To view the printable agenda you must have a PDF reader, such as Adobe Reader, installed on your computer. Click the button below to install Adobe Reader.
Click the following link to download the agenda.
|
8:30 a.m. -
8:35 a.m.
| Welcome/Conference Logistics
Room 145 A/B- Marty Burkhouse, IT Specialist, IT Security Staff, DOJ
|
8:35 a.m. -
8:45 a.m.
| Welcome Remarks
Room 145 A/B- Eric R. Olson, Acting Chief Information Officer / Acting Deputy Assistant Attorney General for Information Resource Management, DOJ
|
8:45 a.m. -
9:30 a.m.
| Tech Trends for 2012
Room 145 A/B- Mark White, Chief Technology Officer/Senior IT Principal, Department of Homeland Security Account Team, Deloitte Consulting LLP
|
9:30 a.m. -
10:45 a.m.
| "Betrayed" Insider Threat Training*
Room 145 A/B |
10:45 a.m. -
11:15 a.m.
| Break
|
11:15 a.m. -
11:45 a.m.
| Management/FISMA
Mobile Computing
Room 145 A- Mike Fuller, IT Security Staff, DOJ
Smartphones, tablets, and other mobile computing devices are quickly proliferating across the consumer market. iPhones, iPads, Androids, and other devices are becoming a necessary part of people's everyday lives. As such, employees have a strong desire to use these familiar consumer oriented devices in their work place and they are pushing their management to allow it. Simultaneously, many organizations are under pressure to expand telecommuting options and reduce IT and telecommunication costs. The trend of implementing consumer mobile devices has been accelerating in the Federal government and DOJ is no exception, with many Components moving forward with Mobility pilots and facing these obstacles. This session will focus on how ITSS is addressing these challenges in a comprehensive manner, through creating policies, processes, and guides to assist in mobile device planning and deployments. We will also discuss the risks and challenges associated with deploying consumer oriented mobile devices into Government enterprise environments, including a discussion on the unique vulnerabilities and potential attack vectors associated with these devices.
| Technology at Justice
DOJ Connect
Room 145 B- Kennet Ake, Enterprise Solutions Staff, DOJ
DOJ Connect is a portfolio of solutions designed to meet increased mobile computing needs and existing Continuity of Operations Plan requirements by leveraging emerging technologies to enhance current remote access solutions. These new solutions support remote access across a variety of different channels, including mobile devices/iPads, personal computers, and Government-issued laptops. This presentation will include an overview of the program and key benefits, and it will also describe the program methodology and key service offerings.
| Secure Your Systems
Microsoft Incident Response Team: Lessons from the Field
147 A- John Asante, Microsoft Corporation
- Sean Finnegan, Technical Director, Microsoft Cybersecurity Services Practice, Microsoft Corporation
The Microsoft Consulting Services Cybersecurity Team responds to cases of targeted exploitation at customers worldwide. The incident response team discusses lessons learned from investigating intrusions and will share real-world methods you can implement to disrupt the exploitation cycle utilized by determined human adversaries.
| Innovations
CSAM Version 3.0: Taking Security Authorization and Continuous Monitoring to the Next Level
Room 147 B- Ken Gandola, IT Security Staff, DOJ
- Adam Oline, IT Security Staff, DOJ
- Matthew J. Peter, IT Security Staff, DOJ
This demonstration will provide the CSAM user an overview of how the CSAM V3.0 upgrade has provided the IT Security Specialist with enhanced tools to schedule and manage workload, improve team coordination and communications, track and monitor performance and trend lines, increase awareness of target dates and event triggered workflow. The presentation will highlight CSAM generated notifications, dashlets, queries and the new personalized Dashboards. The LOB Team will also address how Continuous Monitoring and Risk Management Framework functionality can lead to efficiencies and enhanced productivity
|
11:45 a.m. -
1:00 p.m.
| Lunch
|
1:00 p.m. -
2:00 p.m.
| Management/FISMA
Implementing 800-147 BIOS Protection Guidelines
Room 145 A- Tim Polk, Computer Scientist, NIST
NIST has been actively working to address security threats to the firmware in common computing platforms. Tim will will presenting the motivations for this work, and overview NIST's recent accomplishments and current efforts in this space.
| Technology at Justice
Lessons Learned from Virtualized Desktops
Room 145 B- Doug McManus, Civil Division, DOJ
- Todd Miller, Civil Division, DOJ
The Civil Division recently concluded the rollout of nearly 2,600 virtual desktops supporting staff in 17 buildings. The entire effort - encompassing design, procurement, engineering, testing, piloting, training and rollout - spanned 18 months and was performed by a small cadre of Civil Division staff. Presentation topics include: the business case for virtualization; the technical challenges encountered with bleeding edge technology; lessons learned from both technical and end-user support perspectives; and cybersecurity considerations.
| Secure Your Systems
Visualizing Change Over Time to Support Digital Forensics
Room 147 A- Timothy Leschke, Senior Forensic Engineer, ManTech International
The presentation will include a description of virtual environments, and associated models. Also discussed will be IT security concerns (i.e., threats, risks, vulnerabilities, types of attacks), the issues and challenges (i.e., obstacles, hidden costs, complexities, virtualization sprawl, monitoring virtual events, and backup and recovery), and recommendations, best practices, and guidance.
| Innovations
FISMA 2012
Room 147 B- Matt Coose, Director, DHS, Federal Network Security, National Cyber Security Division, National Protection and Programs Directorate, DHS
Matt Coose, Department of Homeland Security, Director of Federal Network Security, will present an overview of the Federal Information Security Management Act (FISMA) guidelines and standards for 2012 and discuss the Federal Network Security Division's Mission and Process. A question and answer session will round out the discussion.
|
2:00 p.m. -
2:30 p.m.
| Break
|
2:30 p.m. -
3:30 p.m.
| Management/FISMA
Safe and Secure Online
Room 145 A- Julie Peeler, Director, (ISC)2 Foundation
- Dan Waddell, North American Advisory Board Member, (ISC)2 and Director, Information Security & Privacy Practice, Tantus Technologies
With the proliferation of mobile devices, social networking and the cloud, children are more susceptible to online dangers than ever. It is of utmost importance to teach them how to be safe and responsible digital citizens. The (ISC)2's Safe and Secure Online program brings its certified information security expert members into schools to educate children as well as their parents and teachers. According to the National Cyber Security Alliance (NCSA) 2010 National K-12 Baseline Study, 95% of educators, school administrators and technology coordinators believe that cyberethics, cybersafety and cybersecurity should be taught in schools. Additionally, nearly 30% of teachers do not believe they are prepared, and nearly 25% believe they are only somewhat prepared to discuss subjects such as cyberbullying, malware, phishing scams, sexting and data backups in the classroom. The (ISC)2's Safe and Secure Online (SSO) program brings its certified information security expert members directly into classrooms to educate students on topics such as cyberbullying, social networking, malware, identity theft, password protection, and more. The program provides these modern-day volunteer Officer Friendlies with cutting-edge presentation material, including an interactive PowerPoint presentation with music, videos and games, and advice on presenting to children in a classroom environment. Over 70,000 children have been reached through the program to date, and a new parent/teacher presentation was launched in 2011 to ensure they have the skills to protect the children in their care.
| Technology at Justice
Secure Configuration Management
Room 145 B- David Otto, IT Security Staff, DOJ
Hardly a month goes by without a zero day patch release. That's on top of a monthly scheduled release tempo that averages dozens of critical patch releases. Green IT requirements, power management configuration standards, and requirements for full desk encryption present special challenges for System Operators trying to patch every endpoint in a timely manner. Dave Otto and the ELMS team present a strategic approach to patch and power management that addresses best practices for implementing required power management settings and how to fully integrate and optimize patch management for your endpoints. Optimizing your patch management approach to seamlessly integrate with your power management settings can result in considerable savings for system owners as you streamline and optimize your patch efforts.
| Secure Your Systems
Protect Your Cloud Data: Route High Jacking Autonomous System Origin Validation + BGP Security
Room 147 A- Michael Glenn, CenturyLink
The Internet has transformed the lives of people around the world, forced changes in the way countries govern their people and has transformed how businesses function. There is much attention on the security and threats that transit the Internet but as important is the security of the Internet infrastructure itself. Border Gateway Protocol or BGP is a critical service that performs routing of information across the Internet. BGP was developed at a time when scaling was the primary factor and security was less of a concern. BGP security standards have been under development for the past 10-15 years. Resource Public Key Infrastructure (RPKI) and BGP Security (BGPSec) are the two leading complimentary standards moving forward. They provide strong, cryptographic Autonomous System (AS) origin validation and path validation. However, RPKI and BGPSec will take years for wide scale deployment and probably require router code and hardware upgrades. A new idea, Route Origin VERification (ROVER), is a proposed lightweight standard that does not require deployment of new certificate repositories, protocols, or router code and hardware upgrades. ROVER is not as robust as RPKI but does address the most pressing need of preventing accidental route hijacking and could be deployed much faster than RPKI.
| Innovations
Attacks, Mitigations, and Innovative Technologies
Room 147 B- Mischel Kwon, President, Mischel Kwon & Associates
In the beginning there were worms, then phishing, then more malware... Now there is APT. In the beginning there was IDS and then firewalls, then SIEM...Now what? How do we identify, mitigate and prevent persistence? How do we identify what the attack is doing? How do we justify the expense of security? This session will discuss these dilemmas and innovative solutions.
|
3:30 p.m. -
4:00 p.m.
| Break
|
4:00 p.m. -
4:45 p.m.
| Open Forum - DOJ CISO and Deputy CISO - What Changes Would You Like to See? Where Do You Need Help?
Room 145 A- Kevin Deeley, Chief Information Security Officer / Deputy Chief Information Officer, DOJ IT Security Staff, DOJ
- Holly Ridgeway, Deputy Chief Information Security Officer, Program Manager, Justice Security Operations Center, DOJ
|
|
8:30 a.m. -
8:45 a.m.
| Conference Logistics
Room 145 A/B- Marty Burkhouse, IT Specialist, IT Security Staff, DOJ
|
8:45 a.m. -
9:00 a.m.
| Welcome
Room 145 A/B- Holly Ridgeway, Deputy Chief Information Security Officer, Program Manager, Justice Security Operations Center, DOJ
|
9:00 a.m. -
9:30 a.m.
| They Know Who You Are: How Social Networks Can Be Harmful
- Dave Marcus, Director of Security Research, McAfee
|
9:30 a.m. -
10:15 a.m.
| Continuous Monitoring
Room 145 A/B- Holly Ridgeway, Deputy Chief Information Security Officer, Program Manager, Justice Security Operations Center, DOJ
- Kevin Cox, Assistant Director, Information Security Technologies Team
DOJ IT Security Staff
Assistant Director, Information Security Technologies Team, IT Security Staff, DOJ
- Melinda Rogers, Assistant Director, Information Security Assurance Team, IT Security Staff, DOJ
|
10:15 a.m. -
11:00 a.m.
| Current Threat Trends
Room 145 A/B- Gordon Snow, Assistant Director, Cyber Division, FBI
|
11:00 a.m. -
11:30 a.m.
| Break
|
11:30 a.m. -
12:15 p.m.
| Management/FISMA
Establishing the DOJ Insider Threat Program
Room 145 A- Ron Bushar, IT Security Staff, DOJ
In the aftermath of WikiLeaks the Federal Government has made great efforts to reform the governance, policies, and processes that safeguard the nation's most sensitive classified information. As a result of these efforts, the President signed an Executive Order that established a national insider threat task force and mandated that Departments and Agencies also establish their own programs. During this session, the DOJ's Insider Threat Point of Contact will discuss the approach and framework the Department has developed to address national policies and requirements. The discussion will also include the unique mission challenges and privacy and civil liberty concerns that must be addressed in the development of any insider threat program.
| Technology at Justice
Biometrics Panel
Room 145 B- David Cuthbertson, FBI
- Edward Gibson, PwC
- John Kavanagh, PwC
This panel focuses on the emerging role of biometrics in cybersecurity and is comprised of professionals with business and technologic biometric expertise from both Federal and commercial organizations. David Cuthbertson (FBI), Ed Gibson (PwC), and John Kavanagh (PwC) will highlight utilizing biometrics to collect data, protect data, and support an organization's mission activities. Real-world examples will be discussed and audience participation is encouraged.
| Secure Your Systems
What a Bunch of JS!
Room 147 A- James Rodgers, IT Security Staff, DOJ
Cybercriminals are constantly evolving malware delivery techniques, including code obfuscation in an effort to bypass security systems and defeat analysis by security personnel. This presentation will cover some of the ways JavaScript can be obfuscated as well as basic and advanced de-obfuscation techniques. This presentation will also cover real-world obfuscation examples seen within DOJ, and the JSOC's efforts to detect and mitigate this malware delivery mechanism.
| Innovations
CSAM Version 3.0: Taking Security Authorization and Continuous Monitoring to the Next Level
Room 147 B- Ken Gandola, IT Security Staff, DOJ
- Adam Oline, IT Security Staff, DOJ
- Matthew J. Peter, IT Security Staff, DOJ
This presentation will provide attendees with an overview of how the CSAM V3.0 upgrade has provided the IT Security Specialist with enhanced tools to schedule and manage workload, improve team coordination and communications, track and monitor performance and trend lines, increase awareness of target dates and event triggered workflow. The presentation will highlight CSAM generated notifications, dashlets, queries and the new personalized dashboards. The Line of Business Team will also address how Continuous Monitoring and Risk Management Framework functionality can lead to efficiencies and enhanced productivity.
|
12:15 p.m. -
1:30 p.m.
| Lunch
|
1:30 p.m. -
2:15 p.m.
| Management/FISMA
Getting "IT" Done
Room 145 A- Mario Lopez Gomez, Chief Technology Officer, DOJ Civil Rights Division
This presentation is based on my management philosophy and operational experience as a federal government manager of Information Technology (IT) for more than twenty years. As Systems Administrator in Central America and West Africa for the U.S. Agency for International Development; and Director of Geographic Information Systems, Chief Information Officer and Chief Technology Officer at Civil Rights Division of the Department of Justice, I will present a list of fundamentals that should be in the basic playbook of any IT manager who wants to get "IT" done. These fundamentals include governance, business awareness and the importance of a framework that includes a strategic and tactical plan.
| Technology at Justice
Building the Architecture of Trust
Room 145 B- Don Proctor, Senior Vice President, Office of the Chairman and CEO, Cisco Systems
Governments worldwide are challenged with providing higher levels of service to their citizens while constraining or even reducing the cost of delivering those services-what we call the "cost/reach" equation. At the same time, technologies such as web services, collaboration, mobility, and cloud computing hold significant promise to help governments transform the way they protect the safety, health, and economic well-being of citizens while responsibly managing taxpayer dollars. In this presentation, you'll learn more about the powerful forces driving change in the cybersecurity landscape. We'll describe an innovative, architectural approach to cybersecurity we call the"Architecture of Trust," and discover the critical steps any organization can take today to incorporate trust, visibility, and resiliency into their IT systems.
| Secure Your Systems
Securing the Indispensable
Room 147 A- Dr. Sridhar Muppidi, Chief Architect, Security Systems, IBM
Explosive growth and usage of mobile devices are helping organizations in reaching their users in innovative ways, and also to increase employee productivity. Organizations also want to provide employees the option of using a personal device as a way to reduce cost and allow them to work wherever or whenever they need to, but doing so requires diligence in protecting sensitive data for litigation and law enforcement. In this era of "Bring Your Own Device" (BYOD), with employees using their own mobile devices for business and personal activity, organizations are now tasked with supporting the new social, virtual, and mobile employee and the applications they access. With mobile threats on the rise, complex IT environments, security risks, maintaining policies, and helping companies control cost are top of mind concerns for many security and risk professionals. Join this session to hear experiences and insight into how organizations can manage their risk by taking steps to manage these mobile devices, protect corporate data, and still continue to innovate in their business.
| Innovations
Gesture Biometrics
Room 147 B- Bill Morgan, Biometric Signature ID
As the world moves to "the cloud", it is imperative to strengthen online identity & authentications. Pins, passwords, tokens and other traditional techniques are no longer good enough as a Multi-Factor Authentication (MFA) for many online services. Biometrics strengthen the MFA, but have traditionally been limited to proprietary, hardware based solutions. Today, BioSig-IDT is available as a patented, software only "gesture biometric" delivering higher assurance online identity proofing for 1,000s of production users. Simply use an existing mouse, stylus, touch pad or finger on a touch screen with your PC, laptop, tablet or smart phone. Learn how to leverage the power of this solution as a defense in depth canopy in existing and emerging online applications and services.
|
2:15 p.m. -
2:45 p.m.
| Break
|
2:45 p.m. -
3:30 p.m.
| Management/FISMA
Implementing Continuous Monitoring in the Cloud - FEDRAMP
Room 145 A- Katie Lewin, Director of Cloud Computing, Office of Citizen Services and Innovative Technologies, U.S. General Services Administration
Katie Lewin, Director of GSA's Federal Cloud Computing Program will discuss the Federal Risk and Authorization Management Program (FedRAMP) and take questions on this new initiative. FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The program launched in December 2011 and is the result of close collaboration with cybersecurity and cloud experts from GSA, NIST, DHS, DOD, NSA, OMB, the Federal CIO Council and its working groups, as well as private industry.
| Technology at Justice
ArcSight - Tips/Tricks
Room 145 B- Bruce Oehler, Federal Business Development, ArcSight
ArcSight Tips and Tricks - DOJ will begin with an introduction to ArcSight and how it's used at DOJ. One goal of the presentation is to illustrate how the JSOC uses the SIEM and what the most common use cases are. The presentation will then discuss how DOJ components can leverage the JSOC instance for customized real-time alerts. Components will learn how to set up alerts applicable to them and how to view all events applicable to their environment in real-time. Finally, the presentation will conclude with examples of popular use cases in the Federal space.
| Secure Your Systems
Securing VOIP Best Practices
Room 147 A- Jason Ostrom, Senior Manager, MSSG VIPER Lab R&D Team, Avaya
Many enterprise and government agency workers are adopting VoIP, IM, online video and other UC applications. Authorized or not, these employees are also using personal iPads, computing tablets, iPhones, smartphones and similar personal computing devices in the workplace, leaving many IT departments struggling to secure and support these devices. Doing so is critical, given privacy and security mandates such as HIPAA, PCI DSS and SOX, in addition to the communication session logging and archiving required to satisfy these mandates. Moreover, these wireless and Internet connected devices present their own unique security challenges that dramatically differ from traditional data security methods that rely on firewalls, user authentication, and encryption. For example, as VoIP and UC have become part of cloud computing, through hosted services that are run and accessed over the Internet, hackers have started to probe VoIP and UC networks for security gaps. These gaps can be exploited for economic benefit, leaving enterprises and government agencies prime targets for security attacks, as hackers seek new inroads into IT systems through toll fraud attacks, reconnaissance attacks and enterprise-wide security gaps. This presentation will share examples of recent security gaps as well as a set of best practices for a comprehensive UC security plan.
| Innovations
One Battle at a Time: Winning the APT War
Room 147 B- Tom Lyons, Fidelis Security Systems
The information technology landscape is a battlefield. You've been drafted into an epic good vs. evil struggle, striving to protect your networks and data from misuse. Meanwhile, the bad guys poke and prod at all of your assets from within and without, looking for the most profitable ways to exploit the holes in your defenses. Advanced Persistent Threats (APTs) are patient, merciless, and inexorable. What are the most effective countermeasures to defend against these sophisticated adversaries? In this session we will explore the APT threat landscape and the network profile of a typical attack. We'll discuss the threat management lifecycle and the type of armor needed to bring to the battle against APTs, but also the best game plan to win the war.
|
3:30 p.m. -
3:45 p.m.
| Break
|
3:45 p.m. -
4:00 p.m.
| Closing Remarks
Room 145 A- Marty Burkhouse, IT Specialist, IT Security Staff, DOJ
|