George Hoffmann is Acting Chief Information Security Officer for the Centers for Medicare and Medicaid Services (CMS). He is responsible for enterprise development and integration of IT systems to support agency-wide operations, including IT governance and enterprise technology management, business and IT transformation, and risk based security strategies. His previous leadership roles at CMS include the Acting Director of the Office of Enterprise Information and the Deputy Director for the Office of Technology Solutions. In these roles, George provided oversight of software development, system implementation and operation, shared IT services, infrastructure hosting, networks, technical architecture, and financial investments and strategy, and new and Agile technology solutions in the Cloud.

George has almost 30 years of experience working in the commercial and public healthcare IT market with a focus in the areas of software development, system integration, data warehousing, and customer service. This included a role as Vice President for ViPS/GDIT where he was responsible for all operational aspects of their commercial health business product lines which provide IT solutions in the areas of fraud, waste and abuse, medical/quality management and ICD-10 coding. George holds a B.S. in Computer Science from Hofstra University.

George Hoffmann will be in the following session(s):

Opening Remarks (CISO Strategy FY20)
10/22/19: 9:30 AM - 10:00 AM

View the Agenda
Nancy J. Limauro is the Cybersecurity Awareness Lead for the Stakeholder Engagement Division (SED) in the Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA). She is part of the team in SED that oversees several nationally-focused programs and resources designed to promote and advance cybersecurity awareness, education, training, and workforce development throughout both the public and private sectors.

Previously she held several positions in stakeholder engagement in both the Cybersecurity Division and the Infrastructure Security Division, including serving as the Acting Director of International Affairs in the former National Cyber Security Division.

Prior to joining the federal government, Ms. Limauro was with SRA International, now General Dynamics Information Technology. While at SRA, she helped establish the Infrastructure Protection and Resiliency Division and held numerous project management positions while supporting DHS.

Ms. Limauro holds a Master of Science in National Resource Strategy from the Eisenhower School at National Defense University and a Bachelor of Arts in Government with a concentration in Political Theory from Georgetown University. She also holds a Project Management Professional (PMP) certification.

Nancy J. Limauro will be in the following session(s):

Own IT. Secure IT. Protect IT. – National Cybersecurity Awareness Month 2019 (Keynote) - Own IT. Secure IT. Protect IT. – National Cybersecurity Awareness Month 2019
10/22/19: 11:45 AM - 12:30 PM

View the Agenda
Arthur has over 20 years of professional experience in the information technology industry providing sales engineering support for government and education clients, with over three years of experience supporting clients at SolarWinds.

During his career, Arthur has provided pre- and post-sales support for government and education clients for networking, performance monitoring, and software engineering products. He has a proven track record in all stages of the sales process, from business development and lead qualification, to Requests for Proposals (RFPs), and technical needs analysis.

Arthur has solid technical knowledge, with business experience in enterprise networking and application architecture. He has excellent problem-solving and leadership skills to deliver both technical and business solutions. He effectively manages and mentors cross-functional teams, and he has successfully managed and deployed complex IT projects within budget and on schedule.

Arthur Bradway will be in the following session(s):

Embedding InfoSec into your Government IT practices
10/22/19: 1:00 PM - 1:45 PM

View the Agenda
Ron Fleming is a Director in KPMG's Government Technical Risk - Cyber practice located in the Tysons Corner, VA office. Ron brings 23 years of experience leading both enterprise tactical and strategic cybersecurity operations initiatives. Some of Ron's key career accomplishments include technical cybersecurity solution development instituting and directing a security operations center (SOC) at a large defense contractor, maturing and managing a large technical integrator's first global Cyber Information Sharing and Analysis Center (ISAC), developing a tailored, near real-time weighted-risk-based vulnerability scoring system, and establishing an advanced SIEM use-case development framework incorporating a threat-centric approach incorporating the MITRE's Adversarial Tactics, Techniques and Common Knowledge (ATT&CK) methodology. Ron is highly accomplished in cloud security and a subject matter expert in incident response, security operations center management, cyber threat intelligence, and cybersecurity tool optimization and integration. Ron has received his Bachelor of Science in Computer Information Systems from California State University, Los Angeles and has a Master of Science degree in Managing Secure Information Systems/Cybersecurity from George Mason University.

Ron Fleming will be in the following session(s):

Cyber Safety at Home & Protecting Personal Data
10/22/19: 10:00 AM - 10:45 AM

View the Agenda

Gus Hunt is currently managing director and cyber strategy lead for Accenture Federal Services. He is responsible for developing differentiated approaches to dealing with the cyber threat environment and growing AFS's cyber practice. Previously, Hunt was chief architect and the head of Strategic External Partnerships for Bridgewater Associates, a hedge fund located in Westport, Connecticut. After retiring from federal service, Hunt founded Hunt Technology, LLC, a private consulting practice focused on strategic IT planning, cyber and data-centric security, big data analytics and cloud computing. Hunt serves an advisor for several startups in the cyber-security and big data spaces and serves on the Board of Directors for ePlus, a leading integrator of technology solutions.
Previously, Hunt served as the chief technology officer for the Central Intelligence Agency, where he was responsible for the information technology strategic direction and future technology investment plan. He was the conceptual and motivating force behind CIA's decision to acquire a copy of both the Amazon cloud and IBM's Watson.
Hunt began his career in 1979 working as an aerospace engineer for Rockwell International and General Research Corporation, designing advanced manned space flight systems and satellite orbital transfer vehicles. He holds a BE and ME in Civil/Structural Engineering from Vanderbilt University in Nashville, Tennessee.

Gus Hunt will be in the following session(s):

Inadequacies of Traditional Approaches to Cybersecurity
10/22/19: 10:00 AM - 10:45 AM

View the Agenda
BiaSciLab is a 12 year old hacker and maker. She was the youngest speaker at H.O.P.E. and has spoken at DEFCON in the Voting Village, Bio Hacking Village and the r00tz Asylum kids con. She received national attention when she hacked the voting reporting system at DEFCON 26, this work was recently highlighted at the Congressional Hearing on Election Security.
BiaSciLab is also the Founder and CEO of Girls Who Hack, an organization focused on teaching girls the skills of hacking so that they can change the future. She has also just launched Secure Open Vote, an open source voting platform that used hand marked paper ballots.
She enjoys inventing things, giving talks and teaching classes on making, programming and hacking.

Follow her on twitter @BiaSciLab @GirlsWhoHack @SecureOpenVote or check out her websites

Bianca Lewis will be in the following session(s):

Hacking Demonstration
10/22/19: 1:00 PM - 1:45 PM

View the Agenda
Tom Schankweiler is a connector, disrupter, and fierce friend to individuals truly committed to cyber security and privacy endeavors.

He serves as the Executive Director of Center Security & Threat Operations at the Centers for Medicare and Medicaid Services, CMS. Protecting such a diverse environment requires a comprehensive set of skills, technology, teamwork and focus. Over the year's Tom has developed a personal approach to helping others succeed in delivering security that aligns and integrates with their business focus.

Personally, Tom has many noteworthy accomplishments that stem from his crucial leadership by helping the agency meet the objectives of the American Recovery and Revitalization Act, ARRA, the Affordable Care Act, ACA, and Continuous Diagnostic and Mitigation, CDM legislation.

In his off time, Tom volunteers with Trail Life, USA which is an adventure, leadership, and character building program for boys. He is married to Donna, an entrepreneur in her own right, and they have two children and one grandchild child. Lastly, Tom is a veteran of the U.S. Air Force and served during the first Gulf War... Aim High!

Thomas Schankweiler will be in the following session(s):

Cyber Evolution
10/22/19: 11:00 AM - 11:45 AM

View the Agenda
Melina Scotto is the Federal Health CISO for GDIT and leads over 100 cybersecurity engineers and analysts across 140 Federal Health contracts. Melina holds current CISSP (Certified Information Systems Security Professional), CCSP (Certified Cloud Security Professional), CEH (Certified ethical hacker) and PMP (Project Manager Professional) credentials. Her concentration is in Federal, international and domestic health care data security and privacy regulations as well as general FISMA requirements.
In 2004, Melina secured global health systems providing anti-retroviral drugs to PEPFAR countries with John Snow Inc. where she worked primarily in network security administration. She configured PKI for Linux servers and managed Cisco VoIP systems for a nationwide telecommunications project. In 2009, Melina moved from international HIV work to domestic healthcare at George Washington Medical Faculty Associates. The position as Network Security Engineer focused on maintaining technical requirements of HIPAA Security Rule and HITECH in a dynamic virtual server and mobile device environment and assessing OCR criteria for HIPAA/HITECH compliance and Meaningful Use eligibility. It was at GWU where Melina became an instructor for master classes in Health Informatics, HIPAA Security, Business Continuity Planning and Risk Assessment. In 2012, Melina moved to National Institutes of Health (NIH) where she held several security posts. Currently, she leads a team of engineers and auditors for National Institutes of Health, CMS, FDA and CDC where projects move quickly, and data must be secured for FISMA compliance using NIST SP 800-53 rev 4 technical controls, NIST Cybersecurity framework and Department of Homeland Security Continuous Diagnostics and Mitigation (DHS/CDM) requirements both on-premises and in FedRAMP cloud environments.
A Maryland resident and lifelong Orioles fan. When not securely linked into a server, Melina enjoys volunteering with the Girl Scouts of the Nation's Capital and local children's classical choirs.

Melina Scotto will be in the following session(s):

Crimes of Compute: Securing Cloud Hypervisors
10/22/19: 11:00 AM - 11:45 AM

View the Agenda