Agenda

Wednesday, June 12th, 2019

0730 - 0815

Continental Breakfast

0815 - 0830

Welcome and Overview

LTG John R. (Bob) Wood, USA (Ret.) (confirmed)
Executive Vice President
AFCEA International

0830 - 0900

Opening Keynote

Jack Wilmer (confirmed)
Chief Information Security Officer
Department of Defense

0900 - 1000

Panel: Level Setting for AI and ML and Cybersecurity Challenges

Approved for 1 CompTIA CEU: A+, Network+, Security+, Linux+, Cloud+, Pentest+, CYSA+, and CASP+; 1 CertNexus CFR CEC; 1 GIAC CPE

Moderator:
Harry Wingo (confirmed)
Faculty, College of Information and Cyberspace, National Defense University

Panelists:
Ahmed Ali (confirmed)
Director of National Security Programs, Google

Ed Monarez (confirmed)
Director of Defense Cyber Programs, Pacific Northwest National Laboratories

Dr. Lynne Parker (confirmed)
Assistant Director for Artificial Intelligence, White House Office of Science and Technology Policy

Dr. Dennis Ross (confirmed)
Cyber Operations and Analysis Technology, MIT Lincoln Laboratory

Focus Questions:

  • What are the various permutations for AI/ML (e.g., Deep Learning, neural networks, etc.) and the broad classes of use relevant to cybersecurity?
  • What is the prognosis for near-, mid-, and long-term development and adoption of AI/ML?
  • Do AI/ML pose a systemic cybersecurity challenge because of the opaque/black box nature of their operations?

1000 - 1030

Networking Break

1030 - 1130

Panel: How Can AI/ML help the Defender in Cyber Security?

Approved for 1 CompTIA CEU: A+, Network+, Security+, Linux+, Cloud+, Pentest+, CYSA+, and CASP+; 1 CertNexus CFR CEC; 1 GIAC CPE

Moderator:
Rob Carey (confirmed)
Vice President/General Manager, Global Public Sector Solutions, RSA, Inc.

Panelists:
Leo Gentile (confirmed)
Technical Director, J2, Joint Force Headquarters Department of Defense Information Network

Karl Gumtow (confirmed)
Executive Director, DreamPort

Dave Mihelcic (confirmed)
Consultant, DMMI, LLC

Derek Strausbaugh (confirmed)
Chief Data Officer, Defense, Microsoft

Focus Questions:

    • Cybersecurity: How can the defender/network owner use target-specific expertise and Big Data to best advantage? Can AI/ML find malicious activity even if the actor uses credentialed access and legitimate system functions?
    • Cyber Economics:  The cost of defending against cyber threats is typically higher than the cost to the attacker. Any computer can launch offensive actions while the defender must secure the enterprise. Could AI/ML allow this tradeoff to move closer to parity by driving down the cost to defend while increasing the cost to attack?
    • Counterintelligence: As cybersecurity and insider threat axes converge around a shared challenge of finding malicious activity based on legitimate access and system functions (not malware), can AI/ML be a resource for detecting malicious activity regardless of where it originates?
    • Physical security: Are there applications of AI/ML for holistic/blended (cyber-physical-information) security such as Operational Technology (IOT or ICS/SCADA) and countering malign influence information operations?
    1130 - 1230

    Panel: How Can AI/ML Help the Attacker in Cyber Security?

    Approved for 1 CompTIA CEU: A+, Network+, Security+, Linux+, Cloud+, Pentest+, CYSA+, and CASP+; 1 CertNexus CFR CEC; 1 GIAC CPE

    Moderator:
    COL DawnLee Walton, USA (Ret.) (confirmed)
    Senior Cyber Operations Analyst, CORVUS Group

    Panelists:
    Richard Foster (confirmed)
    Senior Program Manager/Systems Engineer, Lockheed Martin

    Taylor Scott (confirmed)
    Analyst
    Central Intelligence Agency

    Dr. Darryl Williams (confirmed)
    Tecsonomy

    Focus Questions:

    • What do we know about specific nation and non-state interest and focus in AI/ML both as a broad capability tool, a cybersecurity tool, and a lever for enhancing offensive cyber power?
    • By stepping through the phases of the attack cycle, can we identify and explore areas of potential AI/ML advantage for the offense?
    • How can AI/ML enhance the potential impact of offensive action on targeted systems and processes?
    • Adversarial Machine Learning: Machine learning models, processes, and data have vulnerabilities that may be exploited. How can an offensive actor try to exploit this opacity and fragility through means such as poisoning of training data?

    1230 - 1330

    Networking Lunch
    1330 - 1400

    Keynote

    Lewis Shepherd (confirmed)
    Senior Director, National Technology Strategy
    VMware

    1400 - 1500

    Panel: Co-Evolution: Exploring the Interaction Between the Defense and Offensive Cyber Use of AI/ML

    Approved for 1 CompTIA CEU: A+, Network+, Security+, Linux+, Cloud+, Pentest+, CYSA+, and CASP+; 1 CertNexus CFR CEC; 1 GIAC CPE

    Moderator:
    Jim Richberg (confirmed)
    Field CISO, Fortinet

    Panelists:
    Dr. John Piorkowski (confirmed)
    Chief AI Architect, Asymmetric Operations Section, Johns Hopkins University, Applied Physics Laboratory

    Dr. Bartley Richardson (confirmed)
    Senior Data Scientist, nVidia

    LCDR Ian Roessle, USN (confirmed)
    Joint Artificial Intelligence Center

    Focus Questions:

    • Based on extrapolation from cybersecurity and threat capabilities and projected AI/ML milestones, what conditions will tend to favor each side?
    • What are likely inflection/tipping points that will swing the focus of innovation and/or operational advantage back and forth between defense and offensive cyber use of AI?
    • How does the dynamic change regarding human involvement in cybersecurity or offensive activities if both cybersecurity and threat actors are AI/ML-driven and actions occur at machine speed?
    • How can we counter specific offensive developments by potential adversaries? 

    1500 - 1600

    Panel: What Should Be the Role of the Cybersecurity Community in Addressing the Strategic Challenges and Issues as AI/ML Continues to Mature and Grow in Importance?

    Approved for 1 GIAC CPE

    Moderator:
    Maj Gen Jim Keffer, USAF (Ret.) (confirmed)
    Director, Cyber, Lockheed Martin Government Affairs

    Panelists:
    Bill Crowell (confirmed)
    Partner, Alsop-Louie

    Vinh Nguyen (confirmed)
    Chief Data Scientist for Operations, National Security Agency

    Arjun Ravindra (confirmed)
    Senate Select Committee on Intelligence

    Steve Treacy (confirmed)
    Director, Cyber Security Center of Excellence, XCorp Solutions

    Focus Questions:

    • How should cybersecurity rank when compared to more readily monetized areas of AI/ML investment?
    • What are the challenges of securing and protecting AI/ML systems and applications?
    • Are we taking actions in AI/ML that make sense in the near term or from a narrow organizational perspective but that are sub-optimal from a strategic/whole of nation viewpoint? Are we 'eating our seed corn' as a nation and picking winners prematurely?
    • What is the value of concealing cybersecurity AI/ML capabilities from hostile actors or making them only available as commercial services compared to the opportunity cost in losses from unprotected networks?
    • What are the right roles for government, industry, and academia in areas such as defining standards and picking winners or selecting areas of emphasis in AI/ML as applied to cybersecurity and cyber intelligence?
    • How should the U.S. marshal its collective effort, and are there areas that should be solely or largely left to governmental organizations or to the private sector? What is the role for government domestically (laws or regulation) and internationally (standards, norms, intelligence collection, etc.)?
    • How should we work with the non-cyber community to build resilience and integrity checking into AI/ML used in an increasing connected (5G and IOT-informed) computing environment?

    1600 - 1615

    Wrap-up/Closing Remarks

    John Gilligan (confirmed)
    Chief Executive Officer, Center for Internet Security
    Co-Chair, AFCEA Cyber Committee