Thread Abstracts:
Panel – Threats - Day 1
Thread 1 - Federal Initiatives - Day 1
The Federal Initiative thread is focused on security through enterprise level security and policy.
Speakers will discuss how enterprise architecture, FDCC and SCAP policy initiatives have resulted
in improved cyber security.
Session 1A: OMB Perspectives — Suzanne Lightman, OMB
Session 1B: Federal Desktop Core Configuration (FDCC)/Secure Configuration Automation Protocol (SCAP) — Eric Barrett, NIST
Session 1C: DOJ FDCC Desktop Implementation — Suresh Kewalramani, DOJ
Thread 2 - Network Security - Day 1
The Network Security thread will focus on increasing complexity and frequency of international threats,
and how these threats are identified, escalated for monitoring, and reverse engineered to find the source
of the threat. The thread speakers will discuss recent international threats, and how security information
management and network forensics work together to manage them.
Session 2A: Emerging International Threats - The State of the Hack — Kevin Mandia, Mandiant
Session 2B: Security Information Management (SIM) — Rocky Destefano, Decurity, LLC
Session 2C: Network Forensics — Eddie Schwartz, NetWitness
Thread 3 - IT Security Management – Day 1
The IT Security Management tread is a management level view of new policies and technologies being implemented
to combat the increasing level and complexity of cyber threats. The thread speakers will focus on the benefits
of TIC implementation, vulnerability and patch management, and technologies available to help protect mobile
devices and networks from security threats.
Session 3A: Trusted Internet Connection (TIC) - What it does for YOU — Rob Martin, DOJ
Session 3B: New Technologies for Vulnerability Management and Patch Management — Holly Ridgeway, DOJ Office of Justice Programs
Session 3C: Mobile Security Threats, Vulnerabilities & Technologies — David McGuire and Dave Logan, SRA
Thread CSAM - Day 1
Gain a competitive edge while improving your agency’s IT Security Program performance with an automated tool
that meets the productivity needs of today’s IT Security practitioners. Obtain an overview of the application
functionality that is a “best practices” in supporting the FISMA Reporting and Certification and Accreditation
functionality. The DOJ LOB Shared Service Center has established a strategic partnership of 14 Federal agencies
that utilize a common tool, CSAM, integrating people and enterprise solutions in alignment with agency strategic
planning activities.
Session CSAM A: It's Only Data: FISMA Reporting, Custom Queries & Adhoc Reporting — Adam Oline, DOJ/Ken Gandola, Northrop Grumman
Session CSAM B: The CSAM POA&M Management Primer — Adam Oline, DOJ/Ken Gandola, Northrop Grumman
Session CSAM C: Attacking the Assessment Workload (CSAM Continuous Monitoring) — Adam Oline, DOJ/Ken Gandola, Northrop Grumman
Thread 4 - IT Security Issues of Today - Day 2
This IT Security Issue of Today tread will focus on the strategies and challenges of information security awareness
and training, risk management, and the current efforts to support the IT role in sustaining the DOJ mission. Each
of these sessions brings information to the attendee that permits management focus on important issues in IT
security.
Session 4A: Dare to be Aware — Louis Numkin
Session 4B: Managing Security in a Risk-Based Environment — William G. McKinsey, FBI/CJIS
Session 4C: DOJ Security Operations Center - Year One and Beyond — Jamey Dillon, ManTech, JSOC
Thread 5 – Agency Threat Management – Day 2
The IT technician in the world of today has a myriad of issues to face which directly effect the information
and information systems needed to support the Agency. Here are just 3 of them!
Session 5A: DNS Security Issues and Implementation — Matt Norris, DOJ JSOC and Nathan Rickman, SRA
Session 5B: Unified Threat Management — Randy Lee, Fortinet
Session 5C: Panel - Cyber Crime Investigations — J. Michael Gibbons, Deloitte, Moderator; Paul Vitchock, FBI WAFO and Howard Cox, DOJ Computer Crime and Intellectual Property Section
Thread 6 - IT Security Management - Day 2
This IT Security Management thread covers the very real impact insider threats can have on an organization and
IT network, including the release of classified and personal identification information. The tread speakers
will discuss the challenges of securing production and virtual server network environments from unauthorized
access from within the network.
Session 6A: Detecting the Insider - Real World Lessons Learned — Pat Reidy, FBI ESOC
Session 6B: Where Information Technology and Privacy Meet — Ken Mortensen, Deputy Privacy and Civil Liberties Officer, DOJ
Session 6C: Network Intrusion Case Studies and Countermeasures — Eric Eifert, ManTech
Thread CSAM - Day 2
Gain a competitive edge while improving your agency’s IT Security Program performance with an automated tool
that meets the productivity needs of today’s IT Security practitioners. Obtain an overview of the application
functionality that is a “best practices” in supporting the FISMA Reporting and Certification and Accreditation
functionality. The DOJ LOB Shared Service Center has established a strategic partnership of 14 Federal agencies
that utilize a common tool, CSAM, integrating people and enterprise solutions in alignment with agency strategic
planning activities.
Session CSAM D: It's Only Data: FISMA Reporting, Custom Queries & Adhoc Reporting — Adam Oline, DOJ/Ken Gandola, Northrop Grumman
Session CSAM E: The CSAM POA&M Management Primer — Adam Oline, DOJ/Ken Gandola, Northrop Grumman
Session CSAM F: Attacking the Assessment Workload (CSAM Continuous Monitoring) — Adam Oline, DOJ/Ken Gandola, Northrop Grumman