October 9-10, 2018 | The Hyatt Regency Baltimore Inner Harbor | Baltimore, MD
Maryland is recognized as a cybersecurity leader - nationally and internationally. The state has developed cybersecurity experts, education and training programs, technology, products, systems and infrastructure. With over 10 million cyber hacks a day resulting in an annual worldwide cost of over $100 billion, the United States is at risk.
Last year alone, tens of millions of Americans had their identities and their bank accounts threatened or compromised. Ensuring that our nation has the workforce, technology and resources to protect our citizens, businesses, infrastructure, intellectual property and more is of paramount importance. Maryland continues to be a leader on this front.
Click a block to view session details
Mr. J. Thomas Sadowski
Ms. Tina Williams-Koroma
Constellation Ballroom A/B
The University System of Maryland (USM) engaged the Business Higher Education Forum (BHEF) to perform a case study that "examines how USM collaborated with businesses and government agencies to develop cybersecurity pathways on multiple campuses to build a diverse regional cybersecurity talent ecosystem that can address national security needs."
This panel will include a discussion about the case study, available at http://www.bhef.com/sites/default/files/bhef_2018_USM_0.pdf. The panel will also elaborate on a specific example of USM's work with MITRE who operates the National Cybersecurity Federally Funded Research and Development Center (FFRDC) (NCF). MITRE partnered with USM, and began implementing the nation's first FFRDC, in October 2014. As a part of this partnership, USM also engaged nine (9) other universities throughout the United States (the Academic Affiliates Council [AAC]) to facilitate the realization of the National Institute of Standards and Technology (NIST)'s national cybersecurity vision. The role of USM and the AAC in the NCF involves:
• Forming a strong and collaborative national cybersecurity research and development community that encompasses government, academic, and private sector entities.
• Creating and executing a national cybersecurity R&D strategy and an approach for a strong national cybersecurity workforce. Both strategies will include leadership from government, academia, and the broad private sector.
• Identifying, validating, and initiating funded action on key cybersecurity challenges.
• Shaping the NCF mission and broader cybersecurity initiatives as strategic partners to MITRE.
This session will include a discussion of successes to date, lessons learned, and the strategy for USM's continued role with government and industry.
The Honorable C.A. "Dutch" Ruppersberger
This session will provide unique insight to the challenges we face in cyberspace and the need to develop a Quantum Collective - beyond the USG - to ensure our continued ability to secure our collective resources and treasure in cyberspace.
Dr. Gregory Von Lehman
Dr. Emma Garrison-Alexander
Marcus H. Sachs
Constellation Ballroom C/D
Constellation Ballroom E/F
Securing cities with a heavy reliance on IoT is challenging. As cities like Baltimore look to implement smart city initiatives to increase the quality of life for residents, such as connected security cameras, transportation, expanded WiFi services, 5G, etc. caution must be taken to protect these connected networks from hijacking. Hear from technologists and transit companies the risks posed by implementing IoT into cities and their strategies for minimizing risk.
Our research goal is to build an autonomous cyber defense control system that will make an enterprise network and its associated missions and services, more resilient to cyber-attack. Such a cyber defense system should choose appropriate responses to help the enterprise network achieve its goals and simultaneously withstand, anticipate, recover, and/or evolve in the presence of cyber-attacks. Through automation, the system should make decisions and implement responses in real-time and at scale. Since methods of attack are constantly evolving, this autonomous cyber defense must also be adaptive. Therefore, in our research, we use apply reinforcement learning (RL) to train an agent to perform sequential decision-making under uncertainty to control and defend the network. We will present an overview of our research, and collection of experimental results.
Gayle B. Guilford
Setting the Stage: CISOs wear many hats. At a high level, they're responsible for ensuring effective information security controls are in place and protocols are followed. As such, the Ponemon Institute's January 2018 survey, "What CISOs Worry About," is an important way to set the stage for the upcoming CISO discussions about their top concerns and descriptions of their jobs. At this session, you will learn about CISO concerns and whether or not they have changed in the first half of 2018.
What are the significant factors in a CISO's career and educational background that help them deal with today's threats? In this session, we'll discuss areas such as forecasting, risk management, mobile computing, the Internet of Things, human factors, data privacy, critical infrastructure, and artificial intelligence. These areas are critical for CISOs in addressing data breaches, disruptive technologies, and other security threats.
Dr. Omondi Opala
The Internet as we know it was created by ARPANET in 1969 as switching and flexible distributed packet communication network nodes. The communication process depends on packet forwarding from source to destination through a next hop device also known as routing. The most widely used network transport protocol combination is TCP/IP manages sessions between two interconnected network nodes. The Internet of Things (IoT) is poised to revolutionize the IT industry by allowing connectivity to appliances, cameras, and dumb devices on manufacturing machines to gather pertinent data on utilization. The Internet of Things (IoT) is associated with connecting the sensors and actuators to the new Internet. These include remote home monitoring technologies, wearable computing, self-tracking tools, augmented reality, sensor-rich fabric, intelligent energy and power systems, autonomous vehicles, drones, retail tracking, automated inventory management systems, industrial connectivity and much more.
The IoT phenomenon has been widely adopted by the relevant industries to show case the ubiquitous Internet's value proposition but it brings along a major security risk to the enterprise networks. This is due to the fact that IoT devices relies on some of the vulnerable wireless technologies such as Bluetooth, Wi-Fi, Zig-Bee, Cellular, RFID and many other forms of wireless access technologies. The majority of studies done Gartner and Forester on the Internet of Things estimate that over the next 20 years could add as much as $15 trillion to the global GDP. Others argue that the current over 10 billion wireless devices will increase to 30 billion by 2020 making it a compelling business decision to consider adopting the solution and planning on how to security use it to transact business. The success of the IoT adoption rate does not lie on smart-phones, tablets and laptops which are the current eco-system of IoE but on node or sensor type devices. In this paper we will explore the demand for IoT in different business sectors, highlight inherent risks and recommend security best practices for implementation.
NSA's Cybersecurity Threat Operations Center (NCTOC) serves as the focal point for execution for the agency's 24/7/235 cybersecurity operations mission. NCTOC leverages unique insights into adversary intentions and tradecraft to develop and implement strategic defense measures for the nation's most critical networks. NCTOC resources fully equipped teams who partner with U.S. Cyber Command to serve as the 'front lines' in defending the unclassified Department of Defense Information Network (DoDIN), a global network encompassing three million global users everywhere from office threats on a daily basis.
Dr. Calvin Nobles
How does one become a CISO? This session focuses on how their background and educational experiences have prepared them for the daily stresses, budgeting for cybersecurity, future career, etc. We'll discuss the pipeline and whether IHEs are doing their part and offer advice on steps to becoming a CISO.
Until now, most have assumed encryption is enough to protect stolen data from compromise. Encryption standards have evolved over time as computing capabilities have advanced to crack older generations of code and we have always lived under the assurance that our latest encryption is strong enough to withstand the most formidable foe with almost unlimited resources. However, the newest quantum computer architectures have the future potential to break even the strongest encryption society relies on today. It is time to fight fire with fire and completely upgrade our approach considering quantum networks for encryption key exchange. Battelle, industry researchers and academics are identifying ways quantum networks can be used to protect future generations from having to worry about their encryption again. This panel will center around highlighting new threats that require advances in encryption, automation and machine learning.
Diane M. Janosek
It is widely acknowledged that cyber security is a strong career path and valid choice for any student. Are schools ready?
This session centers on how well prepared academically CISOs are to handle the responsibilities of the position and how often they rely on academic and non-academic skills related to risk analysis, revenue generation, employee productivity, ethics, strategic value of the cyber team, reporting structures, customer satisfaction, and cyber innovation. Senior level cyber professionals will also be on hand for a discussion of life after being a CISO.
Have Board meetings felt career ending? Bring Board members into the fight. By using real stats and metrics with a solid understanding of the business you can clearly articulate risk, expenditures and protect the business. This session will use real examples of statistics, metrics and board level presentations to demonstrate how the Board can buy into the Cybersecurity program.
Ms. Marianne Bailey
NSA's defensive mission has never been more paramount. Our cyber adversaries are relentless, increasingly sophisticated and strategic in their tactics and tradecraft. Our competitors conduct complex cyberspace operations to steal our technology, disrupt our government and commerce, challenge our democratic processes, and threaten our critical infrastructure. As such, the U.S. very recently launched both the National and Department of Defense cyber strategies that emphasize the need for stronger defense for our nation. Safeguarding our digital infrastructure requires an advanced understanding of the threat, predictive and preventative operations, and innovative research and development through technology partnerships.
This session will discuss the NSA Deputy National Manager's perspective on the state of cybersecurity, NSA's outlook on emerging opportunities, and how cyber connects us all.
While 2018 might have been "better" from a government leaks and global ransomware attack perspective, there is no denying that corporate security isn't improving with ample haste, critical infrastructure is easily targeted and nation states continue to grow bigger, faster, stronger. What can we learn about cybersecurity based on the incidents of 2018 and what can we do to prepare for 2019 and beyond? This panel will dissect three destructive cyber incidents of 2018 and discuss how organizations can prioritize their security controls, build a comprehensive response plan and respond to the increasing regulatory controls in order to enforce best practices for corrective action.
1. Ransomware attack took down Baltimore's 911 dispatch system and forced the city to revert to manual dispatching of emergency services
2. Exploited flaw in thousands of MikroTik routers that sent traffic to unknown, attacker controlled IP addresses and enabled eavesdropping
3. Spear Phishing emails enabled Russia to access US electric utilities control rooms via networks that belonged to third-party vendors.
Captain Ed Devinney, US Navy
As the nation's cyber warriors, US Cyber Command (USCYBERCOM) operates daily in cyberspace against capable adversaries, some of whom are now near-peer competitors in this domain. We have learned we must stop attacks before they penetrate our cyber defenses or impair our military forces; and through persistent, integrated operations, we can influence adversary behavior and introduce uncertainty into their calculations. Our forces must be agile, our partnerships operational, and our operations continuous. Policies, doctrine, and processes should keep pace with the speed of events in cyberspace to maintain decisive advantage. Superior strategic effects depend on the alignment of operations, capabilities, and processes, and the seamless integration of intelligence with operations. Now we must apply this experience by scaling to the magnitude of the threat, removing constraints on our speed and agility, and maneuvering to counter adversaries and enhance our national security.
This session will provide an overview USCYBERCOM's updated mission and the primary objectives for the agency. We will also cover industry/academia/USG interaction and how the development of partnerships will be a primary objective to develop enhanced operational capabilities.
What do you get if you combine an abandoned row home, an out of service phone number, and the Social Security number of a newborn baby? A perfectly good line of credit.
Even as the annual costs from identity theft continue to grow, this type of fraud is no longer limited to the compromise of real, tangible identities. Instead, a more insidious form of fraud is beginning to take shape: synthetic identities. Synthetic identities are pieced together from different personal data sources, creating new, largely undetectable personas that can be used to open accounts, take out loans, and run up huge debts. In many cases, synthetic identities exploit the fresh, untapped data of children and infants, creating bad credit that will go unnoticed for more than a decade.
How are these synthetic identities created? Where are criminals getting this data? What can the security industry - and everyday consumers - do about it?
This session investigates the development of synthetic identities, going beyond the surface-level introduction offered by other identity presentations. The session will examine how this new form of fraud is taking shape, and why these synthetic identities can so regularly go undetected. The session will include a deep dive into the thriving underground market for personal data on the dark web, including a survey of the criminal tradecraft that makes it easy for fraudsters to create and exploit these synthetic identities.
Attendees will come away from this session with a framework for understanding how data is valued and traded on the dark web, how data breaches open up a lifetime of exposure, how synthetic identities are developed and exploited, and what security professionals - and parents - can do to protect against this new type of fraud.
Scott Dade, Ed. D.
Join us for a senior leadership panel who will discuss the best ways to engage with USCYBERCOM. Recent contracting authority allows USCYBERCOM to purchase capabilities in support of its mission. Engagement pathways, including the recently launched DreamPort program, will also be discussed. Learn how your organization can provide products and services to support the emerging technology needs of USCYBERCOM.
Public/private collaboration is essential to fill the cyber talent pipeline and improve the safety of information networks that drive national security and economic stability. Collaboration among federal, state, local and private stakeholders, including industry, non-profits, and academia, is the foundation for new cybersecurity education, training and workforce development initiatives. These innovative partnerships are actively addressing the need for skilled and motivated workers to fill the pervasive cybersecurity talent shortage. According to a recent 2018 ISACA survey, 59% of enterprises report unfilled security positions, and 54% stated it takes over three months or longer on average to fill security positions.
In an era marked by rising cyber threats, Maryland's standing as one of the nation's most advanced workforces and a leader in securing critical cyber infrastructure is a testimony to the power of the state's commitment to collaboration among stakeholders. Learn how innovative public/private partnerships are cultivating the skilled workforce needed to compete in today's competitive global environment and equipping industry and government for the challenges that lie ahead.
At the end of this session, participants will be able to:
• Look beyond traditional hiring models to find high-potential talent that can fill vacant positions
• Introduction to various collaboration models that improve cyber workforce development
• Identify existing partnership opportunities in MD
This advanced-level session focuses on driving aggressive growth and business development in the cyber market. Cybersecurity Ventures predicts global spending on cybersecurity will exceed $1 trillion between 2017 and 2021. Well-positioned contractors view the cyber market a growth market even amid federal budget uncertainties. Attendees to this session will learn how to fast-track cyber market growth in both defense and civilian agencies. If you are ready to add a zero onto your revenues, this practical, bottom-line, results oriented session will address:
• Funding trends and using them to your advantage
• Contract vehicles: go or no go
• Positioning to win market share
• The real decision makers and how/when to engage
• Fast-track tools for success
US Cyber Command was granted acquisition authority by the US Congress in October 2016. This session will provide an overview of upcoming technology requirements, along with the acquisition and contracting methodologies to be used by USCC for the purchase of products, services and knowhow required to support the updated mission.
According to a recent Cisco report, there are over 1 million cybersecurity jobs unfilled, which is projected to rise to 6 million by 2019. The problem is two-fold: filling the current gaps while preparing the next workforce generation. The solution requires that the public and private sectors work together to create clear career paths in cybersecurity. In order to recruit and retain skilled personnel, together they must incorporate a variety of employment tools and resources.
In this session you will learn what the public sector is doing at the state and federal levels and how the private sector can become involved while aligning their own efforts, and, an analysis of the latest career education and training programs working to solve this massive problem.
When patients seek medical care, one of the first actions healthcare providers take is ordering imaging procedures such as X-Rays or MRIs to help diagnose issues and determine next steps. Like much of the healthcare industry, medical imaging has also rapidly moved toward the digital space. These images, stored within an online Picture Archiving and Communication System (PACS), are shared among medical staff and remotely accessible on mobile devices.
While PACS allow for more efficient medical processing, the systems are often not developed with security in mind and expose the broader hospital system to cybersecurity risks. Malicious actors could leverage unsecured PACS to infiltrate hospital systems and access critical information and vital medical services, putting patients at risk.
The National Cybersecurity Center of Excellence (NCCoE), working in partnership with healthcare delivery organizations (HDOs), cybersecurity vendors and academic partners, is developing guidance to help HDOs secure their PACS ecosystem, based on a comprehensive risk assessment.
The Picture Archiving and Communications session will:
• Outline the scope of PACS systems within hospitals and other healthcare delivery organizations
• Detail the cybersecurity risks associated with PACS
• Showcase the reference architecture developed by the NCCoE, using NIST cybersecurity standards, to secure the PACS ecosystem within an HDO.
COL Benjamin A. Ring, Ph.D.
The panel discussion hosts various experts providing an overview of the future of US Cybercommand's approach to Cyber Protection Teams, innovating incident response, team collaboration, selection of cyber tools, and their focus of building a stronger national force. The Panel will explain lessons learned over the years including training, skills development, moral management, capability testing and more.
Due to the overwhelming demand for talent in cybersecurity in our region, new and non-traditional pathways to enter the field have emerged. Employers are seeking mission-ready candidates from higher education and new academic programs in cyber are appearing, but the number of qualified students coming out of these programs pales in comparison to the growing demand. Additionally, these graduates typically require on the job experience to be fully productive in their roles.
While there is a negative unemployment rate in cyber, there are too many citizens in our state who are unemployed or underemployed. For the most part, the pool of qualified cyber talent is treated as a zero-sum game, leaving employers to fight over these scarce resources. While companies are drawn to Maryland for our highly educated and well-prepared workforce, they quickly realize that there is a war for that talent, and attracting and retaining it is expensive.
Necessity is driving innovation. Employers are widening their apertures to find candidates from alternative sources with great success. New approaches are developing new talent in cyber, including vocational training programs and apprenticeships. Those with the aptitude and passion needed to be successful in a career in cyber but have not had the opportunity to obtain a cyber-related degree finally have the opportunity to break into the field. And they are bringing with them new experiences, perspectives and diversity to the cyber workforce.
Our panel will include employers with experience hiring cyber talent from these non-traditional sources as well as the cyber professionals who have traveled alternative pathways to break into the field. Hear from them about their experiences and learn about opportunities to participate in the innovation that is happening in our state.
Dr. Balakrishnan Dasarathy
Dr. George Dimitoglou
Answering this question rigorously is vital for keeping faith in our democracy!
Our election systems consist of two major types of systems: ballot and registration systems. A close examination of these systems is necessary to get a complete picture of the prospect of a hack and its ramifications.
Voting ballot machines, where votes are cast, are the most important ones from the election integrity perspective. These machines are not typically connected to the Internet, at least during voting, and that prevents them from being hacked. A thumb drive is used to extract data from a voting machine, and this thumb drive with cryptographically-protected data is then securely handed over to a central location for vote-tallying purposes. In some states, many direct-recording electronic voting machines that do not produce any paper record remain in use. This certainly puts such machines at risk for lost votes in case of machine failures.
The voter-registration systems in many states allow eligible voters to register online, and, as such, are not cyber-attack proof. Hacking here could certainly lead to deletion or manipulation of voter rolls?thus disrupting elections and reducing faith in our electoral process. Fortunately, processes can be put in place to detect, on a daily basis, any alteration to the voter database.
Trustworthiness: Before the 2016 general election, about 34% of likely voters believed that year election would be rigged, according to a New York Times report. The pressing issue is not just one of information security, but about assurance and the trustworthiness of all voting technology and processes. Trustworthiness demands that we maintain a paper trail, that officials and party representatives verify all voting systems are working just prior to voting, and that there is a review of tally results in each precinct?or at least randomly selected precincts?with ballots from the paper trails kept.
The work focuses on identifying the existing challenges and opportunities to make elections secure and reliable: ranging from the voter registration process and the actual voting to counting the results. The solutions require the a certain technology mix, the development of standards and policies along with the political will to fund and deploy a robust election process.
The topic is both timely and relevant given the upcoming elections and will include information and experience related to the securing of the Frederick County Election Board systems and processes during the summer of 2018.
Regional investors in cyber team up with institutional investors to grow local investments into national brands servicing the government and commercial enterprise. Learn what it takes to build credibility, establish partnerships, and raise the capital necessary to launch a cyber company and product in today's market.