CEU Eligible Sessions

 

As a reminder, local area Department of the Navy attendance at AFCEA/USNI West 2013 has been approved by Under Secretary of the Navy Robert Work.

Attend designated West 2013 sessions to help sustain DoD 8570.01-M mandated certifications. Federal agencies have agreed that ever-changing cyber security threats lead to the need for a continuous learning process to help keep our workforce up to date. In response, industry certification bodies adopted a continuous education model to address the requirement. AFCEA has partnered with Cypherpath, a cyber security training and education company, on a Continuing Education Unit (CEU) program to train and document relevant critical knowledge and skills-related activities which meet DoD 8570.01-M requirements. West 2013 attendees may receive CEUs by attending qualified sessions to support CE requirements for sustaining DoD 8570.01-M certifications. Please stop by the AFCEA booth (#1619) on the exhibit floor to obtain a flyer with answers to frequently asked questions about CEUs.

Professional Development Courses

 
#302 - Military Satellite Communications in a Net-Centric Environment
January 29 - 30, 2013 

(14 CEUs: A+ or Network+)
 
#303 - Fixed and Mobile Commercial Satellite Systems and Their Relationship to DoD 
January 31, 2013 

(2 CEUs: A+, Network+ or Security+)
 

#310 - Principles of Communications and Networking
January 28 - February 1, 2013

(16 CEUs: A+ or 24 CEUs: Network+)

 

Tuesday, January 29

  • 9:30 a.m. - 10:30 a.m.

Cyber Theater: Compromised Insiders 101

(1 CEU: A+, Network + or Security+)

Mr. Robert Rachwald

Director of Security Strategy

Impervia

  • 9:30 a.m. - 10:30 a.m.

Engagement Theater: Information Assurance: The Common Criteria - An Evolution

(1 CEU: A+, Network +, Security+ or CASP)

Mr. Paul Mansfield

National Information Assurance Partnership

NSA/CSS Commercial Solutions Center

Synopsis:

This presentation will explore the Common Criteria Recognition Arrangement (CCRA) Management Committee’s (MC) Vision Statement that charts a course towards robust protection profile (PP) development aimed at increasing the level of standardization in order to reach reasonable, comparable, reproducible and cost-effective Common Criteria evaluation results. We will discuss the US approach to meeting this vision and the way forward for Industry and our National Security Systems consumers.

  • 10:45 a.m. - 11:45 a.m.
    Cyber Theater: Zero-Day Exploits and Cyber Weapons: How They are Used and Policy Issues
    (1 CEU: A+, Network +, Security+ or CASP)

    Dr. Clay Wilson, Director

    UMUC, Cybersecurity Policy Graduate Program

    Synopsis:

The presentation will provide background for discussion of several policy issues:  will nonproliferation for cyber weapons improve global stability; will traditional policies for nonproliferation of CBRN work for cyber weapons; should sales of Zero-Day Exploits be subject to export controls; and should we engage or restrict highly-skilled, and highly-paid researchers as they develop ZDEs?

  • 11:00 a.m. - Noon

USCYBERCOM Cyber Training Track: Continuous Monitoring

(1 CEU: A+, Network +, Security+ or CASP)

Mr. Kevin M. Dulany

Chief, Risk Management Oversight Division

DIAP Office of the Deputy CIO for Cybersecurity

Department of Defense

Synopsis:

The DoD CIO Committee on National Security Systems (CNSS) and Information Security Oversight Office (ISOO) are jointly working on US Government (USG) standards for continuous monitoring of government information systems. In addition standards, they are developing the concept of operations for implementation uniformly across the USG. Mr. Dulany is the lead for the DoD and CNSS and will discuss the progress to date, expectations for the near future and how it will transform the DoD.

  • 1:30 p.m. - 2:30 p.m.
    Cyber Theater: Threat Intelligence to Defend Your Enterprise
    (1 CEU: A+, Network + or Security+)

Mr. Phil Exel

Federal Solution Architect

HP Enterprise Security Products (ESP)

Synopsis:

Attackers do not knock on the door and ask permission to enter your enterprise. They simply tag along with legitimate employees and visitors to your information and mission systems. Using a variety of tools and techniques like DDOS, phishing, malware, zero day exploits, time and more, your adversary has the advantage every day. But what if you had the security intelligence to proactively defend your enterprise?

  • 2:30 p.m. - 3:30

Cyber Theatre: Cyber 101

(1 CEU: A+, Network +, Security+ or CASP)

Mr. Dominic A. Cussatt

Deputy Director Cybersecurity Policy

Office of the Deputy CIO for Cybersecurity

Department of Defense

Mr. Mark Nehmer

Division Chief

Risk Management/C4 Analysis & Strategy

U.S. Cyber Command

Synopsis:

The DoD CIO and US Cyber Command will jointly present strategic updates to key DoD Cybersecurity policies and how they relate to new and updated Committee on National Security Systems (CNSS) and National Institute of Standards & Technology (NIST) issuances and policies.  Then they will discuss how that enables the CYBERCOM mission. Finally they will discuss how these policy updates are likely to affect DoD IT professionals’ every day activities and what will be expected of everyone going forward.

(Will be held again 8:30 a.m. - 9:45 a.m., Wednesday, January 30)

USCYBERCOM Cyber Training Track: Cyber 101

 

  • 3:15 p.m. - 4:30 p.m.

USCYBERCOM Cyber Training Track: Trusted Platforms

(1 CEU: A+, Network +, Security+ or CASP)

TBD

Information Assurance Directorate

National Security Agency

Synopsis:

The Information Assurance Directorate (IAD) of the National Security Agency (NSA) is widely known for its expertise in the exploration, development, validation and testing of next generation secure technologies. This team within IAD has been working on trusted platforms (aka Supply Chain Risk Management) for many years. They are assisting the DoD in the continuous development of strategies to acquire trusted COTS products. This will be an unclassified discussion of the state of that work.

  • 3:30 p.m. - 4:30 p.m.
    Cyber Theater
    : Low Tech Solutions for a High Tech World
    (1 CEU: A+, Network + or Security+)
    Mr. Jeff Moulton
    Director, Program Development and Information Operations
    Georgia Tech Research Institute
    Synopsis:
    Identity Theft is now a way of life.  Studies indicate that 1 in 25 American's had their identities stolen last year.  This session presents simple, common sense actions that even the most "technologically challenged" people can use to significantly reduce their exposure.


Wednesday, January 30

  • 9:30 a.m. - 10:30 a.m.

Cyber Theater: Anatomy of an Attack

(1 CEU: A+, Network + or Security+)
Dr. Jeffrey Starr

Managing Partner and co-Founder

Neo Prime Solutions, Inc. in collaboration with Cypherpath LLC
Synopsis:

This presentation will address topics including the following: anatomy of attack and the changing nature of advanced persistent threats; risks of mobile technology vulnerabilities and how they can be used to penetrate VPNs, corporate networks, etc.; discussion examples, such as Stuxnet, Flame, Gauss; and, innovations in network defense.

  • 9:30 a.m. - 10:30 a.m.
    Engagement Theater: Interoperability Standards/Coalition Data Exchange
    (1 CEU: A+, Network +, Security+ or CASP)

    Mr. Robin Murray, Chief of the Tactical Data Link Branch
    Joint Interoperability Test Command
    Synopsis:
    JITC deployment in support of coalition exercises such as Combined Endeavor and RIMPAC has provided invaluable lessons learned to both US and coalition participants that has yielded advancement in interoperability during peacetime and wartime operations

 
  • 10:00 a.m. - 11:15 a.m.
    Cyber Training Track: U.S. Government 's Cyber Risk to Data in the Possession of Cleared Contractors
    (1 CEU: A+, Network + or Security+)

Ms. Vickie Michetti

Defense Industrial Base Cyber Security and Information Assurance (DIB CS/IA) Task Force

Office of the Deputy CIO for Cybersecurity

Department of Defense

Mr. Richard T. Naylor

Chief, Cybersecurity Division

Defense Security Service

Synopsis:
A discussion on how the realities of the Cyber domain impact the execution of the National Industrial Security Program with Counter Intelligence and information assurance teaming to move ahead of the threat instead of behind the vulnerability. Also, an overview of the U.S. Government's expectations of and assistance to cleared contractors to mitigate risk..

  • 1:00 p.m. - 2:00 p.m.

Cyber Theater: The Insider Threat: Lessons Learned by CERT®  from Actual Attacks

(1 CEU: A +, Network +, Security + or CASP)

Mr. Randall Trzeciak, Technical Team Lead, Insider Threat Research

Carnegie Mellon University

Synopsis:

Insider threats are influenced by a combination of technical, behavioral, and organizational issues and must be addressed by policies, procedures, and technologies. The CERT Program’s current analysis recognizes many unique patterns of insider threat behavior, such as: intellectual property (IP) theft, IT sabotage, fraud, espionage, and accidental insider threats. Randall Trzeciak, a senior member of the CERT Insider Threat Team will discuss how organizations can effectively mitigate the potential of insider threats.

  • 2:15 p.m. - 3:15 p.m.
    Cyber Theater:
    Spectrum Supportability Risk Assessments: An Emerging Requirement
    (1 CEU: A+, Network + or Security+)

    Matthew Grenis, Defense Spectrum Office E3 Program Manager

    Brian Farmer, EMC Management Concepts

Synopsis:

Spectrum Supportability Risk Assessments are a relatively new requirement mandated by DoD Instruction 4650.01, DoD Policy for Management and Use of the Electromagnetic Spectrum–This session provides a one hour in-depth look at the data requirements, format and content of the SSRA.

  • 3:30 p.m. - 4:30 p.m.
    Cyber Theater: Cyber Training within a Virtual Environment
    (1 CEU: A+, Network +, Security+ or CASP)

    Chinedum (Nedu) Irrechukwu, Director

    UMUC Cybersecurity Virtual Lab

Synopsis:

This presentation will demonstrate the effective use of online cyber security tools and techniques to probe for vulnerabilities, perform enumeration (active probing of systems and coming up with a list of potential vulnerabilities (from a system) to be exploited) on target systems and investigate methods of compromise within a virtual environment.

Thursday, January 31

  • 9:30 a.m. - 10:30 a.m.
    Cyber Theater: Setting the Stage: Results of the SANS Mobile Security Survey
    (1 CEU: A+, Network + or Security+)

    Kevin Johnson, Mobile Security Instructor/Expert

    SANS Institute

    Synopsis:

Currently only 30% of survey respondents felt confident or very confident in their mobile security programs and solutions, leaving a big window of opportunity for attackers.  Find out how policies are improving and what controls are working and not working to securely facilitate a more mobile workforce with multiple employee-owned devices.

  • 9:30 a.m. - 10:30 a.m.

Engagement Theater: Security and Surveillance

(1 CEU: A+, Network +, Security+ or CASP)

Mr. David Humphrey

Chief Technology Officer, Virage Surveillance

Autonomy, an HP company

Synopsis:

Today’s security threats can occur anywhere and at any time. And it is not just a policing challenge—even agencies with no law enforcement mission must ensure the security of their workers, assets, and citizens. Government agencies must deploy technologies to monitor and protect at-risk installations and automatically identify suspect activities. It is imperative for organizations to have multichannel interaction analysis and yet still engage with their customer.

  • 10:45 a.m. - 11:45 a.m.
    Cyber Theater: Mobile Security Panel Discussion: Case Studies, Lessons Learned, Real-World Experiences
    (1 CEU: A+, Network + or Security+)

    Kevin Johnson, Mobile Security Instructor/Expert

    SANS Institute

    Synopsis:

Engage in discussion with a panel of experts, solution providers and actual companies/end-users as they discuss their own real-world experiences in developing and implementing mobile policies and solutions.

 

  • 11:00 a.m. - Noon

    USCYBERCOM Cyber Training Track: Cloud Services (IaaS/PaaS)

(1 CEU: A+, Network +, Security+ or CASP)

TBD

Information Assurance Directorate

National Security Agency

Synopsis:

The Information Assurance Directorate (IAD) of the National Security Agency (NSA) is widely known for its expertise in the exploration, development, validation and testing of next generation secure technologies. This team within IAD has been working on “cloud services” for many years and is assisting the DoD in the development and practical implementation of Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) for the Enterprise. This will be an unclassified discussion of the state of that work.