TUESDAY, JUNE 7, 2011

7:00 a.m. 7:45 a.m.

CONTINENTAL BREAKFAST & EXHIBITS

7:45 a.m. – 8:00 a.m.

AFCEA WELCOME

Mr. Steven Ritchey

Vice President for Intelligence

AFCEA International

8:00 a.m. 8:05 a.m.

SAN ANTONIO WELCOME

Mayor Julian Castro

8:05 a.m. – 8:15 a.m.

CONFERENCE CO-CHAIRS' WELCOME

Ms. Terry Roberts

Executive Director

Interagency and Cyber

SEI Carnegie Mellon University – FFRDC

Mr. Brian Cooper

Director Cyber Network Operations

Praxis Engineering

8:15 a.m. – 9:00 a.m.

THE CYBER THREAT – IMPACT ON USCYBERCOM OPERATIONS TODAY

The cyber threat keeps trending upward at the speed of technology and hacker innovation.  If we continue to address this challenge with what many describe as a fragmented approach, we will not be able to keep the cyber environment and all that is done within it assured and resilient.  This challenge is not just about technology; it is about putting in place a comprehensive and effective approach across the government, military and industry, that fully leverages tailored unclassified cyber intelligence tradecraft, approaches and training.

Focus Questions

  • What are the current cyber threats facing the nation’s unclassified networks?
  • What is needed from the government, military and industry to help U.S. Cyber Command address these threats within the .mil domain?
  • How would you define unclassified cyber intelligence and how can it be applied to the cyber threat?

Speaker

LtGen Robert Schmidle, Jr., USMC

Deputy Commander

U. S. Cyber Command

 

9:00 a.m. – 9:45 a.m.

THE ROLE OF INTELLIGENCE IN CYBER DOMAIN

Looking at how the cyber threat today is approached within the U.S. Intelligence Community and within the Department of Homeland Security, one can see improvements, but also continuing capability gaps.  On the classified side, intelligence plays a key role in the cyber battle.  Many would argue there are complementary, but perhaps underutilized, assets in the unclassified environment.  The challenge is finding ways to identify those capabilities and integrate and fully leverage them. 

Focus Questions

  • What value would you place on unclassified intelligence tradecraft as a complement to efforts to track and warn of cyber threats?
  • Can partnering mechanisms across government and industry be put in place to disseminate unclassified situational awareness and warnings to both the public and private sectors?  
  • Is an unclassified cyber collection plan possible?  If so, how would you assess its potential impact?

Speaker

RADM Michael Rogers, USN

Director for Intelligence

Joint Chiefs of Staff

 

9:45 a.m.-10:15 a.m.

BREAK & EXHIBITS

 

10:15 a.m. – 11:30 a.m.

NATURE OF THE THREAT TO PUBLIC & PRIVATE NETWORKS

One hears almost daily about hackers, worms, botnets and the associated loss of network access, intellectual property, and revenue, as well as threats to the computer systems that control critical infrastructure and resources.  Some view the cyber sphere as a separate environment; others see it integrally linked to a variety of additional domains.  Regardless of how it is defined, the cyber environment is a continuous economic and national security battle-ground.  Like any battlefield, there needs to be well understood methodologies to identify the threat, prepare and deploy defenses, and – if necessary – perform battle damage assessment.   For this to happen, the public and private sectors working in partnership must position themselves to be proactive.  This session will address the nature and magnitude of the cyber threat and what is needed for an effective public/private partnership that can more effectively secure critical networks.

Focus Questions

  • What are the key threats facing the domains we seek to defend (.com, .gov, .edu, .mil, and critical infrastructure)? 
  • Is cyber becoming the weapon/means of choice for our adversaries?
  • How great is the gap between the collectors of threat information and the owners and operators of networks that must be protected? 
  • How can the public and private sectors better cooperate to close this gap? 

Session Co-Chairs

Ms. Sandra Forney

Cyber and SIGINT Systems Operations Director

Northrop Grumman Information Systems

Mr. Samuel Visner

Vice President, Cyber, Lead Executive

CSC

Speakers 

Mr. Tim McKnight

Vice President, Chief Information Security Officer

Northrop Grumman Corporation

Mr. Rich Pethia

CERT Director

CMU

Ms. Sherri Ramsay

Chief of the NTOC (NSA Threat Operations Center)

National Security Agency

Mr. Randy Vickers

Director US CERT (US Computer Emergency Readiness Team)

National Cyber Security Division

US Department of Homeland Security

11:30 a.m. – 12:15 a.m.

NETWORKING & EXHIBITS

12:15 p.m. – 1:30 p.m.

LUNCH & FEATURED SPEAKER

HOW TO SYSTEMICALLY ESTABLISH CYBER DOMAIN SA AND I&W

While USCYBERCOM must be focused on the now and near-term, DOD/CIO must work to ensure that optimal policies, guidance and oversight is in place to design, acquire and operate Networks that map themselves, continuously sense and report all normal and abnormal activity levels, and provide a global Common Operational Picture of key data sets that can truly provide current Situational Awareness and Indications and Warning of future threat vectors

Focus Questions

  • How does DOD/CIO define Cyber Intelligence?
  • What enterprise wide initiatives are you working to provide real-time and near term insights into threats to the DOD Cyber Domain?
  • In what key areas are you partnering with USCYBERCOM to ensure that unclassified Cyber Intelligence is collected, analyzed and appropriately disseminated across DOD and the DIB?

Speaker

Mr. Rob Carey

Deputy Chief Information Officer

Department of Defense

1:30 p.m. – 2:00 p.m. 

DESSERT & EXHIBITS

 

2:00 p.m. – 3:15 p.m.

UNCLASSIFIED CYBER SOURCES AND METHODS

Timely and effective Cyber Security demands accessing and analyzing large volumes of primarily unclassified data and seamlessly reporting threat activity to all trusted partners. Currently, the U.S. industrial base, critical infrastructure, and unclassified government and industry networks are continuously under attack without an integrated and comprehensive (classified/unclassified) ability to collect and access key Cyber data sets and leverage optimal technical and analytic sources and methods.  Some assert that unclassified intelligence tradecraft could be effectively leveraged across the telecommunications’ networks as a key source of unique cyber analysis and insight that could be disseminated broadly.  This session will focus on that assertion and assess its implications and opportunities for unclassified private and public sector networks. 

Focus Questions

  • What is the range of unclassified cyber data regarding private sector networks available to cyber security professionals?
  • Are there reliable unclassified data sources that could be used to identify and track cyber threats to unclassified private and public sector networks?
  • Could an unclassified cyber collection plan be developed and executed to address security gaps and track cyber threats?  Would it be supported by the government?  By the private sector?

Session Co-Chairs

Ms. Jamie Dos Santos

CEO/President

Terremark Federal Group, Inc.

Mr. Mark Rosenthal

Senior Principal Strategist

Joint Network Operations and Cyber Defense

The MITRE Corporation

Session Speakers

Rear Admiral Michael A. Brown 

Director, Cybersecurity Coordination National Protection and Programs Directorate

Department of Homeland Security

Mr. Dan Geer

Chief Information Security Officer

In-Q-Tel

Mr. Richard Schaeffer, Jr.

President

Riverbank Associates, LLC

3:15 p.m. – 3:45 p.m.

BREAK & EXHIBITS

 

3:45 p.m. – 5:00 p.m.

TRAINING THE CYBER INTELLIGENCE WORKFORCE 

Cyber intelligence is in a very nascent and evolving state.  However, neither government nor industry has the luxury of waiting to begin developing, hiring and training a cyber-intelligence workforce.  The diversity of the cyber domain set of challenges demands a varied and well defined cadre of cyber technicians, all source analysts and operators.  Effectively defining, recruiting and training this labor force is an immediate challenge of the highest priority.  Speakers in this session will explore this problem, discussing both the current educational landscape and what is needed.

 

Focus Questions

  • What types of people, with what skill sets, should government and industry seek to hire to create an effective cyber-intelligence workforce?
  • What education and training are needed to create and sustain a top-notch cyber cadre?  Are the requirements the same for both the public and private sectors?
  • Do the education and training programs currently exist?  If not, how should they be established?

Session Chair

Dr. Mark Lowenthal

President and CEO

The Intelligence & Security Academy

 

Session Speakers

Ms. Peggy Maxson

Director, National Cybersecurity Education Strategy

Department of Homeland Security

Dr. William Nolte

Research Professor

Director, Center for Intelligence Research and Education

School of Public Policy

University of Maryland

Dr. Michael Wertheimer

Director of Research

National Security Agency

Former Assistant Deputy Director of National Intelligence for Analysis

 

5:30 p.m. – 7:00 p.m.

NETWORKING RECEPTION


WEDNESDAY, JUNE 8, 2011

7:00 a.m. - 8:00 a.m.

CONTINENTAL BREAKFAST & EXHIBITS

8:00 a.m. – 8:15 a.m.

WELCOME

Mr. Steven Ritchey

Vice President for Intelligence

AFCEA International

8:15 a.m. – 8:30 a.m.

CONFERENCE CO-CHAIRS’ WELCOME

Ms. Terry Roberts

Executive Director

Interagency and Cyber

SEI Carnegie Mellon University – FFRDC

Mr. Brian Cooper

Director Cyber Network Operations

Praxis Engineering

8:30 a.m. – 9:45 a.m.

ACHIEVING CYBER SA AND I&W ACROSS SECTORS

The Defense Industrial Base (DIB) Sector includes the Department of Defense, government, and the private sector worldwide industrial complex collaborating to meet military requirements.  The DIB is an encouraging initiative for developing a trusted cyber sharing and cooperative partnership between the government and industry.  Nonetheless, what still is missing is an ability to deliver 24/7 unclassified cyber intelligence reporting that provides situational awareness (SA) and indications and warning (I&W).  This session will explore how unclassified tailored and focused intelligence tradecraft can contribute to cyber SA and I&W, along with how to create a sharing environment for the effective exchange of cyber related information between the private and public sectors.

Focus Questions

  • What are the key components of cyber SA?
  • Are there unique attributes related to cyber I&W?
  • Are there existing public-private sector partnerships that provide potential models of how cyber SA and I&W could be provided?
  • What intelligence tradecraft is germane to cyber SA and I&W?

Session Chair

CAPT Joseph Mazzafro, USN (Ret.)

Intelligence Community Strategic Plans and Business Development

Oracle Corporation (National Security Group)

Session Speakers

Lt Gen Charlie Croom, USAF (Ret.)

Vice President, Cyber Security Solutions

Lockheed Martin, Information Systems & Global Solutions

RDML (select) Willie Metts, USN

Director of Intelligence

United States Cyber Command

Mr. John Russack

Director, Intelligence Community Strategies

Intelligence Systems Division

Northrop Grumman Information Systems

Ms. Rosemary Wenchel

Director Cyber and Information Operations

Office of the Under Secretary of Defense for Intelligence

9:45 a.m. – 10:15 a.m.

BREAK & EXHIBITS

10:15 a.m. – 11:00 a.m.

HOW TO TRANSITION UNCLASSIFIED CYBER INTELLIGENCE TRADECRAFT TO TRUSTED PARTNERS

The Intelligence Community (IC) has successfully developed many methodologies to take on the toughest of threats to the United States and the Cyber Domain is no exception.  But the majority of the IC’s involvement has understandably been within the highly classified realm.  Ironically, the vast majority of Cyber threats, data sets, technical capabilities and customers reside in the unclassified domain.  As with the many Open Source initiatives over the past decade, the IC can be a leader in the development and transition of unclassified methodologies that can enable and support all of the US Government and the private sector.

Focus Questions

  • What are some of the basic intelligence principles that could be consistently and effectively applied to cyber threats?
  • How can the Intelligence Community more effectively partner with others to implement a consistent and effective unclassified cyber intelligence collection plan, data processing and analysis, and reporting?
  • What are some initiatives the Intelligence Community is working that could also be implemented in the unclassified domains?

Speaker

Mr. Rick Ledgett

Director for Collection

National Intelligence Manager for Cyber

Office of the Director of National Intelligence

11:00 a.m. – 12:00 noon

NETWORKING & EXHIBITS

 

12:00 noon – 1:30 p.m.

LUNCH AND FEATURED SPEAKER

CYBER RISK MANAGEMENT

When approaching the cyber security problem from a risk management perspective, certain truths emerge – many of them unsettling.  Current cyber security approaches, most of them focused on vulnerability mitigation, are costly and may not substantially reduce mission-critical risks.  Network penetrations continue at an alarming rate, even as society grows increasingly reliant on computer networks and technology-enabled products.  Can current cyber security strategies ever succeed given the existing technological and transnational landscape – without the establishment of a true unclassified Cyber Intelligence capability? 

Focus Questions

  • How does the government incorporate best cyber intelligence practices existing in the private sector to prepare for vulnerability mitigation?
  • Will the U.S. policy and regulatory law makers learn and adopt from new international cyber law, such as that enacted in Germany?
  • How can we best leverage the joint task force centers, FBI and others (DNI) to disseminate unclassified cyber intelligence to the Department of Homeland Security and the U.S. Cybercom and back to the private sector?

Speaker

Mr. Steven Chabinsky

Deputy Assistant Director, Cyber Division

Federal Bureau of Investigation

1:30 p.m.

CONFERENCE WRAP-UP

Conference Co-Chairs