverage efficient internal user access paths as well as facilitate information sharing between law enforcement applications distributed across DOJ and its partner locations. This presentation will dive into the challenges of being the DOJ enterprise web application delivery and hosting provider, the technical evolution of existing DOJ web application hosting models, and how advanced content inspection security services and monitoring mechanisms are making the DOJ enterprise more secure, flexible, and customer-centric. |
|
|
|
|
|
|
| Contingency Planning * | |
| Pauline Bowen, IT Specialist, Computer Security Division, NIST |
What does NIST have up its sleeve for Contingency Planning?
The revised Contingency Planning Guide for Federal Information Systems (NIST SP 800-34) is in draft. What does it say? What does it mean? What do I have to do??? Come and find out. This session will count as contingency plan training for component contingency coordinators.
• Counts as contingency plan training |
|
|
|
|
|
|
| Attacking the Assessment Workload (CSAM Continuous Monitoring) | |
| Ken Gandola, Senior Systems Engineer, ITSS |
|
| Adam Oline, IT Security Specialist and Developer, ITSS |
| The CSAM continuous monitoring solution enhances the enterprises ability to help ensure FISMA compliance and standardize risk assessments for enterprise information systems. Learn how CSAM provides the capability to identify, establish and manage policies and implementation procedures. |
|
|
|
|
|
|
|
|
|
| CISO/DCISO - Open Forum - What Changes Would You Like to See? Where Do you Need Help? | 3:45 - 4:30 |
| Kevin Deeley, Deputy CIO and Chief Information Security Officer, DOJ |
|
| Holly Ridgeway, Deputy CISO, Director, JSOC, DOJ |
|
|
|